9

I'm tinkering with the OneDrive API.

Find the code here https://github.com/onedrive/onedrive-sdk-csharp

Specificaly the OneDrive Api Browser.

I have no formal education on this specific subject (Authentication).

I want to know, how would I stay authenticated after the first login? That is, how would I store the login information when it seems that you are expected to query the URI for a token every time?

For example, when the OneDrive API Browser solution is run, You must sign in every time the app is run. What if I wanted to save the credentials somewhere, say in a text file? How would I do that? (I am aware of the security issues / poor practice there)

Should I save the token somewhere? Is there another service to use for longterm tokens? Is it even possible? Are cookies involved?

Frostytheswimmer
  • 720
  • 4
  • 19
  • 1
    One standard way of doing this is to use the Windows Data Protection API (DPAPI), through the ProtectedData class in .NET: https://msdn.microsoft.com/en-us/library/ms229741.aspx – Simon Mourier Jan 11 '17 at 07:21
  • 1
    Check this out https://github.com/OneDrive/onedrive-sdk-dotnet-msa-auth-adapter#cache-sessions Otherwise, you can use microsoft account service oauth endpoints directly https://dev.onedrive.com/auth/msa_oauth.htm#step-3-get-a-new-access-token-or-refresh-token – qjuanp Jan 16 '17 at 16:57

1 Answers1

3

Conceptually after you authenticated your app using code flow, you will receive a refresh token which you can save along with your client Id and use it later to retrieve the access token as described here . For windows and windows phone you can also use the Authentication Adapter for the OneDrive SDK which does all the job:

MsaAuthenticationProvider msaAuthProvider = new MsaAuthenticationProvider(
                            MsaClientId,
                            MsaClientSecret,
                            RedirectUri,
                            Scopes,
                            null,
                            new CredentialVault(MsaClientId));

        await msaAuthProvider.RestoreMostRecentFromCacheOrAuthenticateUserAsync(userName);
        OneDriveClient oneDriveClient = new OneDriveClient("https://api.onedrive.com/v1.0", msaAuthProvider);
Behzad Shams
  • 94
  • 6