Accessing a Google App Engine application from a Windows application using OAuth - windows

We have an application built on top of the Google App Engine. We now need to write a Windows 7 tray application that accesses services provided by our GAE application. This implies that we need to first make an OAuth connection to our application, and we are finding it difficult to locate information about how to accomplish this.
We have already successfully used Google's OAuth2 API .net client to establish a trusted connection from our Windows application to the Google API, but this does not seem to also give us access to the Google App Engine which seems to live in a different part of the ether.
So first, I would like to ask, are we correct in our understanding that Google App Engine only supports OAuth 1.0 and does not support OAuth 2 as the rest of the Google API seems to support?
And second, (assuming the answer to the above is yes) does anyone know of any information or example code where someone has already made a successful OAuth 1.0 connection from a Windows .NET (C#) application to a Google App Engine application? It would be of great help to us to locate such an example.

Google App Engine supports just Oauth 1.0 and it is still an experimental feature.
Having to deal with a .NET C# application I would proceed in this way:
Get the DevDefined OAuth package
Look the ExampleConsumerSite here
Port in C# the relative simple step explained in Java or Python

Related

Connect Xamarin application to local ADFS

I'm trying to create a simple Xamarin application that would need to use a local ADFS to identity the user. Indeed, I wrote an internal web application in ASP.NET Core but the client would like to have a light version as a mobile app, therefore, I need to authenticate the user the same way I do it for the web application: using ADFS 2019 + OAuth/OpenIdConnect.
However, I did some researches on Google and I find nothing talking about that specific case. Most articles concern Azure but I don't want to use Azure, I want to use a local ADFS.
Can anyone provide me with a link or some idea about the way to achieve this?
There's a set of good articles here that cover ADFS and OIDC.
The libraries are the same as the Azure ones - just the parameters are different.

Okta sso for native app accessing web services

We're getting ready to rewrite an old native windows mobile application that accesses data through a VPN. We'd like the new version (.NET Windows 10 mobile application) to access data through web services that are protected by Okta. What is the best way to do this?
Thanks!
The best way to do this depends on how the web services are protected.
The main thing to keep in mind is that you don't want to store any secrets on the mobile application.
In an ideal world, these web services would be secured with something like OpenID Connect (OIDC), allowing you to authenticate against Okta (the "IDP") to get access to the web services (the "Relying Parties").
However, the real world is messy, where some web services are protected via SAML, OIDC, OAuth, custom headers, etc.
Without knowing more about your setup, my recommendation would be to build against OIDC, using a proxy server (or "API Gateway") as needed to secure your web services using OIDC.
One of my co-workers at Okta has written a sample iOS application in Xamarin that implements OIDC, I suggest taking a look at the ViewController.cs file in that repository.

Running an app on Azure and protecting signups

I'm about to finish an app that will run on Windows Phone and Android. It uses an azure web API and push notification service.
I was wondering if there is any standard or recommended way of protecting the 'signup' or 'register' functionality within an app like this? I note that some popular apps like snapchat will send you a text to verify the registration process. That would be ideal but obviously seems unfeasible for a modest app such as mine :-)
Can anyone enlighten me to some common ways to protect the 'register' functionality of a mobile app?
Thanks for any help!
Azure provides feature sets like Azure Mobile Services that provide authentication features that you can use in your Windows Phone apps. I doubt the authentication Azure Mobile Services uses is restricted to just Azure Mobile Services, but more information on getting started with this authentication can be found here:
http://azure.microsoft.com/en-us/develop/mobile/resources-wp8/#header-2

MVC3 and Active Directory Federation Services

I have a MVC3 application that uses Windows authentication and works great if we deploy it on a server that is in the same domain with the users that access it.
I have a request to deploy the application on a external server, like Amazon, and use ADFS to authenticate users with their domain credentials.
Does anyone have some tutorials how to implement this functionality into a MVC3 application? I didn't find any resources to help me with this issue.
The core technology you need to look at is WIF (Windows Identity Foundation). The WIF SDK has plenty of examples of use, and I would start there.
This exact scenario is described in detail in this chapter:
http://msdn.microsoft.com/en-us/library/ff359102.aspx
I would suggest you should start with the intro sections of the same guide to understand how "claims based identity" works and the components involved.
For ADFS, I would suggest Lab 1 of this:
http://claimsid.codeplex.com/releases/view/68061

Shibboleth integration with my .net website

I need to integrate shibboleth in my application. My application is .net web application. May I know how to do this one? I have a separate server (ubuntu server) in which shibboleth idp and sp installed with apache configuration.
I made lot of search on this. but I can't able to get the correct information for this one Can anyone suggest me some url or point what i need do to get it work?
You could implement (Windows Identity Foundation) WIF in your ASP.NET Web App.
If you have Active Directory Federation Services (which basically make Active Directory speak SAML2 protocol and WS-Federation protocol), you can have ASP.NET with WIF trusting (thru WS-Federation) ADFS V2, trusting (thru SAML 2 protocol) Shibboleth.
You can find additional information in these posts. You can find sample screen shots with SharePoint instead of ASP.NET in this post (sorry it's in French). A white paper explains how to implement.
If you don't have Active Directory and ADFS V2, you may want to use SAML2 protocol extension for WIF and this thread may help.
Similar to : Single Sign on using Shibboleth

Resources