I have an application which has a PIN/Lock screen. In order to open the app user needs to enter his PIN code (which he had set up before in the app).
I want to add Biometric option -> instead of entering the PIN just place your fingerprint. However you should still have an option to use the PIN as fallback. Exactly the same as Revolut, LastPass or bunch of other banking apps. Pretty straightforward, right?
I've looked at the new Biometric API and it does not support fallback to a custom pin/password (only fallback to a lock screen). I could somehow add that manually (when user cancels the dialog) but this creates poor UX (switching from Google style dialog to app style screen). Also, Google dialog has a transparent background (which could reveal sensitive information) so I would need to put it in a separate blank activity (again poor experience). I wonder how banking apps are planning to migrate to that?
Should I do this the old way (FingerprintManager)? Is fallback to device lock safe enough? If someone knows your phone PIN he could access all of your apps.
Have you looked at this blog post? or that one? The AndroidX Biometrics Library provides a method called setNegativeButtonText() that provides an option for using an account/app credential if the user doesn't want to use biometrics.
And then in the callback you would do
override fun onAuthenticationError(errorCode: Int, errString: CharSequence) {
super.onAuthenticationError(errorCode, errString)
Log.d(TAG, "$errorCode :: $errString")
if(errorCode == BiometricPrompt.ERROR_NEGATIVE_BUTTON) {
loginWithAppAccountCredentials() // Because negative button says use application/account password
}
}
Also when your user clicks the login button in your UI, your onClick could look like this:
override fun onClick(view: View) {
val promptInfo = createPromptInfo()
if (BiometricManager.from(context)
.canAuthenticate() == BiometricManager.BIOMETRIC_SUCCESS) {
biometricPrompt.authenticate(promptInfo, cryptoObject)
} else {
loginWithAppAccountCredentials()
}
}
Related
I have implemented Google Onetap SignIn in my application. Everything is working fine, the only issue that I am observing is that on certain devices the pop-up often takes 7-10 seconds to display. Especially in case of Sign-In popup.
Since I have multiple login options available in the app it might so happen that before I can show the user his last used google account to login (via OneTap popup), he gets enough time to click on any other option (eg, Facebook) & it becomes a poor experience.
Since this pop-up is displayed by play-services, I don't see how I can optimise this time taken.
As per the code, it seems the call to
contract
.getOneTapClient()
.beginSignIn(getSignInRequest(isRegistering))
is the one taking the most time. It seems the code that queries for user's on device Google Accounts.
Using below code structure. Adding for reference
contract.getOneTapClient().beginSignIn(getSignInRequest(isRegistering))
.addOnSuccessListener { result: BeginSignInResult ->
try
{
contract.startIntentSenderForResult(
result.pendingIntent.intentSender, requestCode,
null, 0, 0, 0, null)
successCallback?.onSuccess(isRegistering, "Rendering Popup")
val timeTaken = if(isRegistering) System.currentTimeMillis() - signUpTime
else System.currentTimeMillis() - signInTime
BBLogUtils.logWithTag(TAG, "Completed in ${timeTaken/1000.0}s")
}
catch (e: IntentSender.SendIntentException)
{
failureCallback?.onFailure(isRegistering, e, ERROR_INTENT_SENDER_EXCEPTION)
}
}
.addOnFailureListener { e: Exception ->
// No saved credentials found.
// OR Temporarily blocked due to too many canceled sign-in prompts.
BBLogUtils.logWithTag(TAG, "Exception | registering=$isRegistering|rCount=$rCount | Error= ${e.message}")
failureCallback?.onFailure(isRegistering, e, ERROR_NO_CREDENTIALS_FOUND)
}
SignIn request object is the standard as prescribed by the docs
private fun getSignInRequest(isRegistering: Boolean): BeginSignInRequest
{
return BeginSignInRequest.builder()
.setGoogleIdTokenRequestOptions(BeginSignInRequest.GoogleIdTokenRequestOptions.builder()
.setSupported(true) // So that we receive the idToken in result
.setServerClientId(contract.getGoogleAndroidClientId())
/*
* true: for Registration ie. showing all accounts
* false: for return user signIn, ie. showing only previously used accounts
**/
.setFilterByAuthorizedAccounts(!isRegistering)
.build())
.build()
}
Another related question to this feature.
On the first launch of the app on device I saw this additional pop-up
Is there someway this can be skipped ?
Answering 2nd part of my own query here.
After a lot search I still haven't bee able to find a workaround for skipping the process. Turns out that this popup is medium for play services to inform the user about the new sign-in experience.
I observed that if I installed another app using Google Onetap (eg. Reddit or PIntrest), the same pop-up appeared there as well. Also, its shown only once to a user, ie. if the pop up was shown in the Reddit app then it won't come in my app & vice-versa.
In addition, if you wan't to repro this scenario, you can clear the storage of Google Play Services. For some duration, it might show error: 16: App is not whitelisted, but after a while, you will get the How It Works pop-up again.
This request is for a specific use case of a product
Assuming I have an AccessibilityService instantiated as part of my application's context: I need to continuously capture screen content, for which i'm using a MediaProjectionManager attached to my application. This is working, with a caveat: every time I restart my device or app, is mandatory to make a new request for an instance of MediaProjection, forcing the user to accept the screen capture system permission dialog.
I am trying to skip this step for the user. I already achieved automatically firing the dialog request. But for accepting the dialog prompt, this is what I've tried:
Log view hierarchy and find the nodeViewId of the corresponding
dialog accept button. Problem: the AccessibilityService wasn't providing an
event.source for that system dialog.
Using AccessibilityService.dispatchGesture to perform a click action
on the coordinate of the "Start Now" button of the dialog, after the
system shows it.
// PermissionAutomator
permissionsAutomator.listener = object : PermissionsAutomator.Listener {
override fun onPerformClickOnCoordinate() {
val clickPath = Path()
clickPath.moveTo(604F, 737F)
val clickStroke = StrokeDescription(clickPath, 0, 1)
val clickBuilder = GestureDescription.Builder()
clickBuilder.addStroke(clickStroke)
val gesture = clickBuilder.build()
val callback = object : GestureResultCallback() {
override fun onCompleted(gestureDescription: GestureDescription) {
super.onCompleted(gestureDescription)
Timber.d("gesture onCompleted")
}
override fun onCancelled(gestureDescription: GestureDescription) {
super.onCancelled(gestureDescription)
Timber.d("gesture onCancelled")
}
}
dispatchGesture(gesture, callback, null)
}
}
Does anyone has some advice for this problem? Maybe the solution can be extended for every system permission dialog on Android. Thanks!
System permission dialog for MediaProjection
Looking at the MediaProjectionManager https://developer.android.com/reference/android/media/projection/MediaProjectionManager
it seems its built-in to ask every time. Its not a regular permission like READ_EXTERNAL_STORAGE that is saved. The only way I see around it is to make your own and since MediaProjectionManager and MediaProjection are final it would have to be from scratch if its even possible.
So I'm just wondering why my code isn't working. How do I give AppShorcutIntent a specific intent with an action and data and stuff like that?
This is my code so far:
val appShortcutIntent = AppShortcutIntent.builder()
.setIntentName("actions.intent.OPEN_APP_FEATURE")
.setPackageName("com.app.name")
.setIntentParamName("feature")
.setIntentParamValue("")
.build()
shortcutsClient.lookupShortcut(appShortcutIntent)
.addOnSuccessListener { shortcutLookupResult ->
if (shortcutLookupResult.isShortcutPresent) {
shortcutsClient.createShortcutSettingsIntent().addOnSuccessListener { intent ->
requireActivity().startActivity(intent)
}
return#addOnSuccessListener
}
val signalShortcut = AppShortcutSuggestion.builder()
.setAppShortcutIntent(appShortcutIntent)
.setCommand("feature on")
.build()
shortcutsClient.createShortcutSuggestionIntent(signalShortcut).addOnSuccessListener { intent ->
requireActivity().startActivity(intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK))
}
}
I have tried so many different things and none of it seems to want to work the way I want. I know the question doesn't have anything specific as the parameter value but no matter what I set the param value too it still just doesn't get recognized as a unique intent when I use the shortcut.
The in-app promo library API doesn't deal with Android intents. It deals with Assistant's built-in intents, which are an entirely different things (even though they are both called "intents"). In the example you copied, it refers to the BII called OPEN_APP_FEATURE.
By using this API, you are telling Assistant how to create a shortcut that launches the app using a BII that it is already configured to handle. This BII is important because it carries the ability to recognize natural language queries associated with it. Android intents don't have that context.
I'm trying to incorporate Pepper's built in Android tablet more in DialogFlow interactions. Particularly, my goal is to open applications installed on the tablet itself for people to use while they're talking with Pepper. I'm aware there is a 'j-tablet-browser' app installed on Pepper's end that can let a person browse the tablet like an ordinary Android device, but I would like to take it one step further and directly launch an Android app, like Amazon's Alexa.
The best solution I can up with is:
User says specific utterance (e.g. "Pepper, open Alexa please")
DialogFlow launches the j-tablet-browser behavior
{
"speak": "Sure, just a second",
"action": "startApp",
"action_parameters": {
"appId": "j-tablet-browser/."
}
}
User navigates the Android menu manually to tap the Alexa icon
My ideal goal is to make the process seamless:
User says specific utterance (e.g. "Pepper, open Alexa please")
DialogFlow launches the Alexa app installed on the Android tablet
Does anyone have an idea how this could be done?
This is quite a broad question so I'll try and focus on the specifics for launching an app with a Dialogflow chatbot. If you don't already have a QiSDK Dialogflow chatbot running on Pepper, there is a good tutorial here which details the full process. If you already have a chatbot implemented I hope the below steps are general enough for you to apply to your project.
This chatbot only returns text results for Pepper to say, so you'll need to make some modifications to allow particular actions to be launched.
Modifying DialogflowDataSource
Step 2 on this page of the tutorial details how to send a text query to Dialogflow and get a text response. You'll want to modify it to return the full reponse object (including actions), not just the text. Define a new function called detectIntentFullResponse for example.
// Change this
return response.queryResult.fulfillmentText
// to this
return response.queryResult
Modifying DialogflowChatbot
Step 2 on this page shows how to implement a QiSDK Chatbot. Add some logic to check for actions in the replyTo function.
var response: DetectIntentResponse? = null
// ...
response = dataSource.detectIntentFullResponse(input, dialogflowSessionId, language)
// ...
return if (reponse.action != null) {
StandardReplyReaction(
ActionReaction(qiContext, response), ReplyPriority.NORMAL
)
} else if (reponse.answer != null) {
StandardReplyReaction(
SimpleSayReaction(qiContext, reponse.answer), ReplyPriority.NORMAL
)
} else {
StandardReplyReaction(
EmptyChatbotReaction(qiContext), ReplyPriority.FALLBACK
)
}
Now make a new Class, ActionReaction. Note that the below is incomplete, but should serve as an example of how you can determine which action to run (if you want others). Look at SimpleSayReaction for more implementation details.
class ActionReaction internal constructor(context: QiContext, private val response: DetectIntentResponse) :
BaseChatbotReaction(context) {
override fun runWith(speechEngine: SpeechEngine) {
if (response.action == "launch-app") {
var appID = response.parameters.app.toString()
// launch app at appID
}
}
}
As for launching the app, various approaches are detailed in other questions, such as here. It is possible to extend this approach to do other actions, such as running or retrieving online data.
I'm writing a application feature to authenticate user using Biometric fingerprint authentication API. And it worked as expected with combination of BiometricPrompt API.
In general it display own UI dialog so it can be unified across Android device.(Improvement from Fingerprint Manager API)
In one of device testing scenario I come across in-display(on screen, e.g. Oneplus 6T device) fingerprint support instead rear biometric hardware option.
When I run application on it, on call of biometricPrompt.authenticate(..) instead of dialog it display in-display fingerprint authentication option. Which is ok, and manage by internal API of BiometricPrompt.
But it create some inconsistency to manage for developer.
When it provide in-build authentication dialog, all fallback error displayed in dialog itself.
But in case of in-display authentication I didn't found a way where it manage to display error message it-self. And I have to handle this fallback and display in a custom way.
Now question is
Is there a way to manage/display message by in-display authentication view component.
How can identify if device is support in-device biometric authentication.
Edit: Code reference I'm using:
import android.content.Context
import androidx.biometric.BiometricPrompt
import androidx.fragment.app.FragmentActivity
import java.lang.Exception
import java.util.concurrent.Executors
import javax.crypto.Cipher
class BiometricAuthenticationManager(private val context: Context) :
BiometricPrompt.AuthenticationCallback() {
private var biometricPrompt: BiometricPrompt? = null
override fun onAuthenticationError(errorCode: Int, errString: CharSequence) {
super.onAuthenticationError(errorCode, errString)
biometricPrompt?.cancelAuthentication()
}
override fun onAuthenticationSucceeded(result: BiometricPrompt.AuthenticationResult) {
super.onAuthenticationSucceeded(result)
}
override fun onAuthenticationFailed() {
super.onAuthenticationFailed()
}
fun init(cipher: Cipher, promptInfo: BiometricPrompt.PromptInfo) {
if (context is FragmentActivity) {
val executor = Executors.newSingleThreadExecutor()
biometricPrompt = BiometricPrompt(context, executor, this)
biometricPrompt?.authenticate(promptInfo, BiometricPrompt.CryptoObject(cipher))
} else {
throw Exception(
"Check for FragmentActivity context.")
}
}
}
For further reference about how it look like, please find following attachment.
I try to check same scenario for lock screen, where I guess it uses custom implementation using FingerPrintManager class and display message.
Faced with the same problem some time ago - OnePlus 6T has no Biometric UI, at the same time Samsung A51 - has its own (custom) UI for Fingerprint API and another for BiometricPrompt API.
I tried to watch for Activity window focus loss (For OnePlus - activity do not lose focus, at the same time BiometricPrompt UI leads to focus loss), but appear a problem with the Samsung device.
The only solution that I found, and it works for now:
Need to get the correct device name (for OnePlus for example, it should be not ONEPLUS A6003, but One Plus 6 instead)
Need to perform request to https://m.gsmarena.com/res.php3?sSearch=Device+Name, you should get the list with matches, usually, first one is needed
Parse HTML (from previews step) to get the link for device specification (like https://m.gsmarena.com/oneplus_6t-9350.php)
Now you need to perform a request to this link and again parse HTML and get the "Sensors" section. You should get a string like "Fingerprint (under display, optical), accelerometer, gyro, proximity, compass"
Split this string to get the list with sensors
Now when you need to check if an in-display scanner is present on the device, just check for "fingerprint" and "under display" for the same sensor.
Link with impl. that can be used as an example
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
//Fingerprint API only available on from Android 6.0 (M)
FingerprintManager fingerprintManager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
if (!fingerprintManager.isHardwareDetected()) {
// Device doesn't support fingerprint authentication
} else if (!fingerprintManager.hasEnrolledFingerprints()) {
// User hasn't enrolled any fingerprints to authenticate with
} else {
// Everything is ready for fingerprint authentication
}
}
Dont Forget to Add
<uses-permission android:name=" android.permission.USE_BIOMETRIC" />