I love .NET! Microsoft .NET Programming (Visual Studio, C#, coding, techniques, tutorials, examples.. and more!)

With the release of Microsoft Codename "Dallas" CTP3 and the features announced in the previous post, it became easier to add support for Dallas to Sesame Data Browser.
The new version of Sesame published today allows you to browse Dallas datasets, as demonstrated below.

Creating a connection to a Dallas dataset in Sesame is easy. You just need a dataset URL and an account key.

The Dallas portal

In order to get an account key and URLs, you need to visit https://www.sqlazureservices.com and sign in with a Windows Live ID. You'll then be able to subscribe to datasets, such as AP Online (Associated Press) or business information from InfoGroup:

Note: Only CTP3 services are supported in Sesame.

Once you have a subscription, you can visit its preview page. This is where you'll find the URL you'll use in Sesame.
Here is for example the page for AP Online:

The URL for AP Online is highlighted in blue on the above picture.

Your account key is available on the "Account keys" page:

Dallas in Sesame

Now that you have an account key and a URL, you can create an OData connection in Sesame:

Here is the result for AP Online if you click on GetBreakingNewsCategories:

Copy a category ID and click on GetBreakingNewsContentByCategory.
Paste the category ID in categoryId and type 5 for count:

After clicking on Open, you'll get data in a grid, as usual:

You can also locate the news items on a map:

Known bugs

• A bug in Dallas CTP3 prevents the "Load more" button to work correctly in all cases.
• Dallas CTP3 does not support all filter operations. Namely, the EndsWith, StartsWith, Contains, DoesNotContain and IsContainedIn don' work with Dallas datasets.

Please give this new version a try. As always, your feedback and suggestions are welcome!

No Comments »

Sesame Data Browser has just been updated to offer the following features for OData feeds:

• Maps
• Improved Service operations (FunctionImport) support
• HTTP Basic Authentication support
• Microsoft Dallas support
  

Maps

Sesame now automatically displays items on a map if spatial information is available in data.

This works when latitude and longitude pairs are provided.
Here is for example a map of drinking fountains in Vancouver:

This comes from DrinkingFountains in http://vancouverdataservice.cloudapp.net/v1/vancouver, which provides latitude/longitude for each fountain.

Here is another example, without latitude/longitude this time:

This is a map of the customers from the Northwind database, which are located based on their country, postal code, city, and street address.

Service operations (FunctionImport)

Support for service operations (aka FunctionImports) has been improved. Until now, only functions without parameters were supported.

It's now possible to use service operations that take input parameters. Let's take as an example the GetProductsByRating function from http://services.odata.org/OData/OData.svc.

This function is attached to Products, as you can see below:

A "rating" parameter is expected in order to open the function:

After clicking Open, you'll get data as usual:

HTTP Basic Authentication

New authentication options have been added: HTTP Basic and Dallas (more on the latter in the next post).

HTTP Basic authentication just requires a user name and a password, and is simple to implement.

Microsoft Dallas support

Please give Sesame Data Browser a try. As always, your feedback and suggestions are welcome!

No Comments »

No Comments »

When an error occurs within Microsoft SharePoint Foundation 2010 a Correlation ID will be displayed in the error message:

This Correlation ID is logged within the SharePoint log files and you can use it to find out more details about the error that occurred. 

The two pieces of information you will need from the error message above are the Correlation ID and the date and time of the error. 

Once you have those two pieces of information, browse to the SharePoint log files on your SharePoint server located at:

C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\LOGS

The log files will be labeled with a date time stamp so find the one that corresponds to the time frame of the error and then open this log file in Notepad (or the text editor of your choice) and search for the Correlation ID. 

You will probably find it listed in several places, from the beginning GET request to when the error occurred, and finally to when the logging of correlation data stops.  Of course you are probably most interested in the error message but there will be more information in the log associated with the Correlation ID to help you find the root cause of the error.

No Comments »

For those looking at Windows Phone 7 development, Microsoft Canada will hold two events in Montreal next week (Sept 9 and 10, 2010)  where you’ll be able to see a real Windows Phone 7 device.  Well, it’s a pre production developer device so it’s the closest thing you’ll get to the real thing right now  ;-)

The 1st event is called “Microsoft Canada Windows Phone 7 Night in Montreal (featuring a developer device!)” and will take place on Sept 9 evening.
Register here

The second event is targeted at developers who used the phone emulator and wants to test their app on a real device.  This will take place on Sept 10.  You need to contact Christian Beauclair to reserve a spot.
christian.beauclair@microsoft.com

No Comments »

If you’re an avid reader of this blog, you probably now that I’m quite a big fan of the jQuery Javascript library, especially in combination with SharePoint sites. For a while I’ve been trying to find a mechanism to deploy jQuery and add a reference to it on all SharePoint pages of a site, by just using a Sandboxed Solution. The first part, deploying the jQuery file, is really easy; this can be done in a Module in a SharePoint project. The second part was more of a challenge; making sure the jQuery file got referenced in all pages of a SharePoint site. My initial thought was to do this by using the AdditionalPageHead Delegate control, but it’s not possible in a Sandboxed Solution (you need to deploy the .ASCX to the SharePoint root). My second thought was to use the new ScriptSrc attribute you can use in a CustomAction (I wrote about this attribute some time ago). But initially I was under the impression that the ScriptSrc attribute could only target Javascript files loaded from the SharePoint Root (the \LAYOUTS) folder, resulting in a no-go for a Sandboxed Solution as well. Daniel McPherson stumbled upon this issue as well, but neatly solved it using Javascript to add the reference dynamically.

But apparently you can make use of the ScriptSrc attribute to reference files from the Virtual File System (e.g. a Document Library in a site) as well! (thank you Frederic Dobon for mentioning this!). The trick is to use the ~SiteCollection prefix in the ScriptSrc attribute, for example:

<Elements xmlns="http://schemas.microsoft.com/sharepoint/">
  <CustomAction
    ScriptSrc="~SiteCollection/SiteAssets/jquery-1.4.2.min.js"
    Location="ScriptLink"
    Sequence="10">
  </CustomAction>
</Elements>

It’s that easy! For your convenience I’ve uploaded the source code and the resulting SharePoint Solution (WSP file) to CodePlex.

No Comments »

I can't say that I've ever known any kind of Web-based service to suck as much as Twitter, yet be as simple and popular. It really boggles the mind.

As just a regular user, it can be annoying enough with the constant outages and failures. As a developer, it's even worse. In my case, I put a simple hook in CoasterBuzz to publish links from our news page using our cstr.bz short URL's. At the time, you could do simple authorization, as well as OAuth. Since I wasn't dealing in nuclear secrets, and the .NET libraries for OAuth and/or Twitter were somewhere between weak and non-existent, I took the path of least resistance and did up some basic auth against a super simple RESTful URL. It took all of five minutes. And hey, all the docs said is that they'd support basic auth for a long time (or something to that effect).

Then yesterday, I noticed that the publishing is failing. I look at my error logs, and it's 401'ing. I do some looking around to find that they've turned off basic auth. To add insult to injury, I see this on their blog:

Fortunately, developers have known about our transition to OAuth since last December, so they’ve had time to update their apps."

Wow, really? Everyone knew? It's news to me. I pushed out my silly stuff in February, and there was no mention anywhere of any intention to discontinue basic auth, or dates or anything else. Lame.

So I'm chatting with a friend about this, and as we're chatting, lo and behold, e-mail from Twitter lands in our inboxes simultaneously. It contains this gem:

"Over the coming weeks, we will be making two important updates that will impact how you interact with Twitter applications. We are sending this notice to all Twitter users to make sure you are aware of these changes... Starting August 31, all applications will be required to use “OAuth” to access your Twitter account."

You know when this would have been great information? Weeks before September 1, when the e-mail arrived.

My issue is not about using OAuth (however much I'm annoyed that the once simple API is not simple anymore). In fact, the technical merits of using it aren't even an issue to me, as it took less than an hour to fix the problem, and most of that was just evaluating libraries. What annoys me to no end is how unprofessional these kinds of changes are. People are building businesses around Twitter. It's not OK to pull crap like this.

Between this and the annoyance of intermittent outages for the world at large, I can't understand how Twitter is the only game in town. I realize there's a critical mass issue, but the world is a fickle place, especially when it comes to the Internet. Perhaps it's because no one wants to get into a "business" that, to date, has no business.

No Comments »

In my last posting I introduced my idea about common membership provider for ASP.NET that is able to support multiple authentication providers. Before writing membership provider we need support for some authentication providers to get an better idea how to use them together. In this posting I will introduce you how to use OAuth protocol with Twitter.

Before we start …

… let me make some important notes and give some advises so you know better what is going on:

• OAuth is secure open-source authentication API that is used by Twitter and many other providers. You can find out more details about OAuth from their homepage at http://oauth.net/. There is also official specification for OAuth by Internet Engineering Task Force (IETF): The OAuth 1.0 Protocol.
• To make our sad lives easier there is library for .NET that makes it for us easier to support OAuth and OpenID protocols in our systems. This cool library is called DotNetOpenAuth. This library is also used by stackoverflow and MySpace. We will use the same library, so go and download it before starting with code.
• You need to register Twitter application. Go to page Twitter’s application registration page and register new application. You need consumer key and consumer secret parameters of your application later.
• Copy “Sign in with Twitter” to some of your web application’s folders where other images are. You need this button on logon page later.
• This is pretty raw stuff here and how to finish it so it works fine for you is up to you this time.
• I am sorry for format of code but I found no better way to get it more readable here. When my new blog is finished somewhere in future then there will be way better layout that is designed with .NET code in mind. This far, please survive my current blog! :)

I suppose you can Twitter application registered by yourself and also it should not be very hard to download DotNetOpenAuth and add it to your ASP.NET MVC application.

Token manager

Before we can connect to Twitter we need token manager that handles security tokens. Right now we will use InMemoryTokenManager that comes with Twitter application block for Enterprise Library (you can find it from samples folder of your DotNetOpenAuth download). The class is here, you can take it using copy and paste. I removed code documentation from this class because I plan to replace it later by my own token manager.

internal class InMemoryTokenManager 
    : IConsumerTokenManager, IOpenIdOAuthTokenManager 
{
  

    private Dictionary<string, string> tokensAndSecrets = 
        new Dictionary<string, string>();

    public InMemoryTokenManager(string consumerKey, string consumerSecret) 
    {

        if (String.IsNullOrEmpty(consumerKey)) {

            throw new ArgumentNullException("consumerKey");

        }

        this.ConsumerKey = consumerKey;

        this.ConsumerSecret = consumerSecret;

    }

    public string ConsumerKey { get; private set; }

    public string ConsumerSecret { get; private set; }

    public string GetTokenSecret(string token) {

        return this.tokensAndSecrets[token];

    }

    public void StoreNewRequestToken(UnauthorizedTokenRequest request, 
                                     ITokenSecretContainingMessage response) 
    {

        this.tokensAndSecrets[response.Token] = response.TokenSecret;

    }

    public void ExpireRequestTokenAndStoreNewAccessToken(string consumerKey, 
        string requestToken, string accessToken, string accessTokenSecret) 
    {

        this.tokensAndSecrets.Remove(requestToken);

        this.tokensAndSecrets[accessToken] = accessTokenSecret;

    }

    public TokenType GetTokenType(string token) 
    {

        throw new NotImplementedException();

    }

    public void StoreOpenIdAuthorizedRequestToken(string consumerKey, 
        AuthorizationApprovedResponse authorization) 
    {

        this.tokensAndSecrets[authorization.RequestToken] = String.Empty;

    }

}

This class may seem a little bit complex at first place but when you have Twitter connected and you play with it a little bit then you get the idea. There is really nothing complex and implementing you own token manager should be easy.

Twitter client

Now let’s write Twitter client. This is class that does all the dirty work for us. It is better for us to have this class instead of pushing all this functionality to our logon page controller methods. For one authentication provider it doesn’t seem like very bad sin but if we have three or five different authentication providers supported then our logon page controller will look like war field. So, let’s fight against chaos right from start.

public class TwitterClient

{

    private string UserName { get; set; }

    private static readonly ServiceProviderDescription ServiceDescription = 
        new ServiceProviderDescription

    {

        RequestTokenEndpoint = new MessageReceivingEndpoint(
                                   "http://twitter.com/oauth/request_token", 
                                   HttpDeliveryMethods.GetRequest | 
                                   HttpDeliveryMethods.AuthorizationHeaderRequest),

         UserAuthorizationEndpoint = new MessageReceivingEndpoint(
                                   "http://twitter.com/oauth/authorize",    
                                   HttpDeliveryMethods.GetRequest | 
                                   HttpDeliveryMethods.AuthorizationHeaderRequest),

         AccessTokenEndpoint = new MessageReceivingEndpoint(
                                   "http://twitter.com/oauth/access_token", 
                                   HttpDeliveryMethods.GetRequest | 
                                   HttpDeliveryMethods.AuthorizationHeaderRequest),

         TamperProtectionElements = new ITamperProtectionChannelBindingElement[] 
                                       { new HmacSha1SigningBindingElement() },

    };

    IConsumerTokenManager _tokenManager;

    public TwitterClient(IConsumerTokenManager tokenManager)

    {

        _tokenManager = tokenManager;

    }

    public void StartAuthentication()

    {

        var request = HttpContext.Current.Request;

        using (var twitter = new WebConsumer(ServiceDescription, _tokenManager))

        {

            var callBackUrl = new Uri(request.Url.Scheme + "://" + 
                              request.Url.Authority + "/Account/TwitterCallback");

            twitter.Channel.Send(
                twitter.PrepareRequestUserAuthorization(callBackUrl, null, null)
            );

        }

    }

    public bool FinishAuthentication()

    {

        using (var twitter = new WebConsumer(ServiceDescription, _tokenManager))

        {

            var accessTokenResponse = twitter.ProcessUserAuthorization();

            if (accessTokenResponse != null)

            {

                UserName = accessTokenResponse.ExtraData["screen_name"];

                return true;

            }

        }

        return false;

    }

}

Our TwitterClient has two methods. StartAuthentication() is called when user clicks on Twitter button. FinishAuthentication() is called in Twitter authentication callback page to finalize authentication procedure. As a next thing I will show you how to mix all together.

Logon page

Okay, I expect you have default ASP.NET MVC application with AccountController and no markable modifications there. Let’s go now through changes using minimal steps. As a first let’s open LogOn.aspx view and add the following markup there.

Now let’s open AccountController and add the following lines of code to the beginning of controller class.

static private readonly InMemoryTokenManager TokenManager =

    new InMemoryTokenManager("<consumerKey>", "<consumerSecret>");

Replace <consumerKey> and <consumerSecret> with values you got from your Twitter application page. I know it is not nice solution but it works for me now and of course I will let you know how to solve it better as soon as I work out better solution.

Now add two new controller methods to AccountController.

public ActionResult StartTwitterAuth()

{

    var client = new TwitterClient(TokenManager);

    client.StartAuthentication();

    return null;            

}

public ActionResult TwitterCallback()

{

    var client = new TwitterClient(TokenManager);

    if (client.FinishAuthentication())

    {

        return new RedirectResult("/");

    }

 

    // show error

    return View("LogOn");

}

Now we have Twitter support added to our ASP.NET MVC application.

Testing Twitter authentication

After compiling your application put breakpoint to TwitterCallback method on the line where redirect is made. Now run your application and log in using Twitter. When application starts go to log on page and click on Twitter button. After successfully logging in the breakpoint will be hit. Check out the value in UserName property of variable called client. You sould see there you Twitter username.

Conclusion

Getting Twitter authentication work with ASP.NET MVC using DotNetOpenAuth was pretty simple thing to do. There was also no complex issues from Twitter side and everything started to work smoothly. Besides Twitter there are many other sites that provide authentication options to external applications using OAuth protocol. With little modifications to code provided here you can use some other provider instead of Twitter or add additional OAuth providers to your ASP.NET MVC application.

No Comments »

As Jesus mentioned in this post, SO-Aware provides three interfaces for managing the service repository. An OData API in case you want to integrate third applications with the repository. OData is a pure http API that can be easily consumed in any platform using a simple http client library. The management portal, which is an ASP.NET MVC user interface layered on top of the OData API and probably the one most people will use. And finally, a PowerShell provider that also mounts on top of the OData API to allow administrators to automate management tasks over the repository with scripting. 

The SO-Aware PowerShell provider, in that sense offers around 40 commands that enables simple management scenarios like registering bindings or services or more complex scenarios that involves testing services or sending alerts when a service is not properly working.  

This provider can be registered as an snapin in an existing script using the following command,

$snapin = get-pssnapin  | select-string "SOAwareSnapIn"
if ($snapin -eq $null)
{
    Add-PSSnapin "SOAwareSnapIn"
}

Once you have registered the snapin, you can start using most of the commands for managing the repository.

The first and more important command is “Set-SWEndpoint”, which allows you to connect to an existing SO-Aware instance. This command receives the OData service location as first argument, and it looks as follow,

Set-SWEndpoint -uri http://localhost/SOAware/ServiceRepository.svc

As next step, you can start managing or querying data from the repository using the rest of the commands. For instance, the following example registers a new binding in the repository only if it was not created already

function RegisterBinding([string]$name,[string]$type,[string]$xml)
{
    $binding = GetBinding($name);
    if(!$binding)
    {
       Add-SWBinding -Name $name -BindingType $type -Configuration $xml
    }
}


function GetBinding([string]$name)
{
    $bindings = Get-SWBindings
    foreach($binding in $bindings)
    {
        if($binding.Name -eq $name)
        {
            return $binding
        }
    }
}


RegisterBinding "stsBinding" "ws2007HttpBinding" "<binding>
        <security mode='Message'>
            <message clientCredentialType='UserName' establishSecurityContext='false' negotiateServiceCredential='false'/>
        </security>
 </binding>";

As you can see, this provider brings a powerful toy that administrators in any organization can use to manage services or governance aspects by leveraging their scripting knowledge.

No Comments »

Good news from Amazon this morning as they have announced what I’ve been asking for – an API for content invalidation.  Previously, they allowed content to have a max-age of 1 hour, but it didn’t allow for the control that a manual invalidation would have.  According to the press release, the API call will allow for the removal of files from all edge locations.  A set of files can be removed as well.

“Invalidation requests for the first 1,000 files each month are provided at no additional charge; above this level, there is a $0.005 charge for invalidating each additional file.”

This is great news on 2 fronts:

1. It’s a great feature that was missing from an already solid product.
2. It’s a sign that Amazon is listening to it’s customers and providing updates without deprecating existing APIs.

Here’s a screenshot of the API call from Amazon’s CloudFront developer documentation:

via Amazon Web Services

more later  - joel

No Comments »