I'm currently attempting to use the OAuth 2.0 User-Agent Flow with a clientside C# application, and I'm running into some confusion relating to the redirect URI.
Because I'm working with a clientside application, I cannot supply a standard redirect URL to a web server. However, according to the people I'm trying to authenticate with (Salesforce, in this instance), the User-Agent Flow is the correct one to use for a clientside application.
My question is, what can I do to catch the access token in this situation? Apparently I can create a "local resource accessible to the client," but I'm unfamiliar with the mechanics behind this, and I can't find any resources on the topic (partly because I don't know what to look for).
Any pointers as to where I should start looking would be greatly appreciated.
Edit: Some more digging has revealed the following stackoverflow question:
How do I develop against OAuth locally?
I'm doing some more investigating with what they suggested, but any other suggestions would be great as well.
Edit: Some more searching revealed this article:
http://sarangasl.blogspot.com/2010/09/create-simple-web-service-in-visual.html
Still feels like I'm poking around in the dark without an understanding of the larger picture, but I believe I need to set up a local web service using localhost and point my redirect URI there. I'll then use my web service to unwrap the response from the OAuth server and have my application respond appropriately. More updates to come.
Ooookay. So from what I've been able to gather, I need to set up a local web service to supply as the callback for OAuth. I need to listen on said web service myself and catch the callback to pass it to my app. However, the default ASP.NET web service provided by VS2010 does not support URL parameters, just API calls, so I apparently need to use the WCF Rest starter kit instead.
I am completely foreign to all of this, so any tips would be a godsend at this point. In general, I'm thinking I set up a local WCF Rest service, supply that local URI to OAuth as the callback, and then catch the callback URL using the Rest service. Then I parse the URL and extract the access token. At this point, does my app request the access token, or can my web service "give" the token to my app? I.e., where should the locus of control be?
Figured out a clever way to work around this. Instead of setting up a service to listen for OAuth's redirect URL, I embedded a WebBrowser control inside my Windows form.
I pointed this embedded WebBrowser to the authentication URL and let the user log in and authenticate with Salesforce and grant permissions to my app. Then, I let Salesforce redirect my embedded browser to a dummy redirect URL that I supply. This redirect never actually goes anywhere, it just shows up as a 404.
However, by monitoring WebBrowser.Url, I can pick up the entire URL that my embedded WebBrowser control is directed to, including the access token that is appended by Salesforce. Basically, after the user authenticates and grants permissions, the embedded browser is redirected to "http://www.dummyurl.com." Salesforce appends the access token, so WebBrowser.Url ends up looking something like this:
http://www.dummyurl.com#access_token=ABCDEF&instance_url=ABCDEF
From here, I can just parse the URL and go on my way. No third-party web server or local web service required. :)
The call the Authorization type you need Authonomous Client http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com#Obtaining_a_Token_in_an_Autonomous_Client_.28Username-Password_Flow.29. Read about the URL you have to send there.
grant_type=password&client_id=<your_client_id>&client_secret=<your_client_secret>&username=<your_username>&password=<your_password>
You can use DotNetOpenAuth library. There's an example using WPF, where it uses a winforms control called ClientAuthorizationView provided by DotNetOpenAuth library.
It is a control that hosts a browser allowing the user to authorize the client without leaving the application.
Hope this help.
Regards
Related
I wanted to upload files to Google Drive using Google Drive API in ASP.NET MVC C#.
While doing that I have followed the below URL:
https://qawithexperts.com/article/asp-net/upload-file-to-google-drive-using-google-drive-api-in-aspnet/236
While implementing the code after calling my API google redirect to an error page showing
Error 400: redirect_uri_mismatch
I want to clarify that I have mentioned the right/correct URL as mentioned in the project properties please look into my issue.
I am attaching the screenshot which contains the redirect_uri.
The redirect uri must exactly match the one you have registered in Google developer console
If we look at your image you have the following two redirect uris registered
http://localhost:60581/
http://localhost:60581/api/TwilioWP/CallGoogleAPI
This means that Google will accept only those two redirect uris from your application. The test is an exact match.
Now if we look at the error message we can see that your application is sending
http://127.0.0.1:57628/authorize/
As you can see this does not match the ones you have registered. What you should do is copy that one and add it.
Note if your ide is changing ports you need to set it to a static port or its not going to work. It needs to match exactly
Google OAuth2: How the fix redirect_uri_mismatch error. Part 2 server sided web applications
Your reall issue.
The tutorial you are following uses GoogleWebAuthorizationBroker.AuthorizeAsync This method is designed for use with an installed application. So in fact the credentials and client type you are using is wrong. If you want to use that code you need to create native or desktop client.
If you try to host this as it is it will attempt to open the web browser on the server. When what you need to do is open the web browser for user consent on the users machine. You should be following web-applications-asp.net-core-3 if you want to be able to authorize a user using your web application.
I offer you my tutorial on Asp .net core 3 and Google login which has a link to the YouTube video on the same topic.
So the real cause of your problem is that you are using code for an installed application which has a default redirect Uri of http://127.0.0.1:{Port}/authorize/ and you are trying to use this for a web application. Which will need to have the host set to that of your web domain.
I have been in touch with the author of the tutorial you are following. I suspect they will be addressing the issue soon. Twitter thread
I am trying to work with the asana API in my C# Windows Application and have several questions I'd like to ask.
When you register your application with asana, it wants to know APP NAME, APP URL, REDIRECT URL. If it's a windows application, what values might I supply for the second two prompts?
When that is entered, you get a client id and a client secret. Is this completely different than the apikey? Is the former for OAuth and the latter for asana, or does asana work in conjunction with OAuth?
Basically I want to take a request like this: https://app.asana.com/api/1.0/tasks//stories?opt_pretty and get back in my application the same json I see when I issue the request in my browser.
You can provide localhost
You should definitely have a look at https://asana.com/developers
Your answer is there https://community.asana.com/t/can-a-windows-application-be-registered/23381 !
Good luck ;)
I've created a Windows Console Application that uses the Google Sheets API, following this link and it worked perfectly.
However when I try to build a Windows Service to do the same thing, it freezes at Authorization, presumably because the web page doesn't popup allowing me to authorize it (which makes sense for a Service).
How can I authorize it? The link says
If this fails, copy the URL from the console and manually open it in your browser
which would be great if I knew what the URL was.
Not a definite answer, but OAuth is designed rather for interactive scenarios involving users.
For service, you should create service account in google developer console and create private key for it (https://developers.google.com/identity/protocols/OAuth2ServiceAccount).
Then you have to change your code to use JWT authentication token derived from private key created in first step.
Someone already answer how to do it in C#: Is there a JSON Web Token (JWT) example in C#?
I am building a Desktop application that interacts with Google Contacts. I have been trying to authenticate the application using google supplied OAuthUtil, but cant get it to work...
it seems it is only suitable for webapplication because of the callback url you have to provide, I think that because the function OAuthUtil.GetUnauthorizedRequestToken returns void...
I'm not that familiar with C# or I'd try and write some example code. However, looking at their docs you have to open a web browser and detect whatever callback you sent. When you detect the callback you then redirect to the client program.
http://code.google.com/apis/accounts/docs/OAuthForInstalledApps.html
It seems they're working on being able to make a REST request to their servers so that you don't have to have a web browser. http://sites.google.com/site/oauthgoog/UXFedLogin/nobrowser/input-capable-devices
Even for things, without a web browser they're current suggestion is to provide a pin, which you then have the user register on a device with a web browser.
http://sites.google.com/site/oauthgoog/UXFedLogin/nobrowser
I'd like to write a console program in C# that posts a Tweet to Twitter. I've never used the Twitter APIs before and don't know anything about how their authentication works. I found an API library called Twitterizer, but it seems geared towards web applications and wants the user to logon with a web browser. All the API docs on Twitter's website seems geared around this scenario as well.
Is it possible to access the Twitter APIs using a console app with no web browser access? I'm perfectly fine hard coding in the name and password for the Twitter user I want to post under as well. Thanks!
Mike
You'll need to use OAuth for authenticating in twitter.
Then use regular HTTP Request to use the twitter JSON-based API.
Here you can find a good article about OAuth, Twitter and console applications.
Also take a loot at linq2twitter lib. From it's documentation;
The Twitter API is built using
Representable State Transfer (REST).
Wikipaedia defines REST as "...a style
of software architecture for
distributed hypermedia systems...",
but I'm going to be so bold as to try
to simplify what that means. In
practice, REST is a Web service
protocol built upon Hypertext Transfer
Protocol (HTTP). You use the REST Web
service by making an HTTP call with a
URL and getting text back in some
form, which is often XML or JSON. So,
if you were to write code that made an
HTTP request with the following URL:
http://api.twitter.com/1/statuses/public_timeline.xml
You would get back an XML document
with all of the Twitter statuses from
the public timeline, which is a
snapshot in time of the last 20 tweets
at the time of your request. Go ahead
and open your browser, copy and paste
the URL above into the address bar,
and see what you get back.
I couldn't find any decent information on the web on how to do this, so I decided to write my own blog post with all the details.. Enjoy!
http://blog.kitchenpc.com/2011/01/22/rise-of-the-twitterbot/
of course you can use anything to connect to Twitter via RESTful api.
you should use oauth, and set up your application in http://dev.twitter.com, then you should read all articles listed in documents, you must specify your app as Client but not Browser so user input a number to get through authentication.
you can use many libraries so that you can save your time, all are listed in the documents
and be CAREFUL, you should not use Twitter's own api console which is buggy (as i know parameters somtimes can't be parsed), you should use APIgee instead which is powerful and stable.
if you want use basic authentication, you should use api proxy (one famous is twip), if you just need only one single C# apps, you must code by yourself:
you should use given username and password to login twitter, parse cookies passed
use normal oauth to get temporaly access token url.
use cookies got from step 1, emulates form submit to allow your apps, capture PIN code
use pin code to finish oauth.
MOST IMPORTANT, you must store access token in client's machine so next time you can bypass above steps
Just wrote a Twitter Bot in C#. This is currently posting tweets to #valuetraderteam.
https://gist.github.com/sdesalas/c82b92200816ecc83af1
The API component in the GIST below is less than 500 lines, only dependency is Json.NET, you'll need to download the latest DLL for either x64 or x86 (depending on what platform you are targetting) and include as a reference in your project.
There is an example at the bottom of the page of how you can make a tweet from a console application
Hopefully this is useful to some other people out there.