小贝子编程

安卓应用程序在调试模式下运行良好,但在发布时则不然(生成签名bundle/APK)



我想就我的团队在签名构建(.apk/.aab(方面遇到的Android问题寻求一些帮助。

TL/DR:问题是,当我们使用ionic serve或Android Studio在本地非调试模式下运行应用程序时,我们可以很好地登录。但当我们";生成签名束/APK";该应用程序通过java keystone,我们无法登录。登录过程似乎无法在手机上找到AuthToken,因此退出。

详细信息:

  • 我们有一个使用ionic 5/Angular 8构建的移动应用程序。我们也在使用AuthConnect Enterprise插件("@ionicenterprise/auth":"^3.9.2"(
  • 我们使用的是安卓工作室(2021.1补丁1(

Package.json(下图(

{
"name": "xxx",
"description": "xxx xxxxxxxx Mobile Version",
"version": "0.0.2",
"author": "support@xxxx.app",
"homepage": "https://www.xxxx.app",
"scripts": {
"ng": "ng",
"start": "ng serve",
"build": "ng build",
"test": "ng test",
"lint": "ng lint",
"e2e": "ng e2e",
"postinstall": "npx jetifier"
},
"private": true,
"dependencies": {
"@angular/common": "~8.2.14",
"@angular/core": "~8.2.14",
"@angular/fire": "^5.4.2",
"@angular/forms": "~8.2.14",
"@angular/platform-browser": "~8.2.14",
"@angular/platform-browser-dynamic": "~8.2.14",
"@angular/router": "~8.2.14",
"@googlemaps/js-api-loader": "^1.12.9",
"@ionic-enterprise/auth": "^3.9.2",
"@ionic-enterprise/camera": "^6.0.0",
"@ionic-enterprise/geolocation": "^4.1.0",
"@ionic-enterprise/inappbrowser": "^5.0.1",
"@ionic-native/camera": "^5.36.0",
"@ionic-native/core": "^5.25.0",
"@ionic-native/document-viewer": "^5.31.1",
"@ionic-native/file": "^5.25.0",
"@ionic-native/file-opener": "^5.25.0",
"@ionic-native/geolocation": "^5.36.0",
"@ionic-native/google-analytics": "^5.25.0",
"@ionic-native/google-maps": "^5.5.0",
"@ionic-native/http": "^5.27.0",
"@ionic-native/local-notifications": "^5.36.0",
"@ionic-native/native-geocoder": "^5.36.0",
"@ionic-native/network": "^5.36.0",
"@ionic-native/open-native-settings": "^5.36.0",
"@ionic-native/splash-screen": "^5.25.0",
"@ionic-native/status-bar": "^5.25.0",
"@ionic/angular": "^5.1.0",
"@ionic/storage": "^2.3.1",
"@types/google.maps": "^3.46.1",
"capacitor-pdf-viewer-plugin": "^1.0.0",
"cordova-plugin-add-swift-support": "^2.0.2",
"cordova-plugin-advanced-http": "^3.0.0",
"cordova-plugin-androidx-adapter": "^1.1.3",
"cordova-plugin-buildinfo": "^4.0.0",
"cordova-plugin-device": "2.0.2",
"cordova-plugin-document-viewer": "^1.0.0",
"cordova-plugin-file": "^6.0.2",
"cordova-plugin-geolocation": "^4.0.2",
"cordova-plugin-google-analytics": "^1.9.0",
"cordova-plugin-ionic-keyboard": "^2.0.5",
"cordova-plugin-ionic-webview": "^5.0.0",
"cordova-plugin-local-notification": "^0.9.0-beta.2",
"cordova-plugin-nativegeocoder": "^3.4.1",
"cordova-plugin-network-information": "^2.0.2",
"cordova-plugin-splashscreen": "5.0.2",
"cordova-plugin-statusbar": "2.4.2",
"cordova-sqlite-storage": "^6.0.0",
"core-js": "^2.5.4",
"d3-hierarchy": "^1.1.9",
"file": "^0.2.2",
"firebase": "^7.14.3",
"hawk": "^7.0.10",
"jetifier": "^2.0.0",
"jquery": "^3.5.1",
"jquery-sparkline": "^2.4.0",
"moment": "^2.25.3",
"ngx-ionic-image-viewer": "^0.7.0",
"ngx-logger": "^4.1.9",
"rollbar": "^2.15.2",
"rxjs": "^6.5.5",
"tslib": "^1.11.2",
"zone.js": "~0.9.1"
},
"devDependencies": {
"@angular-devkit/architect": "~0.803.2",
"@angular-devkit/build-angular": "~0.803.2",
"@angular-devkit/core": "~8.3.23",
"@angular-devkit/schematics": "~8.3.23",
"@angular/cli": "8.3.23",
"@angular/compiler": "~8.2.14",
"@angular/compiler-cli": "~8.2.14",
"@angular/language-service": "~8.2.14",
"@ionic/angular-toolkit": "^2.2.0",
"@types/googlemaps": "^3.43.3",
"@types/jasmine": "~3.3.8",
"@types/jasminewd2": "~2.0.3",
"@types/jquery": "^3.3.38",
"@types/node": "~8.9.4",
"codelyzer": "^5.2.2",
"cordova-android": "^10.0.0",
"cordova-ios": "^6.2.0",
"cordova-open-native-settings": "^1.5.5",
"cordova-plugin-camera": "git+https://github.com/apache/cordova-plugin-camera.git",
"jasmine-core": "~3.4.0",
"jasmine-spec-reporter": "~4.2.1",
"karma": "~4.1.0",
"karma-chrome-launcher": "~2.2.0",
"karma-coverage-istanbul-reporter": "~2.0.1",
"karma-jasmine": "~2.0.1",
"karma-jasmine-html-reporter": "^1.5.3",
"protractor": "^5.4.4",
"ts-node": "~7.0.0",
"tslint": "~5.15.0",
"typescript": "~3.4.3"
},
"cordova": {
"plugins": {
"cordova-plugin-file": {},
"cordova-plugin-geolocation": {},
"cordova-plugin-network-information": {},
"cordova-plugin-google-analytics": {
"GMS_VERSION": "11.0.1"
},
"cordova-plugin-statusbar": {},
"cordova-plugin-device": {},
"cordova-plugin-splashscreen": {},
"cordova-plugin-ionic-keyboard": {},
"cordova-plugin-buildinfo": {},
"cordova-plugin-advanced-http": {},
"@ionic-enterprise/auth": {
"AUTH_URL_SCHEME": "com.response.app",
"OKHTTP_VERSION": "3.10.0"
},
"cordova-plugin-document-viewer": {},
"cordova-plugin-googlemaps": {
"LOCATION_WHEN_IN_USE_DESCRIPTION": "This app wants to get your location while this app runs only.",
"LOCATION_ALWAYS_USAGE_DESCRIPTION": "This app wants to get your location always, even this app runs in background."
},
"cordova-plugin-file-opener2": {
"ANDROID_SUPPORT_V4_VERSION": "27.+"
},
"cordova-plugin-ionic-webview": {},
"@ionic-enterprise/inappbrowser": {},
"cordova-sqlite-storage": {},
"cordova-plugin-camera": {
"ANDROIDX_CORE_VERSION": "1.6.+"
},
"cordova-plugin-file-transfer": {},
"cordova-plugin-nativegeocoder": {
"LOCATION_WHEN_IN_USE_DESCRIPTION": "Use geocoder service"
},
"cordova-open-native-settings": {}
},
"platforms": [
"ios",
"android"
]
}
}

我还附上了我们的config.xml文件

<?xml version='1.0' encoding='utf-8'?>
<widget android-versionCode="1" id="app.response" ios-CFBundleVersion="1" version="3.1" xmlns="http://www.w3.org/ns/widgets" xmlns:cdv="http://cordova.apache.org/ns/1.0">
<name>xxxx</name>
<description>xxxx.app Mobile Application</description>
<author email="support@reponse.app" href="https://response.app">xxxx Development Support Team</author>
<content src="index.html" />
<access origin="*" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="https://firebasestorage.googleapis.com/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<preference name="ScrollEnabled" value="false" />
<preference name="android-minSdkVersion" value="22" />
<preference name="android-compileSdkVersion" value="30" />
<preference name="android-targetSdkVersion" value="30" />
<preference name="BackupWebStorage" value="none" />
<preference name="SplashMaintainAspectRatio" value="true" />
<preference name="FadeSplashScreenDuration" value="300" />
<preference name="SplashShowOnlyFirstTime" value="false" />
<preference name="SplashScreen" value="screen" />
<preference name="SplashScreenDelay" value="3000" />
<preference name="AndroidXEnabled" value="true" />
<preference name="WKWebViewOnly" value="true" />
<preference name="GOOGLE_MAPS_ANDROID_API_KEY" value="AIzaSyAm2VD_ypzfNZ1muaUirSXtOsplMft6O-0" />
<preference name="GOOGLE_MAPS_IOS_API_KEY" value="AIzaSyBoWBCEoKbAXNffdYfC8-0nZcrHgIfxEH0" />
<preference name="hostname" value="localhost" />
<preference name="AndroidInsecureFileModeEnabled" value="true" />
<platform name="android">
<edit-config file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application" xmlns:android="http://schemas.android.com/apk/res/android">
<application android:usesCleartextTraffic="true" />
<application android:networkSecurityConfig="@xml/network_security_config" />
</edit-config>
<resource-file src="resources/android/xml/network_security_config.xml" target="app/src/main/res/xml/network_security_config.xml" />
<allow-intent href="market:*" />
<preference name="loadUrlTimeoutValue" value="700000" />
<preference name="SplashScreenDelay" value="3000" />
</platform>
<platform name="ios">
<edit-config file="*-Info.plist" mode="merge" target="NSCameraUsageDescription">
<string>Camera usage needs to be enabled on the device in order to upload photos of an incident.</string>
</edit-config>
<edit-config file="*-Info.plist" mode="merge" target="NSPhotoLibraryAddUsageDescription">
<string>Required to access the user’s photo library.</string>
</edit-config>
<edit-config file="*-Info.plist" mode="merge" target="NSPhotoLibraryUsageDescription">
<string>Required to access the user’s photo library (iOS 14+).</string>
</edit-config>
<edit-config file="*-Info.plist" mode="merge" target="NSLocationWhenInUseUsageDescription">
<string>Location/GPS services are required in order to pinpoint your location on the map during an incident.</string>
</edit-config>
<allow-intent href="itms:*" />
<allow-intent href="itms-apps:*" />
</platform>
<plugin name="cordova-plugin-statusbar" spec="2.4.2" />
<plugin name="cordova-plugin-device" spec="2.0.2" />
<plugin name="cordova-plugin-splashscreen" spec="5.0.2" />
<plugin name="cordova-plugin-ionic-keyboard" spec="^2.0.5" />
<plugin name="cordova-sqlite-storage" spec="^6.0.0" />
<plugin name="cordova-plugin-network-information" spec="^2.0.2" />
<plugin name="cordova-plugin-file" spec="^6.0.2" />
<plugin name="cordova-plugin-geolocation" spec="^4.0.2" />
</widget>

可能出了什么问题?

更新:我设法解决了这个问题。我们发现我们的身份验证API没有受到攻击。这使我们看到了Resources/android/xml/network_security_config.xml文件。

我发现这个链接非常有用:https://developer.android.com/training/articles/security-config

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true">
<trust-anchors>
<certificates src="system"/>
</trust-anchors>
</base-config>
<domain-config cleartextTrafficPermitted="false">
<domain includeSubdomains="true">localhost</domain>
<domain includeSubdomains="true">http://xxxx-prod.xxxx.com</domain>
</domain-config>
<debug-overrides>
<trust-anchors>
<certificates src="system"/>
</trust-anchors>
</debug-overrides>
</network-security-config>

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium