I am trying to set up linking app for OAuth 2.0 client ID from following official instruction:
https://developers.google.com/games/services/console/enabling#step_3_generate_an_oauth_20_client_id
I found a problem: the "Certificate fingerprint: SHA1" is created from one computer's debug.keystone. So running app on android device from that computer is perfect.
But if I changed to another computer to develop, even the code are the same, the running app will error out(because the fingerprint not match). If I need to use multiple computer for development the sample app(for example, synchroniced by git), how do I manage to run the app smoothly from all computer? Is that possible? Do I just copy over the same keystone?
Thanks
---update:
I tried to copy over the debug.keystone, it doesn't work. The error message changed, but still show the fingerprint not match.
Related
I'm essentially in the "Hello, World" phase of implementing Google's upcoming Android Management API (beta) for devices. I've gone through the Android Management API (beta) introduction and several guides and I'm stuck at the very basic step of enrolling a device. Following Google's Quickstart guide, and the general outline of the code embedded in the linked IPython Notebook, I've managed to:
create a project,
create an enterprise,
create a policy,
script the process of generating an enrollment token and displaying the resulting qrCode.
It's step 4 that appears to be the problem: I'm stuck in actually enrolling a device. Doing a factory reset of a 7.1 device, I'm six-times tapping on the welcome screen, and getting to the qrCode scan. That appears to work, and the device gives some indications that it is managed, but I am so far unable to see the device ID listed when I request all devices via method enterprises.devices.list. That API call returns 200 OK and an empty list:
[]
Even waiting 24 hours, that list is still empty.
I'm assuming that I've misconfigured something with the JSON/qrCode, but I'm currently at a loss as to what. Help please; through the linked Android Management API (beta), how do I properly list the enrolled devices?
Looks like this is a bug with the particular Android device with which I'm currently working: Lenovo Tab 4 10 X304F (2G, 32GB). We can utilize the manual workflow of afw#setup as the username, and then type (not QR scan) the 20 character code enrollment token and it works as expected, but any attempt to QR scan results in enrollment failure.
For future web searchers, the actual failure presents as an "iZat" location consent prompt which interrupts the provisioning process. The provisioning process is apparently not robust, and can't be restarted or continued. The only recourse is to factory reset and go the manual code entry route. In short, a paperweight for our purposes.
I am working on a version-controlled Google TurnBasedMatch Android application on two separate machines.
What works:
Creating matches and taking turns between Gmail 1 and Gmail 2 from devices running the debug app from Machine 1
Viewing in-progress matches between Gmail 1 and Gmail 2 from devices running the debug app from Machine 2
What does not work:
Creating matches and taking turns between Gmail 1 and Gmail 2 from devices running the debug app from Machine 2. Reading match data from an already existing game works fine, but any attempt to create a new match or alter an existing match results in GamesStatusCodes.STATUS_CLIENT_RECONNECT_REQUIRED
I have generated an OAuth 2.0 client ID for each of the two machines and added them to the Google Developer Console. That seemed to be the solution to the similar issue on this StackOverflow thread. Before this was added, I wasn't even able to login to Play Services, so I am unsure if this is related to the current issue.
Looking for ideas on credential/access-based differences that could exist between the two machines.
Finally figured it out - the key was to create a "Linked app" in the Google Play Console for each of the OAuth 2.0 Clients generated in the Google Developer Console. I only had an app linked to Machine 1 previously.
I have generated an app with AWS Mobile Hub. Google Login works fine in the start. But if I give the exactly same codes to the other developer it gives the error below. Or if I refactor the package name Google Login does not work anymore even with my own computer. (With iOS google-login works fine).
I have tried to follow all the instructions but no help. I have also changed the package name for OAuth 2.0 client ID for android (console.developers.google.com).
Error message:
Google failed. Unknown (Service: google-sign-in; Status Code: 503; Error code: 503; Request ID: google-sign-in) packageName Vs applicationID Android AWS Mobile Sign-in with
Here is one solution that did not work with me:
http://mobiledevelopmenttips.blogspot.fi/2016/02/packagename-vs-applicationid-android.html?showComment=1461311778234#c2030693740616382564
Jukka,
Assuming that no other Application ID or package names have changed from your project code, this error is expected with Google Sign-in when using your debug.keystore and sharing project code.
This error occurs when the Signing-certificate fingerprint (SHA-1) of the Client ID for Android from your console.developers.google.com project DOES NOT MATCH the fingerprint of the developers that signed the app. To reproduce your error, modify the Android Client ID SHA-1 fingerprint value in the google dev console and then attempt to sign-in from your current environment.
I would expect a similar error:
com.amazon.mysampleapp E/SignInActivity:User Sign-in failed for Google
: Unknown (Service: google-sign-in; Status Code: 503; Error Code: 503;
Request ID: google-sign-in)
Issue: Each development environment has a unique debug keystore used to sign an apk. Google Sign-in restricts access to only those apps signed by a known SHA-1 signing-certificate you provided when creating the Android Client ID. The other developer has a different fingerprint, signs the apk and fails because his/her fingerprint is not associated with an Android Client ID.
Solution: Create a new Android Client ID associated with your Google Developer Console project that contains the other developers fingerprint (you can have multiple Google Client IDs within a single Google Console Project).
Note: When enabling Google Sign-in feature in your Mobile Hub project, Mobile Hub actually creates an OpenID Connect provider (accounts.google.com) in IAM on your behalf.
Within the provider, Mobile Hub adds the Android Client Id you provided as an "Audience" to the provider. Still with me?
The Android Client ID you provided is not in your generated sample code and is only used to identify the signed app attempting to make API calls directly to Google.
So, to recap the solution:
Create a new Android Client ID (within Google Dev Console) with the other developers fingerprint following the steps outlined in the side panel help documentation within the Mobile Hub console.
Log into AWS IAM Console, select "Identity Providers" > "accounts.google.com" and ADD your newly generated Android Client ID as a new "Audience". If you forget/ignore this step, you'll get status code 400 NotAuthorizedException Incorrect token audience from Cognito when attempting to sign-in.
This will not be an issue with a production app.
When you prepare to release your app on the app store(s), follow Google's suggested steps to generate a NEW final client ID for your production app and then provide that client ID to IAM as an "Audience". Once you sign the apk and release it, all users have the same signed APK and will be able to authenticate via Google Sign-in. https://support.google.com/cloud/answer/6158849?hl=en#android
Finally it started to work when I did these four things:
Created new AWS Mobile Hub project
Created new Google Credentials project and used new ids for Mobile Hub project
Refactored package name in our real application to a new name (I don't mean refactoring from com.mysampleapp package name which had been refactored earlier but we had to decide new package path for our internal use)
e.g like this com.company.myapp -> com.company.myapp2
I put back Guest Login functionality in AWS Mobile Hub
This was the last step to make it work for me but maybe this is not crucial for others who might have similar problems. We have had different options should we allow guest login during the project so that's why it was important to us.
Here's a couple things to check.
Make sure any other developer are registered as test accounts.
https://developers.google.com/games/services/console/testpub#enabling_accounts_for_testing
Make sure you're both running the app in debug mode or you're signing it with the same certificate.
https://developer.android.com/tools/publishing/app-signing.html#studio
If you change the package name, make sure you make that change in the build.gradle file, not just in the AndroidManifest.xml file.
Hopefully, if you check those issues, you'll get things going. Otherwise, I would recommend looking through Google's troubleshooting documentation.
I have followed the HelloEndpoints tutorial by Google where I've implemented the backend API in Java and an Android client, where I'm getting this error from. https://cloud.google.com/appengine/docs/java/endpoints/getstarted/clients/android/
I've deployed the Android app client on a physical device. When I launch the app and touch the "Sign in" button, a dialog is shown since I have two Google accounts on the phone. I choose one and then the correct email address is shown for a couple of seconds in the label before it disappears. Then I'm getting the authentication error.
Several suggested solutions are mentioned at Stackoverflow and other sites , but nothing I've tried so far has helped.
I have tried to:
Regenerate the client-id, they are the same on both client- and server side (web client id)
The android id have the correct package name at the end of the SHA1
Regenerate client libs
Update devserver (but the API is also deployed)
Shutdown on the web service from the Google Developer Console
I've set a project name and email at the so called Consent screen on the API console.
Checked so that I'm signing the app with the same debug.keystore that I used when I generated the SHA1. It is used when I build the release.
Kind regards,
Ramon
I finally solved the problem yesterday :)
On Google Developer Console, I realized that I had an Android key for Public API access, but no Android Client ID for OAuth. The only Client ID I had for OAuth was for web applications.
After I've created one for Android apps, the authentication exception were gone.
Thereafter I got another exception when I tried to invoke the method requiring the authentication. When I checked the log on Google Developer Console, the invocation wasn't even logged! Which made me think that the invocation of the method isn't correct.
When I tried to invoke the method from the web it worked. I then checked my terminal and there I saw the example#example.com mail address. So, the invocation from the Android client was sent to my local devserver even though I had the web service deployed (and the servers ip-address wasn't set in the Android code).
My next step was to shutdown the local devserver and then I re-deployed the backend API before I tested the Android client again.
Finally after these two changes I can invoke the authenticated method and get a correct response :)
I have an existing android app to which I plan to add Google cloud engine backend. I am following the steps as here
https://developers.google.com/eclipse/docs/endpoints-androidconnected-gae.
I used the option "Google-->generate app engine backend" by right clicking on my existing project. and then went forward to test this.
I started the devapp server( I can see it running at localost:8888/_ah/admin/datastore). However When I run my application, I don't see the device registered in the 127.0.0.1:8888. The application runs as it used to run before. I tried both on emulator and on phone but the application just runs as before but I don't see any device registered in my devappserver.
Am I missing anything here?
Some basic steps for application registration were missing in my application. http://developer.android.com/google/gcm/gs.html
Adding them now and that should solve the problem.