How can I create twitter api stream rules to listen to a stream by a mentions of two accounts, where one is a constant and the other account can be any account?
For example I would like to listen to a stream from #example account and #<any other account>, but the rule is the #example account must be mentioned plus any other account. I know how to listen to a mention of an account, but how do I enforce the rule as described above?
Related
I retrieved an access token from my server and have connected the JavaScript SDk chat client like so. I have created a channel like so. The next step I'd like to invite a user like this. In that example they invite the user 'elmo'. Where do I get 'elmo' or how do I present the user with a selection of possible 'elmo's? The client sdk has no list users functionality.
Edit:
It looks like the REST API has a list users method. But can't find any examples of it used. Should the 1st person chat client be using the REST API as well to supplement gaps in the client SDK or should it get the identity from backend? Our team has different interpretations of the docs: twilio REST API is strictly for backend vs. twilio REST API can and should be used any where. Moved to twilio REST API: strictly backend?
Twilio developer evangelist here.
In my opinion Twilio's Chat API should not be the central source of truth of the users in your system. I don't know anything more about your application than what you've written here, but I would expect that you have a user model within your own system that you have used to generate or create an identity that is then used by the Chat API as well as how your user logs in to your system. I would then use that user model to connect users and provide their identities so that they can join chats together.
I'm trying to implement Twilio Connect to allow users to use their phone numbers with my app.
In the Twilio console, I see ACd8e3e060b587765318760d5bcd05e3b0 as my Account Sid. However, when I connected a Twilio Connect app to my account, it redirects me to an authorization page with a totally different Account Sid: ACbab18d9990e7af4a42feb51c96cc136f. The problem is that this Account Sid does not have any Incoming Phone Numbers. I provided all the required permissions, how do I use it?
According to the documentation:
When a user revokes permission to your Connect App, Twilio will make an HTTP request to the DeauthorizeCallbackURL. You should update your user database to reflect this.
Where can I revoke permission? Is there some list of Connect Apps which I allowed to use with my account?
How can I create a new user account with username/password to authenticate against composer-rest-server?
How would I authenticate with this newly created user account against composer-rest-server?
How would I manage the session for that user?
How can I map this user to a network participant?
Can composer-rest-server user be mapped to more then one network participant (i.e. perform different roles)?
Do I need to create a wallet for each composer-rest-server user?
How would I share wallets across number of instances of composer-rest-server?
In Composer, you can model participant types, such as org.acme.Person. You can then create instances of those participant types, such as org.acme.Person#simon, and those instances are stored in participant registries.
You can then issue an identity to an instance of a participant. This process generates an enrolment ID and secret that can be sent to that participant so they can enrol. One identity is linked to one participant, but one participant can have multiple identities.
When a participant enrols using the enrolment ID and secret, an enrolment certificate is generated and placed into their wallet (configured using the keyValStore property in the connection profile). Once the enrolment certificate has been generated, the enrolment secret is made invalid. The secret can be only used one time - it is not a password.
If an enrolment certificate already exists in the wallet, then enrolment secret is not used. We have planned some future changes to make the enrolment secret optional in all APIs and CLIs so you can omit it.
When that participant submits a transaction using that enrolment certificate, the Composer chaincode extracts the enrolment ID from the enrolment certificate, and uses it to look up the participant instance that the identity was issued to. This is the "current participant".
All Composer based access control, using the rules defined in permissions.acl, is based around the current participant.
Currently, the Composer REST server supports a single enrolment ID which is specified on the command line at startup. All REST API calls to the Composer REST server use this enrolment certificate to submit transactions.
There is work being done at the moment to improve this:
https://github.com/hyperledger/composer/issues/142
Please read this GitHub issue in detail. Since this work is still in-progress, there is no user documentation for configuring Composer REST server security.
There are some interesting requirements in your list:
How would I manage the session for that user?
There are API keys, but there is no easy way to retrieve or manage API keys. I have ideas about extending the REST server UI (Swagger UI) to manage API keys, but nothing concrete yet.
Can composer-rest-server user be mapped to more then one network participant (i.e. perform different roles)?
A users wallet can currently contain multiple identities, but only one of them is used by default. The user can choose the default identity by submitting a REST API call. Is that sufficient?
Do I need to create a wallet for each composer-rest-server user?
Each user has their own set of wallets. A default wallet is created when the user logins for the first time. A user can create multiple wallets, but only one of them is used by default. The user can choose the default wallet by submitting a REST API call. Are you looking to share wallets between users?
How would I share wallets across number of instances of composer-rest-server?
You need to use a persistent data store such as MongoDB to persist the wallet data across multiple instances; again, this is work in-progress and not yet documented.
I suggest that since this is in-progress work we move the discussion to the GitHub issue :-)
I am creating an iOS app for internal use. We have a Google Domain. As part of the functionality of the app, I want to be able to search for all users in that domain. This can already be done in Gmail, the Apple Mail app, and others.
I found that you can use the Admin SDK for users.list to do exactly what I want to do. I created a Client ID for the iOS app and authorized my app to perform users.list.
However, now I get a permissions error for users who sign in with OAuth2:
I found that you can create a service account to make API requests on your behalf if you delegate it to have the authority. I'm not sure if this is what I want to do since this seems more like something for a secure server to do rather than an app. I'm also not sure how this integrates with a user (from our domain) who signs in with OAuth being able to list our users.
Is it possible to list/search the users in a Google domain purely through OAuth / frontend app?
Aside from caching your own list, I think there are two ways to give users the ability to list all users:
A. Undocumented call to this GAL API:
https://www.google.com/m8/feeds/gal/your-domain-goes-here/full?alt=json (source). You can test this in the Google OAuth Playground by selecting the scope for the Contacts V3 API or using the string https://www.google.com/m8/feeds/.
B. In the Admin console, create an "all users" group. Assign to a newly created Admin Role. Grant the admin role "read" in Privileges > Admin API Privileges > Users > Read (checked).
I have Rails web application.
I have simple user's authentication with email and password.
Now I need to add OAuth authentication with Google, but I need to allow only users that use Google Apps. Is there any best way to do it or I just need to check their domain and allow all except #gmail.com?
Notice: I've already seen documentation about specifying hd URI parameter, but it works only for some specific domain, and I need any, but not #gmail.com.
Include email in your list of OAuth scopes. Then, in the token you get back, there will be a hd attribute if it's a Google Apps account. If the hd attribute is not present, its' a consumer account. Be aware that it's possible to create a consumer account that has an address of something other than #gmail.com or #googlemail.com. For example, I can create a consumer account with the address jsmith#yahoo.com or jsmith#acme.com as long as I can get email to those addresses. Thus the need to check hd instead of depending on the domain name.