Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(Android) HockeyApp authentication can be skipped using hardware back button #52

Open
ghost opened this issue May 3, 2017 · 7 comments
Open

(Android) HockeyApp authentication can be skipped using hardware back button #52

ghost opened this issue May 3, 2017 · 7 comments

Comments

@ghost
Copy link

ghost commented May 3, 2017

react-native 0.41.2
react-native-hockeyapp 0.5.1

Unexpected behavior:
We use the HockeyApp authentication type = 2 (emailPassword). After installing our app and launching it, the HockeyApp authentication screen is presented to the user. Users on an Android device can skip the HockeyApp authentication using the hardware back button and this will take them directly to our app. We also discussed this with the HockeyApp team and they suggested we change the HockeyApp SDK version to their latest (4.1.3) but this has not made the issue go away.

Expected
It should not be possible for a user to skip the HockeyApp authentication. Maybe an idea is to disable the hardware back button when the HockeyApp authentication screen is up or to exit the app when the user hits the hardware back button.
@ElektrojungeAtWork
Copy link

Hey,
I replied to you in the HockeyApp support, but I wanted to post my response here, too.

We were finally able to reproduce this. The change was merged in develop of our Android SDK just now. Unfortunately, it'll be a few weeks until we release 4.1.5 of the Android SDK as we just released 4.1.4 and we are quite busy working on Mobile Center. That said, we might release 4.1.5 earlier, we just don't know.
Thanks a lot for bearing with us.

Best,
Benjamin

@ghost
Copy link
Author

ghost commented May 4, 2017

Thank you Benny. We'll proceed as you suggested

@ghost
Copy link
Author

ghost commented May 11, 2017

Benny,
Is there a way that you can accelerate the delivery of a patch to address the issue? We are running several pilots of our mobile app and at the moment when it comes to Android users/devices we faced TWO MAJOR ISSUES:

  1. Users that are part of our test pool can copy the apk from their file system on the device and send it around and anyone can basically use it and we have no control and no visibility on this

  2. Since users can skip the authentication, we can't trace crash reports and other analytics to specific users.

Thank you in advance

@ElektrojungeAtWork
Copy link

@devmaster72 I completely understand. I'll let you know at the beginning of next week what the ETA for the 4.1.5 release is. We're trying to be as quick as possible.

Thx for your support and understanding.

@ghost
Copy link
Author

ghost commented Aug 19, 2017

@TroubleMakerBen do you have an update on the ETA of 4.1.5? thank you

@ElektrojungeAtWork
Copy link

@eR1011 That was released weeks ago. We're at 5.0.0-beta.1 now.

@ghost
Copy link
Author

ghost commented Sep 23, 2017

Thank you @TroubleMakerBen, we just upgraded to HockeyApp SDK 5.0.1 and I can confirm the problem is gone

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ElektrojungeAtWork