Scam warning: Shaw Holdings Pte ltd
Scam warning!
TL; DR;
If you get approached by this company for investment. It’s a scam. Evidence below
https://drive.google.com/drive/folders/1s8PmzNv9YZQI_C50Tx118cqO9REkJgvu?usp=sharing
I got approached by this company, which in the exchange of 2 emails offered a $1M investment. To good to be true. With zero-due diligence. I’ve been trhough similar processes before, and expect a month’s worth of due dilligence document preparation before getting to the point of an offer.
Anyway, so I did due dilligence on them, and specifically, their director:
NRIC/FIN/Passport No. : S8838988C
Name : CHENG YONG TECK
Nationality/Citizenship : SINGAPORE CITIZEN
Address : 10 MARTIN PLACE, #17-14, MARTIN MODERN, SINGAPORE 237963
The director being involved in a bizarre mix of different companies, including immigration ( link ) , weddings, plastic surgery ( link ) , Weight loss, and engineering companies.
Specifically, the Plastic surgery business has left lots of people our of pocket, and is connected to the other holding company; quote “Anyway, both Dore Aesthethics and Dore Clinic are owned by Kate Holdings.The Director is Cheng Yong Teck who lives in Orchard Residences. Born in 1988.”
🔍 Fetching Adobe Profile Information by Email Using AvatarAPI
In the age of personalization and integration, being able to retrieve user profile images and basic information programmatically can be invaluable for CRMs, marketing platforms, and analytics systems. AvatarAPI provides a simple yet powerful way to fetch profile data from various providers, including Adobe, just by using an email address.
In this post, we’ll walk through how to retrieve Adobe profile details using AvatarAPI, including how to interpret the JSON response and especially the RawData payload.
📬 Making the Request
To fetch a user’s Adobe profile via AvatarAPI, you’ll need to send a POST request to:
https://avatarapi.com/v2/api.aspx
Here’s a sample request payload:
{
"username" : "demo",
"password" : "demo___",
"provider" : "Adobe",
"email" : "falecom@sergiolimabroker.com.br"
}
Replace
usernameandpasswordwith your actual AvatarAPI credentials.
📦 Sample Response
Here’s what a successful response might look like:
{
"Name": "",
"Image": "https://mir-s3-cdn-cf.behance.net/user/276/63d4f1907178277.60f249006a140.jpg",
"Valid": true,
"City": "",
"Country": "",
"IsDefault": false,
"Success": true,
"RawData": "[{\"type\":\"individual\",\"authenticationMethods\":[{\"id\":\"google\",\"url\":\"https://adobeid-na1.services.adobe.com/renga-idprovider/social/v2/signin/google\"},{\"id\":\"password\",\"url\":null}],\"status\":{\"code\":\"active\",\"reason\":null},\"images\":{\"50\":\"https://mir-s3-cdn-cf.behance.net/user/50/63d4f1907178277.60f249006a140.jpg\",\"100\":\"https://mir-s3-cdn-cf.behance.net/user/100/63d4f1907178277.60f249006a140.jpg\",\"115\":\"https://mir-s3-cdn-cf.behance.net/user/115/63d4f1907178277.60f249006a140.jpg\",\"138\":\"https://mir-s3-cdn-cf.behance.net/user/138/63d4f1907178277.60f249006a140.jpg\",\"230\":\"https://mir-s3-cdn-cf.behance.net/user/230/63d4f1907178277.60f249006a140.jpg\",\"276\":\"https://mir-s3-cdn-cf.behance.net/user/276/63d4f1907178277.60f249006a140.jpg\"},\"hasT2ELinked\":false}]",
"Source": {
"Name": "Adobe"
}
}
🧠 Understanding the Response Fields
- Image: URL of the profile image, typically hosted on Behance CDN.
- Valid: Boolean indicating whether a profile was found.
- IsDefault: Tells you whether the image is a generic placeholder or a custom user-uploaded image.
- Success: Boolean status of the request.
- Source: Confirms that the provider is Adobe.
- RawData: This is a stringified JSON array with more granular details from the provider.
🔍 Deep Dive into RawData
Let’s parse the RawData field for a better understanding:
[
{
"type": "individual",
"authenticationMethods": [
{
"id": "google",
"url": "https://adobeid-na1.services.adobe.com/renga-idprovider/social/v2/signin/google"
},
{
"id": "password",
"url": null
}
],
"status": {
"code": "active",
"reason": null
},
"images": {
"50": "https://...50.jpg",
"100": "https://...100.jpg",
"115": "https://...115.jpg",
"138": "https://...138.jpg",
"230": "https://...230.jpg",
"276": "https://...276.jpg"
},
"hasT2ELinked": false
}
]
Key Elements:
- type: Usually
"individual", indicating a personal profile. - authenticationMethods: Shows available login methods for this Adobe account (e.g., Google, password).
- status: Account status, with
codetypically being"active". - images: Dictionary of image sizes for the profile picture. Useful for responsive UI.
- hasT2ELinked: Indicates whether the account is linked to two-factor authentication (T2E = Two-step or Two-element?).
🎯 Practical Use Case
If you’re building a user-facing dashboard, you can display a verified profile image directly using the Image field, and optionally allow your backend to parse RawData for more advanced logic, such as:
- Detecting authentication methods.
- Validating account status.
- Choosing image resolution dynamically based on device.
Example (JavaScript):
const profileImgUrl = response.Image;
document.getElementById('avatar').src = profileImgUrl;
🧪 Pro Tip: Parsing RawData
Since RawData is a stringified JSON array, you’ll need to parse it manually:
const rawData = JSON.parse(response.RawData);
console.log(rawData[0].authenticationMethods);
✅ Conclusion
Using AvatarAPI, retrieving Adobe profile details is seamless and efficient. The rich JSON response, especially the RawData, provides developers with a powerful toolkit to enhance user profiles, drive personalization, or even verify identity with minimal effort.
If you’re using AvatarAPI in production or need help parsing the Adobe-specific data, feel free to reach out or drop your questions in the comments!
How to Use the Car Rego API in WordPress
In this tutorial, we’ll walk through how to integrate the Car Registration API into a WordPress site. This method ensures that your username and API key are not publicly exposed.
Tools Used in This Demo
- WordPress
- Code Snippets (Free plugin)
- Elementor Pro (Paid website builder)
We’ll be using both PHP and JavaScript scripts. While there are multiple ways to accomplish this, the approach described here prioritizes security by keeping sensitive credentials hidden.
Step 1: Register for the API
Visit carregistrationapi.com and create an account to get your username/API key.
Step 2: Add the PHP Script
Use the Code Snippets plugin to add the PHP code. Paste the script into a new snippet and activate it.
🔁 Important: Replace the placeholder on line 16 with your actual username from Step 1.
add_action('elementor_pro/forms/new_record', function($record, $handler) {
if (!session_id()) session_start();
// ✅ Confirm hook fired
//file_put_contents(WP_CONTENT_DIR . '/uploads/rego-debug.txt', "HOOK FIRED\n", FILE_APPEND);
//check https://abc.com.au/wp-content/uploads/rego-debug.txt
$form_id = $record->get_form_settings('form_id');
if ('regoform' !== $form_id) return;
//file_put_contents(WP_CONTENT_DIR . '/uploads/rego-debug.txt', "Form matched: $form_id\n", FILE_APPEND);
$fields = $record->get('fields');
$rego = $fields['rego']['value'] ?? '';
$state = $fields['state']['value'] ?? '';
$username = 'ABC';
$api_url = add_query_arg([
'RegistrationNumber' => $rego,
'State' => $state,
'username' => $username,
], 'https://www.regcheck.org.uk/api/reg.asmx/CheckAustralia');
// 🔍 API call
$response = wp_remote_get($api_url);
// ✅ ADD LOGGING BLOCK HERE
//file_put_contents(WP_CONTENT_DIR . '/uploads/rego-debug.txt', "API URL: $api_url\n", FILE_APPEND);
if (is_wp_error($response)) {
$error_message = $response->get_error_message();
file_put_contents(WP_CONTENT_DIR . '/uploads/rego-debug.txt', "API Error: $error_message\n", FILE_APPEND);
} else {
$body = wp_remote_retrieve_body($response);
//file_put_contents(WP_CONTENT_DIR . '/uploads/rego-debug.txt', "API Response: $body\n", FILE_APPEND);
// Parse response
$xml = @simplexml_load_string($body);
$vehicleJson = (string) ($xml->vehicleJson ?? '');
$vehicleData = json_decode($vehicleJson, true);
$_SESSION['rego_result'] = [
'Description' => $vehicleData['Description'] ?? 'N/A',
'Year' => $vehicleData['RegistrationYear'] ?? 'N/A',
'Engine' => $vehicleData['Engine'] ?? 'N/A',
];
}
}, 10, 2);
// Shortcode to display result
add_shortcode('rego_vehicle_info', function() {
if (!session_id()) session_start();
//$log_path = WP_CONTENT_DIR . '/uploads/rego-debug.txt';
// Log shortcode execution
//file_put_contents($log_path, "SHORTCODE TRIGGERED\n", FILE_APPEND);
$data = $_SESSION['rego_result'] ?? null;
if (!$data) {
return '<p>No vehicle information available yet.</p>';
}
//file_put_contents($log_path, "Session Data: " . print_r($data, true) . "\n", FILE_APPEND);
ob_start();
?>
<div class="rego-vehicle-info">
<h3>Vehicle Details</h3>
<ul>
<li><strong>Description:</strong> <?= esc_html($data['Description']) ?></li>
<li><strong>Registration Year:</strong> <?= esc_html($data['Year']) ?></li>
<li><strong>Engine:</strong> <?= esc_html($data['Engine']) ?></li>
</ul>
</div>
<?php
return ob_get_clean();
});
add_action('rest_api_init', function() {
register_rest_route('rego/v1', '/data', [
'methods' => 'GET',
'callback' => function() {
if (!session_id()) session_start();
return $_SESSION['rego_result'] ?? ['error' => 'No data in session'];
},
'permission_callback' => '__return_true'
]);
});
Step 3: Create the Form and Layout on Your Website
a) Create the Form (Using Elementor or similar)
Structure your form with the following settings:
- Form ID:
regoform - Form Name:
regoform - Rego Field:
- ID:
rego - Shortcode:
[field id="rego"]
- ID:
- State Field:
- ID:
state - Shortcode:
[field id="state"]
- ID:
These field IDs will be referenced in the PHP and JavaScript scripts.
b) Add HTML Widgets
Use two separate HTML widgets in Elementor:
- For Displaying the Result:
Add this HTML element:<div id="rego-result-container"></div> - For the JavaScript Logic:
Add the JavaScript snippet (you can remove or comment out any log messages if not needed).
<script>
window.addEventListener('load', function () {
function waitForjQueryAndForm() {
if (typeof jQuery === 'undefined') {
console.log("⏳ Waiting for jQuery...");
setTimeout(waitForjQueryAndForm, 100);
return;
}
jQuery(function ($) {
const $form = $('#regoform');
if (!$form.length) {
console.log("⏳ Waiting for form #regoform to appear...");
setTimeout(waitForjQueryAndForm, 100);
return;
}
console.log("✅ Found form #regoform");
// Listen for form success response from Elementor Pro
$form.on('submit_success', function () {
console.log("✅ Form #regoform successfully submitted via AJAX");
setTimeout(function () {
$.ajax({
url: '/wp-json/rego/v1/data',
method: 'GET',
success: function (data) {
console.log("✅ API response:", data);
if (data && !data.error) {
const html = `
<div class="rego-vehicle-info">
<h3>Vehicle Details</h3>
<ul>
<li><strong>Description:</strong> ${data.Description}</li>
<li><strong>Registration Year:</strong> ${data.Year}</li>
<li><strong>Engine:</strong> ${data.Engine}</li>
</ul>
</div>
`;
$('#rego-result-container').html(html);
} else {
$('#rego-result-container').html('<p>No vehicle info available.</p>');
}
},
error: function () {
$('#rego-result-container').html('<p>Failed to load vehicle info.</p>');
}
});
}, 1000);
});
});
}
waitForjQueryAndForm();
});
</script>
How the Flow Works
- The user fills out the form and clicks the “Send” button.
- The form captures the rego and state values.
- The PHP script listens for the form action, calls the API, and fetches the results.
- The JavaScript reads the result and displays the data dynamically on the page.
Example
Here’s a basic demo in action
How to Query #LinkedIn from an #Email Address Using AvatarAPI.com
Introduction
When working with professional networking data, LinkedIn is often the go-to platform for retrieving user information based on an email address. Using AvatarAPI.com, developers can easily query LinkedIn and other data providers through a simple API request. In this guide, we’ll explore how to use the API to retrieve LinkedIn profile details from an email address.
API Endpoint
To query LinkedIn using AvatarAPI.com, send a request to:
https://avatarapi.com/v2/api.aspx
JSON Payload
A sample JSON request to query LinkedIn using an email address looks like this:
{
"username": "demo",
"password": "demo___",
"provider": "LinkedIn",
"email": "jason.smith@gmail.com"
}
Explanation of Parameters:
- username: Your AvatarAPI.com username.
- password: Your AvatarAPI.com password.
- provider: The data source to query. In this case, “LinkedIn” is specified. If omitted, the API will search a default set of providers.
- email: The email address for which LinkedIn profile data is being requested.
API Response
A successful response from the API may look like this:
{
"Name": "Jason Smith",
"Image": "https://media.licdn.com/dms/image/D4E12AQEud3Ll5MI7cQ/article-inline_image-shrink_1500_2232/0/1660833954461?e=1716422400&v=beta&t=r-9LmmNBpvS4bUiL6k-egJ8wUIpEeEMl9NJuAt7pTsc",
"Valid": true,
"City": "Los Angeles, California, United States",
"Country": "US",
"IsDefault": false,
"Success": true,
"RawData": "{\"resultTemplate\":\"ExactMatch\",\"bound\":false,\"persons\":[{\"id\":\"urn:li:person:DgEdy8DNfhxlX15HDuxWp7k6hYP5jIlL8fqtFRN7YR4\",\"displayName\":\"Jason Smith\",\"headline\":\"Creative Co-founder at Mega Ventures\",\"summary\":\"Jason Smith Head of Design at Mega Ventures.\",\"companyName\":\"Mega Ventures\",\"location\":\"Los Angeles, California, United States\",\"linkedInUrl\":\"https://linkedin.com/in/jason-smith\",\"connectionCount\":395,\"skills\":[\"Figma (Software)\",\"Facebook\",\"Customer Service\",\"Event Planning\",\"Social Media\",\"Sales\",\"Healthcare\",\"Management\",\"Web Design\",\"JavaScript\",\"Software Development\",\"Project Management\",\"APIs\"]}]}",
"Source": {
"Name": "LinkedIn"
}
}
Explanation of Response Fields:
- Name: The full name of the LinkedIn user.
- Image: The profile image URL.
- Valid: Indicates whether the returned data is valid.
- City: The city where the user is located.
- Country: The country of residence.
- IsDefault: Indicates whether the data is a fallback/default.
- Success: Confirms if the request was successful.
- RawData: Contains additional structured data about the LinkedIn profile, including:
- LinkedIn ID: A unique identifier for the user’s LinkedIn profile.
- Display Name: The name displayed on the user’s profile.
- Headline: The professional headline, typically the current job title or a short description of expertise.
- Summary: A brief bio or description of the user’s professional background.
- Company Name: The company where the user currently works.
- Location: The geographical location of the user.
- LinkedIn Profile URL: A direct link to the user’s LinkedIn profile.
- Connection Count: The number of LinkedIn connections the user has.
- Skills: A list of skills associated with the user’s profile, such as programming languages, software expertise, or industry-specific abilities.
- Education History: Details about the user’s academic background, including universities attended, degrees earned, and fields of study.
- Employment History: Information about past and present positions, including company names, job titles, and employment dates.
- Projects and Accomplishments: Notable work the user has contributed to, certifications, publications, and other professional achievements.
- Endorsements: Skill endorsements from other LinkedIn users, showcasing credibility in specific domains.
- Source.Name: The data provider (LinkedIn in this case).
LinkedIn Rate Limiting
By default, LinkedIn queries are subject to rate limits. To bypass these limits, additional parameters can be included in the JSON request:
{
"overrideAccount": "your_override_username",
"overridePassword": "your_override_password"
}
Using these credentials allows queries to be processed without rate limiting. However, to enable this feature, you should contact AvatarAPI.com to discuss setup and access.
Conclusion
AvatarAPI.com provides a powerful way to retrieve LinkedIn profile data using just an email address. While LinkedIn is one of the available providers, the API also supports other data sources if the provider field is omitted. With proper setup, including rate-limit bypassing credentials, you can ensure seamless access to professional networking data.
For more details, visit AvatarAPI.com.
Get #GAIA ID from #Gmail using #AvatarAPI
In this blog post, we will explore how to retrieve a user’s name, profile picture, and GAIA ID from an email address using the AvatarAPI.
Introduction to AvatarAPI
AvatarAPI is a powerful tool that allows developers to fetch user information from various providers. In this example, we will focus on retrieving data from Google, but it’s important to note that AvatarAPI supports multiple providers.
Making a Request to AvatarAPI
To get started, you need to make a POST request to the AvatarAPI endpoint with the necessary parameters. Here’s a step-by-step guide:
Step 1: Endpoint and Parameters
- Endpoint:
https://avatarapi.com/v2/api.aspx - Parameters:
username: Your AvatarAPI username (e.g.,demo)password: Your AvatarAPI password (e.g.,demo___)provider: The provider from which to fetch data (e.g.,Google)email: The email address of the user (e.g.,jenny.jones@gmail.com)
Step 2: Example Request
Here’s an example of how you can structure your request:
Copy{
"username": "demo",
"password": "demo___",
"provider": "Google",
"email": "jenny.jones@gmail.com"
}
Step 3: Sending the Request
You can use tools like Postman or write a simple script in your preferred programming language to send the POST request. Below is an example using Python with the requests library:
Copyimport requests
url = "https://avatarapi.com/v2/api.aspx"
data = {
"username": "demo",
"password": "demo___",
"provider": "Google",
"email": "jenny.jones@gmail.com"
}
response = requests.post(url, json=data)
print(response.json())
Step 4: Handling the Response
If the request is successful, you will receive a JSON response containing the user’s information. Here’s an example response:
Copy{
"Name": "Jenny Jones",
"Image": "https://lh3.googleusercontent.com/a-/ALV-UjVPreEBCPw4TstEZLnavq22uceFSCS3-KjAdHgnmyUfSA9hMKk",
"Valid": true,
"City": "",
"Country": "",
"IsDefault": true,
"Success": true,
"RawData": "108545052157874609391",
"Source": {
"Name": "Google"
}
}
Understanding the Response
- Name: The full name of the user.
- Image: The URL of the user’s profile picture.
- Valid: Indicates whether the email address is valid.
- City and Country: Location information (if available).
- IsDefault: Indicates if the returned data is the default for the provider.
- Success: Indicates whether the request was successful.
- RawData: The GAIA ID, which is a unique identifier for the user.
- Source: The provider from which the data was fetched.
Other Providers
While this example focuses on Google, AvatarAPI supports other providers as well. You can explore the AvatarAPI documentation to learn more about the available providers and their specific requirements.
Conclusion
Using AvatarAPI to retrieve user information from an email address is a straightforward process. By sending a POST request with the necessary parameters, you can easily access valuable user data such as name, profile picture, and GAIA ID. This information can be instrumental in enhancing user experiences and integrating with various applications.
Stay tuned for more insights on leveraging APIs for efficient data retrieval!
Database of Malaysian #NVIC codes available on #PayHip
Malaysian NVIC Vehicle Database – 23,715 Vehicle Models
Comprehensive NVIC Database for Malaysian Vehicles
Our Malaysian NVIC Vehicle Database provides a detailed reference for 23,715 car makes and models, covering essential vehicle details along with insurance and valuation data. This dataset is invaluable for automotive businesses, insurance companies, financial institutions, and regulatory bodies that require accurate and up-to-date vehicle information.
Key Features:
✅ Extensive Coverage – Includes 23,715 unique vehicle records spanning multiple manufacturers and models.
✅ Structured Data – Organized into 18 columns for easy reference and integration.
✅ Complete Vehicle Identification – Features NVIC codes, model year, make, family, variant, series, and body style.
✅ Engine & Transmission Details – Provides engine capacity (CC) and transmission type.
✅ Market Valuation Data – Includes new and used prices (WM & EM), recommended retail price (RRR), and sum insured values.
✅ Historical Updates – Contains timestamps for data creation, updates, and valuation dates.
Column Breakdown:
- Id – Unique identifier for each vehicle.
- NVIC – National Vehicle Identification Code.
- Year – Model year of the vehicle.
- Make – Manufacturer (e.g., Toyota, Honda, Proton).
- Family – General vehicle classification within the brand.
- Variant – Specific model variation.
- Series – Trim or sub-model series.
- Style – Body style (e.g., sedan, SUV, hatchback).
- CC – Engine displacement (in cubic centimeters).
- Transmission – Type of gearbox (manual/automatic).
- WM New Price & RRR – West Malaysia pricing data.
- EM New Price & RRR – East Malaysia pricing data.
- Sum Insured – Suggested insured value.
- TimeCreated & TimeUpdated – Timestamps for record creation and last modification.
- ValuationDate – Date of the latest vehicle valuation.
Use Cases:
🔹 Insurance & Valuation – Provides essential data for insurance pricing and underwriting.
🔹 Automotive Sales & Financing – Assists in loan approvals and resale evaluations.
🔹 Fleet Management & Logistics – Helps businesses manage and assess vehicle assets.
🔹 Regulatory Compliance & Government Agencies – Useful for vehicle registration and taxation.
This dataset is available in a structured format (CSV, SQL, or API-ready) for seamless integration into your systems.
More info here: https://payhip.com/b/STZvc
Source: https://www.vehicleapi.com.my/
Farewell #Skype. Here’s how their #API worked.
So, with the shutdown of Skype in May 2025, only two months away, there is not much need to hold on tight to our source code for the Skype API. It worked well for us for years on AvatarAPI.com
but with the imminent shutdown, their API will undoubtedly stop working as soon as Skype is shut down, and will no longer be relevant, even if the API stays active for a little while later.
In this post, we’ll take a deep dive into a C# implementation of a Skype user search feature using HTTP requests. This code interacts with Skype’s search API to fetch user profiles based on a given search parameter. We’ll break down the core functionality, security considerations, and potential improvements.
Overview of the SkypeSearch Class
The SkypeSearch class provides a static method, Search, which sends a request to Skype’s search API to retrieve user profiles. It uses an authentication token (SkypeToken) and manages retries in case of failures. Let’s explore its components in detail.
Key Features of the Implementation
- Handles API Requests Securely: The method sets various security protocols (
Ssl3,Tls,Tls11,Tls12) to ensure compatibility with Skype’s API. - Custom Headers for Authentication: It constructs an HTTP request with necessary headers, including
x-skypetoken,x-skype-client, and others. - Manages Rate Limits & Token Refresh: If the API responds with an empty result (potentially due to a
429 Too Many Requestserror), the token is refreshed, and the search is retried up to five times. - Enhances API Response: The method modifies the API response to include an additional
avatarImageUrlfield for each result.
Breaking Down the Search Method
Constructing the API Request
var requestNumber = new Random().Next(100000, 999999);
var url = string.Format(
"https://search.skype.com/v2.0/search?searchString={0}&requestId={1}&locale=en-GB&sessionId={2}",
searchParameter, requestNumber, Guid.NewGuid());
This snippet constructs the API request URL with dynamic query parameters, including:
searchString: The user input for searching Skype profiles.requestId: A randomly generated request ID for uniqueness.sessionId: A newly generated GUID for session tracking.
Setting HTTP Headers
HTTPHeaderHandler wicket = nvc =>
{
var nvcSArgs = new NameValueCollection
{
{"x-skypetoken", token.Value},
{"x-skype-client", "1418/8.134.0.202"},
{"Origin", "https://web.skype.com"}
};
return nvcSArgs;
};
Here, we define essential request headers for authentication and compatibility. The x-skypetoken is a crucial element, as it ensures access to Skype’s search API.
Handling API Responses & Retrying on Failure
if (jsonResponse == "")
{
token = new SkypeToken();
return Search(searchParameter, token, ++maxRecursion);
}
If an empty response is received (potentially due to an API rate limit), the method refreshes the authentication token and retries the request up to five times to prevent excessive loops.
Enhancing API Response with Profile Avatars
foreach (var node in jResponse["results"])
{
var skypeId = node["nodeProfileData"]["skypeId"] + "";
var avatarImageUrl = string.Format(
"https://avatar.skype.com/v1/avatars/{0}/public?size=l",
skypeId);
node["nodeProfileData"]["avatarImageUrl"] = avatarImageUrl;
}
After receiving the API response, the code iterates through the user results and appends an avatarImageUrl field using Skype’s avatar service.
using System;
using System.Collections.Specialized;
using System.Net;
using System.Text;
using Newtonsoft.Json.Linq;
namespace SkypeGraph
{
public class SkypeSearch
{
public static JObject Search(string searchParameter, SkypeToken token, int maxRecursion = 0)
{
if (maxRecursion == 5) throw new Exception("Preventing excessive retries");
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 |
SecurityProtocolType.Tls |
SecurityProtocolType.Tls11 |
SecurityProtocolType.Tls12;
var requestNumber = new Random().Next(100000, 999999);
var url = string.Format("https://search.skype.com/v2.0/search?searchString={0}&requestId={1}&locale=en-GB&sessionId={2}", searchParameter, requestNumber, Guid.NewGuid());
var http = new HTTPRequest {Encoder = Encoding.UTF8};
HTTPHeaderHandler wicket = nvc =>
{
var nvcSArgs = new NameValueCollection
{
{"x-skypetoken", token.Value},
{"x-skypegraphservicesettings", ""},
{"x-skype-client","1418/8.134.0.202"},
{"x-ecs-etag", "GAx0SLim69RWpjmJ9Dpc4QBHAou0pY//fX4AZ9JVKU4="},
{"Origin", "https://web.skype.com"}
};
return nvcSArgs;
};
http.OverrideUserAgent =
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36";
http.OverrideAccept = "application/json";
http.TimeOut = TimeSpan.FromSeconds(5);
http.HeaderHandler = wicket;
http.ContentType = "application/json";
http.Referer = "https://web.skype.com/";
var jsonResponse = http.Request(url);
if (jsonResponse == "")
{
// In case of a 429 (Too many requests), then refresh the token.
token = new SkypeToken();
return Search(searchParameter, token, ++maxRecursion);
}
var jResponse = JObject.Parse(jsonResponse);
#region sample
/*
{
"requestId":"240120",
"results":[
{
"nodeProfileData":{
"skypeId":"live:octavioaparicio_jr",
"skypeHandle":"live:octavioaparicio_jr",
"name":"octavio aparicio",
"avatarUrl":"https://api.skype.com/users/live:octavioaparicio_jr/profile/avatar",
"country":"Mexico",
"countryCode":"mx",
"contactType":"Skype4Consumer"
}
}
]
}
*/
#endregion
foreach (var node in jResponse["results"])
{
var skypeId = node["nodeProfileData"]["skypeId"] + "";
var avatarImageUrl = string.Format("https://avatar.skype.com/v1/avatars/{0}/public?size=l", skypeId);
node["nodeProfileData"]["avatarImageUrl"] = avatarImageUrl;
}
return jResponse;
}
}
}Resolving Unauthorized Error When Deploying an #Azure Function via #ZipDeploy
Deploying an Azure Function to an App Service can sometimes result in an authentication error, preventing successful publishing. One common error developers encounter is:
Error: The attempt to publish the ZIP file through https://<function-name>.scm.azurewebsites.net/api/zipdeploy failed with HTTP status code Unauthorized.This error typically occurs when the deployment process lacks the necessary authentication permissions to publish to Azure. Below, we outline the steps to resolve this issue by enabling SCM Basic Auth Publishing in the Azure Portal.
Understanding the Issue
The error indicates that Azure is rejecting the deployment request due to authentication failure. This often happens when the SCM (Kudu) deployment service does not have the correct permissions enabled, preventing the publishing process from proceeding.
Solution: Enable SCM Basic Auth Publishing
To resolve this issue, follow these steps:
- Open the Azure Portal and navigate to your Function App.
- In the left-hand menu, select Configuration.
- Under the General settings tab, locate SCM Basic Auth Publishing.
- Toggle the setting to On.
- Click Save and restart the Function App if necessary.
Once this setting is enabled, retry the deployment from Visual Studio or your chosen deployment method. The unauthorized error should now be resolved.
Additional Considerations
- Use Deployment Credentials: If you prefer not to enable SCM Basic Auth, consider setting up deployment credentials under Deployment Center → FTP/Credentials.
- Check Azure Authentication in Visual Studio: Ensure that you are logged into the correct Azure account in Visual Studio under Tools → Options → Azure Service Authentication.
- Use Azure CLI for Deployment: If problems persist, try deploying with the Azure CLI:
az functionapp deployment source config-zip \ --resource-group <resource-group> \ --name <function-app-name> \ --src <zip-file-path>
By enabling SCM Basic Auth Publishing, you ensure that Azure’s deployment service can authenticate and process your function’s updates smoothly. This quick fix saves time and prevents unnecessary troubleshooting steps.
Using an #API to Retrieve User Details from a #QQ Account ID
QQ, one of China’s largest instant messaging platforms, assigns each user a unique account ID. If you need to retrieve user details from a QQ account ID programmatically, you can use an API such as AvatarAPI. This guide will walk you through making an API request and interpreting the returned JSON response.
API Endpoint
The API request is made to the following URL:
https://avatarapi.com/v2/api.aspx
Request Format
The API expects a POST request with a JSON body containing authentication details (username and password) along with the QQ email ID of the user you want to retrieve information for.
Example Request Body
{
"username": "demo",
"password": "demo___",
"email": "16532096@qq.com"
}
Sending the Request
You can send this request using cURL, Postman, or a programming language like Python. Here’s an example using Python’s requests library:
import requests
import json
url = "https://avatarapi.com/v2/api.aspx"
headers = {"Content-Type": "application/json"}
payload = {
"username": "demo",
"password": "demo___",
"email": "16532096@qq.com"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())
API Response
The API returns a JSON object with the user’s details. Below is a sample response:
{
"Name": "邱亮",
"Image": "https://q.qlogo.cn/g?b=qq&nk=16532096&s=640",
"Valid": true,
"City": "",
"Country": "China",
"IsDefault": true,
"Success": true,
"RawData": "",
"Source": {
"Name": "QQ"
}
}
Explanation of Response Fields
- Name: The user’s name associated with the QQ account.
- Image: A URL to the user’s QQ avatar image.
- Valid: Boolean flag indicating if the QQ account is valid.
- City: The user’s city (if available).
- Country: The user’s country.
- IsDefault: Indicates whether the profile is using the default avatar.
- Success: Boolean flag indicating whether the API request was successful.
- RawData: Any additional raw data returned from the source.
- Source: The data provider (in this case, QQ).
Use Cases
This API can be useful for:
- Enhancing user profiles by fetching their QQ avatar and details.
- Verifying the validity of QQ accounts before allowing user actions.
- Personalizing content based on user identity from QQ.
Conclusion
Using an API to retrieve QQ user details is a straightforward process. By sending a POST request with the QQ email ID, you can obtain the user’s name, avatar, and other details. Ensure that you handle user data responsibly and comply with any relevant privacy regulations.
For production use, replace the demo credentials with your own API key and ensure secure storage of authentication details.
Obtaining an Access Token for Outlook Web Access (#OWA) Using a Consumer Account
If you need programmatic access to Outlook Web Access (OWA) using a Microsoft consumer account (e.g., an Outlook.com, Hotmail, or Live.com email), you can obtain an access token using the Microsoft Authentication Library (MSAL). The following C# code demonstrates how to authenticate a consumer account and retrieve an access token.
Prerequisites
To run this code successfully, ensure you have:
- .NET installed
- The
Microsoft.Identity.ClientNuGet package - A registered application in the Microsoft Entra ID (formerly Azure AD) portal with the necessary API permissions
Code Breakdown
The following code authenticates a user using the device code flow, which is useful for scenarios where interactive login via a browser is required but the application does not have direct access to a web interface.
1. Define Authentication Metadata
var authMetadata = new
{
ClientId = "9199bf20-a13f-4107-85dc-02114787ef48", // Application (client) ID
Tenant = "consumers", // Target consumer accounts (not work/school accounts)
Scope = "service::outlook.office.com::MBI_SSL openid profile offline_access"
};
- ClientId: Identifies the application in Microsoft Entra ID.
- Tenant: Set to
consumersto restrict authentication to personal Microsoft accounts. - Scope: Defines the permissions the application is requesting. In this case:
service::outlook.office.com::MBI_SSLis required to access Outlook services.openid,profile, andoffline_accessallow authentication and token refresh.
2. Configure the Authentication Application
var app = PublicClientApplicationBuilder
.Create(authMetadata.ClientId)
.WithAuthority($"https://login.microsoftonline.com/{authMetadata.Tenant}")
.Build();
- PublicClientApplicationBuilder is used to create a public client application that interacts with Microsoft identity services.
.WithAuthority()specifies that authentication should occur against Microsoft’s login endpoint for consumer accounts.
3. Initiate the Device Code Flow
var scopes = new string[] { authMetadata.Scope };
var result = await app.AcquireTokenWithDeviceCode(scopes, deviceCodeResult =>
{
Console.WriteLine(deviceCodeResult.Message); // Display login instructions
return Task.CompletedTask;
}).ExecuteAsync();
- AcquireTokenWithDeviceCode() initiates authentication using a device code.
- The
deviceCodeResult.Messageprovides instructions to the user on how to authenticate (typically directing them tohttps://microsoft.com/devicelogin). - Once the user completes authentication, the application receives an access token.
4. Retrieve and Display the Access Token
Console.WriteLine($"Access Token: {result.AccessToken}");
- The retrieved token can now be used to make API calls to Outlook Web Access services.
5. Handle Errors
catch (MsalException ex)
{
Console.WriteLine($"Authentication failed: {ex.Message}");
}
- MsalException handles authentication errors, such as incorrect permissions or expired tokens.
Running the Code
- Compile and run the program.
- Follow the login instructions displayed in the console.
- After signing in, the access token will be printed.
- Use the token in HTTP requests to Outlook Web Access APIs.
Conclusion
This code provides a straightforward way to obtain an access token for Outlook Web Access using a consumer account. The device code flow is particularly useful for command-line applications or scenarios where interactive authentication via a browser is required.
Network Programming in .NET 