Currently, I am working on an Android project.
I started the project with sign up and login pages using Firebase. It goes like this:
A new user enters the required details with email and password as login credentials. Meanwhile, a verification mail is sent to the provided email address, the user needs to verify the authentication by following the link in the email. If he didn't authenticate the mail, he won't be able to log in.
Now here the problem occurs! What if the user accidentally deleted the email and now he is unable to login into the app, neither he could create a new account with the same email address as firebase won't allow that.
So, what should I do in this case? Please Help!
Firebase has no requirement that the user must have verified their email address before they can sign in. While you can definitely prevent the user from using your app and accessing its data until their email address has been verified, you can still call the API to sign them in.
So even when they've lost the verification email, you can call the signInWithEmailAndPassword API to sign the user in to Firebase, and then resend their verification email.
Related
I am trying to hit a post request to https://login.microsoftonline.com/<My_Tenant_Id>/oauth2/token from my Java Code, but I am getting the error "invalid_grant: AADSTS50126: Error validating credentials due to invalid username or password". I have verified the credentials and they are correct (I am able to login to Azure portal and see my AWS APP for SSO). I even tried hitting the same request from postman, but then also same issue.
The parameters I have passed are:
"grant_type", "password"
"requested_token_type","urn:ietf:params:oauth:token-type:saml2"
"username", username
"password", password
"client_secret", clientSecret
"client_id", clientId
"resource", clientId
I have even checked various Microsoft Documentations but I am still not able to resolve the issue.
Can anybody tell what might be the issue. is the API call wrong or the server setup is wrong.
Please note: Initially my API call was working, but then I got an error invalid_request: AADSTS80014 then it automatically got resolved and I started getting invalid_grant: AADSTS50126. Has anybody faced this issue or knows how to fix this. Thanks!
I am able to resolve this by creating a cloud only user. The reason a federated user fails with the Resource Owner Password Grant flow is because for a federated user Azure AD has to redirect the user to the specific federation Server that belongs to the user's on-prem domain so that the ADFS server can get the auth down with the local domain controller. In Resource Owner Password grant flow this redirect is not possible hence it is not able to validate the username and password and hence that error.
As a suggestion, we can create a new cloud only user whose username and password should reside in Azure AD, so that when using Resource Owner password Grant flow we submit the user's credentials, AAD can authenticate the user without any redirections.
This user can be a normal user in AAD and the respective delegated permissions should be present in the app registration. Now one more thing to make sure is, if the delegated permission that we are providing needs admin consent then before the user logs in to the application, the admin has to provide the admin consent to this delegated permission. If we want to the user to provide his/her own consent (if the delegated permission needs user consent) then we would have to somehow provide the user consent before going ahead with the Resource Owner Password Grant Flow.
Not a duplicate
I want to sent email without using any default email app so I searched a little bit and I stumbled upon this solution using JavaMail API -
Sending Email in Android using JavaMail API without using the default/built-in app
But I have few issues with this solution -
I don't want to use static username and password. Instead of that I want to use user's email ID. But it'll not be a good design if I directly ask user to enter his or her password.
So, how can I achieve this in a better way. Sorry, if this sounds too broad. Just looking for ideas not actual code.
Please, take a look at the Gmail API Android Quickstart guide. You'll be able to get the account credentials from Google Play Services and authenticate your user with OAuth2 by prompting an account selection
Instead of that I want to use user's email ID
As Gabe indicated, there is no "user's email ID" in Android. Beyond that, an "email ID" is insufficient for sending an email. You would have to ask the user both for all their email account information (username, password, SMTP server, etc.). Unless you are writing a full email client, hopefully nobody will give you this information.
how can I achieve this in a better way
Use ACTION_SEND or ACTION_SENDTO.
Or, send the email from your Web server, where your app tells the Web server what message to send via a Web service API that you implement and adequately secure. Then, you can use your own email account credentials without having to bake them into the app.
I try to develop parental control app and in setup page the parent enters his email to receive location of his kids.
when use JavaMail API using Gmail authentication, need password and email to send email to the parent (and it is not professional way to ask user email and password of his email).
And cannot be used intent because need without user interaction.
So Can anyone Help me or gives me and suggestions
I suggest send emails to user using Google account but without user interaction - If possible-
I saw a lot of posts about this, but i am still confused.
I am using Javax mail for sending email without intent.
Is there a way to send email from local user address without asking for user credentials?
I know how to get user name of local user, but is it mandatory to use the user password?
something like Gmail Auth? can it help?
The password is required by the gmail server, and for good reason. You would not want everyone being able to use your email account to send email without you being able to stop them.
The only way you will be able to accomplish what you want is to ask the user for their email password and store it so that you can use it later in automated sending. When the user changes their gmail password you will need prompt them to update their credentials.
I have an android application - service, which sends data to the server and user is identified by email and password.
As I see I could save Google ID, name, email and etc once user is logged in, but if I use just Google ID to identify user in my service that could be unsafe. right? My service use POST method to send data to the server.
So, my question - is there any way to save Google account information and use it to identify that user on my server safely?