I am writing an app using WPF 3.5 and I need twitter integration.
I know that there are many API's for C# and most of them seem to be on the right track.
But one, painfully annoying (seemingly 100% required) step of the twitter posting is that you need to redirect the user to the twitter website, in which they need to login and click "allow" which then shows a PIN number which the user must enter in to my client app in order to simply tweet.
This is so cumbersome and annoying for each run of the app, I dont mind a once off thing, but each time?? Am I not doing this right, why isnt it just a once off allowance of a registered app? How do apps like TweetDeck do it so that they dont have to re-approve each time I load the app?
You need to store the token and the key provided by the server when you perform the OAuth authentication. You can continue to sign your requests using those keys. I'm not entirely sure which library you're using, which makes it hard to say, but there should be a means of retrieving the key/token that Twitter provides you with and passing this back in as a means of authentication.
One other alternative is to use xAuth, which makes it a little easier for your app to authenticate the user. The downside is that it's pretty oblique and might not be supported by the library you're using.
Good luck!
Related
As far as I know, when I developed a console app using YoutubeAPI to create live events for streaming, youtube required me to choose the account which was enable live streaming to put live events on.
But when I developed a website app using that API, even though I opened icognito browser to create live events, it still used my first account in Chrome to create live event.
I wondered if there is some way to make this API to select user like what happened in console app.
I think it is because of the client_secrets.json but I don't know how to fix it.
I am using C# to develop
All of the Live Streaming endpoints require OAuth, you must be authenticated as the user you wish to stream live with. You cannot stream on another user's behalf unless they have logged in and provided a valid OAuth token to use for your requests.
I'm completely new to the whole facebook login scene. Unfortunately the login process seems so complicated considering I simply want to be able to call a login dialog and get back the user's App Token. When I run the example code the login screen asks for an app token not an email and password like I'd expect to see as a user.
From my understanding it appears that even using the Facebook Unity SDK I am still required to build my own login page with app token generator which I have no idea how to do. It also appears there are different ways it needs to be done whether you are on IOS, Android, Web Player, Windows and Windows Phone. Is there really not one way to do this?
I followed the tutorial here: https://developers.facebook.com/docs/games/unity/unity-tutorial although all the images regarding setting up your app on developers.facebook.com/apps are out of date and I can't find a good majority of the options it mentions.
So I guess my main questions are:
Can you have one way across all platforms to allow email/password login for a user?
Do you need to build your own token generator on a website?
How do I set up a game for Unity in the new facebook layout?
Thanks everyone. I've never dealt with authentication via any online service before and this seems much preferable to having my own login authentication for my games. I just wish it wasn't such a confusing mess to someone who has never dealt with any of this before.
The app token thing is only used in Unity editor, so only in development. This is a work-around, since it was impossible to simulate regular facebook login flow in Unity editor and we wanted devs to be able to test their games in the editor, which is much faster than building and uploading it.
You are not supposed to create your own login process. Just import the sdk package into Unity and open scene InteractiveConsole in Assets\Examples
Try building it for iOS/android/canvas, it works on all platforms without any code change necessary
Let me know if have any problems
1 and 2
My assumption is the access "token" you mention is a generic login for testing in unity. Your app should handle the login differently across platforms, in regard to the "Facebook Unity SDK API's" handling the bulk stuff so you are free to plug and play.
3
Image of my settings for the canvas demo https:// developers .facebook .com/apps/#____#/settings/
https://drive.google.com/file/d/0B7Lk_CfjfKfTdVlNQWlINkNCTU0/edit?usp=sharing
I'm building an aggregator for Twitter and Facebook. Via my website users should be able to grant the app access to their Facebook and Twitter profile.
Then, my C# app will, at regular intervals, check the networks (or stream from) for new posts/likes/tweets related to that user and store the result in a database. I will not use Facebook and Twitter as an identity provider for my website.
Now my question: what library should I use best to accomplish the connection with the social networks? Can I use dotnetopenauth for this? Or are there better solutions?
I should also be able to extend the library and add whatever social network later on.
It is probably a very basic question, but I get confused due to all the possible libraries and options. I tweaked a small and simple OAuth class to connect to Twitter, but this was only capably of OAuth 1.0...
Yes, DotNetOpenAuth can help you with this. But you might want to double check the Facebook terms of service, as I thought they forbade any persistence of the data you download from them.
It is indeed possible to do so with DotNetOpenAuth, I know this because I am working on something similar. Already have it working like a charm with Twitter, working on the Facebook link at the moment. Seems like Facebook is going to give me more trouble then I expected at first.
I am playing around with Google Music. I'm trying to see if I can write an app that will stream my music files uploaded to Google Music. So far, I've managed to authenticate myself using ClientLogin and access the music.google.com page. However, whenever I try to access http://music.google.com/music/services/loadalltracks, the page that contains all of my tracks in JSON format, I get a 401: Unauthorized error. However, if I pass the cookies containing SID and HSID, it works and I can access the page.
Does anyone know why It doesn't work with ClientLogin, outside of Google not supporting it with Music? Have you had similiar experience with other Google Services? In the event I can't get ClientLogin to work, is there anyway to work around it, using the SID? I don't know how the HSID is generated.
Since there is no official api for Google Music, you need full SSO credentials to use those endpoints. The easiest way to do this is to emulate a browser (with eg mechanize).
The way my unofficial Google Music api accomplishes this is a bit cleaner, but more work: use clientlogin to authenticate to the Music Manager service, then upgrade those credentials using tokenauth. This isn't really a public feature, but it's described by a third party here, and by a Google design doc here. The specific endpoints you need are in my code here (in clientlogin.py and tokenauth.py).
You'll want to send u=0 and xt=[value of xt cookie] in the querystring as well. The first argument specifies which account you're using (if you're signed into multiple), and the second is a xsrf token.
Well, as far as I can tell the reason sending the SID and HSID cookies makes the request work is because you're simulating the way a normal user is accessing the service.
You can't go the regular application way because that's not supported in google music (as far as my internet research showed, there's no API for google music).
Oh, and one thing: google discourages people from using ClientLogin and instead tells people to use OAuth ("ClientLogin [is] Google's proprietary authorization API ... you should avoid using [this] service." found at http://code.google.com/apis/gdata/docs/auth/overview.html) so in the future you might want to use that. Maybe it'll even work in this case (It sends a different token from ClientLogin - OAuth token instead of an Auth token) though I doubt that.
Anyway, I hope this cleared things up.
I want to write an application which can update an twitter status of an certain twitter account.
The user has to log in to twitter.
I want to make this application with Twitterizer, but since it uses oAuth, the user needs to go to the twitter website to tell twitter that my application is granted access to the user's twitter account.
Because I want to make a very simple twitter application for people who are not really even expert with computers, I don't really want that process.
Is there any option to automate the web UI of the oAuth process? Or an option to don't use that web UI?
The purpose of OAuth is to ensure that the user is aware that they are granting a 3rd party access to their account. If OAuth allowed the process to be automated, it would undermine the very reason it exists.
One way around asking the user to copy/paste a PIN, is to use the HttpListener class to create a simple webservice that runs on the client's computer. You can create it long enough to listen for the user to be directed back to the callback url and capture the values needed. I've demonstrated this technique on my blog.
Just as commentary: to say "but since [Twitterizer] uses oAuth" insinuates that it was my design decision (I'm Twitterizer author), where it is really the security protocol required to interact with the Twitter API. Every Twitter library requires the use of OAuth.