I'm developing a kiosk chrome app, and i'm facing an issue: i can not display drive documents of my domain without sharing them publicly;
How can i auto sign a google account in a chrome app, so i could display drive documents without having to share it with anyone with a link ?
I know webviews tags doesn't have access to cookies and at this point, i have no clue..
I would like to have a "service account": foo.bar#gmail.com, with password hardcoded in the app, and be able to connect it, without any prompt.
There is no viable solution for this.
Related
My audience is generally a 60/40 split of Mobile vs Desktop. Yet the majority of advertising revnue comes from mobile. Reviewing my adsense report the impressions are far lower for Desktop platforms. Indeed when I access the site , "autoads" do not work anywhere for the desktop. Yet on a mobile device they work as expected.
Has anyone experienced this? An example URL is www.planandshop.uk or www.planandshop.uk/login
Thanks
I checked your website and I can see auto inserted ads on login page on both desktop and mobile. The ad usually appears below the login form. In addition on mobile I see a top anchor ad but not on desktop. This is expected as anchor ads currently work only on desktop.
On the login page ad sometime inserted in the middle of the login form between "Please login with your email and password below." and "email" field. That doesn't look very. There are a couple of things you can do:
Disable this specific placement: when you login to adsense and go auto ads there is an option to preview placements and disable them.
Disable ads on login page entirely. Again, on adsense you can choose pages where ads should be disabled, e.g. /login.
this topic is about the combination of Ionic 4 + Capacitor + Azure Active Directory B2C + Native Application
I am working inside an Ionic 4 project and i am using Azure Active Directory B2C as login provider.
Unfortionally, trying to add Google as login provider leads to the following problem:
https://azure.microsoft.com/de-de/blog/azure-ad-b2c-google-signin-issue/
Google does not support webviews anymore.
Is there any way to open the login mask from Azure B2C with the embedded browser and only the external Google login with an external browser? I feel like i am forced to open the whole login process with the system browser if I want to use the google login service, which is no option because of the missing option in hiding the URL bar for that external browser.
Because I need a way in open the login mask without the toolbar. The page should look like a clean login mask, so the user does not get the feeling of leaving the application.
Did anyone experience this issue before and found a way in solving it? What I want is the following behaviour:
From the native app the user should be able to open the login mask from Azure and feel like not leaving the app. So this login mask should be opened inside an webview or inapp browser because I think there is no way in manipulating the system browser to hide the URL bar.
Then, if the user decides to use the google identy provider to login, the system browser can be used, best would be inside a pop up window
I would appreciate if someone has a solution for this problem.
Best regards
I have a website which allows login via facebook functionality and displays photos from facebook.
While accessing from a mobile browser I would like the website to automatically login(when the click on FB login button, without entering username and password) if the user is already logged in via the native FB application (iOS or andriod). It seems to be that I can do that by building a native iOS or android application and use facebook single sign on feature. Is it possible to do that without having the user install anything on their mobile device?
That is not possible.
Auto-Login relies on auth tokens that will be granted to a website or mobile app after a user approves an app. For security reasons, those tokens are tight to the cause they were issued for. Particularly, web tokens and mobile tokens are not interchangeable.
So you could build a native mobile app to get a "native token", but even if you would manage to (cookie-)inject it into a browser view, your website's backend couldn't use it.
More generally, you're raising an issue even facebook can't solve: Say you are using a facebook mobile app and logged in there. If you open facebook's web version on that very same phone, you'll have to log in there again. The root cause is the same as with above. Specifically, any native app is uncapable of setting arbitrary auth cookies into the OS browser. I personally believe this restriction will not fall, because it would have a large security impact - just imagine how any app could set (and possibly get) cookies for any website.
If they've never logged in facebook from their Mobile, how will your website ever know them ?
Is it possible to do that without having the user install anything on their mobile device?
Like PC's, users in a mobile device need to login in their phone in facebook's website before being eligible to login "automatically" to your website. When I say automatically, I mean they still have to go with the first time process of "Do you authorize this app/website to do X things on your account". That message is inevitable when using facebook's api on the web.
Hope this answers your question.
Is it possible to do that without having the user install anything on
their mobile device?
No this would not be possible. You need to have a native or hybrid app (phonegapped etc) to make it work. Mobile web apps run in a browser sandbox and without native code interface - you cannot get to the native SSO of FB on your mobile device
Did you have a look at this facebook page ? I'm not sure what you ask is possible, as basav said, but maybe you'll have some clues there.
I'm trying to un-authorize one of the apps that I've allowed previously to use my Google information.
Twitter and Facebook allows un-authorization. How do you achieve it in Google? Tried looking around the settings, but to no avail.
https://www.google.com/accounts/b/0/IssuedAuthSubTokens is the URL to view/revoke permissions granted to third-party apps.
If it's something you added to Google from the Chrome Store, go to the chrome store "your purchases" and click on the app you want to trash- there is a little trashcan icon to remove it from your profile:
https://chrome.google.com/webstore/user/purchases
You can also open your Google+ app, open settings, click on your name under account settings, and then click on apps with Google-plus signin.
Jason's link worked fine, but https://myaccount.google.com/ seems less fragile.
(Just scroll down to "Connected apps and services".)
I am running into a difficulty with the picker api for users who have installed our Chrome Web Store app, but who have not yet enabled drive. For users in this state, it is possible to save new files using the files/insert api, which returns a successful response, but these files do not show up in picker. Once the user enables drive, all the files they have previously saved begin showing up in picker.
Is this behavior intended? If so, what is the best way to determine if a user has drive enabled, so that we can prompt users to enable drive instead of making it look like we're not saving their documents?
Currently, the picker and the API will only work if the user has installed your Drive application ont he Chrome webs Store.
We understand the pain involved for developers and we are looking to relax this restriction.
In the mean time there is a way to check if the user has installed the Drive app, for that you need an OAuth 2.0 access token (so your user will need to have gone through the OAuth flow and authorized you to access his Drive data). Then you can simply try to read a file with a bogus ID (lets say ID "000" or "abcdefghijklmnopqrstuvw"). If the API returns the error "403: The authenticated user has not installed the app with client id {clientId}", that means that he has not installed the app yet and that you should hide Drive functionnalities and probably show him something that say "To take advantage of our latest Google Drive integration/features, we recommend that you install our Drive App link to Chrome Web Store listing".
If the user has your Drive app installed you will get a "404: File not found: {fileId}" error on this request.
First it is odd that the picker is not showing files for your non-drive enabled user.
So I just tested the picker with a non-drive account and everything worked as expected... For instance you can try with the Balsamiq Drive app https://chrome.google.com/webstore/detail/pplbmgaodhjmbklkgkgmlghaekcfhhkk They are using the picker in Mockup > Open...
After installing you have to go to https://balsamiqgdrive.appspot.com
I created a mockup first and saved it. It appeard in Docs. Then I tried the picker in Balsamiq and I could see it.