I'm trying to use azure acs and the windows live, google etc. identity providers as highlighted in this walkthrough
however I am having the problem with the piece of code
AuthenticationContext _authContext = new AuthenticationContext("https://{your ACS
namespace}.accesscontrol.windows.net");
AssertionCredential theToken =
_authContext.AcquireUserCredentialUsingUI("urn:WPFWithAAL");
which returns an error that the type or namespace AssertionCredential cannot be found. I found this which suggest it exists in the Microsoft.IdentityModel.Clients.ActiveDirectory namespace, but i can't add this namespace because there doesn't seem to be a Microsoft.IdentityModel.Clients namespace that i can add.
Also, when i build the application, it actually returns a slightly different error in the output, saying Microsoft.WindowsAzure.ActiveDirectory.Authentication.AssertionCredential is inaccessible due to its protection level. so i am unsure what the actual error really is and how to resolve it.
i am building a WPF 4.5 Desktop Application, that will require authentication and will need to link to "social" accounts such as windows live / google etc. so i need a way to do this. if this is not the way forward, can anyone suggest an alternative method?
Related
I am trying to query Watson Discovery News and get some responses in Unity.
First I tried to authenticate my Watson Discovery service through Discovery service APIKey(As described in the "IAM" section in https://github.com/watson-developer-cloud/unity-sdk). My code is exactly the same as the example code in "Query a collection" section in https://cloud.ibm.com/apidocs/discovery/discovery?code=unity#query-a-collection.
Unfortunately, the code always returns due to unsuccessful authentication, thus I cannot get any response. After some debugging, I found out that "tokenData" field in IamAuthenticator.cs(This is part of IBM Unity SDK) is not initialized; this leads to the unsuccessful authentication.
I was able to debug by changing the "yield return" in example code to "return". Otherwise, C# debugger cannot step into the code.
Since I have followed all the steps in IBM documentations, I am not sure how to proceed.
To reproduce the problem, one has to download IBM Unity SDK on https://github.com/watson-developer-cloud/unity-sdk and follow the instructions in README. After setting up, one could replicate the problem using the code below:
var authenticator = new IamAuthenticator(
apikey: "{apikey}"
);
while (!authenticator.CanAuthenticate())
yield return null;
Thanks in advance for any help!
Have you set the URL (SetServiceUrl) to match the location for your service instance? See Service Endpoint in the API reference
I bypassed this problem using Token authentication instead of using APIkey.
If one has the choice of using other SDKs, e.g. Java SDK, please do so. Because Watson Unity SDK is not well supported at the moment.
I am trying to get MailboxSettings of the currently logged in user ("/me") using the .net graph client.
I have a working solution, using an extension method that uses "/me/mailboxSettings", but I have found out that extension methods are not easy to test, though possible, and would prefer a solution that works without one.
I have found out that using Me.Request().Select("MailboxSettings") should work as well but I get a service exception with "Access denied" using the same authentication, which has these permissions : "(...) MailboxSettings.Read User.Read User.ReadBasic.All"
Testing with the graph explorer shows that the request does generally work, though I am not sure if this is because it has more permissions as our app on azure - specfically MailboxSettings.ReadWrite, but I would not know why these should be required on a Get method.
I have found that MailboxSettings.Read did not work for me. I needed to consent to MailboxSettings.ReadWrite before I could actually read the settings. Could you try that and confirm if that works for you?
I am trying to use Identity Server 4 for Authenticationa and authorization purpose but which ever project i try to run is throwing only 1 error which is like bugging me alot because i have search for this error and i cant find a stable and proper solution for this.
Error :
Error connecting to
http://localhost:5000/.well-known/openid-configuration: An error
occurred while sending the request.
Couple of projects in which i am getting same error and dont know how to solve it :
https://www.dropbox.com/s/9hs3huwt8h035ek/oauth2Demo-master.rar?dl=0
Another Project : Download but same error
In my first project it seems like there is some problem related to SSL certificate though i tried to follow below link to install certificate but still this error exist :
https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/Certificates
But in my second project there is no such SSL certificate problem but still same error.
Is there any way to resolve that error?
I downloaded the solution and I can confirm you need to make sure to run the OAuth2Demo.IdentityServer project, you can actually start it up and navigate to https://localhost:44305/admin/ to see the admin environment of identityserver. It apperantly also needs a sql connection to store configuration information, I didn't dig into those details but with the OAuth2Demo.IdentityServer running the other projects can also be started.
My suggestion is to get the things done one by one.
From your screens I see that on the first you are trying to reach IDS at localhost:44305, and on the second screen, you are trying to reach it at localhost:5000. It will be a good thing to set it as a constant value ( right click on your Identity Server project ->Properties->Debug->Web Server Settings->App URL) and then use this value through all of your clients.
Then - enable Identity Server logging - check here. You can extend this example - serilog basic configurations. So far logging has saved me many times, so I can say that it is really important. Make sure that the App pool account, running the application has the rights to create files, where you want them to be created.
Now the real problem:
Lets assume that you select localhost:5000 as url for your IDS.
First of all start (debug) only the Identity Server project. This should take you to localhost:5000 and you will see a welcome message from Identity Server 4.
If you see it, this means that your IDS is working. This also means that you will be able to access the Discovery Document - the one thing that is failing in your clients. Now its about time to setup your clients.
If not, this means that there is something wrong with your Identity Server instance, and that is the place to dig.
First thing I'll do is to check the logs. They will say what the problem is.
Then - I figure out that you are trying to use custom certificate for this (correct me if I've misunderstood). Why don't you try using the Developer Signing Credential (check the ConfigureServices of Startup.cs) at least for starting it up.
Later on, if you decide to use your custom certificate, have in mind that the user, that is running the IDS application (by user I mean the application pool user) should have at least read privileges over the certificate (I guess that you've seen that in the article you have provided).
Do all these, and let's see what progress you will have, but most important - enable the logging.
I'm using the AllScripts HelloWorld TouchWorks C# Project, as provided on their site. I've also created a valid application, using the svcUsername and svcPassword on the app.config file to log and added my own appName instead of the default web20.
Didnt change anything else, tried with many different application ID's, all trying to log into the default sandbox server in the example and some trying other sandboxes.
Regardless of what I do, I keep getting
Error: Service Application not licensed on this server!
Despite this being a sandbox server, thus suppouseably accessable to all applications.
What did I do wrong?
edit: Tried to do the same in Slueth, I get the same error.
It's more simple than it seems. Sandbox servers DO require licenses. Talked with the staff, they're nice people, so they manually added me after a few explanations of my requirements.
I need a little help with the C# example program of Google-Drive...
I used this so-called "tutorial"/"example":
https://developers.google.com/drive/examples/dotnet
And the code from here:
https://code.google.com/p/google-drive-sdk-samples/source/checkout
I uploaded my (only slightly modified) sourcecode here in case anybody doesn't have Mercurial (I didn't have Mercurial and no admin rights to install it either, and Mercurial is the only way to get the sourcecode...):
http://verzend.be/elt0k13enraw/DrEdit.rar.html
I always get
"Ressource cannot be found"
Requested URL: /oauth2callback
I don't find this astonishing, as no oauth2callback controller or handler is implemented...
I tried adding a Controller called oauth2callbackController and redirecting to another action in oauth2callbackController.Index, doing
return new RedirectResult("/about/about");
But that only creates a NULL-reference exception.
So i figured, maybe the wrong controller and redirected to
return new RedirectResult("/drive/Index");
But that only creates an infinite loop of redirect -> allow -> redirect - allow -> etc.
BTW, the config to change the API key + REDIRECT_URI is in
Models\ClientCredentials.cs
Note:
The problem aren't my modifications.
The sample also didn't work unmodified, with the exact same error.
All I did was removing EntityFramwork references, and throwing "Not implemented exception" when a method using entity was called.
Edit:
Additional information:
What I really wanted to do in the first place is to write a console service that exports my database, LZMA-compresses the exported content, encrypts that with OpenPGP, and uploads the database of my server to Google drive every day at 24:00 o'clock, without any user input.
I got export working without a problem, i got the LZMA compression working without a problem, I got the encryption with PGP working without a problem.
After the end of the working day (grrrr), when I was at home, I was even able to download the example-code with the mercurial installed on my Linux-machine at home, and bring it on the windows machine using SMB...
But now I can't get the sample for the Google-drive SDK working...
And moreover, what I really need is an example for a console service/daemon, not a web-application.
When I created the API key, I saw one could create a key for a service, but there is no example on how to write a Google-Drive service (console application), and no useful documentation as well (yea there is a reference, but it's only a reference, IntelliSense provides about the same)...
When configuring your app in the API Access tab of the APIs Console, you had to set the root (/) of your web server as the redirect URI and not /oauth2callback.
Assuming that your app is published at www.example.com, just go back to the APIs Console and set it to www.example.com instead of www.example.com/oauth2callback