I am using Circuit Unify to work. However, I would like to save or export messages in a conversation into a file to save for better documentation. Currently it seems impossible on Web App as well as Desktop App. Thus, I want to make an extension (or app?) to do the work.
My question is: Where is the best place I should start with? How can I make an extension to Circuit? Is it possible to make such extension (or app)?
Your comments and suggestions will be greatly appreciated
Your best option is to use the Circuit JavaScript API to retrieve the messages using the API getConversationItems for example. Each item (aka message) contains the url(s) to download its attachments.
Now there are a few different ways this could be done.
Option 1: Using a bot
Create a bot (client credentials grant) that can be added to a conversation by a member of this conversation using the regular "Add participant" button on the Circuit client. This bot then has access to all messages of this conversation and can listen for new messages being posted. The bot can listen for a specific message (command) being sent, such as /export. When this command is sent, the bot retrieves all the data of this conversation to be exported, creates a pdf (or what ever format is required) and attaches this to the conversation. Alternatively the bot could also save that pdf in some other location, but that may pose a security issue.
Option 2: Using a separate web app
Create a web app on which users login using their Circuit credentials via OAuth (implicit or authorization code grant type). The app then acts on behalf of the logged on user. The app can list the conversations the user has access to (getConversations API) and show a button to export the selected conversation. The app then does the same as the bot in option 1 to create the pdf, but instead of posting the pdf to the conversation, the web app will download the pdf.
Option 3: Create a chrome extension
I do not encourage this option as there is no official way yet to extend the Circuit webclient. This means a new Circuit webclient version may break the extension. Using the chrome extension it would be possible to add an "Export" button in the UI and using some internal APIs get the data to be exported.
There is a plan to create official extension points to allow the developer to extend some part of the Circuit webclient and also use the JS SDK in a Chrome extension.
Note: You could also use the Circuit REST API instead of the JS SDK to
retrieve the messages.
Related
It appears that it's impossible to do this with the way the API operates currently, but I want to confirm that I'm not missing something.
I want to migrate messages from a 3rd party app into Basecamp via the API as they exist in our old project management system and we'd rather not lose them. I began exploring this idea and immediately ran into the issue that because I'm authenticating via oAuth, I'm tied to a specific user account. On top of that, the API endpoints that I'm using (messages, replies, etc) do NOT have the ability to pass a user id or other identifier via the create method (or update).
Am I missing something or is there no way to import content as another user (even as the account owner) via the API?
I'm building an API and a Mobile APP in Xamarin. I don't want to confirm the phone number as I'd have to use Twilio or other SMS providers, instead, I want to confirm an email. At the same time, I don't want to create an email token to be sent to the user with a link to click, as API is not MVC and won't have any views.
Instead, I want a 6 digit code to be emailed to the user and then I will create an endpoint in the API where the user will submit that code via the mobile APP, to confirm the email. For example:
var code = await _userManager.GenerateChangePhoneNumberTokenAsync(newUser, newUser.Email);
This creates the code, notice I am passing users email rather than the phone number. This code is now emailed to the user, and the user enters this in the mobile APP. Then:
var confirmed = await _userManager.VerifyChangePhoneNumberTokenAsync(newUser, code, newUser.Email);
This confirms that the code is correct. The boolean resulting from this I will then use to manually set EmailConfirmed in the DB to true
It works. Is it acceptable though? Is there any reason why I shouldn't be doing this?
One reason that pops up is that even though it's just a validation code, semantically the function is for phone codes, so it could have some "gotchas" introduced in the future if you use it for e-mails.
By reading the source you can see that the implementation is currently based upon RFC 6238: Time-Based One-Time Password Algorithm, which is generic enough for the e-mail usage as well.
Thus, you know that by using the same method, it's as secure as the RFC 6238 specification as implemented in ASP.NET Identity Core.
You can't just use the class because the access modifier is internal, but following the same idea, there are OTP Libraries for .NET based on the same principle.
Using one of them would ensure that the implementation is as clean and generic as possible in my opinion, but for the quick and dirty solution with the current version of ASP.NET Identity Core, I'd see no issues with the approach.
we are trying to build an application which is accessable via onetime passwords without a "user" having the need to register.
We did came accross the term magic-links sent via email, but there is only some old experimental keycloack extention for this.
Is there any way to build some auth flow like the following with keycloack?
User A is a fully registered User creating some document. This document needs some interaction with a Third Party Person (TPP) not registered.
Now User A sends an E-Mail invite to the TPP with a link to the document. When the TPP opens the link our application should ask for the email address and send a magic link or code to this email. Whith that email or magic code the user gets access to the document for the time it takes to complete the approval process. After the work of the TTP is done, the access should expire (or expire automatically after X days not used).
It does sound quite similar to what is possible with SaaS offerings like https://magic.link/ or https://www.arengu.com/ but we are using keycloack and would like to integrate it into it as well.
Does anyone have an idea how to achieve this with keycloak?
I know this is outdated, but perhaps someone else coming along may find this useful. There is a newer implementation of this feature provided here: https://github.com/p2-inc/keycloak-magic-link
We have found it usable and useful for our needs and works well in the latest version of Keycloak (18.x).
I am using the Slack API to upload files. https://api.slack.com/methods/files.upload
If you include a channel when you upload a file to it becomes accessible to everyone in that channel, otherwise it is only available to the person who created the API key. Also, when a file is posted to a channel it displays as the user who created the API key.
Questions
Is a way to share with everyone on a team without posting the file in a public channel?
Is there a way to upload a file as another user or as a bot?
I tried files.sharedPublicURL, but these links allow anyone to view files. I want to make file accessible only to a slack team.
There is an option when on the channel info pane when you click "View all file in #channel" to "Include files from integrations & bots". This seems to indicate that it is possible to upload files as a bot.
Sure, by choosing in which channels you share the file, you can control who can see it. That also works with private channels.
No, a file must always belong to a user, a bot would not be sufficient. Also the file is always owned by the user linked to the access token used. If you want to rather use a generic user, A workaround is to create a generic user fort you Slack that is only used for bot-related tasks. (Mine is called slackadmin)
I want to make an application witch involves logging into google. It is basically a small application to always have your gmail with you without always having to go to the web browser and log in. Basically what I want to do is, when the person signs into their google account (or the page url changes) I want the webbrowser to refresh and go to a new point in the form and create an animation using a timer. I dont need help with the animation, I just need to know how to link it together with the person signing into google. And also, If it's possible I would like to have the person log in without the actual google web interface, but with 2 textboxes and a button. I am using Visual Studio 2008 and help with my application would be greatly appreciated!
One of the great things about GMail is that it gives you Pop3 access to the mailbox. Your application should be able to use Pop3 to login to the mailbox directly and not require the user to use the google web page (or any web page) at all.
This would be much more secure and fault tolerant than highjacking a browser session or scraping a web page for emails (as your application would break as soon as google updated the gmail app or the user changed their preferences).
You should be able to find numerous Pop3 tutorials, libraries and samples on the net (and most probably here on SO).
If you still insist to use the web browser control, you should investigate crafting your own HTTP-Post query to the page that takes the GMail login. Once you craft the correct message (including the user's username and password as the appropriate POST variables) you should be able to login directly.
Finally, you might want to have a look around on code.google.com as I'm certain this has been done before and you will most likely be able to find some sample code (whichever way you go).
Good Luck!