Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Log In
- Sign Up Free
Menu
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About DarS
DarS
Occasional Participant
since
02-06-2012
02-17-2012
4
Posts
0
Kudos
0
Solutions
Badges
02-17-2012
12:54 PM
Hi, Dave! Thanks for the encouragement and information. The application for my friend is a guest-book kiosk (1930s typewriter parlor-punk) written in LiveCode. The first phase simply generated uploadable files. The kiosk is on the local LAN behind a firewall and file access is by user name and password. The kiosk does have internet access. The second phase (about to be installed) uses a clear-text config file which does include my friend's Constant Contact user name and password. I'm not completely happy with that, but file access is password protected. It uses BASIC authentication to make contact changes. The application does not serve web pages. This application will probably have only one istallation and all actors are trusted, however, there is talk of franchises and the future. It seems a third phase is needed to implement OAuth 2.0. I see several possibilities, different directions: 1. I can work with my friend and create a bearer token "by hand" using a web browser or a web tool. That token can be put into the config file. Presumably that token can be canceled, if stolen. Perhaps there is a secure web page at Constant Contact that can aid in this--put in the API Key and client secret, and get back a bearer token and a user name. 2. I can add a web interface to the app which is used within the LAN for setup including the creation of the bearer token in a more traditional way. The token can be stored in a file encrypted using an application secret. This opens the opportunity (translation: I'm creating even more work for myself--this is all free for a firend) for editing configuration information through the web interface and it and the bearer token can be saved in an encrypted preference file. And (more work) a stat page and other information might be made available for my friend. In contrast with other methods, this requires the creation of a server either within the app or used by the app. 5. The app takes on all roles of resource owner, user agent and client. This would require following redirects and parsing the form at the Constant Contact authentication server. The config file is not influenced by this and would stay the same for now. My thoughts on how OAuth 2.0 might fit in with a simple application no doubt illustrate my ignorance of OAuth and confusion of how it might apply to my app. That should be interpreted as questions.
... View more
02-16-2012
08:51 PM
At this developer page... http://community.constantcontact.com/t5/Documentation/Authentication-Overview/ba-p/25981 …is this statement... " Basic Authentication is still supported and can be used in new integrations, but we will be announcing the end of support for Basic Authentication soon. We strongly encourage developers to switch their apps to use OAuth 2.0." I guess my request is continued support for Basic Authorization. OAuth does not fit my situation well.
... View more
02-16-2012
05:49 PM
I finished creating for a friend an application that uses the API for some simple contact functions. It works with my trial account. Yay! However, before setting this up for her, I have a question. What is the life of the API Key? Will it become disabled after my trial period is over?
... View more
02-16-2012
05:08 PM
I like this idea. I'm developing a CtCT application for a friend and might well do that for other customers. I am currently using the 60-day trial subscription for testing, and I don't know if it would be worth the cost to maintain a subscription on the chance some customers might want something.
... View more
Latest Tags
No tags yet