rest - 使用 yammer 进行身份验证

Question

我正在集成我的 CRM 应用程序，Yammer为此我在内部创建了一个应用程序Yammer，通过使用 ClientID、客户端密码和重定向 URL，我正在验证 Yammer 用户到应用程序。

问题是，每当用户更改密码或任何其他尝试通过应用程序登录的用户时，它都会询问是否允许许可。如果任何用户使用我的应用程序登录到 yammer，我只是不希望它应该自动允许。请帮我解决这个问题我也在发布我的代码

referalUrl = oauthUrl + clientId;
            oauthUrl =oauthUrl+ clientId + "&redirect_uri=" + redirUrl;      //For authentication to Yammer
            //referalUrl = oauthUrl + clientId;
            accessTokenUrl = accessTokenUrl + "client_id=" + clientId + "&client_secret=" + clientSecret + "&code=";
            string qsCode = string.Empty;
            string accessToken = "";
            string postResults = string.Empty;
            string response = string.Empty;
            string firstName = string.Empty;
            string lastName = string.Empty;
            //string currentUser = string.Empty;
            object yammerUserId = this.PrimaryDataRow[YammerUserTable.Field.YammerUserId];
            object currentUserId = this.SystemClient.UserProfile.EmployeeId;


        if (string.IsNullOrEmpty(accessToken))
        {
            while (string.IsNullOrEmpty(qsCode))
            {
                response = YammerAPIRequest.MakeGetRequest(oauthUrl, null, true);

                //look for authenticity token
                string authToken = YammerAPIRequest.GetAuthenticityToken(response);

                if (!string.IsNullOrEmpty(authToken))
                {
                    string f = System.Web.HttpUtility.UrlEncode(authToken);

                    userName = System.Web.HttpUtility.UrlEncode(userName);
                    //password = System.Web.HttpUtility.UrlEncode(password);
                    string postBody = "utf8=%E2%9C%93&authenticity_token=" + System.Web.HttpUtility.UrlEncode(authToken) + "&network_permalink=aptean.com&login=" +
                        userName + "&password=" + password + "&remember_me=on";

                    postResults = YammerAPIRequest.MakeLoginPostRequest(postBody, loginUrl, f, null, referalUrl);
                }
                qsCode = postResults;
                if (qsCode.IndexOf("code") == -1 && qsCode.IndexOf("redirect_uri")==-1)
                {
                    PivotalMessageBox.Show("Please enter Correct Username or Password");
                    return false;
                }
                else
                {
                    PivotalMessageBox.Show("You have Logged in to Yammer");
                    string postreq = "utf8=%E2%9C%93&authenticity_token=" + System.Web.HttpUtility.UrlEncode(authToken) + "&allow=Allow";
                    string allowurl="https://www.yammer.com/aptean.com/oauth2/decision?client_id=BAUC8GdiEZ5ximkabWM9Q&redirect_uri=https%3A%2F%2Fwww.yammer.com%2Faptean.com%2F&response_type=code";
                    string allow = YammerAPIRequest.AllowtoApp(postreq, allowurl, authToken, null, null);
                    if (allow != "")
                    {
                        qsCode = allow;
                    }

Answer 1

如果任何用户使用我的应用程序登录到 yammer，我只是不希望它应该自动允许

这是设计使然，不能从您的代码中更改/绕过。必须为用户提供允许或拒绝使用 yammer 第三方应用程序的选项。

如果适合您的用例，您可以考虑使用模拟端点 - https://developer.yammer.com/docs/impersonation