When Twitter originally released their API it had only one form of authentication what is now known as "basic auth". The issue with basic auth is that it requires any applications or websites that ends up using the API to use the username and password. Obviously, this represents a security issue because third parties have full access to the user via API or by just taking those passwords and logging in manually.
Like many other social services, Twitter eventually cottoned on that this was a bad idea, and they’ve adopted OAuth, a token based authentication delegation system.
Some have argued that OAuth is too complex, if you read the Twitter dev mailing list there are numerous requests to keep basic auth but just move it to SSL only. Security and trust shouldn’t be the easiest thing in the world, there needs to be a degree of complexity about them.
Somebody at Twitter got it into their mind that listening to the general whingers and whiners was a good idea. Instead of just relying on open standards, they’d make their own protocol dubbed xAuth which works in conjunction with Oauth. xAuth requires the user to enter in their user name and password, then the application/website can use those credentials to exchange for OAuth access token/secrets. Hang on a moment, their new security measure requires you to enter in "basic auth", essentially? This isn’t a case of two steps forward, one step backward, it’s a case of two steps forward and then a bullet in the head.
The idea of OAuth is so you don’t’ have to have complete trust in the applications – just the service. This method relies on the consumer application to "be a good citizen" and discard the username and password after they’ve got their tokens.
Twitter, please stick to social media, not security.
On the left is WPF, on the right is WinForms, both have this.Opacity = 0.5; as the only code behind the button.
The WinForms example, as you can see, is semi-transparent and would shown whatever is behind it (if there was something behind it)
The WPF example, however, just "dulls" the contents of the Window rather than making the whole thing semi-transparent. The way to do it is to set AllowTransparency="true". However, that means WindowStyle must be set to None, which means you lose the chrome (the ‘glass’ around it), the minimise, maximise and close button, so you have to create and control those, as well as manually resizing the Window and manually controlling moving the Window.
I tried P/Invoking the Win32 libraries to set opacity and they work perfectly… on WinForms. They fail miserably in WPF.
I’m happy to be corrected if anybody knows a solution.
Opacity earns this weeks WPFWTF award and leaves us scratching our heads with the slogan, WinForms: Back To The Future.
While reviving MahTweets I ran into severe performance problems, which were incredibly difficult to track down as none of the profiling tools I tried could really pinpoint the issues. The two issues were, while there were tweets being displayed
- Typing into a textbox with TextWrapping enabled could cause up to 25% CPU usage on my quad core desktop machine (or ~60% CPU usage on my laptop) and,
- When the webcam was enabled (so I’d presume the InteropBitmap that was being used to display it), everything would still function except the UI would ‘lock up’ and not respond to mouse/keyboard controls, and consume similar levels of CPU cycles.
It turns out both performance issues were related and the key was the datatemplate I was using in the ItemsControl (or ListBox or ListView) to display the tweets. Inside the datatemplate, I used two custom controls which both made us of the Hyperlink inline element to act as.. well.. links to either other functions to launching browsers at particular urls (eg, going to the home page of whatever twitter client people were using).
If I turned off those two custom controls, performance was awesome (amazingly awesome with virtualisingstackpanel enabled). If I turned on those controls but commented out hyperlinks, it was just as awesome.
I found (actually, @shiftkey found it for me) an example of making the WinForms style LinkLabel by extending Label. While Labels can be inserted into inline containers (such as a RichTextBox, which is what one of my custom controls was based on) they’re not selectable. While you can select over them, it doesn’t select the content inside… what I mean is if you have "fee fi fo fum", with fi fo being the contents of a LinkLabel,
public class InlineLink : Underline
{
public Uri Url
{
get { return (Uri)GetValue(UrlProperty); }
set { SetValue(UrlProperty, value); }
}
public String Text
{
get { return (String)GetValue(TextProperty); }
set { SetValue(TextProperty, value); }
}
public static readonly DependencyProperty UrlProperty =
DependencyProperty.Register("Url", typeof(Uri), typeof(InlineLink),
new FrameworkPropertyMetadata(null, new PropertyChangedCallback(OnUrlChanged)));
public static readonly DependencyProperty TextProperty =
DependencyProperty.Register("Text", typeof(String), typeof(InlineLink),
new FrameworkPropertyMetadata(string.Empty, new PropertyChangedCallback(OnUrlChanged)));
private static void OnUrlChanged(DependencyObject obj, DependencyPropertyChangedEventArgs args)
{
InlineLink il = (InlineLink)obj;
il.Inlines.Clear();
Run r = new Run(il.Text);
il.Inlines.Add(r);
il.Cursor = Cursors.Hand;
}
}
link.Click can be simulated by just using MouseLeftButtonDown (events didn’t seem to fire for ButtonUp’s)
inlinelink.MouseLeftButtonDown += new System.Windows.Input.MouseButtonEventHandler(conversationLink_Click);
Yes, I know that code is far from graceful, but it works well enough for a first stab at it. The funny thing is this extends Underline, which Underline extends Span – Hyperlink on the other hand.. well, this is the class signature public class Hyperlink : Span, ICommandSource, IUriContext
I wonder if it was something in ICommandSource, IUriContext, or within Hyperlink that was causing the problem?
My advice? Don’t use the Hyperlink control. Either roll your own "LinkLabel", or if you need an inline element that does linking use something like what I’ve got above.
