For a calendar app, I want to sync users calendars (events) to my database. For now, I need title, start, end, recurrence and reminders/alerts. I am thinking, I will get these information from app and store it to a database. To make things easy (implementing recurrence maybe hard), I thought of using a hidden Google Calendar account on the server as a database.
Server will use a "hidden" Google Calendar account
App (iOS) will get calendar information from user's iCal via EventKit
Passes server this information which is saved to Google Calendar
So 1 user calendar becomes 1 hidden google calendar
But I think I might encounter some problems with API limits?
I might need to re-authenticate to refresh the access token? Is there a token I do not have to refresh?
Is the limit on the number of calendar I can have 10,000? What if I need more? Isit even possible? Or is it 10,000 for "a short period of time".
Is this possible? Or is the only option a self build system.
The quota for the Google calendar API is Queries per day 1,000,000 if you go over that you can always request additional quota as far as I know it doesn't cost anything to extend your quota.
Once you have authentication to a user Google calendar account you will receive a refresh token. The refresh token can be used to gain a new access token when ever you need to access it. Refresh tokens don't expire unless a user removes your access.
Related
Non-technical person here 🙋♂️
I'm having an issue where (using the Oauth 2.0 Playground) I authorize an internal user's GMB account and configure real-time notifications to be sent to our GCP topic. Every few days or so, notifications stop getting sent to our topic and when I check the notification settings for that account, they have been subscribed to an unknown GCP topic. I can reconfigure the notifications settings again, but every few days they are reconfigured to the unknown GCP topic.
It's possible some other app is overwritting my changes periodically, but I am having trouble figuring out where they're coming from.
Is there a log I can review to know where the request to change the notification settings is coming from?
When using the OAuth 2.0 Playground to configure settings, do they "expire" at some point? If so, is how do I prevent that from happening?
Thanks in advance for your help!
You can start looking into when and who created the unknown GCP topics by checking your Cloud Logging for created topics. You can do this by:
Open your Google Cloud Console
Open "Logging"
There should be a "Query" tab and select it.
Input protoPayload.methodName="google.pubsub.v1.Publisher.CreateTopic" and click "Run Query". You can check this reference if you'd like to see other logs related to Pub/Sub.
Click "LAST 1 HOUR" to adjust the time parameters of your log query. (Example: adjust it to a whole month to query all Created topics within a month)
Click the ">" beside the result and expand the log.
There are lots of info like the created topic name, what email authenticated this request, etc. In your case you should look out for field authenticationInfo for you to check who invoked the request:
authenticationInfo: {
principalEmail: "email-used-to-create-the-topic#example.com"
principalSubject: "user:email-used-to-create-the-topic#example.com"
}
NOTE: For testing purposes I blacked out my project-id and email for this example. Also the topic I created is log-this-topic and the email in the log mine since I was the one that created the topic.
OAuth have set rules for expiration, you can check it on Refresh Token expiration.
I am building a react site where users can purchase a "day", "weekly" or "monthly" pass for the content on the page. I only want to allow them access for a day if they purchase a day pass. Same for weekly and monthly. I am using JWT to keep users logged in. I have no idea how to create the functionality to verify if they should still have access or not. Would love some help. I am also using redux if that helps.
You need to start thinking about Authentication and Authorization separately. Your JWTs are (hopefully) performing the Authentication duty. The "limited access" you're asking about are the concern of Authorization. In other words: now that you know who this user is, what are they allowed to do?
You need to map your JWTs to some form of internal user id, and then determine if they can or cannot access the requested resource/endpoint/etc.
For example, you might allow all users to GET from /jobs to view the listing of job postings, but if they try to POST to /apply for a job, you verify that they are a "premium" user, with time remaining on their paid subscription.
I need to make an Apex Callout to Marketing Cloud when a Lead is created in Salesforce that matches certain criteria. I would like to use this MC Rest API - https://www.exacttargetapis.com/messaging/v1/messageDefinitionSends/key:Autoemail/send. The issue then is that I first need to authenticate with MC to get an Access Token to pass when making the above API call. Does anyone have a good way to persist the Access Token in a Salesforce org? I'm thinking of storing it in a Custom Setting and only updating it when an Apex callout goes to use it and sees that it's nearly 60 minutes old. Is anyone doing something similar? Thanks!
If you know that access token to external service can be expired and should be updated sometimes automatically, the better approach is which you choose - custom setting (or custom object for storing it).
If this token can be hardcoded one time and it will not be changed for a long period, you can checkout Authentication Settings for External Systems functionality.
This sounds like a popular scenario, but I can't find direct answer nowhere...
I want to plot Analytics data in my app's admin area.
This area is used by multiple users of the company, and they have to authenticate to access this area. I plan to use GA service account, but 'browser-key/domain' option seems only available for public api.
Can I use server auth (through node API), get the token, and pass it to user while logging in? Will the token be valid? Can I have multiple valid tokens simultaneously for all the users?
Or maybe there is some other way to do it?
Okay, I've tested it myself and the answer is:
YES, you get universal (max 60min) token with every request - so you can have many of them, and dispose to you client-side apps as needed.
I have now embedApi widget in my Angular.js dashboard for every user, without login.
How to know if a user is currently logged-in in your Google App Engine application?
The application allow its users to browse other users' profile. If the viewed profile is also using or logged-in in the application, i want a notification that the viewed profile is online.
How to achieve this requirements?
If you are managing user profiles, you know when a user logs in. At the end of the login process, just save the user's log-in information in the memcache somehow.
You will later be able to check if a user is logged-in just by searching for him in your memcache.
This way is easy to catch and track the connection events, but you also have to react when a user disconnects, to have your list up to date. To achieve this, you can use a Channel. See the google documentation.
You could, as Gaël suggests, use the Channel API to track this, but it's probably overkill. If you wanted to go that route, just listen for the connected & disconnected messages, and update a field in the db that indicates that the user is signed in.
A less expensive route might be to just update a field in your user's record that's something like "last time this user requested a page." If it's been more than n minutes since the last time the user requested a page, assume they're signed out. Indeed, you could even do this in memcache with a map from userid to last access time.
It comes down to what you want to do with the "signed in" information: if you just want to give a general sense of whether a user's around, or how many users are online, using the datastore or memcache solution is probably good. On the other hand, if you want to reflect the user's presence so they can respond to eg. IMs, then you'll probably want the Channel API anyway so you can immediately deliver messages to them.