I have added Biometric Prompt in my Android app. So on app start, I am able to show prompt and if success is able to redirect user on the Dashboard screen. In case user failed I want to show System password as a secondary option to authenticate. How to do that with Biometric Prompt?
mBiometricManager = new BiometricManager.BiometricBuilder(FingerprintActivity.this)
.setTitle(getString(R.string.biometric_title))
.setSubtitle(getString(R.string.biometric_subtitle))
.setDescription(getString(R.string.biometric_description))
.setNegativeButtonText(getString(R.string.biometric_negative_button_text))
.build();
mBiometricManager.authenticate(FingerprintActivity.this);
on your biometric prompt add this
.setDeviceCredentialAllowed(true)
But check phone has a password/passcode setup with:
android.app.KeyguardManager.isDeviceSecure()
You can handle by extending BiometricPrompt.AuthenticationCallback, there are two main methods for handling fail state. onAuthenticationError and onAuthenticationFailed
onAuthenticationFailed
When the fingerprint doesn’t match with any of the fingerprints registered on the device, then this callback will be triggered.
onAuthenticationError
When an unrecoverable error has been encountered and the authentication process has completed without success, then this callback will be triggered. The callback is provided with an error code to identify the cause of the error
You can use Device administration API for showing system password in the case of Biometic auth fail.
Related
I was integrating azure AdB2c for my native android application, I have used SignInSignUp and
passwordReset userFlow for my current Application. Currently When I'm resetting the password, the password gets changed and redirect to app as expected, but when tries to relaunch the application after some time,MSAL is throwing out an exception ,which is messagecom.microsoft.identity.client.exception.MsalUiRequiredException: AADB2C90088: The provided grant has not been issued for this endpoint. Actual Value : B2C_1_SignInSignUp and Expected Value : B2C_1_PasswordReset . How can I handle during Such situation?
You are using seperate password reset and sign in/sign up flows. This means once the user performs password reset, the tokens are issued for the password reset policy. Later, once the access token expires, the refresh token is used to get a new access token. In this call, you pass in an account object (password reset), but perform the call against the sign in/up authority. This causes an error as the refresh token in the password reset account object can only be used against the password reset authority (policy).
To solve this, you can use the combined sign up/in/password reset journey.
https://learn.microsoft.com/en-us/azure/active-directory-b2c/add-password-reset-policy?pivots=b2c-user-flow#self-service-password-reset-recommended
Just as the title says, my project is using BiometricManager.from(context).canAuthenticate() to determine if a user is eligible to be prompted for Biometrics, then using BiometricPrompt to actually save/access the password.
Once Biometrics are successfully setup and I force 5 incorrect fingerprint scans locking the user out, the next time the user tries to authenticate I am getting a "success" value from canAuthenticate() but when BiometricPrompt is called the onAuthenticationError() callback is being triggered with errorCode 9. This is leaving the user in limbo of always having biometrics "enabled" but not being able to use them. Is there any known way to check lockout before calling BiometricPrompt?
canAuthenticate() success
BiometricPrompt error
I am doing Phone Authentication using Firebase Auth. As per the new dependency of Firebase Auth, PhoneAuthProvider.verifyPhoneNumber() is deprecated.
I have implemented a new one which is suggested here
My Code:
PhoneAuthProvider.verifyPhoneNumber(
PhoneAuthOptions
.newBuilder(FirebaseAuth.getInstance())
.setActivity(this)
.setPhoneNumber(phoneNumber)
.setTimeout(60L, TimeUnit.SECONDS)
.setCallbacks(mCallbacks)
.build());
Here when I add requireSmsValidation, It's giving me an error require SMS validation without setting a multi-factor session.
Can anyone help me to setMultiFactorSession? I want to instantly verify without needing to send or enter a verification code.
The problem here is that the method #requireSmsValidation() is to skip over instant validation. That method is only available for Multi-Factor Authentication flows as part of Google Cloud Identity Platform. It actually does the opposite of what you want - you should leave that method alone. However, most of your users will still need to receive and input the SMS code that is sent to them - there's no getting around that part of the flow.
I create a Firebase Auth user with an email and password
User logs in
User decides to add a phone number to their profile
I call verifyPhoneNumber with an intent to receive a code, call PhoneAuthProvider.getCredential(...) and link resulting AuthCredential to the email and password.
Instead, Android auto retrieves the code, user automatically sign-ins with phone number, their UID changes (it's a new user) and there's no way to link phone credentials back to the original email/password user. To perform a successful link I need to see the SMS code, which is nowhere to be found in case of successful auto sign-in.
????
NO PROFIT.
Any ideas? I tried to set the timeout to 0 for verifyPhoneNumber but auto login still works. Accepting defeat and just link EmailAndPassword credentials to phone number instead of vice versa is not an option, because it will require a massive copying of data from old user record into new, changing all references to this UID everywhere, etc.
verifyPhoneNumber resolves with a PhoneAuthCredential.
It doesn't matter whether the code is auto-retrieved or instant validation occurs. A PhoneAuthCredential is outputted on verifyPhoneNumber completion.
That credential can either be used to signInWithCredential for sign-in or to link to an existing user via linkWithCredential.
I encountered a very strange error when signing up a user using android 6 on a specific device.
The signup process works perfectly and the user is registered on Parse database. The code checks and if ParseUser.getCurrentUser() != null then the app sends the user to the main page and this all works till here.
However, I noticed that user is not able to send any requests to the server and it all rejects in the main activity and user can't even logout. The error I receive when logging out is:
com.parse.ParseRequest $ParseRequestException: This user is not allowed to add a field to _User. You can change this setting in the Data Browser.
It seems like the authenticated user object is not matched with the original user's token on server and that is why this user get ACL errors.
I am using Parse default signup and login functions and this has happened only on one device using android 6 so far. Any guess on what could cause this issue and how can I resolve this issue?
ParseACL roleACL = new ParseACL();
roleACL.setPublicReadAccess(true);
Add these lines after the user Parse.initialize() function. It allow user to create column in the table from mobile. Make sure the user is logged in otherwise it gives error.