GMail API iOS Authorization - ios

I am using the Gmail API in iOS with the code that is given on the link
https://developers.google.com/gmail/api/quickstart/ios?ver=swift
and I tried running the application on an iPhone but every time, when I start the application it is asking for a Google login for authorization.
The page at Google Developers says that:
Authorization information is stored in your Keychain, so subsequent executions will not prompt for authorization.
So my question is that for my application is the Keychain value not being stored, if so how can I correct it and if not what can be the possible error in the code that is in the link provided above?

Related

Sign in with Google temporarily disabled for this app

We are facing the below screen when trying to authenticate to Google. The app that we are trying to authenticate is used for internal development and we did not publish it to our users.
Any idea why this occurs?
We faced an Unverified App screen before (as below) but now the authentication is disabled.
OAuth Client Verification
Starting July 18, 2017, Google OAuth clients that request certain sensitive OAuth scopes will be subject to review by Google.
OAuth Client Verification
Starting July 18, 2017, Google OAuth clients that request certain sensitive OAuth scopes will be subject to review by Google.
Review is not required if you are only using it under the same account as created the project in Google Developer console. You can read more about this change in this help center article.
This change applies to Google OAuth web clients, including those used by all Apps Script projects. By verifying your app with Google, you can remove the unverified app screen from your authorization flow and give your users confidence that your app is non-malicious.
Once you have applied for verification it takes around a week and it should start working.
I found this thread some time ago when this happened to us in our development project on Google Cloud Platform.
You can use a project for development without verification. No problem on that. But there are some limitations (more information here and here). Basically, we reached the limit of 100 users accessing the application. It was strange because we were testing with few accounts (5-6) until we found that, if you uninstall and install the application again, it counts as a new user. We were testing incremental authorization, so we uninstalled/installed the application a lot of times and we reached the quota.
When you reach this limit, you will see the message "Sign in with Google temporarily disabled for this app" and only users from the organization where the project is hosted can access the application. So we couldn't make test with our accounts from a demo domain or our Gmail accounts.
The only solution available was to pass the OAuth verification form (even if you didn't want to publish the application), but there were problems to do it. For example, it was mandatory to remove http://localhost from valid OAuth URLs. And more problems related with development.
❗ But this has changed recently. I have accessed to OAuth credentials screen in Google Cloud Platform (APIs & Services > Credentials > OAuth consent screen) during this week and now the page it's different. Now you don't need to specify "Authorised JavaScript origins" and "Authorised redirect URIs", you just need to specify your scopes for Google APIs and the Authorised domains. Then, at the bottom of the page you will find the button "Submit Verification" and the process will start. You will also find some information on the right:
About the consent screen
The consent screen tells your users who is requesting access to their data and what kind of data you're asking to
access.
OAuth Developer Verification
To protect you and your users, your
consent screen may need to be verified by Google. Without
verification, your users will see an additional page indicating that
your app is not verified by Google.
Verification is required if
Your application type is public, and You
add a sensitive scope Verification may take several days to complete.
You will receive email updates as it's processed.
Saving without publishing
Even though your consent screen is
unpublished, you can still test your application with users with the
following limitations:
Sensitive scopes are limited to 100 grant requests before verification
is required
Users see an additional page indicating that your app is
not verified by Google.
To include "Authorised Javascript Origins" and Authorised redirect URIs" you need to go to APIs & Services > Credentials and there click on your OAuth 2.0 client ID. There will be a form where you can add them.
In our case it took 1 day to get a response from Google. In the email there were some instructions to pass the verification. We had to reply the email with a video uploaded on YouTube addressing the following points:
How does user sign-up on your app and grants access to the sensitive scopes requested in verification?
OAuth consent screen as seen by end users
How does your application use the requested scopes to provide services to developers?
A test account email and the password for us to test the user sign-up process and validate the project's functionality.
We recorded a video showing points 1, 2 and 3 and sent them a test account for number 4.
After 1 day, we got another response from Google confirming that our project had been verified.
So finally the problem was solved! 🙂
I hope this could help people in the same situation. It was really annoying for us.
I had to go into my Google Apps Script settings and turn on the "Google Apps Script API" setting. Then I tried again, and the script executed correctly without issue.
I had used the script a couple of weeks ago and it worked fine, so something must have happened between then and now that changed it... Not sure what caused that setting to switch.

Issue : Connecting using OAuth to Jawbone from android app

We are using Jawbone API to pull data tracked using jawbone devices.
Our users are successfully able to sign in when they access Jawbone sign in page during OAuth process from our website.
However, they are not able to sign in when they access jawbone authentication page from our android app during OAuth process. This authentication page is launched in webview on andriod.
On log in page after entering correct credentials and clicking on Sign In button does nothing. The page even does not display whether credentials were correct or not.
Is the OAuth authentication user agent (web/app) dependent?
We have started facing this issue just recently and before it used to work perfectly.
Jawbone's OAuth2 flow operates through web login and approval pages, then issues a redirect callback to your server. Jawbone has several partners who do this within their Android apps.
It sounds like your app is not handling the callback half of the OAuth2 flow correctly, but it's hard to say based on this description.
Have you reviewed the Authentication documentation?
Also, consider Jawbone's Android SDK.

Retrieving and displaying third party Facebook statuses in iOS app

I'm new to Facebook development and I'm running into trouble with what seems like it should be an easy task. I am building an iOS app for a client, and that client wants to display a number of their most recent status updates in the app, along with a link to their Facebook page. These statuses should be displayed to the user of the app even if they are not logged into Facebook or do not have a Facebook account saved on their device.
My research so far seems to indicate that I'll need to make a request to the Graph API using a user access token (which I can do successfully in the app using a token copied and pasted from the Graph API Explorer), but it seems that the only way to get a user access token from within the app is to log the user of the app into Facebook using their account credentials. This is not a good solution because I need to be able to display the client's statuses to the user whether they have are logged into a Facebook account or not. Is such a thing possible, and if so, how? I've been all over the docs and can't find a conclusive answer either way.
I know that we would approach it quite differently. We would have our own web service periodically pull what we needed off of google and store it on our own server, then we would use AFHTTPClient to pull this information down to our app. That way we wouldn't have to spoof anything with FaceBook or put any requirments on our users, such as logging into facebook. It would require that you have a service that your client maintains (or you could easily contract that for a cost).

Conflicting iOS Token Storage Information - Which is it?

Where and for how long are the tokens held when using the iOS Box SDK? Are they placed into a keychain or elsewhere?
I found the following line in the "OneCloud on iOS" web page under the "Web API Library" section.
"Second, the web API Library uses Keychain to store sensitive
information such as the Auth Token."
That seems to conflict with following on the "Authentication in your iOS app" web page.
"The user is now fully logged in and you can use this auth token with
every API call that requires it. You may store the authentication
token for future use, so that the user does not need to
re-authenticate with your application every time they use it. Please
use the Keychain (of the Security framework) for this."
The first page you're referring to refers to when you're using our iOS SDK.
The second page you're referring to refers to when you're building your own API integration from scratch.

Session timeout error with Twitter OAuth flow using ShareKit on iOS

I am using ShareKit to allow the user of an iPad application to Tweet a URL from within the application through their Twitter account. The following OAuth steps work fine:
ShareKit uses the Consumer Key and Consumer Secret hard-coded in the app to request the URL to load in a WebView.
The URL provided by Twitter displays correctly in the WebView.
The user is prompted to grant Read and Write permissions by logging into their Twitter account using the WebView.
The WebView shows a redirecting page briefly while it redirects to the callback URL.
At this stage in the OAuth flow things go wrong.
After the WebView displays a Twitter 'redirecting' message very briefly, a page saying 'Your session has timed out' is displayed.
I decided to create a Twitter application in my own personal Twitter account. When I change the app to use my own Consumer Key and Consumer Secret (but keeping the callback URL and permissions the same), everything works fine.
I have cross checked the Consumer Key and Secret with the values in the app and they match (for the Twitter account that failed).
I used Twurl and everything worked fine with both Twitter accounts. So I don't understand what could be wrong with only one of the Twitter accounts and only when using ShareKit.
I could do with some direction on how to track down the problem?
I can not help you directly but original share kit is obsolete in many ways. You might want to try ShareKit 2.0. At least, on ios5+ it uses Twitter.framework, so your problems might be gone.

Resources