My Geo based Android app uses Fusion Tables accessed via oAuth to store route information for users.
For the last couple of years I sporadically get notifications from users in Asia Pacific telling them that their authentication has failed. This means that the key that is registered on the API dashboard for com.spiralsoftware.bestroutepro is not being recognized.
This does not happen for all users in that region and has not happened anywhere else in the world. I suspect that there must be a bad server somewhere that my users connect to sometimes.
Once the authentication has failed it doesn't seem to come back: they appear to be locked out of being able to load their saved routes forever.
Normally the users experiencing the problem are in Australia or New Zealand but this evening I received an email from a user in the Philippines.
I can't create another API key without deleting the existing one which means all other users will be unable to access their Fusion Tables until they upgrade the app.
The folks who are affected have paid money for the app and I don't know what to tell them.
Is there anything I can do to get these users authenticated?
Related
At work we have developed an individual customer specific software application that is in use for a long time. We have a new requirement in this same program to implement an option for sending emails directly from the program.
The user is able to add his own email account with the credentials and login through our program. For Microsoft and Gmail accounts OAUTH is implemented and something here is not very clear.
For Gmail-API we have made an OAUTH Client and Consent screen on Google Cloud Console which we need to publish and verify and here is where the problems start. I am not very clear with the whole process of verifying the app.
In the steps for verifying is stated that we should verify a domain for the app, but this software is not hosted anywhere on internet and is not publicly available, it is available to a number of specific users (2000-3000).
Also Google requires a YouTube video of the software to be available publicly, which we are not able to upload because of customer requirements. Also here is required a Data Protection Policy page for the application which we as a developers don't have because we are only developing the software.
Other thing that is not clear to me, how is this type of software rated by Google, internal or public?
Have anyone experience with this or something similar?
Verifying an app for one of the Gmail scopes is a very complicated process. This process depends upon which scope of authorization you are requesting of the users.
In your case you are trying to send an email so you are using the users.messages.send method from the Gmail api. This uses a restricted scope. Which means you will need to go though the full process.
First of it doesn't matter if your application is hosted or not. It also doesn't matter that you give this app to a limited number of users. What matters is the scopes you are using.
You will need to ensure that your domain has been registered via google search console. So this app will need a domain
Once that is done you will be able to host your website, and the privacy policy on that domain.
You will need to create a YouTube video showing your application running, and how authorization is used.
You will also need to submit to a third party security checkup of your application which is not free and will need to be done once a year.
All of this is needed because of your consent screen it doesn't matter if its hosted any where, It also doesn't matter if this is only available to specific number of users.
If all of the users are part of a single google workspace account, that has created your client id and client secrete then you can set the app to internal and you wont need to be verified. This only works for google workspace domain accounts.
Recently I am working with MS Graph with Office 365 to create some application. I am using https://login.microsoftonline.com/common/v2.0 as authentication point. Until few days back it was worked fine as when I run the application it is asking for authentication when I provide the user name password details then it is going to my website. I don't know what happened, from last one week it is keep on asking password for multiple time. When I click on back button then it is going back to my site with authenticated screen.
I have registered my app in https://apps.dev.microsoft.com already with proper permissions.
I have a rails web based app which has users which will be vendors in QuickBooks Online. Users will signup in my rails application with email address and these users will be verified by Admin at EOD manually. I want to write a service/job in rails which will connect to QuickBooks online and create the verified users as vendors in QuickBooks.
My problem is QuickBooks rest API uses OAuth which requires user to enter quickbooks user and password on UI to get the token but my service will be offline, so how can I achieve this?
My problem is QuickBooks rest API uses OAuth which requires user to enter quickbooks user and password on UI
... exactly ONCE, and then NEVER AGAIN.
Repeat - You only have to log in ONCE, and ONLY ONCE, and then NEVER AGAIN.
Log in once, the very first time you deploy your Rails app, and then never log in again.
There should be no issue here. The docs cover this as well:
https://developer.intuit.com/docs/0100_quickbooks_online/0100_essentials/000500_authentication_and_authorization/0005_your_app_user_experience
https://developer.intuit.com/docs/0100_quickbooks_online/0100_essentials/000500_authentication_and_authorization/connect_from_within_your_app
https://oauth.net/core/1.0/#auth_step3
I'm new to Facebook development and I'm running into trouble with what seems like it should be an easy task. I am building an iOS app for a client, and that client wants to display a number of their most recent status updates in the app, along with a link to their Facebook page. These statuses should be displayed to the user of the app even if they are not logged into Facebook or do not have a Facebook account saved on their device.
My research so far seems to indicate that I'll need to make a request to the Graph API using a user access token (which I can do successfully in the app using a token copied and pasted from the Graph API Explorer), but it seems that the only way to get a user access token from within the app is to log the user of the app into Facebook using their account credentials. This is not a good solution because I need to be able to display the client's statuses to the user whether they have are logged into a Facebook account or not. Is such a thing possible, and if so, how? I've been all over the docs and can't find a conclusive answer either way.
I know that we would approach it quite differently. We would have our own web service periodically pull what we needed off of google and store it on our own server, then we would use AFHTTPClient to pull this information down to our app. That way we wouldn't have to spoof anything with FaceBook or put any requirments on our users, such as logging into facebook. It would require that you have a service that your client maintains (or you could easily contract that for a cost).
I'm working on a school project. We are going to make a bug/rodent themed tower defense game. The game will primarily be an Android app. There will also be (at least we want there to be) a Ruby on Rails website/application tied together with it.
One of the requirements for the project is to implement three levels of user that will interact with the project. We decided that the three types of users will be administrators, guest players, and players with accounts. Players with accounts will be able to accumulate perks. Guest players will be able to play, but won't have any capacity to earn perks over time. The administrators will be able to manage the users with accounts (delete, edit, et cetera) via a web browser and the Rails application.
I want the users with accounts to be able to login to the Rails application via the Android app. There will be parts of the game that only users with accounts will be able to access. How can we create a login/logout scheme for the Android app? I'm thinking it will be something like the user enters their username/password, taps login, and then the Android app will send a request to the Rails side. Once the user is logged in via the Android app, they can access certain parts of the Android app that guest users cannot.
How would I go about this? I'm not sure where to start.
Would the Android app, using Java, send http requests to the Rails application (sending the username and password)? Then would the Rails application send back some sort of success? How would the Android app hold onto this successful login like a session in a web browser? Also, the Android app will need to update user attributes in the Rails database (something like accumulated perks).
Is this possible?
I've seen miscellaneous information about how to do this scattered online in blogs, on stackoverflow, and on discussion boards. But, I haven't found a coherent solution for my group's needs.
Thanks.
You can use your rails apps as an oauth provider (https://github.com/pelle/oauth-plugin) and use an oauth client library on the mobile application