The document discusses integrating Facebook authentication with SharePoint 2010. It covers authentication vs authorization, configuring an Azure Access Control Service as an identity provider, and adding claims mappings in SharePoint. Code examples are provided for retrieving a user's Facebook access token, making calls to the Facebook Graph API to get profile data, and storing that data in SharePoint lists and user profiles. The document recommends requesting minimum permissions from Facebook and using a full read permission policy for Facebook users in SharePoint.
'Claims-based identity' is known and well-documented. However I tend to encounter the same questions again and again. These slides tell what claims-based identity means to me.
'Claims-based identity' is known and well-documented. However I tend to encounter the same questions again and again. These slides tell what claims-based identity means to me.
Build Secure Cloud-Hosted Apps for SharePoint 2013Danny Jessee
Apps for SharePoint were introduced in SharePoint 2013 to maximize the level of capability and flexibility that developers can deliver without risking compromise to the farm. In this demo-intensive session, we will delve into apps that leverage resources running outside the SharePoint farm—whether in another on-premises web server or in the cloud. We will use server-side and client-side code to demonstrate how cloud-hosted apps can securely access data stored in SharePoint using the client object model (CSOM/JSOM) and REST APIs, along with the pros and cons associated with each approach. We will discuss the various permissions models associated with apps for SharePoint including types of app permissions, permission request scopes, and how app developers can manage permissions.
CIS14: OAuth and OpenID Connect in ActionCloudIDSummit
Chuck Mortimore, Salesforcce.com
Setup and walk-through of live demos, demonstrating interop of various providers and showing real enterprise use-cases.
This slidedeck provides a technical deep dive about Active Directory Federation Services technology for federated authentication with Office 365 and other relying parties.
Discussed the general OAuth2 features. Reviewer OAuth2 Roles and Grand Flows
Authorization code grant flow
Implicit grant flow
Resource owner password credentials grant flow
Client credentials grant flow
Reviewed access resource flow and token refresh.
see video: https://www.youtube.com/watch?v=UPsVD-A7gP0
Securing your APIs with OAuth, OpenID, and OpenID ConnectManish Pandit
As products and companies move towards IoT model, users and machines alike need to interact with various APIs. Securing these APIs in a connected world can be a challenge faced by many. Fortunately, there are open standards addressing even the most complex of use cases - OAuth, OpenID and OpenID Connect happen to be widely adopted and have a growing support across many API and Identity Providers. In this session I'll talk about these standards, and walk through common use cases/flows from an API Provider as well as consumer's side. We will explore how these standards come together to not only secure the APIs, but also manage identity.
Best Practices for Application Development with BoxJonathan LeBlanc
Covering the best practices for building new applications on top of Box platform, including token management, error condition and program flow, architecture, and other such topics.
Live Identity Services Drilldown - PDC 2008Jorgen Thelin
Live Identity Services enables developers on any platform to choose the identity integration model that best enables their scenarios, including: web or client authentication, delegated authentication, or federated authentication. Learn how to build seamless, cobranded, and customized sign-up and sign-in experiences.
Microsoft PDC 2008 - Session BB22
Build Secure Cloud-Hosted Apps for SharePoint 2013Danny Jessee
Apps for SharePoint were introduced in SharePoint 2013 to maximize the level of capability and flexibility that developers can deliver without risking compromise to the farm. In this demo-intensive session, we will delve into apps that leverage resources running outside the SharePoint farm—whether in another on-premises web server or in the cloud. We will use server-side and client-side code to demonstrate how cloud-hosted apps can securely access data stored in SharePoint using the client object model (CSOM/JSOM) and REST APIs, along with the pros and cons associated with each approach. We will discuss the various permissions models associated with apps for SharePoint including types of app permissions, permission request scopes, and how app developers can manage permissions.
CIS14: OAuth and OpenID Connect in ActionCloudIDSummit
Chuck Mortimore, Salesforcce.com
Setup and walk-through of live demos, demonstrating interop of various providers and showing real enterprise use-cases.
This slidedeck provides a technical deep dive about Active Directory Federation Services technology for federated authentication with Office 365 and other relying parties.
Discussed the general OAuth2 features. Reviewer OAuth2 Roles and Grand Flows
Authorization code grant flow
Implicit grant flow
Resource owner password credentials grant flow
Client credentials grant flow
Reviewed access resource flow and token refresh.
see video: https://www.youtube.com/watch?v=UPsVD-A7gP0
Securing your APIs with OAuth, OpenID, and OpenID ConnectManish Pandit
As products and companies move towards IoT model, users and machines alike need to interact with various APIs. Securing these APIs in a connected world can be a challenge faced by many. Fortunately, there are open standards addressing even the most complex of use cases - OAuth, OpenID and OpenID Connect happen to be widely adopted and have a growing support across many API and Identity Providers. In this session I'll talk about these standards, and walk through common use cases/flows from an API Provider as well as consumer's side. We will explore how these standards come together to not only secure the APIs, but also manage identity.
Best Practices for Application Development with BoxJonathan LeBlanc
Covering the best practices for building new applications on top of Box platform, including token management, error condition and program flow, architecture, and other such topics.
Live Identity Services Drilldown - PDC 2008Jorgen Thelin
Live Identity Services enables developers on any platform to choose the identity integration model that best enables their scenarios, including: web or client authentication, delegated authentication, or federated authentication. Learn how to build seamless, cobranded, and customized sign-up and sign-in experiences.
Microsoft PDC 2008 - Session BB22
SPC Adriatics 2016 - Alternative Approaches to Solution Development in Office...Marc D Anderson
We regularly hear about the importance of building Apps or Add-Ins from the Microsoft folks. But in many cases, that approach is overkill. Even in enterprises, all solutions aren’t enterprise scale. It’s always been possible to build solid solutions or solution components using the trusty Content Editor Web Part to hold some HTML, JavaScript, and CSS, and that’s still a viable approach. With a few other more modern tricks, we can even build solutions that span many pages using a common code base. Join Marc D Anderson as he kicks around the plusses and minuses of sanctioned development versus smaller, lighter-touch approaches.
SPC Adriatics 2016 - Creating a Great User Experience in SharePointMarc D Anderson
Building solutions in SharePoint isn’t simply about getting the functionality right based on the business requirements. Developers must think about the entire user experience (UX), which goes far beyond the technical aspects of the solution. It’s no longer good enough to meet the specifications. We must exceed them in terms of usability. This takes many developers out of their comfort zones and into the messy world of end users.In this interactive session, we’ll discuss questions like:
How should the user feel when they use this piece of functionality?
Will they perceive that this functionality saves them work or creates new work?
How will the functionality compare to what they see on the consumer Web?
How can we use technologies which haven’t historically been considered mainstream SharePoint developer tools (like jQuery and CSS) to make SharePoint feel more like the sites people love?
We’ll look at good and bad examples from SharePoint itself as well as specific customizations.
Unity Connect Haarlem 2016 - The Lay of the Land of Client-Side Development c...Marc D Anderson
Are you dazzled by all the noises you hear about client-side development? Do the grunts and gulps leave you a little confused? In this introductory session, we’ll talk about the types of things you can do with client-side development, how SharePoint can be used as a service (SPaaS?) and what the popular tool sets are. Even between writing the abstract and doing the session, things may well have changed. Whether you’re a server-side developer who wants to catch up with the new trends, a power user wanting to flex your muscles in new ways, or an end user who would like to speak more intelligently with IT, this session will provide useful foundational information.
Build Secure Cloud-Hosted Apps for SharePoint 2013Danny Jessee
Apps for SharePoint were introduced in SharePoint 2013 to maximize the level of capability and flexibility that developers can deliver without risking compromise to the farm. In this session, we will delve into apps that leverage resources running outside the SharePoint farm—whether in another on-premises web server or in the cloud. We will use server-side and client-side code to demonstrate how cloud-hosted apps can securely access data stored in SharePoint using the client object model (CSOM/JSOM) and REST APIs, along with the pros and cons associated with each approach. We will discuss the various permissions models associated with apps for SharePoint including types of app permissions, permission request scopes, and how app developers can manage permissions. We will conclude by building and provisioning a provider-hosted app for SharePoint to Office 365.
Developing custom claim providers to enable authorization in share point an...AntonioMaio2
Developing Custom Claim Providers to Enable Authorization in SharePoint - Antonio Maio.
With the release of SharePoint 2010, Microsoft introduced the concepts of Claims Based Authentication and Authorization. SharePoint 2013 went a step further making Claims Based Authentication the default method for authenticating users when they login. Claims, and identities in general, are playing a bigger role in the security capabilities of systems like SharePoint, enabling us to solve some new and exciting security challenges. Typically we authorize the content that users have access to using SharePoint permissions, however authentication scenarios can be extended in new and interesting ways by developing a custom component called a Custom Claim Provider. This session will introduce the concepts of Claims Based Authentication and Authorization in SharePoint and provide step by step instructions on how to develop and deploy Custom Claim Providers. The session will also walk through several examples of how custom Claim Providers can enhance SharePoint security and authorization.
SharePoint 2010 Extranets and Authentication: How will SharePoint 2010 connec...Brian Culver
How will SharePoint 2010 allow organizations to collaborate and share knowledge with clients and partners? SharePoint empowers organization to build extranet sites and partner portals inexpensively and securely. Learn what exactly is claims based authentication and how can to use it. Learn about the new multi-authentication mode in SharePoint 2010. Learn how SharePoint 2010 can help your organization open its doors to its clients and partners securely.
MongoDB World 2019: Securing Application Data from Day OneMongoDB
All too often the trend is to build an application first and then secure it second.
Luckily, with MongoDB Stitch it's easy to put data security first without slowing down development.
This session will provide a walkthrough of the best practices for authentication, data access, and data validation. We'll even provide a full sample application that you can use to get started after the session.
Who Are You and What Do You Want? Working with OAuth in SharePoint 2013.Eric Shupps
The new SharePoint 2013 App model extends native SharePoint applications into the cloud, allowing developers to write applications that interact with SharePoint data remotely. With these new capabilities come additional challenges for managing security and user authorization via OAuth. Administrators, IT professionals, and developers should attend this session to familiarize themselves with the core concepts behind OAuth in SharePoint 2013, learn how best to configure and manage OAuth in their environment, and discover how OAuth is used in the SharePoint app model.
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
This session will teach you everything that you need to know in order to understand SharePoint Apps, authentication and authorization. Learn about the different type of Apps, the underlying Apps architecture and how to configure an on-premises environment to support Apps. Also you will learn about the different authentications options available for integrating apps, devices, and applications for on-prem scenarios, in the cloud and hybrid.
This presentation will give you short and not very technical overview about claims-based authentication.
The claims-based authentication will be the way to almost all Microsoft web-based platforms around. It is more complex than old username-password method but also more secure and general.
Managing Identity and Securing Your Mobile and Web Applications with Amazon C...Amazon Web Services
Amazon Cognito lets you easily add user sign-up and sign-in to your mobile and web apps. Finding the right identity solution can often be challenging. In this session, we will look at how Cognito can support a wide range of authentication scenarios including customers, employees and systems to help you make the right choices.
Speaker: Stephen Liedig. Solutions Architect. Amazon Web Services
Level: 300
by Nader Dabit, Developer Advocate AWS
You’ve got an awesome startup idea – Wild Rydes! The next generation in transportation will be driven by a willing unicorn population and your new startup will produce the worlds first unicorn hailing services. It’s just seven days to launch, and your designers have delivered the final designs for your website, but your idea depends on the mobile economy! Can you build out your web and mobile infrastructure in time for your launch?
Across three days, AWS experts will guide you through all the pieces that are needed to produce an awesome mobile experience for both your unicorns and your riders.
by Brice Pelle, Enterprise Support Lead, AWS
The designers have included a custom UI for a sign-in and sign-up page, but they forgot to actually include a service sign-up. In this session, we’ll wire up the sign-up and sign-in process with Amazon Cognito and link it to Amazon Pinpoint so you can run campaigns in the future to engage your users.
6 Things You Didn't Know About Firebase AuthPeter Friese
There’s no doubt about it: many apps need some way of authenticating the user, but most developers don’t get overly excited by the prospect of implementing a login/sign-up screen.
In this talk, you will learn what Firebase Auth is, why you should use it, and - if this didn’t get you excited yet - 5 things you probably didn’t know about Firebase Auth before.
In particular, we’re going to look at
- How Firebase Auth works, and why you should use it
- How to let users sign in without even having to come up with a password
- What Anonymous Auth is all about and why you should care
- How to make signing in on iOS more magical
- How to integrate Firebase Auth and Sign in with Apple
Similar to SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud (20)
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
SharePoint 2010, Claims-Based Identity, Facebook, and the Cloud
1.
2.
3.
4. Authentication vs. Authorization
Claims Authentication in SharePoint 2010
Integrating Facebook from scratch
New SharePoint 2010 web application
Adding an Azure Access Control Service (ACS)
Trusted Identity Provider (Facebook)
Going “beyond authentication” to surface
Facebook data in SharePoint and vice versa
5. How many of you are…
Developers?
System administrators?
IT professionals?
Others?
Integrating SharePoint 2010 with an
identity provider such as Facebook will
present different challenges for each role
6.
7. Authentication (AuthN) is the process of
validating a user’s identity
SharePoint never performs authentication
If the login prompt keeps appearing, think
authentication issue!
Unless it’s the dreaded
loopback check!
8. Authorization (AuthZ) is the process of
determining the resources, features, etc. to
which an authenticated user has access
If you see “Access Denied” errors, think
authorization issue!
9. What is a claim?
A piece of information describing a user
▪ Name
▪ Email Address
▪ Role/Group membership
▪ Age
▪ Hire Date
Whose claims do I trust, and which claims
affect authorization decisions I make?
10. Token
Serialized set of claims about an authenticated
user, digitally signed by the token’s issuer
Identity Provider (IP)
Validates user credentials
Security Token Service (STS)
Builds, signs, and issues tokens containing claims
Relying party (RP)
Applications that makes authorization decisions
based on claims (SharePoint 2010)
11. Decoupling of authentication logic from
authorization and personalization logic
Applications no longer need to determine who
the user is, they receive claims identifying the
user
Great for developers who rarely want to work
with identity!
Provides a common way for applications
to acquire the identity information they
need about users
12. 1. “I’d like to access this protected resource.”
2. “I don’t know who you are. Identity provider, authenticate him.”
3. “My user ID is Danny and my password is BaCoNbAcOn!!1.”
4. “Hi, Danny. Here is a token you can
use containing attributes about you.”
5. “I’d like to access this resource;
hopefully it has the proof you need
to authorize me!”
SharePoint 2010
13. Claims Based Authentication (Tokens)
Windows Authentication: NTLM/Kerberos, Basic
Forms-Based Authentication (ASP.NET
Membership provider and Role manager)
Other Trusted Identity providers (like Facebook!)
Classic Mode Authentication (“Old School”)
Windows Authentication (NTLM/Kerberos) only
Both map authenticated users to SPUser
objects (security principals)
14. The single biggest decision of your life!
Updated TechNet guidance:
“For new implementations of SharePoint
Server 2010, you should consider we
recommend claims-based authentication.”
http://technet.microsoft.com/en-us/library/cc262350.aspx
15. Allows users to choose how to authenticate
when multiple providers are configured
(Mixed Authentication)
/_login/default.aspx
Custom code opportunity
http://bit.ly/IR0eRR
19. Cloud-based service that provides an easy
way of authenticating and authorizing users
to gain access to web applications
Includes support for Windows Live ID,
Google, Yahoo, and Facebook
Also includes support for Active Directory
Federation Services (AD FS) 2.0
Simple browser-based management portal
$1.99/100k transactions (free until Nov. 30!)
20. Three things must be done to add support
for users to login to SharePoint via Facebook:
1. Create a Facebook application
https://developers.facebook.com/apps
2. Configure ACS for Facebook support
Permissions you will request from Facebook users
Relying Party application and Rule Group setup
3. Configure ACS as a Trusted Identity Provider
in SharePoint
21. No! You can integrate external identity
providers with SharePoint without ACS
You have no choice if you want to use identity
providers not currently supported by ACS
(such as LinkedIn or Twitter)
You will need to write your own code to:
Ensure the user has logged in to the IP
Obtain claim information from the IP
Package and sign tokens (your own STS)
25. From the ACS management portal, add a
new Identity Provider
26. Enter App ID and App Secret values from
Facebook application you created earlier
Enter a comma-delimited list of Application
Permissions you want to request
https://developers.facebook.com/docs/reference/
api/permissions/
In our demo, we will request:
email,user_location,user_hometown,user_website,use
r_work_history,publish_stream,user_birthday,friend
s_birthday,user_education_history,user_photos,user
_about_me
27. Permissions you request will be displayed
to the end user the first time they log in
Request the minimum subset of
permissions you need
Users are more likely to reject bigger requests
28. Generate Rule Group
Named set of claim rules that define which
identity claims are passed from identity
providers to your relying party application
SharePoint will still need to be configured
to make use of these claims
29. Configure Relying Party application
Provide Name, Realm, and Return URL
Return URL: Realm + /_trust
30. Choose SAML 1.1 token format
Update Token lifetime to >600 seconds
Select Identity providers and Rule
groups
31. Generate self-signed certificate
C:Program FilesMicrosoft Office
Servers14.0Tools>MakeCert.exe -r
-pe -n
"CN=dannyjessee.accesscontrol.wind
ows.net" -sky exchange -ss my
(Self-signed, exportable, subject key type
“exchange,” store in “personal” certificate store)
Development only! Please use a
legitimate certificate in production!
32. Upload this certificate (.pfx format) as the
Token Signing Certificate in ACS
35. Running this PowerShell script will add
“Facebook” to the list of Trusted Identity
Providers
Eligible to be added to Claims-based web
applications in Central Administration
36. Before Facebook users will be authorized
to access anything, we must grant them
an appropriate level of permissions
Best to set a “Full Read” web application
policy for users coming in from Facebook
In a public-facing scenario, you likely won’t
know specific user identities to set more
granular permissions
Not to mention the people picker issues!
38. All claims whose OriginalIssuer is
TrustedProvider:Facebook
AccessToken is the key to all user data
39. Make calls to the Facebook Graph API
https://developers.facebook.com/docs/referen
ce/api/
Retrieve data about the user and his/her
friends
Upload photos/videos, post status messages
Data returned from Facebook in JSON format
Requests to https://graph.facebook.com/...
▪ me/feed, me/friends, me/photos, me/videos
41. Code snippets in these slides are not
complete
Do not include proper error checking/handling
Do not show proper impersonation of System
Account where necessary
Please download the code
http://facebookwebparts.codeplex.com
Examples use the Facebook C# SDK
http://csharpsdk.org
42. Returned in a claim from Facebook
A new AccessToken is issued each login
Our key to all of the data about the logged in user
Required for all calls to the Facebook Graph API
Two hour lifetime by default
To leverage this token across the site, I store
it in the SPWeb.AllProperties property bag
web.AllProperties[“fbAccessToken_{loginname}”]
AllProperties required for case sensitivity
43. Change to
Initial display name for the SPUser is based
on the specified IdentifierClaim
Make this friendlier – we know their name!
if (SPContext.Current.Web.CurrentUser == null)
{
SPUser user = web.EnsureUser("i:" + claimsIdentity.Name);
currentUser.Name = givenName;
currentUser.Update();
}
44. var client = new Facebook.FacebookClient(token);
var me = (IDictionary<string, object>)client.Get("me");
JsonObject location = me["location"] as JsonObject;
myLocation = (string)location["name"];
myLocation is in City, State format
Parsed and sent to Weather Underground
API
http://api.wunderground.com/api/[key]/
geolookup/conditions/forecast/q/[state]/
[city].json
45. var client = new Facebook.FacebookClient(token);
var me = (IDictionary<string, object>)client.Get("me");
SPList lstContacts = web.Lists["Contacts"];
SPListItem item = lstContacts.Items.Add();
item["First Name"] = (string)me["first_name"];
item["Last Name"] = (string)me["last_name"];
JsonArray work = me["work"] as JsonArray;
// Most recent/current employer stored in work[0]
JsonObject company = work[0] as JsonObject;
JsonObject employer = company["employer"] as JsonObject;
JsonObject position = company["position"] as JsonObject;
item["Company"] = (string)employer["name"];
item["Job Title"] = (string)position["name"];
item.SystemUpdate();
46. var client = new Facebook.FacebookClient(token);
var me = (IDictionary<string, object>)
client.Get("me/friends?fields=name,birthday");
JsonArray friendData = me["data"] as JsonArray;
foreach (JsonObject friend in friendData)
{
if (friend.ContainsKey("birthday"))
{
/* Some users share MM/DD of birthday, others share
MM/DD/YYYY
We only care about MM/DD for our purposes, and
Facebook always pads with leading zeros */
string birthday = (string)friend["birthday"];
birthMonth = int.Parse(birthday.Substring(0, 2));
birthDate = int.Parse(birthday.Substring(3, 2));
...
48. var client = new Facebook.FacebookClient(token);
Dictionary<string, object> dict = new Dictionary<string,
object> {
{ "title", "I know how to post videos to
Facebook...from SharePoint!" },
{ "description", "See more at SPS Cincinnati October
27, 2012!" },
{ "vid1", new FacebookMediaObject { ContentType =
"video/x-flv", FileName = "facebook.flv"
}.SetValue(File.ReadAllBytes(@"C:facebook.flv")) }
};
client.PostAsync("me/videos", dict);
49. var client = new Facebook.FacebookClient(token);
Dictionary<string, object> dict = new Dictionary<string,
object>();
dict.Add("message", "Yay for Claims-Based Identity,
Facebook, SharePoint, and Bacon!");
dict.Add("link",
"http://sharepointsaturday.org/cincinnati");
dict.Add("picture",
"http://www.sharepointsaturday.org/cincinnati/SiteImages/Sca
rePointSpookinnati.jpg");
dict.Add("name", "SharePoint Saturday Cincinnati");
dict.Add("caption", "October 27, 2012");
dict.Add("description", "Come see my presentation about
Claims-Based Identity in SharePoint 2010 at SPS
Cincinnati!");
client.PostAsync("me/feed", dict);
50. Ensure “Allow users to edit values for this
property” flag is set
SPServiceContext sc = SPServiceContext.GetContext(site);
UserProfileManager userProfileMangager = new
UserProfileManager(sc);
UserProfile profile =
userProfileMangager.GetUserProfile(true);
profile[PropertyConstants.StatusNotes].Value =
txtStatus.Text;
profile.Commit();
51. Silverlight application courtesy MossLover
Interfaces with the user’s webcam, saves
captured images to document library
52. Added event handler to upload to
Facebook
string contentType = "image/jpeg";
var client = new Facebook.FacebookClient(fbAccessToken);
Dictionary<string, object> dict = new Dictionary<string,
object> {
{ "message", "Uploaded picture from Silverlight webcam
image capture in SharePoint!" },
{ "pic1", new FacebookMediaObject { ContentType =
contentType, FileName = properties.ListItem.File.Name
}.SetValue(properties.ListItem.File.OpenBinary()) }
};
client.PostAsync("me/photos", dict);
Editor's Notes
This is all admin/IT pro stuff…
Liam Cleary makes a good point about how anonymous access is one case where Authorization precedes Authentication.
Liam Cleary’s analogy of drivers licenses and vehicle registrations; police officers. HTTP 302 redirects. Can verify this with Fiddler.
Claims opens up all the doors to you…FBA, Trusted Identity Providers (external-outside world)
Can always go from Classic to Claims, can’t go back!!!
Go to Central Administration and provision a simple new web application using Claims. Log in with an NTLM-based domain account.