I am trying to connect an email app (AquaMail) on my phone (Sprint Samsung Note 4, stock rooted, Android OS 5.0.1) to my email server (IMAP) using SSL. When I try this, I get the following error message:
Incoming mail server (IMAP): Invalid security (SSL) certificate. java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
The server to which I am trying to connect is my own VPS. I do have a wild card certificate installed on the site and I believe it is installed properly. I say this because of the report I generated on www.ssllabs.com/ssltest:
Certificate: 100%
Protocol Support: 95%
Key Exchange: 90%
Cipher Strength: 90%
Two certification paths are shown: mail.mydomain.com -> StartCom Class 2 Primary Intermediate Server CA -> StartCom Certification Authority (one path shows this with SHA1withRSA and the other shows SHA256withRSA).
Looking at the Handshake Simulation section, it clearly shows that Android 5.0.0 functions properly, but is also shows that Java 7u25 has a 'protocol or cipher suite mismatch'. This same warning shows up for other, deprecated systems and is probably due to my having turned off older, insecure access protocols.
Can anyone suggest how to get this working properly? Yes, I could work around this by a) allowing all certificate or b) not using secure protocols; but neither of these are solutions.
Thank you for your help!
Your HUAWEI ID is the account that can be used to access all Huawei services, for example, the HUAWEI Consumer Cloud service, GameCenter, and AppGallery.
The use of HUAWEI IDs is based on the OAuth2.0 protocol. After obtaining authorization from users, apps can obtain users' basic information from the HUAWEI ID system, including OpenID, access tokens, nicknames, and avatars.
OpenID: After a user signs in using a HUAWEI ID, an app can obtain a unique ID opened by the HUAWEI ID. This unique ID is the OpenID. For the same HUAWEI ID, an OpenID is unique for each app and will always be the same for the same app, that is, the OpenID varies according to the app.
Difference between UnionID and OpenID: When the same HUAWEI ID is used to sign in to different apps, the returned OpenID values are different, but the UnionID values are the same. Therefore, if you need to uniquely identify a user among multiple apps, UnionID can be used.
You can obtain the OpenID after accessing HUAWEI Account Kit. However, to obtain the UnionID, you need to select Enable for Enable UnionID when applying for a HUAWEI ID.
Currently, the following two access token grant types are available for your now: implicit and authorization code.
● Implicit:
A quick app can directly call the authorize API to obtain an access token, which has a default validity period of 3600 seconds. When the access token expires, the quick app needs to call the API to obtain authorization again.
● Authorization code:
The authorization process adopting this grant type is also referred to as the web server flow. It applies to all apps with a server.
The web server flow consists of two steps:
1. A quick app calls the authorize API to obtain an authorization code.
2. The quick app calls the API provided by Huawei server to exchange the authorization code for information including an access token and a refresh token.
Preparations
1. Ensure that you have applied for HUAWEI Account Kit on HUAWEI Developer.
For details, please refer to Applying for HUAWEI Account Kit.
2. Install the development tool by referring to Installing the Development Tool.
HUAWEI Account Kit is extended by HUAWEI and does not comply with vendors' standards. You need to access the kit through Huawei quick app IDE.
Accessing HUAWEI Account Kit
Implicit Grant Type
You must be a company developer whose identity has been verified by HUAWEI Developer.
The app ID for which you need to apply for the permission must be created by the developer account that you have provided.
The app for which you need to apply for the permission is not a finance app.
Application method: Download the Quick App - HUAWEI ID-associated Mobile Number and Email Address Access Permission Application Form (App Name & App ID).xlsx, fill in the form, and send it to [email protected]. Then your application will be reviewed and handled.
1. Call the account.getProvider API in your quick app to check whether the current device supports HUAWEI Account Kit.
Only the return value huawei indicates that the device supports HUAWEI Account Kit. To support HUAWEI Account Kit is the premise on which the following function development and API calls can continue.
2. Call the account.authorize API in the quick app to obtain an access token.
3. Call the account.getProfile API to obtain basic user information, including the OpenID, nickname, and avatar of the user.
Import the following API to the quick app and call the getProfile method.
4. Call account.getPhoneNumber API to obtain the user's mobile number. Before using this function, you need to apply to Huawei for related permissions.Before calling getPhoneNumber, call authorize to obtain the access token again by passing the value scope.mobileNumber for the scope parameter.Import the following API to the quick app and call the getPhoneNumber method.
Authorization Code Grant Type
1. Call the account.getProvider API in your quick app to check whether the current device supports HUAWEI Account Kit.
Only the return value huawei indicates that the device supports HUAWEI Account Kit. To support HUAWEI Account Kit is the premise on which the following function development and API calls can continue.
2. Check whether the authorization code needs to be obtained again.
● If the authorization code has not been obtained or the authorization code has expired according to the response of the account.checkUserSession API, go to Step 3.
● If the current session is still valid according to the response of the account.checkUserSession API, go to Step 5.
3. Call the account.authorize API in the quick app to obtain an authorization code.
import account from '@service.account'
account.authorize(OBJECT)
OBJECT Parameter
ParameterTypeMandatory or OptionalDescriptionappidStringMandatoryUnique ID allocated to a quick app created on HUAWEI Developer. For details, please refer to section "Obtaining the APP ID" in Creating a Quick App.typeStringMandatoryThe parameter has a fixed value of code for the authorization code type.redirectUriUriOptionalLeave this parameter empty.scopeStringYesScope of the permissions that are applied. Currently, only cope.baseProfile is supported.
A success response to the calling of the authorize API in the authorization code grant type contains the following parameters.
ParameterTypeDescriptioncodeStringAuthorization code returned when the authorization code grant type is adopted.
Caution:
An authorization code is valid only for five minutes and can be used only once.
4. Call the API for exchanging the authorization code for an access token from the server.
To obtain an access token, send a request using the POST method from the app's server to the Huawei OAuth 2.0 authorization service address https://oauth-login.cloud.huawei.com/oauth2/v2/token with the following mandatory parameters contained in the request body:
Caution:
Input parameters must be urlencoded.
● grant_type: This parameter has a fixed value of authorization_code.
● code: authorization code obtained in the previous step.
● client_id: app ID obtained when you create an app on HUAWEI Developer.
● client_secret: app secret obtained when you create an app on HUAWEI Developer. This parameter is mandatory.
● redirect_uri: This parameter has a fixed value of hms://redirect_url.
POST /oauth2/v2/token HTTP/1.1
Host: login.cloud.huawei.com
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&code=Etersdfasgh74ddga%3d&client_id=12345&client_secret=0rDdfgyhytRtznPQSzr5pVw2&redirect_uri=hms%3A%2F%2Fredirect_url
If there are no errors in the request, the authentication server will send a JSON string consisting of the following parameters:
● access_token: access token to be obtained. If an access_token contains backslashes (\), remove all of them.
● expires_in: validity period of the access token, in seconds.
● refresh_token: token used to obtain a new access token. This parameter is returned for all apps.
● scope: access scope of the access token, that is, the list of permissions granted by the user.
Sample code:
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
{
"access_token": "346346sdxcdfsa3566546dfdfgfg=",
"expires_in": 3600,
"refresh_token": "68dieddfg08349786gdgfsdfa=",
"scope": "base"
}
If there are errors in the request, the authentication server will send a JSON string consisting of the following parameters.
● error: result code.
● error_description: error description.
Sample code:
HTTP/1.1 400 Bad Request
Content-Type: application/json
Cache-Control: no-store
{
"error": "1102",
"error_description": " The request is missing a required parameter"
}
The default validity period of an access token is 3600 seconds. When the access token expires, you need to use the refresh token to obtain a new access token. To obtain a new access token using the refresh token, go to Step 5.
5. Call the API for obtaining a new access token using the refresh token.The validity period of a refresh token is six months. If the refresh token has expired, go to Step 3.
To obtain a new access token using the refresh token, send a request using the POST method from the app's server to the Huawei OAuth 2.0 authorization service address https://login.cloud.huawei.com/oauth2/v2/token with the following parameters:
● grant_type: This parameter is mandatory and has a fixed value of refresh_token.
● refresh_token: refresh token used to obtain a new access token. This parameter is mandatory.
● client_id: app ID obtained when you create an app on HUAWEI Developer. This parameter is mandatory.
● client_secret: app secret obtained when you create an app on HUAWEI Developer. This parameter is mandatory.
Sample code:
POST /oauth2/v2/token HTTP/1.1
Host: login.cloud.huawei.com
Content-Type: application/x-www-form-urlencoded
grant_type=refresh_token&client_id=12345&client_secret=bKaZ0VE3EYrXaXCdCe3d2k9few&refresh_token=2O9BSX675FGAJYK92KKGG
Caution:
Input parameters must be urlencoded.
If there are no errors in the request, the authentication server will send a JSON string consisting of the following parameters:
● access_token: new access token to be obtained. If an access_token contains backslashes (\), remove all of them.
● expires_in: validity period of the access token, in seconds.
● refresh_token: refresh token used to obtain a new access token. The refresh token has a validity period of six months and is returned only for some apps.
● scope: list of permissions granted by the user.
Sample code:
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
{
"access_token": "346346sdxcdfsa3566546dfdfgfg=",
"expires_in": 3600,
"refresh_token": "68dieddfg08349786gdgfsdfa=",
"scope": "email",
}
If there are errors in the request, the authentication server will send a JSON string consisting of the following parameters.
● error: result code.
● error_description: error description.
HTTP/1.1 400 Bad Request
Content-Type: application/json
Cache-Control: no-store
{
"error": "1102",
"error_description": "The request is missing a required parameter "
}
6. Call the getaccountinfo API with the access token to obtain HUAWEI ID information of the user from Huawei server, including the user name, OpenID, and avatar. To obtain union_id, call the getTokenInfo API.
Debugging HUAWEI Account Kit
1. Start Huawei quick app IDE.
2. Copy the formal certificate file from the release folder under the sign directory of the project to the debug folder.
3. Choose Build > Run Build to debug the app.
If an exception occurs, perform the following operations to locate the fault:
1. Check whether you have applied for a Huawei ID from HUAWEI Developer. For details, please refer to Applying for HUAWEI Account Kit.
2. Call the account.getProvider API to obtain the service provider information. Ensure that the return value is huawei before invoking other APIs. For details about APIs related to HUAWEI Account Kit, please refer to API > Huawei Services > Account.
3. If the result code 1002 is returned, check whether the signature generated by Huawei quick app IDE is consistent with the certificate fingerprint configured on HUAWEI Developer, and whether the formal certificate file in the release folder under the sign directory of the project is copied to the debug folder.
4. Rectify the fault according to the following result code description.
Result CodeDescriptionSuggestion200Common error. The error is usually caused by a gateway request network error. For details, check the error message.If the status code 403 is displayed, switch the network or check whether the scope parameter has been passed.201The user refused to authorize.202Incorrect input parameter.Verify the input parameters.1002Failed to verify the signature.Check whether the RPK is of a formal build version and whether the signature is the same as that configured on HUAWEI Developer.OthersPlease refer to the result codes in Common Result Codes.
FAQ
Q: What can I do if I cannot access my Huawei ID?
The Huawei ID interface is customized by the vendor. To facilitate fault location, install the Huawei Quick App IDE for debugging.
If an exception occurs, perform the following operations to locate the fault:
Check whether you have applied for a Huawei ID to HUAWEI Developer. For details, see Applying for HUAWEI Account Kit.
Invoke the account.getProvider interface. Ensure that the return value ishuaweibefore invoking other interfaces. For details about interfaces related to Huawei IDs, see API > Huawei Mobile Service > Account.
If the error code 1002 is displayed, check whether the signature information generated by the IDE is consistent with the certificate fingerprint configured on HUAWEI Developer. If you debug aquickapp underBuild>RunBuild, copy the formal certificate file from thereleasefolder in thesigndirectory of the IDE project to thedebugfolder.
If other error codes are displayed, rectify the fault by referring to "HMSSDK Framework Error Codes" in Common Error Codes about Huawei accounts.
For details about Huawei developers and HMS, visit the website.
HUAWEI Developer Forum | HUAWEI Developer
forums.developer.huawei.com
Symptom
When you enter a value in the input box and submit it, the mandatory item verification fails, and the system displays a message indicating that xxx is empty and instructs you to enter a value.
Cause Analysis
The possible cause is that the method for obtaining the value is incorrect. As a result, the value in the input box cannot be obtained.
The code for obtaining the input value is as follows:
e.target.attr.value, this.$element('#id').attr.value.
Solution
Use the onchange event to assign a value to the model and obtain the value of the input box. The method is as follows:
1. Initialize the model.
1
2
31. data:{
2. accountValue:''
3. }
2. Bind an event to the input box.
1. <input @change="getAccountValue" value="{{accountValue}}"></input>
3. Assign a value.
1. getAccountValue: function(e) {
2. this.accountValue = e.value // Here, e.value instead of e.target.attr.value is used.
3. }
Suggestions and Summary
Refer to the official document instead of generating a JavaScript object for coding. A JavaScript object may lead to compatibility issues.
Currently, the data binding mode of the quick app is unidirectional.
1. The value entered in the input box does not change the value of accountValue in data.
2. If the value of the input box is changed by setting this.accountValue to xxx, the onchange event of the input will not be triggered.
3. In this.accountValue = xxx format, if the value of accountValue before and after the change is the same, the page will not be re-rendered.
For details about Huawei developers and HMS, visit the website.
HUAWEI Developer Forum | HUAWEI Developer
forums.developer.huawei.com
There are two key steps required for integrating HUAWEI Game Service. The first is adding code to the onCreate method of the Application class to register the callback listening function for the activity. And the second is calling the JosAppsClient.init method to initialize the game.
Cocos SDKHub helps you complete the first step and provides the initialization method you need for the second step.
Here’s the sample code for calling the method:
JavaScript:
sdkhub.getUserPlugin().callFuncWithParam(“init”);
Please note that your game should be initialized prior to its launch. Furthermore, if the method contains a user privacy agreement, it will need to be called upon the user’s consent. This method is used to display bulletins.
After initialization, the following information is recorded in the log:
Wiki:
I/HMSSDK_HMSBIInitializer: Builder->biInitFlag :true
I/HMSSDK_JosAppsClientImpl: request Jos Notice.
I/HMSSDK_HmsClient: post msg api_name:core.getNoticeIntent, app_id:103468471|, pkg_name:com.cocos2d.checkUpdate, sdk_version:50000302, session_id:*, transaction_id:103468471Intent20201214203645835197672, kitSdkVersion:50001302, apiLevel:1
I/HMSSDK_BaseAdapter: in baseRequest + uri is :core.getNoticeIntent, transactionId is : 103468471Intent20201214203645835197672
I/HMSSDK_PendingResultImpl: init uri:core.getNoticeIntent
I/HMSSDK_PendingResultImpl: setResultCallback
I/HMSSDK_PendingResultImpl: setResult:0
I/HMSSDK_BaseAdapter: baseCallBack.onComplete
I/HMSSDK_HmsClient: receive msg status_code:0, error_code8002, api_name:core.getNoticeIntent, app_id:103468471|, pkg_name:com.cocos2d.checkUpdate, session_id:*, transaction_id:103468471Intent20201214203645835197672, resolution:null
W/HMSSDK_NoticeTaskApiCall: Jos Notice onResult failed:8002,ErrReason:
Note: No results will display after init is called, and no action is required from your app.
A developer reported that an app downloaded from AppGallery could not be installed.
After checking the message to find out more details about the error, I discovered that the error message was actually "Conflicting provider (Error code: -13)", indicating that ContentProvider of the downloaded app conflicted with that of an existing app. The system also provided a description of the error and recommended a solution.
Generally, if a provider conflict occurs when you install an app, it is probably because an existing app has the same ContentProvider. ContentProvider is one of the four Android elements, although it very rarely used. The ContentProvider feature interacts and shares data between processes, which determines that it must be globally unique. Once an app has registered a ContentProvider on the phone, the app installed later cannot use the same ContentProvider. Otherwise, installation will fail.
As expected, installation failed when we found the same ContentProvider settings in the AndroidManifest.xml file after checking the two conflicting apps.
In this case, you can modify the ContentProvider information and install the app again to resolve the problem.