I need to write from my site to my Facebook page.
I am using this c# SDK: enter link description here
I found the Facebook documentation : enter link description here
To make this operations, i need to get a token before, like documented here (Page login section) enter link description here
If i try to type the url in the browser, like in the example and using my application data, the token will be give me back in the URL.
This is the sample url that will return my token in the url:
https://www.facebook.com/dialog/oauth?
client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=manage_pages&
response_type=token
My question is: i'm using asp.net MVC, how can i call this url and get the returned token (from url); WebResponse method does not let me to have the returned url.
which class and method should i use into my controller?
tks
i solved bypassing this step.
I manually get the token for the admininistrator of the page and after i can obtain the token of every page administrated by the user.
Then i store it into web.config (application settings).
With this token i can publish to my wall from my server when i want.
See FB Page Section
Related
I'm trying to use Google Sign-In from my web application (asp.net vb.net).
Following the tutorial that Google provides, and using Google API libraries for .NET this is an easy task.
https://developers.google.com/identity/sign-in/web/sign-in
Now the result of this approach is that I check on the client for a googleUser.getAuthResponse().id_token which is a JWT and send this to my server side code with ajax for validation and to get the payload with the Google unique user Id and other infos.
All this happens on the same page, with a popup from Google, triggered by the default button they provide in the tutorial.
What I'm trying to accomplish is to obtain the same JWT (id_token) without the popup, but actually issuing a redirect to Google, when the user clicks on a custom "Log in with Google" button.
Sadly all the example I found, even from Google itself, involve a much more complex interaction where you get a code from the server, that you then have to exchange for temporary and refresh tokens, and so on.
While the client side approach with the popup window they provide, gives you immediatly the JWT token in response, not that code to request the token, that you have to validate then (I do this with Google .Net APIs with GoogleJsonWebSignature.ValidateAsync(externalToken) and retrieve the payload that way).
Looking at the urls in the popup, what I noticed that differs from all the examples I found that serve you the "code" for token exchange, are those parameters: flowName=GeneralOAuthFlow and response_type=permission%20id_token
While the examples you find for server to server transaction all include calling Google with response_type=code
I tried tampering a bit with the popup url to let it open in a new full window, copying and modifying the url but with not much success. I'm redirected but without the id_token parameter.
Any hint would be much appreciated since I'm not able to find any documentation on response_type=permission%20id_token to query Google service.
Thanks in advance
For anyone interested... I found a solution. The url to redirect to is:
https://accounts.google.com/o/oauth2/auth?response_type=id_token&redirect_uri={0}&scope=https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile&client_id={1}&state={2}
Where
{0} is the redirect url on your server, registered inside google console for this client_id
{1} is your Google client_id
{2} is some querystring or variable you want back to your server when the redirect happens
It works... it gives you back directly the id_token that you can verify with Google .NET APi with GoogleJsonWebSignature.ValidateAsync(id_token) and get as a result a payload (you have the payload class in Google Api .NET as well).
Only issue is that when Google comes back to your redirect url with the id_token in the querystring, it uses hash (url fragment #) so nothing is passed to the server.
There are workarounds with js to get the value and send to the server with ajax or redirect to the same page replacing the hash with ? but this is very annoying.
I imagine there are serious security reason for google to do this but from a dev standpoint is really a pain.
Instead of all those hacks i resorted to the longer way requesting response_type=code instead of the id_token, which returns a canonical querystring with ?code=...
If anyone knows how to get beck the id_token without the hash in the url it would be great.
I want to implement an Actions for Google app that links to user account in a Firebase project and query's their data. I have a website that is set up using Firebase UI that logs them in and redirects them to a dummy page that basically just says "You have been logged in." I cannot see any documentation anywhere that shows how to return this auth token to google so the assistant can use it to query things on their account. Does anybody know how to accomplish this? I am using this documentation https://developers.google.com/actions/identity/google-sign-in-oauth?creation=no. This is the specific text I am not understanding.
"Your service creates an access token and returns it to Google by redirecting the user's browser back to Google with the access token attached to the request."
This basically means that, instead of returning a new page, you issue an HTTP redirect to a URL that they have sent you as part of the request. You will need to add some parameters to this URL that include the auth info, and this is how Google will get the information - via the redirect handled by the user's browser.
They provide some details further down in step 4 on that page, which reads
Send an HTTP response that redirects the user's browser to the URL
specified by the redirect_uri parameter. Include all of the following
parameters in the URL fragment:
access_token: the access token you just generated
token_type: the string bearer
state: the unmodified state value from the original request
The following is an example of the resulting URL:
https://oauth-redirect.googleusercontent.com/r/YOUR_PROJECT_ID#access_token=ACCESS_TOKEN&token_type=bearer&state=STATE_STRING
I am trying to authenticate a user with Azure Mobile Services from within a ASP.NET Web Form (.aspx.cs).
I have provisioned my Mobile Service to authenticate with Facebook using the steps described here: http://azure.microsoft.com/en-us/documentation/articles/mobile-services-windows-store-dotnet-get-started-users/.
This tutorial, however, describes authenticating in a XAML app where popups can appear, but I need to Log the user in within a postback of the web form, where showing a popup is impossible.
According to the docs I can do this by using the LoginAsync() function, like this":
MobileServiceClient client = MyAppsMobileClient.getClient(); //this handles setting the app ID and url
MobileServiceUser user = client.LoginAsync("facebook","");
Now, my problem is the second argument of this function. According to the docs, this is of type JObject, and apparently it is a JSON object I obtain from facebook when I first log in. Now, I can make a simple Login form for the user to enter his facebook ID and password, but I still don't know how to obtain the JObject I need to log in to Mobile Services. Do I need to delve into the Facebook APIs? Is this done using Ajax? Any examples, guides or tutorials on this would be welcome.
You can create a jObject from the data received from Facebook like this:
var token = JObject.FromObject(new
{
access_token = "YOUR TOKEN HERE"
});
This sample was taken from this SO thread:
Azure Mobile Service LoginAsync with Facebook Token is Unauthorized
And here you can read how to obtain an access token from Facebook using JavaScript:
Obtaining an Access Token
I'm following the authorization instructions but I can't figure out how it's supposed to work. I'm sending a request to https://www.linkedin.com/uas/oauth2/authorization, and passing the required fields. The call succeeds and returns some authorization html, which I display, and it looks like this:
But the form containing the Allow Access button has an action of /uas/oauth2/authorizedialog/submit, and so clicking it fails, because there's no domain specified. Clearly it's supposed to be displaying some sort of authorization on the LinkedIn site, not my own. What am I doing wrong?
Argh, what I was doing wrong was trying to download the contents of the authorization url page, instead of simply redirecting to it. Redirecting to it does open the page on their site, and I can authorize, and then be redirected back to my own callback.
I am using oauth in my web application to access Twitter. My problem is i am not getting the token secret and moreover when i run my application it asks the user for authorization request. when the user click "allow', it does not go back to the called url. Infact it shows a blank untitled page with a url having oauth _token value and oauth_verifier value.
Can someone throw light on this.
Before you send users to twitter.com to authorized the app you need to save the request token secret. When the users clicks allow they will return to the callback url you specify. Once there you need to use the request token/secret to get an access token from twitter that will let you perform API requests as a user.
http://dev.twitter.com/doc/post/oauth/access_token