I have two questions on the Glympse API:
I am sharing my location by (initially creating a ticket,) uploading location data (/v2/tickets/ticketID/append_location) and appending data (/v2/tickets/ticketID/append_data). If there is already a ticket existing, I am just uploading more recent data (append_location + append_data) and update the ticket (/v2/tickets/ticketID/update?duration=ticketDuration). Now, once the ticket has expired how can I make it active again? Currently I am creating a new ticket which makes the "same user" (but with different ticket) appear again in the Glympse mobile app.
In a group, I can see expired users for a very long time. Once they do not share their location anymore, it takes one or two days until they are removed from the group. How can I remove them instantly once their ticket has become expired?
Thank you
Once a ticket is expired it cannot be reactivated. Small snippet from the Glympse programming guide: https://developer.glympse.com/docs/core/client-sdk/guides/common/programming-guide
Tickets can only transition into GC::TICKET_EXPIRED state once. A ticket is considered immutable after it transitions into the expired state. It leaves the expired state only if being deleted explicitly. This is the only operation that is allowed for expired tickets.
A group member can remove themselves immediately from a group by sending a POST groups/[group_id]/leave
Otherwise, as you noticed the member's ticket information will remain in the group for 48 hours following their ticket's expiration. Group members cannot remove another member from a group.
For others who are interested: The answer to my question is very simple. If a ticket for a user has expired, this very user needs to delete his ticket "/v2/tickets/ticketID/delete?oauth_token=oauth". With the deletion of the ticket, the expired position will vanish immediately.
Related
I'm currently playing some stuffs with Near (testnet) following an example on github/Learn-NEAR/starter--near-sdk-as.
I accidentally deleted my account - quantransedev. After that I re-created with the same account name with new passphrase of course. I noticed the newly created account had everything the old one had. It seemed like a restore account.
Is this an expected behavior? it doesn't make sense to me at all in terms of security. Please advise.
https://explorer.testnet.near.org/accounts/quantransedev.testnet
https://explorer.testnet.near.org/transactions/3GTFEzvTfDiAxm8fdpZeWP7NjRFTjFJaDYQNX6ANAUns
This is expected behavior - when you delete an account it does not delete all the things this account owns or controls. That needs to be done manually before account is deleted.
Account deletion just deletes the information about this specific account state on-chain.
When you recreate the account - it will actually be back to controlling whatever was linking to it by account id.
Generally, if you delete account - that name and things it owns are up for grubs for anyone else, so account deletion should be done very careful.
Filed two issues to improve experience here:
https://github.com/near/nearcore/issues/5816
https://github.com/near/near-cli/issues/900
The account had been deleted and the remaining funds were burnt since the beneficiary account did not exist (the account got removed before the transfer was initiated). You can also confirm that the account had actually been removed by reviewing the next transactions (deletion of other accounts with beneficiary account id set to quantransedev.testnet) did not succeed to transfer the remaining tokens from the removed accounts (the tokens got burnt).
You had had to re-create the account explicitly from scratch: https://explorer.testnet.near.org/transactions/CroKF7ipwM3fDgH5ogVrnWS6JSmnhvjkaJNDqiWzjsm2 to gain control over the account id. Before that moment, the account did not exist on the chain. Explorer, however, keeps track of all the ever-existing accounts on the network, which might have confused you.
My Heroku account was flagged automatically and locked due to suspicious activity, which is good security. I raised a ticket with Heroku at the time to unlock the account, they required some information from me, including identity verification, which I provided. Since this they have not responded to my ticket and it appears a bot has automatically closed the issue, with no resolution.
Now it asks me to log a new ticket but I can't actually log in with my account to create a ticket. So I made a new account, logged a ticket with reference to the initial ticket and have had no response. About a week later, it appears my second account must be locked as I am unable to log in with this account. Probably valid since I had to create a temporary email account to sign up so I could raise a ticket.
The Heroku help docs are pretty useless. It's essentially an endless loop of Create Ticket > Help Center > Search > Read Article > Create Ticket...repeat. Even if I get to a sign in page I can't get by it anymore due to yet another account disabled.
That account is linked to my official email address and is why I'd like either the account unlocked or the email address released. It seems as though creating a new account isn't a viable solution either, given that I have tried and that account is now locked too.
I have tried the actions described at What should I do if I can't log into my Heroku account?
There doesn't appear to be any way of getting in touch with a human short of calling an office or a sales rep for enterprise which I feel is the wrong approach. Perhaps this is where my journey ends with Heroku although that seems unfair.
So instead of creating a spamming cycle of new accounts and tickets all referencing each other, how do I go about restoring access to my main account and initial ticket?
I've been using the Google API to update one of my Chrome plugins on a weekly basis. This has now happened 3 or 4 times now: The refresh token I acquire will work properly for up to two weeks (only being used once per week), then the third week, returning an error saying that my token has been expired or revoked.
Given that I'm the only user with access to these tokens, I know that there isn't any spamming, and I know that nobody would be authorized to revoke the tokens on my end.
Please advise. Thanks!
There are serval reasons why an access token can expire.
the user revoked your access.
depending upon which scope you are using if the user changes their password it can revoke all out standing refresh tokens (mostly gmail I think)
If your application is still in testing phase refresh tokens only last for two weeks you will need to move your application to production and go though the verification process. (this appears to have been a stealth change i can find no information on it)
you can have a max of 50 outstanding refresh tokens for a users account, if the user is logging in multiple times and you get a new refresh token each time make sure you are always using the newest.
Your application should always be set to request access of the user again in the event that the refresh token has expired.
I have recently worked with Google Ads API and Shopping Content API and experienced detailed behaviour of API authentication mechanics.
What i can tell for sure regarding authentication is the the following:
An Access-Token always have a life time of 60min. and then expires
An refresh-Token makes it easier to obtain a new Access-Token, since
no additional verification is needed
The lifetime of a Refresh-Token varies
it can be a 6 month or more (when the related application publishing status is released)
or just 1 week (when the related application publishing status is testing)
You can find detailed information regarding Token Expiration on the Google API Documentation https://developers.google.com/identity/protocols/oauth2#expiration
Also information regarding publishing status of your API application Token has expired or revoked - Google Ads
I have a case open with Plaid support, but it has not been even touched since opening 12/26, perhaps they are just all on vacation for the last week.
We had use the prior API for a site and wanted to use it for a new site. We found the API has drastically changed since the last time, as year ago, and have everything seeming to work in the sandbox, but for "development" or "production" cannot get the TD Business Direct to link up and produce the needed access_token so we can pull transactions into our application.
So I am hopeful with the post I may get some help knowing what the error of "the login details of this item have changed (credentials, MFA, or required user action) and a user login is required to update this information. use Link's update mode to restore the item to a good state" really means. The Plaid Link flow seems to accept the initial credentials and the responses to MFA, but after the second question is answered gives the error and we are not able to link the account.
We see a 400 status when it tries to post out after the second MFA question is answered and shows:
{
"display_message": null,
"error_code": "ITEM_LOGIN_REQUIRED",
"error_message": "the login details of this item have changed (credentials, MFA, or required user action) and a user login is required to update this information. use Link's update mode to restore the item to a good state",
"error_type": "ITEM_ERROR",
"request_id": "request_id_here"
}
Other details when we exit that may be helpful:
{"institution":{"name":"TD Bank - Business Direct","institution_id":"ins_107836"},"request_id":"request_id_here","link_session_id":"session_id_here","status":"requires_questions"}
From just reading the message would seem we may not have entered the right credentials, but we can login to the bank site just fine, so they are right and the account is not locked out.
When I've faced the similar issue, the reason was in changed user's details. Every time some details changed, you'll need to re-link user's bank account with plaid in update mode.
Exception with "error_code": "ITEM_LOGIN_REQUIRED" will help you detect such cases and handle them appropriately.
They have more info in their docs: https://plaid.com/docs/link/update-mode/
Link update should work fine. If you are facing some issues further, then create a support ticket to plaid and let them know that request id, bank_id and what type of error you are getting.
Sometimes the issue is on their side. There are quite slow in responding but you will get reply within 2 days and if there is some fix, they would ask you to test it after the fix is pushed on their side.
I’ve created a survey using Google Consumer Surveys. I want use a different account to check results of the survey.
How do I allow a second google account to access the survey though the API?
You can add a second account by modifying the owners of a survey.
You can do this through the UI by selecting a survey from your list of surveys and then clicking the +Share button in the top right hand corner of the page. Then put the email address of the new owner in.
https://www.google.com/insights/consumersurveys/
You can also do this programatically through the API by issuing an update call to the Survey resource with a new Owners list. Note that this overwrites the owners field and does not append to it, so make sure to include the current owners when issuing an update so that no one losses access. You can find the documentation for this here:
https://developers.google.com/consumer-surveys/v2/reference/surveys/update