Authenticating desktop-based program with online web services (rememberthemilk.com)

Question

I'm trying to create a desktop program that will interact with the online todo list manager rememberthemilk.com. The final step in the authentication process is launching a link where the user can log in to the service and verify that they want to allow the program to access their account.

However, right now I don't have a way to determine when they actually tell the web service to authorize my program. Does anyone know how I can figure out when the person has authorized or denied the program?

Here's the code I'm currently using:

String url = this.GetAuthenticationUrl(frob, 
    AuthenticationPermissions.Write);

//open external webpage to make user authenticate this program with RTM
System.Diagnostics.Process.Start(url);

this.AuthToken = this.GetToken(frob);

Answer 1

Remember the milk's user authentication API was designed in mind to be accessed from other web sites, as their authentication scheme will call back to a page on your site with the frob parameter set, which you then use as a token to call rtm.auth.getToken.

Because of this, if you wanted to do this on a desktop, you would need to have a website set up with the callback url.

What you would do is create the url as indicated in steps 1-4 of the user authentication. It would be easier to use a Form with a WebBrowser control in it, as you would have more control over the display when done.

On the server, when your callback url is called with the frob parameter, I would have the server make the call to rtm.auth.getToken, and then return a JSON or XML or some sort of structured document back which would have either the token, or the error.

From there, if you have the token, you can then get it for your application through the WebBrowser control, and then proceed to make the calls with the token from the desktop client.