When I say that, I mean if I'm creating an APP that I want to work in conjunction with say instagram, twitch, or facebook, etc, where they log in with their account first, how could I go about that? I'd want to essentially do an ADD-ON and make it more accessible/easy for users. Where could I learn more about how to do that?
It sounds a big vague I know, but I'm not sure how else to explain it.
You are looking for an OAUTH API from any of those providers, if I am understanding your post correctly.
You would read the documentation at their relative websites and then apply what is necessary to your project.
More info on facebook here: https://developers.facebook.com/docs/reference/dialogs/oauth
Related
I'm currently exploring the capabilities of custom passes in Apple Wallet.
One thing I would like to do is enable users to be able to go to my website if they click their gift card's icon.
However, after looking through the documentation - there doesn't seem to be any support for this basic ask.
The closest thing I was able to find was adding URLs to the back of the custom passes. Anyone know of a workaround?
I'm looking for the same thing.
I'm surprised people praise Apple Wallet passes that much, when it's really bad to work with.
Everything is file based, and you have to create a physical zip-file.
Google's approach is much better imho: everything is done via an API, so the pass itself is just a url with a token. Sharing a Google Pass is so much simpler and works everywhere.
Updating a pass is simple; just call the Google Api and everything will be ok. Images and assets are urls. Much much better to work with.
Updating an Apple pass involves fricking Push notifications, it's mind bogglingly complex compared to Google's solution.
Oh well
The current solution I found involves a complex set of process, I have not figured out 100% yet. Thus, I wanted to know an expert opinion on this.
This is what I have so far:
Access Graph API endpoint /friends which will give the list of friends who are also using the app
Invite them (I have no idea how)
For an invite, I have found this, but that's already deprecated. Which uses FBSDKAppInviteDialog.
I also found this but it seems like she is just promoting their own product. If they can do it then there must be a way for me to achieve this as well. Still, I can't find it in Facebook docs.
The sad thing is, why would Facebook make this simple stuff very hard to do?
I need to implement a single sign on solution for a couple of websites in my company. I want to have the minimum interaction with the user during this process. It should look like its the same application.
I have studied OAuth , stack Exchange and youtube If I understand correctly OAuth the user has allways to give permission to the app right?.
Do you think I could use OAuth or should I implement a similar mechanism like youtube or stack exchange myself? In the begining I was more inclined to that idea but I dont want to reeinvent the wheel. Also I dont have many time to impelement this.
Thank you for your help.
Of course you should not "reinvent the wheel".
You can use oAuth, even though it is not defined as SSO solution (and you wrote that you are interested in SSO solution - are you sure about the meaning of SSO?).
Have a look at SAML, which IS defined as Single Sign On, etc. But you have to be more precise about your requirements - do you want to implement the identity provider by yourself, or can you use Google Accounts, for example?
I have a couple outstanding questions mainly reguarding twitter and facebook
In the FacebookGraph class there are properties such as Id,name,etc. I am wondering how do I add to this list? Like what happens if I want a users hometown? I tried to add a property called hometown but it always is null.
What should I store their id(1418) or the whole url(http://www.facebook.com/profile.php?id=1418) for lookup later in my db to grab their data and to see if they have an account with my site?
Is it actually good to use this id as it seems like it is common knowledge. Can't someone just find the profile id or whatever and do a fake request on my site?
how do you setup dotnetopenauth to deal with the case when a user goes to facebook and deletes access to my website. I know you can send a deauthorization code to your site and then delete their account but I don't know how to do that through dotnetopenauth
Twitter
Is it possible to do number 4 with twitter?
Ajax
Is it possible to make the openid stuff ajax? I don't see a sample anywhere in the dotnetopenauth samples.
I'm no pro at Facebook. But the FacebookGraph class is in the ApplicationBlock, which ships as source and is fully intended for you to customize or extend within your own application. Hopefully people more familiar with Facebook in particular, or the Facebook docs, can help you with those questions.
Since Facebook is not OpenID, what you store whether ID # or the whole URL, is less critical. People should not be able to just craft requests to log in as others because your site should be verifying signatures, etc. If you're using DotNetOpenAuth appropriately this is probably being done automatically for you. But without seeing your code it can't be said for sure.
Assume the id is common knowledge. It certainly isn't a long random number so anyone can guess it. The ID must be accompanied by a signature that verifies that Facebook sent the ID, just now, for you.
I suspect the deauthorization code isn't going to be relevant to DotNetOpenAuth -- that's probably just some URL that you respond to. But again, I haven't read the FB docs on this.
Here's the real answer I can give you. Yes, OpenID works with AJAX reasonably well. You can see some samples of this at nerddinner.com or a sample of a blog post comment system. The most complete AJAX demonstration for standard login may be in the web forms or MVC project templates available on the Visual Studio Gallery.
I'm trying to make use of various APIs including twitter, youtube, etc because we want to embed recent entries (tweets, videos) on our website.
However, since I'm just retrieving my own data, I'm wondering how I can do this simpler than the multi-step process required by OAuth.
Twitter provides me with my own access token I can use directly, so that kinda works, but I can't find any such token in the YouTube documentation.
So how am I supposed to make use of the api if I just want to get a simple list of stuff? how exaclty am I supposed to authenticate my own website to use my own account?
I think i might have things all wrong and if so please point me in the right direction. I tried using rss feeds but they don't give me as much control over what I retrieve as using the API directly...
any insight or suggestions are appreciated!
see my comment above. summary: it depends on the requirements of the individual api