Does google drive SDK ios api support proxy setting? Currently I am using goodle drive sdk in my own ios application and I would like to know that is there anyway for me to set up proxy setting in the code or will the google drive will automatically add the proxy setting in the request?
google-api-objectivec-client doesn't support proxying at the moment. If you're not planning to use the client library, you can't proxify the requests.
Related
I am building a Xamarin iOS Native project for a iPhone app and i am using Google Maps for creating Routes to several delivery points.
I registered for the Google Maps API but i have troubles with the security of the API key.
In my project i have installed the Nugget package for Xamarin.Google.iOS.Maps and set the App restrictions to my iOS Bundle name. When initializing the MAP all works fine.
BUT we also use the Direction API for setting up routes to different points of the map. But this call function method is a HttpClient call to a JsonAsync call. The Google API denies the call because it did not work with the Bundle name because its a HtppClient Call.
The project is installed on Mobile devices so restricting with a IP address is not a option for us. No restriction AT ALL is also bad for the security.
So my question is : How do I secure this?
Please note that web services cannot work with API keys that are Android/iOS restricted. Web services are server-side and can only work with API keys that are either unrestricted or restricted by IP address.
To resolve your issue, please create a second API key to use for web service requests only.
The public docs on best practices when using API keys has also some suggestions for when IP address restrictions are impractical as with the case with mobile applications.
When using Maps Web Service APIs in these scenarios, secure your apps using one or more of the following techniques:
-proxy server
-obfuscation
-pinning
References:
https://developers.google.com/maps/api-key-best-practices#api_key_table_sup_5
https://developers.google.com/maps/api-key-best-practices#proxy_server
I have a webrtc application and I am using Google TURN servers used by appr.tc in my own app and it's working fine.
Any idea what are the limitations and implications of using Google TURN server in my own app?
I am developing a web application which makes use of the Sony Camera API with an Alpha 6300.
The web-app needs to access the camera and internet at the same time. Therefore, I am using a laptop with two network adapters, one connecting to Wi-Fi and one to the camera access point. I got this to work without the discovery phase, which is not possible from a browser (that's ok, the IP address of the camera is always the same).
However, in order to get it working on the production server (which is secure), I need some ugly hacks, due to the camera endpoints being only available in HTTP (no HTTPS) and with no CORS headers:
I need to use a Chrome extension to bypass CORS
I need to click on 'load unsafe scripts' in Google Chrome
A quick solution would be to pack everything in an Electron app, thus overriding Chrome's (more than legitimate) security concerns. However, this would strongly complicate the deploying and testing process. I would rather go with a web-based solution, if possible.
Anybody knows if there's a way to enforce HTTPS and set Access-Control-Allow-Origin on the Camera server?
You can use a local CORS proxy. That's what I've done for development.
I went the similar route of "Electron" for disabling the same origin policy, only I used PhoneGap because I needed this for a phone.
Can I consume a web service in a MobileFirst application without a MobileFirst server?
Yes, you can use your MobileFirst app without the need to connect to a MobileFirst server.
The drawback of not using the MobileFirst server is that you'll be loosing all of the features it provides like authentication, security, adapters, unified push notifications, direct update (for hybrid), remote disable, and other features.
If you want to make a request to any endpoint you can use WLResourceRequest (available from version 7.0 onwards) or any other native method to make HTTP requests.
Information on how to use WLResourceRequest
Android:
https://www-01.ibm.com/support/knowledgecenter/SSHS8R_7.0.0/com.ibm.worklight.apiref.doc/html/refjava-worklight-android-native/html/com/worklight/wlclient/api/WLResourceRequest.html
Hybrid:
https://www-01.ibm.com/support/knowledgecenter/SSHS8R_7.0.0/com.ibm.worklight.apiref.doc/html/refjavascript-client/html/WLResourceRequest.html?cp=SSHS8R_7.0.0%2F9-0-0-1-31
iOS: https://www-01.ibm.com/support/knowledgecenter/SSHS8R_7.0.0/com.ibm.worklight.apiref.doc/html/refobjc-worklight-ios/html/interface_w_l_resource_request.html%23a004749b662c6f4a55a3b76e47f7e6062?lang=en
If the call is for example to an external resource you can use the same plain regular AJAX calls as you would anywhere else.
If the resource is protected by MobileFirst Platform, then you must use adapters. Adapters must go through the MobileFirst Server.
Use it like simple IDE to develop application(Native and hybrid).You can use client side API also that do not connect to the mobilefirst server.
You cannot use a mobile first app if you are using MF 7.0 or higher without a server, as soon as you launch the app it invokes an authorization request something like following:
<< domain >>/<< context >>/authorization/v1/clients/instance
Which connects to your workflight server and if it doesnt get response it will fail.
As far as invoking a web service is concerned that is just javascript if you are doing hybrid you can use AJAX as mentioned in another answer. If you are building native IOS or Android you can invoke http request using sdk libraries.
Cheers !
I'm interested in using Azure Mobile services with SPA applications... perhaps with PhoneGap and or Kendo.UI as well.
I would like to add authentication to my app, and am looking at Azure Mobile Services. What isn't clear to me is if I can use Zumo (mobile services) to authenticate my app?
Example
User downloads app from store (or uses HTML5 caching to store the app)
The SPA app connects to Azure Mobile to get the OAUTH credentials
The Credentials secure my REST calls to the database (as secured by Azure Mobile)
Can anyone clarify if this architecture is possible?
You can definitely do this. If you go into the quickstart page after creating a new Mobile Service, you'll see one of the supported platforms is HTML/JS. You can download that quickstart application to run a local website that will connect to your Mobile Service and can set up authentication using this flow (http://www.windowsazure.com/en-us/develop/mobile/tutorials/get-started-with-users-html/). Dropping this into a PhoneGap application is very simple and just requires downloading the jQuery and Mobile Service javascript files locally (phonegap can't reference remote JS files). The bulk of the HTML can be the exact same. You'll just need to take the JS from the HTML/JS quickstart and drop it into the onReady method (I believe that's what PhoneGap calls once the device is ready for you to use). Hope that helps.