I'd like to use the Google Drive API in my C# desktop application. However, I've found the official Google SDK on NuGet to have more dependencies than I'm comfortable with (adding it to my VS2010 project adds 10 additional NuGet packages). I fear these dependencies will clash with other dependencies as my solution grows.
Is there an alternative to this approach that utilizes less dependencies?
Can I utilize a different OAuth 2.0 library or must I use Google's OAuth sdk? Is there anything special about Google's OAuth 2.0 implementation that would hinder the ability to use an alternative OAuth 2.0 library?
Is there an alternative to this approach that utilizes less dependencies?
You could certainly write your own API using the HttpClient combined with the Drive API. The API uses simple Get/Post/Put/Delete/Patch http methods to change files in the google drive.
Can I utilize a different OAuth 2.0 library or must I use Google's OAuth sdk?
Depends. If you wrote your own, then you can use (or write) any OAuth client. The http methods must include the OAuth information in the requests, so writing your own gives you that type of access.
If you are looking for an actual product recommendation, that would be an off topic question (do not ask #5) for stack overflow.
Update
Let talk about how OAuth works at a very very high level. Once the user authorizes your code to impersonate (for lack of better terminology), you get a Authorization Code, which you use to get an Exchange Token.
The Token is the important part. If a pre-build framework does not have any way for you to specify what the Token is it doesn't matter.
If you wanted to authenticate your request yourself, say using C#, when you make a call to access Google Drive API, you'd want to add the Authorization to the Google Headers (or QueryString, but I personally don't like to use the Querystring):
GET /plus/v1/people/me HTTP/1.1
Authorization: Bearer 1/fFBGRNJru1FQd44AzqT3Zg
Host: googleapis.com
Rolling your own is not too onerous.
All of the http calls are documented on this page https://developers.google.com/accounts/docs/OAuth2, in combination with the sub-page specific to your scenario (eg. embedded, web, etc).
Once you think you understand it, go to the excellent Oauth Playground at https://developers.google.com/oauthplayground/ and watch the http traffic.
Provided you can make http calls that match what you see in the playground, you're diamond.
Most of the effort is in handling the various states that your app may encounter:-
invalid grant (eg. Google expired the refresh token)
token expiration
timeouts
user declined auth
You have a choice at the http level. You can use C#'s http directly, or you could use the Google http libraries as mentioned by Erik.
Related
Basically, I have a homework assignment which involves me creating a MVC app in Asp.Net (the standard version, not Core). I need to provide authentication using jwt, but i have to use a separate authentication server, so the token creation and validation are delegated to that server, and if a server like that already exists (perhaps a facebook or twitter authentication server using jwt), i should use it rather than create my own. I am not sure if there is a jwt authentication server which I could use, and I don't know what is the best way to handle jwt tokens, for example if i have a form that submits stuff to a controller action, how to place a jwt token in the request. Any help on this would be much appreciated!
As this is a homework assignment I'm going to try and provide a jumping off point rather than provide code samples or anything.
A JWT can be issued from another authority and used within your own application provided your application is set up to use that authority. For example, in house we use AWS Cognito to store our users, and in each of our web applications we specify that our JWT tokens are being issued by that Cognito user pool.
I've had a quick look around online for any issuers that may provide this service for free, and found the following blog post for Auth0 which boasts being able to support up to 7000 users for free (there may be hidden costs, I haven't looked into it fully)
The tutorial in the blog post seems to follow a .Net standard rather than a core implementation. Hopefully you find this useful and good luck with your assignment!
I am attempting to connect to Yammer using their .NET SDK but I am having a hell of a time managing this... The point of this exercise is to create an application in Azure which periodically - and AUTONOMOUSLY - contacts Yammer and fetches the latest messages from a specific Yammer group.
Does anyone know of the correct way to use the Yammer .NET SDK from, let's say, a console application, which does not rely on a browser (a.k.a. direct user interaction) to successfully connect via OAuth authentication?
What I have tried:
Trying to suss out what to do from the example given on .NET SDK page on developer.yammer.com, you can see under "Standard Process" an example which shows the LaunchSignIn() function with an incorrect signature! The example shows the usage as:
var authResponse = await OAuthUtils.LaunchSignIn(_clientConfig.ClientId, _clientConfig.RedirectUri, ssoEnabled);
whereas the actually signature I get from the dll is:
void OAuthUtils.LaunchSignIn(string clientId, string RedirectUri)
I'll forgive the missing ssoEnabled parameter... but the example claims the function receives a response, from which a Code is then extracted. This is, of course, the piece missing from my attempt to call:
(awaitable) Task<AuthEnvelope> AuthClient.AuthenticateAppAsync(string code)
I have scoured Google for information on the use of the Yammer .NET SDK but have come up empty handed. All manner of examples of connecting to Yammer but none are in any way relevant to the .NET API. The only thing in any way relevant that I have seen is the Yammer .NET API example uploaded, apparently, by the person who developed it, who posted the code on GitHub. I have checked this example but the two parts in it - one for Windows Phone and one for Windows "Modern App" - both rely on a Browser object being available, or something to that effect anyway. There are redirects, I'm supposed to have a RedirectUri for Yammer to direct me... So does this other example - which was the ONLY other example of using the .NET SDK that I could find.
I imagine that the reason the signature is different is because this isn't actually the same function at all. The one I am trying to use is in Yammer.Oss.Api.Utils whereas the example application doesn't even have the letters Utils together other than in the name of the class OAuthUtils... which leads me to believe that it is possibly under Yammer.Oss.Core.WinRT which, as luck would have it, I cannot reference at all... Yammer.Oss.Core only contains Collections, Constants, Extensions and Serialization.
By the way, in the announcement of the .NET SDK (see first link above), the link to documentation for the SDK leads to the Yammer Support page.
Skip the .NET SDK and just do the authorization yourself using the server-side flow. Then make the requests with HttpClient and add the Authorization header. The SDK might be helpful with some Modern Apps but it's overkill for most people. When working with the API manually the worst thing you'll have to deal with is deserializing the JSON responses with JSON.NET, or other JSON library.
You don't say what you are trying to build, but AFAIK WebJobs don't have a UI so you'll need to do the authorization from a console app or website. Then store the resulting OAuth token somewhere that the WebJob can access it. If you have need an OAuth token per user you'll need to store those in a database, but make efforts to protect them because each OAuth token provides access to their Yammer account.
I'm rather new to Web development so bear with me.
I've developed a backend server in C# (non-web app) that exposes some features via a REST API implemented in Web API (OWIN and Katana).
I've developed a Xamarin android app the consumes that API.
Now I want to enable the consumption of the API only for users who have authentication using Google.
I know OAuth is the way to do it and I've been reading a lot about it but I'm still kind of confused about the roles here and who should do what.
What should my server do or implement? what should my client do or implement?
An important feature of OAuth2 to be aware of is the two different authentication flow types:
implicit auth flow
explicit auth flow
I've personally found the Instagram API documentation to explain this pretty well:
https://instagram.com/developer/authentication/
Explicit auth flow is a little more tricky because it involves extra coordination on the part of your custom API. Implicit auth flow is a little easier, because your app will simply look for a URL fragment that comes back from the OAuth provider. That URL fragment contains a token that you can use for subsequent calls to the API that you want to talk to, Google in your case.
But in your case, it sounds like you want to use Google as the identity provider for your custom API, correct? In that case, I think you'll need to use explicit auth flow. Again, check out the Instagram docs. I find them to be particularly good at explaining OAuth2.
EDIT:
And be aware of the Xamarin.Auth component, which is designed for easing OAuth scenarios. You can find it in the Xamarin Component Store or on Github.
I'm looking for the easiest way to authenticate against google oAuth 2.0 implementation for the purpose of accessing the google Drive API. These are the constraints:
It has to be .NET 2.0 compatible
Can not use the google libraries
I'll be using a service account to do work on behalf of specific users
I've looked at DotNetOpenAuth, but the version for the .NET 2.0 runtime doesn't seem to support oAuth 2.0 (google has deprecated oAuth v1, which DNOA supports, of course).
Google's documentation is confusing, at best (witholding explitives here).
Not sure if this will help but the since you mentioned direct JSON, XML, etc. Google has a UI that simulates and generates requests as well as provides some limited documentation that might get you started on creating such code:
https://developers.google.com/apis-explorer/#p/
https://developers.google.com/oauthplayground/
The following provides some additional info on the login:
https://developers.google.com/accounts/docs/OAuth2Login
Far from exhaustive but it's a start if that's your angle.
I would like to use oAuth as a system to allow developers access to my API but not require them to pass through the login information.
There does not seem to be any good how-to's or blogs on this topic. Everything I have found is based on consuming an oAuth system such as Facebook or twitter. Wondering if anyone has any links to good instructions or libraries that could get me started. If there are no examples out there perhaps someone could consider writing one, the community really needs it.
Using OAuth to login is actually a side-effect, not the main goal of the protocol. The best place to start with providing an OAuth-protected API is the protocol specification and since this is a new service, you should take a look at OAuth 2.0 1. It is pretty much done and ready for deployment.
To implement OAuth 2.0 you will need to make a few important decisions about which features you are going to support and your scaling needs. There are also a lot of security considerations to go through. I would suggest you start with supporting the authorization code and implicit grant types.
I would look into DotNetOpenAuth. It should work for your needs, but I've only used it for the OpenID stuff.