I'm using Google Login and successfully downloading files from drive to Android devices. But it seems that after about 3 months the device logs out and needs to be manually logged back in. Is there a way to prevent this or to log back in without manual intervention (i.e. programmatically). I don't want the device to ever logout.
You can check this documentation in Google Account Help about Stay signed in or out of your Google Account. This is an initial solution that you can try.
If Google keeps signing you out, here are some steps you can try:
Make sure cookies are turned on. Some antivirus or related software may delete your cookies.
If your cookies are turned on, clear your browser's cache. Note: While deleting your cookies may resolve the problem, it will also
remove your saved settings for sites you've visited.
Make sure you’re using the latest version of your browser.
Use a browser like Chrome to remember passwords for you.
If you use 2-Step Verification, add trusted computers and devices.
If it is for Google sign in token expiration, you can check this SO post about SilentSignIn method that helps you to detect user revocation of access to your application on other platforms.
Related
I'm using a Google Client Library to verify a token that is returned using Single Tap Sign In (google-api-client-1.32.2). I need to setup a proxy on my device in order to test my Android app locally. This works for a Pixel 2 device running Android 11. But it doesn't work if on a Nexus 6P running Android 8.
It is clear that the proxy is preventing the authentication from succeeding because if I disable the proxy, it works. I tried adding the domain googleapis.com to the list of domains that the proxy will ignore but that didn't help. It is possible that some other domain is also being used for authentication other than googleapis.com.
I use Charles as my proxy, but it doesn't show any domain other than googleapis.com.
Is there anything else I can try?
There was nothing wrong with the code, the proxy or anything else. This problem is the result of the same crap that has been happening for years with Android. If the app is already installed on a different device and you clear the app's cache before running the app, you are mistaken to believe that the app's setting are all cleared. Android stores the settings in the cloud in your Google Drive under the device's backup. So when you clear the cache or even reinstall the app, Android retrieves the app's settings from the backup. As a result, the JWT token that get created when you peform a sign-in use API keys that are part of the backup. But if the API keys have changed in the updated app, they will be overwritten by the backup keys.
The solution is to delete the device's backup in Google Drive. I seriously believe that this feature of storing device settings in the Cloud is one of the dumbest things I've encountered. This is not the first time this has happened.
I am trying to use phone auth from firebase and I get this error now.
Unable to process request due to missing initial state. This may happen if browser session storage is inaccessible or accidentally cleared.
This was working a week ago and no longer works.
I have solved this by registering my app with SafetyNet with SHA2. To do this follow these steps:
Get your SHA2. If you don't know how to get this, follow this tutorial:
https://www.youtube.com/watch?v=kLaNnuoqnmA
Note. This youtube link is for SHA1 but you will notice that SHA2 will be shown here if you pay attention.
Go to your Firebase Console then, go to Project Settings > App Check. You will notice your app is "Unregistered." click this to register your app.
Enter the SHA2 you copied and Accept some terms below then click Save. you will notice the "Registered" with green check icon.
Btw, this error happens on one of my devices but not on another. I also searched through this error and no one has solved this including this page. This happens in my phone authentication using firebase when getting an OTP as I send my phone number. The app tries to redirect you to a browser for Recaptcha for verification if you don't have SafetyNet. Thus, having no SafetyNet will cause your app to always be redirected for Recaptcha which sometimes causes an error. Thus, to solve this, register your app with Safety Net. to understand this, read this documentation.
https://firebase.google.com/docs/auth/android/phone-auth?authuser=0
Focus on 2. Enable App Verification and you will notice that recaptcha is just an alternative for SafetyNet.
It had on the Ionic/Angular/Capacitor app too. i.e. Android and Chrome. Firebase Auth with Microsoft Login.
So I have cleared all the chrome browser data on the Android device and then no issues. i.e. working fine now.
More workarounds: https://github.com/firebase/firebase-js-sdk/issues/4256
I experienced the issue with an iphone web app. I went into Settings -> Safari and disabled 'Prevent Cross-Site Tracking'.
I am planning to drop my app in Google Play(earlier Android Market) because of push notifications (whenever a new version) , security for apk and so on.And also since apk is secured with Google play(paid apks) i dropped of downloading the apk from my website (only authenticated people can download the apk)
Actually its a business app for particular users with username and login access. Everything was fine in the App with login and security mechanisms
I am thinking of a way to restrict the other users who are not from the list while installing itself.
My question is whether any kind of filter or authentication mechanism can we set while downloading the application from the Google play it should ask for a password or something like this to filter the unauthorized users to download the app..
My ultimate aim is i don't want the peoples to try it after downloading unnecessarily
Can anybody help who have tried all those in android market
Ok.. One thing after another..
Google propose their licensing mechanism. However app would need internet connection, which is disadvantage if otherwise it doesn't need it. If I got it right your does need to connect to server so this is not a problem for u.. It seems to me you are already familiar with this method.
Mechanism for password protecting downloading or visibility of apps on Google Play doesn't exist today..
You can identify users with IMEI (in case you don't consider using app on tablets, which doesn't have it), WLAN MAC, BT MAC address or some exotic combination of these methods, and you use this as authentication.
The best solution, from my point of view, is to allow people on market to download it. Your application is already using some mechanism of authentication (user/password) to server. So if 1st thing user need to do is login, and any functionality is disabled if that doesn't pass. If it pass, you already know who is your user and what privileges he has.
The thing is here that I am not so sure what are your concerns when user without login/pass download application if everything after that screen is disabled before authentication. User will download (if they find it..), they will install, try to use it, see that's not possible without credentials and uninstall it.
Hope it helped.. I will try to add few more links in a while..
I have an app that I'm developing that uses AccountManager to get credentials for a Google account that is subsequently used for getting a cookie from AppEngine. I've noticed that I find bugs when I send the app to testers because they get prompted to authorize the account. I need to do a bunch of testing and am looking for a way to "unauthorize" an app from a particular credential so I can do my testing on the next install. I can't find anything in settings where I can remove the authorization to an account from an app. Do you know of a way to do this?
Thank you,
Stateful
It is true that uninstalling is most of the time not enough. You need to uninstall and restart the phone right afterwards. At least this works for me
At least as of 2.3, there is no API for this. IIRC, if you install the application, the authorization entry will be removed from the database, so a re-install should work.
You can try to remove from this page:
https://accounts.google.com/b/0/IssuedAuthSubTokens?hl=it
I have an app that uses the Android licensing. I'm using the ServerManagedPolicy which according to http://developer.android.com/guide/publishing/licensing.html should cache the server responses.
To test it I did the following:
In the developer console, set the server answer to be "LICENSED" for my account.
Connect the phone to Internet, and run the app. It shows the dialog I created to let the user know it is trying to obtain a valid license. It then shows that it found it and lets me run the app.
I exit the app (back button) and the force close it.
I disconnect from the Internet.
I run the app again. I see the dialog again, but this time it says a valid license was not found and doesn't let me run the app.
Shouldn't the ServerManagedPolicy cache the license it found the first time and let me run the app the second time?
I haven't published this app yet. Could this have something to do?
Thanks!
Don't worry, I had the same issue. When you use a test or dev account, licence is not cached bu the ServerManagedPolicy. But for your real clients, it will be cached by LVL.
Nothing in the docs says it clearly, but that works and actually, is nice feature for devs.
Regards,
stéphane
Btw, You should add a link to your app in your profile as I did... I am curious about it but can't guess what it is.