Hi Developers in house.
I have a mobile App with a double Authentication approach where i use Microsoft liveId.
After sometime, some users report they get "Invalid LiveID" Error even when they can manually log in to Microsoft LiveId site.
I have tried to find the cause by stepping through my codes but don't seem to understand why Microsoft returns Invalid LiveID for certain users even when they can logIn to the microsoft LiveId site and also the Mobile App previously.
Anyone ever came across this?
Related
i try to login google account with c# windows app. but i have this error error
When I am trying to login via browser in my application it keeps saying "Couldn't sign you in" This browser or app may not be secure. i need sample
Google won't let you sign-in via an embedded browser for exactly the reason stated - it's not secure. To do so programmatically you need to use their API. Unfortunately this problem is far larger in scope than what an answer here on SO warrants, so here's some links:
Documentation on the .NET API (including samples) can be found here
More info on supported browsers and why this might not be one of them can be found here
I am trying to build one intranet application. What I am trying to do is to authenticate the user using the biometric system, fingerprints to be precise. Like in some laptops or notebooks I have seen there is
a fingerprint authentication system. The same thing I am trying to build but not for a particular person. The only difference is that the person's biometric information would be stored on LDAP server. So
that anyone who has the right access to use that particular machine can use after getting authenticated. I am trying to get the user's biometric information using an external biometric device. I have gone through few documentations on Windows Biometric Framework. And using sensor adapter and engine adapter as plug-ins I can get the user's biometric information and also get processed and can send to the server.
The only query I am having here is:
First thing first am I breaking any Microsoft's policy here by achieving this?
If not then how can I get windows system lock and unlock after
getting the response from the server whether the user is valid or not?
Has anyone ever tried this ?
Can anyone help me to get this ?
Thank you in advance.
If you're saying that you want to actually notify the built in windows login / authentication system (known as a system credential provider) that the user is authenticated then this is not supported by the official windows API. If this was supported anyone could create malware that simply notified the API that a user is authenticated / authorized, thereby essentially rendering all of windows security meaningless. So we should be grateful this is not officially supported.
Trying to implement something like that without official API support would definitely be against the terms of use. Since its not officially supported, you would have to resort to some awful hacks to get it to work, the implementation of which would almost certainly be considered either reverse engineering the kernel or hacking the kernel (or both) by Microsoft's legal team. Even if you believed they were wrong... would you really want to fight them (and their deep pockets)?
Let's also consider that if no official unlock API exists, then you would be required to use some kind of backdoor to achieve it. If such a thing even exists, then it would certainly be subject to being rendered useless by an MS update (which would nuke your app's login implementation).
Now that the fire and fury is out of the way, let me state that all is not lost, provided you are targeting a more recent version of windows.
You can implement your own biometric security system as you described. This is now known as a third party credential provider This would be a separate system, and Microsoft recommends that you require users setup a system credential provider as a fallback in case your third party credential system fails for any reason. If not, the user account would be impossible to recover. Again, they key difference from the first example is that your system is separate and distinct from the system credential provider (windows native lock screen).
I would like to stress though, that implementing a third party credential system is still far from trivial. You will want to read up extensively on the proper interfaces you will have to implement. I'd recommend starting here:
https://msdn.microsoft.com/en-us/library/windows/desktop/mt158211%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396
There is also apparently a sample located in the Windows SDK installation directory under \Samples\Security\CredentialProvider. Also, there is a nice technical reference of credential providers located here:
https://msdn.microsoft.com/en-us/library/windows/desktop/bb648647%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396
Click the link that says "Credential Provider driven Windows Logon Experience" to download the tech document.
I have been trying to create an iOS App using Xamarin (i.e. using Xamarin.iOS on C#) and I have run into an error I can't seem to resolve.
Basically, I have entered all the (correct) details into the default Facebook iOS SDK object as directed in the sample documents. However whenever I click login, the page returns 'unable to connect to server'.
The (URL Decoded) link the SDK sends me to is listed below:
https://m.facebook.com/v2.3/dialog/oauth?client_id=(ID-REDACTED)&default_audience=friends&display=touch&e2e={"init":REDACTED }&redirect_uri=fb-ID-REDACTED://authorize/&response_type=token,signed_request&return_scopes=true&scope=&sdk=ios&sdk_version=4.2.0&state={"REDACTED":"REDACTED= ","0_auth_logger_id":"REDACTED","com.facebook.sdk_client_state":true,"3_method":1}
Pointing to this in a browser returns me to a blank page (when I enter in my ID which I have removed from the link above). I'm pretty certain this is due to an error in the way I have set up my application on Facebook as opposed to an error with the SDK (I'm using the default provided by Xamarin). I have removed the app from Sandbox Mode as directed and I have tried to follow the instructions provided on a couple of forum posts but nothing has changed and I am at a loss right now...
Any advice?
Thanks!
Turns out I've managed to solve my issue...
For some really odd reason, m.facebook.com and facebook.com were added as entries in the hosts file (meaning that they were essentially blocked domains). This was weird given that I could access facebook from standard browsers like safari/firefox (just not the safari browser in the simulator).
If you have a similar issue, please change the hosts file (follow some tutorials online).
I’m working on getting data sync happening for my Win8/WP8 app - written in XAML/C#. Periodically / or at app start up / suspend, I want to sync data files with the user’s OneDrive. To do that I need to get them to login to their Microsoft Live Account. I was looking to use Live SDK (v5.6) to do that.
Problem:
For users who have local Windows 8 accounts, the Live SDK lets me sign then in with a built-in credential prompt. This is working.
For users who have linked their Microsoft account with their Windows 8 account (and are logged in to Windows using their Microsoft account) the Live SDK lets me use single sign-on - and I have this working.
But I can’t call sign out, in order to sign in with a different Microsoft account.
1b is my problem. The built-in Windows Store app, lets users have a UX where they can use the MS account linked to their Windows account - OR - choose to use a different MS account. In effect: a ‘sign in as different user’ option. (See attached). It doesn’t look like it is technically single-sign-on in the built-in Windows store app, but that’s the UX I want - I don’t care so much for single sign-on, its a nice to have, but sign-in as a different user is a very important requirement.
What I’ve tried:
Lots of searching around. Found a bunch of people on the interwebs asking for the same thing. There are unanswered questions and even some ‘accepted’ answers on SO that don’t really work:
Sign in to multiple Microsoft account in Windows Store app
Windows Live SDK doesn't LogOut()
(incorrect answer)
Can the Windows 8 Live SDK use another Microsoft Account other than the current user? (incorrect answer)
I’ve forked the LiveSDK on Github (https://github.com/krishna-nadiminti/LiveSDK-for-Windows/commit/2cdb5408c0d8482c026cd96da6b99e4633677081) and tested it out - with and without requesting the ‘wl.signin’ scope - no good. It doesn’t have an option to change user.
Looked through the docs for WinRT - OnlineIdAuthenticator class, there is an option to always show CredentialPrompt when signing in users - but it does not allow the user to change the username if signed in via a linked account.
I looked through the built-in WinStore app’s js code and it uses some internal (native?) call to a ‘OMStub’ - which has methods to auth the user. This doesn’t seem to be part of the public JavaScript Live SDK
Question(s):
Are there Win32 / WinRT APIs that I could use to show credential prompts in a XAML app?
Can I use a WebView and auth users that way?
Should I just fall back to using the REST API and roll my own auth flow + UI for this?
How does the WinStore app do it?
Workarounds / Store certification:
For now, I’m a bit worried I only have the last option: roll my own .NET client over the Live connect REST API, and add my own UI for the credential prompt, and a user consent dialog which look exactly like the ones that the Windows Runtime provides. What will happen to store certification in that case? I can run it past WACK first - but the store app cert guidelines don’t talk about this: so unsure whether it will pass certification.
There is no mention of Microsoft account that I could find in the app certification guidelines.
The docs for Live SDK on MSDN explicitly mention that we’re not meant to create our own login UI: http://msdn.microsoft.com/en-us/library/windows/apps/xaml/hh968445.aspx
However, the store app seems to violate this - may be because it doesn’t use the Live SDK at all.
There is also a MSDN article that says when the user signs in to Windows with a Microsoft account, sign out is just not possible from inside an app:
http://msdn.microsoft.com/en-us/library/windows/apps/jj193591.aspx#adding_user-authentication_functionality_to_your_windows_store_apps and that the only way is for the user to dissociate the Windows/Microsoft account or switch to a different user account.
Again - clearly this is not the case. The store app provides users a way to use a different account.
Help please?
You might want to look into the Web Authentication Broker: http://msdn.microsoft.com/en-us/library/windows/apps/xaml/dn448945.aspx
It will invoke the actual Microsoft Account login flow but still give you the flexibility to sign out and back in as another user.
I'm using the Facebook C# SDK 6.0.20 to allow users using my app to log onto facebook. I'm using the display=touch parameter so that the fb login page renders for mobile devices with smaller screens. The problem is, fb keeps reading it as display=wap which is being deprecated. As a consequence, users are receiving an error message when logging on. Is there a solution to this other than forcing users to see the ugly full screen display on a mobile device screen?
Facebook has been unhelpful and unwilling to accept this as a bug but rather says it is a "feature by design", but everyone else seems to think it is a bug. (https://developers.facebook.com/bugs/355102764525510) Why would facebook try to discourage WP7 developers like this when they apparently have a good relationship with Microsoft, which provides them with map services for fb places?
Facebook display=touch for WP7 is now directing properly after recent facebook updates on July 5th. This should no longer be a problem.