I am trying to pass requirement AppCenter WF 1.0. My log is here:
http://pastebin.com/jqqLWury
I notice that my OauthResponse page is visited twice:
CCC : Info 4/8/2013 2:40:22 PM OauthResponse has been visited on 4/8/2013 2:40:22 PM
CCC : Info 4/8/2013 2:40:26 PM OauthResponse has been visited on 4/8/2013 2:40:26 PM
The log I posted above also seems to hit my page twice.
I try and login at https://appcenter.intuit.com/TryBuy/IA/MYID. I receive a page asking to connect to my app. When I connect and click authorize, I am sent to myapp.com/openid and redirected to myapp.com/home/index. I receive an access token, an access token secret, and a realm. When I try to authenticate with these credentials, it fails.
I notice that the app is never added to my company list of apps.
I am using the Intuit Azure SDK. In my development area, are these settings correct?
App URL: myapp.com/openid
Disconnect Landing url: myapp.com/disconnect
Manage Users Url: myapp.com/OauthResponse
OpenId URL: https://www.myapp.com/openid
Host Name Domain: myapp.com
I am using my development consumer key and my development consumer key secret. How come I am getting bad credentials?
Here is my error:
Intuit.Ipp.Exception.InvalidTokenException: Unauthorized
at Intuit.Ipp.Exception.IdsExceptionManager.HandleException(IdsException idsException)
at Intuit.Ipp.Core.ServiceContext.GetQBOPartitionedURL(String qboServiceEndpoint)
at Intuit.Ipp.Core.ServiceContext.GetBaseURL()
at Intuit.Ipp.Core.ServiceContext..ctor(IRequestValidator requestValidator, String
Here is my code:
string Authenticate()
{
string accessToken = HttpContext.Current.Session["accessToken"].ToString();
string accessTokenSecret = HttpContext.Current.Session["accessTokenSecret"].ToString();
string companyID = HttpContext.Current.Session["realm"].ToString();
// now auth to IA
OAuthRequestValidator oauthValidator = new OAuthRequestValidator(accessToken, accessTokenSecret, ConfigurationManager.AppSettings["consumerKey"].ToString(), ConfigurationManager.AppSettings["consumerSecret"].ToString());
ServiceContext context = new ServiceContext(oauthValidator, accessToken, companyID, IntuitServicesType.QBO);
dataServices = new DataServices(context);
return "OK";
}
If I log in through my website without using that URL, everything works fine.
It looks like my app URL was incorrect in the app center.
In my case, the app URL should be http://www.cloudcartconnector.com/OpenId and my OpenIdUrl should be https://www.cloudcartconnector.com/DirectConnectToIntuit
Related
I am trying to integrate our application a regular .net desktop service that runs in the user context with ADFS, and a Web API. The user is a domain user and this is a regular AD environment. The MVC aspect of the website are working well with the browser.
I am on ADAL3(VS2017), windows server 2016, I referred this link [ADFS SSO CloudIdentity] am able to use UserCredentialPassword to get a token successfully and call into my Web API, I just followed the steps and changed things to async.
However using the logged on credential bit where a new UserCredential() should indicate to call to get the token from current thread doesn't work at all for me, on ADAL 2, I am getting null pointer exception and on ADAL3 I get
MSIS7065: There are no registered protocol handlers on path /adfs/oauth2/token to process the incoming request.
I did see a similar query on SO but based on my understanding the OP there is falling back on browser based behaviour.
Falling back at browser based auth (with Promptbehaviour.never) based behaviour is undesired because I have seen a lot of config issues on customer site where even with the relevant settings enabled the browser was assuming it to be an internet site and logging in fails.
Code for reference
string authority = "https://adfs.domain.com/adfs";
string resourceURI = "https://local.ip:44325";
string clientID = "19cda707-b1bf-48a1-b4ac-a7df00e1a689";
AuthenticationContext ac = new AuthenticationContext(authority, false);
// I expect that the user's credential are picked up here.
AuthenticationResult authResult =
await ac.AcquireTokenAsync(resourceURI, clientID,
new UserCredential());
string authHeader = authResult.CreateAuthorizationHeader();
var client = new HttpClient();
var request = new HttpRequestMessage( HttpMethod.Get,
"https://local.ip:44325/api/values");
request.Headers.TryAddWithoutValidation( "Authorization", authHeader);
var response = await client.SendAsync(request);
string responseString = await response.Content.ReadAsStringAsync();
The call fails in acquiretokenasync.
Have you violated any of the constraints described here?
Also, similar question here around ADAL V3.0 and UserCredential support.
In the link above, the RP was created using PowerShell. Are you sure that you have properly configured an application in ADFS 4.0 - clientID etc.
I've been trying to create unity application and connect it with mobile services. I'm trying to do FB authentication and here's what I've done on my checklist :
Registered my FB App Id and App secret properly on mobile services.
For testing I use FB tools to generate access token for now.
Here's my code to login to FB using Restsharp :
// token is hardcoded with access token from FB tools for test
AuthenticationToken authToken = CreateToken(provider, token);
_LoginAsyncCallback = callback;
var path = "/login/" + provider.ToString().ToLower();
var baseClient = new RestClient(_baseEndPoint);
var request = new RestRequest(path, Method.POST);
var json = SerializeObject(authToken);
request.RequestFormat = DataFormat.Json;
request.AddHeader("Content-Type", "application/json");
request.AddParameter("application/json", json, ParameterType.RequestBody);
var handle = baseClient.ExecuteAsync<MobileServiceUser>(request, LoginAsyncHandler);
provider is facebook and my post is "access_token":"XXXXXXXX" so this should be correct right?
I always get this error :
Rest Response:{"code":401,"error":"Error: The Facebook Graph API access token authorization request failed with HTTP status code 400"}
I've tried many FB app settings and generate new access tokens from FB tools, etc but nothing seems to work. I'm at my wits end on this
the facebook canvas app gets a "signed_request" parameter when user visits the canvas url via facebook.
How do i use this to authenticate the user on servicestack, so that i get the user session in servicestack.
the user will already be signed up for the app and will have records in the servicestack user repositories.
Should i set the canvas url to /auth/facebook ? with additional ?Continue=/target_url
Will this authenticate the user and send him to the target_url?
Or should i handle the canvas request and then use AuthService to authenticate the user using the "signed_request" param? if this is the case then, how do i proceed with it ?
Here's how I managed the case:
I handled the FB canvas request, receiving the "signed_request" parameter. Then by decoding the BASE64 encoded string (and verifying with HMAC SHA256), I got the FB userId.
if (isMatch)
{
string message = UTF8Encoding.UTF8.GetString(msg);
var output = message.FromJson<Dictionary<string, string>>();
string user = output["user_id"];
OAuthTokens tokens = new OAuthTokens();
tokens.Provider = "facebook";
tokens.UserId = user;
UserSession.IsAuthenticated = true;
((FacebookAuthProvider)AuthService.GetAuthProvider("facebook")).OnAuthenticated(this, UserSession, tokens, new Dictionary<string, string>());
return UserSession.ToJson();
}
I'm not sure whether this is the best way to manually get the user authenticated. But so far, this technique has worked.
I am building desktop application which should commit some stuffs from file system to Facebook.
Application should not give user login form at all.
C#, VS2010 are used.
I have for Facebook App:
client app id
client secret id
token (which is extended, so it is valid for next 60days).
Idea is to somehow renew the access_token, since Facebook doesn't give permanent access_token (offline_token).
So I have tried this:
var fb = new FacebookClient();
dynamic results = fb.Get("oauth/access_token",
new
{
client_id = "aap_id",
client_secret = "secret_id",
grant_type = "fb_exchange_token",
fb_exchange_token = "existing_token"
});
String newToken = results.access_token;
With this code I get newToken, which is different from existing.
My Question:
If this code is run, lets say day before it is expired, will the new token be valid for new 60 days or not?
Or should again be requested extended token?
Thanks,
Ljiljana.
I am using Tweetsharp and I am trying to play with the Twitter Application. At present it is a simple console application.
I have searched in the net and found some articles where most of them are stating that after August 16th 2010, the basic authentication for the twitter is no longer applicable. Instead OAuth has come into place.
Henceforth, I have gone to the Twitter Apps and created one for me.(since it's a desktop application, so I choose Application Type to be Client and not browser.)
These are the various information that I got
Consumer key : NxDgjunKLu65CW38Ea1RT
Consumer secret :JOomsRGPTHct9hFjGQOTpxScZwI5K8zkIpOC1ytfo
Request token URL : https://twitter.com/oauth/request_token
Access token URL : https://twitter.com/oauth/access_token
Authorize URL: https://twitter.com/oauth/authorize
As a very basic step what have planned is that, I will write/post some tweet something to my wall.
Henceforth, I made the following(some code has been taken from web as I was using those as a reference)
string consumerKey = "NxDgjunKLu65CW38Ea1RT";
string consumerSecret = "JOomsRGPTHct9hFjGQOTpxScZwI5K8zkIpOC1ytfo";
FluentTwitter.SetClientInfo(new TwitterClientInfo { ConsumerKey = consumerKey, ConsumerSecret = consumerSecret });
//Gets the token
var RequestToken = FluentTwitter.CreateRequest().Authentication.GetRequestToken().Request().AsToken();
var twitter = FluentTwitter.CreateRequest()
.AuthenticateWith(
consumerKey
,consumerSecret,
RequestToken.Token,
RequestToken.TokenSecret)
.Statuses().Update("I am writing my first tweets").AsXml();
var response = twitter.Request();
var status = response.AsStatus();
But the response is
<?xml version="1.0" encoding="UTF-8"?>
<hash>
<error>Could not authenticate with OAuth.</error>
<request>/1/statuses/update.xml</request>
</hash>
I am trying for a long time to understand the problem but all in vain.
I need help.
Thanks
Getting the request token is only the first step of the OAuth process. You need to get the request token, authorize the token, and then trade if for an access token. You then use the access token to send a tweet.
See this link for a flowchart of the full OAuth process.