I want my app users to login with their Wordpress credentials. I've installed Alamofire & SwiftyJSON in order to do this, and I'm able to succesfully GET Wordpress endpoints to my app (via the Wordpress REST API). That said, I'm not sure how to authenticate my user on login?
I'm trying out the below, but the response is simply nil. Am I posting the user parameters to the wrong endpoint? Help is appreciated! I'm stumped.
let parameters: Parameters = [
"username": userField.text!,
"password": passField.text!,
]
AF.request("http://myurl.com/wp-json/wp/v2/users", method: .post, parameters: parameters, encoding: JSONEncoding.default)
.responseJSON { response in
switch response.result {
case .success(let value):
if let json = value as? [String: Any] {
print(json["Result"] as? Int)
}
case .failure(let error):
print(error)
}
}
I accomplished this some time ago for WooCommerce. I imagine it would be similar to WordPress. I found two ways of doing this.
One way you would need a JWT. I use the free plugin "JWT Auth" by Useful Team. Using the username and password you obtain the token and sign in the user.
The other way is using HTTPS Authentication using Google Cloud Functions. I opened the WooCommerce login page using a WKWebView and added the Cloud Functions addresses as return and callback URLs.
I know the answer is vague but hopefully it will provide you with different ways to approach the task. Explaining the entire thing would be almost like a tutorial.
Related
I've been working with the Amplify SDK to get federatedSignIn working with my iOS app with "Sign in with Apple" and Cognito to eventually make calls to API Gateway / Lambda functions.
TL;DR : My access token does not appear to be "automatically included in outbound requests" to my API as per the last paragraph of this section of the docs : Cognito User pool authorization
I have successfully authenticated using the tutorial found here Authentication Getting Started and other various Youtube videos on the Amazon Web Services channel.
Upon successful sign in through Apple I'm given an ASAuthorizationAppleIDCredential object. This contains the user field (token) which I pass to the Amplify.Auth class using the following Swift code :
func signIn (with userId: String)
{
guard
let plugin = try? Amplify.Auth.getPlugin(for: AWSCognitoAuthPlugin().key),
let authPlugin = plugin as? AWSCognitoAuthPlugin,
case .awsMobileClient (let client) = authPlugin.getEscapeHatch()
else
{
return
}
client.federatedSignIn(providerName: AuthProvider.signInWithApple.rawValue, token: userId) { (state, error) in
if let unwrappedError = error
{
print (unwrappedError)
}
else if let unwrappedState = state
{
print ("Successful federated sign in:", unwrappedState)
}
}
}
All appears to be successful and to double check I use the following bit of code to ensure I'm authorized :
func getCredentialsState (for userId:String)
{
let provider = ASAuthorizationAppleIDProvider()
provider.getCredentialState(forUserID: userId) { (credentialsState, error) in
if let unwrappedError = error
{
print (unwrappedError)
}
switch credentialsState
{
case .authorized:
print ("User Authorized")
case .notFound, .revoked:
print ("User Unauthenticated")
case .transferred:
print ("User Needs Transfer")
#unknown default:
print ("User Handle new use cases")
}
}
}
In the console I see "User Authorized" so everything appears to be working well.
However when I then go to make a call to Amplify.API.post I get the following error:
[Amplify] AWSMobileClient Event listener - signedOutFederatedTokensInvalid
Failed APIError: Failed to retrieve authorization token.
Caused by:
AuthError: Session expired could not fetch cognito tokens
Recovery suggestion: Invoke Auth.signIn to re-authenticate the user
My function for doing the POST is as follows :
func postTest ()
{
let message = #"{'message": "my Test"}"#
let request = RESTRequest (path: "/test", body: message.data(using: .utf8))
Amplify.API.post (request:request)
{
result in switch result
{
case .success(let data):
let str = String (decoding: data, as: UTF8.self)
print ("Success \(str)")
case .failure(let apiError):
print ("Failed", apiError)
}
}
}`
I then went into the API Gateway UI and changed the generated Method Request on my resource from AWS IAM to my Cognito User Pool Authorizer thinking this was the issue. I also changed the awsAPIPlugin authorizationType to "AMAZON_COGNITO_USER_POOLS" in my amplifyconfiguration.json file. This unfortunately did not have any affect.
I've seen posts such as this issue User is not created in Cognito User pool for users logging in with Google federated login #1937 where people discuss the problem of having to to use a web ui to bring up the social sign in. I understand that Apple will reject your app sometimes for this. Therefore this is not a solution.
I then found this post which seems to resolve the issue however this appears to use the old version of the SDK? Get JWT Token using federatedSignIn #1276
I'm not great with Swift (I'm still an Objective C expert, but am slowly learning Swift) so I'm uncertain which path to go here and whether this is actually a solution? It does seem to be quite more complicated than the function I have that does my POST? The RESTRequest does seem to be a simple and easy solution but I'm uncertain how to pass it the Authorization token (or even how to get the token if it is needed here).
However, everything I've read about the SDK is that the authorization should be handled automatically in the background according the docs in my first link above. Specifically pointed out, again, here : Cognito User pool authorization. The last paragraph here states 👍
With this configuration, your access token will automatically be included in outbound requests to your API, as an Authorization header.
Therefore, what am I missing here as this does not appear to automatically include my access token to my outbound requests to my API?
I am new to iOS development & learning Swift 3 currently. However I'm stuck in a task to upload video to my youtube channel via YouTube DATA API insert.
As per Google instruction, we need to first get Access Token from Auth 2.0 by declaring the scope first
https://www.googleapis.com/auth/youtube.upload
I'm unable to get the Access Token using my Client ID which I have created on Google Developers Console. Also I don't find any Swift library available on Google which could have helped me easily.
Here is my tried sample code
func uploadVideo(accessToken) {
Alamofire.request("https://www.googleapis.com/upload/youtube/v3/videos", method: .post, parameters: ["part":"snippet", "autoLevels":true], encoding: URLEncoding.default, headers: nil, "access_token": "\(accessToken)").responseJSON { (response) in
if let json = response.result.value {
print("JSON: \(json)") // serialized json response
}
}
I will be really thankful to you
I have this IBAction that is supposed to simply test sending SMS:
let todosEndpoint: String = "https://api.twilio.com/2010-04-01/Accounts/\(ACCOUNT_SID)/Messages.json"
let message = ["To": "+1555...5555", "From": "+555...5555", "Body": "Hello!"]
for item in message {
print(item)
}
Alamofire.request(todosEndpoint, method: .post, parameters: message, encoding: JSONEncoding.default)
.authenticate(user: ACCOUNT_SID, password: ACCESS_TOKEN)
.responseJSON { response in
debugPrint(response)
}
However, I'm getting this as a response:
[Result]: SUCCESS: {
code = 21603;
message = "A 'From' phone number is required.";
"more_info" = "https://www.twilio.com/docs/errors/21603";
status = 400;
}
I am sure I am providing the right phone number and authentication and I've used python to test sending messages using my API key and phone number.
Is the structure of my dictionary wrong or something?
Thank you for any help!
Twilio developer evangelist here.
We do not recommend that you make API calls directly to Twilio from your application. You would need to include your account credentials in the application somehow, so a malicious attacker could decompile the app, extract your details and abuse your Twilio account.
Instead, we recommend you set up a server of your own that can keep the credentials safe and then make requests to that yourself. Check out this blog post on sending SMS messages on iOS with Twilio, Swift and Alamofire.
I have a google iD of some user and I want to display his google profile photo in my app. In my swift code I try to fetch the json with necessary information (based on this answer https://stackoverflow.com/a/22526130/3766930 ). This is my code:
Alamofire.request(.GET, "https://www.googleapis.com/plus/v1/people/10263...4252?key=AI...Oo")
.responseJSON { response in
print(response)
switch response.result {
case .Success:
dispatch_async(dispatch_get_main_queue(),{
if let jsonData = response.result.value as? [[String: AnyObject]] {
print(jsonData)
}
})
case .Failure(let error):
print("SWITCH ERROR")
print(error)
}
}
but as a response I'm getting this error:
error = {
code = 403;
errors = (
{
domain = usageLimits;
extendedHelp = "https://console.developers.google.com";
message = "There is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your API key configuration if request from this IP or referer should be allowed.";
reason = ipRefererBlocked;
}
);
message = "There is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your API key configuration if request from this IP or referer should be allowed.";
};
I went carefully through my google developers console and I don't have any IP restrictions set up. This is how it looks so far:
I'm using the api key from here:
as you can see there is no domain limitation here:
What might be the reason of this weird error?
Remove the iOS bundle identifier restrictions for the API key in Google Developers Console. The bundle identifier restrictions only work when you use the Google client libraries.
I am using og.likes to like custom object from my app, with the help of Facebook-iOS sdks. I am able to like object and also read the like.
Now I want to know if there is any way in graph API that, I can show total number of likes on an object to a user who is not logged in to our app via Facebook ? i.e without access token
As per FB developer docs:-
https://developers.facebook.com/docs/graph-api/reference/v2.3/object/likes
It is mentioned that you need the same permissions required to view the parent object are required to view likes on that object, means an user access token with read_stream permission is required.
NOTE:
But if a user want to get the no of likes for Facebook page or profile or object , then it can be easily done by this:-
https://graph.facebook.com/< your object id>/
Then you will receive json response with Like Count:-
{
"id": "12345",
"link": "http://www.facebook.com/pages/MY iOS Page/102445859460201",
"likes": 150,
"type": "page"
}
Code:-
let url = NSURL(string: "http://graph.facebook.com/"+ObjectID)
let urlRequest = NSURLRequest(URL: url!)
NSURLConnection.sendAsynchronousRequest(urlRequest, queue: NSOperationQueue.mainQueue()) { (response:NSURLResponse!, data:NSData!, error:NSError!) -> Void in
// Fetch the data
var jsonDictionary: NSDictionary = NSJSONSerialization.JSONObjectWithData(data, options: NSJSONReadingOptions.MutableContainers, error: &error) as NSDictionary
let likesCount = jsonDictionary["likes"] as? String
}
Got Response from Facebook Team :
Since Graph API v2.0, all requests to the API require an access token.
You can proxy this request through a web-server and use your app
access token for example.
You could as well make the request from your app by shipping your app
access token with the app, but I highly advise against this as the app
token should be kept secret.
Please note that the SDK does not support using the app access token
for security reasons. So you have to write your own networking code to
fetch this data.
I got the solution from
How to get Likes Count when searching Facebook Graph API with search=xxx
Here in this link it's not the exact solution but i have tried my way and unfortunately it worked for me, and i am quite satisfied with it, still using it in my application.
https://graph.facebook.com/v2.1/{Object-id}?fields=likes.summary(true)
You will need an access token, no need to login any user, you can generate an APP Access token to get that info .
jQuery.get("https://graph.facebook.com/oauth/access_token", {
'grant_type': "client_credentials",
'client_id': "000000000000000",
'client_secret': "0000000000000000000000000000000000"
}, function (data) {
// data is the app access token you will need for calling graph api
});
Thats more complicated but solves the necessity to login the user to get public informations from the graph .