none
Redirect URI so that service provider(Yammer) redirects to the app

    Question

  • Hi,

    I am developing an windows store app in which I desired to provide authentication to users through Yammer. I am using WebAuthenticationBroker for the same as Windows Azure service doesnot support Yammer authentication.

    On referring http://developer.yammer.com/introduction/ , I found that  my app needs to redirect to the following url on the click of sign in button:

    https://www.yammer.com/dialog/oauth?client_id=[:client_id]&redirect_uri=[:redirect_uri] 

    I am using the following code to achieve the above functionality:

    Uri sid = WebAuthenticationBroker.GetCurrentApplicationCallbackUri();
    string loginURI = "https://www.yammer.com/dialog/oauth?client_id=28qx6kPAmf4HfUFhwU7WWA&redirect_uri=" + sid ;

    I get the pop up , but the windows does not redirect me with a valid code.

    I am not sure what should the redirect_uri be in order to redirect the code to my app. Any help will be appreciated.

    Thanks in advance.


    Friday, December 27, 2013 8:56 AM

Answers

  • WAB is for OAuth integration and will set the appropriate cookies.  It seems like the Yammer OAuth is not doing the correct thing (or there is another API you should call).  Check out the documentation on the Web Authentication Broker classes.  It does not allow you to retrieve anything from it at all.  You should not use this class to do this authentication.  Perhaps there is another URI for OAuth and Yammer that does do the right thing?

    If not, You need to pop-up a webbrowser control yourself much like the WAB does and then detect that URI that indicates completion.  At that point you then can retrieve the code yourself.

    In concept pretty simple... Pop up a UI with a Web Browser control, wait to see the redirect URI then make sure it is OK and grab whatever code/data you need from the cookies and or URI returned.  That should get you started!

    I did something similar for myself authenticating against a SharePoint Fed Auth based site.  If I have some time today I will whip up a simple blog to show you the technique I used and perhaps you can steal  :-) some of my code to help you out if you are at a loss how to proceed! 

    Jeff


    Jeff Sanders (MSFT)

    @jsandersrocks - Windows Store Developer Solutions @WSDevSol
    Getting Started With Windows Azure Mobile Services development? Click here
    Getting Started With Windows Phone or Store app development? Click here
    My Team Blog: Windows Store & Phone Developer Solutions
    My Blog: Http Client Protocol Issues (and other fun stuff I support)

    Friday, December 27, 2013 2:53 PM

All replies

  • Redirect is a concept that applies to the server and not the application.  If you re-read the documentation you will see this in step 5.  What do you mean by 'the windows does not redirect me with a valid code'?

    Jeff Sanders (MSFT)

    @jsandersrocks - Windows Store Developer Solutions @WSDevSol
    Getting Started With Windows Azure Mobile Services development? Click here
    Getting Started With Windows Phone or Store app development? Click here
    My Team Blog: Windows Store & Phone Developer Solutions
    My Blog: Http Client Protocol Issues (and other fun stuff I support)

    Friday, December 27, 2013 2:23 PM
  • Thanks for your reply.

    When I am using the following code , a pop up opens and asks me to enter my credentials.

    Uri sid = WebAuthenticationBroker.GetCurrentApplicationCallbackUri();
    string loginURI = "https://www.yammer.com/dialog/oauth?client_id=28qx6kPAmf4HfUFhwU7WWA&redirect_uri=" +sid.AbsoluteUri;
    WebAuthenticationResult result = await WebAuthenticationBroker.AuthenticateAsync(WebAuthenticationOptions.None, new Uri(loginURI));

    After enter my credentials I wish to get a unique code as described below , by means of which I would like to get my JSON data. However the page does not redirect.

    "Once Yammer has successfully authenticated the user, the OAuth dialog will prompt them to authorize the app. If the user clicks “Allow”, your app will be authorized. The OAuth dialog will redirect the user’s browser via HTTP 302 to the redirect_uri with an authorization code:"

    http://[:redirect_uri]?code=[:code]
    Friday, December 27, 2013 2:44 PM
  • WAB is for OAuth integration and will set the appropriate cookies.  It seems like the Yammer OAuth is not doing the correct thing (or there is another API you should call).  Check out the documentation on the Web Authentication Broker classes.  It does not allow you to retrieve anything from it at all.  You should not use this class to do this authentication.  Perhaps there is another URI for OAuth and Yammer that does do the right thing?

    If not, You need to pop-up a webbrowser control yourself much like the WAB does and then detect that URI that indicates completion.  At that point you then can retrieve the code yourself.

    In concept pretty simple... Pop up a UI with a Web Browser control, wait to see the redirect URI then make sure it is OK and grab whatever code/data you need from the cookies and or URI returned.  That should get you started!

    I did something similar for myself authenticating against a SharePoint Fed Auth based site.  If I have some time today I will whip up a simple blog to show you the technique I used and perhaps you can steal  :-) some of my code to help you out if you are at a loss how to proceed! 

    Jeff


    Jeff Sanders (MSFT)

    @jsandersrocks - Windows Store Developer Solutions @WSDevSol
    Getting Started With Windows Azure Mobile Services development? Click here
    Getting Started With Windows Phone or Store app development? Click here
    My Team Blog: Windows Store & Phone Developer Solutions
    My Blog: Http Client Protocol Issues (and other fun stuff I support)

    Friday, December 27, 2013 2:53 PM
  • I know this is an old thread, but I think you want to use the implicit OAUTH flow instead. What you want to do is add another parameter to your url: response_type=token.

    Uri sid = WebAuthenticationBroker.GetCurrentApplicationCallbackUri();
    string redirectUri = sid.AbsoluteUri;
    string loginURI = "https://www.yammer.com/dialog/oauth?client_id=28qx6kPAmf4HfUFhwU7WWA&response_type=token";
    WebAuthenticationResult result = await WebAuthenticationBroker.AuthenticateAsync(
    	WebAuthenticationOptions.None, 
    	new Uri(loginURI),
    	new Uri(redirectUri));
    Your WebAuthenticationResult will contain the redirect uri with #access_token=[your_access_token_here] at the end of the url. You just need to parse this fragment at the end, and use the access token in your API requests to Yammer in an Authorization: Bearer format.

    Monday, July 07, 2014 4:04 PM
  • i agree implicit auth is the flow you want to use in wab case.

    also provided your loginUri [ / aka requestUri ] uses winrt app's ms-app://<sid> value then you can use the wab AuthenticateAync() overload that doesn't include specifying the callbackUri parameter.

    the upside is that when you do that wab caches any identity provide issued cookies that contributed to making subsequent token refresh calls occur w/o user having to enter credentials . . . which is typically the desirable user experience.

    <a href="https://www.yammer.com/dialog/oauth?client_id=&redirect_uri=ms-app://<user winrt app sid>/&response_type=token">https://www.yammer.com/dialog/oauth?client_id=<your yammer app id>&redirect_uri=ms-app://<user winrt app sid>/&response_type=token

    Sunday, August 10, 2014 10:44 PM