I'm working with some sample code here:
http://code.google.com/p/google-api-java-client/source/browse/picasa-android-sample/src/main/java/com/google/api/services/samples/picasa/android/PicasaSample.java?repo=samples
I authorized access in my Android app, but I cannot find where to now revoke access, so I can run through it again. Uninstalling the APK does not seem to reset any permissions.
I believe if you go to https://accounts.google.com/IssuedAuthSubTokens it should list your application under "Connected Sites, Apps and Services" from there you can revoke access.
Two steps to trigger the authorization page again:
go to https://accounts.google.com/IssuedAuthSubTokens to revoke the app you want. This will clear the permissions from server side.
go to your android device's settings->Data and time: fast-forward your time by a day or two. This will force the current token to expire.
It's not possible via any public, official API.
See:
https://groups.google.com/forum/?fromgroups=#!topic/android-developers/gOVZ0DF7ccg
http://grokbase.com/t/gg/android-developers/121j6ypxkb/revoke-permissions-to-access-google-accounts
Even uninstalling and re-installing the app doesn't help.
This might be the way on a rooted device:
How do you force AccountManager to show the "Access Request" screen after a user has already allowed access?
You need to programmatically revoke the token. First, try out the example app posted at:
https://developers.google.com/drive/quickstart-android
This example app displays the dialog to let you pick an account, then takes a photo and then uploads it to Google Drive. One important thing I discovered is that this sample app will eventually fail. I discovered that the camera portion of the app causes crashes. So disable the camera part of the code and just replace the file with some file on an SD card and upload the file to Drive instead.
To revoke the permission to use Drive, you need to execute the following code:
String token = credential.getToken();
HttpRequestFactory factory = HTTP_TRANSPORT.createRequestFactory();
GoogleUrl url = new GoogleUrl("https://accounts.google.com/o/oauth2/revoke?token=" + token);
HttpRequest request = factory.buildGetRequest(url);
HttpResponse response = request.execute();
Refer to the sample code on how to access the credential variable. Also, you must run the above code in a thread that is not on the main thread or it will fail.
You also need to add the following permissions. The sample code fails to indicate these permissions and without them the app will crash:
<uses-permission android:name="android.permission.ACCOUNT_MANAGER" />
<uses-permission android:name="android.permission.GET_ACCOUNTS" />
<uses-permission android:name="android.permission.USE_CREDENTIALS" />
<uses-permission android:name="android.permission.MANAGE_ACCOUNTS" />
If Eclipse complains that some of those permissions are only granted to the system, just run Clean Project and it will remove the warning. After you have done this, you should uninstall the app and reboot the device. For more information about revoking tokens, see the section "Revoking a Token" at:
https://developers.google.com/accounts/docs/OAuth2WebServer
After struggling to revoke authorisation for Gmail API permissions granted on my Android app (still in debug), I worked out that it does appear on https://security.google.com/settings/security/permissions like #David Waters mentions (it's a new link but goes to the same place) but only if you've properly enabled the API via the Google Developers Console. This means properly adding your OAuth 2.0 client ID, even if the app is still in development and in Debug Mode.
There's a very good guide on how to add your credentials on the Android Quickstart guide on the Gmail API site (Steps 1 & 2).
Using Google Play Services:
http://developer.android.com/reference/com/google/android/gms/auth/GoogleAuthUtil.html
Add https://www.googleapis.com/auth/userinfo.profile to your scope.
Example:
String scope="oauth2:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"
final String token = GoogleAuthUtil.getToken(context, "xxxx#gmail.com", scope);
OR "brute force"
Intent res = new Intent();
res.addCategory("account:xxxx#gmail.com");
res.addCategory("scope:oauth2:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile");
res.putExtra("service", "oauth2:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile");
Bundle extra= new Bundle();
extra.putString("androidPackageName","com.your.package");
res.putExtra("callerExtras",extra);
res.putExtra("androidPackageName","com.your.package");
res.putExtra("authAccount","xxxx#gmail.com");
String mPackage = "com.google.android.gms";
String mClass = "com.google.android.gms.auth.TokenActivity";
res.setComponent(new ComponentName(mPackage,mClass));
startActivityForResult(res,100);
Now, when you revoke the access here https://accounts.google.com/IssuedAuthSubTokens the application shows you the window for permission again in the device.
You can revoke account permissons on ...
https://security.google.com/settings/security/permissions
You can get there by [Account Settings] > [Account Permissions]
Proof that this answer is the real deal:
Look into your AndroidManifest file.
Related
The requirement is to create a key-value pair and add to the app configuration policy at portal side.
ex. endpointURL : "some-value"
The Android app should be configured in a way that it should access this configurations in the app and should be able to set the endpointURL in app.
I followed below steps at this link to Support App configuration policies in the app :
Added the permissions to AndroidManifest.xml:
<uses-permission android:name="android.permission.GET_ACCOUNTS" />
<uses-permission android:name="android.permission.MANAGE_ACCOUNTS" />
<uses-permission android:name="android.permission.USE_CREDENTIALS" />
I have pasted below code inside LoginServiceImpl.java where I am setting endpoint URL.
MAMAppConfigManager configManager = MAMComponents.get(MAMAppConfigManager.class);
String identity = "<user-name>#mobileinfy.onmicrosoft.com";
//
MAMAppConfig appConfig = configManager.getAppConfig(identity); //<= this line returning null.
Log.i("App Config Data = ",(appConfig == null ? "null" : appConfig.getFullData().toString()));
String valueToUse = null;
if (appConfig.hasConflict("endpointURL")) // <=So getting Exception at this line NullPointerException
{
List<String> values = appConfig.getAllStringsForKey("ServerUrl");
for (String value : values) {
valueToUse = value;
}
} else {
valueToUse = appConfig.getStringForKey("endpointURL ", MAMAppConfig.StringQueryType.Any);
}
Log.i("Found value " , valueToUse);
I followed the steps at this link to add app configuration policies in Intune portal
Steps that I followed to test app :
1.Installed company portal and logged in using our Intune account id:#mobileinfy.onmicrosoft.com
2. Installed app using android studio
3. Tried to log in -> app crashed. (as exception occurred.)
Another set of steps to test app :
1. Generated apk -> uploaded to intune portal
2. Installed company portal and logged in using our Intune account id: ayush14197#mobileinfy.onmicrosoft.com
3. Assigned app config policies to this app and synced.
4. Tried installing app from company portal app.
5. Tried to log in -> app crashed. (as exception occurred.)
Could you please help me to get this issue resolved?
Thanks in advance.
I think you're hitting two issues that aren't well documented in the Intune APP SDK docs:
MAMAppConfigManager.getAppConfig can return null if no app config data has been receieved for the user. The example given should be performing a null check on appConfig.
To receive app config, the user must have MAM policy targeted for at least one app for app config to be delivered. This is mentioned, but only on the Managed Browser app config page even though it applies to all apps.
I hope that helps -- these documentation issues should be fixed in the next release of the SDK.
In Android 0, apps that want the capability of installing apk's must be specifically granted that permission by the user in the system settings. However, I havent been able to figure out how to get my app into the list of apps the user can pick from.
Can anyone point me in the right direction?
Thanks
Probably this blog post will help:
https://android-developers.googleblog.com/2017/08/making-it-safer-to-get-apps-on-android-o.html
To sum it up:
Need to declare the permission in your manifest <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" />
Before install you should check if the permission is still granted (PackageManager.canRequestPackageInstalls()), if not you can request it again using
Intent intent = new Intent(Settings.ACTION_MANAGE_UNKNOWN_APP_SOURCES);
intent.setData(Uri.parse("package:YOURPACKAGENAME"));
I've been looking for a solution to this problem for a while (days, not minutes), but it eludes me quite effectively.
Please note that this is NOT a question about starting up the registration procedure. This must happen automatically without any user interaction.
I would like to add a Google account to my custom device (1000's of them). The account will mostly be used to activate Google Play store on the device so that the app can update when newer versions are available.
My existing code (the shortest snippet of those I tried):
AccountManager mgr = AccountManager.get(this);
Account acc = new Account("email#gmail.com", "com.google");
mgr.addAccountExplicitly(acc, "password", new Bundle()));
naturally yields a
java.lang.SecurityException: caller uid 10047 is different than the authenticator's uid
So how would I go about actually achieving this? My device is rooted so that's not an obstacle if it's the only way.
It is not possible to add/create a Google account using addAccountExplicitly(). You can only add accounts for your own services. even your device is rooted because it will rejected by Google web server. For more detail check this link
Warning: this solution doesn't work well. See comments for explanation.
Well, as it turns out, this is not something easily solved. I ended up registering one device, then pulled the users file from it. Location of users file : /data/system/users/0/accounts.db (if there are multiple user profiles on the device, the last directory may differ according to profile in question).
I stored this file into my app's assets (gzipped, make sure the extension is not something.gz because that gets lost during packaging - didn't bother checking out why).
First I check if my user already exists:
AccountManager mgr = AccountManager.get(this);
for (Account acc: mgr.getAccountsByType("com.google")) {
if (acc.name.equalsIgnoreCase("email#gmail.com"))
return;
}
If it does, I just skip the step. Otherwise I unpack the users file and overwrite existing one (using su). I then also do a reboot to make sure changes are registered.
Recently,
I am creating new Facebook apps in https://developers.facebook.com.
but unfortunately when i login and request publish permission it's always return "public_profile" for my permission;
here's my sample Code:
facebookButton = (LoginButton) findViewById(R.id.facebook_default);
facebookButton.setPublishPermissions(Arrays.asList("publish_actions","publish_stresm"));
and after the session if OPENED:
i try to call;
Session.getactiveSession().getpermission -> always return "public_profile";
How can i set mu publish permission?
Thx 4 advice.:)
publish_stream is deprecated, publish_actions covers everything you need.
You are probably trying it with a random user without a role in the dev settings of the App. Most permissions need to go through a review process now, in order to make them work for other users.
Take a look at the changelog and the review guidelines for more information:
https://developers.facebook.com/docs/apps/changelog
https://developers.facebook.com/docs/apps/review
I'm using Google Play Services in my apps but lately I found something strange and I don't know how to deal with it.
If you are using Google Play Services you know that for the fist time, before you'll generate token you need to give your app permission (grant access) to use selected API.
After that, your app will be visible here: https://accounts.google.com/IssuedAuthSubTokens
And my app is there. Everything was working. I wanted to test it from the scratch, I revoke access to my app and ... it stops working. I can't force Google Play Services to show this window after revoking access to my app. I don't have permission to Google API but Google should show me permission window to re-add it.
Is there a way to show this window again?
I'm using GoogleAccountCredential.usingOAuth2 function to get user token and data (with all exceptions like UserRecoverableAuthIOException, startActivityForResult(e.getIntent(), REQUEST_AUTHORIZATION) ...).
As I understand, GoogleAccountCredential uses the Google Play Services to manage the OAuth2 flow and all you need to provide is the username. After revoking access it's not working.
Using Google Play Services:
http://developer.android.com/reference/com/google/android/gms/auth/GoogleAuthUtil.html
Add https://www.googleapis.com/auth/userinfo.profile to your scope.
Example:
String scope="oauth2:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile"
final String token = GoogleAuthUtil.getToken(context, "xxxx#gmail.com", scope);
OR "brute force"
Intent res = new Intent();
res.addCategory("account:xxxx#gmail.com");
res.addCategory("scope:oauth2:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile");
res.putExtra("service", "oauth2:https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile");
Bundle extra= new Bundle();
extra.putString("androidPackageName","com.your.package");
res.putExtra("callerExtras",extra);
res.putExtra("androidPackageName","com.your.package");
res.putExtra("authAccount","xxxx#gmail.com");
String mPackage = "com.google.android.gms";
String mClass = "com.google.android.gms.auth.TokenActivity";
res.setComponent(new ComponentName(mPackage,mClass));
startActivityForResult(res,100);
Now, when you revoke the access here https://accounts.google.com/IssuedAuthSubTokens the application shows you the window for permission again in the device.