I'm trying to use twitter4j (in Java) to grab the list of users following a particular user who happen to have direct messaging enabled. Something like this...
IDs followerIDs = twitter.getFollowersIDs(someTwitterScreenName, -1);
long[] ids = followerIDs.getIDs();
for (long id : ids) {
twitter4j.User user = twitter.showUser(id);
String userScreenName = user.getScreenName();
String realName = user.getName();
//I'm hoping for something like...
///Boolean directMessagingEnabled = user.messagingEnabled();
}
The only problem is that I can't find any attributes associated with the twitter4j.User object that sound suitable (and also can't find any reference to it in the API documentation). Does anyone know if there's some way to programmatically find these types of users? Or perhaps twitter have deliberately excluded it? Thanks for any thoughts at all.
------EDIT-----
The documentation link from Yuri led me to this response from a twitter employee: "Determining if a user accepts DMs from all is not available via the public API. If you are a trusted partner please reach out via your direct Twitter contacts for details."
(https://twittercommunity.com/t/how-can-i-tell-which-users-the-current-user-can-send-messages-to/36127/4)
Also noticed that it IS possible to get the DM status for an already authenticated user using "AccountSettings.getAccountSettings().allow_dms_from"
This is discussed here
https://dev.twitter.com/rest/reference/post/direct_messages/new
There is apparently a whitelist for access you can apply for.
However it seems you mostly have all you need. The users following your account can usually receive DMs from you already. This doesn't cover the cases where the user either DMed you first, or accepts DMs from anyone.
But it is probably simplest to try sending and inspect the failures.
Related
I have the following rule in Firestore for read if true I recieve email that point anybody can read and my requests can be drained. I need some approach read action to be allowed only from my app.I don't have authentication in the app is accessible without registration.What can I do to restrict the access only from the app.I read can be set SHA1 key but not quite sure how to implement it.
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth != null;
allow read: if true;
}
}
}
There is no way to do that but there is a way around just add Anonymously authentication with firebase Auth Ui this way users will not have to create an email and they will be authenticated
another way is: try to make some parts which doesn't require security public for anyone to read .
I‘m afraid there’s actually nothing you can do.
Since you are using a backend as a service provider you will have to use some sort of authentication if you want to prevent certain people to execute certain actions.
This could be classic username/password authentication or a more modern means like oauth.
If you only want your application code to be able to access the database, consider setting up Firebase App Check for your project.
I’m making a dating application that provides ‘members’ information (Facebook profile) to a user’ just like other dating applications. And I used Facebook Graph API below but I would like someone to tell me about ‘how to provide other members’ information to a user’.
Firstly, I registered my application in Facebook developers
I was approved with functions I need to use through 'Submit Items for Approval' (my Approved Items: email, public_profile, User_photo, User_like, user_work_history, user_education_history)
Then, I created member DB through a server and as a result, I can check all users’ ID with interlocked Facebook login.
So if a user logs in with her/his account in my application, (s)he can call her/his detail information in the account. (User_photo, User_like, user_work_history, user_education_history)
But the problem is, the user needs to receive members’ information around him/her (User_photo) but it doesn’t seem to work. (public_profile information can be provided)
It means, after receiving the user’s ID, it is forwarded to a server to use {user-id}/albums and {user-id}/photos call source. But it still says there is no result for both. (Brings GraphUser information through Facebook login and brings user_id through GraphUser.getId() )
So I am wondering if only the information in the ID section of logged in account is visible, but it seems an application called highli*** is using the service.
I would like to request someone to help me to solve the problem of # 5,6? Please help me (Please see the source)
Bring album_id through the method below by using user_id information
new Request(Session.getActiveSession(), "/user_id/albums", null, HttpMethod.GET, new Request.Callback() {
#Override
public void onCompleted(Response response) {
} }).executeAsync();
Bring photo information through the method below by using album_id information
new Request(Session.getActiveSession(), "/album_id/photos", null, HttpMethod.GET, new Request.Callback() {
#Override
public void onCompleted(Response response) {
} }).executeAsync();
If the Facebook Graph API is returning no results (an empty array) then more than likely it is a permissions issue.
In order for you to access another user’s information, the other user must also have given the required permissions.
For example:
User A is requesting the information of User B. Both users must grant the permissions below for the following requests:
user_friends, user_photos
{UserB-Id}/albums
{UserB-Id}/photos
{Album-Id}/photos
I suggest using the Graph API Explorer to test your requests. Here you can mock a token for your app and also apply different permissions, even before Facebook gives you approval to use them.
You can find more info on permissions here.
What I want to do:
I am trying to make a simple program that posts 5-10 statuses, at a time, on a page's wall. The post to the page will have to be done under the name of the page.
I've read tons of badly written Facebook Developers documentation and I'm reaching the point of confusion where I don't even know what questions to ask. So her I am.
My code so far:
I manually got the Page Access token manually, by this method:
Go to https://developers.facebook.com/tools/explorer
At the GET request form, down there, fill in me/accounts
You'll get a Javascript representation of your basic user data. Find the page you want.
Note the access_token and id fields, we're going to use them in the code below.
Thus, after getting the page Access token manually (And the ID of the page, of course)
import com.restfb.DefaultFacebookClient;
import com.restfb.FacebookClient;
import com.restfb.Parameter;
import com.restfb.exception.FacebookException;
import com.restfb.types.FacebookType;
import com.restfb.types.Page;
import com.restfb.types.User;
/**
*
* #author dsfounis
*/
public class FacebookConnector {
/* Variables */
private final String pageAccessToken = "GOT_THIS_FROM_THE_METHOD_ABOVE";
private final String pageID = "THIS_TOO";
private FacebookClient fbClient;
private User myuser = null; //Store references to myr user and page
private Page mypage = null; //for later use. In this question's context, these
//references are useless.
private int counter = 0;
public FacebookConnector() {
try {
fbClient = new DefaultFacebookClient(pageAccessToken);
myuser = fbClient.fetchObject("me", User.class);
mypage = fbClient.fetchObject(pageID, Page.class);
counter = 0;
} catch (FacebookException ex) { //So that you can see what went wrong
ex.printStackTrace(System.err); //in case you did anything incorrectly
}
}
public void makeTestPost() {
fbClient.publish(pageID + "/feed", FacebookType.class, Parameter.with("message", Integer.toString(counter) + ": Hello, facebook World!"));
counter++;
}
}
The problem:
The code above works. The thing is, it works temporarily. The page access token that I get has an expiration time of one hour, and I need to manually go through the process of obtaining it, every time that I run the program. What is the point of automating a process if I keep some aspects of it manual?
So I have to ask you: Can I do the process above programmatically, and obtain a fresh page access token at program launch?
Can I, maybe, use a better API to do something as simple as just post a couple of things on a Page's wall, every day?
My application is a console one, and I would like to stay away from implementing needless Logins, even though if you tell me that it is needed, it's going to be a bother I'll have to go through.
As a note: I've got the application registered in Facebook Developers, albeit only as a basic app. To get more permissions, I need to show proof of Facebook Login implementation, and as I say in the title, it's something I'll have to avoid.
There is no automatic process to obtain an access token. If there was, it will defeat the whole purpose of the OAuth flow. For pet projects and tests it's okay to use the Graph API Explorer but for public applications involving users it is mandatory that the user manually selects the login dialog.
Under your current scenario you can extend the user token using the method mentioned here https://developers.facebook.com/docs/roadmap/completed-changes/offline-access-removal/
Scenario 5: Page Access Tokens
When a user grants an app the manage_pages permission, the app is able
to obtain page access tokens for pages that the user administers by
querying the [User ID]/accounts Graph API endpoint. With the migration
enabled, when using a short-lived user access token to query this
endpoint, the page access tokens obtained are short-lived as well.
Exchange the short-lived user access token for a long-lived access
token using the endpoint and steps explained earlier.
https://graph.facebook.com/oauth/access_token?
client_id=APP_ID&
client_secret=APP_SECRET&
grant_type=fb_exchange_token&
fb_exchange_token=EXISTING_ACCESS_TOKEN
By using a
long-lived user access token, querying the [User ID]/accounts endpoint
will now provide page access tokens that do not expire for pages that
a user manages. This will also apply when querying with a non-expiring
user access token obtained through the deprecated offline_access
permission.
A simple program used only by the owner of the application does not need approval from Facebook.
e.g. https://www.facebook.com/phwdbot
So I have a java program running within an Amazon EC2 instance. Is there a way to programatically get its own tags? I have tried instantiating a new AmazonEC2Client to us the describeTags() function but it only gives me null. Any help would be appreciated thank you.
Edit: To make things clearer, the instances are going to be unmanned worker machines spun up to solely do some computations
This should help you get started...
String instanceId = EC2MetadataUtils.getInstanceId();
AmazonEC2 client = AmazonEC2ClientBuilder.standard()
.withCredentials(new DefaultAWSCredentialsProviderChain())
.build();
DescribeTagsRequest req = new DescribeTagsRequest()
.withFilters(new Filter("resource-id", Collections.singletonList(instanceId)));
DescribeTagsResult describeTagsResult = client.describeTags(req);
List<TagDescription> tags = describeTagsResult.getTags()
You should be able to get the current instance id by sending a request to: http://169.254.169.254/latest/meta-data/instance-id. This only works within ec2. With this you can access quite a bit of information about the instance. However, tags do not appear to be included.
You should be able to take the instance id along with the correct authentication to get the instance tags. If you are going to run this on an instance, you may want to provide an IAM user with limited access instead of a user which has access to everything in case the instance is compromised.
While using user-data may be the simplest solution, the OP was asking specifically about the tagging, and unfortunately amazon hasn't made this as easy as it could be. However, It can be done. You want to use a combination of 2 amazon services.
First you need to retrieve the Instance ID. This can be achieved by hitting the URL from within your instance:
http://169.254.169.254/latest/meta-data/instance-id
Once you have the resource ID, you'll want to use Amazon's EC2 API to access the tags. Since you said you're using Java, I would suggest the Using the AWS SDK amazon makes available. Within this SDK you'll find a method called describeTags (documentation). You can use a Resource ID as one of the filters to get the specific tags to your instance. Supported filters are
tag key
resource-id
resource-type
I suggest doing this retrieval at boot using something like cloud-init and caching the tags on your server for use later if necessary.
I want to have LinkedIn authentication in my website. Their API returns the desired information, the create account function is working. However, I seem to have some problems when I try to login on the site.
It seems that I get a UserEmailAddressException when I call the LoginUtil.login method.
at com.liferay.portal.service.impl.UserLocalServiceImpl.authenticate(UserLocalServiceImpl.java:2480).
It fails at
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
if (!Validator.isEmailAddress(login)) {
throw new UserEmailAddressException();
}
}
Here is my code :
boolean rememberMe = true;
String authType = CompanyConstants.AUTH_TYPE_EA;
try {
LoginUtil.login(request, response,
String.valueOf(user.getUserId()), user.getPassword(), rememberMe, authType);
}
catch (UserEmailAddressException ueae) {
ueae.printStackTrace();
}
The users authenticate via email address, so I guess that should be the correct authentication type?
I have added company.security.auth.type=emailAddress in portal-ext.properties, but I get the same error as without this setting.
Because Liferay documentation is unsatisfying, I would like to know how to do a proper call to the login() function so that my user will login with its LinkedIn account.
It's hard to answer this question from the amount of code that you give.
First of all: About documentation. Judging by the use of LoginUtil, you seem to be modifying Liferay's internal code in order to implement your functionality. This is an internal API that is not guaranteed to be stable and will most likely be documented last (the API documentation has improved a lot, but it's mostly about the external, public API).
You might want to look into the implementation of ServletFilters that Liferay uses for implementing other external single sign on systems. Many customers/users have implemented these successfully (I haven't looked at the state of that documentation though, but there are several SSO implementations that you can find)
Further, it will probably help, which email address is supposed to be invalid - from your code it looks like you're calling with user.getUserId() (this is numeric), but you state that you demanded the login to be through email.
Lastly, if you have configured the login method through the UI, it is saved to the database - and that setting would win. So please check ControlPanel/Portal/Portal Settings/Authentication/"How do users authenticate?" to make sure that the setting is actually asking for the email address.