I have an enterprise account, and I am distributing a private Application, so I have a web page that requires a login/password and then has a link to the .plist manifest file, which also has the link to the .ipa file, the problem is both files are in the same server, and that server requires a login.
Which is why whenever I click the link even though I am already logged in I get the "unable to connect" pop-up. I though the credentials were passed since I am already logged in, but clearly they are not.
How can I secure the download of the .ipa file without requiring the password (or can the password be supplied somehow by the user), without someone being able to create their own manifest file and supplying the link to my .ipa file?.
I tried looking online for a solution for this, but found nothing.
Any help will be greatly appreciated.
Thank you.
You could create your own login system using php and mysql.
Put the ipa file into a folder before public_html or htdocs or www_root or whatever you use as the root of your website. This way people can't link to it.
Then use some code like this:
$file = '/absolute/path/to/application.ipa';
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename='.basename($file));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
ob_clean();
flush();
readfile($file);
exit;
}
This will force the download. If the user isn't logged into your session then you can serve an error message or similar.
Have you looked at TestFlight https://testflightapp.com/ or HockeyApp http://www.hockeyapp.net/ ?
For iOS only I'd recommend TestFlight, but if you distribute Android apps as well HockeyApp might be better. (TestFlight doesn't support Android at the moment)
Related
yos-social-objc-master
I have also the problem with yos-social-objc-master project i found in github. after login with yahoo credential. I always got a page and a code xxxx with below lines
"To complete sharing of yahoo! info with xxxx, enter code xxxx into xxxx"
So, I am not getting that where I should enter this code? And how will it redirect to my application.
So that I can get contact list. I have done R&D on it. but didnt get any appropriate solution. Please help me out,how can i resolve this issue.
I have found the solution though with a little overheads.
Steps are: 1> Create a PHP script in you own server (say named, YRedirect.php).
2> Pest the following code in it-
<?php
$query = $_SERVER['QUERY_STRING'];
header("Location: YOUR_APP_ID_OR_BUNDLE_ID://oauth-response?" . $query);
?>
3> Add an URL Scheme in your info.plist file with the YOUR_APP_ID_OR_BUNDLE_ID.
That's it and you are DONE with the authentication problem.
And then use YQL to fetch contacts.
I am working on an app where I have to use Yahoo account to login.
I had gone through this link and followed the procedure as it was there.But I am unable to get back to my app after authentication.After googling I found an answer here.Here he said that "Add an URL Scheme in your info.plist file with the YOUR_APP_ID_OR_BUNDLE_ID" I did the same,but unable to redirect from yahoo to my app.If any one worked on this please help me.Thanks in advance.
This is what I had done in my URL Schemes
where JCzOzd44 is my app ID.
In yahoo account while creating the app.what should I give in "Application Domain"
I didn't work with the Yahoo! API yet, but in oauth it works like that:
Create an url scheme in your app. You can do that in the Info section of your project settings (URL types). Name the scheme whatever you want, for example your app id.
When you authenticate your app, you can pass a parameter named oauth_callback. Here you have to pass the name of the just created url scheme.
This should be it - when the login is ok on the Yahoo side, it will try to open the app that is registered for the url scheme it got as callback parameter.
UPDATE:
From the Yahoo! API documentation - this is the call you do when requesting the oauth token somewhere in your code (I filled in your url scheme as the callback, this is how it should look like):
https://api.login.yahoo.com/oauth/v2/
get_request_token?oauth_nonce=ce2130523f788f313f76314ed3965ea6
&oauth_timestamp=1202956957
&oauth_consumer_key=123456891011121314151617181920
&oauth_signature_method=plaintext
&oauth_signature=abcdef
&oauth_version=1.0
&xoauth_lang_pref="en-us"
&oauth_callback="JCzOzd44://"
Of course the request should be signed.
I have found the solution though with a little overheads.
Steps are: 1> Create a PHP script in you own server (say named, YRedirect.php).
2> Paste the following code in it-
CODE
<?php
$query = $_SERVER['QUERY_STRING'];
header("Location: com-mycompany-myapp://oauth-response?" . $query);
>
Where "com-mycompany-myapp" is your bundle identifier
3> Add an URL Scheme in your info.plist file with the YOUR_APP_ID_OR_BUNDLE_ID. That's it and you are DONE with the authentication problem.
In your code
[self.session sendUserToAuthorizationWithCallbackUrl:#"http://yourdomain.com/YRedirect.php"];
Then, register a custom URL scheme for your iPhone application from your Info.plist file, and then setup your server side script to redirect Safari back to your application via the URL scheme you just set up.
Thanks for this valuable information. Following your instructions I got the auth & call back working and the php page loads the app.
I'm trying to scrape a website that first asks for a certificate. After you are authenticated it then will ask you to provide a username and password. Anyway I'm trying to use fiddler to see what i need to replicate and when i turn on it to "Capture traffic" and then I go to internet explorer and try to access the site it says " Internet Explorer cannot display the webpage " then when i turn off fiddler and try it again it brings me to the login page.
I've tried this link and i tried everything (Turning it into a .cer file and dragging into the folder also tried copy and pasting the code into the rule file to accept the certificate) and neither way worked. Does anyone have any other ideas.
Am I suppose to replace the fiddler root certificate somehow? or is there any solution that someone can suggest?
I figured out this problem. Just incase this trips someone else up. The oSession bit of code needed to be the first line after the OnBeforeRequest line. I don't remember where it was before but it didn't work. Example:
static function OnBeforeRequest(oSession: Session) {
oSession["https-Client-Certificate"]= "C:\\Yourcerfilelocation.cer";
//I omitted the standard code
}
Edit: OnBeforeRequest is a better method to place it instead of OnPeekAtRequestHeaders.
I am developing flash application as single swf file, without HTML wrapper (but for sure I have this swf located at my hosting). I have create application at developers section. The problem I have faced is: when I post this SWF to the my wall at FaceBook I can not get any call from this SWF of the URLloader or ExternalItreface.
For example, I need to do Signed Request in order to get user information but I have got Security Error which say that my domain cannot get information from apps.facebook.com
The request I am doing is a simple:
var urlRequest:URLRequest = new URLRequest("http://apps.facebook.com/my_app_name");
Is there any way to inform faceebok that my hosting is a security save?
If you want to grab things cross domain, the easiest way is to use a script on your server. If you're using php, you can easily connect to http://my.domain/my_script.php which can then CURL the info from http://apps.facebook.com/my_app_name or anywhere else. You can then (parse and) pass that info to your swf.
Otherwise, you're going to need permission from the target to add a crossdomain rule for you.
I have a toy facebook app I'm playing with so I can understand how it all works. It's fine if you go the the app like this: http://apps.facebook.com/pushup-challenge/ (and connect it). But if you then go to it from your facebook page, FB uses the URL http://apps.facebook.com/pushup-challenge/?ref=bookmarks.
In my log file, I see that FB is POSTing the data and including the /?ref=bookmarks to it's call to my codeigniter system. This is causing it to either say "invalid URI parameters" or give me a 404, depending on if I've edited the system/core/URI.php file to add rawurlencode() to a particular call.
I've tried using mod_rewrite to get rid of the query_string, too, but since it's POSTing, it doesn't appear to be working (though I'm not exactly sure why).
Has anyone else run into this? How did you fix it?
Thanks in advance,
Hans
try $config['uri_protocol'] = “PATH_INFO”; and set enable_query_strings = TRUE
or
set
$config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-?=';
in config.php
Because it isn't calling your file by name (just ?ref=bookmarks) the server runs thru the standard default files: index.htm, index.html, index.asp. Because you need to accept a POST, you need a server that allows POSTs to htm & html if you choose to use those. Index.asp will accept POSTs on most servers, and that works for me.
SOLUTION: Add a file (index.asp), that calls the real app that you named in the App settings.