I have an app which uses OAuth to grant scopes needed to access user data via YouTube Data API, then fetches YouTube data and puts it into a data warehouse. I have begun the Google App OAuth verification process and submitted several demo videos. I keep getting variants of this message from the verification team:
Please provided an updated demo video how your app [app-name] uses the
requested scope in regards to its definition:
https://www.googleapis.com/auth/youtube.readonly View your YouTube
account https://www.googleapis.com/auth/youtubepartner View and manage
your assets and associated content on YouTube
The submitted demos show the code which makes requests to the YouTube Data API, requests which require the above scopes, and the resulting data stored in a data warehouse. This doesn't seem to be enough. I don't know in what other way I can show how my app uses the scopes as there is no app front-end where the data flow can be seen, the only front-end component is the OAuth interface for authorizing the scope usage. What else could my demo include to show the scope usage?
[Edit] This is the request shown in the demo:
channel data request
First off you can always email them back asking for certification.
Second did you send a video showing the consent screen running? This video should show the consent screen where it displays the scopes being requested. It should also show the name of your application on the consent screen. Finally it needs to show your client id in the url bar of the web browser. (THE BROWSER MUST BE SET TO ENGLISH)
Related
There was a music event a friend of mine went to and they had a few photographers waling around out there. The photographers took photos that were instantly uploaded to the users facebook account via an NFC wristband. The workflow when it was explained to me looks like this:
Step-1 Get a nfc wristband at the Kiosk- Facebook will be encoded into the wristband.
Step-2 Walk around the event. If a photographer takes your picture, hold your wrist to the camera and the image will be watermarked with event/sponsor logos at the bottom and posted to your facebook account .
So, I was thinking how this could possibly be done- I googled and googled, but I got nothing. Here's my guess- All the FB authentication can be in the wristband. An EyeFi SD card has the ability to take a photo and transmit it. NFC Arduino reader could read the persons wristband, authenticate, then go into the images and pull the last photo that was taken and post it to the users fb page. What do you think?
We have a (beta) product that performs this exact function. It's called Flomio Kiosk. The way it works is with NFC wristbands and Android NFC terminals like the Galaxy S4 Zoom. The system lets guests associate wristbands/cards to their Facebook or Email accounts. The NFC Kiosk application has a photographer mode that allows pictures taken to be tagged and uploaded with the scanned wristband's profile.
The architecture of the stack is straightforward. The UUID of the wristbands are associated with the Facebook token of the associated guest. This needs to be stored in a cloud server so that you can effectively OAuth2.0 to Facebook and post on behalf of the guest. This setup also allows us to remain liability free of ill formed posts. Each developer that uses our system needs to create their own Facebook app and get it approved. If spam or content that violates Facebook T&C is posted then only that Facebook app will be shutdown rather than the whole Flomio Kiosk solution.
In order for us to grab the Facebook token for each guest, the guest must go to the events' landing page (we use eventname.flomio.com), enter their wristband code (5 digit number) and sign in with their Facebook credentials. The guest can then select what permissions to give the event application, such as post to "Only Me" and allow access to their "News Feed". Once this registration process is complete the wristband is considered activated and the OAuth token for accessing the guests Facebook profile is stored in the Flomio database alongside the wristband UUID.
When a wristband is scanned at an access point, the UUID is sent up to Flomio via websockets for ultra-fast responsiveness that reveals the guest name and profile picture. This way event organizers can provide a more personalized experience to guests. In photographer mode, the images are taken and then wristbands are scanned. Images are posted through Flomio where event logos are overlaid on the pictures for added brand recognition. Included are predefined post messages as well that event organizers can curate before hand. Here's a simple diagram of how things come together.
For high end cameras like the Nikon D300 we use the Transcend Wifi SDcards as they're more hacker friendly. These run Linux so we execute some scripts to tag the photos as soon as they're taken but upload them later through a background process. Our Kiosk solution is undergoing maintenance right now to add support for our FloJack and FloBLE product lines. Once complete any smartphone will be able to act as a scan terminal in a multitude of deployment scenarios. Sign up for our blog to stay tuned with our latest releases.
Unfortunately I'm struggling to understand the documentation provided by Facebook.
This is the scenario:
- Some of my iPhone Apps are also registered as Native/Desktop Apps on Facebook in order to support the Facebook Audience Network.
- I'm building a tool in python which will retrieve data from the reporting API in order to run some automated analysis on specific metrics (request, impressions and so on).
The question is: how do I retrieve this data?
The documentation for the reporting API is here: Reporting API
However I'm struggling with the access token.
It says that I could use the specific App Token available here: App Tokens
However by using such token, I get an error saying that app tokens can't be used for Desktop/Native Ads.
What is the correct way to do it then? Here is where I struggle to understand Facebook Documentation.
My guess is that I should use a User Access Token instead, generated for a user that is also the admin of the App for which I want to retrieve the insights.
What really freaks me out is that apparently, this can't be done with normal HTTP calls only but it requires instead to go through the Facebook Login Dialog. I also need to create another Facebook (web) app because there is no way to get a simple "User Object"... Everything needs to start and go through a registered Facebook App. And there's no way to go through these steps by using backend code only.
So... to recap... in order to read the Insights for a Native/Desktop Facebook App (APP_A), I have to:
- Create a new Web Facebook App (APP_B)
- Create a web interface somewhere for APP_B) which will trigger the Facebook Login Dialog and request the read_insights permission.
- Login through this web interface and generate a User Access Token
- Put this User Access Token in my backend code and run the scripts that retrieve the data provided by the Reporting API for APP_B
Really... to me... it doesn't make any sense to create a new Facebook App in order to access the data of another Facebook App.
Isn't there another better, simpler, quicker, cleaner way to achieve the same final result?
I'm using the GDK with XE16
I would like to save a video using MediaRecorder and then put it on the Timeline so I can let the user share the video to Gplus, YouTube or any contact. I am providing some additional information during the recording process as an overlay on the video preview.
I am able to save the videos into the /mnt/sdcard/Movies path. I am invoking the Intent.ACTION_MEDIA_SCANNER_SCAN_FILE to add the recorded video to the media database.
I have not been able to figure out how to add a share intent to on livecard. The previous API supported static cards, but those did not support video attachments; and the API is no longer available. I have also tried to use AccountManager and the com.google account in Glass to get an ouath token for the Mirror api to write direction via oauth2:https://www.googleapis.com/auth/glass.timeline. The authorization request shows up, but it is impossible for the user to accept the request.
I've considered sending the video file back to a proxy server that will then call mirror, but this seems like a big round trip for nothing.
I suppose I could send the credentials through this proxy, but this seems like a security nightmare.
The difference between Static Cards and a Timeline Item were large enough that the team, apparently, removed Static Cards until they could make the two of them work much more similarly. What you're trying to do is a commonly requested, and it does make sense that both should work mostly the same way.
You're on the right track for how to handle this at the moment - use the Mirror API to get it into the timeline as a Timeline Item. As you've noticed, you can't go through the auth flow since the user is unable to authenticate through Glass directly.
While you're testing, you can code in an auth token and a refresh token to be provided to the library to do this. For production through MyGlass, take a look at the auth flow that is available at https://developers.google.com/glass/develop/gdk/authentication
I am writing an app which is basically a service that posts media release news to various social networks including Facebook. I understand the usage of app tokens vs. user tokens vs. page tokens through the Graph API, but what I don't understand is why it requires a user token for an app to post to the app's page. User administrators will change over the lifetime of an app, it makes far more sense that an app would automatically have the necessary permissions to post to its own page's wall. This would also cut down on all the handshaking through the Graph API that seems to be required to get things done.
So, in short, why do Facebook App not have direct posting permission to their App Pages?
Because every post has a user associated with it – the user who created the post.
I'm looking to see some info about my facebook contacts, and I want the info to be overlayed on the currently open website.
Currently, I'm trying to do this via a bookmarklet.
Is it possible for me to overlay a div over the currently open web page and populate it with a functioning facebook login button (if the user is not logged in)? Are there publicly available working examples of something like this?
It is probably not possible to simply embed Facebook within an iframe because Facebook blocks people from embedding their pages within frames or iframes by putting this into the response header, "X-Frame-Options: DENY". This is most likely to prevent click-jacking and similar security exploits.
To test this, enter any page from Facebook into http://savanttools.com/testframe
Facebook has an API which allows you to do many things, but it requires server side code, and can not be done simply with a bookmarklet.
There is also always the brute force method where your server scrapes data from any website you want it to. Then that data could be put into a bookmarklet.
Finally, the same thing could be achieved by writing an add-on or a user script without using a bookmarklet at all.