I'm developing a new member sign up page with Google App Engine, I want to create a new contact each time a new user fills out his info and clicks a submit button, I looked into Google contacts api, but it doesn't seem to work for me, I've included all the jar files, but it still complained that something is missing, see my previous questions for details at :
How can google app engine create new contacts?
and
Google App add contact error?
So I wonder if there is a simpler way to add new contacts through a URL request, something like this :
https://google.contacts.com/new_contact?App_Name=myapp&Id=myId&password=mypwd&name=newUserName&email=newuser#email.com...
Does something like that exist ? If it does, it will avoid a lot of coding and confusion. Just add a new contact each time a request is made and authenticated.
It's not quite that simple, but it's possible.
See http://code.google.com/apis/contacts/docs/3.0/developers_guide_protocol.html#Creating
Basically, your app would need to authenticate against your account using OAuth, the form the body of the create request, and then POST it to https://www.google.com/m8/feeds/contacts/default/full to add the contact.
The docs are quite thorough - I recommend a complete readthrough.
Related
I'm using omniauth to authenticate a user via Google. When the user logs in via Google, I check if an account already exists with the same email (if it does, I reject sign in).
When I create the new User model, I give it the name, email, and the URL of the user's 'image'. I am not sure how to dynamically update the information in my database when the user changes their settings on Google, including the image_url when they change their profile image.
A good example of this scenario is this Stack Overflow; I signed up to SO with Google. Having changed my profile image (recently), I was surprised to find that my old Google image remains attached to my SO profile. Maybe it takes time for Google to change the old URL to represent the new image. I have noticed that some parts of Google use my new image, and other parts continue to use my old. Of course, this question doesn't have much to do with Google's profile image mechanism, I just think this is a perfect example.
My questions are:
Should I want to do this, or should I instead provide the user the ability to change their details through my site, completely ignoring what happens to their Google profile?
If I should do this, what is the best way? Checking on every login isn't ideal as the user might not log out for days or even weeks.
Should I be storing the Google auth token? Currently, I'm not as I don't need to make any Google API calls -- I only use OAuth for the 'uid' to ensure it's the same account logging in (the email isn't used at all).
I don't think the answer will be "don't store user info, query Google instead", so I'm not really sure what best practice is in this scenario. A brief walkthrough on proper procedure would be very helpful.
Normally, oauth applications will use the endpoint /me.json as part of the login process: After the user is signed in, the app uses that fresh token to query their profile info right away and update data. In your case, I understand you ignore when email already exists. You should probably add a new step there, to update your local record if it already exists instead of purely ignoring it.
In other words, your app wont be automatically notified if users change their profile pictures. But you can always use their log in action to fetch the latest image (or use their token in a background job that runs every n periods of time using something like cron + whenever, assuming the oauth scope authorizes offline access)
I found that vine://user/907031926412546048 is working.
is there any way to open by username? vine://user/canaksoy
or any api call to find username by userid?
I would shy away from hard coding this. Usernames can change instantly and by hard coding it in, you literally would have to push an app update just to correlate to that new username. I think by using a user ID number its guaranteed and leaves no room for error. But if you really don't want to do that here is an alternative:
This is untested on my behalf, but I do know they have custom urls, you might be able to play with this:
https://support.twitter.com/articles/20170806-vine-profile-urls
A profile URL is a unique Vine profile address accessible from the web. Once you select an available URL you will be able to access your profile by visiting vine.co/[yourURL]. Selecting a custom URL allows you to share your profile easily and makes it easier for others to find and watch the videos you’ve created.
EDIT based on the discussion below :
This is why it's important to use unique ID :
A quick search for everyone with the username of Drew Carey:
This is why they don't have usernames in my opinion. Because they aren't unique. Even vine utilizes the unique ID when you invite someone to see your vine or profile via text or email. Additionally, when you sign up through twitter it shows your real name. There is too much room for error. I would simply ask the users to enter their custom url if they have one or unique ID until this feature is available publicly.
There are two Parse methods for reauthorizing a Facebook User (to gain additional permissions) in Parse (for iOS):
reauthorizeUser:withPublishPermissions:audience:block:
reauthorizeUser:withPublishPermissions:audience:target:selector:
Unfortunately, both of these methods are for publishPermissions. I am confused, because it seems that there is no way to add additional read permissions (i.e. Extended Profile Permissions) after the initial login.
Facebook advises that, when doing a general login (i.e. on app opening), you only ask for basic permissions, and then ask for extended permissions as needed, so as not to scare off the user.
So with Parse and Facebook for iOS, does this now mean that we need to ask for every single read permission that we may possibly need at initial login?
Overall it seems that the Parse documentation and framework seems to be lacking a lot of the Facebook instructions for login in various scenarios. We are directed to view the Facebook SDK, but everything there seems to apply to FBSession, and it is not clear which methods are replaced by Parse and which are needed in addition to Parse.
I, for example, have an app where the user can login to Parse via FB on app launch, but does not have to. If they do login, they are asked for only the basic permissions, as advised by FB. Then, should the user try to perform certain actions, they are asked for the permissions for that particular action. I have additional read permissions that need to be granted for the extended profile, as well as publish_actions.
Can anyone give me some direction in this case, or point me too a really thorough, up-to-date, example? The Parse FB Scrumptious example code looked promising to me at first, but it is severely outdated.
Thanks!
Apparently there are more than one way to do it. The easiest one I found using Parse for Android was like this:
Collection<String> publishPermissions = Arrays.asList("publish_actions");
ParseFacebookUtils.linkWithPublishPermissionsInBackground(user, myActivityOrFragment, publishPermissions, new SaveCallback() {...});
Which means that after logging in, you should call linkWithPublishPermissionsInBackground with your user reference and the new permission list. It will open a new Facebook window asking for that permission and link the result to your user.
This code I tested and it works. But seems that Parse is not that smart, some things it does automatically and some it does not. So after that you need to call something like:
ParseFacebookUtilities.linkInBackground(ParseUser, AccessToken)
To actually save it to the user on the server, otherwise, it would work only while the App is running.
I'm building a music website on Symfony 1.4 and Doctrine 1.2. I'm trying to integrate facebook plugins (like, send, post a message buttons) on my pages. For example, I want users to be able to like a song on a song page in my song module. But the problem is, I've used sfDoctrineGuard to secure all modules on my app except for the landing page. So if a user logs in and uses the facebook like button to like a song on the song page, because that song module is secured by sfGuardAuth, facebook API can't talk to it and gets forwarded to the landing page. This means that all likes on my app get posted on facebook activity feed as if the user liked my landing page.
Is there a way to build an exception into sfGuard so that any traffic coming from facebook domain can access that page? Is there a workaround to this? I want to be able to show all the facebook meta data from my secured pages, for whichever song is liked, on a facebook wall. If I disable all sfGuard security, it works fine.
Any help would be great as I'm stumped and haven't found any one else with this problem.
Well, it could be a huge security hole if you want to allow request from Facebook to be able to by pass your sfGuard security. If someone click that link on Facebook, it will also have access to your website without having to be logged in.
You might find a work around by tweaking the Facebook bot who scrape your page. The user agent of the scraper is: "facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)". So it could be easy to allow access to its request by looking at the user agent. BUT, any one can spoof a user agent easily today.
Maybe you have to find an other way. I though about a kind of light page wich can be accessible for every one and where you display the minimum information (like only the artist and the song name without being able to play it. But just to be sure that, if someone not logged in try to see the page, it won't be redirect to the login page but to this light page. You get the point?
Then, you can put a huge button to allow new people to register to see the full page.
Anyway, in any case you will find, you should implement it using filter (in filters.yml). Filters are executed before any action. So it's the perfect place for this kind of check.
You will find info about filters:
on the official website (they are 2 links)
here an implementation of a ssl requirement (sorry a googlecache page)
here a basic implementation
edit:
I will go on sth like that. First, create a user called "facebook bot", and put its id in the /apps/frontend/config/app.yml:
all:
facebook_bot_id: 56 // sf_guard_user_id
Then create a simple filter lib/filter/facebookBotFilter.php
<?php
class facebookBotFilter extends sfFilter
{
public function execute ($filterChain)
{
$context = $this->getContext();
$controller = $context->getController();
$request = $context->getRequest();
$user = $context->getUser();
// get the user agent
$pathArray = $request->getPathInfoArray();
$useragent = isset($pathArray['HTTP_USER_AGENT']) ? $pathArray['HTTP_USER_AGENT'] : '';
if (preg_math('/facebookexternalhit', $useragent))
{
$member = Doctrine_Core::getTable('sfGuardUser')->find(sfConfig::get('app_facebook_bot_id'));
// logged in the facebook bot
$user->signIn($member);
}
// execute next filter
$filterChain->execute();
}
}
Don't forget to enabled the filter in apps/frontend/config/filters.yml:
rendering: ~
facebookBotFilter:
class: facebookBotFilter
security: ~
I have a signup form, and I wanted to make it so that they have the option of recommending this signup to all their friends in facebook.
Is there a rails API/gem for doing this?
Is there an appropriate name for this?
Thanks!
Looking at the Extended permissions documentation, you don't get access to the email addresses of a Facebook user's friends (search for email and note the second column reads not available). If that's what you're trying to achieve, it's almost certainly not possible, without the user contacting each friend and asking them to visit your app (which I would imagine would have quite a low take-up, if only through inertia).
I guess you have two options:
popup a javascript before submitting the form to prompt the user wether he wants to share it with friends. You will use the js api http://github.com/facebook/connect-js (see the dialog section). This solution would avoid doing server side connection to the facebook api
Have a look a the Facebooker gem to do a stream_publish