Search Results

Search found 799 results on 32 pages for 'authlogic oauth'.

Page 19/32 | < Previous Page | 15 16 17 18 19 20 21 22 23 24 25 26  | Next Page >

  • oauth_verifier is not passed using DotNetOpenAuth's Webconsumer

    - by BozoJoe
    I receive back a good oauth_verifier value from the server, but it is not being passed on via the ProcessUserAuthorization call to the access_token endpoint. I'm using DotNetOpenAuth 3.3.1, and the WebConsumer implementation. The server I'm working with is using OAuth 1.0a not 1.0.1. Do I need to force DotNetOpenAuth to use 1.0a? 2010-01-16 13:19:44,343 [5] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] <(null)> - After binding element processing, the received UserAuthorizationResponse (1.0.1) message is: oauth_verifier: dEz9lE9AA1gcdr6oCbmD oauth_token: vauHNVOCITlbGCuqycWn 2010-01-16 13:19:44,346 [5] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] <(null)> - Preparing to send AuthorizedTokenRequest (1.0) message. 2010-01-16 13:19:44,346 [5] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] <(null)> - Binding element DotNetOpenAuth.OAuth.ChannelElements.OAuthHttpMethodBindingElement applied to message. 2010-01-16 13:19:44,346 [5] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] <(null)> - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement applied to message. 2010-01-16 13:19:44,346 [5] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] <(null)> - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement applied to message. 2010-01-16 13:19:44,346 [5] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] <(null)> - Applying secrets to message to prepare for signing or signature verification. 2010-01-16 13:19:44,348 [5] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] <(null)> - Signing AuthorizedTokenRequest message using HMAC-SHA1. 2010-01-16 13:19:44,349 [5] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] <(null)> - Constructed signature base string: GET&http%3A%2F%2Fx-staging.indivo.org%3A8000%2Foauth%2Faccess_token&oauth_consumer_key%3Doak%26oauth_nonce%3DgPersiZV%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1263676784%26oauth_token%3DvauHNVOCITlbGCuqycWn%26oauth_version%3D1.0 2010-01-16 13:19:44,349 [5] DEBUG DotNetOpenAuth.Messaging.Bindings [(null)] <(null)> - Binding element DotNetOpenAuth.OAuth.ChannelElements.SigningBindingElementChain applied to message. 2010-01-16 13:19:44,351 [5] INFO DotNetOpenAuth.Messaging.Channel [(null)] <(null)> - Prepared outgoing AuthorizedTokenRequest (1.0) message for http://x-staging.indivo.org:8000/oauth/access_token: oauth_token: vauHNVOCITlbGCuqycWn oauth_consumer_key: XXXXXXmyComsumerKeyXXXXXX oauth_nonce: gPersiZV oauth_signature_method: HMAC-SHA1 oauth_signature: xNynvr2oFlqtdoOKOl2ETiiTLGY= oauth_version: 1.0 oauth_timestamp: 1263676784 2010-01-16 13:19:44,351 [5] DEBUG DotNetOpenAuth.Messaging.Channel [(null)] <(null)> - Sending AuthorizedTokenRequest request. 2010-01-16 13:19:44,351 [5] DEBUG DotNetOpenAuth.Http [(null)] <(null)> - HTTP GET http://x-staging.indivo.org:8000/oauth/access_token 2010-01-16 13:20:34,657 [5] ERROR DotNetOpenAuth.Http [(null)] <(null)> - WebException from http://x-staging.indivo.org:8000/oauth/access_token: <h4>Internal Server Error</h4> A pastebin link to the log4net log

    Read the article

  • require_once file not found in php eclipse project

    - by ldj
    I have a php script that has the following requirement command: require_once 'HTTP/OAuth.php'; the file HTTP/OAuth.php is in php's include_path that is .:/usr/lib/php. Nevertheless in Eclipse the require_once line is marked with the following warning: Include filename: 'HTTP/OAuth.php' doesn't exist in project: How can I make my project see the include_path so it can find the require_once file? Thanks ldj

    Read the article

  • Twitter Integration in Windows 8

    - by Joe Mayo
    Glenn Versweyveld, @Depechie, blogged about Twitter Integration in Windows 8. The post describes how to use WinRtAuthorizer to perform OAuth authentication with LINQ to Twitter. If you’re using LINQ to Twitter with Windows 8, the WinRtAuthorizer is definitely the way to go. It lets you perform the entire OAuth dance with a single method call, which is a huge time savings and simplification of your code. In addition to Glenn’s excellent post, I’ve posted a sample app named MetroWinRtAuthorizerDemo.zip on the LINQ to Twitter Samples Page. @JoeMayo

    Read the article

  • Ruby on Rails equivalent for Maven Archetypes

    - by Drew
    Maven Archetypes are handy ways to get a project up and going in no time flat. Rails is kinda like an archetype in and of itself. However, I'm curious to know if there are any Rails equivalents for Maven Archetypes. For example, I want to create an Archetype with full authentication already built in via Authlogic. With Maven Archetypes I would need to build a project with it already ready to go, create my archetype and start working back parameterizing things that should be parameterized. Then anyone can make a Rails project with Authlogic set up by filling out a few questions during the archetype generate command and boom! Fully functional Rails app with Authlogic built in. Is there a Rails Equivalent? Are Generators expected to do this? Is this just not Rails-y?

    Read the article

  • Securing Back End API for Mobile Applications

    - by El Guapo
    I have an application that I am writing for both iOS and Android; this application will be served by a ReSTFUL API running on a cluster of servers on "the internets". I am curious how the rest of the world is going about securing their APIs so only specific applications running on iOS or Android can use these APIs. I could go the same route as other OAuth providers by providing a key/secret combination (2-legged OAuth), however, what do I do if I ever have to change these keys??? Do I create a new key/secret for every person that downloads the app??? The application is a social-based game that will allow the user to interact with other "participants" in the game based on location, achievements, etc. The API will provide the following functions: -Questions, Quests, etc -Profile Management -User Interaction -Possible Social Interaction Once the app gains traction I plan on opening up the API ala Facebook, Twitter, etc. Which is easy enough, I plan on implementing an OAuth Server and whatnot. However, I want to make sure, during this phase, that only people who are using the application can access and use the API.

    Read the article

  • ASP.NET website deployment [on hold]

    - by Rei Brazilva
    I am getting my hands wet with ASP and I have been following the tutorials. I deployed the site and in Azure and it worked great. Today I started actually designing the site. And when I published, it looks as if it doesn't read any of the files I just updated, added, and modified. It works on my localhost, but not in the Azure. I thought when you publish, everything goes up, including the new files. I don't have enough reputation to add a picture so, you'll forgive me. SO, basically, how do I get my entire site uploaded? In case anyone does stop by, I was able to pull this out just recently: CA0058 Error Running Code Analysis CA0058 : The referenced assembly 'DotNetOpenAuth.AspNet, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246' could not be found. This assembly is required for analysis and was referenced by: C:\Users\lotusms\Desktop\LOTUS MARKETING\ASP.NET\WebsiteManager\WebsiteManager\bin\WebsiteManager.dll, C:\Users\lotusms\Desktop\LOTUS MARKETING\ASP.NET\WebsiteManager\packages\Microsoft.AspNet.WebPages.OAuth.2.0.20710.0\lib\net40\Microsoft.Web.WebPages.OAuth.dll. [Errors and Warnings] (Global) CA0001 Error Running Code Analysis CA0001 : The following error was encountered while reading module 'Microsoft.Web.WebPages.OAuth': Assembly reference cannot be resolved: DotNetOpenAuth.AspNet, Version=4.0.0.0, Culture=neutral, PublicKeyToken=2780ccd10d57b246. [Errors and Warnings] (Global) Could this have something to do with the problem?

    Read the article

  • Is it reasonable to require passwords when users sign into my application through social media accounts?

    - by BrMcMullin
    I've built an application that requires users to authenticate with one or more social media accounts from either Facebook, Twitter, or LinkedIn. Edit Once the user has signed in, an 'identity' for them is maintained in the system, to which all content they create is associated. A user can associate one account from each of the supported providers with this identity. I'm concerned about how to protect potential users from connecting the wrong account to their identity in our application. /Edit There are two main scenarios that could happen: User has multiple accounts on one of the three providers, and is not logged into the one s/he desires. User comes to a public or shared computer, in which the previous user left themselves logged into one of the three providers. While I haven't encountered many examples of this myself, I'm considering requiring users to password authenticate with Facebook, Twitter, and LinkedIn whenever they are signing into our application. Is that a reasonable approach, or are there reasons why many other sites and applications don't challenge users to provide a user name and password when authorizing applications to access their social media accounts? Thanks in advance! Edit A clarification, I'm not intending to store anyone's user name and password. Rather, when a user clicks the button to sign in, with Facebook as an example, I'm considering showing an "Is this you?" type window. The idea is that a user would respond to the challenge by either signing into Facebook on the account fetched from the oauth hash, or would sign into the correct account and the oauth callback would run with the new oauth hash data.

    Read the article

  • find_or_create_by_facebook_id method not found

    - by Justin
    Hi guys, I'm trying to find out where this function comes from. Any one have any clue? It's used by this: http://github.com/fluidtickets/facebooker-authlogic-bridge with a working example here: http://facebooker-authlogic-bridge.heroku.com Downloading the code, it throws: undefined method 'find_or_create_by_facebook_id' for #<Class:0xb04dd1c> I have no clue where this function comes from. Thanks all!

    Read the article

  • When to Store Temporary Values in Hidden Field vs. Session vs. Database?

    - by viatropos
    I am trying to build a simple OpenID login panel similar to how Stack Overflow's works. The goal is: User clicks OpenID/Oauth provider OpenID/Oauth stuff happens, we end up with the result (already made that) Then we want to confirm that the user wants to actually create a new account (vs. associating account with another OpenID account). In StackOverflow, they keep a hidden field on a form that looks like this: <form action="/users/openidconfirm" method="post"> <p>This is an OpenID we haven't seen on Stack Overflow before:</p> <p class="openid-identifier">https://me.yahoo.com/a/some-hash</p> <p>Do you want to associate this OpenID with your Stack Overflow account?</p> <div> <input type="hidden" name="fkey" value="9792ab2zza1q2a4ac414casdfa137eafba7"> <input type="hidden" name="s" value="c1a3q133-11fa-49r0-a7bz-da19849383218"> <input type="submit" value="Associate OpenID"> <input type="button" value="Cancel" onclick="window.location.href = 'http://stackoverflow.com/users/169992/viatropos?s=c1a3q133-11fa-49r0-a7bz-da19849383218'"> </div> </form> Initial question is, what are those hashes fkey and s? Not that I really care what these specific hashes are, but what it seems like is happening is they have processed the openid response and saved it to the DB in a temporary object or something, and from there they generate these keys, because they don't look like Oauth keys to me. Main situation is: after I have processed OpenID/Oauth responses, I don't yet want to create a new user/account until the user submits the "confirm" form. Should I store the keys and tokens temporarily in a "Confirm" form like this? Or is there a better way? It seems that using a temp database object would be a lot of work to manage properly. Thanks for the help. Lance

    Read the article

  • facebook authentication / login trouble

    - by salmane
    I have setup facebook authentication using php and it goes something like this first getting the authorization here : https://graph.facebook.com/oauth/authorize?client_id=<?= $facebook_app_id ?>&redirect_uri=http://www.example.com/facebook/oauth/&scope=user_about_me,publish_stream then getting the access Token here : $url = "https://graph.facebook.com/oauth/access_token?client_id=".$facebook_app_id."&redirect_uri=http://www.example.com/facebook/oauth/&client_secret=".$facebook_secret."&code=".$code;" function get_string_between($string, $start, $end){ $string = " ".$string; $ini = strpos($string,$start); if ($ini == 0) return ""; $ini += strlen($start); $len = strpos($string,$end,$ini) - $ini; return substr($string,$ini,$len); } $access_token = get_string_between(file_get_contents($url), "access_token=", "&expires="); then getting user info : $facebook_user = file_get_contents('https://graph.facebook.com/me?access_token='.$access_token); $facebook_id = json_decode($facebook_user)->id; $first_name = json_decode($facebook_user)->first_name; $last_name = json_decode($facebook_user)->last_name; this is pretty ugly ( in my opinion ) but it works....how ever....the user is still not logged in...because i did not create or retrieve any session variables to confirm that the user is logged in to facebook... which means that after getting the authentication done the use still has to login .... first: is there a better way using php to do what i did above ? second: how do i set/ get session variable / cookies that ensure that the user doesnt have to click login thanks for your help

    Read the article

  • How to force Rails to use gem of version X

    - by David Lazar
    I have a rails app with the config/environment.rb line config.gem 'authlogic', :version => '2.1.2' The system gem for authlogic is 2.1.4 The one in my GEM_PATH is 2.1.2 No matter what I try, Rails is only using the 2.1.4 version, which is a problem. How to force rails to use 2.1.2? Thanks

    Read the article

  • Facebook Graph Api doesn't redirect to my callback

    - by Pentium10
    I am following the steps to do the authorization as described here, but I am not redirected to my callback url. I get the following five steps after calling the first one: https://graph.facebook.com/oauth/authorize?display=touch&client_id=...&redirect_uri=... https://www.facebook.com/connect/uiserver.php?display=touch&client_id=...&redirect_uri=...&next=https://graph.facebook.com/oauth/authorize_success?display=touch&client_id=...&redirect_uri=...&type=web_server&cancel_url=https://graph.facebook.com/oauth/authorize_cancel?display=touch&client_id=...&redirect_uri=...&method=permissions.request&return_session=1 http://www.facebook.com/ http://touch.facebook.com/?w2m http://touch.facebook.com/login.php?next=http://touch.facebook.com/?w2m&cancel=http://touch.facebook.com/?w2m&fbconnect=0&r39c26cf0&refid=108 As you see the 5th steps just displays the login screen. If I log in, or I am already logged in I am presented with the home page. I use my application key, and the connect url of the app I've setup in FB Developers page. What I am doing wrong, why I am not redirected to my url?

    Read the article

  • file_get_contents() returns "failed to open stream" when used with Facebook access_token flow

    - by TMC
    file_get_contents() is returning "failed to open stream" when I call it on a Facebook oAuth access_token URL. Warning: file_get_contents(https://graph.facebook.com/oauth/access_token?client_id=XXXXX&redirect_uri=http://mydomain.com/fb/callback3.php&client_secret=xxxx&code=YYYY) [function.file-get-contents]: failed to open stream: No error in E:\\htdocs\fb\callback3.php on line 5 (I have removed ClientID, clientSecret and the oAuth Code). If I try to manually hit the Facebook access_token URL that my code is attempting to fetch, I get an actual payload returned in the browser: access_token=XYZ&expires=6508 (where XYZ is the access token) So for some reason, there is a problem with the access_token URL specifically when used with file_get_contents(). At first, I thought it was a security issue with my webhoster, but I have verified with phpinfo() that allow url open is indeed allowed. I have also tried this code and verified it works: $foo = file_get_contents('http://google.com'); echo $foo Anyone have any ideas why file_get_contents() is failing with the Facebook access_token URL?

    Read the article

  • Server removes all custom HTTP header fields

    - by MartinMoizard
    Hello, I've been trying to receive HTTP requests with custom fields in the headers but it seems like my server removes them... I printed the headers of the request when I arrive on my page.php. I see that : body uri http://url.com/oauth.php/request_token parameters headers Array ....*/* ....gzip, deflate ....en-us ....keep-alive ....s320650601.onlinehome.fr ....DearStranger/1.0 CFNetwork/485.12.7 Darwin/10.6.0 method POST when I should be seeing that (it is working on a local version) body uri http://localhost:8888/oauth.php/request_token parameters headers Array ....*/* ....gzip, deflate ....en-us ....OAuth realm="", oauth_consumer_key="582d95bd45d455fa2e5819f88fc0c5a104d2c7ff3", oauth_signature_method="HMAC-SHA1", oauth_signature="7mKKzEw0Clv237nBHFzcTcA3SCE%3D", oauth_timestamp="1295267612", oauth_nonce="C546644E-8918-4FA3-A2A0-DAADCF7D1E5A", oauth_version="1.0" ....keep-alive ....0 ....localhost:8888 ....DearStranger/1.0 CFNetwork/485.12.7 Darwin/10.6.0 method POST I am using php 5.2.17 on the server. Do you have any idea to help my fix that issue? Thanks!

    Read the article

  • Authenticating stackoveflow programatically - OpenID

    - by Ben Reeves
    I would like to add up and down voting to my iPhone appilcation - MyStacks, for this I need the to be able to authenticate the user with SO. I'm look at adapting the Twitter-OAuth-iPhone library. However The problem I have is obtaining the consumer and secret key. to use OAuth, do I need to obtain a different key for each provider? In order to obtain a consumer key from google the application needs to have a domain name, but this being an iPhone app of course i don't have one, does this mean that I can't use OAuth? Is there any other way to programatically authenticate SO? Thanks, Ben

    Read the article

  • Return back to the parent activity from subactivity

    - by ZelluX
    My application supports twitter and needs to open browser for OAuth. When the user clicks the Share on Twitter button, the main activity will create another subactivity (TwitterActivity) to handle twitter authentication issues. Here is a flow graph showing how activities are invoked currently. Main is short for MainActivity and Twit for TwitterActivity. startActivity() OAuth intent OAuth callback finish() Main ---------------> Twit ------------> Browser --------------> Twit --------> Browser As you may notice, after the TwitterActivity calls finish() to stop, it will now return back to MainActivity, but Browser instead. How can I make it return back to MainActivity? Many thanks

    Read the article

  • Posting to tumblr in PHP

    - by Sherif
    I am trying to make a test post to my tumblr blog with a php script (that will eventually be ran as a cron job) I have been browsing google and read many answers on here and the closest I found is explained in this post: Tumblr OAuth using PHP's OAuth class I am using the code in his tutorial here: http://vigrond.com/blog/2012/02/04/oauth-extension-php-and-the-tumblr-api/ Pretty much as is, replacing the blogurl with mine and of course the consumer and secret key. When I run the .php script via my browser however, nothing happens. Any ideas? EDIT: The only error I found in cPanel's error log is this: [Wed Oct 31 00:29:25 2012] [error] [client xx.xx.xx.xx ] PHP Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /path on line 14 But I fixed this and the error does not appear anymore.

    Read the article

  • Unable to install Ruby gems

    - by gemseeker
    I am trying for the first time to install some Ruby gems on Mac OS X Leopard. Please see the command and the output below. My question is how do I install a gem with dependencies? I tried installing individual dependency gems first from a locally downloaded files but I soon found out that there is no end to the rabbit hole :-) I also found out that there are circular dependencies that break even this tedious method. There must be a better way! I would really appreciate your help. sudo gem install oauth Updating metadata for 1 gems from http://gems.rubyforge.org . complete ERROR: Error installing oauth: oauth requires actionpack (>= 2.2.0, < 2.3.0)

    Read the article

  • Stubbing an ActsAs Rails Plugin

    - by Rabbott
    I need to create a plugin much like Authlogic (or even just add on to Authlogic), but due to requirements beyond my control I need my plugin to authenticate using SOAP. Basically the plugin would require that anyone accessing the controller (before_filter would be fine) would have to authenticate first. I have ZERO control over the login page, or the SOAP server, I am simply a client attempting to authenticate to the providers SOAP Web Service. Here is what happens.. before_filter realizes that no session[:credential] is set, and forwards the user to the url on the providers servers. The user enters their credentials, and once authenticated, the web service forwards the user to a URL that has been entered by their sysadmins, attaching a token to the url on its way back. I need to take that token, append it to some parameters stored in a local YAML file, and make the SOAP call to the providers server. If all goes as planned, I need to set session[:credential] to the result of the SOAP call, and forward the user to the root page. Subsequent calls to the before_filter will not make the SOAP call, because session[:credential] is set. Ideally I think this would be awesome to slap on top of Authlogic, but I'm not sure how to do this, So I started to create my own acts_as_soap_authentic plugin, which isn't causing errors, but doesn't do anything.. Anyone have any pointers, or tips as to how I can get the ball rolling here? It seems simple, but is proving not to be..

    Read the article

  • Access Control Service: Protocol and Token Transition

    - by Your DisplayName here!
    ACS v2 supports a number of protocols (WS-Federation, WS-Trust, OpenId, OAuth 2 / WRAP) and a number of token types (SWT, SAML 1.1/2.0) – see Vittorio’s Infographic here. Some protocols are designed for active client (WS-Trust, OAuth / WRAP) and some are designed for passive clients (WS-Federation, OpenID). One of the most obvious advantages of ACS is that it allows to transition between various protocols and token types. Once example would be using WS-Federation/SAML between your application and ACS to sign in with a Google account. Google is using OpenId and non-SAML tokens, but ACS transitions into WS-Federation and sends back a SAML token. This way you application only needs to understand a single protocol whereas ACS acts as a protocol bridge (see my ACS2 sample here). Another example would be transformation of a SAML token to a SWT. This is achieved by using the WRAP endpoint – you send a SAML token (from a registered identity provider) to ACS, and ACS turns it into a SWT token for the requested relying party, e.g. (using the WrapClient from Thinktecture.IdentityModel): [TestMethod] public void GetClaimsSamlToSwt() {     // get saml token from idp     var samlToken = Helper.GetSamlIdentityTokenForAcs();     // send to ACS for SWT converion     var swtToken = Helper.GetSimpleWebToken(samlToken);     var client = new HttpClient(Constants.BaseUri);     client.SetAccessToken(swtToken, WebClientTokenSchemes.OAuth);     // call REST service with SWT     var response = client.Get("wcf/client");     Assert.AreEqual<HttpStatusCode>(HttpStatusCode.OK, response.StatusCode); } There are more protocol transitions possible – but they are not so obvious. A popular example would be how to call a REST/SOAP service using e.g. a LiveId login. In the next post I will show you how to approach that scenario.

    Read the article

  • Securing iOS or Android Backend API

    - by El Guapo
    I have an application that I am writing for both iOS and Android; this application will be served by a ReSTFUL API running on a cluster of servers on "the internets". I am curious how the rest of the world is going about securing their APIs so only specific applications running on iOS or Android can use these APIs. I could go the same route as other OAuth providers by providing a key/secret combination (2-legged OAuth), however, what do I do if I ever have to change these keys??? Do I create a new key/secret for every person that downloads the app???

    Read the article

< Previous Page | 15 16 17 18 19 20 21 22 23 24 25 26  | Next Page >