Use Google Places nearbySearch function in iOS - ios

In Web API, use the nearbySearch function will return the results nearby the specific coordinate.
But I cannot find a similar function in iOS SDK.
I think the worst way is using REST API likes
https://maps.googleapis.com/maps/api/place/nearbysearch/json?location=22.979468,112.544345&radius=100&key=API_KEY by Alamofire
But I have another problem, I don't know how to restrict my API key for iOS REST API only.
I tried to set it for iOS Application but it does not work.
Please give me some idea, thank you very much!

You cannot apply iOS app restriction on web service API key. The only supported restrictions for web services are IP address restrictions. This supposes that you are executing web service requests from your backend server and restrict an API key with IP address of your backend server.
In case of mobile iOS app that means you should create an intermediate server to execute web services and pass responses back to your app in order to protect an API key that you use with web service.
There is a feature request in the Google issue tracker to add nearby search as a part of Places API for iOS:
https://issuetracker.google.com/issues/35830334
Feel free to star this feature request to add your vote and subscribe to further notifications from Google.
Hope this resolves your doubt.

Related

IOS mobile access to Google IOT Core REST API authentication authorization scope problem

一:I would like to ask some questions about our IOS mobile access to Google IOT Core permission scope authentication. We are planning to use API services from Google IOT Core to access device-specific data;
But we encountered the problem of OAuth authentication, requesting the scope of Google API, it may take up to several weeks, I wonder if this is the case?
OAuth image
My application will use the following request scopes: https://www.googleapis.com/auth/cloudiot, https://www.googleapis.com/ auth / cloud-platform I want to be able to view and manage and manage and Create a registered device.
https://www.googleapis.com/auth/pubsub Want to use this API to publish subscriptions / topics on your phone, receive device data, and assume: temperature, humidity, alarm values, etc. Mobile terminals can access IoT data through HTTPS (https://cloudiot.googleapis.com/v1/{name=projects//locations//registries/*}) nodes.
二:Use Google Cloud Functions to connect to the cloud platform to get device data from IOS;
Google Cloud and the device have been successfully bound and deployed through the console, but it is impossible to understand how to write the Google core API from the cloud function so that the device connects to the cloud, IAM grants permissions, or the private key to access the Google API (Purpose: IOS mobile phone calls Google API through cloud functions, implements JSON interface, and gets device data for IOS) Thank you in advance, thank you!
My article might be helpful for your problem if you're still having this issue, It shows how to connect to IoT Core using CocoaMQTT and SwiftJWT, you can do something similar but instead of connecting to the specific device you could register the device with a given ES256 public key.
Controlling you phone from the cloud

Secure cloud functions in Parse from iOS

TLDR: All I want to do is secure my cloud function in Parse so that it only accepts requests from my iOS app. How can I do that?
Longer version:
I recently got started with using Parse for a client side app I'm building using a Google API.
Before using Parse, my issue was that the Google API calls from my app were not secure. I tried a Man in the middle attack on my app, and I was able to successfully get the bundle id and app id (Google claims some form of security is achieved by ensuring that the call is from the correct bundle id that you can specify on their console). So despite using SSL, seems like it was easy to get this information. Now this Google API is paid, so someone could easily abuse my key when I release my app and raise my bills.
I was anyways also thinking of doing some lightweight work in the backend, so I figured to use Parse. Now the call to the Google API is done in Cloud Code. But a new problem I'm facing is how to secure calls to the Cloud function I've defined in Parse? The Parse App ID and Client Key aren't secure at all.
All of Parse's blogs keep talking about creating users and defining ACLs etc. But in my case, there is no data in my Parse app and there is no user per se. It simply calls the Google API and returns the result. All I want to do is secure my cloud function so that it only accepts requests from my iOS app. How can I do that?
The inherent security risk here is that any key you store in your app is vulnerable, for that reason encryption is also vulnerable. My recommendation is to use the automatic user in Parse on your iOS app, you could even throttle excessive requests/abuse by a single user. By creating and using a user you are able to gain the benefits of ACL which appears the best security option available in Parse currently. At that point you send the automatic user in your cloud code request and verify it's a valid iOS user.

Google Places API for iOS vs Google places Web service

I plan to have an application to list nearby places in a UITableView with UISearchController combined by Auto-complete feature to filter the result of places and I'm trying to use Google Places API.
I'm confused because I don't know which API should I use:
Google Places API Web Service
or
Google Places API for iOS
I didn't find a way to get a list of places in the Google Places API for iOS documentation.
When to use Google Places API Web Service and when to use Google Places API for iOS ? and what works best in my case (get list of places with pagination and filter by name and category options)
I have already generated an API-KEY for Google Places API for iOS can I still use this key in Google Places API Web Service ?
In general, if developing for iOS, you should prefer the Google Places API for iOS. It is designed to be easier to use and more efficient from iOS than using the Web Service.
However, the Places API for iOS is relatively new, and does not yet have all the features of the Web Service. In this case, you might prefer to use only the Web Service, or to combine the Places API for iOS and the Web Service.
For your particular use case, I would recommend using the Places API for iOS getCurrentPlace functionality + Autocomplete. getCurrentPlace returns a list of places where we believe the device to be located.
If that doesn't meet your needs, you could use nearby search from the Web Service + Autocomplete from the iOS API.
For question #2: You cannot use the same API Key for iOS and Web Services. The former requires an iOS Key, and the latter a Server key. You also need to enable both services in the Google Developers Console.

iOS apps and Google Geocoding API

I'd like to make use of the Google Geocoding Json api (http://maps.google.com/maps/api/geocode/json?address=%#&sensor=false) in my iOS app, but I don´t find if the use of this URL has any restrictions and/or this may be rejected when submitted to App Store.
Thanks in advance
There are some restrictions, read the documentation in particular the Usage Limits and Maps API Terms of Service License Restrictions.
This would not be a problem for the app store. Apple does not restrict what geocode service you can use.
First thing I noticed is you are using Non-secure URL to access google geocode API, which will give no data from Google side.
Second thing, Apple has rollout some guideline during WWDC 2016 to use always secure URL if you want to access it withing from APP please check out the link so there are chances about maybe they found you are using non-secure link to communicate with web service, and your application will be rejected from Apple.
We are using Google GeoCode and reverse Geocode API within Unity using C# HTTPWebRequest class with the Secure link. our app pass out through Apple Review

Google Places API: iOS key: Request Denied [duplicate]

I'm trying to make an Autocomplete field which should fetch cities as the user types, by using the Google Places API as described in this tutorial:
https://developers.google.com/places/training/autocomplete-android
You've probably found this question around many times before as I did, but none of the answers helped me. Here are the things you should know:
The URL is
https://maps.googleapis.com/maps/api/place/autocomplete/json?sensor=false&key=myKey&components=country:ro&input=whatTheUserTypes
Please don't reply by saying you replaced the API key with your own and it worked - the API key which goes there must be Android specific and won't work from a browser.
So did I make the Android API key using the SHA1 fingerprint obtained from the keystore I signed the app with.
I turned on Maps and Places APIs from the console.
The quota isn't exceeded.
All those and it still gives me REQUEST_DENIED
What I didn't mention is that I have O2Auth activated - does that change anything? Shouldn't it be as simple as putting the API key in the app?
Thanks!
Although this has been answered, I think the community could do better.
I was tearing my hair out about this, it just didn't make sense to me.. I was making an iOS/Android App, so I made an iOS/Android Key...
Wrong.
With Google's Places API, your bundle identifier isn't even considered.
What you really want to do is this:
(I'm using the new User Interface)
1. Log into https://cloud.google.com/console#/project
Select your Project Name, then go into API's & Auth > APIs
Make sure you have Places API Turned on. This is the only thing that needs to be turned on for Places-API to work.
2. Go into Credentials
Click CREATE NEW KEY under Public API Access
3. Select BROWSER KEY
4. Click Create, Nothing Else
Leave the HTTP Refer box empty.
5. Use the Key Generated here
This key will allow ANY user from any device access to the API via your Developer login.
You can try it out here: (Be sure to replace YOUR_KEY_HERE with your generated Key)
https://maps.googleapis.com/maps/api/place/autocomplete/json?input=Food%20Sh&sensor=false&radius=500&location=0,0&key=YOUR_KEY_HERE
6. Enjoy
Now you can use that URL above in your Android/iOS device.
The Google Places API does not currently support Android or iOS keys generated from the Google APIs Console. Only Server and Browser keys are currently supported.
If you would like to request this support, please file a Places API - Feature Request.
https://developers.google.com/places/training/autocomplete-android
Storing your API key
Although the above code demonstrates how to communicate directly
between an Android app and the Places Autocomplete service, you should
not store your Places API key with your app.
You should therefore build a web application that stores your API key
and proxies the Places API services. In order to secure communication
between your Android app and the proxy web service, you should require
user authentication to your proxy web service. Your Android app can
securely store user credentials and pass them to your web service, or
the user can log into your web app via an Android WebView.
For the latter approach, your web app should create and return a user
authentication token to your Android app, and your Android app should
subsequently pass this token to your proxy web service.
Go to google cloud platform console>Credentials click on edit by selected your YOUR_API_KEY>Application restrictions > select none option>save thats it.
If you select the android apps option from Application restrictions then google deny the place API with exception REQUEST_DENIED.
In Google dev console, you should be able to find both "Places API" and "Places API for Android"
Make sure to use "Places API for Android"
For some reason, "Places API for Android" is hidden in the API list, but can be accessed using search.
I had the same issue , I fix it by leaving
Accept requests from these HTTP referrers (web sites) (Optional)
in browser key Empty
I am still new, so I cannot comment, but to shed some light on Moe's answer, I resolved some similar Google Maps API issues regarding URL queries (for directions, using Volley) with the following steps:
Get Android API Key (including Google Maps Directions API in my case).
Get "Server" API Key (which seems to be created by using a key restriction of "HTTP referrers" these days - really, it's just used to issue URL queries through HTTP).
Store the Android API key as a meta-data tag in the application tag in AndroidManifest.xml with android:name="com.google.android.maps.v2.API_KEY" and android:value as your key. This is used for direct interaction with the Maps API (minus URL queries).
Use the server API key whenever issuing URL queries.
I am not sure if this also applies to URL queries for the Places API, if you only need the server API key, or if there is a better solution, but this worked for me.
I imagine that it works with just the first key - the one not restricted to Android.
Inside Google Cloud Console type Places and Activate it. Create an API Key and insert it onto your Android Studio App as you would do normally. That`s it.
I had the same problem. For me the key was to enable billing on project. I am still using "Applications for Android" restrictions. After setting up the payment method, Places Api started working.
Prior to using the Places SDK for Android, do the following:
Follow the Get an API Key guide to get, add, and restrict an API key.
Enable billing on each of your projects.
Enable the Places API for each of your projects.
See it there.
Be sure also to check out the billing plans for the Google Places API as it is not free!

Resources