Linking an iOS application to a dropbox account hardcoded - ios

I am trying to create an IOS application. Part of it will allow upload of data to a Dropbox account that is hardcoded. I don't know how to do this part of my app without having a webpage show up that asks for authorization. Are there other ways to authorize an account without asking the user?

Don't do this. You're asking for a disaster.
Violates the Dropbox Terms of Service.
What happens when Dropbox suspends your account, your app breaks.
An API key you hide in the app could be compromised and exploited.
Look into another service intended for what you actually want to accomplish, Amazon's S3 is likely a good choice.

Related

Dropbox, iOS, OAuth, Token embedded in app

Working on an iOS app that will use Dropbox as a server side ( just a place to store documents that the app needs to access). Most work I see around Dropbox API is asking the user to go and login from the iOS app into Dropbox, and then get the user token and save it, But I don;t ant that, I want to have a token stored within the app at all times. How can I achieve that? is that possible or a good practice.

In objective-c is it possible to set up OS-level account validation like Twitter, Facebook and Vimeo?

I'm working on an iPhone app that is logging into a webservice and it's been asked of me to get the account login management into the settings page (i.e. next to Twitter, Facebook and Vimeo). From what I've been reading about the accounts framework, it appears that only those few companies have that ability.
I currently have it set up and working asking for login info periodically and polling the webservice for validation, but we're trying to move toward supporting moderately offline use, which means we need to have some sort of account info managed on the phone itself.
Can I use the built-in account framework for our own login credentials or is that not something that's available to a regular dev and I'll have to look for another way to do it on my own? Is that something that the keychain would be better for?
Using the keychain to securely store the users credentials is a good idea to start.
If I am understanding your question about a "built-in account framework", I don't believe there is a local framework for account management on the device itself that I am aware of that would be useful in this circumstance.
I've had to build an app that needed to authenticate to a web service that also needed to have some offline access. I ended up recording the validated authentication date and time in the NSUserDefaults and would let the user use the app for a 48 hours period before they had to re-authenticate. Their data was queued locally and when they had online access again, I would re-authenticate and then sync the data. Not the most elegant solution but it fit the project.
I used AFNetworking (http://afnetworking.com) to track the changes in network access and used to blocks to respond to the changes.

iOS: Upload multiple files using Dropbox

All that I have researched integrating Dropbox iOS SDK requires logging in to authenticate/authenticate a user.
But this is what I want to accomplish
Use only one user account. (Without authorization)
Create a random public folder(in same account) and upload files to that folder.
Get the folder link.
It's basically sending generated files from the app to an account.
How can I possibly do this?
The API was designed with the intention that each user would link their own Dropbox account, in order to interact with their own files. However, it is technically possible to connect to just one account. The SDKs don't offer explicit support for it and we don't recommend doing so, for various technical and security reasons.
For example, any user who extracts the access token from your app will be able to read every file in the Dropbox account, delete everything, replace it, etc.
However if you did want to go this route, instead of kicking off the authorization flow, you would manually use an existing access token for your app. (Just be careful not to revoke it, e.g. via https://www.dropbox.com/account/applications.)

Google Drive API for iOS: OAuth2.0 with an application-owned account

I'm creating a simple iPhone app. The basic premise is that the app will display some data (That I provide online) on the application. The data changes over time, so the app has to draw the data from online and display it. I don't have a significant programming background so I don't want to use my own server.
Thus, I thought it would be significantly easier to just put the data into some documents on a Google account and then access them programmatically via the Google Drive API. I could then update the data in my Drive account and it would get updated in the application. The key here is that I am ONLY accessing ONE account that I own MYSELF. The users' accounts are not being accessed. Therefore the goal is to never have to log in manually. It should all happen behind the scenes, aka, it should look like a server, not a google doc.
With this in mind, it doesn't make sense to show the Google Accounts sign-in page to my users as the standard OAuth2.0 tutorial shows here:https://developers.google.com/drive/quickstart-ios#step_1_enable_the_drive_api
I should be able to access my own data by somehow hardcoding in my username, password etc. Google agrees here: https://developers.google.com/drive/service-accounts#use_regular_google_accounts_as_application-owned_accounts
The above link mentions a "refresh token" that I'm supposed to save. However, I have no idea how to build and save that token, or even for that matter, where to find it.
I've gone through both the basic tutorial and the Dr. Edit Tutorial for iOS, but they both assume that the application is accessing USER accounts not application-owned accounts.
I'm not asking for someone to write the code for me (though tidbits are nice), but if you can point me to a step-by-step guide or related sample code that would help me get started that would be awesome. I'll even come back and post the code that I use!
EDIT: Since I realized that the Google Drive API wasn't something I could use for what I am trying to do, I eventually found Parse which is an awesome tool that handles all the server backend for me and is free at the basic level.
Google APIs objective-C client library doesn't support service (application-owned) accounts, because they are supposed to be used by a server-side apps, instead of clients -- you shouldn't be distributing your private key as a part of an app.
If you would like to distribute content from a service account, maybe you should write a server leg to do the authentication and pass clients credentials in a secure way for them to talk to the API on the behalf of the service account. Or, use Web publishing to make documents universally accessible without authorization and authentication if privacy is not a concern.

Retrieving and displaying third party Facebook statuses in iOS app

I'm new to Facebook development and I'm running into trouble with what seems like it should be an easy task. I am building an iOS app for a client, and that client wants to display a number of their most recent status updates in the app, along with a link to their Facebook page. These statuses should be displayed to the user of the app even if they are not logged into Facebook or do not have a Facebook account saved on their device.
My research so far seems to indicate that I'll need to make a request to the Graph API using a user access token (which I can do successfully in the app using a token copied and pasted from the Graph API Explorer), but it seems that the only way to get a user access token from within the app is to log the user of the app into Facebook using their account credentials. This is not a good solution because I need to be able to display the client's statuses to the user whether they have are logged into a Facebook account or not. Is such a thing possible, and if so, how? I've been all over the docs and can't find a conclusive answer either way.
I know that we would approach it quite differently. We would have our own web service periodically pull what we needed off of google and store it on our own server, then we would use AFHTTPClient to pull this information down to our app. That way we wouldn't have to spoof anything with FaceBook or put any requirments on our users, such as logging into facebook. It would require that you have a service that your client maintains (or you could easily contract that for a cost).

Resources