dotnetopenauth

Securing my REST API with OAuth while still allowing authentication via third party OAuth providers (using DotNetOpenAuth)

First I’d like to emphasize the difference between authentication and authorization: A user authenticates to your web site by supplying some credential such as a username+password. OpenID allows this to be displaced by having the user authenticate to another service, which then asserts the user’s identity to your web site on the user’s behalf. Your … Read more

Google+ API: How can I use RefreshTokens to avoid requesting access every time my app launches?

Here is an example. Make sure you add a string setting called RefreshToken and reference System.Security or find another way to safely store the refresh token. private static byte[] aditionalEntropy = { 1, 2, 3, 4, 5 }; private static IAuthorizationState GetAuthorization(NativeApplicationClient arg) { // Get the auth URL: IAuthorizationState state = new AuthorizationState(new[] { … Read more

How do I use a Service Account to Access the Google Analytics API V3 with .NET C#?

The following code, corrected from my original question, is based on the example provided by Ian Fraser at: https://groups.google.com/forum/#!msg/google-search-api-for-shopping/4uUGirzH4Rw/__c0e4hj0ekJ His code addressed three issues: It appears as though AnalyticsService.Scopes.AnalyticsReadonly does not work, at least not for me or the way I am doing it. For some reason, the ServiceAccountUser must be assigned to the ServiceAccountId … Read more

OpenID: Trying to Get Email Address from Google OP

Ok figured it out. I posted a question on Goolge’s Federated Log API group and was told to use Attribute exchange. Below is the code for DotNetOpenAuth. Please don’t use this code in production. This is for illustration purposes only! The Request: using (OpenIdRelyingParty openid = new OpenIdRelyingParty()) { IAuthenticationRequest request = openid.CreateRequest(openidurl); var fetch … Read more