I have an app that I'm developing that uses AccountManager to get credentials for a Google account that is subsequently used for getting a cookie from AppEngine. I've noticed that I find bugs when I send the app to testers because they get prompted to authorize the account. I need to do a bunch of testing and am looking for a way to "unauthorize" an app from a particular credential so I can do my testing on the next install. I can't find anything in settings where I can remove the authorization to an account from an app. Do you know of a way to do this?
Thank you,
Stateful
It is true that uninstalling is most of the time not enough. You need to uninstall and restart the phone right afterwards. At least this works for me
At least as of 2.3, there is no API for this. IIRC, if you install the application, the authorization entry will be removed from the database, so a re-install should work.
You can try to remove from this page:
https://accounts.google.com/b/0/IssuedAuthSubTokens?hl=it
Related
I'm using Google Login and successfully downloading files from drive to Android devices. But it seems that after about 3 months the device logs out and needs to be manually logged back in. Is there a way to prevent this or to log back in without manual intervention (i.e. programmatically). I don't want the device to ever logout.
You can check this documentation in Google Account Help about Stay signed in or out of your Google Account. This is an initial solution that you can try.
If Google keeps signing you out, here are some steps you can try:
Make sure cookies are turned on. Some antivirus or related software may delete your cookies.
If your cookies are turned on, clear your browser's cache. Note: While deleting your cookies may resolve the problem, it will also
remove your saved settings for sites you've visited.
Make sure you’re using the latest version of your browser.
Use a browser like Chrome to remember passwords for you.
If you use 2-Step Verification, add trusted computers and devices.
If it is for Google sign in token expiration, you can check this SO post about SilentSignIn method that helps you to detect user revocation of access to your application on other platforms.
I am planning to drop my app in Google Play(earlier Android Market) because of push notifications (whenever a new version) , security for apk and so on.And also since apk is secured with Google play(paid apks) i dropped of downloading the apk from my website (only authenticated people can download the apk)
Actually its a business app for particular users with username and login access. Everything was fine in the App with login and security mechanisms
I am thinking of a way to restrict the other users who are not from the list while installing itself.
My question is whether any kind of filter or authentication mechanism can we set while downloading the application from the Google play it should ask for a password or something like this to filter the unauthorized users to download the app..
My ultimate aim is i don't want the peoples to try it after downloading unnecessarily
Can anybody help who have tried all those in android market
Ok.. One thing after another..
Google propose their licensing mechanism. However app would need internet connection, which is disadvantage if otherwise it doesn't need it. If I got it right your does need to connect to server so this is not a problem for u.. It seems to me you are already familiar with this method.
Mechanism for password protecting downloading or visibility of apps on Google Play doesn't exist today..
You can identify users with IMEI (in case you don't consider using app on tablets, which doesn't have it), WLAN MAC, BT MAC address or some exotic combination of these methods, and you use this as authentication.
The best solution, from my point of view, is to allow people on market to download it. Your application is already using some mechanism of authentication (user/password) to server. So if 1st thing user need to do is login, and any functionality is disabled if that doesn't pass. If it pass, you already know who is your user and what privileges he has.
The thing is here that I am not so sure what are your concerns when user without login/pass download application if everything after that screen is disabled before authentication. User will download (if they find it..), they will install, try to use it, see that's not possible without credentials and uninstall it.
Hope it helped.. I will try to add few more links in a while..
I want to create an application that prompts the user to create a password before the application is installed and also before the application can be uninstalled the password must be entered.
I have ran out of ideas on how to go about the code.
Please can anyone give me a code and an insight on how to go about this_
I would appreciate a lot.
You can use shared preference/db to have default value and see if there is a default value you can prompt dialog
I want to create an application that prompts the user to create a
password before the application is installed
To be clear you said BEFORE the app is installed. This might be Possible. But "dirty". In the user journey your user downloads and installs the APK from the market or where ever. None of your app code has run yet so there's nothing to leverage.
A possible work around, which I have heard others use but not tried myself so no guarantees, is to write a login app that when installed prompts for password creation and on success downloads the actual app.
I would probably say - why? What it the motive behind doing this? Lots of apps work fine installing the whole app (Spotify comes to mind).
I don't think this is possible the android market takes downloads and installs or user installs some other way and the user uninstall via manage application in the settings, all of these things happen outside of the scope of an app
See Device Administrations API
I have an app that uses the Android licensing. I'm using the ServerManagedPolicy which according to http://developer.android.com/guide/publishing/licensing.html should cache the server responses.
To test it I did the following:
In the developer console, set the server answer to be "LICENSED" for my account.
Connect the phone to Internet, and run the app. It shows the dialog I created to let the user know it is trying to obtain a valid license. It then shows that it found it and lets me run the app.
I exit the app (back button) and the force close it.
I disconnect from the Internet.
I run the app again. I see the dialog again, but this time it says a valid license was not found and doesn't let me run the app.
Shouldn't the ServerManagedPolicy cache the license it found the first time and let me run the app the second time?
I haven't published this app yet. Could this have something to do?
Thanks!
Don't worry, I had the same issue. When you use a test or dev account, licence is not cached bu the ServerManagedPolicy. But for your real clients, it will be cached by LVL.
Nothing in the docs says it clearly, but that works and actually, is nice feature for devs.
Regards,
stéphane
Btw, You should add a link to your app in your profile as I did... I am curious about it but can't guess what it is.
I've been asked for some review copies of an Android app I've written, which is great, but I'm not willing to give out the full app to just anyone. I want to make a time-limited version (which works for about two weeks, then gives up the ghost).
What is the easiest way to do this? I haven't tested this myself, but I think that in theory if one built the app using a keystore which expires in two weeks might work. Is that correct, or do I have to put a line of code in the app which shuts it down if you attempt to boot it after a set date?
The keystore is not checked after the application is installed; only at installation time is the date verified.
You would have to put in your own time limit code, I imagine. Though if you want to be really paranoid, you could consider that the user could alter their device's clock.
Alternatively, you could do an online check (against time on your server), or make each APK that you hand out have an individual token embedded which gets validated against your server.
I have a simplest suggestion, what if the reviewer buys the application, and you refund the payment?
I just thought of a cool way to do this.
You make a Beta version of your app, and you can define the group of testers, you just need the email address of that person, or a G+ community they can request access to, and then you add them to the Beta program.
easiest way is to hardcode an end date and no longer run after that. it can be circumvented if users change their system time, but that is kind of a hassle to go through.
otherwise, you can have your app check the license periodically by connecting to your server over http, but that requires more work.
This sounds like a great idea. You'd probably want to make the app phone home and verify with a server that a certain amount of time has elapsed. Users can always delete your preferences file on the phone or uninstall and reinstall the app to get around on-phone restrictions.
I believe the keystore approach may also work, but I'm not sure exactly how they work in Android.
Please make this an open source project when you finish - I think this would be useful to a lot of people!
You could use TelephonyManager.getDeviceId() and create a build of your application that would only ever run on the reviewer's phone.
You could either hard code this into the application or have the phone check against your server where you'd store permissions for each Device ID. With the latter case you could have your application display the Device ID when it can't find a license; the reviewer tells you this and then you enter this in your DB.
As per Google: "If you plan to publish your application(s) on Android Market, the key you use to sign the application(s) must have a validity period ending after 22 October 2033. The Market server enforces this requirement to ensure that users can seamlessly upgrade Market applications when new versions are available"
What we did with our developer challenge II entry was when we hit the expiration date any new data we processed was replaced by an expiration warning. So the application functioned with existing data but not with any new data the user entered after the expiration. Since our app processed text messages, setting back the clock was an unrealistic long-term solution for the user to overcome the expiration.
Depending on the type of application your are giving to reviewers, you may have another options.
You code it like a lot of shareware and only let the application run so many times. The code for this would be very easy to implement. Sure the reviewer could delete the data, but not very easily. I don't think they would go through that much trouble for maybe a couple dollars.