Back to Fantasy Sports API Forum
0

Anyone Willing to Share .NET Code for Authorization?

I've tried using the OAuth library for .NET from Madgex with no luck. Anyone willing to share some .NET code to help me get past the Authorization steps?

Thanks in advance.

by
Report Abuse
8 Replies
  • I have a homebrew authorization code, which authorizes in plain text (you can have it if you want)

    I just started using that same library, and will post code tomorrow if I can sort it all out. (id wait for this, im pretty well through with it)

    you and I need to stick together for code samples. you may be the only other .NET guy ive seen in here. =)
    Report Abuse
    0
  • Also, I'm no expert, before you try and get the code working, you should step through the oauth explanation,
    http://developer.yahoo.com/oauth/

    read through it before you try and get the code to work, its a multiple step process, so it really helps to understand whats happening before you try to 'make it work'. This section explains the process cully, complete with workflow chart.

    Anyways, I'll pull together what I'm working on, and share my findings, oauth is new to me as well.

    These guys in the forums have been great to me, more than patient, so I think you're at the right place. =)
    Report Abuse
    0
  • To Bring you up to speed where I am right now, because I have this talking to Yahoo, just I don't have the workflow figured out from this API. Getting there.

    But anyways, there is some setup.

    The easiest way to get this working is to use the sample provided from the oauth-dot-net 0.8 source package.

    If you build the projects, then go into the bin directory of one of them, you will get all the libraries you need.

    Add a reference to them all.

    You will need for sure, the Castle.* ones, the Oauth.* ones and the Microsoft.Practices.ServiceLocation


    Once this is complete, you will need to add an App.Config (or Web.Config) if you havent already.


    Add a section to the configuration file like this.

    CODEBOX
      <oauth.net.consumer>
            <!-- Components -->
            <components>
              <!-- Signing provider for HMAC-SHA1 -->
              <component id="signing.provider:HMAC-SHA1" service="OAuth.Net.Common.ISigningProvider, OAuth.Net.Common" type="OAuth.Net.Components.HmacSha1SigningProvider, OAuth.Net.Components" lifestyle="thread"/>
              
              <!-- Nonce provider -->
              <component id="nonce.provider" service="OAuth.Net.Common.INonceProvider, OAuth.Net.Common" type="OAuth.Net.Components.GuidNonceProvider, OAuth.Net.Components"/>
            </components>

        </oauth.net.consumer>



    And under <configSections> add:

    CODEBOX
    <section name="oauth.net.consumer" type="Castle.Windsor.Configuration.AppDomain.CastleSectionHandler, Castle.Windsor"/>


    my app config looks like this:
    CODEBOX
    <?xml version="1.0"?>
    <configuration>
        <configSections>
          <section name="oauth.net.consumer" type="Castle.Windsor.Configuration.AppDomain.CastleSectionHandler, Castle.Windsor"/>
        </configSections>

      <oauth.net.consumer>
            <!-- Components -->
            <components>
              <!-- Signing provider for HMAC-SHA1 -->
              <component id="signing.provider:HMAC-SHA1" service="OAuth.Net.Common.ISigningProvider, OAuth.Net.Common" type="OAuth.Net.Components.HmacSha1SigningProvider, OAuth.Net.Components" lifestyle="thread"/>
              
              <!-- Nonce provider -->
              <component id="nonce.provider" service="OAuth.Net.Common.INonceProvider, OAuth.Net.Common" type="OAuth.Net.Components.GuidNonceProvider, OAuth.Net.Components"/>
            </components>

        </oauth.net.consumer>

    </configuration>



    Once you have this in place, you need to make the library read it. If you have a web project, you can use the Global.asax,
    if you have a desktop application, you can do something like this:

    CODEBOX
    class Program {            
            static void Main(string[] args) {
                IServiceLocator injector =
                    new WindsorServiceLocator(
                        new WindsorContainer(
                            new XmlInterpreter(
                                new ConfigResource("oauth.net.consumer"))));
                ServiceLocator.SetLocatorProvider(() => injector);
                
                return;
            }
        }


    It might be a good idea for you to add your key and secret to your app.config, or you can hard code it.

    When you use oauth-dot-net as a consumer, you will need to be using the following namespaces:

    CODEBOX
    using OAuth.Net.Consumer;
    using OAuth.Net.Components;


    now your code would look like this:

    CODEBOX
    OAuthConsumer consumer = new OAuthConsumer(
                    "key",
                    "secret");
                EndPoint epRequest = new EndPoint("https://api.login.yahoo.com/oauth/v2/get_request_token");
                Uri uriRequestAuth = new Uri("https://api.login.yahoo.com/oauth/v2/request_auth");
                EndPoint epAccessToken = new EndPoint("https://api.login.yahoo.com/oauth/v2/get_token");

                OAuthService serviceDefinition;
                

                serviceDefinition = OAuthService.Create(
                                    epRequest,
                                    uriRequestAuth,
                                    epAccessToken,
                                    "HMAC-SHA1",
                                    consumer);


    and this is where I'm playing right now. Right off the bat, this is not handing in the tokens that you would get from authenticating, but trying to fire a request will bring back the token you get from get_request_token,

    so this is where I am working out how this library handles that workflow. I would probably explicitly force it, by passing in the parameters from each successive call back in, because the library seems to know the state of that negotiation anyways. But because of that, I figures it has a slick way of handling it.

    So.. thats what I have, enjoy, I figure I'll have this sorted out tomorrow sometime.

    Not much documentation on this product is there? =)
    Report Abuse
    0
  • After Playing with this for a few more minutes,

    So, I'm just trying something simple here, not sure if I'm calling this correctly yet, but consider the following code

    CODEBOX
    AuthRequest game_request = OAuthRequest.Create(
                    new EndPoint("http://query.yahooapis.com/v1/yql"),
                    serviceDefinition);
                System.Collections.Specialized.NameValueCollection parameters = new System.Collections.Specialized.NameValueCollection();
                parameters.Add("q", "select * from fantasysports.games where game_key%3D\"238\"");
                parameters.Add("diagnostics", "true");

    OAuthResponse game_response = game_request.GetResource(parameters);


    So what I get back is a request token,

    I then wired up some events that appear to be designed to handle the handshaking

    CODEBOX
    game_request.OnBeforeGetAccessToken += new EventHandler<PreAccessTokenRequestEventArgs>(game_request_OnBeforeGetAccessToken);
                game_request.OnBeforeGetProtectedResource += new EventHandler<PreProtectedResourceRequestEventArgs>(game_request_OnBeforeGetProtectedResource);
                game_request.OnBeforeGetRequestToken += new EventHandler<PreRequestEventArgs>(game_request_OnBeforeGetRequestToken);
                game_request.OnReceiveAccessToken += new EventHandler<AccessTokenReceivedEventArgs>(game_request_OnReceiveAccessToken);
                game_request.OnReceiveRequestToken += new EventHandler<RequestTokenReceivedEventArgs>(game_request_OnReceiveRequestToken);


    and for the moment, just setting breakpoints when the events fire

    CODEBOX
    static void game_request_OnBeforeGetRequestToken(object sender, PreRequestEventArgs e) {
                //Need to request Access Token


                throw new NotImplementedException();
            }

            static void game_request_OnReceiveRequestToken(object sender, RequestTokenReceivedEventArgs e) {
                //Direct user to authenticate, if we dont have tokens yet
                

                throw new NotImplementedException();
            }

            static void game_request_OnBeforeGetAccessToken(object sender, PreAccessTokenRequestEventArgs e) {
                //Request Access Token, with Verifier


                throw new NotImplementedException();
            }

            static void game_request_OnReceiveAccessToken(object sender, AccessTokenReceivedEventArgs e) {
                //We have Access Token, can now get protected resource

                throw new NotImplementedException();
            }

            

            static void game_request_OnBeforeGetProtectedResource(object sender, PreProtectedResourceRequestEventArgs e) {
                //fires before we get protected resource


                throw new NotImplementedException();
            }


    turns out that when I make the request, the BeforeRequest Token fires, odds are that the library is automatically handling that state, and all we need to do is capture these events, and hand in the tokens as needed. I'll post shortly if my theory is right. I'm fairly certain this is how it is supposed to work.

    Have you had any findings in this way?

    There are also built in classes in the library, like AspNetOauthConsumerRequest, that seem to allow you to maintain different sets of keys for different users. From the code samples I've seen , they are keying this in part by the http session id. Anyways, just some more spam.

    If anyone has any insight to this, by all means. This library seems to be quite feature rich, just lacking on the documentation.
    Report Abuse
    0
  • sigh.. I've gotten so far, but without the right documentation and willingness of the development team to answer questions (no intended criticism to them at all, I imagine they are busy, and have obviously built a great product),

    I've switched to DotNetOpenAuth,

    I've found a few great examples, and a nice pattern for this type of thing, I'll start a new thread and post a full working project.
    Report Abuse
    0
  • QUOTE (Sam Coder @ Jul 15 2010, 07:32 AM) <{POST_SNAPBACK}>
    sigh.. I've gotten so far, but without the right documentation and willingness of the development team to answer questions (no intended criticism to them at all, I imagine they are busy, and have obviously built a great product),

    Oh, sorry if the "development team" in question was us on the Fantasy API side, Sam -- we just don't have much experience with .NET over here and thus aren't any more qualified to help out than anyone else on these forums. Glad that you were able to get your other .NET library working, though!
    Report Abuse
    0
  • yeah, no worries, i haven't sent you guys a thing=) I was bugging the oauth-dot-net team, though, I expected before hand that if I got a response, it wouldn't be right away.

    No, I'm quite happy with the support this forum seems to have. =)
    Report Abuse
    0

  • I found this simple oAuth lib that after a few tweaks, works like a charm..

    <https://code.google.com/p/oauth-csharp-dotnet/>

    Report Abuse
    0
Ask a Question

Recent Posts

in Fantasy Sports API