I'm trying to create Parse apps on the fly and use the keys while building my Android application. The API works great except for one point, it does not return the Client Key.
{
"appName": "my new app",
"dashboardURL": "https://www.parse.com/apps/my-new-app--30",
"applicationId": "oQqMyipkIgxYFXRROYTZsREfTcXp770awB1yMVrs",
"javascriptKey": "XAPZ7DoZHQIhMC8vPqN1m79wRIQyIXv7tmVIHmRs",
"windowsKey": "ZsyfFr0WtaQx6tsCokNSmTvjd05QCbCbMLzpChvP",
"webhookKey": "LyXnWJ3tRH56gK19KC1fjTvoUbdSUZoXhyO6khoT",
"restKey": "dzpdzYNkts2xZxPDVe7qC298Z20oIXhLJAPuY2Dw",
"masterKey": "0M2uUDZdKa1KYC1VBrmDaGK3chBaUMw0c2M4XXw1",
"clientPushEnabled": true,
"clientClassCreationEnabled": true,
"requireRevocableSessions": true,
"revokeSessionOnPasswordChange": true
}
And I need the client key as mentioned in the Android API:
Parse.initialize(this, "YOUR_APP_ID", "YOUR_CLIENT_KEY");
I have tried toggling the flags in vain.
What should I do inorder to access the Client Key?
Edit:
I'm talking about the Client Key which appears here: http://postimg.org/image/f76lj6xcr/
This was a minor bug in the Parse REST API. They fixed it within 48 hours after reporting.
Related
I am using firebase dynamic links where i used their REST api to create dynamic link. I am able to create the short link by using REST api and created link is working fine on android and ios app as well as on mobile browser. But i used same link on desktop browser it is not redirecting to play store page. Firebase provided "ofl" as a parameter to provide my intended functionality but there is no documentation to how i can pass that parameter in request body. Can anyone help me out ?
{
"dynamicLinkInfo": {
"domainUriPrefix": "my_custome_domain_name",
"link": "my_dynamic_link",
"androidInfo": {
"androidPackageName": "my_package_name",
"androidFallbackLink": "https://play.google.com/store/apps/details?id=my_package_name",
"androidMinPackageVersionCode": "2"
}
"navigationInfo": {
"enableForcedRedirect": true,
}
},
"suffix": {
"option":"UNGUESSABLE"
}
}
As far as I know, ofl is used to specify a different behavior on desktop, Like to display your webpage which gives brief info about your app or to display a link which can redirect to play store.... In your case you directly want to redirect to play store, so for that you can use desktopFallbackLink and provide your play store link of app
eg:
{
"dynamicLinkInfo":{
"domainUriPrefix":"my_custome_domain_name",
"link":"my_dynamic_link",
"androidInfo":{
"androidPackageName":"my_package_name",
"androidFallbackLink":"https://play.google.com/store/apps/details?id=my_package_name",
"androidMinPackageVersionCode":"2"
},
"navigationInfo":{
"enableForcedRedirect":true,
}
},
"suffix":{
"option":"UNGUESSABLE"
},
"desktopInfo":{
"desktopFallbackLink":"https://www.other-example.com/"
}
}
I have an Android application in which I'm using Azure AD B2C to authenticate users. Users login and logout of the application as needed. I would like to give the user the option to delete their own account.
I understand that I need to use the Azure AD Graph API to delete the user. This is what I have so far:
According to this link, it looks like deleting a user from a personal account (which is what the B2C users are using) is not possible. Is that correct?
Here's my code snippet for the Graph API call. Feel free to ignore it if I'm off track and there is a better way to solve this.
I believe I need a separate access token than what my app currently has (as the graph API requires other API consent). So, I'm getting the access token as follows:
AcquireTokenParameters parameters = new AcquireTokenParameters.Builder()
.startAuthorizationFromActivity(getActivity())
.fromAuthority(B2CConfiguration.getAuthorityFromPolicyName(B2CConfiguration.Policies.get("SignUpSignIn")))
.withScopes(B2CConfiguration.getGraphAPIScopes())
.withPrompt(Prompt.CONSENT)
.withCallback(getGraphAPIAuthCallback())
.build();
taxApp.acquireToken(parameters);
In the getGraphAPIAuthCallback() method, I'm calling the Graph API using a separate thread (in the background):
boolean resp = new DeleteUser().execute(authenticationResult.getAccessToken()).get();
Finally, in my DeleterUser() AsyncTask, I'm doing the following:
#Override
protected Boolean doInBackground(String... aToken) {
final String asToken = aToken[0];
//this method will be running on background thread so don't update UI from here
//do your long running http tasks here,you dont want to pass argument and u can access the parent class' variable url over here
IAuthenticationProvider mAuthenticationProvider = new IAuthenticationProvider() {
#Override
public void authenticateRequest(final IHttpRequest request) {
request.addHeader("Authorization",
"Bearer " + asToken);
}
};
final IClientConfig mClientConfig = DefaultClientConfig
.createWithAuthenticationProvider(mAuthenticationProvider);
final IGraphServiceClient graphClient = new GraphServiceClient.Builder()
.fromConfig(mClientConfig)
.buildClient();
try {
graphClient.getMe().buildRequest().delete();
} catch (Exception e) {
Log.d(AccountSettingFragment.class.toString(), "Error deleting user. Error Details: " + e.getStackTrace());
}
return true;
}
Currently, my app fails when trying to get an access token with a null pointer exception:
com.microsoft.identity.client.exception.MsalClientException: Attempt to invoke virtual method 'long java.lang.Long.longValue()' on a null object reference
Any idea what I need to do to provide the user the option to users to delete their own account? Thank you!
Thanks for the help, #allen-wu. Due to his help, this azure feedback request and this azure doc, I was able to figure out how to get and delete users silently (without needing intervention).
As #allen-wu stated, you cannot have a user delete itself. So, I decided to have the mobile app call my server-side NodeJS API when the user clicks the 'Delete Account' button (as I do not want to store the client secret in the android app) and have the NodeJS API call the Azure AD endpoint to delete the user silently. The one caveat is that admin consent is needed the first time you try to auth. Also, I have only tested this for Graph API. I'm not a 100% sure if it works for other APIs as well.
Here are the steps:
Create your application in your AAD B2C tenant. Create a client secret and give it the following API permissions: Directory.ReadWrite.All ;
AuditLog.Read.All (I'm not a 100% sure if we need the AuditLog permission. I haven't tested without it yet).
In a browser, paste the following link:
GET https://login.microsoftonline.com/{tenant}/adminconsent?
client_id=6731de76-14a6-49ae-97bc-6eba6914391e
&state=12345
&redirect_uri=http://localhost/myapp/permissions
Login using an existing admin account and provide the consent to the app.
Once you've given admin consent, you do not have to repeat steps 1-3 again. Next, make the following call to get an access token:
POST https://login.microsoftonline.com/{B2c_tenant_name}.onmicrosoft.com/oauth2/v2.0/token
In the body, include your client_id, client_secret, grant_type (the value for which should be client_credentials) and scope (value should be 'https://graph.microsoft.com/.default')
Finally, you can call the Graph API to manage your users, including deleting them:
DELETE https://graph.microsoft.com/v1.0/users/{upn}
Don't forget to include the access token in the header. I noticed that in Postman, the graph api had a bug and returned an error if I include the word 'Bearer' at the start of the Authorization header. Try without it and it works. I haven't tried it in my NodeJS API yet, so, can't comment on it so far.
#allen-wu also suggested using the ROPC flow, which I have not tried yet, so, cannot compare the two approaches.
I hope this helps!
There is a line of code: graphClient.getUsers("").buildRequest().delete();
It seems that you didn't put the user object id in it.
However, we can ignore this problem because Microsoft Graph doesn't allow a user to delete itself.
Here is the error when I try to do it.
{
"error": {
"code": "Request_BadRequest",
"message": "The principal performing this request cannot delete itself.",
"innerError": {
"request-id": "8f44118f-0e49-431f-a0a0-80bdd954a7f0",
"date": "2020-06-04T06:41:14"
}
}
}
I'm using the wikimapia api for developing an Android application. I've used my first key for about two months but not, for any request I make I get:
{
"debug": {
"code": 1004,
"message": "Key limit has been reached"
}
}
I've created a new key, but now, for any request I make I get the same response: []
Does anybody know what the problem is?
It looks like something wrong on Wikimapi side. It returns me [] too.
There are few post about this issue on wikimapia forum
http://wikimapia.org/forum/viewtopic.php?f=4&t=14933&p=288045&hilit=empty#p288045
I would like use native google plus sign feature for connect my phonegap/cordova application (android et IOS).
Usually in Phonegap we use InAppBrowser for include web popup. It's done but suppose the user log with email and password with web UI. So in Android, we used google play for that and the same for IOS.
In january, it's now possible to use Chrome Apps inside Cordova.
http://blog.chromium.org/2014/01/run-chrome-apps-on-mobile-using-apache.html
Many cordova plugins are available and particulary chrome.identity : https://github.com/MobileChromeApps/mobile-chrome-apps/tree/master/chrome-cordova/plugins/chrome.identity
How to use this plugin outside the ChromeApps for native google signIn ?
I'm installed the plugins but none samples to access chrome object and Api.
Thanks for your help
This is an old-ish question but I thought I should post my solution since I hit this tonight... below is how I used the plugin to authenticate and call a service API. Apologies if it's not that efficient, it's been a long night :P (this is built for now on the Cordova starter template)
var app = {
onDeviceReady: function() {
/*********************
* I attached an EventListener to a link so I kept this binding
* Helps when testing to have a link handy to revoke the token
**********************/
app.receivedEvent('deviceready');
/****************************************************************************
* The documentation is a little odd here, but since this isn't
* a Chrome app, we need to set the Manifest JSON manually.
*
* The scopes are to only modify and read a calendar, not sure I need both
* but what the hell...
****************************************************************************/
chrome.runtime.setManifest({
oauth2: {
// ClientID obtained from the Developers Console
client_id: clientID,
scopes: [ 'https://www.googleapis.com/auth/calendar', 'https://www.googleapis.com/auth/calendar.readonly' ]
}
},function(){
// callback for setMainfest, empty..
});
/***********************************************************************
* Because I don't have Google Play Services setup yet I have to use
* the 'interactive' mode which will prompt the user to select the account,
* then show a permission screen.
*
* I have multiple (Google) accounts on my phone so I set the 'accountHint'
* to try to force authenticating my primary account and avoid having to deal
* with a popup.
******************************************************************************/
// Just checking if I already have grabbed it, if so, no need to do it again
if(!bToken){
chrome.identity.getAuthToken(
{
'interactive': true,
'accountHint': ACCOUNT_EMAIL,
},
function(token, acct) {
// set a global variable or debug...
});
}
},
}
var calendar = {
list: function(token) {
// Simple AJAX call, passing the token through and dealing with the results...
// This function just pulls calendar info...
$.ajax({
type: "GET",
url: listURL,
data: encodeURI("access_token="+token),
cache: false,
success:function(result) {
// do something....
}
})
}
}
Hope this helps!
I'm developing a Sinatra app for which I'd like to use OmniAuth. So far, I have something similar to this for the web app:
http://codebiff.com/omniauth-with-sinatra
I'd like the web app to be usable via Android phones which would use an API, authenticating by means of a token. The development of an API seems to be covered nicely here:
Sinatra - API - Authentication
What is not clear is now I might arrange the login procedure. Presumably it would be along these lines:
User selects what service to use, e.g. Twitter, FaceBook &c., by means of an in-app button on the Android device.
The Android app opens a webview to log in to the web app.
A token is somehow created, stored in the web app's database, and returned to the Android app so that it can be stored and used for subsequent API requests.
I'm not very clear on how point 3 might be managed - does anyone have any suggestions?
As no-one seems to have any suggestions, here's what I've come up with so far. I don't think it's very good, though.
I've added an API key to the user model, which is created when the user is first authenticated:
class User
include DataMapper::Resource
property :id, Serial, :key => true
property :uid, String
property :name, String
property :nickname, String
property :created_at, DateTime
property :api_key, String, :key => true
end
....
get '/auth/:name/callback' do
auth = request.env["omniauth.auth"]
user = User.first_or_create({ :uid => auth["uid"]},
{ :uid => auth["uid"],
:nickname => auth["info"]["nickname"],
:name => auth["info"]["name"],
:api_key => SecureRandom.hex(20),
:created_at => Time.now })
session[:user_id] = user.id
session[:api_key] = user.api_key
flash[:info] = "Welcome, #{user.name}"
redirect "/success/#{user.id}/#{user.api_key}"
end
If the authorisation works then the api_key is supplied to the Android app, which will presumably store it on the device somewhere:
get '/success/:id/:api_key', :check => :valid_key? do
user = User.get(params[:id],params[:api_key])
if user.api_key == params[:api_key]
{'api_key' => user.api_key}.to_json
else
error 401
end
end
All API calls are protected as in the link in my original post:
register do
def check (name)
condition do
error 401 unless send(name) == true
end
end
end
helpers do
def valid_key?
user = User.first(:api_key => params[:api_key])
if !user.nil?
return true
end
return false
end
end
For public use I'll only allow SSL connections to the server. Any suggestions for improvement would be welcome.