I have a desktop application in which I need to make a user authentication with oAuth2.0.
I looked at the Facebook example but it doesn't really correspond to what I have to do or I don't understand it well.
In fact, I create an O2 instance:
O2* o2Auth;
o2Auth = new o2Auth(this);
o2Auth->setClientId(CLIENT_ID);
o2Auth->setClientSecret(CLIENT_SECRET);
o2Auth->setRequestUrl(REQUEST_URL);
o2Auth->setTokenUrl(TOKEN_URL);
But I don't understand how to authenticate the user with the user name and password. Which function do I have to use to do that?
In Facebook example, there is:
if (argList.contains(OPT_OAUTH_CODE)) {
// Start OAuth
fbdemo_.doOAuth(O2::GrantFlowAuthorizationCode);
} else if (argList.contains(OPT_VALIDATE_TOKEN)) {
fbdemo_.validateToken();
}
where argList is the parameters given to the application but they are not the user name and password.
In the tweeter example, there is :
oxTwitter_->setUsername(username);
oxTwitter_->setPassword(password);
but I didn't find the equivalent in O2.
I think I have to use things like GET and POST functions in the OSRequestor class, but how to link a OSRequestor instance to my O2 instance?
So what do I need to send user name and password to do the authentication with O2?
Related
Our organization wants to develop a "LOST & FOUND System Application" using chatbot integrated in a website.
Whenever the user starts the conversation with the chatbot, the chatbot should ask the details of lost item or item found and it should store the details in database.
How can we do it ?
And can we use our own web-service because organization doesn't want to keep the database in Amazon's Server.
As someone who just implemented this very same situation (with a lot of help from #Sid8491), I can give some insight on how I managed it.
Note, I'm using C# because that's what the company I work for uses.
First, the bot requires input from the user to decide what intent is being called. For this, I implemented a PostText call to the Lex API.
PostTextRequest lexTextRequest = new PostTextRequest()
{
BotName = botName,
BotAlias = botAlias,
UserId = sessionId,
InputText = messageToSend
};
try
{
lexTextResponse = await awsLexClient.PostTextAsync(lexTextRequest);
}
catch (Exception ex)
{
throw new BadRequestException(ex);
}
Please note that this requires you to have created a Cognito Object to authenticate your AmazonLexClient (as shown below):
protected void InitLexService()
{
//Grab region for Lex Bot services
Amazon.RegionEndpoint svcRegionEndpoint = Amazon.RegionEndpoint.USEast1;
//Get credentials from Cognito
awsCredentials = new CognitoAWSCredentials(
poolId, // Identity pool ID
svcRegionEndpoint); // Region
//Instantiate Lex Client with Region
awsLexClient = new AmazonLexClient(awsCredentials, svcRegionEndpoint);
}
After we get the response from the bot, we use a simple switch case to correctly identify the method we need to call for our web application to run. The entire process is handled by our web application, and we use Lex only to identify the user's request and slot values.
//Call Amazon Lex with Text, capture response
var lexResponse = await awsLexSvc.SendTextMsgToLex(userMessage, sessionID);
//Extract intent and slot values from LexResponse
string intent = lexResponse.IntentName;
var slots = lexResponse.Slots;
//Use LexResponse's Intent to call the appropriate method
switch (intent)
{
case: /*Your intent name*/:
/*Call appropriate method*/;
break;
}
After that, it is just a matter of displaying the result to the user. Do let me know if you need more clarification!
UPDATE:
An example implementation of the slots data to write to SQL (again in C#) would look like this:
case "LostItem":
message = "Please fill the following form with the details of the item you lost.";
LostItem();
break;
This would then take you to the LostItem() method which you can use to fill up a form.
public void LostItem()
{
string itemName = string.Empty;
itemName = //Get from user
//repeat with whatever else you need for a complete item object
//Implement a SQL call to a stored procedure that inserts the object into your database.
//You can do a similar call to the database to retrieve an object as well
}
That should point you in the right direction hopefully. Google is your best friend if you need help with SQL stored procedures. Hopefully this helped!
Yes its possible.
You can send the requests to Lex from your website which will extract Intents and Entities.
Once you get these, you can write backend code in any language of your choice and use any DB you want.
In your use case, you might just want to use Lex. PostText will be main function you will be calling.
You will need to create an intent in Lex which will have multiple slots LosingDate, LosingPlace or whatever you want, then it will be able to get all these information from the user and pass it to your web application.
I have an user win32 application . That enumerates all the process details along with ProcessId. I need to print the User name along with the session ID. SessionID is enumerated using ProcessIdToSessionId() method. I want to print the User name of corresponding SessionID. This application is specially designed for WindowsXP , so the API should support WindowsXP. If anyone knows the solution please share it.
DWORD dwSessionId,dwPid,dwErr;
char* Uname;
ProcessIdToSessionId(dwPid,&dwSessionId);
WTSQuerySessionInformation() with the WTSInfoClass parameter set to WTSUserName:
A null-terminated string that contains the name of the user associated with the session.
I'm trying to understand if it's possible to create a web service that can send and answer to WhatsApp messages. I searched on the web and I found the WhatsAPI,
I guess this solution work fine, but with the actual version of WhatsApp it's not possible to get the nickname, the sender, the imei and the password.
To get them I set up a Linux PC in which I installed mitmproxy to sniff the web traffic of a Samsung Galaxy S4. By using mitmproxy I can see the web traffic generated by the phone, so I tried to register to WhatsApp (with an another SIM), but in mitmproxy I can't see the data I need for WhatsAPI.
Does anyone knows if it's possible to get the password by using another way?
If it exist can you suggest me a way? Do you think it's possible to do that or it's better to use Telegram or Wechat (they have public API)?
For Java, you can try WhatsUp
For Python, see YowsUp.
Beware that WhatsApp threatens legal action against many of these library developers and does not officially support using the service this way.
I have also spoken directly with WhatsApp representatives who have said no commercial API use of WhatsApp is acceptable.
Also note that bulk messaging is against the WhatsApp terms of service.
There used to be a PHP implementation at WhatsAPI, and another Java implementation, WhatsApi4J. Both are no longer available due to legal threats.
For .NET you use https://github.com/mgp25/Chat-API-NET
download installer for generate password https://github.com/mgp25/WART from this link
string nickname = "Nickname";
/* Your number in the format CCAANNNNNNNNN
* C - Country Code
* A - Area Code
* N - Phone number */
string sender = "***************"; //phone number
string password = "*****************"; // Obtain it with WART or Yowsup
WhatsApp wa = new WhatsApp(sender, password, nickname, true);
wa.OnConnectSuccess += () =>
{
Console.WriteLine("Connected");
wa.OnLoginSuccess += (phoneNumber, data) =>
{
Console.WriteLine("Connection success!");
wa.SendMessage("**************"/* Number */, "Hello World!");
Console.WriteLine("Message sent!");
};
wa.OnLoginFailed += (data) => {
Console.WriteLine("Login failed: {0}", data);
};
wa.Login();
};
wa.OnConnectFailed += (ex) =>
{
Console.WriteLine("Connect failed: {0}", ex.StackTrace);
};
wa.Connect();
Console.WriteLine("END");
Console.ReadLine();
wart app maybe works good for you.
WART
WhatsApp Registration Tool
Uses token generator created by Jake
Uses WhatsApiNet fork by me
Requires .NET Framework 4 or Mono Framework (mono-complete on Linux)
This tool is used to register new phonenumbers and can also be used to retrieve a new password for already registered numbers.
The registration identity is auto-generated by the program based on the phone number.
The optional (and highly recommended) password field is used as salt when generating the identity. This will generate a unique identity hash which cannot be replicated unless you know the password.
Leaving the password field blank will generate an identity hash of just the phone number, which can be easily replicated and is highly insecure.
If these answers were helpful to you, please consider saying thank you in a more constructive way
I have an Instagram application written in Coldfusion 8 that basically pulls in media by tags and then allows people to Like / vote on the photos which is all done via the Instagram API. The Liking part is causing me no end of grief though, as I can get the Authentication and Access_Token without a drama, however the Access_Token doesn't appear to have permission to Like by default. There is an optional param for the Authenticate call "scope" which allows you to pass the permissions allowed for the Access_Token but i cannot work out how to pass this via ColdFusion CFHTTP as a POST.
Here is the preparation for the data to be sent over CFHTTP looping over all params as type="FormField". No matter how I try and present the scope options, either JSON format, string with spaces, string with "+" delimiters it seems to have no effect and the Like operation continues to fail due to permission errors.
<cfscript>
var LOCAL = {};
LOCAL['config'] = {};
LOCAL['returnStruct'] = {};
// prep packet required by the main call method
// the following values are required for EVERY call
LOCAL['config']['method'] = 'POST';
LOCAL['config']['format'] = ARGUMENTS['outputType'];
LOCAL['config']['url'] = VARIABLES.authURL;
// variables required by this method
LOCAL['config']['params'] = {};
LOCAL['config']['params']['client_secret'] = ARGUMENTS.client_secret;
LOCAL['config']['params']['grant_type'] = 'authorization_code';
LOCAL['config']['params']['redirect_uri'] = ARGUMENTS.redirect_uri;
LOCAL['config']['params']['code'] = ARGUMENTS.code;
LOCAL['config']['params']['scope'] = 'likes comments relationships';
</cfscript>
If anyone else is running into the same issues with "scope" not being correctly applied to the return Access_Token it turns out the problem was Instagram Documentation being vague about where this argument should be used. I had tried it every way possible as a POST operation as it suggested during the server-side Authentication, however it appears to only work if sent as GET params and after some playing around I decided to tack the "scope" param onto the 2nd stage of the authentication which is where the Code is requested and that worked! See below
https://api.instagram.com/oauth/authorize/?client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_REDIRECT_URI&response_type=code&scope=likes+basic
This will present the user with an confirmation message from Instagram to allow the application to perform Likes on behalf of the user and everything else works like a charm after this.
I'm looking for a winapi function that will allow me to change current logged in user's password. In my case, I know current password of logged in user. I use Windows 7 Ultimate.
Thanks.
Background
The background will look weird, but I'm going to describe it for clarification. My personal home PC is used by several users (dad, sister, cousins etc.). I'm the only administrator of the PC. All others are standard user. All user accounts are password protected.
I don't like that other people use my account as they mess with anything. I always install all softwares from my account and also troubleshoot PC. When I'm away from my PC for several weeks, may be some other user need to install a software, or do something that require administrative right. For this reason they may need to use my account. There may be emergency cases, and I must allow the user to log into my account by giving account password.
I recently faced such a situation. Before leaving my PC for long time, I changed my regular password to something else. I'll change that again when I reach my PC.
So I'm thinking to write a tiny program that will run each time someone logs into my account. The program will only change current password to something else that I only know. In this case, if anyone logs into my account, installs something, logs out, and cannot logged back in as the password changes.
Suppose I set my account's password as abcd. When someone logs in, the program will change it to abcde. Next time may be abc123 and so on.
You're looking for NetUserChangePassword(). Check this MSDN link for sample code:
http://support.microsoft.com/kb/151546
You could use ADSI to connect to the local machine, get the user object and call the change password action.
MSDN doc on IADsUser::ChangePassword has the following example.
The following "C++" code example shows how to change a user password.
HRESULT ChangePassword(
IADsUser *pUser,
LPWSTR oldPasswd,
LPWSTR newPasswd)
{
HRESULT hr=S_OK;
if(!pUser) { return E_FAIL;}
hr = pUser->ChangePassword(oldPasswd, newPasswd);
printf("User password has been changed");
return hr;
}
The following VB code example shows how to get the user and change a user password.
Dim usr As IADsUser
Dim szOldPass As String
Dim szNewPass As String
On Error GoTo Cleanup
' Fabrikam is the MSDN fictional domain - us '.' for localhost
Set usr = GetObject("WinNT://Fabrikam/JeffSmith,user")
' Add code to securely retrieve the old and new password.
usr.ChangePassword szOldPass, szNewPass
Cleanup:
If (Err.Number<>0) Then
MsgBox("An error has occurred. " & Err.Number)
End If
Set usr = Nothing