Revoking permissions programmatic-ally in Android - android-6.0-marshmallow

Is it possible to remove or revoke permission from an application in Android Marshmallow?
Note that it should be done on runtime, so using ADB shell scripts or converting app to it's byte DEX code is out of question, as architectural changes is not an option for the required solution.

Only if your application is a system app, signed with the platform key then the answer is yes.
You can revoke and apps permission with:
getPackageManager().revokeRuntimePermission("com.example.application", permissionName, Process.myUserHandle());
Refer the source here: PackageManager.revokeRuntimePermissions
It may not be accessible when you are building your app with Android SDK rather than AOSP source, use of reflection might help.

Related

Firebase phone authentication is not working on Android real device

I've been trying to achieve phone auth using Firebase authentication. It's working with an android emulator. I used a test number and a real number in the emulator. Both works. But only the test number is working with a real device and throwing this exception for other numbers
Error is:[firebase_auth/missing-client-identifier] This request is missing a valid app identifier,
meaning that neither SafetyNet checks nor reCAPTCHA checks succeeded.
Please try again, or check the logcat for more details.
I setup SHA key in firebase also.
I am guessing you have not enabled the Device Check API. All you need to do is enable the Device Check API on the cloud platform.
I think after some updates they have made this change that for Safety Net you need SH1 Authentication along with enabling Device Check API.
You can follow the Steps as mentioned here.
Once you enable the device check api. Restart your application. It should work like a charm.
Do lemme know if you need further steps.
SafetyNet is newly developed feature for android. But solved the issue without doing any changes in the App.
Following steps helped me to solve.
Release Version
Google Signs the Appbundle when you upload. So, Find and copy the SHA1 key of the app signed by google.
Google Play Console - App Signing Key
Navigate to your project -> Project Settings in Firebase Console and add SHA1 key by clicking on Add fingureprint.
Debug version
Navigate to android directory of your project with following command with Terminal.
cd android
Generate app signingReport and copy the SHA1 key
gradlew signingReport
on Mac :
./gradlew signingReport
Add the SHA1 key in firebase app.
Android has added SafetyNet you can read more here. But what you have to do is 1. enable the Android Device verification api here. and 2. If you haven't yet specified your app's SHA-256 fingerprint, do so from the Settings Page of the Firebase console. For more info read details here.
I resolved my issue by removing by old android studio sha-1 and sha-256 keys from firebase and adding a new one from the latest android studio.
I have fixed this error.
In my case I added two android projects with same SHA-1 in single firebase project.
Once I removed one project from firebase project.
Now it is working for me.
I found this after much searching and should work for you or anyone else who stumbles here:
Put this line inside app/build.gradle under dependencies
implementation "androidx.browser:browser:1.2.0"
It is because its do reCAPTCHA verification and opens up browser.
There are two ways Firebase Authentication accomplishes this:
SafetyNet: If a user has a device with Google Play Services installed,
and Firebase Authentication can verify the device as legitimate with
Android SafetyNet, phone number sign-in can proceed.
or
reCAPTCHA verification: In the event that SafetyNet cannot be used, such as when the user does not have Google Play Services
support, or when testing your app on an emulator.
So your solution is either one of two
Retest on a real device
Add reCAPTCHA verification functionality to your app so you can
proceed with your emulator.
This was worked for me :-
If your app is published on the play store, Copy App signing key certificate from the Google Play console (Release > Setup > App Integrity page). Insert your signing key to your Firebase Console(Project settings Page).
Follow this link - https://developers.google.com/android/guides/client-auth
I removed my phone number from phone number for testing on firebase and it was worked for me when working on real device not emulator.

This app is not authorized to use Firebase Authentication - Reg

I have upgraded my project from Firebase sdk version 5.4.4 to Firebase Sdk version 6.8.0, in unity version 2018.4.14f1. I have imported all necessary "dotnet3" unity packages into my project and taken a build and i get an error "This app is not authorized to use Firebase Authentication. Please verify that the correct package name and SHA-1 are configured in the Firebase Console. [App validation failed ]".
I have then generated "SHA-1" for my keystore again and added fingerprint in firebase console, tried changing project from "dotnet3" to "dotnet4" and imported all necessary "dotnet4" firebase sdk packages. Still i get the same error and i made sure package name, SHA-1 code are all correct and added, even then im facing issues regarding that.
Please help me regarding this issue, if my methods are wrong or is this an open issue with sdk version 6.8.0.
This sounds like you need to re-upload your SHA 1 for Android development.
The easiest way to do this is to use the keytool command installed with Java:
keytool -list -v -alias androiddebugkey -keystore ~/.android/debug.keystore
The password for your debug keystore will be android, but if you're doing a signed release build (say for the Play Store), you'll want to use the appropriate keystore and credentials.
You then need to copy/paste the SHA-1 into the "SHA certificate fingerprint" field under project settings.
There is another great stack overflow answer here, but it is very Android Studio centric (you may not have it installed when developing in Unity).
I cover this at about the 5:12 mark of my getting started video if you'd prefer video instructions.
A few pro-tips before I go:
The Android debug keystore is randomly generated on each developer's machine the first time they build and deploy a debug application for Android. This means that you'll probably want each developer to upload their SHA-1 whose working on Firebase features (alternatively, each developer may want to setup their own Firebase sandbox for development purposes).
The combination of SHA-1 and your package name are what's used to identify which Firebase backend your game will use, so this could also be an effective mechanism to deploy separate staging and production backends.
dotnet4 should be used in most cases now (although Unity 2018 still lets you choose between 3 and 4). Generally, if you've chosen the wrong one the error you'll see is around Task. This is because Task didn't ship with the original version of C# that Unity used, so Firebase uses a library called Parse to retroactively add it (and make the API comparable to the Android and iOS counterparts). In .NET 4.x and higher, this means that you have two versions of Task included which will cause issues. The dotnet4 version of Firebase simply remaps any Parse specific functionality onto C#'s Task and uses the one that ships with Unity.
I hope this helps (and I hope that I properly identified the issue)
--Patrick

Error Message: Access to the path 'C:\Program Files\WindowsApps is denied

I distributed my xaf Winforms+Desktop Bridge app to myself via the Windows Store.
following this blog
From the blog, I want to pre-generate the ModelAssembly.dll, Model.Cache.xafml and ModulesVersionInfo file and package them to go in the output directory.
These files are generated by XAF if they don't already exist.
Where the output directory is given by
Path.GetDirectoryName(GetType().Assembly.Location)
When I install and run my app from the store. I get this error message.
Access to the path 'C:\Program Files\WindowsApps\JobTalk.JobTalk_1.0.19.0_x64__8kpaqbvntb9aj\SBD.JobTalk.Workflow.Win10\ModelAssembly.dll' is denied.
In the code I tried looking form Path.GetRelativePath but it is not available in Framework 4.7.2
In short, UWP app doesn't allow to access files via absolute path. Because UWP apps run in sandbox and have very limited access to the files out of the app container. In most scenarios, the UWP app can directly access only their install folder and their application data folder. Since the converted app also is a UWP app, so your app need to follow this rule.
Please check the Prepare to package a desktop application. The document has mentions some scenarios that is related to your question.
Your application writes to the AppData folder or to the registry with the intention of sharing data with another app. After conversion, AppData is redirected to the local app data store, which is a private store for each UWP app.
Your application writes to the install directory for your app. For example, your application writes to a log file that you put in the same directory as your exe. This isn't supported, so you'll need to find another location, like the local app data store.
Here, there's a special scenario that you could access files via files absolute path. It's a restricted capability called as broadFileSystemAccess. Once you add the broadFileSystemAccess capability, you could use the APIs in the Windows.Storage namespace to get all files that the user has access to. Please read File access permissions for more information.
Please note that the document has explained:
If you submit an app to the Store that declares this capability, you will need to supply additional descriptions of why your app needs this capability, and how it intends to use it.
Xavier's answer explains what was going wrong. The reason it happened on my project was that I missed the step of marking the linked files as "Copy if newer"

Firebase - Collaborate Hosting Development

A guys shared a project with me. Using my online / cloud based IDE, I created a new HTML5 project.
$ npm install -g firebase-tools
$ firebase login
$ firebase list
$ firebase use <shared-project>
$ firebase init
How do I get all the existing hosted files into my IDE so that I can collaborate on this project?
There is no way to download the files from Firebase Hosting within the console. Firebase Hosting is in that sense no replacement for a proper version control system. The best way would be to set up such a version control system for sharing the code with the other developer.
If that's not an option, you an try crawling the site. See this answer: Firebase code pull
I may be coming a bit late but just to add to what Frank said:
If the person you are collaborating with uses somekind of packaging solution like webpack, you won't be able to download the project's source files, since only the bundles will be publicly available.
My guess is that the only way to get the necessary files to collaborate on the project, is trough a proper versioning system, since even if you receive the whole project in a zip, you'd have no way of keeping it in sync with the rest of the team.

Can you access the windows registry from Adobe Air?

(y/N)
Edit: Read-only access is fine.
I haven't tried this yet, but I think I've found a workaround.
Adobe AIR cannot write to Windows Registry, but you can, however, launch a native process in AIR 2. Here's a blog post that shows how to do that: http://www.adobe.com/devnet/air/flex/quickstart/articles/interacting_with_native_process.html
Now, on Windows, you are able to modify the Windows registry with .reg files. .reg files are just plain text files that's read by regedit.exe. So in theory, you can write a .reg file to the file system, then launch regedit.exe with the .reg file passed in and...TADA! You just modified Windows registry from your AIR app!
To read value, you can use regedit's export function to write to a reg file and read from the reg file. Details to regedit's options: http://www.robvanderwoude.com/regedit.php
Here are some additional resources:
.reg file syntax: http://support.microsoft.com/kb/310516
write to file with AIR: http://www.adobe.com/devnet/air/flex/articles/exploring_file_capabilities.html
If your willing to force the user to also install another application, you could write a small C# or C++ windows service that simply opens a Socket that provides some kind of protocol for accessing the registry. Then in AIR you can use the Socket class to send messages to/from the C# service that would return results to the AIR app.
When the app loads you can try to connect to the Socket, and if the connection is rejected you could prompt the user to download/install the service.
As for direct access to the registry I am pretty sure Adobe wouldn't allow that from AIR.
If you can I'd be horrified.
Why would you be horrified?
Air is a desktop platform, and having access to the OS's APIs (such as registry access) makes plenty of sense.
That being said, it isn't supported now (and as Adobe seem to be very Mac-centric, I doubt it will ever be added).
I have settled on grabbing the users name from the name of the user directory
Using File.userDirectory.name will work in most cases, but it seems like a very fragile implementation, it relies on the OS maintaining the convention of having the username as their directory. I can think of a few possible things that might break it (playing with TweakUI etc).
Here is a sample of modifying Windows Registry in Adobe Air using NativeProcess and Python. So you can Add, Delete or Read keys by only a single line of code !!
Download: Adobe Air Registry Modifier on Github
Are you trying to determine if the user is an administrator or not?
If so you could grad the username by with "File.userDirectory.name".
And I think to figure out if the user is an administrator you could probably try to access a file that requires administrator privileges (maybe try writing a file to Windows/System32). If the file access fails you could probably assume that the user is under a Limited account.
A bit late, but I got a wish from a client to read some values from the registry when the project was almost finished. If there were more of these types of wishes, I would have never choosen AIR. But I found a nice extension from FluorineFx, and by extending it, I can now read string and dword values from the registry. Windows only: http://aperture.fluorinefx.com/
You could theoretically modify the actual registry files, but I would highly discourage that idea.
Be very careful if you decide to create a socket server that listens for registry commands. You are potentially creating a security hole and users' personal firewalls may get in the way in terms of usability.

Resources