I need to send the FCM token together with the device uuid and user id to my server.
I am able to send a request to the server directly but on this step, when I get the token (didReceiveRegistrationToken) I have no information about the user yet. I also don't have any user credentials within the app, which is using a WebView.
My first approach was to call a method within the ViewController which is communicating with the frontend view over evaluateJavaScript but this doesn't work as the webView is not yet there. So my question is, can I store the token somewhere within the app and use it after the webView is ready?
For me it's a little bit wierd, because when I put some prints within the steps I see the ViewController before the didReceiveRegistrationToken delegate receive the token. But when I try to call the webView from there I get an error about webView is nil. It's strange.
By the way, to pass the token directly to the server is not an option because the application doesn't know anything about the user.
Related
I use GCM in my Swift app and would like to ask GCM a new registration token.
I know that it's done automatically by GCM and I handle it in onTokenRefresh, but I want to know if it's possible to request GCM to refresh the token manually (to have a different one).
I tried to unregister for remote notification and register back to run the process (tokenWithAuthorizedEntity etc ...) but the registration token sent is the same.
any solution to do this ?
Use the deleteTokenWithAuthorizedEntity: method before asking for a new token as derived in the official docs. Also, if that fails, delete the Instance ID itself, which will delete all tokens associated with that Instance ID, in which case make sure to also call getIDWithHandler: before asking for a new token.
Anyway, why do you need to refresh this token? Although you can delete them, this is not their intended use. If you're just looking to ID a particular device uniquely, use the Instance ID itself OR use alternate methods of generating random strings (and then re checking if this random string has actually never been generated and used before).
Has anyone had success using Stripe connect with an iOS app. I have a few questions:
I'm following the guidelines here: https://stripe.com/docs/connect/getting-started
Registering an Application: easy, no problem here
Then a little further down:
Send your users to Stripe: again, easy no problem here, I just have a button that opens up the link in a UIWebView. I assume having the client_id in the URL is fine? A lot of my uncertainty is what IDs/keys I should hard-code into the app
Then a little further down:
After the user connects or creates a Stripe account, we'll redirect them back to the redirect_uri you set in yourapplication settings with a code parameter or an error.
What I'm doing here is using the UIWebview's webView:shouldStartLoadWithReqest:navigationType delegate method to check for the string "code=" in the URL. If it finds that, then I'm able to grab the "code" parameter. So in reality, the redirect_uri is completely unnecessary for me. Is this the right way to handle this? Should I be doing this within my app or on my server?
After receiving the code, we are supposed to make a POST call to receive an access_token. Again, should this be done within the app or on the Server? It requires the use of a secret_key, so I'm guessing server? And how do I send credit card information along with this token if the token needs to be sent to the server? I know how to obtain the card number, exp date, and CVV. But in terms of passing it to the server (with or without the token) is something I'm not sure of.
Then when it comes to actually writing PHP, Ruby, or Python code on the server, I'm at a total loss.
Any help would be greatly appreciated.
You should setup a small web app to create stripe charges and storing you customers Authorization Code. Configure two routes in your web app for redirect_uri and webhook_uri and add the url in your Stripe Apps settings. The charges should be created from a server side app because it requires the secret_key / authorization_code which should not be stored in an iPad app. Otherwise they may lead to a security leak. I'm trying to describe the concept below:
Provide the stripe connect button in your app and set the link to open in Safari (not in an web view). You should add a state parameter to the url with an id which is unique to your users.
On tapping the button your user will be redirected to Stripe where s/he will be asked to authorize your application. Upon authorization stripe will hit your redirect_uri with a authorization_code and the state you previously provided. Do a post call according to Stripe Documentation with the authorization_code to get an access_token. Store the access_token mapped with the state in a database.
Define a custom url scheme in your app. Invoke the custom url from your web app. The user supposed to open the url in mobile safari. So invoking the custom url will reopen your application. You can pass an additional parameter to indicate failure / success. In your app update the view based on this parameter.
Now you are all set to create a charge on your server on behalf of the iPad user. Use stripe iOS sdk to generate a card_token from the card information. It'll require your stripe publishable_key. Then define an api in your web app which takes 3 parameters: card_token, user_id and amount. Call this api from your iPad app whenever you want to create a charge. You can also encrypt this information with a key if you're worried about security using any standard encryption method. You can easily decrypt the info in your web app as you know the key.
When this api is called from the iPad app you'll receive the user_id (which you saved as state previously), card_token and amount. Retrieve the access_token mapped to the user_id (or state). You can then made a charge on behalf of the user using the access_token, card_token and amount.
You can use ruby / php / python / node in the server as Stripe provides sdk for them. I assume other languages can be used as well as there is a REST interface.
Please note that this is just a concept. It should work like it but I haven't implemented it yet. I'll update this answer with sample code when I'm done.
You can use UIWebView. You will still need to use redirect urls and monitor the redirect using the delegate "webView:shouldStartLoadWithRequest:navigationType:"
I'm making an app to integrate with Instapaper which uses the XAuth protocol for its API. I'm using AFXAuthClient, which is an extension for AFNetworking and I'm able to authenticate the user (using the method shown on AFXAuthClient's GitHub page), and in the success block I can make further queries to the API.
How do I now make further queries to the API now that the user is "logged in"? Say they add some more articles to their Instapaper queue and then tap the refresh button, how do I now query the Instapaper API again?
I'm aware I must save the credential/token I receive upon successful login, but I'm not sure how to do a request and say "Here's the token!" alongside of it.
Pass the token received from AFXAuthClient to your webservice-specific AFHTTPClient subclass using setAuthorizationHeaderWithToken:.
Credentials should be saved using the keychain, and restored on application initialization.
I'm trying to write an app that can tweet using an 'application' I registered with Twitter. I am using TweetSharp and have tried to get my TwitterService set up as follows:
public Twitter(string consumerKey, string consumerSecret)
{
this.twitterService = new TwitterService(consumerKey, consumerSecret);
OAuthRequestToken oAuthRequestToken = this.twitterService.GetRequestToken();
Uri uri = this.twitterService.GetAuthorizationUri(oAuthRequestToken);
Process.Start(uri.ToString());
OAuthAccessToken oAuthAccessToken =
this.twitterService.GetAccessToken(oAuthRequestToken);
this.twitterService
.AuthenticateWith(oAuthAccessToken.Token, oAuthAccessToken.TokenSecret);
}
It gets to the OAuthAccessToken line and then takes me to the Authorize [my app] to use your account? page on the Twitter website. Before I specified a phony callback url, it displayed a page with the PIN that my user is supposed to enter when I clicked the 'Authorize app' button. Then when I added a phony callback url, it would attempt to go to that page and my code would blow to smithereens with the following error:
The remote server returned an error: (401) Unauthorized.
What I want to know is: can I tweet programatically without the need to enter a PIN or have a legitimate callback url?
Tweets must be sent in the context of a user. (Ref: POST statuses/update.) Therefore, your app must get the user's authorization (an OAuth access token) in order to send a Tweet. Since you can't get an access token without using either PIN-based authentication or a callback URL, I'm afraid that what you are asking simply cannot be done.
If, however, you just want to avoid prompting your users to enter the PIN each time they start your app, then the answer is simple: Once you have a valid access token, save it somewhere (e.g. to a file) and then reload it next time your app runs. For my WinForms app, I use .NET's built-in per-user Settings mechanism to store the Access Token and Access Token Secret. A web app would probably be better off using a database or similar to persist access tokens.
Note: If you do this, you'll also need to check the validity of the stored access token, and repeat the authorization process if it's no longer valid. The Twitter API documentation suggests using the GET account/verify_credentials method for this purpose.
I've begun working on the proof-of-concept for an iOS application that we'll be developing that leverages REST-based web services (implemented in Java using restEASY). I will be using RestKit as my client-side services library, and have been reading up on the documentation and some examples.
The vast majority of the services will require that a user be authenticated with a username and password. We have authentication services in place that accept a JSON object containing the credentials, so that part is easy. My question is, how do we handle the iOS piece when a service says that authentication is required?
Imagine this scenario...
A user starts up our app and it recognizes that the user needs to authenticate. A modal view controller pops up, prompts the user for authentication, and submits the request. The user is then able to make a bunch of REST calls with no problem. Eventually, they turn off their phone (app is still active) and come back to it an hour or so later. They click a button to fire off another REST call, but by this time the server-side session has expired.
Ideally, we'd like to be able to recognize that the server has indicated authentication is required, and pop up the modal view controller again. But, does RestKit have support for this? Is there any way for us to register a "global response handler" that is able to recognize that the server has responded this way?
We can return a status code in JSON or use an HTTP status code. We have flexibility on our services. The real question is how to handle this in the ideal way on the client. And, once we've reauthenticated the user, is there any way to replay the request they originally tried to submit? Or, would they have to kick off the action again?
Sorry if this doesn't make sense or if it's a very simple problem to solve. As I'm just getting started with RestKit, I wanted to make sure I was doing this the right way to avoid future problems. Any advice, code samples, tutorials, etc. that you can provide would be GREATLY appreciated.
I would suggest that you make a request to the server in your AppDelegate
- (void)applicationDidBecomeActive:(UIApplication *)application or
- (void)applicationWillEnterForeground:(UIApplication *)application method that sends the old authentication token. The server can then provide a response if the token is valid or invalid.
If your AppDelegate adopts the RKObjectLoaderDelegate protocol then it can handle the response. That way, whenever the application becomes active, the user is prompted to re-authenticate if necessary.