Geek Answers Handbook

How to convert a hash to text from a Live API response for contacts

I turned on the Live JS api to receive the user's live contacts, it returns hash emails (email_hash). How can I convert to readable text using javascript or C # .net Thanks a lot!

+4
source share
3 answers

I had the same problem and I found a solution, all you have to do is add the following area to the list of areas you request: "wl.contacts_emails"

WL.login({scopes: ["wl.contacts_emails"]});

After that, I had to remove my application from my profile to reset the entire area and add my application a second time. (But if you do not want all the people who use your applications to use only the secret reset token to force the user to add your application again).

Best, Thierry

+13
source

I agree with John. The hash is one-way, i.e. Two email addresses can use the same hash, although this is usually unlikely. It is not intended to "decode" this encryption ( SO is the answer to how they are used ). The fact is that you can check it at the email address or addresses that you already have.

Microsoft has some sample code on its website, which may or may not be what you are looking for, but it seems to re-request the contact list of the user who provided their email address to your site. Microsoft then lets you see the contact list with their email hashes. This is done for privacy reasons, so you cannot just collect all the emails in your contact list.

For an example of how this can be put into practice, consider the Facebook Friend Finder feature. You provide an email address, get a bunch of hashed email addresses, then compare with the hashed email addresses of your own registered users who are looking for matches. (The actual implementation of FB is probably a little different than what I suggest.)

+5
source

I am not familiar with the Windows Live SDK, but a hash is usually a one-way view. For example, taking the first two letters of an email address will be a hash - a very bad but nonetheless hash. The hash point (in cryptographic terms) should quickly determine if two source values ​​can be equal without saving / revealing the source data.

In other words: assuming I'm right about the hash we're talking about, you won’t be able to return to the original email address.

EDIT: Assuming this hash is described here , it uses SHA-256 , which is a cryptographic one-way hash. The hashing here is that you can find out if any of the user's contacts is already a user of your site (or something else), but does not disclose the user's contacts in plain text, which violates their confidentiality.

+3
source

More articles:


All Articles