0

I have an app in which the user uploads a video to youtube. I have the user input their password and username to sign in and then they input the "title", "description", "tags", "category", and "privacy setting" i.e. public, private, unlisted. All works well. However I am not able to verify that the password for the given username is valid or even if the username is valid. When the password and username are filled in and the "sign in" button is tapped these are saved into the documents directory as password.txt and username.txt. Then these are used to complete the process and in fact loaded from the documents directory upon subsequent uploads until the user signs out, in which case the files are removed. My problem is I would like to check with YouTube when the user fills in the password and username and goes to save them to make sure they are valid. Can someone help me with this.

This is the code I use to input the username and password as well as developers key to YouTube to get a service to allow uploading video.

- (GDataServiceGoogleYouTube *)youTubeService {

    static GDataServiceGoogleYouTube* service = nil;

    if (!service) {
        service = [[GDataServiceGoogleYouTube alloc] init];

        [service setShouldCacheResponseData:YES];
        [service setServiceShouldFollowNextLinks:YES];
        [service setIsServiceRetryEnabled:YES];

        /*[service setUserCredentialsWithUsername:accountView.text password:PasswordDisplayField.text];*/
    }


    NSString *username = [accountView.text retain];
    NSCharacterSet *whitespace = [NSCharacterSet whitespaceAndNewlineCharacterSet];
    accountView.text = [username stringByTrimmingCharactersInSet:whitespace];

    /*if ([accountView.text rangeOfString:@"@"].location == NSNotFound)
    { accountView.text = [kYoutubeUsername stringByAppendingString:@"@gmail.com"]; }*/

    if (([accountView.text length] > 0) && ([PasswordDisplayField.text length] > 0))
    { [service setUserCredentialsWithUsername:[accountView.text retain] password:[PasswordDisplayField.text retain]]; }
    else
    { [service setUserCredentialsWithUsername:nil password:nil]; }

    [service setYouTubeDeveloperKey:devKey];





    return service;



}

and then I use this code to get the URL for uploading

NSURL *url = [GDataServiceGoogleYouTube youTubeUploadURLForUserID:kGDataServiceDefaultUser];

but I am not sure how to use these to check to see if the username and password are matched and compatible and return an error message is they are not . Also I don't want to save them if they are not correct.

If someone can suggest a solution, a tutorial, video or something else to help me accomplish this I would greatly appreciate it.

Thanks

user1114881
  • 731
  • 1
  • 12
  • 25

1 Answers1

0

I would strongly suggest moving to OAuth 2 using the Objective-C client library:

http://code.google.com/p/gdata-objectivec-client/ http://code.google.com/p/gtm-oauth2/

As a user of your application, I'd feel awful knowing that you were storing my Google Account address and password in clear text like that. Please, switch to OAuth 2.

Jeff Posnick
  • 53,580
  • 14
  • 141
  • 167
  • I have changed the code so that I store the password in the keychain so it is secure. I also use the error message when the video is uploaded to check to see if the password is the correct one. If upload is completed then I save the password in the keychain if there is an error then the password is not saved and the user is directed to reenter their username and password. Is there a way to specify an exact error like error 403 is the bad authorization error. I would like to say if that is the error then do such and so. Is this possible? – user1114881 Dec 30 '12 at 07:30
  • I'd still strongly recommend switching to OAuth 2. In general, if you use invalid credentials with ClientLogin you'll get back a HTTP 403 response, but that's not the only possible reason you can get back a 403. If you really need to go this route, then try deliberately providing a bad password and take a look at the HTTP response body to see what the exact error message is for a username/password mismatch. – Jeff Posnick Jan 02 '13 at 21:56
  • As I said I will work on using OAuth 2 but would like to get something working for now. Can you point me to a really good tutorial/example for using it. – user1114881 Jan 04 '13 at 14:56
  • As for the error message. When I put in a bad username/password the error message is "Upload failed: Error Domain=com.google.GDataService Domain Code=403"The operation couldn't be completed. (com.google.GDataServicesDomain error 403.). UserInfo=0x1f147770 {Error=BadAuthentication, error=BadAuthentication} That's it. Is there anyway to specify just this error to bring up the warning? Thanks – user1114881 Jan 04 '13 at 15:04