var auth = new AuthenticationClient();

auth.UsernamePasswordAsync(string clientid, string clientsecret, string username, string password)

auth.id : no value
auth.InstanceUrl : no value
auth.AccessToken : no value
auth.ApiVersion : v36.0

When I retrieve data for Chatter I do not get data on any files/images attached to a comment.

I get

parent {id  and url}
id
clientinfo
user{name, title,companyName, firstName, lastName,mySubscription, isChatterGuest, photo (large and small}, id, url, type}
body{text, messageSegments}, feedItem, deletable, url, createdDate

Am I missing something or is this by design?

I retrieved the refresh_token and (for testing purposes) manually put the value into my code, compiled and run.

So in my code I have:

string uri = "https://login.database.com/services/oauth2/token?grant_type=refresh_token&client_id=" + clientid + "&client_secret=" + clientsecret + "&refresh_token=my refresh token

var webRequest = (HttpWebRequest)WebRequest.Create(uri);
webRequest.Method = "POST";

using (var response = webRequest.GetResponse() as HttpWebResponse)
                        {
                            if (webRequest.HaveResponse && response != null)
                            {
                                using (var reader = new StreamReader(response.GetResponseStream()))
                                {
                                    string result = reader.ReadToEnd();
                                    lblresult.Text += result ;
                                }
                            }
                        }

 But I get a Bad Request response.

Yet again, the salesforce documentation appears to contradict itself.

In the salesforce setup (under Security Controls/Session Settings) the max timeout value (in the Developer Edition at least) is 12 hours, which I believe is used to determine the valid period for a refresh token.

On the other hand:

http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com#Token_Refresh

The refresh token may have an indefinite lifetime, persisting until explicitly revoked by the end-user. The client application can store the refresh token, using it to periodically obtain fresh access tokens, but should be careful to protect it against unauthorized access, since, like a password, it can be repeatedly used to gain access to the resource server.

If 12 hours is the time limit, then that is truly useless. Hopefully someone can confirm that the time limit/session is unlimited.

The documentation at

http://www.salesforce.com/us/developer/docs/api_rest/api_rest.pdf

indicates that:

Once Salesforce verifies the refresh token request, it sends a response to the application with the following response body parameters:

access_token

instance_url

id

issued_at

signature

which is returned as 

{ "id":"https://login.salesforce.com/id/00Dx0000000BV7z/005x00000012Q9P",
"issued_at":"1278448384422","instance_url":"https://na1.salesforce.com",
"signature":"SSSbLO/gBhmmyNUvN18ODBDFYHzakxOMgqYtu+hDPsc=",
"access_token":"00Dx0000000BV7z!AR8AQP0jITN80ESEsj5EbaZTFG0RNBaT1cyWk7T
rqoDjoNIWQ2ME_sTZzBjfmOE6zMHq6y8PIW4eWze9JksNEkWUl.Cju7m4"}

So maybe someone can shed light on why I am getting the 

The remote server returned an error: (400) Bad Request.

message

So far I have created 2 .net aps pages which will extract data for a chatter account, but this process requires to login as part of the process.

It has been suggested that there is a way, using .net, to automatically pass the login details and bypass the login screen.

Can anyone confirm if this is actually possible and some pointers as to how it could be done.

And not using powershell.

thanks

In my Developer Interface I have:

Profiles: System Administrator (with Manage Chatter Messages greyed out)

Users: a user set as System Administrator

Permission Sets: test App Developer (with Manage Chatter Messages and API Enabled both checked under System Permissions sub category)

How do I get the user to have test App Developer permissions?

If I return a list of Users I want to be able to retrieve each user's posts.

So if I have a json containing each user then loop through the json results, like foreach and set my variable to the value of the user id.

I would then want to retrieve all the posts for that user and repeat the process for each user.

1. It would appear that once I have my OAuth token and have made my initial request for the users, I cannot make repeated requests with the same token for each user.

2. Instead of domain/services/data/v23.0/chatter/feeds/me/ how would I get all feeds rather than user specific

3. Can I retrieve ALL the company data in one go?

As a newbie with Chatter I had real problems figuring out the process to retrieve data so hopefully the following will help any other newbies trying to figure it out. Using the Developer Edition:

1. You will need an https domain where you will run your app which will make a request to your Chatter App
2. You will need to register a new sub domain within the Setup. I think it was under Domains. So you will have something like mydomain-dev-ed.my.salesforce.com

3. Create a Connected App (Create/Apps)
4. The Start URL will be the sub domain you created
5. Select the checkbox for Enable OAuth Settings
6. The callback url will be a path to your https domain on your server (ie https path/to/results.aspx
7. Put all the selected OAuth Scopes over to the right
8. Save

_____________________________________________________________________

_____________________________________________________________________

In the left side navigation you will see there is Manage Apps and Create/Apps

You will find info about your Connected App in both those locations.
You will need the Consumer Key, Consumer Secret and Callback Url (or redirect url)

You will now create two .net files which will reside on your server:

1. default.aspx
2. results.aspx

_______________________________________________________________________

The default.aspx will make the initial call to salesforce which will return a javascript string.
You will need to extract the relevant content from the string to use, which in turn will open a login page.

Once you have logged in, additional values will be passed back to your app.

______________________________________________________________________

______________________________________________________________________

In your default.aspx

string clientid = "this is the Consumer Key ";
string redirecturl = "https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id=" + clientid + "&redirect_uri=" + redirecturl ;
var webRequest = (HttpWebRequest)WebRequest.Create(uri);
webRequest.Method = "POST";
[Inside a try/catch put the following]
WebClient webClient = new WebClient();
webClient.Encoding = Encoding.UTF8;
result = webClient.DownloadString(uri);

string returnedString = result;

[The result is the string returned which you will need to extract the url contained within the string]
At this point you need to create a ClientScript which, when called, will load the login page.

String csname2 = "myscript";
Type cstype = this.GetType();
string jsScript = "<script>window.location.href ='" + Your_Extracted_Url + "'</script>";
ClientScriptManager cs = Page.ClientScript;
cs.RegisterClientScriptBlock(cstype, csname2, jsScript);

If you save the default.aspx, compiled your project and uploaded to your server then ran it, you would get the login page.

Something like:

https://login.salesforce.com/?ec=302&startURL=%2Fsetup%2Fsecur%2FRemoteAccessAuthorizationPage.apexp%3Fsource%3Dl86Hcy6qEKtWNqzXVErZDlmcRQs0D_HBE55MLVuP3x8t5wXkyHYyrVx2Xb5JoWzyVOJrnTqMMaWy_Sfomv.j1xklSQ67NPiEbdAN9Vn15MXpcuc7Tn4&sdtd=1

Now when you submit the login page, it is effectively going to your callback page you designated earlier, so now you have to add code to this file to retrieve the required data.

Result.aspx

[you can add your own try/catch and conditions]

string clientid = "same as previous";
string clientsecret = "your client secret";
string redirecturl = "same as previous";

string uri = "https://login.database.com/services/oauth2/token?grant_type=authorization_code&client_id=" + clientid + "&client_secret=" + clientsecret + "&redirect_uri=" + redirecturl + "&code=" + res + "&format=json";


var webRequest = (HttpWebRequest)WebRequest.Create(uri);
webRequest.Method = "POST";


if (webRequest.HaveResponse && response != null)
{
using (var reader = new StreamReader(response.GetResponseStream()))
{
        string result = reader.ReadToEnd();
        JavaScriptSerializer ser = new JavaScriptSerializer();
        Dictionary<string,object> dict = ser.Deserialize<Dictionary<string, object>>(result);
        int dCount = 0;


       foreach (string strVal in dict.Values)
       {
         if (dCount == 6)
             {
                    string chatterApiUri = "https://SubdomainYouCreated.my.salesforce.com/services/data/v23.0/chatter/users/me";
                   var webRequestlogin = (HttpWebRequest)WebRequest.Create(chatterApiUri);
                  webRequestlogin.Headers.Add("Authorization", "OAuth "+ sToken);
                 webRequestlogin.Method = "GET";

                    using (var aresponse = webRequestlogin.GetResponse() as HttpWebResponse)
                    {
                                if (webRequestlogin.HaveResponse && response != null)
                               {
                                        using (var areader = new StreamReader(aresponse.GetResponseStream()))
                                       {
                                              string aresult = areader.ReadToEnd();
                                              lblresult.Text += "HERE IS YOUR RESULT " + aresult;
                                       }
                               }
                   }
 
       }
    }
  }
}

Your page on your server should display something like the following:

{"address":{"state":null,"country":"GB","street":null,"city":null,"zip":"EH3 5RT"},"email".......etc

It's a start but hopefully this will help because the documentation is shoddy.

I am trying to retrieve an authorization token.

string uri = "https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id=" + clientid + "&redirect_uri=" + redirecturl ;

passing the response_type, consumer key and redirecturl as specified in the documentation

var webRequest = (HttpWebRequest)WebRequest.Create(uri);
webRequest.Method = "POST";

Getting a Response

using (var response = webRequest.GetResponse() as HttpWebResponse)
{
if (webRequest.HaveResponse && response != null)
{
using (var reader = new StreamReader(response.GetResponseStream()))
{
string result = reader.ReadToEnd();
}
}
}

the variable result contains a string. Extract below:

window.location.href ='https://login.salesforce.com/?ec=302&startURL=%2Fsetup%2Fsecur%2FRemoteAccessAuthorizationPage.apexp%3Fsource%3Dl86Hcy6qEKtWNqzXVErZDlmcRQs0D_HBE55MLVuP3x8t5wXkyHYyrVx2Xb5JoWzyVOJrnTqMMaWy_Sfomv.j1xklSQ67NPiEbdAN9HJgqZjxhVB_wL5WAOIs5h_Bfy.gt68kEhf74mUA0L6xTL_EeHuTTcX014TQZDXchWGtUirnE8kcAlfDjqOUgJVKM8sRgRdfY1iz0fqi2RpSvGVAvMI2FrpnphOGYZeUK4sMdypAhYGABRwk.B2z1IQR7XEGQDdZElS41.Se2fL.Ppaz9_bta1AbBo95jMPSAq93gdgP3GhCR3AmBr6oYgXxX0asg6dafLyGhA%253D%253D%26sdtd%3D1&sdtd=1

I can run this but it forces a login page to load and after entering my username/password the returned url includes the following:

https://avontoun-dev-ed.my.salesforce.com/services/oauth2/callback?code=aPrx_vK.AljnHqOZWwznOGCkVUPQf0CFjdYf5KxfbhwT1Vu_3a9I8OcMKw%3D%3D

which includes the authorization code

But I do not want to have to open a login page. Instead I want to be able to retrieve the authorization code programmatically to continue the process.

1. Is there any way I can simulate the login to retrieve the code?

2. Can I make the authorization code unexpired (ie retrieve the authorization code once and be able to re-use it)

Going by the Force.com REST API Developer's Guide 

2. The user logs into Salesforce with their credentials. The user is interacting with the authorization endpoint directly, so the application never sees the user’s credentials. After successfully logging in, the user is asked to authorize the application.
Note that if the user has already authorized the application, this step is skipped.
3. Once Salesforce confirms that the client application is authorized, the end-user’s Web browser is redirected to the callback URL specified by the redirect_uri parameter. Salesforce appends authorization information to the redirect URL with the following values:

An example callback URL with authorization information might look something like:
https://www.mysite.com/authcode_callback?code=aWekysIEeqM9PiThEfm0Cnr6MoLIfwWyRJcqOqHdF

8f9INokharAS09ia7UNP6RiVScerfhc4w%3D%3D

So yes, the above example is what I get after login but what if I want to create an automated process to retrieve the authorization code?

Seems like a bit of crock.

The Developer's Guide goes on:

4. The application extracts the authorization code and passes it in a request to Salesforce for an access token. This request is a POST request sent to the appropriate Salesforce token request endpoint, such as
https://login.salesforce.com/services/oauth2/token.

So how do I go about programmatically extracting the authorization code from my browser back to the application I'm building?

I'm just starting out with using chatter.

Using .net, in the developer edition, I make an httpwebrequest passing the oauth token and a GET method to mysalesforceurl/services/data/v28.0/chatter/users/userId and I get unauthorized.

I'm obviously missing something but don't know what.

As a newbie with Chatter I had real problems figuring out the process to retrieve data so hopefully the following will help any other newbies trying to figure it out. Using the Developer Edition:

1. You will need an https domain where you will run your app which will make a request to your Chatter App
2. You will need to register a new sub domain within the Setup. I think it was under Domains. So you will have something like mydomain-dev-ed.my.salesforce.com

3. Create a Connected App (Create/Apps)
4. The Start URL will be the sub domain you created
5. Select the checkbox for Enable OAuth Settings
6. The callback url will be a path to your https domain on your server (ie https path/to/results.aspx
7. Put all the selected OAuth Scopes over to the right
8. Save

_____________________________________________________________________

_____________________________________________________________________

In the left side navigation you will see there is Manage Apps and Create/Apps

You will find info about your Connected App in both those locations.
You will need the Consumer Key, Consumer Secret and Callback Url (or redirect url)

You will now create two .net files which will reside on your server:

1. default.aspx
2. results.aspx

_______________________________________________________________________

The default.aspx will make the initial call to salesforce which will return a javascript string.
You will need to extract the relevant content from the string to use, which in turn will open a login page.

Once you have logged in, additional values will be passed back to your app.

______________________________________________________________________

______________________________________________________________________

In your default.aspx

string clientid = "this is the Consumer Key ";
string redirecturl = "https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id=" + clientid + "&redirect_uri=" + redirecturl ;
var webRequest = (HttpWebRequest)WebRequest.Create(uri);
webRequest.Method = "POST";
[Inside a try/catch put the following]
WebClient webClient = new WebClient();
webClient.Encoding = Encoding.UTF8;
result = webClient.DownloadString(uri);

string returnedString = result;

[The result is the string returned which you will need to extract the url contained within the string]
At this point you need to create a ClientScript which, when called, will load the login page.

String csname2 = "myscript";
Type cstype = this.GetType();
string jsScript = "<script>window.location.href ='" + Your_Extracted_Url + "'</script>";
ClientScriptManager cs = Page.ClientScript;
cs.RegisterClientScriptBlock(cstype, csname2, jsScript);

If you save the default.aspx, compiled your project and uploaded to your server then ran it, you would get the login page.

Something like:

https://login.salesforce.com/?ec=302&startURL=%2Fsetup%2Fsecur%2FRemoteAccessAuthorizationPage.apexp%3Fsource%3Dl86Hcy6qEKtWNqzXVErZDlmcRQs0D_HBE55MLVuP3x8t5wXkyHYyrVx2Xb5JoWzyVOJrnTqMMaWy_Sfomv.j1xklSQ67NPiEbdAN9Vn15MXpcuc7Tn4&sdtd=1

Now when you submit the login page, it is effectively going to your callback page you designated earlier, so now you have to add code to this file to retrieve the required data.

Result.aspx

[you can add your own try/catch and conditions]

string clientid = "same as previous";
string clientsecret = "your client secret";
string redirecturl = "same as previous";

string uri = "https://login.database.com/services/oauth2/token?grant_type=authorization_code&client_id=" + clientid + "&client_secret=" + clientsecret + "&redirect_uri=" + redirecturl + "&code=" + res + "&format=json";


var webRequest = (HttpWebRequest)WebRequest.Create(uri);
webRequest.Method = "POST";


if (webRequest.HaveResponse && response != null)
{
using (var reader = new StreamReader(response.GetResponseStream()))
{
        string result = reader.ReadToEnd();
        JavaScriptSerializer ser = new JavaScriptSerializer();
        Dictionary<string,object> dict = ser.Deserialize<Dictionary<string, object>>(result);
        int dCount = 0;


       foreach (string strVal in dict.Values)
       {
         if (dCount == 6)
             {
                    string chatterApiUri = "https://SubdomainYouCreated.my.salesforce.com/services/data/v23.0/chatter/users/me";
                   var webRequestlogin = (HttpWebRequest)WebRequest.Create(chatterApiUri);
                  webRequestlogin.Headers.Add("Authorization", "OAuth "+ sToken);
                 webRequestlogin.Method = "GET";

                    using (var aresponse = webRequestlogin.GetResponse() as HttpWebResponse)
                    {
                                if (webRequestlogin.HaveResponse && response != null)
                               {
                                        using (var areader = new StreamReader(aresponse.GetResponseStream()))
                                       {
                                              string aresult = areader.ReadToEnd();
                                              lblresult.Text += "HERE IS YOUR RESULT " + aresult;
                                       }
                               }
                   }
 
       }
    }
  }
}

Your page on your server should display something like the following:

{"address":{"state":null,"country":"GB","street":null,"city":null,"zip":"EH3 5RT"},"email".......etc

It's a start but hopefully this will help because the documentation is shoddy.

When I retrieve data for Chatter I do not get data on any files/images attached to a comment.

I get

parent {id  and url}
id
clientinfo
user{name, title,companyName, firstName, lastName,mySubscription, isChatterGuest, photo (large and small}, id, url, type}
body{text, messageSegments}, feedItem, deletable, url, createdDate

Am I missing something or is this by design?

I retrieved the refresh_token and (for testing purposes) manually put the value into my code, compiled and run.

So in my code I have:

string uri = "https://login.database.com/services/oauth2/token?grant_type=refresh_token&client_id=" + clientid + "&client_secret=" + clientsecret + "&refresh_token=my refresh token

var webRequest = (HttpWebRequest)WebRequest.Create(uri);
webRequest.Method = "POST";

using (var response = webRequest.GetResponse() as HttpWebResponse)
                        {
                            if (webRequest.HaveResponse && response != null)
                            {
                                using (var reader = new StreamReader(response.GetResponseStream()))
                                {
                                    string result = reader.ReadToEnd();
                                    lblresult.Text += result ;
                                }
                            }
                        }

 But I get a Bad Request response.

Yet again, the salesforce documentation appears to contradict itself.

In the salesforce setup (under Security Controls/Session Settings) the max timeout value (in the Developer Edition at least) is 12 hours, which I believe is used to determine the valid period for a refresh token.

On the other hand:

http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com#Token_Refresh

The refresh token may have an indefinite lifetime, persisting until explicitly revoked by the end-user. The client application can store the refresh token, using it to periodically obtain fresh access tokens, but should be careful to protect it against unauthorized access, since, like a password, it can be repeatedly used to gain access to the resource server.

If 12 hours is the time limit, then that is truly useless. Hopefully someone can confirm that the time limit/session is unlimited.

The documentation at

http://www.salesforce.com/us/developer/docs/api_rest/api_rest.pdf

indicates that:

Once Salesforce verifies the refresh token request, it sends a response to the application with the following response body parameters:

access_token

instance_url

id

issued_at

signature

which is returned as 

{ "id":"https://login.salesforce.com/id/00Dx0000000BV7z/005x00000012Q9P",
"issued_at":"1278448384422","instance_url":"https://na1.salesforce.com",
"signature":"SSSbLO/gBhmmyNUvN18ODBDFYHzakxOMgqYtu+hDPsc=",
"access_token":"00Dx0000000BV7z!AR8AQP0jITN80ESEsj5EbaZTFG0RNBaT1cyWk7T
rqoDjoNIWQ2ME_sTZzBjfmOE6zMHq6y8PIW4eWze9JksNEkWUl.Cju7m4"}

So maybe someone can shed light on why I am getting the 

The remote server returned an error: (400) Bad Request.

message

In my Developer Interface I have:

Profiles: System Administrator (with Manage Chatter Messages greyed out)

Users: a user set as System Administrator

Permission Sets: test App Developer (with Manage Chatter Messages and API Enabled both checked under System Permissions sub category)

How do I get the user to have test App Developer permissions?

I am trying to retrieve an authorization token.

string uri = "https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id=" + clientid + "&redirect_uri=" + redirecturl ;

passing the response_type, consumer key and redirecturl as specified in the documentation

var webRequest = (HttpWebRequest)WebRequest.Create(uri);
webRequest.Method = "POST";

Getting a Response

using (var response = webRequest.GetResponse() as HttpWebResponse)
{
if (webRequest.HaveResponse && response != null)
{
using (var reader = new StreamReader(response.GetResponseStream()))
{
string result = reader.ReadToEnd();
}
}
}

the variable result contains a string. Extract below:

window.location.href ='https://login.salesforce.com/?ec=302&startURL=%2Fsetup%2Fsecur%2FRemoteAccessAuthorizationPage.apexp%3Fsource%3Dl86Hcy6qEKtWNqzXVErZDlmcRQs0D_HBE55MLVuP3x8t5wXkyHYyrVx2Xb5JoWzyVOJrnTqMMaWy_Sfomv.j1xklSQ67NPiEbdAN9HJgqZjxhVB_wL5WAOIs5h_Bfy.gt68kEhf74mUA0L6xTL_EeHuTTcX014TQZDXchWGtUirnE8kcAlfDjqOUgJVKM8sRgRdfY1iz0fqi2RpSvGVAvMI2FrpnphOGYZeUK4sMdypAhYGABRwk.B2z1IQR7XEGQDdZElS41.Se2fL.Ppaz9_bta1AbBo95jMPSAq93gdgP3GhCR3AmBr6oYgXxX0asg6dafLyGhA%253D%253D%26sdtd%3D1&sdtd=1

I can run this but it forces a login page to load and after entering my username/password the returned url includes the following:

https://avontoun-dev-ed.my.salesforce.com/services/oauth2/callback?code=aPrx_vK.AljnHqOZWwznOGCkVUPQf0CFjdYf5KxfbhwT1Vu_3a9I8OcMKw%3D%3D

which includes the authorization code

But I do not want to have to open a login page. Instead I want to be able to retrieve the authorization code programmatically to continue the process.

1. Is there any way I can simulate the login to retrieve the code?

2. Can I make the authorization code unexpired (ie retrieve the authorization code once and be able to re-use it)

Going by the Force.com REST API Developer's Guide 

2. The user logs into Salesforce with their credentials. The user is interacting with the authorization endpoint directly, so the application never sees the user’s credentials. After successfully logging in, the user is asked to authorize the application.
Note that if the user has already authorized the application, this step is skipped.
3. Once Salesforce confirms that the client application is authorized, the end-user’s Web browser is redirected to the callback URL specified by the redirect_uri parameter. Salesforce appends authorization information to the redirect URL with the following values:

An example callback URL with authorization information might look something like:
https://www.mysite.com/authcode_callback?code=aWekysIEeqM9PiThEfm0Cnr6MoLIfwWyRJcqOqHdF

8f9INokharAS09ia7UNP6RiVScerfhc4w%3D%3D

So yes, the above example is what I get after login but what if I want to create an automated process to retrieve the authorization code?

Seems like a bit of crock.

The Developer's Guide goes on:

4. The application extracts the authorization code and passes it in a request to Salesforce for an access token. This request is a POST request sent to the appropriate Salesforce token request endpoint, such as
https://login.salesforce.com/services/oauth2/token.

So how do I go about programmatically extracting the authorization code from my browser back to the application I'm building?

I'm just starting out with using chatter.

Using .net, in the developer edition, I make an httpwebrequest passing the oauth token and a GET method to mysalesforceurl/services/data/v28.0/chatter/users/userId and I get unauthorized.

I'm obviously missing something but don't know what.

Hi,

I have been thrown in the deep end!

I have been asked to write an api which logs into salesforce, downloads a file, uploads it to an external server for video encoding and then re-uploads it to salesforce.

I have been unable to find any examples of how to use oAuth in c#.net.

Has anyone managed to find or willing to share any code examples please?

Any help would be greatly appreciated.

Thanks

Trev

My question is following.
I am trying to follow "Integration Workbook" from SalesForce, and I have problems with OAuth.
It seems I am missing something important but I can't understand what it is exactly.
So, when I try to access external java heroku callout application http://bdovhan-sfjavaco-advanced.herokuapp.com/orderui I see error
"redirect_uri must match configuration"
despite I have been steps from Integration Workbook.

error=redirect_uri_mismatch&error_description=redirect_uri%20must%20match%20configuration