I want that my Windows Phone 8 app uses LinkedIn in order to search companies and get contacts. To do so I need an Access Token and, to get that, I need an Authorization Code.
As far as I have read, the LinkedIn API uses OAUTH2 and the url to get the Authorization Code is the following:
https://www.linkedin.com/uas/oauth2/authorization?response_type=code
&client_id=YOUR_API_KEY
&scope=SCOPE
&state=STATE
&redirect_uri=YOUR_REDIRECT_URI
The problem is the REDIRECT URI parameter. I don't want that, because I just want to get the Authorization Code, and then get the Token with the code.
Do you know if is there any way to avoid redirecting? Or using some kind of redirect which doesn't bring you to other webpage?
I decided to use a custom host, so now the problem is solved.
In case anyone has a similar issue, I struggled with this and found an easier way (maybe not the correct way).
I redirected to a made up address (http://madeupaddress.com) and on the Navigating event checked if the url started with my made up address, if so, i closed the browser and take the token from the e.URI.Query parameters, then apply for the access token using the code.
Thanks go to Vittorio Bertocci
Related
Hope I will get some help and not get marked as duplicate because spent a couple of days and still didn't find a solution for this one.
My problem is that I am working on an application that should get data from Facebook marketing API and I didn't manage to do it and am working in C#, FE is in React but would like to do this all on BE.
I created an app on Facebook, have appId, app secret, my client Id, accountId, set business manager and realize that one way to go is to go through app review but this is not an option because there are too many clients and it is not the best scenario.
Is there any other way that I implement fully user authentication, to first get authorization code and then user access token so I could get the data I need.
If I get the code over the browser I can generate a token but I would like to do it automatically over my code.
If I call https://www.facebook.com/v9.0/dialog/oauth?client_id=%7Bapp_id%7D&redirect_uri=%7Bredirect_uri%7D over httpClient it gives back some HTML text and I would need the URL it redirects you to in the browser (like on facebook - how to get a new authorization code for an access token)
And didn't find a way access token without that authorization_code
SSO/Oauth issue that I'm hoping is either simple, inexperience (probably) or just impossible.
I have Website A and Website B. Website A is under my control, and we currently use OAuth/OWin for SSO. Things work as intended, I can successfully make authentication/bearer tokens, all that jazz. Initially, to allow Website A credentials to be used for Website B, I'd pass the bearer token as a QueryString in the URL. The website would create and get the nessicary bits and bobs to get the Bearer token and stick it in a . User clicks the link, token is there in the URL.
What I'd like to do is take that information out of the QueryString/URL.
I've been looking at Request and Responses, using combinations of HttpWebRequest, Headers.TryAddWithoutValidation(), using Ajax calls to try and call Website B, and I still can't seem to get the token information over, even when I try to just use a dummy Website.
From my research, it seems like the answer is "Encrypt and pass it in a query string" or put it in the Authorization Header. But every example I see, shows that going to a API for validation and not passing it to another website login page. Anyone know any examples? Is this even possible without some weird inbetween?
If you want to remove it from the URL, you'll need to POST the token to Website B from Website A. The location you post to will need to be a server side endpoint that is prepared to look for the token and do something with it. You cannot POST to to a client side HTML page without it being in the URL.
I would like to post to my company Yammer feed from Console C# application.
Before, I created Javascript and Rest Application. But now, I do not know How to get access Token.
I tryed to use HttpWebRequest Class to Endpoint
https://www.yammer.com/dialog/oauth/?client_id=[my_client_id] &response_type=code&redirect_uri=[redirect_url]
However, Httpresponse Not contain "code".
Someone who know get access token, please tell me how to get access token.
There are a number of ways to get a sample token. You can now generate one within the screen where you created your client application. Go to https://www.yammer.com/client_applications/ and select the app you want to get a token for.
There is a link for 'Generate a developer token for this application'
For the API request you have listed I think the user would need to authenticate first then get a dialog box to accept\reject the app which would then redirect to get the code to exchange for an access token.
Docs are here:
https://developer.yammer.com/docs/oauth-2
Question:
I'm using a DropBox csharp API from here:
https://github.com/dkarzon/DropNet
From the Unit tests, and the only working sample from here
https://github.com/dkarzon/DropNet/blob/master/DropNet.Samples/DropNet.Samples.Web/Default.aspx.cs
I figured that it works like this:
DropNet.DropNetClient client = new DropNet.DropNetClient(strApiKey, strAppSecret);
DropNet.Models.UserLogin login = client.GetToken();
client.UserLogin = login;
var accountInfo = client.AccountInfo();
str = accountInfo.quota_info.quota.ToString();
The probem is, it throws an exception on accountinfo. (System.Net.HttpStatusCode.Unauthorized)
Everything before works fine, I get the login (usertoken & usersecret) .
I think my problem is this part of the sample application:
var url = _client.BuildAuthorizeUrl(Request.Url.ToString() + "?dropboxcallback=1");
Response.Redirect(url);
Where it redirects to dropbox for a login...
I don't have a web application, so I have no URL...
What I have is a console application, that should make a backup of my database every evening automatically as a service, for which it certainly is very bad requiring a webbrowser and a user which has to type in email/username + password.
How can I do a login by directly supplying the hardcoded username and password ?
If I use the sample application, then it works, but that requires typing in the username and password on the web, and that sucks big time for a console application...
As far as I know from other API's (facebook, google, stack exchange etc.) you'll have to redirect your user to a webpage of Dropbox, where it will grant permissions to you to use it's account to perform things.
So in general it is not possible to achive this without a webbrower. Otherwise you'll have to perform really dirty hacks to hack arround the permission system of dropbox.
Please have a look at "OAuth 2.0 authorization flow" on google.
Here's a diagram I found at Yahoo which show's how it works:
For uisng the DropnetClient's 4 argument constructor also we need to build web based url and allow the user to authenticate his account this is compusory thing, accesstoken will generate after the user hit allow button in authentication process
As GameScripting explained the Dropbox API uses oauth which requires user login through the dropbox website to authenticate the access tokens.
Checkout the documentation here: http://dkdevelopment.net/what-im-doing/dropnet/ for the 3 step process.
What sort of application are you building? Normal process is to load a browser control inside the application and navigate to the login URL with it.
Also have a look at the sample Windows Phone app to give you an idea of how this process works: https://github.com/dkarzon/DropNet/blob/master/DropNet.Samples/DropNet.Samples.WP7/MainPage.xaml.cs
Instead of hardcoding the username and password, you can hardcode the OAuth access token.
First, create a simple program (using the same app key) that follows the standard browser-based authorization flow. Then use it to authorize the app with the desired user. This will give you an OAuth access token (a "token" and "token secret") associated with that user and your app key.
Then, in your service-style application, just hardcode the OAuth access token (using DropNetClient's 4-argument constructor).
It is possible, using SharpBox - tested, works.
One needs to acquire the AccessToken as a one-time-action manually, then after that, one can omit the login page and use the saved AccessToken.
http://www.jayway.com/2012/02/06/unboxing-dropbox-and-sharpbox-2/
The magic line is:
Globals.DropBox.Token = AppLimit.CloudComputing.SharpBox.StorageProvider.DropBox.DropBoxStorageProviderTools
.ExchangeDropBoxRequestTokenIntoAccessToken(
Globals.DropBox.config
, Globals.DropBox.AppKey, Globals.DropBox.AppSec
, Globals.DropBox.requestToken
);
I have exactly the same problem as Marco here: c# Facebook SDK, get token to write to my Page Wall , got to the same point as Marco (obtaining token manually and storing in web.config.
Problem I have is that this token is set to expire, so it cannot be really used as config value in my web application.
Is there a way in Facebook c# SDK to obtain this type of token?
Please note that as a page admin, I've already granted my FCBK app manage_pages permission (which does not seem to expire) so there should not be any human interaction necessary when obtaining this type of token.
Thanks, Antonin
EDIT
seems like running this request: https://www.facebook.com/dialog/oauth?client_id=<APP_ID>&redirect_uri=<URI>&scope=manage_pages,publish_stream,offline_access&response_type=token might be what I'm looking for, non-expiring access token. Pay special attention to values for scope parameter, especially offline_access.
I thought I had read somewhere that the page access tokens were temporary even when asking for offline_access. But that's really not an issue because you can use the user's permanent token to call me/accounts to get the list of apps and grab a token from there.