The app should be uploading videos from iOS devices directly to our own YouTube account (not user's account).
In every scenario I came across you need an Access Token that you can get only from user logging in through OAuth2 (window popping up). Obviously, we can't give everyone username and password from company account. I was imagining using some key that uniquely identifies the app and YouTube user account to use.
Any solution / pointer? Thanks.
I ended up using deprecated Client Login. We still need to figure where to store passwords (either in the client app, or fetch them from backend every time), but that's already a huge progress.
Unfortunately, Google says Client Login will be removed in 2015. We can just hope they'll come up with non-interactive auth method requiring no user interaction by then.
Related
I'm currently trying to build an 'account switching' feature for my iOS App that uses Google Sign-In (with YouTube scopes to get YouTube channel data) & Firebase Authentication.
At the moment, if users want to switch accounts, they have to log out and log back in with another Google account, which is not great from a UX perspective.
My end goal is to allow users to log in with several channels and then choose the YouTube channel they want to see data for, from inside the app, without logging out and back in.
Is there a way to maintain several OAuth sessions alive to let user easily switch between accounts?
I have thought of storing the user's access token locally in a dictionary that would map channel ids with the relevant token but I'm not sure if that will be enough to maintain the state properly or if it will lead to a bunch of bugs.
Any ideas or suggestions are more than welcome.
Thanks.
With Firebase Authentication, there can only be one signed in user at a time. The SDK can't manage multiple signins at once. The prior user needs to be signed out at the time a new signin is processed.
I am having the strangest problem using Twitter API. I am using a Github package dg/twitter.php.
The problem: I am making an app that sends a status update to twitter and I store the status in my database, simple. But what is happening is it stopped asking me to login and always uses my twitter account, even from different computers and clearing all cache. The strange thing is that it seems like it has cached my account and there is no way to clear it. If i completely log out of twitter and go to the app, it no longer asks me to sign in, it just uses my account, so anyone who goes to the app submits tweets as ME.
I thought it had to do with my App settings so I reset everything, renewed tokens, but still the same problem. I uploaded files to another server using the same app tokens, and yet again the same problem. My twitter app only uses MY account and will not let me login because it acts like I am already logged in when I am not.
Does this make sense?
Since this app is a Facebook app, i realized I had a problem with the oauth creating a new token because FB uses an iframe which was conflicting with the authorize abilities twitter currently has.
I'm new to Facebook development and I'm running into trouble with what seems like it should be an easy task. I am building an iOS app for a client, and that client wants to display a number of their most recent status updates in the app, along with a link to their Facebook page. These statuses should be displayed to the user of the app even if they are not logged into Facebook or do not have a Facebook account saved on their device.
My research so far seems to indicate that I'll need to make a request to the Graph API using a user access token (which I can do successfully in the app using a token copied and pasted from the Graph API Explorer), but it seems that the only way to get a user access token from within the app is to log the user of the app into Facebook using their account credentials. This is not a good solution because I need to be able to display the client's statuses to the user whether they have are logged into a Facebook account or not. Is such a thing possible, and if so, how? I've been all over the docs and can't find a conclusive answer either way.
I know that we would approach it quite differently. We would have our own web service periodically pull what we needed off of google and store it on our own server, then we would use AFHTTPClient to pull this information down to our app. That way we wouldn't have to spoof anything with FaceBook or put any requirments on our users, such as logging into facebook. It would require that you have a service that your client maintains (or you could easily contract that for a cost).
I am building a backend for ios apps, that support login in different networks.
Once the user login in to the network the client tells the news to the backend, and this could offer a list of worlds that the user might play, or even delete old worlds.
One way to steal another person's world is by saying that you are his social network id.
To solve that with facebook, we force the client to send us the fb_token, a token provided from facebook to the client, that we use in the backend to ask facebook if that specific user is the one that he told us to be.
If apple doesn't provide a way to validate this I understand that if an iOS app wants to use game center, it is directly forcing the app developer to also use iCloud because apple can validate the user credentials.
Did apple provide any way to validate user credentials?
The client on iOS can retrieve info about the currently logged in player in GameCenter, which has nothing to do with iCloud.
If you want to use iCloud to authenticate, you might have a different player than the one you wanted.
I think the solution is for the client to retrieve the player info in GameCenter, and send it to your server in an encrypted fashion (say HTTPS), including a timestamp and possibly other dynamic information. This way you'll know that the user info is being sent from the client app itself and there is no man-in-the-middle. That's really the issue that you are struggling with: how to ensure that client-server communication is secure.
Say that you have an iOS app, and a user that has one or more Twitter accounts set up on their device. Is it possible to load part of Twitter's mobile site into a UIWebView within the app with the user automatically signed in as one of those accounts?
Obviously, accessing the accounts would require the user's permission, which is fine. And probably after the first time, the site would remember the user anyway. But it would be nice to not force the user to enter their credentials again.
I know that I can use Reverse Auth to get OAuth tokens for an iOS Twitter account, but I haven't found anything concrete to allow me to exchange those tokens for authentication on twitter.com.
Well, according to Twitter's Taylor Singletary, it's not possible. Boo.