BIM360 App Store: How to recognize Account ID - javascript

Let’s say BIM360 admin has added my BIM360 app from BIM360 App Store to his/her BIM360 account, and gone through the provisioning steps.
After that, when user clicks ‘Open’ link (a sample shown in the screenshot), a page from my app will be opened.
In this page, I need to determine whether this particular BIM360 account already has a corresponding account in my app or not.
To clarify further, my app is a multi-tenant cloud-service, and each tenant/account is tied with a BIM360 account - not with individual BIM360 users. So, regardless of BIM360 user who logged into BIM360 page, I need to redirect him/her to the account corresponding to BIM360 account.
If no corresponding account in my app (which will be the case for first time access), I have to redirect user to 'sign up' page.
Question: how do I find the BIM360 Account ID when user opens my app via 'Open' link in BIM360 page?
One possible workaround (a hack, really) is to use ‘referrer’ in HTTP header (on my page) to grab the URL of BIM360 page, and scrape Account ID out of it.
What is the correct way to do this? Could you point me to a sample code?
Thanks

When the end-user opens your app you should ask to sign in with his/her Autodesk Account, which results in a 3-legged OAuth access token.
With that, your app can call GET Hubs, which returns the list of Hubs that user has access and your app also has access. As this includes all hubs, check for attribute.extension.type == hubs:autodesk.bim360:Account and the hub id will be the BIM 360 Account. You may also check the hub id with b. prefix.
Please note the Hub id has the b. prefix and you need to remove it to get the correct BIM 360 Account ID.
Finally, an end-user that comes to your app may have multiple BIM 360 Docs hubs provisioned to your app, e.g. a contractor that works with multiple projects, so consider that scenario.
Check this article for some other considerations.
EDIT
From comment (23/4/2018):
the workaround you suggested doesn't really solve the problem then. I need a way to figure out the BIM360 Account ID for the page where user clicked 'Open' link.
After the user clicks on "open", your app needs to ask for sign-in, which gives your app a 3-legged token. With that, call GET Hubs endpoint, filter hubs for BIM 360 Docs, if more than one, ask user to select the hub/account, then you have the account ID.

Related

How to connect my app users with their facebook id's?

In my app I need to find a way to connect users with their facebook ids (or something, that will identify them later). Will try to explain:
As a user,I'm create an event, and mark participants by enter their names.
Some of participants are already sign up in my app, some of them not.
To identify participant (no matter, registered or not),I have planned to use their facebook ids. Currently,I want add links to their profiles under names.
So, is there a way to get facebook id of user, by his profile link (https://facebook.com/zuck)? Or any other way to identify user via facebook, no matter registered he in app or not.
UPDATE Looks like there are no way to use facebook IDs for this task. Maybe there are another identifier to uniquely link account with facebook?

Fixed Facebook user ID for your login system

I am building a login system that depends on Facebook login plugin (https://developers.facebook.com/docs/facebook-login/web). Everything is going well with this easy to use plugin. The bad news is that: today, I noted that the Facebook changes its user IDs, and these changes can deceive your login system.
Explaining the process and the problem:
1- The user goes to your website and click Facebook login button to access to your website.
2- The plugin grabs the user's information from Facebook API, including the user Facebook ID.
3- Your script uses the grabbed info to check your database, looking for the Facebook ID in the users table.
4- If the Facebook ID exists, the system allows the user to login. If it does not exist, the system creates a new account for the user and login him/her to your website.
So, the same Facebook user might be registered more than one time as long as the Facebook changes the user's ID.
As I noted today: Sometimes, the Facebook gives its user an ID with 9 digits, and other times give the user an ID with 19 digits. If you used any of those IDs; it would redirect you to the same user's profile. For example: if the user's IDs are 999999999 and 1010101010101010101
https://facebook.com/999999999 and https://facebook.com/1010101010101010101 both URLs will lead you to same profile.
P.S. The script checks with the user's email, however the user has the choice not to supply his/her email address to your website.
I use API v2.. I didn't use the old version (v1.). So, I think this is not the issue of chronicle or app scoped IDs.
If you have any ideas that help in getting a fixed Facebook user ID, please let me know.
Thank you in advance

Is there a way to check if a Kik user has authorized without potentially prompting them for authorization?

I am developing an app that matches users in Kik based on interests. Kik users can chat with a bot that I wrote, and then the bot links them to a page in the web app based on their interests.
Kik provides us with this javascript (which I have documented here in coffeescript) to check if a user has authorized the app to access their user data, via the Kik api:
if kik.enabled
kik.getUser (user) ->
if user
This works, but it necessarily combines both features into one. That is, checking if a user is authorized and prompting a user to authorize both trigger when kik.getUser runs.
This is problematic because my web app should have different features depending on whether or not the user has authorized, one of which is providing the user with a 'check-in' button that prompts them to authorize if they have not.
Does Kik provide separate methods of checking whether or not a user has authorized?
Furthermore is there any way of identifying the actual authorization event with JS (i.e. the user actually pressing the 'yes' button, which closes the window that asks for authorization)?
Can an already authorized user be 'unauthorized', and if so, is there a way to recognize when this happens?
A potential work around is to store an "authorized" boolean in my database of users (or, rather, only generate a user in the database if they have authorized), and only run kik.getUser for users that have flagged as authorized. This could, however, not work if a user can become 'unauthorized'.
The API you're looking for is kik.hasPermission()
http://dev.kik.com/docs/#identity-user

LogOut user from Azure mobile Service from hybrid mobile app

I am following authentications steps for AMS as described here:
http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-how-to-use-client-library/#caching
From Kendo UI mobile app (Javascript)
I can log in using Google as an authentication provider using client.login("google"), execute authenticated AMS custom API calls
and also doing client.Logout() via button, that seems to successfully disconnect me from AMS
On subsequent client.login(), however, I do not get the Google account login window. It is seemingly stored in a cookie and the user is logged in automatically, thus not giving me a chance to log in as another user.
I was wondering what additional actions besides client.Logout() I must do to initiate the Google login screen on the next session after the user decided to logout. I do not want to force the user out of his Google account, as this would be impolite, just log him out of my application.
I know this question is old, but since it is not answered and I found it out recently I decided to post the answer here.
When you go to google.com you can add another account (top right icon). After that you can choose after each logout which account you want to use for your application to login. And you can even add other accounts to log in.

OAuth and Facebook page tabs

I'm in need of more of an explanation than an answer, per se - I'm building a page tab, which will pull certain images from a particular album belonging to the page. This does not require an access token, so there is no need to ask for permissions from visitors.
I can add like/share options which also work fine without an access token or authorisation.
How do I get basic user info (id, name etc) without requesting authorisation? It's a page tab, on Facebook, so therefore the visitor must be logged in already.
Just seems counter intuitive if I have to request permissions to perform what is essentially pretty standard actions.
I'm using the javascript SDK.
It's a page tab, on Facebook, so therefore the visitor must be logged in already.
The user may be logged in to Facebook – but he is not necessarily connected to your app (yet). And you need him to be, to get his user id.
Make a call to FB.login without asking for any permissions in the scope parameter – that’ll prompt the user to connect to your app, giving it only “basic” permissions to read his personal data. That’ll give you his user id in the response.authResponse (and also will lead to his user id being included in the signed_request next time he visits your page tab).
After that, you can get his basic user info be calling /me via the Graph API.

Categories