iPhone/iPad Application Development Limitations - iphone

Its quite annoying sometimes when you have no authentic sources to confirm if particular tasks can be done using iPhone Available (Public) APIs. Whats the preferred way of finding it out?.
Shall we go through iPhone documented APIs,
Ask senior developers ( which i dont prefer, you should not depend on others too much and theres no surety about their opinions ).
Mail Apple ( by the way they offer only 2 technical calls/yr :) ,
Any other ideas?
what do u people suggest?
Thanks Guys!

The public APIs are documented on developer.apple.com in the iOS Reference Library.
However, the only absolutely authentic source on whether their use is acceptable is to submit an app and have it reviewed. Apple just added a review board if you with to appeal a review ruling, so that may be the new last word (unless you get the executive staff's attention (e.g. SJ)).
If you wish more facts before submitting an app, there are a few sites which show which types of apps are being accepted and rejected, and if so, for what given reason. However past acceptance of a type of app is not a precedent or guarantee for any future policy.
If you wish to try interpreting their rules and guidelines yourself, they are available as part of the Developer iOS Standard Agreement.
The Developer support people who answer technical question usually cannot answer review or approval questions, except to point you at the proper API documentation. (The reason may be that these are often legal, corporate policy or marketing questions, not technical questions.)

You can look at official review process from Apple here:
https://developer.apple.com/appstore/resources/approval/guidelines.html

Step 1 : Check the API.
Step 2 : If can't find an way in the API (may be you are looking at wrong API), use Google to find out whether it can be done or not.
Step 3 : If you can't be sure using Google, then ask SO.
IMO, Asking Apple is never an option.

Related

Possible to have Facebook review a concept before building it?

We're building a piece of functionality that will require approval for users to mention friends in posts from our app.
It's quite a complex piece of development and we're not 100% sure if Facebook will approve it, so rather than spend ages coding it only for it to be rejected by Facebook we're looking for a 'leaner' approach and wondered, is it possible to describe our concept and the action in question (in slides and description paragraph) to see if they approve it in principle first? Then obviously we'd have to build the full version of it for them to approve it for use.
Anybody got any experience of this?
First, describe your features in the official Facebook Developers group: https://www.facebook.com/groups/fbdevelopers/
If you don´t get any good answer, you may need to create a prototype with basic functionality. Design implementation is irrelevant, just create the part that´s relevant for review and explain what you want to do with videos and screenshots. It must be functional though.

Can you extend Google Identity Toolkit to include facebook/twitter/etc?

I decided to look into using Google Identity Toolkit. I knew I liked the UI, and the idea of using a "federated" login system. I'm now having my doubts, as while my site works well with gmail/ymail/hotmail etc, it doesn't seem to support any of the social platforms.
Essentially, I just need an email address from people to be registered with the site, so I thought GITKit was the perfect solution.
Should I have gone down a custom route (like stackoverflow?), or have I missed some of the GITKit documentation?
Any help would be much appreciated.
I did do a fair amount of googling prior to posting that question. However, I have come accross some answers. Rather than delete my post - I guess I should share the information. If others thought the information was clear, please delete this thread!
Firstly, there is a page identifying how to add custom IDP's: https://sites.google.com/site/gitooldocs/customidps
There is also a sample site (http://www.openidsamplestore.com/localmapping/) which uses facebook.
How does the advanced demo work for identity providers who are not
E-mail providers, such as social networks?
The hardest part about
designing the advanced site was to find a way to handle all the
edge-cases that can happen with these types of identity providers.
Google previously published a summary of best-practices for
account-linking that describes why these types of identity providers
are so much harder to support. However this demo provides a user
self-service mechanism for all the tricky cases to avoid the costs
that a website might otherwise occur if those users contact a customer
support representative.
Finally, a best practices run-down is available here:
https://sites.google.com/site/oauthgoog/UXFedLogin/loginlogic
EDIT 1 :
If that identity provider asserts email addresses that it does not
host, we suggest you also implement additional account linking logic.
A future version of GITKit will add support for these type of
identity providers, such as social networks, which will avoid the need
to implement that logic
Perhaps GITKit is the future after-all... Would be nice to have an idea of the time-frame in which this support will be added though...
EDIT 2 :
Direct from the horses mouth (Eric Sachs # Google - Source Link):
That feature is not expected to be generally available in 2011. We
are shooting for Q1 2012
Looks like someone got it working back in Dec 2011 but there is still an outstanding issue with mapping the id returned to an email address. It was probably resolved:
https://groups.google.com/forum/#!searchin/google-identity-toolkit/facebook/google-identity-toolkit/2218yW4zXw8/28X7btJEh_sJ
Here is the documentation for the sample store including brief info on basic, mobile and advanced mode (using facebook):
https://sites.google.com/site/oauthgoog/Home/openidsamplesite
An out-of-the-box IDP for facebook and twitter has not yet been released.

Exceptions to no private API usage in iOS?

My company is looking to develop an iOS application which would need to make use of private APIs to function - in fact use of such APIs is the entire basis of the program (I'm purposely not revealing details for business reasons).
My question is, is there any chance that if we explained the situation, that Apple would allow an exception for our app to be approved even when using these private APIs? I believe we have a very legitimate reason to request an exception for the functionality we're looking for, so I'd just like some examples of any exceptions that have been made to the private APIs rule with details so that we can have a better idea of what might be expected from Apple. Thanks.
I'll be honest with you: no. If you're looking to put this on the app store, no.
You may wonder how I know this with such certainty: I've worked with carriers that carry the iPhone, and I've worked with very large companies with whom Apple has working relationships (ie, you can actually talk to someone fairly senior at Apple). If Apple won't let carriers use private APIs, they not going to let you do it either. One 'legitimate' private API use might be to put recent call information into a carrier provided account app. Could be pretty useful, right? And the carrier already has this information, so no problem? No. It's a big problem. Apple just won't allow it. You have to get it from elsewhere (ie, via the carrier's own database).
There are no exceptions, and currently apps get statically analysed immediately after submission. If you call a private API your app will almost certainly be instantly rejected automatically by the static analyzer. It won't even go through manual review.
If you're looking to distribute on the app store, there are literally no exceptions now that code gets statically analyzed.
Put it another way: if Apple made an exception for your app they'd have to make an exception for every app. And then your unique selling point wouldn't be so unique any more.
Sorry I can't give you a more positive answer, but I speak from experience!
Its entirely possible, but extremely unlikely. they made an exception for UIGetScreenImage(); but that was because there was a very large number of developers who had filed radars for it.
I would suggest you file high quality radars for enhancement, explaining what you want and why. also maybe consider using a DTS to find out if there is an alternative way, or if they are able to get authorisation for it.

Permissions of a team member in iPhone Developer Portal

I want to know if there is a possibility to add a team member in iPhone Developer Portal that will have permissions (see / modify / update) ONLY to one application.
The reason - there is a big company (that has many applications in the App Store) that uploaded one of my applications and I have hard time to send an update to the application (can't access the guy that is responsible for all the iPhone applications).
I want to ask them to add me as a team member, but they might agree only if I won't be able to see/touch any other application except the one that I have developed...
Thank you.
I don't believe this is possible; there are no per-app permissions.
The available "roles" are explained here:
http://developer.apple.com/programs/roles/index.php
It seems a bit odd if they trust you to write an application that they've published under their corporate identity, but don't trust that you'll only change what you're meant to. Either way is seems the only solution to your problem is likely to be a non-technical one; you need to find a way to get to that guy, whether it's appealing to his better nature, or finding a path to someone more senior who can lean on him.

Has anyone found payment processor documentation very poor

Does anyone else find that the documentation of a lot of payment processors have poor or incomplete documentation as to how to use their API? Or it's just plain confusing?
Recently I have setup both PayPal and Beanstream and found that both are either confusing or don't include full documentation.
For example, in the BeanStream documentation, they say they will return a "message_id", which is great, but no where do they tell you what the different id's mean. It also comes with some text, so you can start creating a list, but there is no way to check to ensure you get either a valid one or the one that means it was successful.
Has anyone had this experience?
Edit: I will agree that when you email them they are helpful, but unfortunately most of them are only open normal business hours for general tech support (other than emergency) which isn't always useful as that isn't when it seems like I do my integration.
well, this isn't really specific to payment processor documentation, in that, all things being equal, well documented APIs will help encourage development. for what it's worth, i've worked with paypal, authorize.net, ups, and usps APIs, and didn't find them overtly confusing (not implying that they were a particular joy to get through).
that being said, i wish more documentation was like PHP's. despite it being such a scattered language, the documentation is really quite good.
Having worked with a lot of APIs, not only for payment processors but for lots of other ecommerce related web services, I have to say to that while the docs can be less than stellar, they usually aren't that bad, and if you send them an email or give them a call, they will usually be pretty helpful.
I have found the documentation and code examples from Authorize.net and Nova's ViaKlix very helpful. I stay away from PayPal.
This may not be much help to you, but as you get more an more experienced w/in particular domain the interfaces get easier. By weird twist of world, I've coded a whole bunch of credit card interfaces, and once you kind of get the lingo they all work the same.
The only other suggestion I would offer is to avail yourself of support resources in addition too the documentation provided. We recently worked with a relatively well known payment gateway, and while their documentation completely sucked (by their own admission as well), the support staff was incredibly knowledgable and more than willing to help out/explain.
I've used Realex and PayPal. Realex documentation is fine. Clear and straightforward. PayPal's is absolutely eye-bleedingly horrible. And I'm the kind of weirdo who enjoys reading documentation so much I've been known to read it for fun (I've read through the entire OpenID specificiation, even though I have no immediate plans to use it).
I've only worked with PayPal, but the simple version (where you just set up an HTML form on your web page and submit it with the PayPal button) is super-easy to work with. And if you're looking for near real-time payment feedback, I always found it easier to just write a program to check my PayPal email account periodically, and parse payment details from the body of the email itself.
I've had to use Authorize.net for several sites and the supplied documentation is 'just ok' assuming you are working in the somewhat limited technology sets that they supply sample code for. It was a breeze to get it up and running with PHP but considerably lacking when trying to pull off the same thing in ColdFusion.
Several other sites done via PayPal which IMO was a much better experience.
PayPal is a nightmare when it comes to setting up and testing the test account (Sandbox).
Re: Beanstream you have to login then you'll see the documentation link on the left hand side.
The design is so '90s and they recommend using IE.
Re: Paypal I adapted this code from http://www.php-suit.com/paypal for my Zend Framework project.
Note: you've got to have ssl:// socket transport wrapper registered otherwise (visible in phpinfo()) you'll have to tweak the code to use curl.
Here is how to get the code using SVN
svn checkout http://paypalphp.googlecode.com/svn/trunk/ paypalphp-read-only