There's a mobile app I need to debug and find out what endpoints with what parameters is it using. How can I do it?
I thought about using Wireshark, but all endpoints are in https. I tried using Android Studia (I am not Java developer, so I have no experience using it) but the app from official source did not start.
I tried to analyze the code and I think I found right endpoints, but I can't find format of parameters that are supposed to be sent with those requests.
Is there any other way of finding out other than debugging those .smali files?
Related
I want to accomplish this:
https://developers.google.com/games/services/web/serverlogin
with Java instead of javascript. I know the APIs exist for Java, as I already have a desktop application and an Android application that are able to login properly to Google, using Java APIs. Now I just need to figure out how to follow the process described above with regular Java.
This line is particularly annoying:
"If the auth object in my google-signin-callback already has an access token, can I send that to the server instead of performing this additional code-exchange step?
A: No. You should avoid sending access tokens to your server if at all possible. The "exchange a single-use code for an access token" strategy is much more secure and we highly recommend using that approach in your applications."
I have seen things that seem to contradict in several places, including on Google's guides. This seems like it would be the easiest way given what I have working, but I'd do it properly if I could figure out how in Java. I want to be able to access Google Play Games Services on the client side as well as the server side.
1) How do I get a single use token on the client side? (on android and desktop)
2) How do I exchange it on the server side?
Thanks
I've been looking around all morning, and can't seem to figure this one out. I know it's not as complicated as I think it is, and all I need is just some pointers to the right direction.
I have an Android application that takes some user input, sends it to a Java application over the web, and then receives some output based on the input.
My Android and Java applications are ready, but how do I go about sending and receiving the data over the web? I understand that I'll be sending and receiving HTTP requests, but my problem is where I'll be sending them and receiving them from. Do I host my Java application on a Servlet like Tomcat, or do I use something like OpenShift to host my application for me?
I have no trouble with sending some HTTP request from my Android application to the web and receiving some output back, but my problem is that my web service needs to use a Java library to process the input and generate the output. I'm just not sure how I'm supposed to get this data to and from this Java library that needs to be hosted on the web.
I hope my question makes any sense.
EDIT: Perhaps I wasn't clear with what exactly I need help with. I do realize that the architecture I use doesn't really make any difference, but the problem I have is with how I'm supposed to use this architecture.
Let's say I have a registered domain name that I can easily send to and receive data from using my Android application - no trouble with that. But how am I supposed to integrate my Java library with this server? Do I just create an applet and put it on my server? Does my web host even allow Java applets to run?
I guess my question is how I'm supposed to get through the "barrier" between my HTTP request / transport layer protocol and my Java application.
Server architecture usually does not matter. You can use Java, NodeJs, Rails, Python, .NET, etc. You just need an endpoint that accepts a HTTP POST/PUT/GET/DELETE/PATCH verb.
This is more a question of "how do I set up a server to accept input" and its a very large topic in itself. I would advise you look at PAAS solutions like:
Parse.com
Kinvey.com
You can use their tools to build a solution fairly quickly. If you need something custom you'll need to build your backend in the language of choice and host it online via AWS, Google Cloud, Heroku, a VPS or something similar.
I'm doing performance testing for mobile application which is developed in java language and
coming to load runner scripting i'm using java over HTTP as protocol.
Actually i'm not aware of this protocol,i can able to record the application but i don't know whether all the requests got captured or not.
Note:In java over HTTP protocol no generation log and no run time viewer to validate the requests .So how can we validate?
Please share your experience on this protocol and get me out of this issue.
This appears to be a cross post with several posts on facebook. If these other posts are yours then please pick one thread as reference for answers
ShotgunPostsAreSPAM
I've been thinking about implementing of Google Play licence check on my Java server. Is that even possible? I haven't been able to find anything on this matter. I know Android LVL is written in Java, but I'm not sure if it can run outside of dalvik machine. Is there a posibillty of checking Google account name or some kind of device ID against Google Play to check whether an app has been bought in a Java server application?
The answer above is simply verifying response data (returned by google LVL on android device) on app server.
I think the question is asking if it's possible to call some google web API to do Google Play license check on its app server. But it seems like google doesn't open the web API interface to its licensing server, all LVL calls need to be done using its google play service framework on android device.
Yes it's possible, the java sources are out there and could be downloaded (and afaik, the jar is not dexed until you compile your application) - see some kind of manual over there at developers.android.com to read about how to get the sources
I've heard about a PHP project trying to attempt it, but using java should be no problem at all - you do the same things on the server, the manuals state for the client - and let the client sends the encrypted response from the market directly to the server via SSL (e.g. byte[] post)
You should get a UID from ResponseData.userId
Read some more in this blog post and more info and links in another SO answer
I am writing an iOS 5.1.1 app for the iPad2 using Xcode 4.4.1. I want to be able to locate a local http server running on Java.
Once I am able to connect to the http server, all I need to communicate with it is the url including the port.
My questions:
1) Should I use Bonjour or a DNS Server running on the http server to discover the http server itself?
2) I need to authenticate the iPad2 user with name and password to work with the http server once I discover it.
I need some help understanding how I would go about accomplishing these two steps including source code if available for the iOS 5 and Xcode 4.4.1.
1) Bonjour is pretty easy to tie in with Java apps. If you're particularly masochistic you can write your own Java-based mDNS (Bonjour) responders (I've done it, it's not rocket science), but the quickest way to get going is to use jMDNS in your http server to advertise its existence. I won't copy & paste the code samples but they suffice for most applications.
On the iOS side, NSNetService is your friend. Fundamentally it involves starting a responder in the background to look for services (i.e. your Java app), then calling a delegate when something appears/disappears:
id delegateObject; // Assume this exists.
NSNetServiceBrowser *serviceBrowser;
serviceBrowser = [[NSNetServiceBrowser alloc] init];
[serviceBrowser setDelegate:delegateObject];
[serviceBrowser searchForServicesOfType:#"_http._tcp" inDomain:#""];
There's a guide that explains it all. The protocol hasn't changed for 10+ years and you count on all modern iOS/OS X versions supporting it. The jMDNS library is pretty well battle-tested at this stage, too.
You might consider creating your own service type if you don't want it to be visible to other apps that search for _http._tcp., although this is just a cosmetic thing.
2) The simplest thing that'd work would be HTTP basic auth; you didn't say what kind of authentication your app supports or how you make HTTP requests on the client side, but this is pretty well covered already.