Monday, September 27, 2010

Twitter oAuth SHA1 Digest Class / Webmatrix Helper

*** Update*** For some reason the class wasn't showing up, making this info useless. Fixed.

I've decided to use Twitter's @anywhere Javascript service to integrate Twitter functionality into a website I'm building.

I found it pretty easy to use. I decided to integrate some server side logic once a person logged into my website using Twitter. Knowing that Javascript is pretty easy to spoof, I wanted to explore ways of not taking a given user's Twitter login for granted. I found this cryptic paragraph in the @anywhere documentation listed above.

Once the user has authorized the host site, Anywhere will set a cookie named "twitter_anywhere_identity" that contains the id of the logged in user. You can read this on the server side to learn the user's ID. The format of the cookie is:


When reading the cookie on the server, you should use the signature to verify that this information has come from Twitter. Calculate the signature by appending the given user_id to your OAuth consumer secret and creating a SHA1 hex digest. If this matches the signature in the identity cookie the user ID is verified. For example, in Ruby:

Digest::SHA1.hexdigest(user_id + consumer_secret)

Ut Oh. I know Twitter tends to not have a lot of examples in .Net floating around. After Googling for a bit I found this excellent article on .Net and SHA1 Interop by Jonathan Cogley-

After doing a few minor tweeks to Jonathan's base code (name space change from .Net 1.1), I present to you a Twitter oAuth SHA1 Digest class


The above class will work with any flavor of .Net. If you want to use the above class as a Webmatrix helper, create a class file, rename it TweetSHADigest.cs, paste over the generated code in the file with the above code. The class file should be in a folder called App_Code.

Once Twitter has made a call back to your web site, you can verify that the cookie set came from twitter like so. You will need your web application's Twitter OAuth consumer secret.

Sunday, September 26, 2010

Various CDN's Around the Web

Obviously Google's CDN is what you want to use, as it is another link into the google matrix that helps your page ranks.

Google CDN Dev Guide

Here is a link to add the latest v1.x.x version of jQuery to your page hosted by Google-

There are alternatives though, you can you CDN libraries hosted by Microsoft-

Microsoft Hosted CDN's

And there is the new kid on the block,

Cached commons looks promising as it host A LOT of javascript libraries, not just jQuery.

I'll add more links as I find them.

Saturday, September 25, 2010

Simple Twitter @anywhere Login/Logout Custom Button

Here is a simple Twitter @anywhere login logout button jQuery script. Note this assumes you have added your a reference to jQuery and your Twitter anywhere javascripts to your page, as well as having a span somewhere on your page with the id of "lbtn".

This is just to get you started, change and configure as you like.

Testing on Mobile Devices

Here is a list of Mobile Testers. If you know of any more please comment and I'll add them to the list.

Some additional ones-

Wednesday, September 15, 2010

50 Great Web Based Apps to Replace Desktop Ones

Check this list out.

GPU Acceleration in HTML 5

Check this out! Google Chrome demo with GPU acceleration. Expect to see it in Chrome 6?

Also IE9 will have compiled JavaScript. The browser war is back on. Flash? Silverlight? You better do something fantastic else HTML 5 over time will eat your bloated asses for lunch.

Monday, September 06, 2010

Stored Procedures and Webmatrix

OK, there isn't a whole lot of documentation for using stored procedures with Microsoft.Data in WebMatrix. Here is one way I got one to work, I'm hoping there is a better way.

Example of a post back insert using a stored proc. Note I'm not doing any validation here, and if you use this method do a little research on SQL Injection and guard against it.

@if (IsPost) {

var LinkName = Request["LinkName"];
var LinkURL = Request["LinkURL"];

string sQ = String.Format("execute dbo.myprocname @LinkName=\"{0}\",
@LinkURL=\"{1}",LinkName, LinkURL);