I'm trying to create an app with .net/C# that connects to quickbooks online using DevDefined OAuth. However, I'd like to test with the single use developer tokens before going into production. My issue is that I cannot find a single code example anywhere that describes how to connect to quickbooks (or really any service) that doesn't involve 4 different urls and five different keys, most of which I don't have. So, can someone please describe the process and preferably post or link to some code examples of how to connect to a service using OAuth dev tokens.
Start here:
https://developer.intuit.com/docs/0150_payments/0060_authentication_and_authorization/connect_from_within_your_app#/user
You'll need at least 3 URLs -- OAuth itself requires this:
Request token URL is: https://oauth.intuit.com/oauth/v1/get_request_token
User authorization URL is: https://appcenter.intuit.com/Connect/Begin
Access Token Request URL is: https://oauth.intuit.com/oauth/v1/get_access_token
You'll need several keys:
consumer key
consumer secret
app token
You should have all of those already, since Intuit gives them to you when you register an application with them.
You can ignore this step entirely in the link above: "Step 2: Once the user has logged into your app, call the setup() function."
If you're having trouble, post your code.
Adding to what Keith has mentioned -
Sample app link for .net using dev defined and all urls is mentioned below.
Go to https://developer.intuit.com/.
Create an app on out platform for the QBO v3 apis.
You will get a set of consumer key, consumer secret and app token.
Then implement Connect to Quickbooks button.
Set the above keys in the config of your code.
Then run the code.
You client who has the QBO company can then authorize your code/website to access his QBO company data using Connect to Quickbooks button.
You will then set of access token and access token secret and realmid/companyid to make api calls for their QBO company which is valid for 180 days.
To 'renew tokens', you can call reconnect api after 10 days or do Connect to Quickbooks after 180 days to get new tokens.
See the QBO v3 api sample app here-
https://github.com/IntuitDeveloperRelations
Set in your app keys in the config and test it out.
Also refer imp docs here-
https://developer.intuit.com/docs/0100_accounting/0060_authentication_and_authorization
https://developer.intuit.com/docs/0100_accounting/0060_authentication_and_authorization/connect_from_within_your_app
https://developer.intuit.com/docs/0100_Accounting/0500_Developer_Kits
API docs-
https://developer.intuit.com/docs/api/accounting
Use API explorer to test out calls-
https://developer.intuit.com/v2/apiexplorer?apiname=V3QBO
Private publish-
To do a private publish, you need to go to your app dashboard->Your app and then click on Prod tab->All all urls ->Save->Then go to Keys tab under Prod to get the Prod consumer key and secret.
Apps.comhttp://Apps.com publish-
https://developer.intuit.com/docs/0100_accounting/0008_release_your_app_to_production
https://developer.intuit.com/docs/0100_accounting/0009_publishing_and_marketing_your_app
Related
I'm looking to build a CLI application (most likely in C#) for Linux, Windows and Mac. The App will all access some of my API's, arleady deployed in the cloud. These API's are protected using Firebase Auth. At the moment Auth is done via my website and I support Social Sign in such as GitHub, Google etc.
Now when it comes to adding auth into a CLI app I'm completely stumped. I've been Googling this and can't find anything that walks through what you need to use. Do I need to package the Admin SKD? How to do I protect my Firebase keys (do the need to be in the CLI app)?
Can anyone point me in the right direction here please?
Many thanks in advance
For email and password authentication, you can use Firebase Auth REST API to create/login a user with provided credentials. For OAuth providers such as Google and Github, you can follow OAuth 2.0 Device Authorization Flow described in RFC 8628 and then call Firebase's 'sign in with OAuth credential' to create the user in Firebase Authentication. Here's the general flow for Google Auth:
Request device and user code from the OAuth provider (e.g. Google)
Open the returned link in a browser and ask user to enter the code shown (user may have to open the browser in any other device if current one cannot open a browser e.g. in VMs)
Keep polling for access token till you get the token or any of the errors listed in RFC 8628 section 3.5.
Create/SignIn the user with Firebase using sign in with OAuth credentials REST API using the accessToken returned in previous step.
The last API will return Firebase Authentication's idToken and refreshToken that you can use to further authentication users in your backend.
Checkout OAuth 2.0 for limited input device apps for more information.
Do I need to package the Admin SDK?
No, the Admin SDK must be used only on server side as it has privileged access to your Firebase resources like bypassing security rules.
How to do I protect my Firebase keys (do the need to be in the CLI app)?
The keys are meant to be public (like an identifier for your project). See Is it safe to expose Firebase apiKey to the public? for more information.
I'm working on a small application to connect to Microsoft Azure, list all databases belonging to a certain resource group, and export all said databases. I'm using the Microsoft.WindowsAzure.Management.Sql library for this.
Following this guide, I've managed to set up an app registration in AD for my application and assign it the Owner role (for testing), authenticate with Azure and get an access token.
However, when I try to use that token to perform any operations on the database (such as listing all databases, using IServerOperations.List), I get the following exception:
ForbiddenError: The server failed to authenticate the request. Verify that the certificate is valid and is associated with this subscription.
The tenant ID, subscription ID, client ID and client secret are all correct, and changing any of them results in a different exception, already at the authentication stage.
How can I fix this? If the correct answer is "switch to Microsoft.Azure.Management.Sql" I'm perfectly fine with that, but if possible I'd at least like to understand why this is happening.
HIf the correct answer is "switch to Microsoft.Azure.Management.Sql" I'm perfectly fine with that, but if possible I'd at least like to understand why this is happening.
Microsoft.WindowsAzure.Management.Sql implements the ASM API(Azure old API).
The reason you're getting this error is because you're trying to authenticate/authorize an Azure Resource Manager (ASM) API with application permission.
But Service Management API is a delegated permission and not an application permission.
For more detail information about how to authenticate for ASM and ARM Rest API, please refer to another SO thread.
How can I fix this?
Microsoft.Azure.Management.Sql implements the ARM API. As you mentioned that you could use the Microsoft.Azure.Management.Sql to instand of Microsoft.WindowsAzure.Management.Sql
or you could use X509 Certificate based authorization to authorize your ASM API requests.
For more information about how to authenticate using a management certificate, you could refer to this tutorial.
Note: It is recommanded that to use Microsoft.Azure.Management.Sql to instead of Microsoft.WindowsAzure.Management.Sql
I am trying to create a user using Stripes Connect Api following the Deferred Account Activation
https://stripe.com/docs/connect/deferred-accounts
I am providing the request with what I believe is what is known as the "Platform_Secret_Key" which I think is found in the dashboard's Account Settings > Connect > Platform Settings > ClientId
When I use this in my request as the 'apiKey' I get "Invalid Api Key" error.
However, if I use my account ApiKey, as suggests here https://stripe.com/docs/api#create_account
it errors too with
"You cannot use this method on your own account: you may only use it on connected accounts."
Has anyone been successful? How is this done?
You need to use your platform's secret API key (found in the API keys tab of your dashboard). The client_id (found in the Connect tab) is used to connect standalone accounts via the OAuth flow -- this doesn't apply here since you're directly creating accounts (aka "deferred accounts"), not going through the OAuth flow.
Simply using the create account API endpoint with your platform's secret API key should work. Unfortunately I'm not sure if Stripe.net supports this. The documentation mentions support for the OAuth flow but not for deferred accounts or managed accounts. You might have better luck asking directly on the GitHub tracker for the project: https://github.com/jaymedavis/stripe.net, or maybe someone else will have a better answer for you here!
Google API OAuth 2.0 servcie Account C# ( drive api)
I am only targeting ONE Service Account.
I am looking in authenticating to a service account.
following this example:
Google example
As far I can understand, the token is permanent not 1h like other authentication type. Yet there is no mention of the token in the code.
Do I have to store this token? or do I have to request it every time I want to create the service, using the certificate?
Is the "service" creation code the same as described every time I need it. Or is this just for the very first time I request access to this account?
As I've commented, the article "Using Google Drive API with C#" part 1 and part 2, shows how to store the refresh token and use it to authenticate in the name of app.
It's also warning about the limitations of the service account, in many cases "useless" as you said.
Here's another one implementation of IDataStore.
Hope that help you! =)
Google offers a few options for authenticating users. One of them is Service Accounts which provides more secure communication between your app and Google server while authenticating users.
Normally, if you use Google oAuth library in server side, a shared key is used to authenticate user and to get a token which includes access_token, toke type, refresh_token, expire time. In this case, user should give you permissions.
However, when you use Service account, user is not involved and service account is used for authentication. In this case, in first time, you should use Service Account to get a token and store it in your DB. That way, you will be able to use it next time while sending API calls. And of course, for security reasons, this access token will expire. In this case, you will use refresh_token which returns when you get token for the first time. With using refresh token, you will be able get a new access token.
I am totally lost finding the right API to create a sign up process like Foursquare. I am attaching a document of what I am trying to do. I have already tried OAuth, JavascriptSDK, Facebook.NET API from Codeplex and FacebookToolkit.NET from Microsoft. Nothing looks what I actually need. I think some one experienced can lean me towards where I should go straight.
https://docs.google.com/fileview?id=0B6mlBkccI34zNDNmMGMyNTYtMDY2NS00NmEwLTlkMjQtZjA5NmVmZDMzYzlj&hl=en&authkey=CNPH9LEL
Note: I am trying to achieve this via ASP.NET with C#.
Facebook Graph Api is the best.The url is http://developers.facebook.com/docs/api
The Graph API uses OAuth 2.0 for authorization. Check out the authentication guide for the details of Facebook's OAuth 2.0 implementation.
OAuth 2.0 is a simpler version of OAuth that leverages SSL for API communication instead of relying on complex URL signature schemes and token exchanges. At a high level, using OAuth 2.0 entails getting an access token for a Facebook user via a redirect to Facebook. After you obtain the access token for a user, you can perform authorized requests on behalf of that user by including the access token in your Graph API requests:
https://graph.facebook.com/220439?access_token=...
Check out the PHP example code or the Python example code on GitHub to see a complete example of obtaining an access token for the current user. The steps to obtain an access token are:
Register your application to get an app ID and secret. Your Facebook app ID is your client_id and your Facebook application secret is your client_secret.
Redirect the user to https://graph.facebook.com/oauth/authorize with your client_id and the redirect_uri. The redirect_uri parameter needs to begin with your app's URL. For instance, if your URL is http://www.example.com then your redirect URI could be http://www.example.com/oauth_redirect.
https://graph.facebook.com/oauth/authorize?
client_id=...&
redirect_uri=http://www.example.com/oauth_redirect
After the user authorizes your application, we redirect the user back to the redirect URI you specified with a verification string in the argument code, which can be exchanged for an oauth access token. Exchange it for an access token by fetching https://graph.facebook.com/oauth/access_token. Pass the exact same redirect_uri as in the previous step:
https://graph.facebook.com/oauth/access_token?
client_id=...&
redirect_uri=http://www.example.com/oauth_redirect&
client_secret=...&
code=...
Use the access token returned by the request above to make requests on behalf of the user:
https://graph.facebook.com/me?access_token=...
You are looking for the Facebook Connect API.
More info for the single login process can be found here
You could also leverage OpenID
Your document notes the Yelp signup process, which is very low friction and allows the user's information to be available to the website without having to go through Facebook's authentication process.
Yelp, Microsoft Docs, and Pandora are using a feature of Facebook called Instant Personalization. Instant Personalization is not available to developers as of yet and is only available to those three partners.
That being said, you likely would need to use the Facebook Login Button to allow the user to grant you access to their information (including their friends list).
As far as the process of getting a list of friends, use the graph call "me/friends"
I manage FaceSharp, a .NET open source project to help people get started with Facebook Development and will be adding functionality similar to what you are looking to do in the future, perhaps some of that code will help you in your efforts. It's under the MIT license, so take whatever you want.