whatsapp business api docker images hash values from trusted repository - whatsapp

One of my project , my security team asking me to share the whatsapp business api docker images hash values to promote docker images to our own docker repository.
These values i couldn't find in facebook whatsapp documentation .
After pulling the images i can get the hash values but security team wants to compare the downloaded one is the proper one or not .
docker.whatsapp.biz/coreapp
docker.whatsapp.biz/web
How can i access the whatsapp business api docker repository in internet ? Any lead ?

I think what you're looking for is:
docker images --digests

here is the URL where i can get the digest value of the whatsapp buinsess api
https://bintray.com/whatsapp
https://bintray.com/whatsapp/dkr-releases/web

Related

Authenticating user without creating app manifest in teams app

Just because of authentication I need to create an app manifest and share the app manifest with users who want to test it .Is there a way to Authenticate user without creating app manifest so that I can directly share bot link with users.
Talking to your bot by ID is intended for basic testing purposes only. Any Teams-specific functionality you have added to your bot fails to work.
Doc ref: Talk to your bot directly by ID
In this example
Is is an OAUTH flow with Azure AD directory v2 without any app manifest.
This one is in java_springboot but you can find the same for your prefered langage in the samples directory. The number 18 (and all the others) in all samples is the example but in different langages.

Google Photos REST API with Angular/Java/dotNet

I am trying to connect to google photo in angular and been searching since last two days about google photos REST api but couldn't find any useful example.
Could somebody help me with this on how to use google photos api in angular. an example would be great if I get it working I will creating sample and put it on github or others to look at.
Another thing I am trying is to connect api without any user interaction. I have tried playgrounds but its prompting to authorize access as well. Idea is to build ionic app that can connect to my google photos without needing me to authenticate access to it with my id and secret.
my app would be in angular(ionic) or java(android) so would prefer example (if any) in those platform but ok with dotnet or php as well. Won't be able to use library in dotnet or php.
Thanks
Bhavesh

Cloud Storage customer access best practices

Let's say I have a use case where users can buy mp3 files inside an app. The objects are stored in GCP Cloud Storage . What is the best practice to deliver those objects only to the users that purchased the files?
After researching the topic I came up with three solutions:
Client calls a REST (e.g. one running inside App Engine) service. This service downloads the files from Cloud Storage and then sends them back to the client.
Instead of sending the files via the REST call, I could send the download URL (from Cloud Storage) to the client. This would be more cost efficient, however this sounds like a security concern to me as anyone who simply monitors his network could capture the URL.
Creating a (time-limited) signed url to allow the user the download
Obviously a permission check would have to happen first, e.g. a database that contains if user X purchased mp3 Y.
This problem could also be applied to Azure Blob Storage or AWS S3...
In your use case, you have a constant:
You need a backend to authenticate the user (for example Authentication performed with Cloud Identity Platform and hosted on App Engine or Cloud Run
You need to check the list of MP3 that it has bought (stored in Firestore for example)
And then, you need to allow him to download the file. On this last point I recommend you to generated a signedURL. Download URL exists only in Firebase area (maybe your project is a firebase projet?) but it's the same thing than signerURL. Finally I don't recommend you the #1 proposal. It will work, but in case of long download (because network is poor), the connexion will be interrupted after 60 seconds. And this will keep your AppEngine up for nothing (and you will pay for this...).

Need Whatsapp api for sending messages from my PHP project

i want to know if there is any whatsapp api that can help me to send messages from my php project because after some research i found that whatsapp doesn't have any api for developers..
someone can help me please?
I used Google :
A quick google search with the proceeding query : "WhatsApp PHP API" gives us many results , the first result is a github page made by mgp25 a well known member of the github dev community.
Good luck!
You are absolutely right that whatsapp does not published the api for the such chatting using php .
By the way you can use the sharing uri to share text messages who have whats appp installed in their device or web chat option for whatsapp
Chat API: https://api.whatsapp.com/send?phone=15551234567
Custom URL: Scheme whatsapp://send?text=hello world
First one is used to open chat with the desired phone number and the second one is used to share some test as custom url format.
Whatsapp is now maintain by facebook and it has created a api for business to communicate with customers .
This it has launched api for whatsapp as well as for Facebook instagram .
You can have a look on the documentation portal for whatsapp api for more details
https://developers.facebook.com/docs/whatsapp/api/reference
Also there are partners of Facebook who give ready made solution to the productivity.

Is it possible to create dynamic user permissions in S3 and How?

I've a iOS app and I would like my users to upload images to S3 directly.
I need UserX to be able to upload folders to __MY_BUCKET__/UserX/* Only. So that each one of my users have their own folder and only they can modify content in them.
Given that scenario I need to create dynamic permissions to my S3 bucket
Is that possible?
If it is... maybe I am in the right path or not....
What I've done so far is
I am using this guide to create Elastic Beanstalk with a Token Vending Machine. Then I used this other guide to configure the TVM.
Now my issue with that in none of the guides it shows an example of how to register a dynamic user (my app user) or how get the token from the TVM or how to say "Hey TVM, this userID needs upload access to __BUCKET_/ThiUserID/*" from a iOS app.
So I guess what I wonder, is how do I fill the gaps if what I am trying to achieve is possible?
I'm one of the maintainers of the AWS Mobile SDKs. The page you linked to includes projects for both iOS and Android that show how to integrate the customized TVM code in a mobile application. I suggest you look there and if you need further clarification, please update your with specific questions about the code.
You may also want to look at our web identity federation sample which is included with the SDKs. In combination with IAM policy variables, you can generate dynamic policies without the use of a Token Vending Machine.