Im using Facebook C# SDK to post and fetch data. These simple tasks took forever to get running properly. Now I need to notify my webpage(ASP.NET C#) about changes on the specific facebook page so the webpage knows then it should fetch new data.
I have looked at this page : https://developers.facebook.com/docs/graph-api/real-time-updates/v2.2
But as usally with facebook documentations it misses to explain in detail how it works and how to get it working. Where exacly do I create the subscriptions? It says /{app-id}/subscriptions but I have tried this url with my app-id but no page is found?
I have tried to find examples on how to set this up but to no sucess.
Could someone please explain how this works? What do I need to do exacly to get this running?
Facebook subscription works by pinging a URL you own every time data has changed. You need to add a URL you own as a callback URL for Facebook subscriptions to work with
POST /v2.2/{app-id}/subscriptions HTTP/1.1
Host: graph.facebook.com
object=page
callback_url=http%3A%2F%2Fexample.com%2Fcallback%2F
fields=feed
verify_token=thisisaverifystring
In the above API request a POST request is made to add http://example.com/callback/ as the callback URL subscribing to the feed edges of the page object (a page object that the session user owns)
In your callback URL you must have it handle two actions
the initial callback (Handling Verification Requests via the verify token)
saving updated subscriptions (Receiving the Real Time Updates)
Here is an example of what it looks like in PHP
<?php
if ($_REQUEST['hub_verify_token'] === 'thisisaverifystring') {
echo $_REQUEST['hub_challenge'];
}
$file = 'sample.txt';
$inputJSON = json_decode(file_get_contents('php://input'));
file_put_contents($file, file_get_contents('php://input') );
?>
Related
Currently I have a slack button in my WPF application that opens a webpage and asks for user for access.
System.Diagnostics.Process.Start("https://slack.com/oauth/authorize?scope=client&client_id=XXXXXXXXXXXXXXXXXXXXXX");
After authorizing, the page gets redirected to a URL which has a generated code in the parameter that I need to get a token later on. The problem is how do I get this code. For now I have set the the redirect URL to, www.slack.com. And the following url is generated.
https://slack.com/?code=8XXXXXXXXXXXXXXX.XXXXXXXXXXXXXX5&state=
How do get the code back into my application. I am using the following but am not getting the response I need and this executes before the user can even authorize.
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(URL);
var response =req.RequestUri.ToString();
Alternative solutions and suggestions would be good to implement my authorization for a desktop application using C#.
As part of the oauth process Slack will call your application using the redirect url and return the code parameter. So you the redirect URL needs to point to your application. Not to slack.com.
You will need to read the url parameters that your application as been called with. In C# that can be done with code = Request.QueryString["code"];
Your c# application needs to run as ASP script on a webserver that is accessible from the Internet, so that Slack can reach it.
In order to use Slack for authentication your application needs to implement the complete oauth process as described here.
I've set up an HttpListener running on port 8086 on my custom server application, which works with JSON and XML over sockets. I can't change my server application to any other implementation, I am stuck with it for now.
I'm a bit new to Http, so feel free to correct my naviety below! I've searched, but can't find anything that deals with my exact problem.
When I use Hurl.it to send an HttpRequest to the server, the GetContext function fires no problem and I am able to send an html response back to Hurl.it.
Now, the question is, I want to be able to send out Reset Password email links in the form of "http://myip:PORT/resetpasswordseed=74283235" and have a browser be able to receive, parse and display a dynamically generated html form. (I will also need to add SSL to this a bit later, as I don't want a newly updated password being sent as plain text in a URL.)
Now, when I click the URL link http://myserverip:port/resetpassword with Edge or Firefox the GetContext function does not fire and the web browser times out. Have I missed something or am I trying to do something that is not possible? I don't get an error message or an exception or anything.
Any help would be appreciated.
Cheers
Craig.
I want to send new thread in vbulletin forum through the application i made in C Sharp. As thread submission needs security token so i have to add that while submitting and also need to login to forum.
For vbulletin forum i want send post through my application. structure is like this.
Ex:
Url of forum : http://myforumurl.com/forum
Thread need to submit url : http://myforumurl.com/forum/newthread.php?do=newthread&f=01
So how can i submit the thread which have string data of Tag + Title + Message to submit url i.e http://myforumurl.com/forum/newthread.php?do=newthread&f=01
And i also need to send my Username and Password to that forum while submitting.
You need to send an HTTP POST request to the server. You can do this using the WebClient class. The request will need to contain all the fields a browser would typically submit, as well as the session cookies. You can get the session cookies by sending another POST request first, one that the browser would send when you log in.
To see what the browser sends, you could use a Firefox addon like HttpFox, or just use the built-in features that both Chrome and Firefox have these days.
I doubt anyone is going to just post the complete code for you though.
I'm just trying to make an yahoo boot that send to registered user of my application an instant message. I've spent some hours searching the web on how to do it but yahoo developer documentation sucks.First of all I don't know what servers I should use for authorization, log in, and messaging. I have a consumer key and I've tried to follow this steps but nothing works.
Any advice/suggestion is welcome.
The documentation looks to be very good, I think the issue here is that your knowledge of how REST API's work in general is a bit lacking.
Let's talk about diagram #2: Get a request token using: get_request_token.
get_request_token is part of an HTTP endpoint, and in their diagram they want you to pass in a handful of parameters to validate your request.
oauth_consumer_key
oauth_nonce
oauth_signature_method
etc
(If you need more clarification of any step you can find it in the tree view on the left hand side of the page)
The request URL:
https://api.login.yahoo.com/oauth/v2/get_request_token.
Now at this point you can either use the HTTP GET or POST verb. If you decide to use GET you will need to include those above parameters as a query string.
?oath_consumer_key=myConsumerKey&oauth_nonce=oathNonce etc
I will leave it to you to write the associated C# code. You'll want to start off with the HttpWebRequest.Create() method
I am developing an application in which I am displaying products in a grid. In the grid there is a column which have a disable/enable icon and on click of that icon I am firing a request through AJAX to my page manageProduct.aspx for enabling/disabling that particular product.
In my ajax request I am passing productID as parameter, so the final ajax query is as
http://example.com/manageProduct.aspx?id=234
Now, if someone (professional hacker or web developer) can get this URL (which is easy to get from my javascript files), then he can make a script which will run as a loop and will disable all my products.
So, I want to know that is there any mechanism, technique or method using which if someone tries to execute that page directly then, it will return an error (a proper message "You're not authorized or something") else if the page is executed from the desired page, like where I am displaying product list, then it will ecxecute properly.
Basically I wnat to secure my AJAX requests, so taht no one can directly execute them.
In PHP:
In php my colleague secure this PHP pages by checking the refrer of the page. as below:
$back_link = $_SERVER['HTTP_REFERER'];
if ($back_link =='')
{
echo 'You are not authorized to execute this page';
}
else
{
//coding
}
Please tell me how to the same or any other different but secure techique in ASP.NET (C#), I am using jQUERY in my app for making ajax requests.
Thanks
Forget about using the referer - it is trivial to forge. There is no way to reliably tell if a request is being made directly or as a response to something else.
If you want to stop unauthorised people from having an effect on the system by requesting a URL, then you need something smarter then that to determine their authorisation level (probably a password system implemented with HTTP Basic Auth or Cookies).
Whatever you do, don't rely on http headers like 'HTTP_REFERER', as they can be easily spoofed.
You need to check in your service that your user is logged in. Writing a good secure login system isn't easy either but that is what you need to do, or use the built in "forms authentication".
Also, do not use sequential product id's, use uniqueidentifiers, you can still have an integer product id for display but for all other uses like the one you describe you will want to use the product uniqueidentifier/guid.