How to convert hash into text from the response of Live API for Contacts

I have integrated Live JS api to fetch Live contacts of a user, it returns emails in hash format (email_hash). How can i convert into readable text, us开发者_StackOverflow社区ing javascript or c#.net Many thanks!

I had the same problem and I find the solution, all you need to do is add the following scope to your list of scopes you're requesting: "wl.contacts_emails"

WL.login({scopes: ["wl.contacts_emails"]});

After did that, I had to remove my application from my profile to reset all scope and add a second time my application. (But if you don't want to ask all people who alerady use your apps, I can just reset secret token to force user to add again your app).

Best, Thierry

I'm in agreement with Jon. A hash is one-way, that is, two email addresses may share the same hash, although it's usually unlikely. It's not designed to be "decoded," that's encryption (SO answer on how they're used). The point is for you to be able to check it against an email address or addresses you already have.

Microsoft has some sample code on their website that may or may not be what you're looking for, but it seems like you're querying the contact list of a user who has provided his email address to your website. Microsoft then allows you to see a list of contacts with their emails hashed. This is done for privacy reasons so you can't just collect all the emails in someone's contact list.

For an example of how it might be implemented in practice, think of Facebook's Friend Finder feature. You provide an email address, receive a bunch of hashed email addresses, then compare to the hashed email addresses of your own registered users looking for matches. (FB's actual implementation is probably a little different than I'm suggesting.)

I'm not familiar with the Windows Live SDK but a hash is generally a one way representation. For example, taking the first two letters of an email address would be a hash - a very bad one, but a hash nonetheless. The point of a hash (in crypto terms) is to be able to determine quickly whether two source values are likely to be equal without storing/revealing the original data.

In other words: assuming I'm right about the kind of hash we're talking about, you won't be able to get back to the original email address.

EDIT: Assuming it's the same sort of email hash described here, it uses SHA-256 which is a cryptographic one way hash. The point of hashing here is so that you'll be able to see whether any of the user's contacts is already a user of your site (or whatever), but without revealing the user's contacts in plain text, which would violate their privacy.