I really tried, but didn't find any matching answers, most of them are about Android dev/single app info, google play scraping etc.
Anyway, excuse me for possible duplicate.
So, i can see the list of apps which are/were installed on my android device in google play interface ("My Apps"), so, is there any way to get that list in my PHP application, through some kind of API, maybe?
Question is not about tracking my own apps, but about tracking installs of any random app from the given list, on a specific device/google account
What i want to achieve:
User installs an app from the list
After some time/trigger, PHP backend checks, if this app is installed on user's device, and saves this info to DB
EDIT: It is meant, that user agreeds to share this information, to get some kind of reward, after installing an application.
Thanks for your attention.
No, which apps a user has chosen to add to their device is treated as confidential information, and a random person cannot just query that from a server. There are only two ways you could check this:
Do it like advertising libraries do. They use the Google Play referrer API which finds out the referral code which prompted the install, and sends this back via the Ad library in the app.
Or have your own app which is on the device and uses PackageManager.getInstalledApplications() to find out the applications on the device.
Related
Currently building a hybrid app. using Ionic Framework with PHP for backend services
I am having a case where a user has got his profile in Web app and Mobile App as well.
If the user adds two stories as favourites (Its kind of a reading app) from his mobile app or Web app,how do I sync that?
Here are the scenarios:
1) User marks the stories favourites from web app and when I come online through mobile app, display it.
2) User marks the stories favourites from mobile app when he is offline(Now this will be stored in LocalDB). So again when he comes online sync with the server?
I know there are services like Firebase which provides syncing service.
But What If I would want to develop a Custom Syncing service on my own for my application? Is that an extremely complicated process?
If yes and it can be developed ,then how should I proceed ? A basic idea? What are the best practices that I should consider?
Any links would be appreciated?
I know some of the comments recommended CouchDB in combination with PouchDB. That is a much better solution than trying to implement your own synchronization service with MySQL.
However, since you're using Ionic Framework you can also use Couchbase. Take the following example application:
https://github.com/couchbaselabs/TodoLite-Ionic
If you chose this solution you would have three moving parts. You would be replacing MySQL with Couchbase Server and running the Couchbase Sync Gateway to orchestrate any data between the device and the server. You can still keep your PHP backend if you have a web version of your application as there is a PHP SDK for Couchbase.
Two write-ups on this can be found here:
http://blog.couchbase.com/using-couchbase-in-your-ionic-framework-application-part-1
http://blog.couchbase.com/using-couchbase-in-your-ionic-framework-application-part-2
In the long term, you're going to find NoSQL much more pleasant to work with when it comes to APIs and mobile than MySQL.
Can be useful to write a POST method on the backend that receives the data from your local from the app and some user data (session, access tokens and other thing you considered neceasary). On the body for the request you include the data needed to be synced. The backend takes the body. Parse it and rreturn a result (http code) Based on that you can decide if the app should delete the local data or only mark it as synced on the local database
My question is not deeply technical but more of a system architectural one.
I'm designing an API backend in Go Lang. I'd like to have several clients, like a web server, cell phones etc.. I imagine that all these clients should have a secret API key so to validate that they can use the API. At the same time the web frontend is going to have a lot of users with different restrictions. I'd like for these users to be able to log in with their facebook or Google account. That should require OAuth authentication as I understand. My question is now where should I add the OAuth. Only in the frontend and then save the user in session or also between the frontend and the backend. I'm highly confused about how I should set up this communication and authentication.
I'm building the web server in PHP and I'd like the web frontend to be really light weight and more or less only function as en empty shell/view for the Go API. I've build systems in plain PHP/MySQL before but I'd like to make a shift to Go based APIs.
How would a URI look like to the API from the web server frontend for let's say a show profile page? I imagine something like a GET call to "http.//backend.com:3000/[api-key]/[api-secret][oauth-token?]/profile. Then some middleware to authenticate the web client and another piece of middleware to authenticate the user. Would that be "the right" approach?
I hope you guys can point me in the right direction.
Thanks in advance.
If you look at your facebook or google developer docs, you will find examples on how to integrate with their oauth login systems.
OAuth, or at least the last step of it, really must be done on the back end as you have to assume your front end is a bad guy hitting your system.
For go oauth, take a look at: https://github.com/golang/oauth2
You will likely have a http.HandlerFunc("/oauth/google",yourGoogleFunc)
and http.HandlerFunc("/oauth/facebook",yourFBFunc)
type thing, then you register that URL on your dev account with those companies.
while testing, it's easiest to use localhost:8080 (or whatever) as the callback url so it works on any machine as long as you are using a local browser.
I'm a php developer for my firm, and I'm kindoff stuck with this concept form Oauth.
I've been searching the web and read almost every article I could find about oAuth but still it won't get to me how to handle this situation.
I live in the Netherlands so forgive me if my writing is sometimes a little bit off.
I'm working on an application for our company. Its an online work platform, where people can sign up to to find work.
We sell our online application to companies who offer jobs and such.
So we have for every company that buys our web application an url like: http://companyname.onlinejobs.com ( for example ).
So we have backend users that can login in their application and they each have different roles and permissions.
We also have http://onlinejobs.com as a website where everybody can sign up to view job oppertunities and much more.
So we also have a frontend user, that also can have multiple roles, such as a free user and a premium user.
We've build a REST API that holds all methods to add and view jobs and profiles etc etc. We want this API to only be accesible to the clients that we register.
So if I register company1.onlinejobs.com than that in my opinion is a client, and can only use our api.
But now we want to intergrate oAuth to the situation.
We want the API to be protected from any unregistered clients, but we also want to make sure that a frontend free user, cannot access surtain api calls that a premium frontend user can make.
or is that permission based behaviour not something for oAuth?
Wich grant type that oAuth2 uses can we use for our situation?
I really need some help with this guys.. Hope somebody can give me a clear explanation about what to use best, or maybe even not at all.
We had a similar use case and we built our own authorization server that can handle the following use cases
Authentication and authorization from the
web applications
javascript enabled apps [Like SPA apps]
Native apps like windows services or windows apps
We have used the following flows in OAuth2.0
Authorization Code
Implicit flow
Resource owner credentials
Hence, the right choice of the flow needs to be decided on the types of applications that you plan to support.
HTH
i developed a sync option for a CRM system with google calendar. the system is installed in a certain domain.
i get a refresh token and access token for each user in the system and store it in the user profile.
it works great.
now a friend of mine wants that deveopment for his CRM system too (in a different URL).
Does that mean i need to open a new project for him too? or can i take refresh tokens and acess tokens extracted using the first project and copy them to the users in the other CRM system?
in short:
1. Do i need to open a new project in the developer Console for every CRM system hosted in different URL?
2. Is there a limitation to the number of projects i can open ( in case i install this CRM system in tens of businesses with different URLs)?
3. i read that i can only get 25 refresh tokens per project, what happens if the CRM system has more than 25 users? didn't find any information... do i pay Google for more? how much?
This is going to end up being more of a clarification then an answer but its to long for a comment.
The point of developer console is to identify YOUR application. Each application should have its own project on developer console. If your friend wants to develop his own application then he should have is own project on developer console.
Copying refresh token
If your friend is using your application then he should could use your project id. Basically if the code is the same you can keep it as the same project. If your friend does take a copy of your program for his use technically speaking you could copy the users refresh tokens, as long as he has them and your client id and client secret they will work.
But I think you may want to consider how wise that is. Users are giving you access to there data, they have not given your friend access to there data. I am not sure if this is against some privacy policy, I will have to check but IMO it should be. You should not be sharing authentication granted to you by a user to someone else.
If it was me even if he was copying your code he should still have his own project and get his own users.
Quota
The main problem with sharing a project is that you will also be sharing the quota. I am not sure what api you are accessing but you are aloud a limited number of requests per day. If you are both using it your both eating away at the quota.
25 refreshtoken
That part of the documentation is a little unclear. Its 25 refresh tokens per user per client. Example: So I could authenticate your application 25 times all 25 refresh tokens will work when I authenticate you again the 26th time the oldest one will then stop working.
Your application can have an unlimited number of users.
Hi guys I'm building a Google Apps based solution. Basically I'm setting it up such that:
When a Google Apps account holder installs it he/she enters the authentication details for a single Googles Apps account to be used - that account would be used by all users of the instance of the installed system for uploading to Google Docs associated with that account and managing Google Calendar entries associated with that Google Apps account.
The user as mentioned can create other users and invite them to sign in from a separate login screen and they should be able to interact with the system's facilities which allow interaction with the services associated with the Google Apps account used to install the system.
Any other user of the same domain as the original user can also install the system and be automatically associated with the instance created by the user of the same domain.
I got parts one and three all set up but the second part is where I'm stuck - I'm storing the credentials for the centralised Google Apps account in a database and would need a way to authenticate seamlessly using the details i.e. I don't want the users to have to add in the sign in details nor have to go through the process of having to be asked for permission to allow the application to access the Google Apps services - I wish that when the users log in they are automatically transparently also signed into the Google Apps account as well and be able to use its services.
How can I do that I wish to do away with the process of 'asking the user for which account to sign in or the Google Apps login screen' and the second step asking for permission to allow the application access to the account.
I know it can be done - I've installed loads of applications and none of them require me to go through this two pronged process of authentication which I find quite unnecessary - what do I do? - Help please!
Have you seen the Zend Frameworks' Zend_Gdata? It's a PHP 5 interface for accessing Google Data, at first glance it seems to do all the things you want.
http://framework.zend.com/manual/en/zend.gdata.introduction.html
You will need to take over the authentication process to handle authentication of Web sessions. The good news is that you can indeed do that (SSO / SAML), bad news is that it can be a lot of work.
Essentially you'd build your own SSO provider, stick it in front of your domain (so it handles all auth), and let it handle the login process so it's as seamless as you need it.
At a higher level, it sounds like you are using a single account to proxy multi-user access into Google Apps; you might want to check the TOS as I'm pretty sure that's frowned upon (kills traceability).