To the Box SDK team:
I'm using the iOS version of the BoxSDK. When I present the BoxAuthorizationViewController login controller, there is a checkbox labeled "Remember login".
It doesn't seem to do anything. I get the same results whether I leave it checked or not. And the iOS API to the Box SDK doesn't provide any access to whether it is checked or not.
In my iOS app I'd like to know whether the user checked this or not. If they have it checked then I want to store the refresh token in the keychain so the user doesn't need to login again. But if the user unchecks this on the login screen, I need to know this so I don't store the token in the keychain and my app can ensure the user is shown the login screen again on the next access.
What is this "Remember login" checkbox supposed to do in the context of an iOS app?
Can the API be updated so when the BoxOAuth2SessionDidBecomeAuthenticatedNotification notification is sent, the state of the checkbox is part of the notification?
Thanks.
New OAuth2 screens just went live that should fix this problem:
https://app.box.com/api/oauth2/authorize?response_type=code&client_id=&redirect_uri=https://your-token-generator.com
Related
I'm creating a book library app, where people buy an account and become able to read all the books...
In the past, we were able to get the UDID of the iOS device and the login only works from this specific UDID.. now apple prevents this, another solutions were there like OPEN-UDID but now doesn't work...
Are there any other means to prevent the user from giving the credentials to another people??
The only solution on top of my head now is this :-
When a user login, a flag on the server becomes true, and when another account try to login using the same credentials, it will show an error message "you are already logged in on another device".. when the original user logs out, the flag becomes false.. this will prevent the account from being used on multiple devices at the same time.. but the drawback is, what if the user unInstalls the app without logging out?
Is there a research on this topic that covers all these scenarios?
Is there a way to use apple keychain or iCloud or any other solution ?
What you can do is on new login invalidate api request(and send them to login screen) of previous login you can use device token with each api to check if you want to send data to device or it's a old login token and needs redirect to login. you have to just store a device token for each account login if it matches then send data else redirect to login
Edit 1:
if you uninstall the app then you have to login again from other device to access the books(data) and in each login you'll replace the old token with new one. Now only device which has this new token can access books. All other device if there are any login left in any device then they will get message from API that token not matched and you have to redirect them to login page again
I am developing iOS App which use Facebook iOS SDK 4.
When user has already done Facebook login, by doing Facebook login the dialog which shows "user has already approved your app" had be displayed.
So, do not show the dialog. I want to know whether the user has already done Facebook login.
Anyone know the good way? I think accessToken is returned if user once had done Facebook login.
FBSDKAccessToken manage current logged user's accessToken.
According to official Facebook Login guide
"FBSDKAccessToken Represents the access token provided by a successful login. Most important, it provides a global +currentAccessToken to represent the currently logged in user."
The currentAccessToken is a convenient representation of the token of the current user and is used by other SDK components (like FBSDKLoginManager).
According to above you can check either user has valid accessToken or not and based on this you can track call login method otherwise just skip to next flow.
In Facebook the access tokens are per user so you can pass them around apps and they will work. In your case if you can ship an access token from another app you will be able to skip the next logging in and use the API normally.
However I think this this thread will help you.
Things are a little bit different with iOS cause I have done a facebook login on Android and got no such issues.
Google's login integration guide for iOS does not actually describe the possibility of programmatically switching accounts.
My requirement is to allow the user to switch their Google account, but if they choose to cancel the switch then they should stay logged in with their current credentials. Youtube already do this but I can see they're using a custom built screen instead of the default account selection screen.
What I've done so far is to call this when user taps account image
GIDSignIn.sharedInstance().signOut()
GIDSignIn.sharedInstance().signIn()
which prompts the account selection screen each time, with the disadvantage that, of course, if the user cancels, they will be signed out of the app. There must be a way to preserve the authorisation token in the Keychain, but I don't know they key for it in order to trigger the save before displaying the screen. Is there an easier way to go about this?
I am using Cordova 3.4.0 along with the official facebook connect plugin link
The issue is that every time user opens the application. He/She has to press login and then it shows the "App already authorized screen" before the user is able to perform any action. How to prevent this addition of an action in the user flow?
I read that it is basically because the access token isn't stored by the plugin. As a result this action needs to be taken again and again. So I have now stored access token using localstorage but unfortunately don't know how to go about using it.
FB.api('/me/friends?access_token="+access_token+"', { fields: 'id, name, picture' },
Using it in the manner above results in an error saying invalid oAuth access token. Even though I placed an alert before this line to ensure that access_token had a valid value. Any help in this regard would be highly appreciate.
Just to rephrase I don't want the user to be asked to press login button every time they open the application.
I have FB connect implemented in my app. After battling with the FB app installed on a user's phone, I finally had success forcing the standard FB dialog and bypassing the FB app
(see iOS: Connect to Facebook without leaving the app for authorization)
My new problem is that I cannot seem to switch FB users within the app. When I click the "Login with Facebook" button from within my app, it quickly brings up the FB dialog, dissappears, and always logs me back in with the previous user (meaning I have no way to switch FB users).
I've check both Safari and the FB app, and neither are logged in. Do I have to tell FB to log out the previous user before a new user/pass is prompted?
Thanks
Your implementation probably saves user's access token in NSUserDefaults. If it is so - you just need to delete it from NSUserDefaults any time there is a logout or you're switching users.
Also if needed you are able to deauthorize the user by making a DELETE graph API call to uid/permissions.
hope this helps