I have a couple outstanding questions mainly reguarding twitter and facebook
In the FacebookGraph class there are properties such as Id,name,etc. I am wondering how do I add to this list? Like what happens if I want a users hometown? I tried to add a property called hometown but it always is null.
What should I store their id(1418) or the whole url(http://www.facebook.com/profile.php?id=1418) for lookup later in my db to grab their data and to see if they have an account with my site?
Is it actually good to use this id as it seems like it is common knowledge. Can't someone just find the profile id or whatever and do a fake request on my site?
how do you setup dotnetopenauth to deal with the case when a user goes to facebook and deletes access to my website. I know you can send a deauthorization code to your site and then delete their account but I don't know how to do that through dotnetopenauth
Twitter
Is it possible to do number 4 with twitter?
Ajax
Is it possible to make the openid stuff ajax? I don't see a sample anywhere in the dotnetopenauth samples.
I'm no pro at Facebook. But the FacebookGraph class is in the ApplicationBlock, which ships as source and is fully intended for you to customize or extend within your own application. Hopefully people more familiar with Facebook in particular, or the Facebook docs, can help you with those questions.
Since Facebook is not OpenID, what you store whether ID # or the whole URL, is less critical. People should not be able to just craft requests to log in as others because your site should be verifying signatures, etc. If you're using DotNetOpenAuth appropriately this is probably being done automatically for you. But without seeing your code it can't be said for sure.
Assume the id is common knowledge. It certainly isn't a long random number so anyone can guess it. The ID must be accompanied by a signature that verifies that Facebook sent the ID, just now, for you.
I suspect the deauthorization code isn't going to be relevant to DotNetOpenAuth -- that's probably just some URL that you respond to. But again, I haven't read the FB docs on this.
Here's the real answer I can give you. Yes, OpenID works with AJAX reasonably well. You can see some samples of this at nerddinner.com or a sample of a blog post comment system. The most complete AJAX demonstration for standard login may be in the web forms or MVC project templates available on the Visual Studio Gallery.
Related
I'm currently writing a shop-related site that has it's own community in different social networks. While posting to VKontakte and Facebook is less of an issue (I can understand the concept of "group", and VK actually has an option to write posts using the group's name), Twitter is more troublesome.
Two questions:
Is there even such a thing as "groups" in Twitter? The closest I have seen is lists and timelines, but neither appears to solve my issue.
I cannot give the operator access to the twitter account. VK has a specific option when posting in a group to use that group's name as poster name. How does this work in Twitter?
I need something akin to what lamoda has set up. (It appears to be a user, and every post is labeled as written by that user, however I doubt they give their ops access to the actual twitter account).
P.S.: I'm already done with getting past OAuth and using REST to actually post, thus no code provided. I'm just having trouble with the statuses/update.json call, if that's what I should actually be using.
Talk about simple solutions to simple problems.
It appears I have been overcomplicating. There are no groups in twitter, or even comments at that. You can only post to your own feed or re-post from somebody else's.
Posting to someone's feed (a shop account's, say) is simple enough using that account's pre-generated access token which can be stored in the configs.
I am creating an ios app that needs to download a html page and extract some information from it. To get to the page I also need to login. I have looked everywhere for some code on how to login to a site using the cocoa framework, but every answer I see only seems to answer half the question. Here is the login site: romres.ist-asp.com. I need some code for writing something in the first field (the other two are left blank), then submit the form and then I need to be able to see the next page. I believe apps like Facebook should use som of the same technology, where you log in to a facebook and then you can see the contents of your profile.
Basically what you want to do is called scraping.
Scraping is really easy for sites that don't require authentication, but in your case what you should do is to inspect the POST request being made when logging in the site your interested in (try to understand of the service respond) and the POST request made, when already logged in, to retrieve each page.
The purpose of all of this is to have later the possibility to simulate regular HTTP requests that should came from a browser via code.
If you have any doubt ask in the comments.
Ok so I've scoured the docs and stackoverflow for an answer, but maybe I'm asking the wrong questions or looking in the wrong places. I'm working on an native iOS app and I want to give the user a way to post a comment to a page, but through native UI and not through a UIWebView with the comments plugin embedded. I can make a comment on a comment on the page, but I can't seem to make a comment from an authenticated user on the page itself. Is this even possible?
Apple's URL Loading System provides you with the ability to set credentials for basic HTTP authentication, but it sounds like you're talking about logging in to some kind of forum system. The way those generally work is that you send your credentials to the site, and get an authentication cookie back. You then need to provide that cookie to the system when you interact with the site.
Here's a blog post with an example of how to do that.
Recently search engines have been able to page dynamic content on social networking sites. I would like to understand how this is done. Are there static pages created by a site like Facebook that update semi frequently. Does Google attempt to store every possible user name?
As I understand it, a page like www.facebook.com/username, is not an actual file stored on disk but is shorthand for a query like: select username from users and display the information on the page. How does Google know about every user, this gets even more complicated when things like tweets are involved.
EDIT: I guess I didn't really ask what I wanted to know about. Do I need to be as big as twitter or facebook in order for google to make special ways to crawl my site? Will google automatically find my users profiles if I allow anyone to view them? If not what do I have to do to make that work?
In the case of tweets in particular, Google isn't 'crawling' for them in the traditional sense; they've integrated with Twitter to provide the search results in real-time.
In the more general case of your question, dynamic content is not new to Facebook or Twitter, though it may seem to be. Google crawls a URL; the URL provides HTML data; Google indexes it. Whether it's a dynamic query that's rendering the page, or whether it's a cache of static HTML, makes little difference to the indexing process in theory. In practice, there's a lot more to it (see Michael B's comment below.)
And see Vartec's succinct post on how Google might find all those public Facebook profiles without actually logging in and poking around FB.
OK, that was vastly oversimplified, but let's see what else people have to say..
As far as I know Google isn't able to read and store the actual contents of profiles, because the Google bot doesn't have a Facebook account, and it would be a huge privacy breach.
The bot works by hitting facebook.com and then following every link it can find. Whatever content it sees on the page it hits, it stores. So even if it follows a dynamic url like www.facebook.com/username, it will just remember whatever it saw when it went there. Hopefully in that particular case, it isn't all the private data of said user.
Additionally, facebook can and does provide special instructions that search bots can follow, so that google results don't include a bunch of login pages.
profiles can be linked from outside;
site may provide sitemap
Now that idselector has been upgraded to RPXNow and you can't "just use" the selector code, what is a good replacement?
I want to implement OpenId on a new website that I am using, but the users are going to be just dumb when it comes to logging in unless I provide an easy way for them to.
As a reference, I will be using .Net Open Id for the background in an ASP.Net MVC web application.
EDIT
After some cheap thought, what about using the rpxlib?
Jarrett Vance made a "version" of open-selector that is much more developer/designer friendly.
This selector is different because it does not hide the markup details in javascript. Therefore, you can easily add new providers or rearrange the existing ones without digging into the javascript. The login form will still work for normal OpenID logins if javascript is disabled
The best of all, is that it comes with documentation, demo, and lots of images both cropped and as raw .pdn files (paint.net)
Jarrett Vance's openid-selector can be found here
(source: jvance.com)
PS: I would suggest reading this article before implementing RPX.
Another one to consider is http://code.google.com/p/openid-realselector/ (which is a rewrite/update of http://code.google.com/p/openid-selector/)
I have done an implementation with RPXLib and RPXNow, and it is really pretty straight forward.
I wanted to minimize the amount of work done in the OpenId format, and the RxpLib definately helped with that one.
RpxNow also has a nice feature of telling me new users, number of logins per day, etc...
I've made Open-selector, which you just add to your site and switches the regular OpenID box into a provider list and a username text input.
The code is pretty simple (in case you need extra customization) and there is an inline mode so it doesn't alter your original layout.
I was using that one, but then I found a few people using a different one which made me investigate, and I found this OpenID selector. There aren't any instructions per se other than the demo.html, but it shouldn't be too hard to figure out. Just include the css and js, then call the javascript function with the right parameter.
Edit about rpx: I chose to stay away from rpx because I didn't want to have a 'central point of failure,' and a site that isn't my own that users would authenticate to/through. It seems kind of counter-intuitive being that I'm using openid, but if you consider that the openid provider that the user is using as part of the user, then it kind of makes sense.