Is it possible to check that feature is enabled, or is catching FeatureNotEnabledException or FeatureNotSupportedException excepprions is the only option?
For example, even if user grants permissions for accessing Location Srvices, the exception FeatureNotEnabledException will be thrown, if Location Services are disabled.
Related
I can't find any Keycloak Admin API that I can use to return all the users which are temporarily disabled cause of brute force detection. There is, of course, an API which returns the brute-force status of every user - GET /{realm}/attack-detection/brute-force/users/{userId} Keycloak documentation.
However, I have a lot of users and I have try to find an API which returns the brute-force status of all the users at once, without iterate over all the users and check the GET /{realm}/attack-detection/brute-force/users/{userId} API.
Even the enabled feature of User can't be use as indication for temporarily disabled users when you query all the users with the REST API. That's because when i use the GET /admin/realms/{realm}/users to retrieve the userRepresentation of all the users, even temporarily locked users has the enabled feature set to true. However, if i use the API GET /admin/realms/{realm}/users/{userID} for each user seperatly, temporarily locked users has the enabled feature set to false. You can read more about it, on this Github Issue.
There is some workaround here?
I am using Keycloak version 20.0.
I've implemented a Keycloak Storage Provider plugin that communicates with a remote user store. When an error occurs, I want that to be shown in the Admin UI. For example, in the Admin UI under Users you can display a list of users. You can then show/edit a given user's attributes by clicking on the user's ID link. When an error occurs, I throw an Exception. However this just shows up as an unknown server error. Is there any way to get the Admin UI to show the message in the exception or some other way to get the UI to display the error like a Status.setError() API I may have missed?
Try to use org.keycloak.models.ModelException(String message, Object ... parameters). I use it when i attempt to update password of user in external user storage. First param is a name of message key (see messages_??.properties localozation files in /theme folder of keycloak distribution), second param is a bunch of values that should be used for message templating.
org.keycloak.storage.ReadOnlyException is also shown well in UI.
Using the firestore online security simulation with custom claims results in an error, but it works perfectly when deployed (while actually handling real requests). The error is:
Error: simulator.rules line [5], column [23]. Property admin is undefined on object.
I have confirmed that the user actually have the claim (by the admin SDK and by using the application I'm adding the rules to).
match /{document=**} {
allow write: if request.auth.token.admin;
allow read;
}
Is this expected? Is the simulator broken or am I missing something? Not being able to use the simulator will be hard as I expect to use a few custom claims in my application.
The rules simulator doesn't run with a real user from Firebase Authentication, but runs with the user you define within the simulator itself in the bottom left section of your screenshot.
So you'll need to specify the admin claim in the rules playground by selecting the Custom provider, and then editing the Auth token payload to include a token.admin property.
I have a pretty robust android application which does a lot of disc access in various activities and services and has no single point of access. Which was fine pre-marshmallow.
Asking the permissions the first time and handling when the permissions being declined is fine but what if the user revokes the permissions after granting them. Now I am in a situation where I have 1000's of lines of code which needs to do a permission check in multiple places. So what is the best course of action
1) Multiple if checks sound too laborious.
2) Blanket Try Catch
Is there a better way to handle it?
You have to check permission each and every time whenever you use. For your simplicity you can use PermissionAcceptor-master library.
Almost all permission is included in this library.
You have to add few lines of code using PermissionAcceptor-master library like
new PermissionRequest(MainActivity.this,
Permission.PERMISSION_CAMERA,
PermissionCode.CODE_PERMISSION_CAMERA,
R.string.permission_camera_rationale,
R.string.permission_camera_denied,
R.string.permission_enable_message, this)
.checkPermission();
For more information, visit PermissionAcceptor-master.
I had similar issue with my application, on multiple activities accessing an API which requires write storage permission. I end up having a BaseActivity class which checks for permission when activity resume and if permission is not granted it navigates the user to the initial activity. The Initial activity will never let the customer to other activities if permission is not granted.
If the user revokes a permission after giving it, it's done via Settings, in which case your app is closed and restarted anyway. BaseActivity may indeed help to handle onRequestPermissionsResult
I want to make an app, wherein I have access to the following
Logs: call log, message log, app usage log, media log, ...
Logging data per activity: ex) call log: call direction, phone number, call
duration, location, ...
Privacy policy (logging policy, using policy of the log data, user
consent policy, ...)
Are there any APIs available to achieve above mentioned.
There are no public available API's that will allow you to access this information.