I have an app that uses the Android licensing. I'm using the ServerManagedPolicy which according to http://developer.android.com/guide/publishing/licensing.html should cache the server responses.
To test it I did the following:
In the developer console, set the server answer to be "LICENSED" for my account.
Connect the phone to Internet, and run the app. It shows the dialog I created to let the user know it is trying to obtain a valid license. It then shows that it found it and lets me run the app.
I exit the app (back button) and the force close it.
I disconnect from the Internet.
I run the app again. I see the dialog again, but this time it says a valid license was not found and doesn't let me run the app.
Shouldn't the ServerManagedPolicy cache the license it found the first time and let me run the app the second time?
I haven't published this app yet. Could this have something to do?
Thanks!
Don't worry, I had the same issue. When you use a test or dev account, licence is not cached bu the ServerManagedPolicy. But for your real clients, it will be cached by LVL.
Nothing in the docs says it clearly, but that works and actually, is nice feature for devs.
Regards,
stéphane
Btw, You should add a link to your app in your profile as I did... I am curious about it but can't guess what it is.
Related
I have a flutter app that is designed to be placed as a fixed camera and based on what it sees give commands for IOT purposes.
To prevent it from sleeping, I am using a library called wakelock. (https://pub.dev/packages/wakelock)
Unfortunately, this doesn't prevent another issue, Google Prompts. When I log into my developer account on my laptop, the development phone is taken over by the prompt asking "Are you trying to sign in?"
I don't really want to have the solution be to log out of google on the phone, since the app is downloaded and updated via the play store.
I also don't want to disable 2F authentication, just don't want it to take over this developer phone, it's fine if it does so on my personal phone.
So a google settings solution, or a flutter code solution would be really helpful, have been able to find neither.
TLDR: I tried having the android phone as a 24/7 IOT camera with my flutter app, and was expecting it to stay on, but it was interrupted by the Google Prompt.
The easiest solution seem to me to set up a separate google account; this way the app could continue to be updated from the Play Store without being tied to your personal account, so you shouldn't receive 2fa prompts.
Another thing that might help is "Pinning" the app, which doesn't allow the app to be exited without authentication.
If neither of those work, a more advanced option could be to set up the phone with device management and use the lock task mode, but the work involved with setting that up is probably prohibitive for your use-case.
I am trying to use phone auth from firebase and I get this error now.
Unable to process request due to missing initial state. This may happen if browser session storage is inaccessible or accidentally cleared.
This was working a week ago and no longer works.
I have solved this by registering my app with SafetyNet with SHA2. To do this follow these steps:
Get your SHA2. If you don't know how to get this, follow this tutorial:
https://www.youtube.com/watch?v=kLaNnuoqnmA
Note. This youtube link is for SHA1 but you will notice that SHA2 will be shown here if you pay attention.
Go to your Firebase Console then, go to Project Settings > App Check. You will notice your app is "Unregistered." click this to register your app.
Enter the SHA2 you copied and Accept some terms below then click Save. you will notice the "Registered" with green check icon.
Btw, this error happens on one of my devices but not on another. I also searched through this error and no one has solved this including this page. This happens in my phone authentication using firebase when getting an OTP as I send my phone number. The app tries to redirect you to a browser for Recaptcha for verification if you don't have SafetyNet. Thus, having no SafetyNet will cause your app to always be redirected for Recaptcha which sometimes causes an error. Thus, to solve this, register your app with Safety Net. to understand this, read this documentation.
https://firebase.google.com/docs/auth/android/phone-auth?authuser=0
Focus on 2. Enable App Verification and you will notice that recaptcha is just an alternative for SafetyNet.
It had on the Ionic/Angular/Capacitor app too. i.e. Android and Chrome. Firebase Auth with Microsoft Login.
So I have cleared all the chrome browser data on the Android device and then no issues. i.e. working fine now.
More workarounds: https://github.com/firebase/firebase-js-sdk/issues/4256
I experienced the issue with an iphone web app. I went into Settings -> Safari and disabled 'Prevent Cross-Site Tracking'.
I have created a test build of a GDK Glass app that I want to deliver to a few test users. However the app disappears after a reboot. Logcat shows this:
08-19 18:18:18.256: I/GlasswareSyncAdapter(978): Uninstalling Glassware ID #6DBADA7634397F00 (com.example.demo).
A look at the issue tracker explains that this is caused due to the fact that the MyGlass app didn't install this app and that the app thus isn't linked to the user's account.
Are there any workarounds? With a submission process of over a month how can we get our app tested properly?
The submission process should be less than a month at this point. I suggest that once you think you have things working, you submit the app.
Once submitted, you'll be working with the Review Process Team. They are able to create a whitelist (certainly of accounts, and possibly based on a list you can control through a Google Group) of who will be able to see the app on their MyGlass page. This will also allow you to test the app, including the auth flow, using the actual installation process.
It seems like this issue only occurs when the application you are side loading has been submitted to Google for approval. Just change change the package name of the APK you want to sideload and your problem should be solved.
Hello and thanks in advance for your response.
I have my licensed app uploaded to the Play Store. I can test and get expected results with all of the static test license responses (Licensed, Not Licensed, etc). So far so good.
But if my test device has no internet connection, the license check ALWAYS fails. This is not how I understand the ServerManaged policy to work. If an install is found to have been licensed sometime in the recent past, the policy is supposed to cache information in a shared prefs file and use it if there is no internet connection.
So I temporarily commented-out the obfuscation of the data in the prefs file that the license system creates. When I look at the data, I see that the retry count and other stuff is set to zero. This is not what I expect. With data like this, it is behaving for me as if I were using a Strict policy (and I am not).
I am presuming that this is an artifact of using the test response system and that "real" users will get actual data in their obfuscated shared prefs that permits them to operate in the absence of an internet connection.
So I have tried setting the server response to "Respond Normally". When I do this, I ALWAYS get a NOT LICENSED response. And I guess this makes some sense because I have not purchased the app and downloaded it.
So how can I, as the developer, experience exactly what my end-users experience? I want to be able to test how this all works without an internet connection, for example. I cannot seem to figure out how to do this? I guess I could purchase my own app but I am not sure that will even work since the test device is logged into the test account. And it makes no sense for a developer to have to purchase their own app.
Thanks for any suggestions.
I think I found a possible solution to your problem.
What I have done:
first, I created a google group for alpha/beta testers of my app (after uploading the app, of course). Then, I ivited myself in this google group and accept the invitation. After this, I inserted my gmail developer account in the list of the users for the license test and set the server response to "RESPOND_NORMALLY".
In this way, the response of the server will be always "LICENSED" for my account, and the validity time will not expire in 2 minutes. It's as I had bought the app!
The only limitation to this trick is that you have to upload your app in a beta or alpha slot of your google developer console but, after this, you can also get a "LICENSED" answer using a debug app uploaded on your device using the usual Eclipse IDE! You don't have to wait for the generation of the link to download the test app (that is very slow to generate... Up to 24 hours!).
I too have experienced this frustration. I too want to have the same experience as my customers. As soon as I set 'Respond Normally' I always see the 'NOT LICENSED' response -- which seems VERY SUBOPTIMAL. I BELIEVE what Google needs to added is a setting of **'RESPOND_NORMALLY_AND_LICENSED'**. That would do what's needed.
The heart of the difficulty: if I leave my app as 'LICENSED' that works fine when I have an internet connection, then after 2 minutes with no connection, my app stops working as licensed (since the cache is set on the Google Play Server to 2 minutes). Thus if I want to use my own app day-in and day-out, I need to produce an app with licensing disabled --- something my customers never see. That's a VERY bad idea.
We all learned a long time ago: "You must eat your own 'dog food' as a developer."
I have reported this as a 'Developer Console' Bug, but it is perhaps instead of a 'Bug,' a very strong suggestion--and it would be seemingly be simple to implement.
As a work around, I have now added code in ServerManagedPolicy.processServerResponse() to simply add two months of time the licensed time and call setValidityTimestamp(). I hope this helps someone else. Now I am content ---
So, I've setup the Android LVL with my application to check for licensing. This seems to work great with the Test Accounts. The problem is, if I turn the phones internet connection off and try to run the app, the licensing check will fail and tell me it's NOT licensed!
One thing is, why does it tell me the application is NOT licensed and more importantly, how can I have the application 'remember' if it is licensed or not.
Apparently the answer to this is that the license is not cached when testing, but is when on the market. I created a small app to test this and it works!
Sorry but, I too confirm that airplane mode results in a failure to rely on any cache. Theoretically, if the app was online and pinged the license server right before going offline, then it might work. However, if the phone is offline for any significant amount of time, there is no caching mechanism. Just look at the code. I filed a bug against android :
http://code.google.com/p/android/issues/detail?id=12978
Because my users of Shout n' Snap shoutnsnap.com are ALREADY confirming this stupid behavior.
I've made a workaround using a 2 part challenge on the client side. EG:
IF LICENSED:
PERSIST random key as LK
PERSIST obfuscated random key as OLK
ELSE:
if (deobfuscate(OLK) == LK)
GRANT ACCESS
ELSE:
GET LOST
Code is here: http://code.google.com/p/androidbest/