Is there any way to get a short-lived download URL via the Firebase iOS SDK for Firebase Storage files? I don't see anything in FirebaseStorage.StorageReference but apparently Google Cloud allows for signed URLs so maybe there's some way of doing it at the Google Cloud layer?
There is no option to generate an auto-expiring, read-only URL through the Firebase SDKs. The Firebase SDKs can generate download URLs, which are valid until they are revoked.
If you want a URL that auto-expires, you'll have to generate a so-called signed URL with one of the Google Cloud, server-side SDKs.
Related
I am uploading a build of my app, and apple is asking if it uses encryption. I'm not sure if AdMob or Firebase counted as encryption and if I needed to follow the ERN process. Thank you.
I am not a lawyer, and this is not legal advice.
Based on this article, it sounds like you should.
All communications with Google and Firebase through Google-provided SDKs use the SSL libraries provided by Apple to communicate with their respective services. If you're making requests to AdMob and retrieving ad images, your communicating over an encrypted channel.
I reviewed google privacy policy and it said: "We use encryption to keep your data private when it is moved"
https://policies.google.com/privacy#infosecurity
Firebase:
Data encryption
For the collected end-user data listed on this page, Firebase encrypts the data in transit using HTTPS.
https://firebase.google.com/docs/android/play-data-disclosure
AdMob:
All of the user data collected by Google Mobile Ads SDK is encrypted in transit using the Transport Layer Security (TLS) protocol.
https://developers.google.com/admob/android/play-data-disclosure
In my app I use Firebase's database (which used by another my app) and GMail api. Both of these services require certain Client ID which must be on GoogleService-Info.plist file. So, if I use Gmail's client id, the firebase's app won't work. Is that possible to define client id which you want for this services?
You have a couple of options:
If you go to the Firebase Console > Auth > Sign In Method, and select Google you can whitelist the client ID you are using for your gmail API access. This will allow you to use the client ID for gmail with sign in (either by specifying the client ID to GIDSignIn directly, or by manually updating it in the GoogleService-Info.plist), and use the credential from that Sign In with the FirebaseAuth APIs.
The other option is just to enable your Firebase project for gmail API access. Any Firebase project is also a Google project, so you can go to the Google Developers Console and find the Firebase project you created, then enable the gmail API as you did before. The down side of this is that your users that had previously signed in on your Google project will have to sign in again to your Firebase project to grant access to their resources.
I am working on integrating dropbox with iOS application. I want to implement below functionality.
User can share his existing dropbox file with app.
If user modifies any of the files, i should able to fetch the updated file and notify app server.
Also these files are not app related ones. User can share any docs in his dropbox account with app
After going through API, i found that i can use dropbox chooser UI to share files. chooser is generating temporary URL which i can share with my server to extract the file from dropbox.
But to get the modified files, i have to integrate with OAuth permission to run delta query on dropbox account. Here i am struck with two parallel functionalities chooser and OAuth which seems not related to each other. Even while asking OAuth permission also, dropbox taking to web url to grant permission instead of showing already logged in user on iOS.
How do i verify both chooser account and OAuth granted account are same? How will i show dropbox chooser(of OAuth connected) when user wants to add any file to app?
Correct me if i am wrong in understanding dropbox API. Also let me know if i have to provide more details.
I'm using oAuth2, and I have a project in my google API console with an iOS client and a Web client registered.
I'd like to auth in from my iOS app, and have my web backend retrieve an access token so it can do the heavy processing work with the Google api.
I've tried following these instructions which are for android: https://developers.google.com/accounts/docs/CrossClientAuth
But I keep getting an invalid scope when I assign the scope as:
oauth2:server:client_id:MY.WEB.CLIENT.ID:api_scope:http://www.google.com/m8/feeds/ https://mail.google.com/ https://www.googleapis.com/auth/plus.login
Anyone successfully implement a similar set up for iOS? If so please explain or share documentation? What libraries or SDKs did you use to get the code from google on the iOS app that the web backend could use to generate a proper access token of it's own?
As of June 18th, the google iOS SDK 1.7.0 supports one-time authorization code which is consistent with the Android feature: https://developers.google.com/+/release-notes/
As per Dropbox REST APIs documentation, the login process has to go through OAUTH Urls like https://api.dropbox.com/1/oauth/request_token. But dropbox's iOS SDK makes a call to https://www.dropbox.com/1/connect_login which is not documented anywhere. I want to use REST APIs in my application, but I want to display same authentication screen as done by dropbox SDK.
Did anyone face this problem? Does anyone know what dropbox says about using undocumented APIs like connect_login?
The latest word from Dropbox on /connect_login is:
That's a special endpoint for the iOS SDK, because of the specific requirements for App Store approval. You should use the official SDKs as provided, and we'll provide updates for these over time.
(taken from https://forums.dropbox.com/topic.php?id=104267)