I have created a web application which connects with Google APIs. In the past it only connected with the Google Analytics API. Now I am making it link with Google Webmaster Tools (GWT). Some of my existing users may want to opt in to GWT. And moving forward new users may want to link with just one or both APIs.
Is it best practice to create a separate console project for each API?
During experimentation I modified my original Google Analytics project to support GWT. But in doing this I found there is no way a user could revoke access to just one API; they would need to revoke BOTH APIs.
I then created a separate project to manage just GWT. This works fine and all. But from the user's perspective it makes another entry into their "Connected Apps" (see screen shot).
What is the best practice for a situation such as this?
Related
I am a beginner trying out api for fun.
The problem is, lets say, I want to write a simple windows program with golang to let my friends read and edit one of the sheets saved on my google drive. How can I do this without having them download a credential file?
What I want it to do is simply redirect them to the Oauth Page right away, and if their email address is one recognized by the app it will grant them access to that google sheet.
What i think you need is to integrate your go app with Oauth protocol.
More specifically, with the Google provider.
This is mainly 3 steps:
add the oauth client to your application
something like this: https://github.com/golang/oauth2
See their docs on how to do it.
go to google dev documentation and see how to integrate google auth flow into the client: https://developers.google.com/identity/protocols/OAuth2
I'm not sure if google has something more specific for google drive integration and/or go-lang client in particular. Please do some searching.
make the glue code on your go app so that the user can interact with this (the login button (or command, if it is terminal based), error messages, logout, etc)
More questions will appear when you start to do this, however it is a great example to learn Oauth as well.
General guidelines:
https all the queries or oauth is basically useless
oatuh has many auth-flows and you must choose which one(s) you support. use whatever google documentation recommends for m2m scenario (machine 2 machine)
log errors so that your friends can send you a log file for you to debug issues
maybe set some feature flag so that you can simply disable this feature to run/test localhost ? maybe useful? you decide.
I am following the tutorial located here: https://developer.xamarin.com/guides/xamarin-forms/cloud-services/authentication/oauth/
I got to the step titled: Presenting the Sign-In User Interface.
It says that, "When the Login method is invoked, the sign-in user interface is presented to the user in a tab from the device's web browser."
Now is this really the process when using Xamarin?
Because the other apps I've downloaded and played with don't open the browser and then open a new tab to give me a choice of which account to choose. Those apps pop up a small page on top of the app and allows me to select an account.
If this Xamarin process is different I am not going to use it when developing my app. Please clear this up for me thanks.
There is no such thing as as "Xamarin's way of oAuth".
oAuth is about authenticating users through 3rd parties like Google, Facebook, Twitter etc. There are different oAuth flows which are mostly used: the implicit grant and the authorisation code grant. For mobile apps the implicit flow is common because auth code flow involves the app keeping a secret which a mobile cannot really guarantee. For a great overview of these flows I can recommend this lecture from Xamarin.University.
These flows are the same no matter which underlying development stack you are using.
The documentation you are referring to is using a library to help using these flows: Xamarin.Auth. As a matter of fact you don't have to use this library at all. This library helps with storing tokens, sending requests that include the required tokens, detect endpoint redirects etc. Part of using this library is presenting the UI where the 3rd party vendors login form is shown.
This is what you do when calling:
var presenter = new Xamarin.Auth.Presenters.OAuthLoginPresenter();
presenter.Login(authenticator);
The actual implementation of presenting the UI is platform specific. On iOS the UI os shown modally if that's how you are coding it. If you change this code to show the UI as a small popup floating on top of existing content, you can of course do this. This is true for any given platform.
Currently, I have been tasked to utilize the Google People API to ask for a user's basic Google information along with their public phone numbers. So far the results have been positive.
The solution my team and I have incorporated the Google People API integration in has the capacity to be utilized across thousands of domains. As a result, my question is simply, How can my team members and I ensure that any our clients that utilize our solution with their own particular domain get our new functionality built with the Google People API?
Keep in mind, our clients have the flexibility to have http/https and any subdomain on their site. Entering each domain possibility for our client base one by one would not be an easy task. I'm seriously hoping there is a solution around the single, explicit origin entries.
Thank you for your time and help.
Warning:
You must remember that if this is source code you are giving your clients that you are not allowed to release your client id and client secret. This includes plugins and scripts.
On November 5th 2014 Google made some changes to the APIs terms of Service.
Asking developers to make reasonable efforts to keep their private
keys private and not embed them in open source projects.
So if your clients could view the code of your application and see your client id and secret you should not be giving it to them.
Read more about this issue Can I really not ship open source with Client ID?
Recommendation:
The best solution for you will be to instruct your users now to create there own project on Google Developer Console and create their own JS origins.
You may just have to provide your own wrapper around the target API where you authorize the client request yourself and then do the request from Google using your own credentials.
We have a Google Apps Marketplace App. Or more precisely, we have 2: one in the old marketplace and one in the new. Both point to the same URL, both do exactly the same thing (OAuth2 authenticating the user(even users from the old Marketplace,, because we handle this users like the "normal" users coming from the Chrome Web Store ).
Now Google wants us to move the users from the old Marketplace app to the new one.
How do we do that?
According to Google's document we should call an UpgradeApp API for every domain.
This requires that we find out all the domains (we don't know them because we don't care, if the user is a marketplace user or not).
So we should probably use licenseNotification on the old Marketplace app, to find out all domains and migrate them one by one?
To try this, I tried to issue the API from API Explorer (https://developers.google.com/apps-marketplace/v2/reference/licenseNotification/list) but got a message (403 FORBIDDEN complaining that I should activate the API . How do I do this? (I already have a project where the Marketplace API and Marketplace SDK is enabled).
Will this approach work at all?
Are there simpler ways of doing this?
The API explorer approach works, I just tried.
Make sure you are providing correct applicationId which is the key here.
GET https://www.googleapis.com/appsmarket/v2/licenseNotification/applicationId
Could anyone help or refer how it can be done..I searched over the net and what i felt is that its only for mobile and websites.
It's for websites. Many of the concepts of web analytics (number of pages viewed for example) don't even make any sense on a desktop app, because they're not organized like a web page.
If you want to use Google analytics data from an analytics account Google provides a data export API.
If you want to track your native application then as Catfish_Man (great name btw!) said, it is not really possible. That isn't totally true, as you could fake it, but the paradigm is so different that you would be better off creating you own solution.
You might want to see this library for GA on desktops
http://code.google.com/p/jgoogleanalytics
Google Analytics doesn't provide a native Mac app integration, but you can use the Measurement Protocol Overview to send raw data to your GA property from your account.
Just create a mobile app property and then start sending raw GA events using HTTP. There are couple Obj-C wrappers available like https://github.com/swisspol/GARawTracker or https://github.com/stephenlind/SimpleCocoaGoogleAnalytics.