Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 4 years ago.
Improve this question
I have one custom UIButton. that button functionality is subscribing one default Youtube channel. is this possible to subscribe channel in my apps. please share some code or guide link.
You have to implement the YouTube API into your Objective-C application in order to do this.
Step 1
Since you want to enable the user to subscribe to a channel, you have to use OAuth 2.0 to allow the user to securely login to their YouTube account. The OAuth 2.0 is pretty simple to implement. Essentially it consists of the app opening up a Google login web page, getting the user to login/approve app access and then getting a callback string which contains a special code. You then use this code in a POST request to verify/obtain the user refresh/access tokens (a long string which represents a logged in user).
Step 2
Store the access token string securely in Keychain, don't user NSUserDefaults! Use the FDKeychain wrapper class to easily save/load the user access token to the OS keychain. You can access this wrapper class on Github: https://github.com/reidmain/FDKeychain
Step 3
Now you need to search through the Google (YouTube) developer API documentation, in order to find out how to subscribe to a channel. In fact I've found it: https://developers.google.com/youtube/v3/docs/subscriptions/insert
But basically it consists of you making a POST request to this API link: https://www.googleapis.com/youtube/v3/subscriptions
In the request you simply include the ID of the channel you wish to subscribe to and the access token of the user. Once the request has been made, you will receive a request response. Check the response for any error codes/etc.... If all went well, then the user has been successfully subscribed to the channel, otherwise parse the error code/description and alert the user.
Note
Access tokens don't last forever, they need to be refreshed from time to time. In order to refresh an access token, you need to make a POST request with your access token and refresh token to the Google API, learn more here: https://developers.google.com/identity/protocols/OAuth2WebServer#offline
The response of the above request, will return a new access token.
Related
I am currently developing a discord bot that can post tweets and more. The whole code is basically done all I need to do now is make the user authenticate the app so the bot can post tweets. I searched everywhere and I don't have any idea on how to do it. My goal is to have multiple users in a discord chat use the bot at the same time
From what I understand, you want your bot to have control multiple user's API ?
If so,
Have the user inputs their credentials using a command, (best would be by DM, like ?api XXXXXX)
store this credentials into a database and have your API Caller lookup for a specific API credentials within your DB.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
I am a newbie of user authentication, currently I am playing around with Azure AD B2C, it seems good but I want to create native pages in my app for user sign up and login instead of using the azure policy, so I want to implement this function in my app:
A user can sign up in to my app by filling his email and password, and then, a set of optional profile attributes. He also can login in to my app by using Facebook or Google, etc; and in the first time login, my app will ask the user to fill in the user profile and create an account for him in my app. So the user will eventually have an account for my app. I think this is very common in mobile apps, but I just don't know what is its structure and how it works, here is an example:
Adobe XD sign up or login page
The other question is how the server should verify a request sent by a user? Does it need to verify the Facebook access token, Google access token or my app access token embedded in the request separately? Or is there a way to safely verify the user identity in the same way?
I don't know how to put all the things together to make an app, please tell me how to implement it, or which services (like azure ad b2c) can satisfy my need, or please recommend some open source ios app projects which implement this function.
Thanks a lot, I've been thinking this problem for a couple of days :/
You should decide what solution would you like to use: your own solution or external, free or commercial. I can suggest you to take a look to https://auth0.com. They have manual for iOS: https://auth0.com/docs/quickstart/native/ios-swift/getting-started. Also you can find a lot of examples how to use auth0 in Internet.
Please be careful if you will use Facebook and Google APIs. Someday we had an error in our application because of gender field. Facebook API return MALE/FEMALE, but Google also have OTHER and this caused an error - on our side we had only MALE/FEMALE gender in our Enumeration and no OTHER type (gender validation failed because of this).
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
You would think that people would have answered this questions dozens or even hundreds of times, but to my surprise it seems that people perhaps are not interested in this in iOS development?
I am creating an app (Xcode, Swift 4) that is going to require people to login. The credentials once they are verified are going to be stored in a database of sorts, but before the account exists users must sign up. The registration process is supposed to consist of an email verification and later a phone number verification.
How can I verify someone's email address using a confirmation email sent from the app or some server attached to the app? I specifically do not want to use outside libraries such as Parse or Firebase that I have found online. If there is a library in the Apple Dev API that I am missing I would greatly appreciate a nudge in the right direction.
Thank you to anyone who can help me out.
You can't programmatically send an email on behalf of the user, using user's credentials and targeting user's SMTP server choice. Even if you figured out a trick to it, Apple would never allow it in the App Store due to user privacy & security risks.
You could try putting an entire stack of code into your app to communicate with your own SMTP server, using hardcoded credentials in your app, but to do so securely is a lot of work, and I suspect it'd be a lot of work in general.
Your best bet is to just have your app communicate (NSURLSession) with your server to send up user's registration info and have the server then do whatever it needs, including emailing the user a confirmation email.
These tutorials may help you:
iOS Registration Form Example using PHP and MySQL
User login and register/sign up example using Swift on iOS.
As for how to have your server send a text message, see this SO answer
(Assuming you have some type of server management knowledge)
yes you don't need to Firebase or Parse to achieve that but it's pain free :(
Do you want a Server or (Google Cloud Functions or AWS Lambda)?
(Keep in mind that your app 'd need to talk to each choice via HTTP or HTTPS request).
(you can get that VM anywhere AWS EC2, Google Cloud VM, Digital Ocean)
Let's start with the server, you need to create some REST API and running it from a specific port 80 or 443(secured one). Instead of learning a new language, you can use Swift (look at library such as Vapor that would help create that rest api, or check for other library).
**if you are not using swift, then use javascript (Node.js library such as Express would help you create that api) **
Email or Phone Verification Logic (server side, your api has a specific route that handles verification):
(look for library that let's send email on the server side. )
in this route/path you'd receive from your app a Dictionary that contains an email or phone number
compute some random number
2 cases here: (email) send an email to the user's email with a message body containing that random code. (phone number) you using Twillio api to send code via text message.
To end your api route/path's response, send this random code to app ( cache it into UserDefault or whatever you preferred, because when the user inputs the received code, you need to verify it (since the code generated from server side is cached, I mean now you get the gist )
Managing that VM:
keep vm port lock from the outside meaning firewall
you need to update the system
what if your system reboots (what happens to your api)
what if you get a lot of requests at once (you should have load balancing))
Cloud functions or AWS Lambda (ELB + Api Gateway + Lambda instead):
no need to manage a server
can't use swift, you'd need to learn javascript or python
same Verification logic applies here
To secure connection between from your app to your api, look at JWT Token, you need to make sure nobody else can't access any routes from your api
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
OAuth 2.0 with Google Analytics API v3
I've been reading loads of pages about the Google API today and how it requires Oauth2.0
The documentation on Google's own site is useless and keeps sending you round in circles so I'm hoping somebody here might be able to help.
I'm trying to build a simple test webpage (on http ://localhost) which takes data from the Analytics API, always from the same account.
So, I have an API key and would like to get data from this 1 account without requiring users of my site to login (they wouldn't be able to do that anyway, it's my account).
So, is there a way to authenticate my app on localhost programatically via HTTP or something. It seems like I shouldn't need to use Oauth unless my users were accessing their own accounts?
Looks like this is only possible if you get some user to log in first and use a "refresh token", as per the link posted by Jan above
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 4 years ago.
Improve this question
QUESTION
Which of the Youtube Data API auth methods will allow me to upload videos to a single channel without having to force my site's user to authenticate?
OAuth
AuthSub
Client Login
I've read http://code.google.com/apis/youtube/2.0/developers_guide_protocol.html#Authentication but am still unsure.
BACKGROUND
I'm building an application in Ruby on Rails which will require users to upload videos and associate them with an account within the application (not their youtube account).
I don't need to associate the videos they upload with their youtube account, and it would be perfectly fine to have all the videos uploaded land in one youtube channel, similarly to how the Doritos Guru contest worked ( http://www.youtube.com/user/doritosguru )
So far as I can tell, I should only need to have access to a single youtube account, which I can create, and upload all the videos through this account. So far as youtube is concerned, this one user will own all the videos.
I've read through the different authentication options presented ( http://code.google.com/apis/youtube/2.0/developers_guide_protocol.html#Authentication ) but still am unsure which of these meets my needs.
Also, I'm looking for a ruby gem/rails plugin that will facilitate what I want to do.
I'm currently looking at http://github.com/edgarjs/youtube-model but don't know if that will meet my needs.
Advice?
You should use the ClientLogin method.
For example, suppose you want to authenticate a YouTube account for which the username and password are testuser and testpassword, respectively. You can simulate the HTTP POST request using the Linux 'curl' command, as shown in the following example:
curl \
--location https://www.google.com/accounts/ClientLogin \
--data 'Email=testuser&Passwd=testpw&service=youtube&source=Test' \
--header 'Content-Type:application/x-www-form-urlencoded'
If your authentication request is successful, the response to your request will have the following format. (Please note that the token values have been shortened in the example.)
SID=DQAAALQAAAA6wx7byZp-s4BizDqS1OaT21j9dmY6wMjexpQdNC3
LSID=DQAAALUAAAARH_PvRXoaz23Dv_UmOSUz2_0vh-4XbUedCN9XTZ
Auth=DQAAALUAAAARH_PvRXoaz23Dv_UmOSUz2_jxJVCGjoulKlhWbU
When you make an authenticated API request using a ClientLogin authentication token, your request needs to specify the Authorization HTTP request header as shown in the example below:
Authorization: GoogleLogin auth=<authentication_token>
X-GData-Key: key=<developer_key>
Then you can use the token in the rest of your application, and lump all the uploaded content into one youtube username.
As for gems, theres active-youtube, youtube_g and a few others, however I haven't found any that really streamline the auth process. Most just allow you to query for top video feeds and stuff like that. A gem would make a good starting point though to build out the rest of your app. This completed upload script is a good starting point as well. Google's Authentication Docs
Just a note, about allowing all videos to be uploaded to a single account. Not a technical point, but if you will indulge me...
If the account belongs to you and someone uploads a copyrighted material to it, its you that will take the wrap... If YouTube get complaints then your account can be suspended which means that all videos are unavailable, which means your entire app may not work!
What I did was ask the user for a YouTibe account when uploading videos, then, add the video to a playlist so it shows on the channel. You get the video and the responsibility and potential damage is restricted to a single account...