Develop Reference

How to retrieve data from SalesForce using C#

Could somebody help me find an example of getting data from SalesForce using its api with c#? E.g. getting a Contact information by its email address?

There are ready-built libraries for .NET integration such as https://github.com/wadewegner/Force.com-Toolkit-for-NET, I'd suggest starting with one of these. (old but official). Another one could be https://github.com/anthonyreilly/NetCoreForce
Old, stable, battle-tested or you want to craft the SOAP / REST messages yourself, read up about security tokens, oauth scopes, error handling, bulk API options? I'd offload at least the login part to existing library but your call :) There are many ways to connect, there's even (paid) SQL server plugin or azure data factory solution...
".NET toolkit" seems to use old SOAP API. It's... simple. You provide username, password and you get total impersonation. The app will be able to do everything the connecting user can do. The other one seems to use client id and secret, this sounds like newer REST-based API implementation (OAuth2 keys). This is slightly better, you get extra security layer of the connected app and for example if "scope" is only set to Chatter - even admin's session connecting via this app can't be abused.
There are slight differences between the APIs and the way they handle certain features (for example downloading a Document/Attachment/File via SOAP API will give you base64-encoded payload while REST API will give you a link to download the binary separately). And of course how much of the API does the library actually implement, how well it's maintained...
But generally I'd say explore the libraries first. At least steal some ideas around login logic. If nothing off-the-shelf works for you - consume the WSDL and hand-craft something in SOAP API. Worst case - craft the XML messages manually, worry about escaping special characters etc.

Get an account and api key and then use the official programming interface:
https://developer.salesforce.com/docs/apis
i'd choose: https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/intro_rest_resources.htm
So You have to read and understand this: https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/using_resources_working_with_searches_and_queries.htm
:)

how to make a successful connection to OneNote api using c#

I read the OneNote Api Documentation https://dev.onenote.com/docs
But I don´t understand how to make a request to the OneNote API with c# web application in order to get all the pages in my OneNote.
I already got the Application Id, Application Secret Id and Redirect URL, but i don´t know where do I have to use them, because I have never done and http request and the documentation only provide the following: https://www.onenote.com/api/v1.0/me/notes/pages, so I don´t know how to send the id´s, redirect url and Authorization: Bearer.
Could you provide me the specific code to get a successful connection to OneNote API using Application Id, Application Secret Id and Redirect URL.
And the code structure to make a http request in order to get all the pages, notebooks, etc
I would appreciate if you could help me with this.

I would recommend using Microsoft Graph instead of the standalone OneNote API. Microsoft Graph includes support for OneNote. There is also an SDK for .NET available. There are also code samples for ASP.NET, UWP and Xamarin.
Before you can use the Graph API (or most any REST API for that matter), you will need to obtain an authorization token (i.e. the bearer token you referred to in your question). There are libraries available for simplifying this process. Behind the scenes, these libraries are executing an OAUTH 2.0 flow. You can read about what is going on under the covers here.

I believe the link they have on the OneNote Dev page is broken. The team has put together a public repository that contains a bunch of sample code in a myriad of languages including C#.
This is the main repo
Web API (ASP.NET Core) Repo

I believe the easiest way to understand these concepts is to look at sample code that does authentication. I recommend this sample:
https://github.com/OneNoteDev/MsGraph_OneNoteApiSampleAspNetCore
Btw - the demo is here: https://onenoteapisamplegraph.azurewebsites.net

Thank you everyone I have Checked all the links that you provided me and they were very useful, I did a connection to Microsoft Graph with the authorization token and I got access to my OneNote pages.
Thank you for your help.

Supporting Multiple Types Of Authentication In (Only) Specific Web API Controller

I'm fairly new to Web API and have an existing app that, by default, uses federated authentication.
However, I have one specific controller that I'd like to use either the default federated auth, or a second method that essentially uses a password sent in an HTTP header.
My initial Googling turned up stuff like this:
http://blogs.msdn.com/b/hongmeig1/archive/2012/02/27/supporting-multiple-authentication-schemes-with-web-api.aspx
...but the approach (using an HTTP module to set the HttpContext.User) seems to be universal to a site rather than targeted to a specific controller.
Plus, I'm wondering if there are more modern approaches available since the blog was written in 2012.
Can anyone help point me in the right direction?
EDIT: In further digging, it seems like I want to use an OverrideAuthenticationAttribute in conjunction with a custom authentication filter per:
What OverrideAuthenticationAttribute is for?
...but I'm trying to figure out the best way to do it (preserving default, while also adding an additional auth option).

ASP.NET Web API with custom authentication

I am looking for help creating a Web API with custom username/password authentication.
I have my own database to validate users against, I do not want to use windows authentication.
I am hoping to be able to decorate my web api calls with an attribute like [Authorize], so that calls made without logging in will fail.
I do not want to have to pass credentials as a parameter to every method.
This API is going to be consumed primarily by mobile devices using Xamarin PCL.
The web API must use SSL.
This seems like a simple setup yet my googling does not reveal any super useful hits.
Ideally I'd want a Login controller that authorizes a user and allows subsequent method calls through.
Can someone provide a basic example or some good reading material?

It's a big subject and you probably need to spend some time boning up on the basics, sorry.
That said...
In order for subsequent method calls to be authenticated, you need something that can be passed back with every request. If you are calling your api from a website, say because you are using Angular or similar, then a simple cookie (appropriately encrypted and MACed) will work. Exactly how to implement that depends on whether you are using OWIN or not and whether you also have MVC in your project to serve up your pages. Don't create the cookie yourself, use FormsAuthentication or the equivalent OWIN middleware.
You don't need to use Microsofts Membership or Identity, but be aware that doing your own password handling is not trivial and you really need to know what you are doing with that stuff - there is no substitute for a lot of research if you want to do that.
If you need to call the api from something other than a Web site, then a cookie is painful. Also be mindful that there are some subtle CSRF vulnerabilities when using cookies and Web api that you need to understand and protect against.
An alternative to cookies is to embed something like ThinkTecture Identityserver (it's free) and use that to issue oAuth tokens and then attach them to each API request. It has a number of advantages but is also more complex.
Resources
You did ask for pointers on where to start reading. Your task is complicated by the fact that Microsoft has been changing their "default" approach to it several times over the last few years. The current default approach is Identity which replaces the previous MembershipProvider (good riddance). If you are new to this, I'd suggest you go that route to be honest - you can extend it and it ties in with most of the rest of the stack very nicely. Yes, you lose some flexibility and you need to wrap it around your current user store. But you need to ask yourself if the security you get out of the box isn't worth that.
I would also recommend Brock Allen's blog. It's pretty hardcore but he knows his stuff and will often explain the innards of a lot of Microsoft authentication technologies.
I would recommend you try to read up on "OWIN Authentication Middleware". It's where it is all going, not least with ASP.Net vNext. Sadly, most of the documentation out there focus on how super easy it is to use (and it is - for a demo) but lack any in-depth info about how it really works, which can be very frustrating.
In order to get to grips with how tokens and the different standards work, I would recommend you watch this video here: http://www.ndcvideos.com/#/app/video/2651
Then look at Azure Mobile Services which has even got client-side libraries for handling the auth I believe or ThinkTecture Identity Server. Even if you end up not using IdSrv, by going through their tutorials on how to use it, you will learn an awful lot about how this whole thing works in general; it's all based on open standards. Docs here: http://identityserver.github.io/Documentation/docs/
Try working through their tutorials; They use a windows console app in place of an app, but the concept is the same.
I wish you luck but would like to just close by saying please don't just hack something together that seems to work. Web security is increasingly complex and it is very easy to leave vulnerabilities in your code - I talk from experience :)
Don't be a Moonpig.

Depending on which version you are using. MVC5 Web API 2 implements an approach called bearer tokens. So you basically execute a post with username and password upfront to your https://applicationhostlocation/token endpoint. This will return a bearer token in the payload. You send subsequent https requests to your authorized web api methods with the bearer token in a header. This is all out of the box with the latest version of the web api. This link outlines the approach pretty well: http://www.asp.net/web-api/overview/security/individual-accounts-in-web-api

Custom Membership Provider my friend!
https://codeutil.wordpress.com/2013/05/14/forms-authentication-in-asp-net-mvc-4/
With custom membership provider You can set a Authorization Cookie Token (aka AuthCookie), and use the Forms Authentication technology in your application. With a Custom Membership Provider, You'll be able to create a custom Validation Method that access your DataBase to match users credentials.
With the AuthCookie, every subsequent request will be authenticated, like a traditional Authorization Cookie technology.
Also, you can use a rewrite Url approach to enforce users to be redirected to the SSL pages: Best way in asp.net to force https for an entire site?

Correct approach to authenticated youtube data api (v3) requests from mobile devices (initially Android)

Scope: I am developing a mobile application using Xamarin (C#) to target both Android and iPhone (initially Android). The application logic is separated out in to a PCL (C#) where possible to ensure maximum code reuse. The application integrates with the YouTube Data API v3 for the purpose of rating retrieved videos and allowing subscription to a channel.
Background: As per the documentation (http://developer.android.com/google/play-services/auth.html) I have used the suggested approach to generate an OAuth2 token for the authorised requests from Android, using the AccountManager.getToken method and this works fine and returns a token.
The next step is to make requests using this token (let's take rating a video as an example). My initial idea was to utilise the .NET client library for the YouTube Data Api (https://developers.google.com/api-client-library/dotnet/get_started). However, it seems that this would take us through the whole authorisation process once again and would likely require a web view redirect or similar. I had hoped that there may be a way to use a token which had already been retrieved to create the credential object or create the service from directly, but it doesn't appear to be the case.
The second problem I have found with the client library is that not all of the classes appear to be referenced when adding the NuGet package, namely the GoogleWebAuthorizationBroker. Additionally, as we are in a PCL we are limited with common objects such as FileStream which is utilised in the documented examples (https://developers.google.com/api-client-library/dotnet/guide/aaa_oauth). I did try to use this library from a non-PCL project also to confirm that it wasn't just the limited references in the PCL which were responsible (for the GoogleWebAuthorizationBroker reference issue).
The other option therefore was to look at manual construction of the URL and then posting the data to make the HTTP request ourselves. This too has met with limited success similar to the question listed here: Like video with access token on YouTube using YouTube Data API v3?, which doesn't appear to be answered (suggestion to use the client api). Is this method supported, and if so are there some documented .NET examples? This method would allow me so get the token natively (on android, iphone) and then pass it to a PCL library where I could make the requests, which would be preferable.
Question: So my question is given the scope of what I am trying to achieve here what would be the approved/suggested approach. Clearly the more I can do within the PCL the better from a code reuse point of view, but right now I'd be fairly satisfied with an approach that will actually just work for Android. If anyone has any examples of successfully making authenticated requests to the YouTube Data Api (v3) from Android that would also be useful. I feel like I've trawled through a lot of the documentation to this point over a number of days but not found anything definitive to say "this is how you should do it".
Thanks in advance for any help.

Well, I wouldn't necessarily deem this the answer to my question, however, it is the approach I have taken, so thought I would report back. I have kept the OAuth2 token generation code inside the Xamarin Android project and then pass that on to a PCL which has a repository to deal with the YouTube integration. As there are only a few calls I need to make (ratings, subscriptions and comments) I have elected to manually construct the POSTs via HttpClient and proceed that way.
Perhaps not as elegant as the client library integration but gets the job done. For reference this is made a lot easier if you use the Google OAuth Playground (https://developers.google.com/oauthplayground/) first to get the token and confirm the correct JSON for your request.
If anyone has any problems with this approach then let me know and I can post specific service calls as an example.

From what I can gather, this isn't what google-api-dotnet-client is for.
If you look at the source code (https://github.com/google/google-api-dotnet-client), you can see that GoogleWebAuthorizationBroker is defined for Windows Store, WP 8 etc.
This suggests that the library is intended for .NET clients running on Microsoft operating systems, rather than Android, iOS etc.
These might be the droids you are looking for:
https://github.com/xamarin/GooglePlayServicesComponents (Android)
https://github.com/xamarin/GoogleApisForiOSComponents
They are Xamarin wrappers around the Google SDK for each platform.
This makes sense because of the way Google APIs are called on Android. Rather than rely on a client secret which one should not embed in the application, the you register the app's signature against the "installed app" client ID. The operating system then provides this key when calling google services. You won't get that functionality in a PCL :)