I am developing a website using ASP.Net and I want to integrate Social Network that gives the user to share a page to their Facebook, twitter,Google plus, linked in and other accounts
These sites will use OAuth, which you will need to integrate into your site.
For example, you could create a Facebook Application using the developers section on Facebook and then use the c# Facebook API from your ASP.Net application to authenticate with the application and post content to the users timeline. I implemented something like this recently, it's pretty simple to do.
You won't have a 'universal set of credentials' for all of the social media that you have mentioned, so you would need to manage and perform OAuth for each of the different Media, e.g. As well as post to Facebook, create a tweet for the user as well.
It's certainly possible, there are Social Marketing applications that do something like this, you just need to manage the access to the OAuth partners.
Just remember, never store credentials that the user has entered in your site. They are not managed by your site so you should never attempt to store them or do anything with them, always delegate to the 3rd party site and receive your access token back. That's all your application should be interested in
Have a read up on how OAuth works. Also, visit each sites developer documentation to see how their specific implementation of OAuth works. There are c# client applications for accessing the sites (c# facebook api, c# twitter api etc etc)
Related
We are developing an app that intended to access website data of other websites owners who are registered on our app.
What we want that user will login into their gmail account and provide our app access to their google analytics account for their website.
We need complete implementation using c# of google analytics API where we can ask user to give our app access. Any help will be highly appreciated.
You need to use Google Analytics Reporting API. There is quick start guide is available for the Java, Python and PHP. I have created custom reports in PHP.
Use this link: https://developers.google.com/analytics/devguides/reporting/core/v4/
Here you can use REST APIs in your C# application:
https://developers.google.com/analytics/devguides/reporting/core/v4/basics
We have several Intranet websites that use MVC + .NET windows authentication. And then we have some Java based apps developed by 3rd party - which can be configured to use LDAP authentication. Both sets of apps use the same company URL, for instance, dotnet-app.company.org and java-app.company.org, and both sets use the same username.
Once a user has been authenticated against a .NET app, is there any way I can "post" that user information to Tomcat which can then generate a cookie for the user so they don't have to authenticate twice?
I have authorization to modify code on the .NET app only not on the Java app.
You are probably looking for a one sign-in option like on gmail and other google services. And yes, cookies are what you must be looking at.
I don't know how java authentication works(I assume it is Session based), and there is where you must read in user cookie information to get authentication details. On .NET, you will have to write custom logic in FormsAuthentication_OnAuthenticate in Global.asax file.
I have an application running on a server that periodically extracts data from Google Analytics. It doesn't issue many queries so I don't think any limit would be a problem.
I have a prototype running, however I had to provide a login a password for the authentication (in code).
I see that I can generate API keys and other kind of authentication bits and pieces in the Google APIs Console, however I am not sure how to use them and whether they can be used in place of the login/password.
It just doesn't seem right to use a user login/password to authenticate a server application.
Is there another way?
(I am using the C# client library)
You should be using OAuth 2.0. See:
http://code.google.com/p/google-gdata/source/browse/trunk/clients/cs/samples/oauth2_sample/oauth2demo.cs
for a sample OAuth workflow.
The best way to do this is with Google Service Accounts
https://developers.google.com/accounts/docs/OAuth2ServiceAccount
However, I don't know off the top of my head the best library for c#, but there does appear to be support for it in the Google library. http://code.google.com/p/google-api-dotnet-client/wiki/OAuth2#Service_Accounts
Here's a answer specifically about the PHP client.
Service Applications and Google Analytics API V3: Server-to-server OAuth2 authentication?
all
I successfully can use OAuth to work with GA service, there are a lot of code already written for this. And for security purposes, i can't store user google account credentials.
So, i prefer to use OAuth.
But, i can't found any examples how to use OAuth with Google Adwords / AdSense services.
Because they use SOAP and ClientLogin, but on this page http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html
Google suggest to use OAuth instead of ClientLogin (but at this page http://googlecodesamples.com/oauth_playground/ no AdWords / AdSense scopes defined)
Does anyone have a solution?
Thx
You can leverage Google's OAuth libraries quite easily to accomplish this, but the AdWords API is a little more tightly controlled than other Google API services.
The AdWords SDK includes an AdWordsUser entity which handles OAuthing for you, you just need to configure it properly.
Step 1: Sign up for the AdWords API. Upon approval, you will get a developer token.
https://developers.google.com/adwords/api/docs/signingup
Step 2: Create an application at the Developers API console.
Go to https://console.developers.google.com
Click on Credentials
Create a new "Client ID", which will generate Client ID and Client Secret credentials. Make sure you pick the right application type (native/embedded vs web application). You will need to whitelist the redirect URLs of your own application here to allow the end user to bounce back to the app. If this is a server-side application, choose "Client ID for native application". You will use fancy things like refresh-tokens to gain access.
Step 3: Grab an Adwords SDK in the language of your choosing (https://github.com/googleads) and configure it with the credentials needed.
Note
When requesting scopes in OAuth if you're not using the AdWords API Client SDK, make sure to include the scope "https://www.googleapis.com/auth/adwords" otherwise the credentials you get back won't actually let you do anything against the AdWords API. This is critical! (http://googleadsdeveloper.blogspot.com/2014/07/new-oauth-20-scope-for-adwords-api.html)
I am in the processing of developing a web application which will integrate directly with a Google Calendar associated with a specific Google account. The account being accessed by the Google Data API is not likely to change, so I'm unsure what the most appropriate account authentication method is going to be.
I've reviewed the options avilable and it would seem that AuthSub and OAuth are inappropriate as I will not be logging users into their own account- only displaying and updating a fixed account. The other options available are ClientLogin and Gadgets authentication. Of all of them, ClientLogin seems the best fit, but the documentation states that it is intended for installed applications. While the web application I am developing is not specifically an installed application, it closely mirrors one in this scenario- which is why I think ClientLogin makes the most sense.
Which Google authentication option would be the best fit in this scenario?
After reading http://code.google.com/apis/gdata/docs/auth/overview.html it seems to me that OAuth is the most secure way to achieve your goals. Google recommends OAuth or AuthSub over ClientLogin for Web Applications. In addition using OAuth and AuthSub prevents your application from ever having control of the users email and password meaning you dont need to take the extra steps to protect and update the information. Between OAuth and AuthSub, OAuth is more universally adopted, and more secure due to the fact that requests are signed. Hope that helps.
EDIT: So I misunderstood exactly what your application was doing, if you are only using your google account any method of authentication is probably fine, that said google recommends OAuth or AuthSub for web apps. However the important thing to find out about OAuth and AuthSub is what the life of the token is. If there is no way to make the token last for a long time (months, years) then I would try to use ClientLogin, because then your application will always be able to login to the account. As a side note however for security I would recommend you NOT use your primary google account for the application instead create a second account and simply share the calendar with your primary account, that way if you application was compromised you would not lose your primary google account.