I am working on a password reset application, which works on Google domains. I used .net provisioning API. I goggled and tried everything but didn't find any way to change password.
Following link is used https://developers.google.com/google-apps/provisioning/#updating_a_user_account
I found a very easy way
AppsService service = new AppsService("domain", "adminusername", "adminpassword");
UserEntry user = service.RetrieveUser("viresh1");
user.Login.Password = "newpassword";
service.UpdateUser(user);
Related
I have a C# application using version 2.0.1.0 of the Rally Rest API for .NET. The application will successfully query Rally for data, but when I try to create an object, an error is returned indicating invalid key. This issue started today and is occurring for multiple users of the application.
I use the following line of code to authenticate.
myRestApi = new RallyRestApi(Rally_username, Rally_password, Rally_URL, "v2.0", myProxy);
I have read some help online indicating the need for a security token, however this note makes me feel like that is not needed: "Note: When using any of the Rally REST Toolkits or the App SDK this will be automatically handled. "
I have tried updating to version 3.0 (Beta), but this does not resolve the problem.
There are reports that using ApiKey instead of basic authentication with username/password resolves the invalid key error.
Rally .NET toolkit supports ApiKey authentication.
The constructor for v2.0.1:
restApi = new RallyRestApi("_abc123","https://rally1.rallydev.com","v2.0");
The constructor for v3.0.1:
restApi.Authenticate("_abc123", "https://rally1.rallydev.com", allowSSO: false);
I was getting the same error and noticed it was not recognizing my username and password that I had stored in the <appSettings> section of Web.config.
For some reason it would not allow them to be read so I decided to store the credentials elsewhere, in Properties => Settings of my app and it has worked ever since.
Here's a code snippet of how the Rally API initialization looks like for me:
RallyRestApi restApi = new RallyRestApi(webServiceVersion: "v2.0");
string user = Properties.Settings.Default.username;
string pass = Properties.Settings.Default.password;
string rallyURL = Properties.Settings.Default.rallyURL;
restApi.Authenticate(user, pass, rallyURL, proxy: null, allowSSO: false);
Hope it helps!
I am not sure if there any libraries(if anyone knows any please let me know) out there that make it easier to use googles api. I know they have classes for .net but they don't seem to work with Windows Phone 7.
I am trying to figure out how it all works but I really find Google's documentation confusion and missing lots of steps.
I decided to try to at first to use their library in an asp.net mvc application before trying to figure out how to do it all with REST requests in a WP7 app.
I am stuck at trying to figure out how to do the Oauth to validation user so I can get their contacts.
RequestSettings settings = new RequestSettings("<var>Test</var>");
settings.OAuth2Parameters = new OAuth2Parameters
{
ClientId = "",
ClientSecret = "",
};
// Need some Code here to validation user so I can then get their contacts.
ContactsRequest cr = new ContactsRequest(settings);
var c = cr.GetGroups();
There is an OAuth NuGet package (DotNetOpenAuth) available, providing authentication through Google, Twitter, Facebook, MSN and possibly more.
Maybe you have more luck with that.
I've got credentials of an account with access to Google Analytics,
I'm looking to utilise the Analytics Core Reporting API http://code.google.com/apis/analytics/docs/gdata/home.html
I've found examples which use username/password calling setUserCredentials, but have seen comments this is less secure/has a low request limit (And doesn't exist in the lastest client).
Plus I've seem examples which use oauth, but require user interaction and grant access to the users google account.
However I'm looking to run a service which doesn't require any user interaction, and connects to a predefined google account (un-related to the user viewing it).
I can then store the results in a database, and end users can query the results from the database.
I've seen information about using AccessType = Offline when you first login, which then returns an access token and a refreshtoken.
http://code.google.com/apis/accounts/docs/OAuth2WebServer.html#offline
In my example though, the end user will never login to the application.
Could I have a seperate admin application which gets a refresh token, and stores the refresh token in the config/lookup table?
Then the main application can use the refresh token pulling from the config/lookup table, and get an access token to be able to query the Google Analytics account.
I'm looking for a C# example which uses AccessType = Offline, and seperates out the fetching of the refresh token and using the refresh token to get an access token to query the google analytics account.
Create your app https://code.google.com/apis/console/
For you App, turn on access to Google Analytics, and create an OAuth 2.0 client ID for your website.
Browse to:
https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=YOUR_APP_ID.apps.googleusercontent.com&access_type=offline&scope=https://www.googleapis.com/auth/analytics.readonly&redirect_uri=HTTP://YOUR_CALL_BACK_URL
Having changed YOUR_APP_ID, YOUR_CALL_BACK_URL to the relevant values.
Important to include access_type=offline.
Press Grant Access, this will redirect to HTTP://YOUR_CALL_BACK_URL?code=THIS_IS_YOUR_CODE. Copy the code in the URL.
With the code, request the Refresh Token using CMD prompt.
curl -d "code=THIS_IS_YOUR_CODE&client_id=YOUR_APP_ID.apps.googleusercontent.com&client_secret=YOUR_APPS_SECRET_CODE&redirect_uri=HTTP://YOUR_CALL_BACK_URL&grant_type=authorization_code" https://accounts.google.com/o/oauth2/token
Having changed THIS_IS_YOUR_CODE, YOUR_APP_ID, YOUR_APPS_SECRET_CODE, YOUR_CALL_BACK_URL to the relevant values.
Record the refresh_token returned.
Download the latest version of the Core Reporting V3.0 .net libraries
http://code.google.com/p/google-api-dotnet-client/wiki/Downloads
There is a bug in the current version of Google.Apis.Analytics.v3.cs, to fix this copy the code in this file to your local solution (And don’t reference Google.Apis.Analytics.v3.bin)
http://code.google.com/p/google-api-dotnet-client/source/browse/Services/Google.Apis.Analytics.v3.cs?repo=samples&name=20111123-1.1.4344-beta
And change the property Dimensions from a List<system.string> to a string.
Or you'll get an error like me and this guy did http://www.evolutiadesign.co.uk/blog/using-the-google-analytics-api-with-c-shar/
You can then use your Refresh Token, to generate you an Access Token without user interaction, and use the Access Token to run a report against Google Analytics.
using System;
using DotNetOpenAuth.OAuth2;
using Google.Apis.Authentication.OAuth2;
using AnalyticsService = Google.Apis.Analytics.v3.AnalyticsService;
class Program
{
public static void Main()
{
var client = new WebServerClient(GoogleAuthenticationServer.Description, "YOUR_APP_ID.apps.googleusercontent.com", "YOUR_APPS_SECRET_CODE");
var auth = new OAuth2Authenticator<WebServerClient>(client, Authenticate);
var asv = new AnalyticsService(auth);
var request = asv.Report.Get("2012-02-20", "2012-01-01", "ga:visitors", "ga:YOUR_GOOGLE_ANALYTICS_ACCOUNT_ID");
request.Dimensions = "ga:pagePath";
request.Sort = "-ga:visitors";
request.MaxResults = 5;
var report = request.Fetch();
Console.ReadLine();
}
private static IAuthorizationState Authenticate(WebServerClient client)
{
IAuthorizationState state = new AuthorizationState(new string[]{}) { RefreshToken = "REFRESH_TOKEN" };
client.RefreshToken(state);
return state;
}
}
Great Answer Ian and it helped me to get going in the correct Direction more than any other answer I could find online. Something must have changed in the AnalyticsService object because the line:
var request = asv.Report.Get("2012-02-20", "2012-01-01", "ga:visitors", "ga:YOUR_GOOGLE_ANALYTICS_ACCOUNT_ID");
did not work for me and I had to use the following:
var request = asv.Data.Ga.Get("ga:YOUR_GOOGLE_ANALYTICS_ACCOUNT_ID", "2012-01-01", "2012-02-20", "ga:visitors");
Hopefully this will help others like your answer helped me. Thanks!
Ian's answer helped me a lot but I kept getting an error running the curl command. Did some research and found that the steps to get the access code and refresh token can be made easier by going to https://code.google.com/oauthplayground/ and checking your oAuth configuration settings. Top right of the page there is a settings button. selected "Use your own OAuth credentials". You can get your access code and request a refresh token all from here.
Hope this helps.
You can manually get a refresh token from the OAuth Playground.
If you are needing a refresh token for a Service Account as I was, make sure you
Click on the settings on the right.
Check Use your own OAuth credentials
Fill in your Client ID and Secret
Close the settings
Click the Refresh button on step 2
Then save the refresh token for use in your app
I'm trying to create web page that access the (business) private calendar of the company and insert events if the time slot is available. Still I'm facing an authentication problem.
The API manual states that I should use an API key and Oauth2LeggedAuthenticator, so I did all this and the request that is fired is quite okey (it has a oauth token and such) But still the response is an exception with Invalid Credentials; Easy to say is that my credentials are wrong, still clientID, clientSecret and API Key are valid; I doubt the 2 last params of the 2legged authenticater, is this correct?
var provider = new NativeApplicationClient(GoogleAuthenticationServer.Description);
provider.ClientIdentifier = ClientCredentials.ClientID;
provider.ClientSecret = ClientCredentials.ClientSecret;
var authenticator =
new OAuth2LeggedAuthenticator(ClientCredentials.ClientID, ClientCredentials.ClientSecret, "myworkusername", "workdomain.com");
Google.Apis.Calendar.v3.CalendarService service = new Google.Apis.Calendar.v3.CalendarService(authenticator);
service.Key = ClientCredentials.ApiKey;
var result = service.CalendarList.List().Fetch();
Assert.IsTrue(result.Items.Count > 0);
NB: At the time of writing you can only used 2-legged authentication with Google Apps for Business/Eduction, this won't work on personal accounts as there's no way to get an OAuth 1.0 key/secret pair, you will have to use online authentication at least once (but you can use the out-of-browser option so you don't have to create a dedicated page).
Your code is correct apart from you don't need the first three lines relating to the NativeApplicationClient. This is most likely failing because you haven't properly set the OAuth keys, this causes 401s.
The other thing that causes 401s is using "matt#example.com" instead of "matt" as the username, the username is without including your domain.
To setup OAuth follow the instructions in this article from Google.
The most important parts to note are "Allow access to all APIs" must be unchecked and you have to individually grant access to all the APIs. If this hasn't been done you will get a 401 Invalid Credentials error. You then also need to turn those services on in the api console. If the api console step hasn't been done you will get a different error of 403 Daily Limit Exceeded.
This will cause you problems if you were previously relying on the "Allow access to all APIs" to use various services, you will have to grant them all individually as far as I understand it to use the v3 APIs. This seems to have been confirmed by google (4th reply by Nicolas Garnier) and is supposedly a bug, but that is an old post so it looks as if it's here to stay.
For reference once this has been done, this code will work, which in essence is the same as yours:
var auth = new OAuth2LeggedAuthenticator(domainName, consumerSecret, usernameWithoutDomain, domainName); //domainName is presently used as the OAuth ConsumerKey for Google's 2legged OAuth
var service = new CalendarService(auth);
service.Key = serviceKey;
var results = service.CalendarList.List().Fetch();
Console.WriteLine(results.Items.Count);
So in summary:
In Google Apps "Manage this Domain" > "Advanced Tools"
Using "Manage OAuth domain key" enable key, generate secret, uncheck "Allow access to all APIs".
Using "Manage third party OAuth Client access" enable the APIs you want access to using your domain as "Client Name" and the APIs you want to access e.g. "http://www.google.com/calendar/feeds/" for the calendar.
Then finally create a project in the API console, use the APIKey as the serviceKey in the above example and turn on the APIs you need to access.
I am answering this as I kept hitting this question when I was trying to find out why my code was constantly returning 401s. Hope this helps someone as the Google instructions are awful and scattered all over the place at the moment.
I'm developing an intranet application. The application is working on an IIS on a windows server 2008. I'm using C# for coding the ASP.NET.
So, I only want to allow the domain users who are member of the OU ICT.
I don't want a login form, just an automatic authentication.
Sql Server Reporting Services works like this. Users don't have to login and the security is based on the AD. -> exactly what I'm looking for.
I have tried several ways, like with WidowsImpersonationContext I hit a dead-end on the OU.
If there would be anyone who can help me, I would be very thankful.
Solved the part where I check if the user is in the group/ou.
But I can't get the windows user from the client machine without logging in.
Greetings, Jeff
I´m not to sure about the mixture between OU´s and Groups here, but maybe the following will help you:
Reference System.DirectoryServices.AccountManagement,
var pc = new PrincipalContext(ContextType.Domain);
var user = UserPrincipal.FindByIdentity(pc, IdentityType.SamAccountName,"DOMAIN\\USER");
var g = System.DirectoryServices.AccountManagement.GroupPrincipal.FindByIdentity(pc, IdentityType.DistinguishedName, "Everyone");
var check = user.IsMemberOf(g);
HTH
Dominik