I downloaded Amazon's samples: CognitoSyncDemo https://github.com/awslabs/aws-sdk-android-samples/tree/master/CognitoSyncDemo and tried to run it in unauthenticated mode. I followed Amazon's guide:
created AWS account;
created Identities Pool in Cognito;
added roles in IAM.
But when I ran the sample app, populate some data into dataset and tried to sync them, it popup that : Failed due to Failed to list records in dataset: XXX(XXX is my dataset name).
The role policy I created for unauthenticate is as follows:
{
"Version": "2012-10-17",
"Statement": [{
"Action": [
"mobileanalytics:PutEvents",
"cognito-sync:*",
"sns:*"
],
"Effect": "Allow",
"Resource": [
"*"
]
}]
}
I am not sure if it was the role's problem.
Does anyone had such problem as well when you ran the CognitoSyncDemo provided by Amazon?
The role policy looks sane. The details you provided are not enough to see what else is causing the problem, so this is a list of things you should verify:
From your Identity Pool in the Cognito Console, go to "Edit Identity Pool" and make sure that "Enable Access to unauthenticated Identities" is checked.
Make sure that the region (US-East or EU-West) in your AWS Console matches the region set in your app's code.
Make sure you have entered the correct roles ARN's in the app's source, together with the identity pool id and your AWS account.
Related
I would like to send in-app and cloud messages to a group of users based on non-standard criteria.
I decided to link firebase project with BigQuery and use imported segments to accomplish this task.
The problem is that fcm message composer always target 0 users when i filter users based on the segment.
I added such entry to the SegmentMetadata table
{
"segment_label": "test_segment_label",
"display_name": "test_display_name_metadata"
}
and such entry to the SegmentMemberships table
{
"instance_id": my device fcm token,
"segment_labels": [
"test_segment_label"
],
"update_time": null,
"membership_name": "test"
}
Now on the firebase console when i am trying to send cloud message and target users based on this segment i see that 0 users are matched, do you have any idea why?
image snapshot from firebase console
(my device fcm token that i putted on the entry in the SegmentMemberships table should be valid because i see on android studio logs that it doesn't change)
instance_id is not your fcm token but the part before colon in your token.
When you call getToken() in SDK the token returned is in this format: <instance_id>:<token>
I am trying to connect to the Amazon IoT service using an android app following the guide on https://github.com/awslabs/aws-sdk-android-samples/tree/master/AndroidPubSubWebSocket.
I have change the CUSTOMER_SPECIFIC_ENDPOINT to the ENDPOINT value found in SETTINGS section of AWS IoT Console. Additionally I have changed the COGNITO_POOL_ID value to POOL_ID found under the Getting Started with Amazon Cognito.
Unfortunately now everytime I try to connect to the connect, even using the sample code form the above repo, the Connection Status is status keep on trying to Reconnect without providing any throwable object.
In the IoT thing policy did you give appropriate permissions to connect, subscribe and publish. The option can be found in AWS IoT->Security->Policy->Create Policy.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iot:*",
"Resource": "arn:aws:iot:us-east-2:293751794947:topic/replaceWithATopic"
}
]
}
The above policy gives all access to the user. Also, make sure your pool which you created is for unauthenticated users.
UPDATE
In the IAM policies.Do check if you have given appropriate permissions to the cognito pool. If not attach the IoTFullAccess policy to the pool. It will solve the problem.
I have enabled YouTube data API and Google+ API for my project and change the Android API Key in Auth.java I also entered my playlist info into Constants.java. However I still get this unhelpful error:
com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden
{
"code": 403,
"errors": [
{
"domain": "usageLimits",
"message": "Access Not Configured. YouTube Data API has not been used in project 608941808256 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/youtube/overview?project=608941808256 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.",
"reason": "accessNotConfigured",
"extendedHelp": "https://console.developers.google.com/apis/api/youtube/overview?project=608941808256"
}
],
"message": "Access Not Configured. YouTube Data API has not been used in project 608941808256 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/youtube/overview?project=608941808256 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry."
}
can some one help me please
We had the same issue. We resolved it by starting from scratch and creating a brand new API project. For some reason the existing API project didn't work. Steps to check if you have this issue:
Create a new project in the API console (click the project dropdown at the top of the window, and choose "New project").
Enable the APIs required (e.g. YouTube Data).
Go to credentials->Domain verification and enter your domain.
Fill in the OAuth consent screen, and make the "application name" the same as your project name. Also choose the scopes you will be using, add your domain, save it, and submit for verification.
Create credentials of type "OAuth2 client key->Web application" and enter the correct callback uri.
Wait a few hours.
You should now be able to test in the APIs explorer (enter your own client key).
I had the same problem here.
Besides enabling the Google+ API and the Contacts API I have also to create a new OAuth Client Key for Web applications.
When you create it you'll see that the client id will start with the Project Id that you have on the error message.
In summary you'll have to do as follow:
Create an OAuth Client Key with type web application
And the Client Id to you API
Then you should be able to authenticate.
Hope I could help.
I Solved this problem by creating a new project and then creating new credentials
I'm trying to set up an app which uses Google Smartlock feature to fetch credentials stored in Google's password manager and automatically log in. For this, I have set up a test website, where an user can login (while browsing in Google Chrome), and if she chooses to save the password for the site, it'll be saved in Google's password manager. The sample app that I have should be able to automatically fetch the stored credentials and use them to log in to the app content page.
I have followed the documentation thoroughly.
Here's the Digital Assets file hosted at the website root :
[{
"relation": ["delegate_permission/common.get_login_creds"],
"target": {
"namespace": "web",
"site": "https://officeloginsso.azurewebsites.net"
}
},
{
"relation": ["delegate_permission/common.get_login_creds"],
"target": {
"namespace": "android_app",
"package_name": "com.mslogin.t_sopal.msloginsso",
"sha256_cert_fingerprints": [
"XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX"
]
}
},{
"relation": ["delegate_permission/common.get_login_creds"],
"target": {
"namespace": "android_app",
"package_name": "com.login.codelab.sopalsmartlock",
"sha256_cert_fingerprints": [
"XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX"
]
}
}]
The Manifest file snippet that includes the link to the json file :
<application>
<meta-data android:name="asset_statements" android:resource="#string/asset_statements" />
</application>
Strings.xml :
<string name="asset_statements" translatable="false">
[{
\"include\": \"https://officeloginsso.azurewebsites.net/.well-known/assetlinks.json\"
}]
</string>
The app has been published (with regional restriction) and the json file has been hosted, which returns response :
HTTP/1.1 200 OK
Content-Type: application/json
Despite having done these, the app still can't pick up the username/password stored through the website. Is there something I am missing here?
Per discussions in the comments, the resolution was to ensure that the asset links file matches the package and signature of a published Play Store app and that the apk being tested is signed with the same certificate as the published app (i.e., not signed from a debug / development keystore). You can use an alpha/beta channel if you want to test before releasing to a production channel.
In general, here are the things to check (some mentioned in the question):
ensure your asset links file is valid json containing both app (the Play Store package and cert fingerprint) and any associated sign-in domains (desktop, mobile web, regional domains, etc. each of which needs it's own assetlinks.json at the well-known location, but may point to a canonical copy) without a path component (e.g. no trailing slash)
check (e.g. with curl -I) that the file is served with an HTTP 200 (no redirects) from the well-known location (must be available at exactly /.well-known/assetlinks.json) with "Content-Type: application/json" header and is accessible to bots/crawlers
verify that asset_statements in the app manifest is under application and is valid escaped json and points to the asset links file in the well-known https location. The app need to be published before we can detect this, but you can use an alpha/beta channel for testing, so long as that apk has the latest version code
Once these requirements are met and the app is published in the Play Store, the association will be enabled automatically with 1-2 business days. Details of these requirements are available at https://developers.google.com/identity/smartlock-passwords/android/associate-apps-and-sites
Since you have defined the assetlinks.json in this path
https://officeloginsso.azurewebsites.net/.well-known/assetlinks.json
is very important to define into your robots.txt file this lines:
User-agent: *
Allow: /.well-known/
to allow GoogleBot access to your file:
https://officeloginsso.azurewebsites.net/.well-known/assetlinks.json
read about robots.txt.
To integrate Smart Lock for Passwords into your Android app, you must add calls to the Credentials API to your app's start-up and sign-in flow.
To retrieve credentials:
When the app starts, if no user is already signed in, call CredentialsApi.request().
If getStatus().isSuccess() returns true, get the user's credentials with getCredential() and use them to sign in.
If getStatus().isSuccess() returns false and getStatusCode() returns RESOLUTION_REQUIRED, user input is required to pick a credential. Call startResolutionForResult() to prompt the user to select a saved account, then call getParcelableExtra(Credential.EXTRA_KEY) to get the user's credentials and use them to sign in.
Note: If signing in with the retrieved credentials fails because the password is incorrect or the account doesn't exist, delete the credentials from Smart Lock.
This document shows how to integrate Smart Lock for Passwords into your Android app.
I have integrated Paypal in my android app, user can pay by either Paypal or card.
Card Payment is working correctly but when paying through Paypal returns status "created" instead of "approved".
Below is response from Paypal -
{
"client": {
"environment": "sandbox",
"paypal_sdk_version": "x.xx.x",
"platform": "Android",
"product_name": "PayPal-Android-SDK"
},
"response": {
"create_time": "2016-05-23T10:51:47Z",
"id": "PAY-XXXXXXXXXXXXXXXXXXXXXXXX",
"intent": "sale",
"state": "created"
},
"response_type": "payment"
}
Why it is not returning status to approved.
What is wrong in my code.
TIA
For Sandbox environment, You need to use a credit card that is registered under the sandbox personal account. Check the "Profile" of the PayPal sandbox personal account and go to the "Funding" tab for the test credit card. This will give you a "approved" result instead of "created".
The problem is you are created the Merchant account as Business account in your sandbox, but we need to create Business-Pro account in sandbox.
I got solved the issue by created like that.