I've been trying to implement 3D secure payments in my iOS app for a few days now and feel completely lost. Even though the SDK integrates this functionality, there seems to be very few mentions to it in the docs and even less on the forums out here.
I followed what's explained here in the official stripe docs:
https://stripe.com/docs/sources/three-d-secure
https://stripe.com/docs/mobile/ios/sources
and also on this tutorial:
https://www.hitchhq.com/stripe/activities/591b075c9659a6263d0ccd0e
But still couldn't get how to proceed exactly. Small precision, I was until now using tokens to charge my users and it works on production, but I now have to use sources for threedsecure.
Until now I've managed to show the confirmation view (both the test one or the one from my bank on production) and authorize the payment. But then I am always prompted a blank view only containing an ugly blue button saying "Go back to MyApp". I don't understand that, this is ugly and useless, and I guess I'm doing something wrong so that I get this right ? I would expect to be redirected to my app right after the user confirms his credit card.
Then, when the user authorized the credit card, I'm back in my app, and the docs say I have to call startPollingSource on the iOS side which will act as a hook to inform me when the charge is complete. On my server I should also implement a webhook which will get notified when the card is authorized and confirm the charge.
There I am completely confused, why can't I just send the source_id to my server and confirm the charge through this one simple call ? This double-hooks workflow makes no sense to me ..
Here I am, this doesn't work, and I guess I missed something somewhere here.
My advice is to not try to implement stripe from scratch.Even though the integration is not that hard,they miss a lot of things in the documentation.
Better work on this sample project from their repo
https://github.com/stripe/stripe-ios
Related
I want to implement deferred deep linking in my iOS app as a means of tracking referrals. When a user of my app wants to refer a friend, I'll generate a URL that has a unique referral code. When the other person receives the link and opens it, I want it to take them to my app's page in the App Store. Then if they install my app, when it first opens, I need a way for it to read the referral code from the original URL.
I've found may pages about deferred deep linking on the web but none that really explain how to do it. Instead, these pages all end up telling you to install some third-party code or use some commercial service. This isn't what I'm after. I want to learn how to do this myself.
There are lots of old pages out there that recommend convoluted and error-prone solutions, like tracking the user's IP address, putting the referral code into the clipboard, or somehow obtaining it from a cookie in a web view. I don't think these are the correct solutions to be using in 2022.
If anyone can recommend the appropriate resource, I'd appreciate it.
If it is the case that Apple simply doesn't want us to do this and doesn't provide any support for it, then I'd like to know that too. I was under the impression that they did, but maybe I'm wrong.
Thanks,
Frank
Apple's Universal Links allow for this (would understand the difference between the typical URL Scheme and Universal Links as threshold). This assumes you're willing to do some lifting server-side along with other hurdles on the iOS side, largely administrative.
A benefit of Universal Links and the server-side work is that you're provided a fallback webpage if a user does not have the app installed. Since the app should open if downloaded, you could typically just redirect to the app store from this URL. In this case, though, before any redirects, you could execute an operation to decode the unique params passed in the URL and persist it in a remote data store. The data encoded needs to be required and verifiably unique during your registration -- email seems ideal.
If that's feasible, your standard registration flow could require email verification with a link to the app as a mandatory entry point (think slack magic link). When the user submits his/her email to verify, you could first check that email against your data store to see if it maps to any previously decoded referrals saved from the flow above. If so, you could generate a unique link for this email to your app with params that will direct the deferred/deep link.
The good news is, I found a solution. I could construct a web page that redirects the user to the app store, but before doing so, copies some text into their clipboard (without telling them or asking them to do anything). Then later if they install my app I can get the text by pasting from the clipboard. I tested this idea and it works.
The bad news is, starting with iOS 16, Apple now asks you for permission to paste. So if you try to do this, your user will launch your app and immediately get promoted with a message asking them to allow a paste from Safari. I expect most users will deny the request and just the fact that they saw it will erode their trust in the app (I know I wouldn't trust an app that tried consume my clipboard without a direct command from me).
We created a video sharing app with unity, crazy right, but we did it. Not to give any IP away, the app allows users to upload videos to a public page. unfortunately apple rejected our app and this is there response.
From Apple
Guideline 1.2 - Safety
Your app enables the display of user-generated content but does not have the proper precautions in place.
Next Steps
To resolve this issue, please revise your app to implement all of the following precautions:
- Require that users agree to terms (EULA) and these terms must make it clear that there is no tolerance for objectionable content or abusive users
- A method for filtering objectionable content
- A mechanism for users to flag objectionable content
- A mechanism for users to block abusive users
- The developer must act on objectionable content reports within 24 hours by removing the content and ejecting the user who provided the offending content
So i asked them to call me because i don't understand why i should have built in precautions if Facebook already has a team that does this, the content is saved on a Facebook public page. Long story short the apple agent told me that it is my responsibility to do so. Who am i to argue with apple right? So off to Facebook developer site i went and i can't find anything in the reference that will allow me to do so. which makes now sense because why would i want to block someone on my app but on Facebook side you would still be harassed by said person right?
I also went looking for apps that manage Facebook content and they seem to be able to do it. here is the image and I'm trying to block my friend. this app is called Friendly if anyone wanted to know
Can anyone please assist or at least point me into the right direction. Thanks in advance!
Christoph Broeckmann on the Facebook Developer community page wrote this as a reply to the same question;
There is no API to unfriend or block users. Any 3rd-party app you see
doing this is likely achieving this in a non-allowed way.
Those guidelines from Apple primarily apply to stuff that happens
inside your app - if you display content within your app, then you
need to provide the user with ways to report it, block it, or block
the app user that created the content - all within your app. They can
hardly demand that your app removes friendships between users on
totally different platforms.
Maybe they did not understand correctly that you do not show content
within the app itself. But if they did understand what your app does
correctly. and still think those rules should apply - then there is
little you can do about that.
so i think I'm going to build it into my own app and upload to apple. Thanks peeps!
I am developing an mobile app for iPhone. The app will primary used by people who are on holiday in a different country and will be offline most of the time, due to high costs for internet traffic.
However, the company for which I am developing the app wants to users to be able to use the "Facebook Share" functionality also when people are not connected to the internet.
It should work on a way that they click the SHARE link button in the app, but then get a message that they are offline and the link will get shared as soon as they are online again.
I am trying to figure out how to do this. Can I pass the link I want to share to the official FB App via fb:// protocol (or whatever) and the FB App handles the post/share as soon as it is online again?
Or do I have to do it on my own, put the links I want to share in a internal database and then post them to the wall when I am online again?
Or any other ways??
Any suggestions would be welcome, I would prefer a very quick solution and hope someone maybe has an idea how to do this. I was hoping I can pass the share-link to the official FB App and this one handles everything when it goes online again !?
Thanks for your ideas!
Your approach should be to make your link-sharing code automatically cache requests until they are sent. The app then doesn't need to concern itself with the details - it can just post the link and get a 'failed', 'success', or 'postponed' response from your API and notify the user accordingly.
Your link-sharing code can then internally check if it can currently post to FB and if not (either because the user is currently offline or perhaps the Facebook token is expired) it will store it for later. This class will then re-check periodically (for example when the app comes to the foreground or when the class is initialised the next time the app starts) for connectivity and then it will check if the token is still valid and perform FB login if required. Once it has a valid token it can then iterate through the pending requests and act upon them.
If you really want to make it nice and clean, you can separate out the code that accepts incoming requests to do something, checks if it can be performed now, does it or stores it for later, and periodically checks any requests in the pending queue. This class will not have any idea what the requests do or how they are performed, it will work with another class that implements a protocol to do the actual work and knows about facebook, etc. There may even be an existing design pattern for such a setup, but I don't know what it's called if there is.
Update: I did some research and found this is very similar to the "Fire-and-Forget Pattern".
I'm working on an iOS app that allows the user to like a Facebook page within the app. I've implemented this using FacebookLikeView. During the course of testing this functionality, I've liked and unliked the same page multiple times. Unfortunately, this seems to have triggered Facebook's spam detection. Now, when trying to like a page using the like button displayed by FacebookLikeView, the following error is presented: "URL could not be liked because it has been blocked".
Based on reports of the same problem found by searching the web, I've filled out this form to request that Facebook remove the block. However, I've received no response from them. I'm not sure how to proceed. Has anyone else run into this issue and successfully solved it?
With billions of pieces of content being shared on Facebook every month and bad actors constantly targeting the people who use Facebook, preventing spam isn't easy. Just as a community relies on its citizens to report crime, we rely on you to let us know when you encounter spam, which can be anything from a friend request sent by someone you don't know to a message that includes a link to a malicious website.
From : Explaining Facebook Spam Detection
This is no answer and what Donn Lee said is maybe the best answer.
My best guess at this is to send them lot information regarding you testing the app rather than abusing the system. You could try screenshots, contact info and explain what you are testing it for.
Try : Facebook Help Center
Developer Help : Rate Limits, Restrictions and Disables
Try filing a bug on the Facebook Developers Bugreporter.
If it's been a week and the site is still blocked, submit your site on this form.
if it comes down to no other option, there is also unrelated contact info on Facebook Newsroom, including the e-mail address press#fb.com.
Let me start by saying facebook's developer documentation sucks. Bad.
I'm using the facebooker plugin in rails to let users sign up through facebook connect. Now when certain things occur I want to send notifications to certain users through facebook. I heard some say that notifications must go from one user to another, but I've seen evidence otherwise. I signed up at the site http://www.meetingwave.com/ through fb connect, and now they send me (annoyingly) daily notifications of new things on their site. Also, using the comments widget on my own site www.tmatthew.net, when an anonymous user leaves a comment I get notified of that as well.
So uh, how do you do that? I've been googling all week long and can't seem to find anything. It seems like I should be able to send a notification from my app to one of it's users.
The api call you are looking for is called Notifications.send. The only thing is that they will be disabling it very soon so there is probably no point in implementing it into your application.