I'm developing a PHP application to retrieve the list of contacts from a GMail account. I'm looking for a solution which would enable the user of my application to provide the login and password to their Gmail account in my application (as opposed to getting redirected to Google) and then automatically do the retrieval. The retrieval process can be run in PHP or JavaScript (which would then feed the list of contacts back to PHP using Ajax).
Is it possible to do that? Which JavaScript API should I use for that? Can someone point me at the right chapter in Google Contacts Data API documentation?
This is really not advised - google provide OAuth for a reason - so that users won't have to give their credentials to 3'rd parties.
Check out http://code.google.com/apis/accounts/docs/OAuth.html
Speaking only for my self (and all other developers I know), having to hand over my credentials to 3'rd parties is a real no-no.
It would be best to use the Google Contacts Data API using JavaScript for your case.
I haven't tested it myself but it looks nice: http://gmail-lite.sourceforge.net/wordpress/
//edit:
You probably should use: http://code.google.com/apis/contacts/
Related
I am a beginner in php. I want to integrate Teamwork API on my web page. I have already checked how to call different methods of teamwork API and what will be the JSON response of them by using developer.teamwork.com.
Now, I am a bit confused that if I use my API key in the GET request as described on the api documentation then the response contains info related to my account. Actually, I want the user to login to his/her teamwork account through my web page and I will retrieve the info regarding their projects on the web page.
So, as far as I understand, I will need to ask for user's API key of his/her teamwork account to display the info on web page. But then it's not a good approach to solve the issue. Is there any other way? Is it possible that user provide their username and password to login and get the account details?
If you use your own API key, then you will get your own information, the api key is connected to the information they have about you.
The key is a certificate about who you are and that you have the right to see the information stored.
As far as i can see teamwork.com have account and billing information in their care, and i would be worried if they shared that information to anyone without special access, such as the API key.
Depending on what you do i would consider the approach you are using, (unless teamwork have some kind of solution for it), making other people share their api key with you could be considered a security breach that could expose sensitive information, in the unfortunate case where you are not able to keep it secure, or where a customer find's you unreliable and prioritize their security over the benefit of your product.
I currently have Google OAuth 2.0 for authentication. Next I want to be able to use google hangouts in my website so users can chat with each other, along with showing their contact list. So basically I want it to look like how it is on gmail but on my website for hangouts. Main reason for doing this, I want my users to be able use hangouts as a mode of communication. Please let me know if this is possible and provide the necessary resources, an example/demo of this working would really be helpful.
Im afraid there's no API at the moment available (nor plans for that) to access the text chat feature of Hangouts.
yes, you can. More information about google hangouts API here https://developers.google.com/+/hangouts/getting-started
I was following these articles: Verifying Back-End Calls from Android Apps and Stopping Vampires using License Verification Library (from 24:57 to 25:34) to implement an In-App Purchase verification system for our Android apps.
I am a bit confused about how this works end-to-end and what we can assume about the generated token from calling GoogleAuthUtil.getToken() with the first email address found--when AccountManager returns more than one account. My questions are as follows:
Should we assume that any e-mail address used by the user to buy our
app will generate the same token (i.e., same user + app ==> same
token)?
If the answer to question 1 is no, is there a way to launch in-app
purchase for a particular account/email?
It looks like Google is picking the first e-mail address returned by
AccountManager for its in-app purchase dialog. Can we assume that
this won't be changed by the user after in-app purchase dialog is
launched? How do we find out if this changed after the in-app
purchase returns?
What should we store in our database to identify this user? Is email
address and/or token allowed? When does the token expire?
The java-client library looks very promising and powerful at first
read. But, a number of things remains confusing. Is there an article
that describes the end-to-end scenario--from an app initiating a
call to a back-end server through launching the in-app purchase
dialog, getting the result and closing with commits on the server?
What articles are the most useful for accomplishing this on Android?
The main issue we are trying to solve is to to get the full picture.
We've gotten the idea that we can avoid requiring userid/password by using the java client features and using tokens. We have registers our project (both the web app and android app on the same project) per the instructions for Google API Console. We have the php java-client for Google Play Service on our back-end server. We got our Android app to generate a token using the first email address and then call the in-app purchase dialog and handle the user response at the end of the dialog. We've got the parts. Now, we need to glue everything together. We are at the point of integrating with the back-end server. E.g., What is Redirect URi supposed to point to in our server? We've got a php url that we do http post messages to for our server app. We've included the code example for Google API client example--with client-id, secret, simple api key, etc. filled in--as an include to our php. But, what should we put in the redirect uri (we are missing a usage instruction for the example code)?
Also, we want to avoid having the e-mail used for the in-app purchase be different from what we log on our server database as the address the user used to buy our app; if the address is the correct thing to track, we want it to be the same as what was used for the purchase. This could be frustrating for our user if we make this mistake and prevent them from the features they paid for. We don't want to make this mistake and need some clarification on how Google Play Service works. If we initiated the server part of the workflow to get app Nonce / Payload / Credentials for the first e-mail address on the Android device, we would want that address to be used throughout the workflow. If the user changed this along the line, we want to be aware of this and gracefully recover. So far the articles have been helpful but incomplete. Any insight/suggestion is appreciated.
I am developing an advertisement site in PHP, the user can only list there products by logging in using there account in the site. Also i need to have another option for users to login into the website using there Facebook account and hence advertise about their products. How can i implement? Do i need to create any application instance in FB for this? I am looking forward for valuable suggestions.
Create an app.
Look into authentication, and see which method (server-side vs. client-side) fits you.
Once you've implemented that, you can make graph api calls. https://graph.facebook.com/me gives you the user's basic details
Good luck.
so i was wondering this: for example: when you subscribe to Facebook you have the option to invite your friends from gmail(if you have a gmail account), so you would enter your gmail login and password and facebook would grab all your contacts from gmail, so i was wondering how this is done? is there an API from Gmail or from Hotmail that permits to program this?
thanks
These sites don't use an all-encompassing API, they take your login you provide and from their side login to Google (for example) as you and scrape it for your contact info.
This is why you should also be very careful about who you trust with that login information.
yes .There r different API's for all of these.you can download them by simply typing contact fetcher script in Google or something like this. They r free.
refer link https://sourceforge.net/projects/contactgrabber
There might not be an API specifically for it, but it's still pretty easy. I did something similar with PHP, using CURL to log in to a website and download reports automatically.
edit: You should be aware that some sites won't like that you do it, and might sue you for it. Always get a permission from the site owner before you try it.