I made the MAC app and submitted for the review. But Apple has rejected the app and gave following reason;
The use of non-public APIs can lead to a poor user experience should
these APIs change in the future, and is therefore not permitted. The
app includes ': OBJC_IVAR_$_NSWindow._contentView' from the framework
'/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit'.
I have used third party files of OBMenuBarWindow.h and OBMenuBarWindow.m files.
Can you please tell me what can be the issue? and how to solve it?
Thank you
Related
Recently I deployed an app to the internal testing track in the play store. I had to fix the app package name to do so - my mistake naming it poorly in development - and it may be responsible for breaking something, mysteriously, in the Google OAuth system.
The error that Google displays is useless... It tells me I violated a policy! But not which one. It just says something about the redirect_uri.
I've been staring at the message "You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy for keeping apps secure." for days now, tearing my hair out. Apparently almost nobody else has seen this message, and it's not documented.
I had suspected I was using the wrong SHA1 certificate, but though it may have been incorrect, fixing it has not helped it.
Using the old (pre play store) package name in the cloud console works in dev, but not in production. Yes, I have a separate client id for the dev (signed with the default SHA1 for local dev) and a client id for the play store signed app... I'm pretty sure I've got it right now, though again, no details, I don't know. There's a reason I'm so obsessive about error codes and exceptions when I build software myself!
The only thing I've been able to do to change anything is by manually messing with the redirect_uri that expo-auth-session sends to Google, which sometimes causes a redirect_uri_mismatch... This indicates to me that the redirect_uri I'm using is a match? Meanwhile, redirect_uri_mismatch is a documented error code, but not redirect_uri.
What makes this more annoying is that apparently Google cloud OAuth config can take a long time to update, apparently up to a couple hours, but I have no idea when it's updated... So I can't tell if I'm testing against the propagated config changes? Huh??
I happen to believe that the lack of diagnostic info itself is a bug (how can you debug an opaque failure? An undocumented error?), But it seems like Google does not agree?
If it's helpful, I've been using Google OAuth for a year now for the web app part of this project... Never had this problem. I'm ready for launch. This is the only thing blocking. What am I to do?
There is a similar discussion about the Nest app, but that is attributable to the phase out of unsafe schemes: https://community.home-assistant.io/t/nest-authorization-error-error-400-invalid-request/399388
On https://glass.google.com/myglass, apps that require a login do it from the website before installing the app. How can I create an app that requires a login like this? I can't find anything in the documentation about it. Also, how can I test the app since it would not be in myglass?
Although Google has worked with some partners to get GDK-based Glassware in MyGlass that use auth, there is no public method to do so yet. This is a frequently requested feature, and you can expect that once the GDK leaves Developer Preview, it will be available.
Until then, you will need to test your app by sideloading the app onto Glass. If you're testing for yourself, you can hardcode the auth into the app, and many people have hacks that use QR codes.
Keep in mind that this only holds true for GDK Glassware. Anything built with the Mirror API has authentication as part of its web-based initialization which you can trigger without having to go through MyGlass.
Currenlty, Google Glass apps implemented with GDK do not have access to authentication support. The Google Glass team has accepted this issue to be implemented, but it is not there in XE12. Information from the Glass Team indicates that such authentication will be through the Account Manager, when it does arrive.
Only speculation and rumors about when that will be! (Though I will look at XE14 carefully when it comes out, moving Glass Android to 4.2.2 (KitKat).)
In an application I made for Mac, when I ran the process for validating the archive, it came up with the error:
The archived application has entitlements that require Mac App Store distribution.
The invalid entitlements were:
com.apple.developer.aps-environment.
I looked at this link: Enabling Push Notifications and the entitlement, I think, is in relation to the push notifications.
I tried adding the
com.apple.developer.aps-environment
to my entitlements file as a boolean set to YES, but the error still came up.
How can I fix this?
It looks like you're maybe trying to sign the app for distribution outside the App Store, and Xcode is telling you it's not going to let you do that because you're using App Store only features.
I'm no expert in signing stuff, but to get my last app to submit I signed it with the "3rd Party Mac Developer Application:..." identity, not my "Developer ID:" identity. The latter is only for when you're distributing apps directly to customers from your own website.
It's not a boolean. It's a string that's either 'development' or 'production'. It's also only for apple store only.
I am going to develop an iOS app for my web application so I will be working on an API Service that the iOS app will consume.
My question is :
How can I make sure to protect the access to my API ?
My main concern is just that I don't want someone else to use my API in order to duplicate the content to another app or website.
Thanks in advance,
Unfortunately this is very difficult to do. In short, you can't do this with 100% assurance because once your code is in the client's hands you have no control over it. Check out this StackOverflow question: Security When Using REST API in an iPhone Application
You may also find some value in this StackOverflow question as well: https://stackoverflow.com/questions/15390354/api-key-alternative/15390892#15390892
Is it possible via objective-c to find information (such as the names) for other apps installed on an iPhone from my app?
If you mean a "legal" way to do this and get the app in the AppStore, then no, Apple does not provide such an API. And they probably never will, because this will go against the users' privacy.