Is it possible to use facebook authentification with WIF without using an acs/azure? Or this is absolutely necessary?
Yes, it's possible but you'll have to write a bit of code. There is a WIF extension that adds OAuth 2.0 support to the framework:
https://connect.microsoft.com/site1168/Downloads
Another option you might consider:
http://facebooknet.codeplex.com/
You can also write your own STS and add DotNetOpenAuth to it.
IdentityServer does something like this with OpenId in a (hidden) page. This was based on a post from Matias Woloski, updated here.
The Facebook Platform uses OAuth 2.0 for authentication and authorization. So when you try to build an authentication application for Facebook you are actually looking for a provided which supports Claim Based authentication. WIF does provide ASP.NET and WCF based framework for you to authenticate your application with Facebook through a claim based Identity Framework. (Windows Azure ACS simplify this process to bare minimum level and that is what you pay for.)
Related
We are using a ecommerce plataform that can integrate with SAML protocol. They just need the authorization url. Do I need to create an App on One Login?
Or I could user a custom app integration?
Can you provide me some guidelines
What's the platform?
It may already exist in the OneLogin SAML catalog (we have a few thousand apps) but if not, please see https://support.onelogin.com/hc/en-us/articles/202673944-How-to-Use-the-OneLogin-SAML-Test-Connector
Additionally, you (or the Platform vendor) can always contact us to see about getting an official connector added to the catalog if it's not already there.
Regardless, your best bet is OneLogin support as this isn't really a development question.
I need to build oAuth provider and started to do my homework around Facebook and Google, as they are the largest example there is I think. What I still don't understand, when a web site wants to use oAuth from Google or Facebook, does it have to apply their SDK or SDK is just to simple the hard work, but there is the way to do it your self from scratch? I asking this, because I wonder, if after my oAuth provide will be ready, I will have to create SDK as well.
No, you do not have to create any SDK for OAuth provider or clients. You can look at an google's playground for a sample end to end demonstration of OAuth2 flow.
I would like to build a web service (RESTful JSON API) and I would like to secure my API with OAuth 1.0 or 2.0. I'm using Play2 with Scala and I cannot find examples on writing OAuth providers (not consumers) in Scala nor in Play2.
I believe the combination should be very familiar, suppose you are building an API like GitHub and you want to authorize certain applications and offer them CONSUMER_KEY, CONSUMER_SECRET to access your APIs. There must be an easy-to-use library to help you do that. Not to say that this should be baked into Play2.
Any ideas? libraries? tricks?
We built an OAuth 1.0 provider in Scala/Lift. Its coded for the Open Bank Project but should be pretty easy to extract for another Lift app.
Please See:
https://github.com/OpenBankProject/OpenBankProject-Server/wiki/OAuth-1.0-client---Server-connexion
By the way, we chose OAuth 1.0 rather than OAuth 2.0 because OAuth 2.0 is not really fixed yet.
cheers, Simon.
I'm writing my first codeigniter application and I want to have FB/Google/Twitter authentication along with normal authentication system, all well integrated.
Is there any codeigniter authentication library that supports FB/Google/Twitter login(or at least just FB Login)?
For Facebook support, try https://github.com/elliothaughin/codeigniter-facebook
The same github profile used to have an integrated library for all the services you mentioned, but that seems to have been removed.
Has anyone written a secure token service that wraps the Facebook connect API that they are willing to share?
We are considering this as an alternative to using Azure ACS.
Sign into SharePoint 2010 with Facebook using a custom STS shows how to integrate the Facebook part with a custom STS. You can pretty much ignore the SP 2010 part (unless that's what you are using?).
Also, have a look at Startersts. Not specifically about Facebook but it does have a sample on how to build a bridge between OpenId and WS-Federation.