Has anyone written a secure token service that wraps the Facebook connect API that they are willing to share?
We are considering this as an alternative to using Azure ACS.
Sign into SharePoint 2010 with Facebook using a custom STS shows how to integrate the Facebook part with a custom STS. You can pretty much ignore the SP 2010 part (unless that's what you are using?).
Also, have a look at Startersts. Not specifically about Facebook but it does have a sample on how to build a bridge between OpenId and WS-Federation.
Related
I'm trying to create an Outlook add-in using Angular 7 that can access all the users in my organization with Microsoft Graph API. In order to do that, I need to authenticate the current user and get an access token for calling graph API. I am planning to do the authentication using Single Sign On (SSO).
I read the documentation and didn't find any solution to my problem. My current add-in doesn't have a back-end, just a front-end.
This will only work with Office add-ins in Preview right now and requires you to have a server side component and an Azure AD registered application. There are detailed steps on accomplishing that here for asp.net and nodejs. There is no examples with Angular though unfortunately:
https://learn.microsoft.com/en-us/office/dev/add-ins/develop/sso-in-office-add-ins
Dear Xamarin developers,
I'm new to the Xamarin world and I like Xamarin.Forms.
When a developer find out a new platform (for me Xamarin(.forms)) he/ she wants to let the user login via OAuth (Facebook/ Google/ Twitter).
For Xamarin you have Xamarin.Auth, but I can't get it to work with Facebook or any other provider.
And for Xamarin.Forms there is no library or guide to do this.
So my question is; how do I implement OAuth(2) in Xamarin.Forms to use Facebook as provider?
Thanks in advance,
Theo
I have used Xamarin.Auth to authenticate against Dropbox with OAuth2 following this guide https://developer.xamarin.com/guides/xamarin-forms/web-services/authentication/oauth/.
As the documentation of the API was not sufficient when it came to error handling, I pulled the branch https://github.com/xamarin/Xamarin.Auth/tree/portable-bait-and-switch from Xamarin.Auth at github to be able to debug it. Later I switched back to the nuget version once I understood the main problems.
For Microsoft Authentification, I had to redefine some of the methods to be able to use it.
Hope this helps to get you started.
I'm trying to use Google's Webmaster Tools API to download a CSV file of recent search queries.
I know how to do that using their Python example at http://googlewebmastercentral.blogspot.com/2011/12/download-search-queries-data-using.html
But I want to use OAUTH2.
Here's the problem: The download url for CSV downloads is:
/webmasters/tools/downloads-list?hl=%s&siteUrl=%s
But the Google data API only lets me use OAUTH2 against:
/webmasters/tools/feeds/sites/
So the token I get when I authenticate doesn't provide access.
It SEEMS insane that they'd have some of their data available via OAUTH2 and some of it only using username/password.
Does anyone know a request URI I can use to download the query report via OAUTH2? Or is this API as nuts as it seems?
My $.02 would be "yes, it IS as nuts as it seems."
If you look at the Google APIs Console (https://code.google.com/apis/console) the Webmaster Tools API is conspicuously absent.
I attempted to go down the same road & use OATH2 for the GWT API & was not able to make it work. Using the 'basic authentication' was the only solution.
edit April 2015: basic authentication has been withdrawn by Google and no longer works
I just ran into this, I am shure it has to be possible with OAuth2, corresponding to this sentence:
Activate the Google Site Verification API in the Services pane of the Google APIs Console. (If it isn't listed in the Console, then skip this step.)
https://developers.google.com/site-verification/v1/getting_started
Is it possible to use facebook authentification with WIF without using an acs/azure? Or this is absolutely necessary?
Yes, it's possible but you'll have to write a bit of code. There is a WIF extension that adds OAuth 2.0 support to the framework:
https://connect.microsoft.com/site1168/Downloads
Another option you might consider:
http://facebooknet.codeplex.com/
You can also write your own STS and add DotNetOpenAuth to it.
IdentityServer does something like this with OpenId in a (hidden) page. This was based on a post from Matias Woloski, updated here.
The Facebook Platform uses OAuth 2.0 for authentication and authorization. So when you try to build an authentication application for Facebook you are actually looking for a provided which supports Claim Based authentication. WIF does provide ASP.NET and WCF based framework for you to authenticate your application with Facebook through a claim based Identity Framework. (Windows Azure ACS simplify this process to bare minimum level and that is what you pay for.)
I just started skimmed over the Facebook API and OpenSocial API. In OpenSocial there is the construct of a gadget that is hosted on the container. You just write the code inside some XML structure and upload somehow to the container. So the code ist hosted by the OpenSocial provider.
I couldn't find a pendent in the Facebook API. It seems that apps on Facebook must always be hosted on a developers system (and not on Facebook). Is that correct? Or did I miss something?
Yes, that's correct. Facebook is busy enough running its own stuff without your stuff keeping their servers busy!