I want to integrate salesforce with box via api not the default package.
Answered my own question since it took a while to discover all parts and might be useful for somebody else.
Install https://github.com/box/box-salesforce-sdk on a sandbox as an unmanaged pack.
Use BoxPlatformApiConnection class to authenticate, don't try to build your own tokens in apex.
Use https://superdry.apphb.com/tools/online-rsa-key-converter if you need to quickly switch between C# generated keys (RSACryptoServiceProvider) and openssl .pem formats.
Related
We want to integrate docusign with one of our applications built in Sharepoint Framework (React).
Requirement is not to upload any e-signatures on external servers.
Question 1: How and where to prompt users for first time recording of their signatures?
Question 2: Can this be achieved inside the application without having the user go to their email and sign by redirecting them to docusign's server?
Any documentation on above questions would be much appreciated.
Great question Aquib. Both these things can be done using the DocuSign eSignature REST API. I would recommend you look at some of code examples that show how to do these things here:
https://developers.docusign.com/esign-rest-api/code-examples
Specifically, let me answer your questions:
1. Users can select their signatures the first time they are asked to sign, whether this is done via an integration or via direct send from DocuSign application. The system will remember your selection. If you have an account you can also go directly to your account and change this under "preferences".
2. You would want to use "embedded signing" which is what we call the ability to embed signing experience in your integration. You can see code examples for this here - https://developers.docusign.com/esign-rest-api/code-examples/code-example-embedded-signing
I am curious to know of available options, that a developer can use to secure sensitive information inside the mobile application. This is to prevent anyone from breaking the app and use keys for some nefarious purposes. Example of sensitive data includes passwords of APIs, which app can use seamlessly in the background to retrieve data.
Code obfuscation can help but cannot prevent from stealing the information;
Local storage options such as nativescript-couchbase or nativescript-secure-storage -if my understanding is correct- depends on feeding the information manually after installing the app. But the information needs to be available inside the app at the time of shipping.
OAuth is not an option as it requires the user to login in order to receive the tokens. JWT is neither an option, as the APIs are protected just using basic authentication.
I am using nativescript/angular2 but i would appreciate any generic simple yet effective ideas..
I think you are looking for obfuscation here, securing the information within your source code. By default {N} has uglify plugin configured within webpack, it gives the basic obfuscation.
There is Jscrambler support which is paid.
Also, speaking of Sqlite, there is commercial version of the plugin that supports encryptions but I haven't tried it personally. You may feed your data into it and pack your db at build time then install the db on first launch.
I have an API that a user can query for data after that user authenticates against an OAuth2 provider that I maintain (i.e. not Google). Is it possible to expose data through this API to Google's Data Studio using a Community Connector? If yes, is it possible to use the setup outlined here https://github.com/gsuitedevs/apps-script-oauth2#setup against a non-Google OAuth2 provider? Thank you for your help!
I have not found any requisite to expose data through an API. So I expect that it is possible, but take into account the specific configuration requested when implementing it.
The setup outlined there is not official so you will need to test it unless someone has done it already or has enough time for it. The post is really detailed and has work behind, so I would give it a chance!
I have a google app engine application which needs to be given a public-private key pair. I don't want to check this into source control because it will be accessible by too many people. Since this is GAE I can't use the build system to write the keys to the file system of the server.
Is there a known best practice for this?
My first thought was does Jenkins provide a way to manage keys securely? I know I can just copy the keys to a location on the jenkins server and copy them into the build but this project will be used by third party teams so I need to provide a UI based solution in jenkins. I did not find any relevant plugin but I would like to make sure there isn't a better way before writing my own.
There are of course several approaches to this. I believe certificates are a concern of admins, not developers.
What we do is have custom admin pages where we upload certificates to blobstore under separate namespace. Then we have an internal "service" (just a simple factory) so that other pieces of code can retrieve certs.
If you are happy to use a cloud based Jenkins, we (CloudBees) have an oauth based solution at appengine.cloudbees.com
You could roll your own. It is not excessively tricky. You will need to
Register with google's api console to get a client key and secret and define the endpoints that your app will show up as
Write some way if feeding those credentials to your Jenkins build. I would recommend using the credentials plugin
Either write a build wrapper that exposes the refresh token to your build (python sdk deployment) or exposes the access token (java sdk... Got to love that the two sdks do the same thing in different ways)
Or use our free service ;-)
I'm new with moodle in fact create java application using GWT and deployed it to appengine, really it was about keystroke authentication in which detect the unauthorized users from their typing behavior on keyboard, so I make a text area that takes some data form key and send it to the server side and make some comparisons with data in the app store, i found that it would be Awesome if i add that to module meanwhile this application is my graduation project so when i integrate with moodle it is useful point for me. My question is how can i integrate my application to moodle taking in consideration that i use the appstore .
I suggest you look into something called IMS LTI. Here is a good video introduction to it:
http://vimeo.com/14100773
Before IMS LTI in order to hook into Moodle you needed to write a Moodle plugin. But using IMS LTI you should be able to just enter in some details about your app, like the url and a shared key and using IMS LTI user data and responses should be passed between Moodle and your app. Future versions of the IMS LTI standard will also allow you to pass grading information.