I am following this link http://eagle.phys.utk.edu/guidry/android/apiKey.html to generate MD5 fingerprint of the certificate.
I have seen following threads too :
Google maps error when trying to get my API Key for android
How to find the MD5 fingerprint of my Android App
I am using Windows xp OS .The debug.keystore is located at C:\Documents and Settings\Admin.android\debug.keystore.
but on cmd prompt it gives response network path not found.
Please guide me how can i generate MD5 digest.
And also I would like to know what is the difference in debug key
and release
key ?? Are these two different keys ?? If yes then
How
can i generate them ??
Is there any way by adopting that we can use same debug and release
keys on different machines.
Locate debug.keystore on your system. It is usually in the USER_HOME\Local Settings\Application Data\.android folder on windows.
Use the keytool utility to generate certificate fingerprint (MD5). keytool utility that comes with the default JDK installation.
C:>keytool -list -alias androiddebugkey -keystore .android\debug.keystore -storepass android -keypass android
You can get a temporary Maps API Key based on your debug certificate, but before you publish your application, you must register for a new Key based on your release certificate and update references in your MapViews accordingly
You may also have to obtain other release keys if your application accesses a service or uses a third-party library that requires you to use a key that is based on your private key. For example, if your application uses the MapView class, which is part of the Google Maps external library, you will need to register your application with the Google Maps service and obtain a Maps API key. For information about getting a Maps API key, see Obtaining a Maps API key.
refer this:
get your debug signature as described below
$ keytool -list -keystore ~/.android/debug.keystore
...
Certificate fingerprint (MD5): 94:1E:43:49:87:73:BB:E6:A6:88:D7:20:F1:8E:B5:98
or better use the one you get from sigs[i].hashCode()
then this util func may also help
static final int DEBUG_SIGNATURE_HASH = 695334320;// value shpuld be the one you get above
public static boolean isDebugBuild(Context context) {
boolean _isDebugBuild = false;
try {
Signature [] sigs = context.getPackageManager().getPackageInfo(context.getPackageName(), PackageManager.GET_SIGNATURES).signatures;
Log.d(TAG, "DEBUG_SIGNATURE_HASH->"+DEBUG_SIGNATURE_HASH);
for (int i = 0; i < sigs.length; i++) {
Log.d(TAG, i+"->"+sigs[i].hashCode());
if ( sigs[i].hashCode() == DEBUG_SIGNATURE_HASH ) {
Log.d(TAG, "This is a debug build!");
_isDebugBuild = true;
break;
}
}
} catch (NameNotFoundException e) {
e.printStackTrace();
}
return _isDebugBuild;
}
Related
I have a React-Native app and I am using the firebase SDK for React-Native. I have just implemented App-Check for my app and it works fine in debugging mode, but it fails in Release. Here is the code for app-check in index.js which is triggered as soon as app is initialized:
try {
firebase.appCheck().setTokenAutoRefreshEnabled(true);
firebase.appCheck().activate('ignored', true);
firebase.appCheck().getToken(true).then(res => {
GLOBAL.app_check = JSON.stringify(res.token);
console.log("app check success, appchecktoken: " + JSON.stringify(res.token));
}).catch((error) => {
GLOBAL.app_check = '';
console.error("app check failed: " + error);
alert('App check failed: ' + JSON.stringify(error));
return;
});
} catch (e) {
console.log("Failed to initialize appCheck:", e);
logErrors('appCheck failed: ', e);
}
as you can see above, I am using alert to print the error message but here it what it prints:
**App check failed: {} **
.. object is empty. How can I check what's wrong with it? I am using Play Integrity and SafetyNet and I have added the SHA-252 which I got by using Gradle's Signing Report via the following command:
gradlew signingReport
What am I doing wrong here?
You will need to get the SHA-256 for all signing keys used with your app. With debug keys, calling gradlew signingReport works as it goes to the default signing key location (~/.android/debug.keystore) and runs the java keytool against this keystore supplying the default alias (android) and password (android).
For your release keys, which are self generated, you would need to use the java keytool which can generally be found on your system path or within the jdk directory. If you need help setting up keytool, I would refer to this stackoverflow question. You could use any other variations of keytool that exist, but I would use the one that ships with the jdk as its generally trusted. The command you would then want to run using keytool would be:
keytool -list -v -alias ${alias_of_keystore} -keystore ${location_of_keystore}
You would want to sub the alias and location with your own values. Using the default debug key values, the command would look something like this:
keytool -list -v -alias android -keystore ~/.android/debug.keystore
This video talks about all the different locations to grab the SHA-256. For instance, after you upload to the Google Play Store, if you opt into Google Play Signing (which I believe is the default) you will need to grab the SHA-256 from there as well. The rest of the video covers digital asset links and can be ignored.
In the README of MSAL, a configuration file is discussed, containing what is referred to by "YOUR_BASE64_URL_ENCODED_PACKAGE_SIGNATURE".
They also advise the user to store this as a "raw" resource.
This is the template given:
{
"client_id" : "<YOUR_CLIENT_ID>",
"redirect_uri" : "msauth://<YOUR_PACKAGE_NAME>/<YOUR_BASE64_URL_ENCODED_PACKAGE_SIGNATURE>",
"broker_redirect_uri_registered": true,
}
Won't the contents of this file affect the signature? How is it possible to have a static asset containing the signature?
I'm led to believe that this is not, as I thought, a cryptographic signature of the APK.
I couldn't figure out what it is.
I think it makes sense, it shouldn't be static. You want Microsoft to be able to prove that it is authenticating against your real app and not a modified or different application. This is the signed application for release with apk.
You need to sign your app in order to be able to put it on the play store or to have it validate: https://developer.android.com/studio/publish/app-signing
Per the Microsoft documentation:
https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-android#integrate-with-microsoft-authentication-library
it tells you how to generate the hash. in the portal when you set up the authentication on app reg it will give you a command like
keytool -exportcert -alias SIGNATURE_ALIAS -keystore PATH_TO_KEYSTORE | openssl sha1 -binary | openssl base64 to generate the signature it just gets gets the signature of the android keystore keys.
Im implementing an android app that enables users to stream to a youtube channel straight from the app. I have created an API key and a OAuth 2.0 client ID
But I get a the following exeption: com.google.android.gms.auth.GoogleAuthException: UNREGISTERED_ON_API_CONSOLE either when I try to ceate an event or when i try to fetch the one a created manually on the youtube channel.
I use the following code for create a youtube object
String accountName = mContext.getString(R.string.google_account_name);
String apiKey = mContext.getString(R.string.google_api_key);
String clientID = mContext.getString(R.string.google_api_client_id);
String clientName = mContext.getString(R.string.google_api_client_name);
GoogleAccountCredential credential =
GoogleAccountCredential.usingOAuth2(mContext,
Arrays.asList(YouTubeScopes.YOUTUBE));
credential.setSelectedAccountName(accountName);
// String SCOPE = "audience:server:client_id:" + clientID + ":api_scope:" + YouTubeScopes.YOUTUBE;
// GoogleAccountCredential credential = GoogleAccountCredential.usingAudience(mContext, SCOPE);
// credential.setSelectedAccountName(accountName);
youtube = new YouTube.Builder(transport, jsonFactory, credential)
.setApplicationName(clientName)
.setYouTubeRequestInitializer(new YouTubeRequestInitializer(apiKey))
/*.setGoogleClientRequestInitializer(new YouTubeRequestInitializer(apiKey))*/
.build();
Then to create an event:
LiveBroadcastSnippet broadcastSnippet = new LiveBroadcastSnippet();
broadcastSnippet.setTitle(name);
broadcastSnippet.setScheduledStartTime(new DateTime(futureDate));
LiveBroadcastContentDetails contentDetails = new LiveBroadcastContentDetails();
MonitorStreamInfo monitorStream = new MonitorStreamInfo();
monitorStream.setEnableMonitorStream(false);
contentDetails.setMonitorStream(monitorStream);
// Create LiveBroadcastStatus with privacy status.
LiveBroadcastStatus status = new LiveBroadcastStatus();
status.setPrivacyStatus("unlisted");
LiveBroadcast broadcast = new LiveBroadcast();
broadcast.setKind("youtube#liveBroadcast");
broadcast.setSnippet(broadcastSnippet);
broadcast.setStatus(status);
broadcast.setContentDetails(contentDetails);
// Create the insert request
YouTube.LiveBroadcasts.Insert liveBroadcastInsert = youtube
.liveBroadcasts().insert("snippet,status,contentDetails",
broadcast);
// Request is executed and inserted broadcast is returned
LiveBroadcast returnedBroadcast = liveBroadcastInsert.execute(); //<= This line generates the exception
I obviously did something wrong, but I can't figure out what. Any help is appreciated. Thanks in advance
The issue is that, when you debug, you're using a keystore created in ~/.android/debug.keystore, and not whatever signing key you think you're using.
When you generate a key, such as to release a signed APK, you think that this SHA1 is the one required by the Google API interface. It isn't.
If you replace the one in the ~/.android folder with your signing key, it's corrupt because it's missing the androiddebugkey. FYI, the default password for the auto-generated key is "android".
For directions as to where your keystore is located, see https://developer.android.com/studio/publish/app-signing.html under "Expiry of the debug certificate".
What you have to do:
1) Delete your debug.keystore and restart your IDE. This should generate a new debug.keystore with key alias "androiddebugkey".
2) If your IDE does not generate the new keystore, re-run your android application. It should generate it this time in ~/.android/
3) Navigate to /path/to/jre/bin and add this path to your system environment variables. This will allow you to access keytool.
4) Navigate to the directory of your debug keystore and run this command: keytool -list -keystore debug.keystore -alias androiddebugkey
5) Your console will prompt you to enter the keystore password (it is "android").
6) Get the SHA1 key from the keystore and put THAT KEY into your API interface, and you'll find it works.
In my case the UNREGISTERED_ON_API_CONSOLE error was caused by misspell in package name in AndroidManifest. Simple but lost many hours struggling with keys and SHAs.
Using the answers before this, I used it as a reference to understand and fix mine and made a much easier step-by step procedure of how I fixed mine.
In Windows command prompt.
Navigate to you java bin directory.
C:\Program Files\Java\jdk1.8.0_111\bin>
and type the ff. command
keytool -list -v -keystore "%USERPROFILE%\.android\debug.keystore" -alias androiddebugkey -storepass android -keypass android
then run the ff. code
keytool -list -keystore "%USERPROFILE%\.android\debug.keystore" -alias androiddebugkey
when ask for password, type "android" (without double quotes)
the resulting SHA1 key from the above code. Copy it, and paste it on your google cloud console here
On the google cloud console webpage do this
on the tab on the left, find and click "APIs & Services"
then on the new page, on the left tab again, find and click "Credentials"
now copy paste the key you copied from windows command prompt on the textbox below the "Signing-certificate fingerprint"
make sure that the application id on your app and google cloud console matches each other.
I've this problem, and after a lot of search, in build.gadle my applicationId was diferent from the package name that i've putted on Google Console
defaultConfig {
applicationId "br.com.glicado.glicado" <-- WAS WRONG, IN MY CASE THE RIGHT IS "br.com.glicado"
minSdkVersion 15
targetSdkVersion 23
versionCode 1
versionName "1.0"
testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"
}
I am integrating gmail login in my android application by following this thread :
https://developers.google.com/identity/sign-in/android/sign-in?configured=true
But I am getting error as :
Status{statusCode=DEVELOPER_ERROR, resolution=null}
I looked through this status code documentation here :
https://developers.google.com/android/reference/com/google/android/gms/common/ConnectionResult.html#DEVELOPER_ERROR
Above link does not help to diagnose the problem,
I have created the debug keystore file, & generated SHA-1 using keytool, also in Google developer console, I added package name as it is in manifest file or gradle file.
But all seems to fail can anybody tell me what does this error code suggest what may go wrong ?
Problem was SHA1 mismatch,
1] First Keystore File : I solved the error, problem was while building apk Android studio was taking default keystore file which was located inside C:\Users\<LOGGED_IN_USER_NAME>\.android\debug.keystore
2] Second Keystore File : Also I created one other keystore file which was located at different directory i.e. app/keystore/debug.keystore
While configuring the google developer console to integrate gmail login within app I gave sha-1 key generated through second keystore file above, the studio while building the apk file taking other keystore file hence sha-1 key mismatch was happening.
In order to take my keystore file located # app/keystore/debug.keystore I configured gradle file at app level with following code :
signingConfigs {
debug {
storeFile file('keystore/debug.keystore')
keyAlias 'androiddebugkey'
keyPassword 'android'
storePassword 'android'
}
/*
release {
storeFile file('release.keystore')
storePassword "mystorepassword"
keyAlias "mykeyalias"
keyPassword "mykeypassword"
}
*/
Now the generated apk sha-1 signature matches with the sha-1 key configured on google developer console for your app.
One note : Always use debug.keystore for debugging the gmail integration (At the time of development).
Refs :
For gmail integration :
https://developers.google.com/identity/sign-in/android/start-integrating
To see which sha-1 is getting used for your application see this stackoverflow thread :
SHA-1 fingerprint of keystore certificate
For anyone who is using React Native Google Signin and Firebase, try this.
Step 1: Get the SHA-1 of your Android Developer Debug Keystore
keytool -exportcert -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore
The password is android. Copy the SHA-1 value, which will look something like this in the output:
Certificate Fingerprints
....
SHA1: aa:bb:cc:dd:ee:ff:11:22:33:44:47:D0:9E:8D:E0:0C:79:F1:0F:CB
Step 2: Add the SHA to the Android App in the Firebase Console
Now open up your Android App in the Firebase console and add the SHA-1:
For react native app google login I followed following steps and it worked
Setup app in firebase console for iOS/Android on the following link
https://console.firebase.google.com/
Download GoogleService-Info.plist for iOS and google-services.json for Android
Don't forget to set SHA certificate fingerprints SHA1 for android setup. It's mandatory to work with Android.
Then copy Web client (auto created by Google Service) from OAuth 2.0 client IDs from following URL to access Google developer console
https://console.developers.google.com/
After doing all of these steps in firebase developer console and Google developer console
move to your code
Open your .js file from where you provide an option to login via Google.
In componentDidMount place following code
GoogleSignin.configure({
iosClientId: Constants.GOOGLE_LOGIN_CLIENT_ID_IOS,
webClientId: Constants.GOOGLE_WEB_CLIENT_ID,
offlineAccess: false
});
or you can create a separate method like this and call it in componentDidMount to configure GoogleSignIn
async setupGoogleSignin() {
try {
await GoogleSignin.hasPlayServices//({ autoResolve: true });
await GoogleSignin.configure({
iosClientId: Constants.GOOGLE_LOGIN_CLIENT_ID_IOS,
webClientId: Constants.GOOGLE_WEB_CLIENT_ID,
offlineAccess: true
});
const user = await GoogleSignin.currentUserAsync();
console.log("user from google sin in", user);
} catch (err) {
console.log("Google signin error", err.code, err.message);
}
}
After configuring GoogleSignIn you can call the following method on the press of GoogleSignInButton
googleAuth() {
GoogleSignin.signIn()
.then(user => {
console.log("user==", user);
console.log("user name = ", user.user.email);
console.log("accessTOken = ", user.accessToken);
this.props.socialMediaLogin( // this is my method that I call on successful authentication
user.user.id,
user.user.name,
user.user.givenName,
user.user.familyName,
user.user.email,
user.user.photo,
"GOOGLE",
user.accessToken
);
})
.catch(err => {
console.log("WRONG SIGNIN", err);
})
.done();
}
I just unblocked myself after struggling with this for almost 6 hours and here are my findings.
Please make sure the following:
Correct package name in Google Developer console. (Don't go with just the package name from AndroidManifest.xml. Inspect the Gradle files to see if you flavor name is being changed dynamically when building).
Generate Sha-1 Hash at the correct keystore location. (I was going with default keystore location ~/.android/debug.keystore but found out that my app was overriding with another location in the repository and hence, i was getting developer_error all along.)
PS: In case of your app uses backend server to pull data offline, create the project from the Google sign-in flow since this will generate OAuth Client id's for both Android and WebServer.
For Windows
For windows use this keytool -exportcert -list -v -alias androiddebugkey -keystore C:\Users[YOUR WINDOWS USER NAME].android\debug.keystore
Like this
keytool -exportcert -list -v -alias androiddebugkey -keystore "Your debug.keystore" Path
keytool -exportcert -list -v -alias androiddebugkey -keystore C:\Users\keshav.gera.android\debug.keystore
keytool -exportcert -list -v -alias androiddebugkey -keystore E:\HNSetup2\healthnickel\HealthNickel\android\app\debug.keystore
Password is :- android
ass your SHA1 Here Firebase Console
Note ===> update your google-service.json file in your app folder Please update
My problem was the SHA1 key in the developer console didn't match the one generated from my debug.keystore file. Run
keytool -exportcert -keystore path-to-debug-or-production-keystore -
Copy the SHA1 key and paste it into the developer console (console.developers.google.com) under your app > credentials > OAuth 2.0 client IDs > Oauth > Signing-certificate fingerprint
Another thing to watch is that newer versions of keytool (eg for Java 9) will generate a SHA-256 value, not SHA-1.
For Ionic apps with a native GoogleSignIn plug-in, try setting "Application type" to "Web application" instead of "Android" when creating the "OAuth client ID" in the Google Cloud Console.
This solved it for my Ionic capacitor app when using the #codetrix-studio/capacitor-google-auth plug-in.
In my case I was using the wrong SHA-1
In my case I was using this
keytool -exportcert -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore
for SHA-1.
When I used this
keytool -exportcert -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore
and pasted the SHA-1 in firebase console it worked
I have been trying to obtain a public map api key for my Android app. However the public key that I receive from Google does not work.
I have been using the following steps:
Obtaining Release Public Map API Key
1.Obtain Private Key:
Use Export of Eclipse to sign release application and create new keystore
2.Obtain MD5 certificate:
using alias and keystore set up
use keytool in Java directory: keytool -list -alias poly_alias -keystore
copy MD5 certificate
3.Obtain API Map Key:
Visit http://code.google.com/android/maps-api-signup.html and enter MD5 certificate
copy key
4.Use New Map API Key:
insert new map key for string in strings.xml for string mapApiKey
Does anyone have any suggestions on what I am doing wrong?
You were sketchy on the last step, so you may want to look at the final two steps on this page:
http://code.google.com/android/add-ons/google-apis/mapkey.html#finalsteps.
If it still doesn't work, you may want to explain what is happening, and change the values, but you may want to show an example of one of your layout files and the android manifest, to see if you may have made a typo or something.
You are following instructions for using the release signing key. Make sure you are building your APK in release mode. Normally, you build in debug mode and would use a Maps API key based on the debug signing key.