Handling the Post event on Google Interactive post - google-plus

I use Google Interactive post to let the logged in user invite external users to the site. I would like to register the invite on my site only once the user has chosen to post to one of his connections on google plus.
Is there a way to handle to the post event and know whether the user has posted or not and invoke a handler accordingly?
Here's how I call it today.
var options = {
contenturl: myurl,
clientid: googleappid,
cookiepolicy: "single_host_origin",
prefilltext: text,
calltoactionlabel: "START",
calltoactionurl: somethingstring,
recipients: connectionid,
onClick: doSomethingOnClick(),
};
gapi.interactivepost.render('submit', options);
Just like the onClick is there some event like onPost that is supported?

There's
onshare: function(response){
console.log('callback done');
// These are the objects returned by the platform
// When the sharing starts...
// Object {status: "started"}
// When sharing ends...
// Object {action: "shared", post_id: "xxx", status: "completed"}
}
It's undocumented, but I just tested it and it worked.

Related

Did not receive SMS from Cognito even thought it's a successful request

I'm unable to receive an SMS from using resendConfirmationCode method from amazon-cognito-identity-js. Even thought the request was sent successfully with a sample response of
{
AttributeName: "phone_number",
DeliveryMedium: "SMS",
Destination: "+*******xxxx"
}
I have the following code that will be called once a user submit a form.
function resendConfirmationCode(username) {
const cognitoUser = new CognitoUser({
Username: username,
Pool: userPool,
});
return new Promise((resolve, reject) => {
cognitoUser.resendConfirmationCode(function (err, result) {
if (err) reject(err);
resolve(result);
});
});
}
From my perspective, I think my code works well. I have done signUp, and the SMS got sent if the user was new. However, when I used the resendConfirmationCode I got the above response. I have already verified my phone number in Amazon SNS Sandbox. Is there something I missed?
So I wasn't reading carefully,
Turns out there's a thing called Account spend limit, you can check it on Amazon SNS > Text Messaging (SMS) > Text messaging preferences.
I'm glad that Amazon put $1 on default. Apparently I have no idea that we're charged for SMS verification. (A bit naive, but Amazon got most the free stuff so I thought that's somewhat free too).
Thanks AWS! This information is hard to find thought. Hopefully this helps.

How do you test user flows that involve confirmation by email?

I mean functional or E2E testing. That's all clear with generic flows, but when it comes to transactional emails (signup confirmations, password resets, purchase notifications and others) it's still bringing questions. After some research I came up with a few ideas. One is to leverage Restmail.net API (here examples with Selenium WebDriver and Cypress - http://dsheiko.com/weblog/testing-sign-up-flow-with-activation-by-email). It's free, but API is public. So it's not really suitable for email messages with potentially sensitive information. Another approach to access Gmail inbox via IMAP bridge or Gmail API (here the explanation and code snippets - https://docs.puppetry.app/testing-emails/example-with-imap-bridge). But again, it's rather a workaround.
I know there are guys like Sendgrid, Mailgun, Email Yak, Postmark. I don't want to pay that much. So how do you folks do it? It it a thing to you?
We're doing this using Mailosaur email addresses for our test users. We then use a cypress custom command to query Mailosaur for the expected email. It was super easy to set up.
Here's the main part of that custom command, which is all we had to add to start doing email testing. You can refer to their API docs for what query, mailosaurServer, and MailosaurApiKey should be.
Cypress.Commands.add("getEmailFromMailService", query => {
return cy
.request({
method: "POST",
url: `https://mailosaur.com/api/messages/await?server=${mailosaurServer}`,
body: query,
headers: { "Content-Type": "application/json" },
auth: { user: mailosaurApiKey },
})
.then(response => {
expect(response.status).to.equal(200);
return response.body;
});
});
You could create a post request for the "forgot your password" and then assert on it.
something like:
cy.visit('yoursite')
cy.get('#forgotpassword').click().then(function (xhr) {
cy.server()
cy.request('POST', 'APIforForgotPassword').as('sucessfullemail)
})
cy.get(#sucessfullemail).then(function (xhr) {
expect(xhr.status).to.eq(200)
Cypress.Commands.add('ConfirmUser', () => {
const confirmationToken = null;
cy.request({
url: 'http://localhost:3000/api/confirmation_token?email=test_user#cypress.com',
followRedirect: false
})
.then((resp) => {
confirmationToken = resp.token
})
cy.visit('/en/confirmation?confirmation_token=token')
})
Create the API that requires the email as a parameter and returns the confirmation-token. call the API from cypress commands as ajax-request and get the response token

Retrieve Google+ activity list of an user

I need to get the list of activities of an user in Google+. My coding platform is node.js Express framework and I'm using google-api-nodejs-client package.
var googleapis = require('googleapis');
var auth = new googleapis.OAuth2Client();
var accessToken="XXXXXX......";
googleapis
.discover('plus', 'v1')
.execute(function (err, client) {
if (err) {
console.log('Problem during the client discovery.', err);
return;
}
auth.setCredentials({
access_token: accessToken
});
client
.plus.people.get({ userId: 'me' })
.withAuthClient(auth)
.execute(function (err, response) {
console.log('My profile details------>', response);
});
client
.plus.activities.list({
userId: 'me',
collection: 'public',
maxResults: 100
})
.withAuthClient(auth)
.execute(function (err, response) {
console.log('err----------------------------->',err);//EDIT
console.log('activities---------------------->', response.items);
});
});
I got my profile details. But the activity is returning value: null. I checked my Google+ page to make sure that I have public posts. Also, I shared some posts to 'public' myself. Please help me find the bug in my code.
EDIT
Actually, there is an error. I found it by logging the value of err object in console as advised by Ryan Seys.
err--------------->
{
"error": {
"errors": [
{
"domain": "global",
"reason": "insufficientPermissions",
"message": "Insufficient Permission"
}
],
"code": 403,
"message": "Insufficient Permission"
}
}
It would help if you provide the value of the err object but here's a few thoughts:
Do you have Google+ API turned on for your project? See https://console.developers.google.com/ and the APIs and auth section of your project to enable the API.
Are you requesting the right scopes for user profile data. See https://developers.google.com/apis-explorer/#p/plus/v1/plus.activities.list to try out the request. Click the OAuth button on that page to see the different types of scopes you may like to try requesting from the user. Some of the scopes I see right now are:
https://www.googleapis.com/auth/plus.login (Know your basic profile info and list of people in your circles).
https://www.googleapis.com/auth/plus.me (Know who you are on Google)
https://www.googleapis.com/auth/userinfo.email (View your email address)
https://www.googleapis.com/auth/userinfo.profile (View basic information about your account)
Try adding an empty body field to the API request. This is a caveat of the current API client and some requests require you to enter a default empty {} after the parameter object.
client
.plus.activities.list({
userId: 'me',
collection: 'public',
maxResults: 100
}, {}) // <--- see the extra {} here!
.withAuthClient(auth)
.execute(function (err, response) {
console.log('activities---------------------->', response.items);
});
I think the problem is that you are specifying an empty fields parameter to client.plus.activities.list() instead of not providing a fields parameter at all. This tells it to return no fields for the results. Since the fields parameter is optional, you can omit it completely.
Try something like:
client
.plus.activities.list({
userId: 'me',
collection: 'public',
maxResults: 100
})

Cannot Checkin Through FB.api (javascript)

With the javascript sdk (FB.api), I cannot checkin on behalf of user.
(The user has granted publish_stream permission to my app)
Since facebook's API keeps changing, confused for some time. After searching and reading from internet, I think it's the right way to publish a checkin. Any help is appreciated.
var params = {
method: 'POST',
place: 107297282684980,
message: 'hi',
coordinates: {
'latitude': 22.204284439454,
'longitude': 113.54313260065
}};
FB.api(
'/me/checkins',
params,
function(response) {
if( response )
alert('Checkin Completed!');
});
It was deprecated at July 2013. You should check the changes from the URLs provided at the question comment.
And follow the instructions:
https://developers.facebook.com/docs/opengraph/overview/
https://developers.facebook.com/docs/opengraph/getting-started/
As FB Check-In is deprecated we can achieve the same thing with a post on FB with Location Attached using the following FB Graph Api post.
FB.api('/me/feed', 'post', {
name: 'SomeName',
message: 'SomeMessage',
place: yourLocationID
}, function (response) {});
Note : Where yourLocationID is the ID that you will get by the Graph search using https://graph.facebook.com/search?q=yourPlaceName&type=page&access_token=YOURTOKEN

Google Auth2.0 log out

I'm currently trying to make a site where the user can log in with his google+ account. Most of it is working. I get them to grant access to my website. They can log in and I get their name and user ID, and I show content specific to their google account on my site.
When however someone else wants to log in and I try to 'log out' of the site, the google log in still remembers that it just logged in and after logging out it instantly runs the code to log in again. If I delete the SSID cookie from google it doesn't do this, so I'm assuming that's where google stores the fact that I just logged in with x.
Is there a way to when I log out make google not instantly log in with the same account, but rather ask for the e-mail and password of a google user?
I feel like I'm missing something obvious here, but I can't figure out how to deal with this.
Code I use to Auth and get data:
<button class ="btn btn-primary" id="authorize-button" style="visibility: hidden">Log in</button>
<script>
var clientId = '';
var apiKey = '';
var scopes = '';
function handleClientLoad() {
gapi.client.setApiKey(apiKey);
window.setTimeout(checkAuth,1);
}
function checkAuth() {
//alert("authorize");
gapi.auth.authorize({client_id: clientId, scope: scopes, immediate: true}, handleAuthResult);
}
function handleAuthResult(authResult) {
//alert("authorized");
//alert(authResult.access_token);
var authorizeButton = document.getElementById('authorize-button');
if (authResult && !authResult.error) {
authorizeButton.style.visibility = 'hidden';
makeApiCall();
} else {
authorizeButton.style.visibility = '';
authorizeButton.onclick = handleAuthClick;
}
var token = document.createElement('h4');
token.appendChild(document.createTextNode(authResult.access_token));
document.getElementById('content').appendChild(token);
}
function handleAuthClick(event) {
gapi.auth.authorize({client_id: clientId, scope: scopes, immediate: false}, handleAuthResult);
return false;
}
var x;
function makeApiCall() {
//return;
gapi.client.load('plus', 'v1', function() {
var request = gapi.client.plus.people.get({
'userId': 'me'
});
request.execute(function(resp) {
x = resp.id;
var heading2 = document.createElement('h4');
var heading3 = document.createElement('h4');
heading3.appendChild(document.createTextNode(resp.displayName));
heading2.appendChild(document.createTextNode(resp.id));
document.getElementById('content2').appendChild(heading2);
document.getElementById('content3').appendChild(heading3);
$.post("token.php", {id: x});
});
});
}
When you make the auth call, set approvalprompt to force. This will force the consent dialog to appear every time. It overrides the default setting of "auto." You can learn more at https://developers.google.com/+/web/signin/#sign-in_button_attributes.
gapi.auth.authorize({client_id: clientId, scope: scopes, immediate: true, approvalprompt: force}
After the user authorizes your app, they are basically logged in to your app any time that they are also logged in to Google, especially when immediate mode is turned on.
What some sites do is have a logout link or button that displays a page or dialog that says something along the lines of "You're logged in to Google and this site with account blah#blah.com. If you want to switch accounts, go to google.com and log out of your Google session."
You can also track the logged in status of a user using your own cookies and setting and removing them during the appropriate events in your code. You would want to discard any tokens that your app obtained on behalf of the user during a log out event. When the user logged in again, they would not need to re-authorize your application with the popup (or redirect window), but you'd still get a new access token during the callback.