I need to access the Twitter API user timeline service using the following REST request so I can pull some tweets from a feed to display on a site:
"https://api.twitter.com/1/statuses/user_timeline.json?screen_name=frosario"
It works mostly, but I'm getting sporadic 401 and 500 errors when performing this request; which seem to be because I'm hitting the rate limit for unauthenticated API calls.
I'd like to authenticate with my client Id and secret so I can take advantage of the increased rate limit. I'd like to do this with a server side OAuth flow just using my client id and secret; but could also provide user credentials if needed. However, this needs to be all server side; I can't go through the OAuth redirect flow to authenticate with Twitter's API everytime we load up the site; just to download these tweets. What are my options? I looked over Twitter's OAuth documentation and didn't see anything that would seem to work for my situation; but perhaps I missed something.
Any constructive input is greatly appreciated.
When using oAuth you're using it to authenticate the current user so that you can access their specific tweets and such, which isn't what you're looking to do. You're just looking for a way to download certain tweets right?
You can create a console app or process to download the tweets for you, store them in a database, then read from your database.
If there is a lot of tweets, I'd recommend using the Twitter Stream API.
You just need to authorize your application once.
Check out the MVC quickstart in the Spring Social Twitter extension:
http://www.springframework.net/social-twitter/
Related
I have a web app wrapper for my PowerApps app (I have embedded it as an iframe on the home page of my ASP.NET Core app).
I also have the credentials of the Azure organization that developed this application and has access to it.
So, for the first time, my built-in app asks for an email and password to sign in to a Microsoft account. And only after a successful login, I can work with it directly.
But that's not what I want.
I expect to be able to work with the application when I load this page.
So, is there a way to use the app directly without signing in to a Microsoft account?
I got the idea to make a request to the Azure AD API and get a bearer token or cookie from there, and then save it to the client, supposedly filling out a login form and clicking the login button, but "quietly".
To be honest, I don't know how I can do this. I've spent hours researching this problem, but haven't found a suitable solution.
Could you help me?
Thank you in advance!
Use ROPC flow, you just need to send a http request, then get the response.
There will be no pop-ups requiring you to log in.
Tips:
Http Request
Http Response
Related Posts:
Is there a way to improve the performance of MSAL-browser js login?
I have created a web API application with OAuth2 (token bearer). The application is working fine. But now I want to implement google/facebook sign in with it so that both web and mobile users can use it.
After a bit of search, I found that firebase is a good option for this. But I am not able to find a way to authenticate the external token to the access token of the API. Pardon my understanding with firebase, I am completely new to it (just started a couple of hours ago). I have a few questions regarding this.
Do I have to change my current authentication method and use firebase authentication for internal login as well or is there some other way?
I am storing the data in an external DB. Do I will have to use the firebase db for the user to validate.
How do I validate the access token with external login token?
Kindly suggest. If there's any alternative approach, that too will be appreciated.
PS: I am using Owin for Authentication right now
For use external login with firebase you need a token thats all.
https://firebase.google.com/docs/auth/admin/create-custom-tokens
Not, you can use your un service for validate your user.
Please Read the link that i posted
I need to develop an external API, and I want to implement authentication with a client ID and a secret key just like Facebook, Twitter, Google and Microsoft do.
I have read some tutorials about OAuth2, but his generated token is temporary, and clients need to pass the username and password to get a token.
So, what I want is to give a client ID and a secret key to every client that will use my API, and they should pass this data on every method they call. Before returning the result, API checks if the request is valid.
What is the best way to do this?
I think what you're looking for is 'Basic Authentication'. Here's a very simple tutorial to follow in order to fulfill your requirements: http://www.c-sharpcorner.com/blogs/basic-authentication-in-webapi
It goes without saying that you should set your site to force https so that the credentials in request header are encrypted.
I am building a reactjs website that will communicate with asp.net web api 2 to save and retreive data.
but I am not sure how to do this.
I know to accomplish this on a high level it would be something like
User comes to my site and hits signup/log
Chooses which provider then want to use(google, facebook and etc). I am only want to support external providers(ie I don't want to have to deal with usernames/pwds)
User it sent to authenticated part of site
User clicks "add course" that data send via ajax to webapi with some sort of token to prove they have access to these methods.
I am not sure how to implement this problems I see is
Reactjs I guess is handling the authentication part? then once they been authenticated it would have to be saved in my db via webapi so it knows about this new user?
Reactjs would have to block users from going to secure pages till they are authenticated
Web api would have to generate a token for the user for that session so they can access the web api(I want to stop people from consuming my api).
Is there some simple example out there how to achieve this?
Reactjs I guess is handling the authentication part? then once they been authenticated it would have to be saved in my db via webapi so it knows about this new user
Better use some third party auth library here like PassportJS that does the auth for you using strategies like Passport-Facebook. This will give you an Oauth access token from Facebook upon authentication. You can now save this token in your cookies (or localStorage), take a look at the security considerations.
Should you store it in a DB? Here are some arguments about it.
Reactjs would have to block users from going to secure pages till they are authenticated
This can be done by checking if they have a valid token.
Web api would have to generate a token for the user for that session so they can access the web api(I want to stop people from consuming my api).
This can be easily achieved by using JSON Web Tokens. Note that you will have to store the JWT in your client side locally, along side your FB-Google oauth tokens (or you can relegate that to a single API by storing them in DB?. Its a design choice, I would prefer to store them separately and save a lot of hassle).
Currently I am working MVC4.5 with razor,
I have try to integrate Twitter API in My Application but no luck. Could you please help me how to integrate Twitter API in my Application. I have create twitter API which details following
OAuth settings
Access level Read-only About the application permission model
Consumer key - [ConsumerKey]
Consumer secret - [ConsumerSecret]
Request token
URL https://api.twitter.com/oauth/request_token Authorize
URL https://api.twitter.com/oauth/authorize Access token
URL https://api.twitter.com/oauth/access_token Callback
URL http://www.opalevents.org/
Okay, this isn't short and I can't tell you the whole process just with a few lines or even showing some code, but I'll try to give you the directions.
1. Authentication
First of all , most of Twitter API calls need to authentication (using your consumer keys). To authenticate you have to request twitter oAuth TOKENs (that's why request and authorize URL). Without these tokens, you aren't able to make requests for API calls that require authorization.
Authentication is made via oAuth (a lot of plataforms uses oAuth to authenticate, so familiarize with that):
https://dev.twitter.com/docs/auth/using-oauth
You have not specified what you need to integrate, but here explain how you need to authenticate by what you need to integrate:
https://dev.twitter.com/docs/auth/obtaining-access-tokens
if you want to work with user data, you need this authentication: https://dev.twitter.com/docs/auth/implementing-sign-twitter
The basic flow is:
With your consumer keys you request a token to twitter
You'll redirect your application to twitter, to user sign in via twitter
Twitter will throw back to your CALLBACK URL the secret token to make API calls
again, this is a brief, that's all detailed at mentioned docs above
2. Making API calls
Twitter provide a lot of services through their REST API, the documentation is great, and you can find what you need to use easily:
https://dev.twitter.com/docs/api/1.1
Basically each service method have its own url and required parameters for making a call. And when you provide it, you'll receive a (JSON) response.
To help debug, they provide an amazing API explorer, that helps A LOT:
https://dev.twitter.com/console
3. Twitter Libraries
Finally we have some library for twitter written for .NET:
https://dev.twitter.com/docs/twitter-libraries
https://github.com/danielcrenna/tweetsharp
http://linqtotwitter.codeplex.com/
Twitterizer was an amazing library, but seems they have stopped support:
https://github.com/Twitterizer/Twitterizer
some Twitterizer example at Twitter:
https://dev.twitter.com/docs/auth/oauth/single-user-with-examples#csharp
if someone know good ones, please edit this post.
4. Most important
And if you have some question, don't be afraid to research, read , read and read here: https://dev.twitter.com/docs