How to use Linq to Twitter inside a web service? - linq-to-twitter

I'm writing a web app that uses Linq to Twitter to help a user manage a Twitter account. I understand that I need to hide my consumer key and consumer secret on the server side to prevent it from being exposed.
In order to do this, I know that I could use the MvcAuthorizer and use Linq To Twitter up on the server side of my MVC Application. But what if I wanted to separate the Linq To Twitter code from the web app and expose it as a web service hosted separately from my MVC app?
So the data flow would look like this...
Web Browser Client <--> My Web Service (ServiceStack) <--> Linq to Twitter <--> Twitter REST API
From reading the documentation on both the Linq to Twitter and dev.twitter.com site, my understanding is that my process flow should look something like this..
User clicks some button in the web app that starts the authorization process
User is redirected to twitter, and authorizes the app for use.
User is redirected back to the callback URL that I specify. My app now has access to the users's OAuth tokens via the query string in that callback URL
My app stores those OAuth tokens somewhere
My proxy web service uses those OAuth tokens to query the Twitter API on behalf of the user.
I think I can do steps 1-4 using the instructions here about the MvcAuthorizer.
I'm not sure how to accomplish 5. My thought was to have a UserTweetsRequest message that I sent to my service. The message would specify the Twitter username. Inside the service, I'd look up the stored OAuth tokens for that user, combine them with my consumer tokens, then use Linq To Twitter to make the query.
If I now have all of the consumer and user tokens I need to call the Twitter API via Linq to Twitter, which Authorizer should I use inside my service implementation to make that happen? Do I need to implement my own?

The LINQ to Twitter authorizers are designed to bypass the Twitter authorization process and just sign a request, if you have all 4 keys. It sounds like that is the case, so you can use (almost) any of the authorizers in your Web Service. You could use SingleUserAuthorizer, MvcAuthorizer, or WebAuthorizer as long as you provide all 4 credentials.
I have a WCF demo on my Samples Page. You will probably need to update the version of LINQ to Twitter with the sample, but it might be useful to look at.

Related

How to use Instagram API for static, single page app?

I am building a static, client-side only website for a client. I'd like to display recent instagram posts that use their hash tag.
However, all calls to the Instagram API need an access_token. This use case is different, though, bc I'm not trying to ask the user to authenticate their account through OAuth, I'm only trying to use a static API call to show recent posts.
How can I do this?
EDIT:
This is not a duplicate of the other because Instagram's API has been updated to require an access_token for all endpoints.
Use Client-Side (Implicit) Authentication, this does not require server-side code, can be done all in javascript single page app to get access_token
Here is details:
https://www.instagram.com/developer/authentication/

Twitter login using javascript?

I want to add a twitter login functionality for my website using only JavaScript and HTML.
is it possible ?
If you mean only JavaScript and HTML on the client, there are some third party libraries.
Auth0 is popular and has instructions for Twitter.
Another possible solution is to use Firebase auth. It has a JavaScript API which can be used as follows:
Create an instance of the Twitter provider object:
var provider = new firebase.auth.TwitterAuthProvider();
Authenticate with Firebase using the Twitter provider object. You can prompt your users to sign in with their Twitter accounts either by opening a pop-up window or by redirecting to the sign-in page.
Yes and no.
It is not possible at the time of writing, if you want to do it only with browser client side javascript, because twitter does not allow cross site requests.
Browsers execute javascript code in a sandbox environment, which does not allow you to do a request to another domain as yours, except the 3rd party domain explicitly allows it. This is called Http Access Control (CORS)
However the twitter api can of course be consumed by a javascript app, which is not running in a browser.
So if you want this functionality for your website and you want to code it only in javascript, you would have to write a backend api for your website in nodejs or use another 3rd party service like #RationalDev suggested
This javascript snippet is a working example of how to do this. You can try it and tweak it: https://jsfiddle.net/s3egg5h7/43/
As pointed out, a Javascript-only solution requires a 3rd-party service, in this case https://oauth.io.
Even if you do not want to use the 3rd-party service, the snippet is useful since you do not have to write any code to test out Twitter APIs to see they return what you need
It is pretty short:
$('#twitter-button').on('click', function() {
// Initialize with your OAuth.io app public key
OAuth.initialize('OAUTH_IO_KEY');
// Use popup for OAuth
OAuth.popup('twitter').then(twitter => {
console.log('twitter:', twitter);
// Retrieves user data from OAuth provider by using #get() and
// OAuth provider url
twitter.get('/1.1/account/verify_credentials.json?include_email=true').then(data => {
console.log('self data:', data);
})
});
})
It requires a few external references, e.g., bootstrap css, oauthio javascript open-source library, etc.
I think using a 3rd-party service may make sense since it hides all the inconsistencies in the OAuth implementation of different providers, like Twitter, Facebook, etc.
I did not create this code so for attribution purposes, please refer to: https://coderwall.com/p/t46-ta/javascript-twitter-social-login-button-for-oauth
If you check the twitter's api documentation, you can see how to do the login.
I think your question is how insert a plugin to login similar than facebook but I think they don't did any library.
When the user clicks the loggin button you must send a post request to twitter to get the oauth_token:
Example: POST request to "api.twitter.com/oauth/request_token"
and then, twitter provides you the oauth_token and the oauth_token_secret (private).
Once you did this step you must to redirect the user to twitter.
Example: GET request to "api.twitter.com/oauth/authenticate?oauth_token=YOUR_OAUTH_TOKEN_GIVEN_IN_STEP_1"
If everything has gone well twitter response you with the oauth_token and a verifier oauth token.
Let's set up the last step!
Send a post request to twitter api endpoint with the verifier oauth token provided in the response of step 2.
Example: POST request to "api.twitter.com/oauth/access_token" sending the verifier oauth token as post parameter.
And then twitter response with a secret token and the user token, you can save it and feel free to use it in any twitter endpoint.
Login documentation: https://dev.twitter.com/web/sign-in/implementing
Browser auth flow: https://dev.twitter.com/web/sign-in/desktop-browser
Regards!

How to authenticate SharePoint Online(Office 365) from desktop

I am creating a JavaScript app which runs in browser of the desktop user, I need to display some data from SharePoint Online site, how do I authenticate and get display data in the App?
What kind of data did you want to display? As far as I know, we can query the data from SharePoint online using Microsoft Graph API. To use this API, we need to register the app first and in this scenario, we can register a client app(refer to here).
Then we can use the ADAL.JS to authenticate the application. For a sample demonstrating basic usage of ADAL JS please refer to this repo.
And if you were developing an SPA app, we can use the OAuth 2.0 Implicit Grant protocol to obtain an ID token (id_token) from Azure AD. The token is cached and the client attaches it to the request as the bearer token when making calls to its web API back end.
No you can't do this using JavaScript. You should use the Client Object Model (CSOM) to achieve the same.
If you want to achieve the same please refer the url
https://github.com/nickvdheuvel/O365-ADALJS-examples/blob/master/Authenticate-an-Office-365-user-with-ADAL-JS/Authenticate-an-Office-365-user-with-ADAL-JS.html
Hope this information helps you.

store access_token via #anywhere twitter application

Is there a way to get the right user credentials from the twitter "#Anywhere" JS library so I can store them in a database for later offline use? I want my users to be able to just authenticate once and then I store those credentials (or tokens or whatever) so that when they post a message with my service it gets pushed to their twitter account.
Facebook connect js library made this very easy, I assume it's possible with twitter #anywhere, but I could be wrong, docs don't specify.
It is currently not possible. Twitter Anywhere.js is just for Client side use and the tokens are different that off serverside tokens. Drop anywhere.js and go serverside.

Azure Website Single Sign On accessing Azure Mobile Service from Azure Active Directory as User

I have an ASP.NET MVC website deployed as Azure website (called website). That website has a section that needs authorization. I already have set up Windows Azure Active Directory (WAAD) to protect access to that section. Once that protected section has loaded, it will load a Javascript app that allows integration with the Azure Mobile Service.
I also have a separate Azure Mobile Service that I use for data storage (called mobserv). I want to access mobserv table and api endpoints from website. I am using the .NET backend for Azure Mobile Services.
Of course, I need to protect those mobserv endpoints using [AuthorizeLevel].
Tutorials show how to do this when I want to authenticate as Application (using [AuthorizeLevel(AuthorizationLevel.Application)]) - just add a reference to the proper Javascript Client (MobileServices.web-1.2.5.js), provide mobserv app id and token. CORS is set up to allow interaction. So far, so good.
But now, I want to protect certain endpoints using [AuthorizeLevel(AuthorizationLevel.User)]. So now, the request has to be authorized as User. Since the website already has been protected by WAAD, I do not want the client to perform a new sign in for the javascript client - I want to reuse the current WAAD authentication headers to have a Single Sign On Experience, so that mobserv will recognize the user.
I have not found any hints on how to do this. Tutorials only show application level auth against mobserv or using explicit login dialogs.
Does anybody have a clue how to do this?
Following up on vibronet's post, Mobile Services does support HTTP POST of an access token, but the access token must specify the audience as your mobile service. So a token issued for your website will not work on its own. You will need to transform it through one of the AAD flows.
So in AAD, you need you have two web application registrations, one for your web site and one for the mobile service. On the mobile service registration, you would need to define permissions that can be exposed to the other resource. The first section of the Mobile Services + ADAL tutorial ("Register your mobile service with the Azure Active Directory") walks you through this. Then, instead of registering a native client app which accesses that permission, you would go to your web site registration and configure the access there.
Once you have an AAD token for your website, you can leverage this permission to get a token for the mobile service. This can best be accomplished using an on-behalf-of flow in the Active Directory Authentication Library (JS or .NET, depending on where you want to do things). The AAD team has a nice sample on how to do this, and mobile services also has a tutorial which might be helpful, although it does mobile service access to SharePoint Online as opposed to web site access to a mobile service)
Then you can send the token to your mobile service using the "client flow" method, as described in "How to: Authenticate Users" for the HTML/JS SDK. For AAD, the call will look something like:
client.login(
"aad",
{"access_token": "<TOKEN-FROM-AAD>"})
.done(function(results){
alert("You are now logged in as: " + results.userId);
},
function(error){
alert("Error: " + err);
});
The user will not see any new UI, but they will be logged in, and subsequent calls from the SDK will be authenticated.
It might also be easier to do this from your MVC backend. I believe you can get the access token from the ClaimsIdentity, and then you can just use the Mobile Services .NET client SDK to do the login action and facilitate calls from the MVC site to your mobile service:
JObject payload = new JObject();
payload["access_token"] = "<TOKEN-FROM-AAD>";
MobileServiceUser user = await App.MobileService.LoginAsync(MobileServiceAuthenticationProvider.WindowsAzureActiveDirectory, payload);
token reuse 'as is' cannot be achieved given that the tokens you get for website are scoped to your app and should be rejected if forwarded to any other resource. From the AAD perspective there are various flows that would allow you to trade in your original token for a new token meant to be used with a web API - all without requiring any new action from the user. However your scenario includes some Mobile Services specific moving parts, hence I am not sure how that would apply here. I am flagging this post for the Mobile Services guys, hopefully they'll be able to chime in.

Resources