In my Swift app, I am going to be using Vungle for incentivized ads. The way this works is that the Vungle Servers will ping any URL that I give them. For example:
myapp.firebase.com/db_location/section/user_id/?value=123
I have looked around lots of websites and now my head hurts as I cannot seem to find a solution. Is there a way to insert into my Firebase database (securely, without write all access) request that is sent via a URL?
This would be similar I assume to the API Gateway that AWS supplies.
Looking for advice, pointers/tutorials etc.
You can use Firebase REST API which allows you to insert into your database using POST requests.
An example using curl from the documentation:
curl -X POST -d '{"user_id" : "jack", "text" : "Ahoy!"}' \
'https://samplechat.firebaseio-demo.com/message_list.json'
Related
I am able to generate an oauth2 access token (from a refresh token), which I believe should give me the ability to access the youtube data api functionally to delete/upload content.
Using python and the youtube api I need to delete and upload a (new) video to youtube periodically, say hourly.
All google python samples I've found seem to call the "DENY/ALLOW" screen which requires a copy/paste back in the calling app.
I can do this occasionally but otherwise want the process to be automated. I've read about service accounts which, which according to the linked post, are not supported by the youtube api. Offline access et.al. is also mentioned but in somewhat abstract terms i.e. no concrete python examples (that I have yet found). Another source mentioned an http get like below:
"GET access_token=ya29.GlxBBS89....ast987&part=snippet&mine=true"
but the following in python doesn't seem to work returning "response [400]" (bad request)
url = 'https://www.googleapis.com/youtube/v3/channels'
args = 'access_token: ' + token var + ', part: snippet, mine: true'
get_token = requests.get(url, data = args)
I have used Can we use google youtube data api without OAuth (and others) to get to this stage but need clarification for the next step.
**********************************Update*********************************
I have found that I can only generate access tokens for clients credentials configured as web apps. I am writing a desktop app so I may be barking up the wrong tree.
Or learning Django...
I found examples at https://developers.google.com/youtube/v3/guides/auth/installed-apps that helped.
curl -H "Authorization: Bearer <access_token>" https://www.googleapis.com/youtube/v3/channels?part=snippet&mine=true
curl https://www.googleapis.com/youtube/v3/channels?access_token=<access_token>&part=snippet&mine=true
The curl samples especially provided confirmation that I'm reaching the endpoint and returned helpful debugging info. They have exposed other issues which I'll ask in another question.
I write an app for broadcasting to twitch.tv using C++. For that streaming I need to know the user stream key, usually an user gets that key from the page,
http://www.twitch.tv/user_name/dashboard/streamkey
But I would like get it via my app by using the user name/password.
Any ideas?
You will get it here (change "yourtwitch" by your twitch nickname")
http://www.twitch.tv/yourtwitch/dashboard/streamkey
The link simply moved. You can get this link on the main page of twitch.tv, click on your name then "Dashboard".
This may be an old thread but I came across it and figured that I would give a final answer.
The twitch api is json based and to recieve your stream key you need to authorize your app for use with the api. You do so under the connections tab within your profile on twitch.tv itself.. Down the bottom of said tab there is "register your app" or something similar. Register it and you'll get a client-id header for your get requests.
Now you need to attach your Oauthv2 key to your headers or as a param during the query to the following get request.
curl -H 'Accept: application/vnd.twitchtv.v3+json' -H 'Authorization: OAuth ' \
-X GET https://api.twitch.tv/kraken/channel
documentataion here
As you can see in the documentation above, if you've done these two things, your stream key will be made available to you.
As I said - Sorry for the bump but some people do find it hard to read the twitch* api.
Hope that helps somebody in the future.
You may obtain the stream key via the API:
https://github.com/justintv/twitch-api
As of January 2018 the url is https://www.twitch.tv/username/dashboard/settings/streamkey
Parse.com's REST API docs (https://www.parse.com/docs/rest) say: Authentication is done via HTTP headers. The X-Parse-Application-Id header identifies which application you are accessing, and the X-Parse-REST-API-Key header authenticates the endpoint. In the examples with curl that follow, the headers are stored in shell variables APPLICATION_ID and REST_API_KEY, so to follow along in the terminal, export these variables.
I am building a Sencha Touch app as a native app on iOS and Android using Phonegap, and I was wondering whether it is secure to expose these keys to the client while making the REST calls?
Also, can someone explain to me how does security work in this scenario? Help is much appreciated! Thanks!
Without phonegap , in a proguard , post processed android apk , the string values of the 2 headers you mention are exposed client-side . not a big issue. TLS covers the http header values during network leg and far more important for app security, you have Full ACL at the DB row level(parse/mongo) contingent on permissions of 'current user()'. So with no access to logon, some outsider doesn't have any more than obfuscated string value to an app-level access token.
. One odd thing is that with parse the lease time on the client-side token value foapi key is permanent rather than say a month.
Parse REST security is robust n well executed.
Can't speak to what PG framework offers in obfuscate/minify/uglify area but you should check that.
I have read the documentation of twitter , and created an app and have all the keys needed .
Now i am trying to understand that simple one line http request ,to get a user latest twits .
I have read this Simplest PHP example for retrieving user_timeline with Twitter API version 1.1
but there is not one line code in there to make the request ( i don't know java script).
so , i have this :
https://api.twitter.com/1.1/statuses/user_timeline.json?screen_name=twitterapi&count=2
Which will not work because my keys should be in this line, but i don't understand how to add them?? where and how i add my keys to this ?
This url is like a node or address so twitter server knows what kind of request you need.
https://api.twitter.com/1.1/statuses/user_timeline.json?screen_name=twitterapi&count=2
Beside url you can pass many other parameter using http header, which is best to be used with server langunge programming, e.g PHP.
In PHP you can pass your credentials by changing header. While current twitter API are using Oauth, it's going to difficult to learn using Oauth this way, the easiest option is to use others' library. Check out 'twitter API library' (just google it)
Here's the command I need to execute: (using the example API key)
curl -v -u 1971800d4d82861d8f2c1651fea4d212:api_token \
-X GET https://www.toggl.com/api/v8/workspaces/777/tasks
I am writing a dashing/sinatra based dashboard that shows a summary of the information from our Toggl account. My question is, how to I open this url in sinatra using something like
open('http://...) do |f|
A successful curl returns an array (json) that I can parse for the info I need.
I'm not entirely sure how to tackle this. I have some ideas but they aren't well formed enough to properly comment on them. I though I'd bounce this off of you all for inspiration and information.
I'm all ears.
Check out HTTParty. The example in the README shows basically exactly what you're looking to do using auth headers:
https://github.com/jnunemaker/httparty