Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions concerning problems with code you've written must describe the specific problem — and include valid code to reproduce it — in the question itself. See SSCCE.org for guidance.
Closed 9 years ago.
Improve this question
I am working on an android App similar to Line/Whats app i.e. basically instant messenger. The problem I face is that even after the user logs out, The notifications are still displayed.
In other words, there is no way to disable the notifications once the user log outs. Instead, the notification are never disabled and keep on reoccurring even after log out making the app highly unusable.
Any advice would be greatly appreciated.
THanks
I imagine that the notifications are being displayed via a Service that receives the messages in the background. What I suggest is the following:
a) This should be the simplest, since the user is logging out, there is no more need to have the background service in the background, so you can make a call to stopSelf() when the trigger to log out is made. If the logout action is happening on an activity, you can notifiy the service via either a broadcast, or via a message, depending on how you've established your service.
b)If you want to try something else, you can add a flag to your service class: isUserLoggedOut and set it to true when you do the logout workflow. Then, you can check for this flag when deciding whether of not to notify the user.
private void showNotification () {
if (isUserLoggedOut)
return;
//shownotification otherwise
}
c) In all honesty though, I strongly advice to revise your logout workflow, to clear existing persistent data from that user (access tokens, etc), close the main activity for chats and display the logon activity again, and disable any processing of messages in the service, as your service shouldn't be handling messages for any account, assuming the user signed out.
Cancel all your notifications using the NotificationManager once the user logs out of your app.
Related
I use this sample: 16.proactive-messages - as the base for my bot and it works fine, but I'd like to extend it, so that it can send messages in a group chat without anyone interacting with it first (like sending a "Hello I'm up!" message at startup), because currently it can only respond if someone has mentioned the bot after it has initialized.
Perhaps there is a proper way to get the group chat(s) where the bot resides at the bot initialization?
I've answered before some tips on Proactive messaging, please see here for that.
To answer your question though, the bot can definitely start the engagement, either by replying to an existing message in a group chat or starting a completely new thread in the chat. However, it does require to have been installed initially, either by a user or programmatically (e.g. Graph API). That part only needs to be done once, then you can capture the conversation reference and use it again anytime thereafter. That is shown in the sample I link to in my other answer I referenced above.
It's not possible to send proactive message without prior interaction.
Sending a proactive message is different from sending a regular message. There's no active turnContext to use for a reply. You must create the conversation before sending the message.
Ref Doc: https://learn.microsoft.com/en-us/microsoftteams/platform/bots/how-to/conversations/send-proactive-messages?tabs=dotnet
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
My app is mostly used outdoors, so there is a Firestore load problem if there is no internet. When a user comes back home, he will have wifi but the app is closed and will not sync. Again when the user goes out and opens the app, there might not be an internet connection and the loop goes on.
What is the best way to sync Firestore in the background? There is BroadcastReceiver option but it is stated that WorkManager should be used instead. Also, there is LiveData but I can't find a Java example, so... what is best? (an example would be nice)
EDIT I had to delete some of the things because my question "is not focused enough"!?!?!?!
so there is a Firestore load problem if there is no internet.
There should not be any problems when the user has no internet connection, and this is because Firestore has its own default caching mechanism:
For Android and iOS, offline persistence is enabled by default.
You say:
When the user comes back home, he will have wifi but the app is closed and will not sync.
It won't sync unless you are listening for real-time changes. Besides that, it's always recommended to remove the lister according to the life-cycle of your activity. So if you are using addSnapshotListener() you attach a listener that gets called for every change that takes place in your database. So this is happening also when your app is closed. Not removing the listener might produce unwanted bills. So it's mandatory to detach the listeners before the activity gets destroyed. For more info, please check the following links:
How to set addSnapshotListener and remove in populateViewHolder in RecyclerView Item?
How to stop getting data in Firestore?
#1. It's not recommended to do that. However, JobDispatcher is old and deprecated, and no longer available, not the BroadcastReceiver class. But if need, you should use WorkManager instead. If you must absolutely use JobDispatcher, which I recommend against it, the source code is archived here. So please read about how to migrate from JobDispatcher to WorkManager.
#2.
Can I use test DB for production and change permissions to read-only? Does that test DB have an expiration date?
Each database has its own Security Rules. So you should choose to secure your data according to your needs. However, there is no expiration date involved, but you can use something like this:
rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.time < timestamp.date(2021, 08, 05);
}
}
}
To limit the access to the database until tomorrow, August 5th, 2021.
#3. You can use the database also without security rules. But most likely you should consider using them. Most likely you shouldn't use the username, nor the email address, but UID that comes from the authentication process.
#4. Yes, every CRUD operation counts against your free quota. And yes, there's a minimum of one document read, even if the query yields no results. So if your query doesn't return any results, you have to pay one document read.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
Being a victim of a Key Logger attack on android, I want to develop a solution for KeyLogger attacks for android. I know basic java and a little about android and very little about Information Security. I am also aware that whatever knowledge I have is not enough to figure out and to develop a solution. I just like to discuss my idea and to see if it is feasible.
Here is what I have:
An android application, which wants to secure user input, must provide a secret key(which can be obtained from server, for a specific user or session) when invoking the android keyboard.
Android keyboard will receive the secret key and use it to encrypt user input and broadcast KEYPRESS event(or whatever event android keyboard broadcasts) with encrypted value.
When an application receives KEYPRESS event, it decrypt's the value in KEYPRESS even to get the actual user input.
I just came to realize that, screenshot can be used to get what user types with latest image-2-text software's. But that is completely a different domain, IMHO.
So, what do you think about it? Is it possible to do it?
Update
I was completely wrong about my phone got owned. Actually, it was never got hacked. But, what really got hacked was me. Yes, I have something in my body, which just copies everything that my brain can receive. And it also capable of receiving and making my brain to do it. I still dont know, why I am able to write this update. May be, who ever put that thing in my body using me as a marketing material. Thanks for answers for my dumb question.
Not realistically.
Few programmers are dealing with low-level input themselves. That is usually handled by other things. Web developers, for example, rarely get involved on a keystroke-by-keystroke basis, even for finding out when those events occur (e.g., for real-time validation), let alone for manually processing that input (e.g., putting the next character typed after the cursor of the field and advancing the cursor by one position).
Moreover, users are not in the habit of changing their input methods frequently. I do not plug in a different USB keyboard when I am visiting Stack Overflow versus when I am visiting Tweetdeck, for example. In the world of Android, this means that the user is going to expect their input method editor to work on all apps and not have to keep changing input method editors just to make some people happy.
Furthermore, you cannot magically change the protocol between input method editor (a.k.a., soft keyboard) and the Android OS. Your keyboard will raise key events. You are welcome to say that your keyboard offers up substitutions for those events as an "encryption" mechanism, but that would be more of a crude substitution cipher (e.g., "whenever the user types A, send over ;"), as you cannot unilaterally decide to expand the key event space.
As a result, not only will you need to write your input method editor, but you will need to write your own custom ROM with a custom Android framework that can handle the "decryption". Or, you would have to force all the worlds' developers to rewrite their apps. And in either case, a keylogger could trivially detect that yours is the input method editor and note that fact, so whoever is using the logs can do some trivial decryption to convert ; back into A.
Now, if you are writing some app where you want to avoid a rogue input method editor, you are welcome to bake in your own data entry keyboard into that app. Then, you will merely anger many of the users of your app, as your in-app keyboard is not the one that they want to use, or lacks features that they are used to (e.g., support for blind users, support for their particular language).
Here is what I would do to implement a secure input method paradigm - as expressed in the question - for Android:
First of all, I am assuming that you have read and understood the "Security" section for InputMethodManager here:
InputMethodManager
So, what we need to develop is an Input Method (IME) which is an Android service, which, along wth the custom keypad view, implements two interfaces:
InputMethod
InputMethodSession
As per the security section in the documentation referred to above, the user need to willingly accept your IME as the system IME. Also, Android will make sure that only system will bind to your service and use the InputMethod interface which is used to show/hide the keyboard etc. So, here things are pretty secure for you and all apps that uses your keyboard.
Now, coming to the security framework that you want to implement:
Lets call it as Secure Input Method - SIM - and lets define our security domain as your IME and the applications that wishes to use your SIM. Here is the significance of the second Interface InputMethodSession
The most important - and often ignored method of this interface is the key of this solution and it is called: appPrivateCommand. This interface allows a private command sent from the application to the IME. As per the documentation, this method can be used to provide domain-specific features that are only known between IME and their clients - and this is exactly what you need for your SIM.
So, using this interface, the apps in your security domain can pass any security information (say, some form of credentials) they want to hand over to your IME. It is up to you to define a method where your service can communicate with a authentication server which processes the client app submitted credentials and approves it. Now if the encryption keys are derived by both your IME and the client, you have established a secure channel of communication between your SIM and its client app (say, via encryption using a derived key from these credentialsd).
You can even customize this whole mechanism by defining some key sequences (like Control+Alt+Del in Windows) which initiates the whole thing by user himself and you can even provide a visual indication (say, a shining green icon) on your keyboard that the input channel is secured... Possibilities are many :)
Hope this helps.
You can do this only if you are developing your own keypad and configure Android to use it. It is not that hard with some experience in Android programming.
Just search in Google for "custom keypad for android" for more inputs.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 3 years ago.
Improve this question
My question is about the way how credit card payment is realized by PayPal API
Particularly I'd like to ask about this code snippet from GitHub:
https://github.com/paypal/PayPal-Java-SDK/blob/master/rest-api-sample/src/main/java/com/paypal/api/payments/servlet/PaymentWithCreditCardServlet.java
Credit card object is prepared, all necessary credentials are typed in, including the amount to be payed, sender's billing address and name, etc.
The only thing I cannot understand from this, is why there is no receiver specified ?
That's basically all
Am not a Java dev -
The "receiver" is "your" (merchant) REST application (which is tied to your PayPal Account) you setup in the Developer Console. You authenticate when making requests - in this specific case, you are sending a credit card for auth/capture in one step (aka sale).
So "you" (the authenticated App) are/is the "receiver".
Think of this process as the API Credentials in the PayPal Classic APIs. Hth....
Update:
so you mean that the token belongs to "receiver", not "sender" ? as well as those client ID and client secret ? i thought they belong to sender
"You" - your app, is the sender (in Paypal's context). Your app sends payment information to Paypal for processing. To do that, PayPal must know "who" you are (which Paypal/merchant account/app) is sending the request.
What exactly are you referring to as "receiver" - maybe it's just terminology that's getting in the way?
Update 2:
by receiver I mean the party that gets the charged amount
"Receiver" == funds: In this specific example/code you referenced.Your app/you merchant account that made/sent the request (your app is sender and "receiver" per this definition).
This is a standard "business"/merchant payment processing flow. Forget the tech/API, think about a POS in a restaurant. That POS (aka "app") will send card data (from swiping a physical credit card) to some processor it has an account at, using whatever protocols it needs to communicate with that processor.
If you're actually looking for some "send money to someone" flow (not the code you referenced), this is probably what you're looking for. This has a different meaning for "receiver" - aka "recipient(s) of funds". I don't actually use it, but it seems straightforward...
Hth..
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
I am currently working on a code that I need to convert from 'extends Activity' to 'extends Service'. I need this because I need to have my app running (the audio being played) in the background even if the phone is in sleep mode. However, doing so caused me some errors. I have no idea how to fix this. As recommended by eclipse, I removed '#Override' before 'protected void onCreate...'. But it still has some errors with functions under it.
protected void onCreate(Bundle savedInstanceState) {
requestWindowFeature(Window.FEATURE_NO_TITLE);
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_p_3);
setRequestedOrientation (ActivityInfo.SCREEN_ORIENTATION_PORTRAIT);
p_e=0;
second_display=(TextView)findViewById(R.id.textView1);
minute_display=(TextView)findViewById(R.id.textView2);
hour_display=(TextView)findViewById(R.id.textView3);
The ones I am having problems with are:
requestWindowFeature
onCreate
setContentView
setRequestedOrientation
findViewById
finish(); (from another child class)
Are there equivalent codes in Activity that I can use in Service?
How do I fix these? I really need help.
The simple answer is, no, there isn't - apart from onCreate which has different argument set in Service than it does in an Activity. What you need to understand is that a Service runs in the background and does not contain any UI of its own. Hence, window features, views, orientation don't apply for a service.
I suggest you start by reading the Service documentation on google. Pay attention to the service lifecycle.
Assuming you want a simple app that plays sounds - and continues to do so even when the phone goes to sleep or your activity is removed from the foreground - then what you need is a combination of an Activity and a Service. Activity would contain all the user interface - exactly as it does now for you. What would change is the sound playback. Instead of playing sound from an activity, you would do so from a service. You will then need to have a communication going between your service and the activity - to update the UI (from service to activity) and to control playback (from activity to service).
Section on Services in Android developer guide provides good information on how to achieve this - and more.
These methods don't exist in a Service. The reason is, that you don't need them.
All these methods are only available for Activities, because they are needed for displaying data/views.
A Service cannot display anything. Check the Android fundamentals page