Presentation is loading. Please wait.

Presentation is loading. Please wait.

Flickr Authentication

Published byRebecca Glenn Modified over 5 years ago

Similar presentations

Presentation on theme: "Flickr Authentication"— Presentation transcript:

1 Flickr Authentication
Mohamed Shehab

2 Stage 1 (Application Registration)
Get an application key and secret. Assign the application CallBack URL. Provide application description. Provide application logo.

3 Stage 2 (Login URL) Create the Login Link
&perms=[perms]&api_sig=[api_sig] Permissions (perms): includes: read - permission to read private information write - permission to add, edit and delete photo metadata (includes 'read') delete - permission to delete photos (includes 'write' and 'read') Signature (api_sig): How is the API signature computed ?

4 Stage 2 (Login URL) The api_sig is the MD5 hash of the following strings concatenated: secretvalue ‘api_key’ The actual API key value. ‘perms’ Your selected permission (read, write, delete). $api_sig = md5($secret.’api_key’.$api_key.’perms’.’read’);

5 Step 2 (Getting the frob value)
When the user follows your login url, they are directed to the a page on flickr.com which asks them if they want to authorize your application. Flickr will display your application title, application logo, and the type of permissions you are requesting from the user. When the user accepts the request, they are sent back to the Callback URL you defined in the registration stage. The Callback URL will have a ‘frob’ parameter added to it: If the callback URL was then the user will be redirected to: How to extract the frob value ?

6 Step 3: Convert the frob to an auth token
The callback URL is also called the authentication handler (auth handler) page. The auth handler page needs to acquire an authentication token. The auth handler page needs to take the frob and make a regular authenticated call to the API method flickr.auth.getToken to acquire that token.

7 Step 3: Convert the frob to an auth token
To make the call to he flickr.auth.getToken we need to compose the following URL: api_sig=[api_sig]; The api_sig is the MD5 hash of the following: $secret ‘api_key’ $api_key ‘frob’ $frob ‘method’ ‘flickr.auth.getToken’ $api_sig = $secret.’api_key’.$api_key.’frob’.$frob.’method’.’flickr.auth.getToken’;

8 Step 3: Convert the frob to an auth token
To make the call to he flickr.auth.getToken we need to compose the following URL: api_sig=[api_sig]; The api_sig is the MD5 hash of the following: $secret ‘api_key’ $api_key ‘frob’ $frob ‘method’ ‘flickr.auth.getToken’ $api_sig = md5($secret.’api_key’.$api_key.’frob’.$frob.’method’.’flickr.auth.getToken’);

9 Step 3: Convert the frob to an auth token
Upon calling the flickr authentication method it returns the following XML authentication response: <auth> <token> </token> <perms>write</perms> <user username="Bees" fullname="Cal H" /> </auth> token: is the authentication token which is required for all following authenticated calls. perms: requested permissions. user: username of user who granted the application the above permission on their profile.

10 Step 4: Making an authenticated call
All authenticated calls have to include a signature. For example to retrieve the users in a certain group you have to be authenticated when calling the method “flickr.groups.members.getList” The signature is computed by hashing the arguments called by the API in alphabetical order. For example: auth_token=[auth_token]&api_sig=[api_sig] api_key auth_token method per_page $api_sig = md5($secret.’api_key’.$api_key.’auth_token’.$auth_token.’method’.$method.’per_page.$per_page);

Download ppt "Flickr Authentication"

Similar presentations

The How of OAuth OAuth Hackathon – Six Apart

The How of OAuth OAuth Hackathon – Six Apart
Publication Module using back end interface. Institution Data Entry Add Documents. Edit/Delete Documents that are added but not yet sent to Institution.

Publication Module using back end interface. Institution Data Entry Add Documents. Edit/Delete Documents that are added but not yet sent to Institution.
Overview of Twitter API Nathan Liu. Twitter API Essentials Twitter API is a Representational State Transfer(REST) style web services exposed over HTTP(S).

Overview of Twitter API Nathan Liu. Twitter API Essentials Twitter API is a Representational State Transfer(REST) style web services exposed over HTTP(S).
Help File For User Creation Click the “Course” button for Creating/Add User.

Help File For User Creation Click the “Course” button for Creating/Add User.
Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview.

Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview.
Exploring PHP and MySQL Using an Online Travel Agency as a Case Study Charles R. Moen, M.S. Morris M. Liaw, Ph.D. October 9, 2004 ACET 2004.

Exploring PHP and MySQL Using an Online Travel Agency as a Case Study Charles R. Moen, M.S. Morris M. Liaw, Ph.D. October 9, 2004 ACET 2004.
Managing Users. Overview for School Admin Users Define Users Users Module Add Users Importing Users and Groups Manually adding users Search for Users.

Managing Users. Overview for School Admin Users Define Users Users Module Add Users Importing Users and Groups Manually adding users Search for Users.
FI-WARE Testbed Access Control temporary solution.

FI-WARE Testbed Access Control temporary solution.
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
For new coming user, you need to request account before log-in to the system by 1. Go to 2. Click “Register”

For new coming user, you need to request account before log-in to the system by 1. Go to 2. Click “Register”
OmStore Cloud API Harshit Agarwal Sohil Habib. About Us ●We are graduate students at CMU ●Currently at CMU Silicon Valley campus ●Working part time with.

OmStore Cloud API Harshit Agarwal Sohil Habib. About Us ●We are graduate students at CMU ●Currently at CMU Silicon Valley campus ●Working part time with.
Next Click here Select Moodle to open the Child-Parent Centers Professional Growth Site Click here.

Next Click here Select Moodle to open the Child-Parent Centers Professional Growth Site Click here.
Mark Kashman Senior Product Manager –

Mark Kashman Senior Product Manager –
Www.vanschools.org Website Tutorial. www.vanschools.org Administration  Log on by clicking Login on the footer of almost any page  Your Username is.

Website Tutorial. Administration  Log on by clicking Login on the footer of almost any page  Your Username is.
Jim Cunningham, Sr. Engineering Manager Todd Sieber, Integrations Wizard Lab: Adding PayPal to Existing VeriSign Solutions.

Jim Cunningham, Sr. Engineering Manager Todd Sieber, Integrations Wizard Lab: Adding PayPal to Existing VeriSign Solutions.
OneDrive mailbox.makeEwsRequest( ); Message forwarded by ExchangeEndpoint retrieves attachments App in Outlook.

OneDrive mailbox.makeEwsRequest( ); Message forwarded by ExchangeEndpoint retrieves attachments App in Outlook.
FLICKR PHP ETHEL D COFIE Preparation 1. Obtain an API key 2.Configure your key-Shared Secret Link :

FLICKR PHP ETHEL D COFIE Preparation 1. Obtain an API key 2.Configure your key-Shared Secret Link :
OneDrive mailbox.makeEwsRequest( ); Message forwarded by ExchangeEndpoint retrieves attachments App in Outlook.

OneDrive mailbox.makeEwsRequest( ); Message forwarded by ExchangeEndpoint retrieves attachments App in Outlook.
Online Service 1. Authorization Request (Start URL) 2. Login page 3. Credentials 4. Authorization page 5. User decision 6. Authorization.

Online Service 1. Authorization Request (Start URL) 2. Login page 3. Credentials 4. Authorization page 5. User decision 6. Authorization.
Week seven CIT 354 Internet II. 2 Objectives Database_Driven User Authentication Using Cookies Session Basics Summary Homework and Project 2.

Week seven CIT 354 Internet II. 2 Objectives Database_Driven User Authentication Using Cookies Session Basics Summary Homework and Project 2.

Similar presentations

Ads by Google