Could anybody tell me how to get a user ' s complete details in twitter api after fetching access_token.
In twitter blog i found in a question that
"You can then issue a request to the canonical source of information about a user, GET users/show with a request like GET https://api.twitter.com/1/users/show.json?screen_name=kool_aid_wino -- this response will include fields pointing to the user's current avatar image and so on."
I dont understanding correctly Users/show how to use it..??
Is there any tutorials or examples of asp.net you know to accomplist this..??
Check this example regarding Http web request you will get an idea..
http://stritar.net/Post/Using-JSON-with-asp-net-is-like-wiping-your-ass-with-silk.aspx
Related
I am going over to a Wordpress and my WP plugin is asking me about "Authentication Code" And I have no idea where to find it.
Without the plugin name it is hard for me to determine what specific authentication code is needed, so I'll assume that you mean the OAuth Client ID. Please, forgive me if I am mistaken. You can generate a new OAuth Client ID following this steps:
Open Google Cloud Console and select your project.
Go to Navigation menu ⮞ APIs & Services ⮞ Credentials.
Select +Create credentials ⮞ OAuth client ID at the top.
You'll be prompted to select an application type. In case of a Wordpress plugin you need to choose Web application and give it a descriptive name.
Click on +ADD URI and include your webpage URL. This action will whitelist your webpage to authorize this OAuth client.
Tick Create to finish the process and annotate your client ID and secret.
With this procedure you would have created an OAuth client ID and its secret. Now we can take this client/secret pair and use it to request an authorization code over some Calendar API scopes.
After getting an authorization code, you can ask Google to exchange it for a pair of refresh and access tokens that you can use on every call to the Calendar API.
Following these steps you would have created every authentication code possible, you just need to determine which one is the required for that specific plugin. Please, don't hesitate to ask me any additional doubts.
I'm trying to use Google Sign-In from my web application (asp.net vb.net).
Following the tutorial that Google provides, and using Google API libraries for .NET this is an easy task.
https://developers.google.com/identity/sign-in/web/sign-in
Now the result of this approach is that I check on the client for a googleUser.getAuthResponse().id_token which is a JWT and send this to my server side code with ajax for validation and to get the payload with the Google unique user Id and other infos.
All this happens on the same page, with a popup from Google, triggered by the default button they provide in the tutorial.
What I'm trying to accomplish is to obtain the same JWT (id_token) without the popup, but actually issuing a redirect to Google, when the user clicks on a custom "Log in with Google" button.
Sadly all the example I found, even from Google itself, involve a much more complex interaction where you get a code from the server, that you then have to exchange for temporary and refresh tokens, and so on.
While the client side approach with the popup window they provide, gives you immediatly the JWT token in response, not that code to request the token, that you have to validate then (I do this with Google .Net APIs with GoogleJsonWebSignature.ValidateAsync(externalToken) and retrieve the payload that way).
Looking at the urls in the popup, what I noticed that differs from all the examples I found that serve you the "code" for token exchange, are those parameters: flowName=GeneralOAuthFlow and response_type=permission%20id_token
While the examples you find for server to server transaction all include calling Google with response_type=code
I tried tampering a bit with the popup url to let it open in a new full window, copying and modifying the url but with not much success. I'm redirected but without the id_token parameter.
Any hint would be much appreciated since I'm not able to find any documentation on response_type=permission%20id_token to query Google service.
Thanks in advance
For anyone interested... I found a solution. The url to redirect to is:
https://accounts.google.com/o/oauth2/auth?response_type=id_token&redirect_uri={0}&scope=https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile&client_id={1}&state={2}
Where
{0} is the redirect url on your server, registered inside google console for this client_id
{1} is your Google client_id
{2} is some querystring or variable you want back to your server when the redirect happens
It works... it gives you back directly the id_token that you can verify with Google .NET APi with GoogleJsonWebSignature.ValidateAsync(id_token) and get as a result a payload (you have the payload class in Google Api .NET as well).
Only issue is that when Google comes back to your redirect url with the id_token in the querystring, it uses hash (url fragment #) so nothing is passed to the server.
There are workarounds with js to get the value and send to the server with ajax or redirect to the same page replacing the hash with ? but this is very annoying.
I imagine there are serious security reason for google to do this but from a dev standpoint is really a pain.
Instead of all those hacks i resorted to the longer way requesting response_type=code instead of the id_token, which returns a canonical querystring with ?code=...
If anyone knows how to get beck the id_token without the hash in the url it would be great.
I need help with facebook API,
I have a plugin Flow-Flow Social Stream, I create new API from manual there method 2: https://docs.social-streams.com/article/46-authenticate-with-facebook.
enter image description here
But after paste all information on plugin I see only this error message:
Sorry, an error occurs from Facebook API: (#10) To use 'Page Public Content Access', your use of this endpoint must be reviewed and approved by Facebook. To submit this 'Page Public Content Access' feature for review please read our documentation on reviewable features: https://developers.facebook.com/docs/apps/review.
I don't know what more for this do now, please I there someone who Can advice me best solution or any advice?
This error is an indication that there is no proper page access token being used for the API requests. To be able to access content from just any public page, you would need to submit your app for review of that “feature” first. But with a page access token it isn’t “public” access any more, the page token proves that you have admin access to the particular page in question … so if you still get that error, it most likely means you did not create a proper page access token.
Double-check that, and debug your access token to see if it is actually a page access token for the page in question, and what permissions it includes. https://developers.facebook.com/tools/debug/accesstoken/
I am trying to integrate PayuMoney payment gateway into my Meteor App. The process involves sending a POST request to a external url(payu url) and also redirecting the user to it. The user completes the payment on PayUmoney's site and once done, the PayUmoney site redirects back to a url(provided by me) with parameters passed as POST.
What I have done currently,
To post the form, I have allowed the default behavior of the form. I have defined the method as POST, with the target URL and all input parameters as hidden.
However, I am unsure on how to accept the variables after the tranasaction. I tried this method: How do I access HTTP POST data from meteor? but, this didn't work.
Technical Integration Document (Pay U Money): https://s3.amazonaws.com/uploads.uservoice.com/assets/074/080/407/original/PayUMoney_Technical_Integration_Document.pdf?AWSAccessKeyId=AKIAJF4UXUF6KJMEJFQQ&Expires=1519543396&Signature=ASnFquJkmCwQSMfx93w913MjZPk%3D
Any help will be appreciated. Thanks!
Assuming you're talking about accepting the response from PayUMoney, meteorhacks:picker is a great library for setting up an API. If you follow along with this guide, you'll get taken through all the steps of setting an endpoint up that can accept a cross-origin POST request.
I am implementing Facebook login on my website. I am creating an asp.net user as well with the Facebook users details. This way I can control login in people to my site using .NET membership regardless of whether they are a Facebook user or not.
The problem I am facing now is security. When a user logs in with Facebook I am calling a webservice with their facebook details, if the user exists on the system (by their facebook userid) then I log them in. However as it stands anyone could call the webservice with someone elses facebook id and it would log them in (if that user existed on the system). Is there something that I can use to link the facebook user with my asp.net user that is only accessible to that user, such as an access token. It also needs to be something which does not change? Does facebook send back such a thing in the response object?
Any help or suggestions are much appreciated.
Thanks
Yes, we can get that profile data from Facebook. Using that requestAccessToken Url you can get that access token.
requestAccessTokenurl="https://graph.facebook.com/oauth/access_token?client_id={0} redirect_uri={1};client_secret={2};code={3}"
Also we can get the Profile Data using this access token
requestProfileUrl="https://graph.facebook.com/me"
please see this link- http://easyoauth.codeplex.com/
you can download the source code also :)
We have implemented for Facebook, Twitter, LinkedIn, Google using this framework. It is very straight forward. I can help you how to do this.
Thanks