Twitterizer.TwitterUser.IsFollowing returns null - asp.net

I am using Twitterizer to integrate Twitter into my ASP.NET app. After authenticating the user I am using following code to see if the authenticated user is following a specific user:
Twitterizer.TwitterUser followed = new Twitterizer.TwitterUser();
followed.ScreenName = tw_current_like;
bool? Following = followed.IsFollowing;
However Following.HasValue is always false. Am I missing something?

As I stated on the forums. Instantiating TwitterUser will not fetch any data from Twitter.
Also, the Twitter API is spotty in how/when it supplies the following indicator. You can use TwitterFriendship.Show(OAuthTokens, decimal/string) to query details about the relationship between the authenticated user and another user.

Related

MobileServiceUser returns wrong UserId

I have an existing user in my Xamarin Forms app whose Details are as follows:
First Name: Jim
Last Name: Smith
ProviderLoginId = jsmith#google.com
OAuth Provider: Google
When I first create this user, I use the following method to authenticate against google as follows:
result = await AuthenticationClient.AcquireTokenInteractive("https://***.onmicrosoft.com/profile.read/profile.read")
.ExecuteAsync();
JObject objToken = new JObject();
objToken.Add("access_token", result.IdToken);
MobileServiceUser user = await App.syncMgr.CurrentClient.LoginAsync(MobileServiceAuthenticationProvider.WindowsAzureActiveDirectory, objToken);
Now, I take the UserId property from the MobileServiceUser user variable and store it into my User Table as primary key.
Subsequently, I create another new user with the following details:
First Name: Jim
Last Name: Smith
ProviderLoginId = jsmith#hotmail.com
OAuthProvider: Microsoft
When I create the user using the same steps as above, I get the same UserId back from Azure. Obviously, I am not able to store it in my User table for the second user. This only happens when the first name and the last name are the same regardless of which ProviderLoginId was used (whether it was Google OAuth or Microsoft OAuth).
Should I not be getting a unique UserId in each case? Since the bug surfaces only when the first and last names are same, I am assuming it is some sort of a bug.
Any and all help is appreciated.
You are using the older client, which is no longer supported.
You should be submitting the access token to the service, not the IdToken. You haven't stated what the AuthenticationClient is, but hopefully it is ADAL (since the older service doesn't work with MSAL).
The newer client and service completely abstracts the authentication code, allowing you to use whatever authentication mechanism you like and just dealing with standard OAuth2/OIDC and bearer tokens (Authorization header) instead of the non-standard X-ZUMO-AUTH header that was used in the past. My recommendation is to upgrade the client and server.

ADFS 2016 On behalf of flow : cannot get any user informations

I'm trying to implement the "on behalf of" flow in an application using ADFS 2016 as STS. As a reference, I look at this Microsoft tutorial (https://learn.microsoft.com/en-ca/windows-server/identity/ad-fs/development/ad-fs-on-behalf-of-authentication-in-windows-server). It's working as it should, I can login into my web application and then use my original access token in UserAssertion to generate a new access token with the proper audience to call my API BUT I found absolutely no way to include any user informations (sub, name, email, upn etc.) into the access token for my API, even if I set claim rules into my ADFS configurations for the API.
I checked the communication between my app and adfs using Fiddler and everything looks like the informations in the tutorial. See the screen shot of the "on behalf of" request below :
Here's the resulting access token :
Finally, here's the code I use to generate my new access token :
private async Task<string> GetAccessToken(ClaimsPrincipal user, string originalAccessToken)
{
var authority = "[authority]";
var context = new AuthenticationContext(authority, false);
string userName = user.FindFirstValue("upn");
var userAssertion = new UserAssertion(originalAccessToken, "urn:ietf:params:oauth:grant-type:jwt-bearer",userName);
var cc = new ClientCredential("https://localhost:44387/", "[client_secret]");
var result = await context.AcquireTokenAsync("https://localhost:44339/", cc, userAssertion);
return result.AccessToken;
}
Have you struggle with that scenario and if yes, did you find a way to fix this ?
Thanks
I've only used the Microsoft On Behalf Of flow with Azure AD and not ADFS, but it looks like you need to send a more detailed scope in your User Info request.
Maybe try sending 'openid profile email', to indicate that you want that type of detail, as in Section 17 of my blog post. Of course this assumes that this type of data has been registered for all users.
TROUBLESHOOTING
Looks like one of these will be the cause:
A suboptimal Microsoft library that does not allow you to send the required scope
Or ADFS 2016 perhaps lacks the scope features that work correctly in Azure AD
I would concentrate on making extra sure you are sending the correct form URL encoded request message, using a tool such as curl, Postman or a plain C# HttpClient. Here is the code I used to send the correct scope - using an open source library rather than a Microsoft one:
Sample NodeJS Code
If you can get the scope sent correctly then you should have a resolution either way:
Either you get the correct data and can update your code
Or the behaviour you want is not supported by ADFS
Good luck ...

How to pass user authentication of a private dataset through SODA API?

I need to access a private data set in socrata using SODA API. Suppose below link is the data set
https://data.cityofchicago.org/resource/xxxx-xxx.json
I get the following error when try this.
"error" : true,
"message" : "You must be logged in to access this resource"
I have valid credentials to access the data set. But how can I pass it through SODA API calls?
I tried the below code but it doesn't work.
https://data.cityofchicago.org/resource/xxxx-xxx.json?$username='myname'&$password='pwd#123'
You'll need to use either HTTP Basic or OAuth 2.0 to authenticate. We have details on how to do that on the developer portal.
Make sure you also provide an application token, as detailed in those docs.
You need to pass Secret-Token and AppToken with the query string.
How to Get secret Token
Log in to your portal and select "Create new Application"
Enter https://data.cityofchicago.org/resource/xxxx-xxx.json in the "website" field.
Save it.
Go to "Manage" and get your AppToken and SecretToken from under "Manage".
Now, pass the app token and secret token in the URL according to socrata developer document syntax:
https://sandbox.socrata.com/oauth/access_token
?client_id=YOUR_AUTH_TOKEN
&client_secret=YOUR_SECRET_TOKEN
&grant_type=authorization_code
&redirect_uri=YOUR_REDIRECT_URI
&code=CODE
I am also looking for an answer for the same question. After passing the app token I can access public DB but can not access Private DB.

get logged in user details with Facebook sdk and .Net

I am following this link to get the logged in users details and using this code snippet below
FacebookClient fb = new FacebookClient(string_access_token_here);
dynamic myInfo = fb.Get("/me")
dynamic myExtraInfo = fb.Get("/me?fields=albums.limit(5).fields(name, photos.limit(2).fields(name, picture, tags.limit(2))),posts.limit(5)");
While I get the basic details in myInfo, in my extra info variable I only end up getting an ID
I suspect I have not crafted the URL properly. Is there something else I need to do?
You need to request the user_photos permission for your access token before you can request albums/photos.
The query itself is fine:
https://developers.facebook.com/tools/explorer?method=GET&path=me%3Ffields%3Dalbums.limit(5).fields(name%2C%20photos.limit(2).fields(name%2C%20picture%2C%20tags.limit(2)))%2Cposts.limit(5)&version=v2.0

Is there a way to check if user has granted a given permission in server-side?

I need to check if user has granted a given permission (for example: publish_stream) in server-side. It seams for client-side exists solution but what I need is for server-side.
Any idea please?
You need a server side API like the Facebook Java API or restFB. These are java APIs (that I have used), there a host of others for different languages. The official ones are shown on the Facebook developer portal.
Using these APIs you will be able to do more than just authenticate a user on the server side. Follow the link to the different pages and you'll find snippets that will get you started in no time!
EDIT
Since you're using ASP, you'll need an ASP .NET API. This is the first result found from a google search http://facebooksdk.codeplex.com/ .
Using this API and an MVC architecture, you are able to annotate any controller actions that contain code that requires permissions with something like [CanvasAuthorize(Perms = "publish_stream")] and when the user calls that action they'll need to provide permission.
I cant give more details as I've never used this API but do check out this in-depth tutorial on building a sample application.
You can make a Graph API call to this URL https://graph.facebook.com/me/permissions including the user access token. You will get results with the user's permissions. For more details see https://developers.facebook.com/docs/reference/api/user/
Solution:
Step 1. First u must make a query:
query is like: SELECT {0} FROM permissions WHERE uid = {1}
{0} is comma-separated permissions. for example: publish_stream,offline_access
{1} is userId
Step 2. Then send this query to the given url:
url: https://api.facebook.com/method/fql.query?query={0}&format=JSON&access_token={1}
{0} is query that we made in step1
{1} is user's AccessToken
Sample Result: [{"publish_stream":1,"offline_access":0}]
Update Another way with using Graph Api:
https://graph.facebook.com/me/permissions?access_token={0}
{0} is user's AccessToken
Sample Result:
{
"data": [
{
"installed": 1,
"status_update": 1,
"photo_upload": 1,
"video_upload": 1,
"offline_access": 1,
"create_note": 1,
"share_item": 1,
"bookmarked": 1,
"publish_stream": 1
}
]
}

Resources