iOS: ScreenTime API FamilyControl Autorization failed - ios

I am trying to implement the Screentime app and I have added the Family Controls capability to my sample app. But, I'm getting a FamilyControlsError Code=0 when requesting authorization from an iPad OS v15.7.1 signed in with a child iCloud account.
I am using below code:
AuthorizationCenter.shared.requestAuthorization { result in
switch result {
case .success():
print("Sucess...")
case .failure(let error):
print("Failed... \(error)")
}
}
Please let me know if I am missing anything.

Related

AWS Amplify iOS SDK : FederatedSignIn Failed to retrieve authorization token on Amplify.API.post

I've been working with the Amplify SDK to get federatedSignIn working with my iOS app with "Sign in with Apple" and Cognito to eventually make calls to API Gateway / Lambda functions.
TL;DR : My access token does not appear to be "automatically included in outbound requests" to my API as per the last paragraph of this section of the docs : Cognito User pool authorization
I have successfully authenticated using the tutorial found here Authentication Getting Started and other various Youtube videos on the Amazon Web Services channel.
Upon successful sign in through Apple I'm given an ASAuthorizationAppleIDCredential object. This contains the user field (token) which I pass to the Amplify.Auth class using the following Swift code :
func signIn (with userId: String)
{
guard
let plugin = try? Amplify.Auth.getPlugin(for: AWSCognitoAuthPlugin().key),
let authPlugin = plugin as? AWSCognitoAuthPlugin,
case .awsMobileClient (let client) = authPlugin.getEscapeHatch()
else
{
return
}
client.federatedSignIn(providerName: AuthProvider.signInWithApple.rawValue, token: userId) { (state, error) in
if let unwrappedError = error
{
print (unwrappedError)
}
else if let unwrappedState = state
{
print ("Successful federated sign in:", unwrappedState)
}
}
}
All appears to be successful and to double check I use the following bit of code to ensure I'm authorized :
func getCredentialsState (for userId:String)
{
let provider = ASAuthorizationAppleIDProvider()
provider.getCredentialState(forUserID: userId) { (credentialsState, error) in
if let unwrappedError = error
{
print (unwrappedError)
}
switch credentialsState
{
case .authorized:
print ("User Authorized")
case .notFound, .revoked:
print ("User Unauthenticated")
case .transferred:
print ("User Needs Transfer")
#unknown default:
print ("User Handle new use cases")
}
}
}
In the console I see "User Authorized" so everything appears to be working well.
However when I then go to make a call to Amplify.API.post I get the following error:
[Amplify] AWSMobileClient Event listener - signedOutFederatedTokensInvalid
Failed APIError: Failed to retrieve authorization token.
Caused by:
AuthError: Session expired could not fetch cognito tokens
Recovery suggestion: Invoke Auth.signIn to re-authenticate the user
My function for doing the POST is as follows :
func postTest ()
{
let message = #"{'message": "my Test"}"#
let request = RESTRequest (path: "/test", body: message.data(using: .utf8))
Amplify.API.post (request:request)
{
result in switch result
{
case .success(let data):
let str = String (decoding: data, as: UTF8.self)
print ("Success \(str)")
case .failure(let apiError):
print ("Failed", apiError)
}
}
}`
I then went into the API Gateway UI and changed the generated Method Request on my resource from AWS IAM to my Cognito User Pool Authorizer thinking this was the issue. I also changed the awsAPIPlugin authorizationType to "AMAZON_COGNITO_USER_POOLS" in my amplifyconfiguration.json file. This unfortunately did not have any affect.
I've seen posts such as this issue User is not created in Cognito User pool for users logging in with Google federated login #1937 where people discuss the problem of having to to use a web ui to bring up the social sign in. I understand that Apple will reject your app sometimes for this. Therefore this is not a solution.
I then found this post which seems to resolve the issue however this appears to use the old version of the SDK? Get JWT Token using federatedSignIn #1276
I'm not great with Swift (I'm still an Objective C expert, but am slowly learning Swift) so I'm uncertain which path to go here and whether this is actually a solution? It does seem to be quite more complicated than the function I have that does my POST? The RESTRequest does seem to be a simple and easy solution but I'm uncertain how to pass it the Authorization token (or even how to get the token if it is needed here).
However, everything I've read about the SDK is that the authorization should be handled automatically in the background according the docs in my first link above. Specifically pointed out, again, here : Cognito User pool authorization. The last paragraph here states 👍
With this configuration, your access token will automatically be included in outbound requests to your API, as an Authorization header.
Therefore, what am I missing here as this does not appear to automatically include my access token to my outbound requests to my API?

Getting error of "Publisher identifiers not found" when I enable "debugGeography" in AdMob

I am trying to test my GDPR compliance code and trying to display the consent form for AdMob but I get this error:
Consent info update failed. Error: Error Domain=Consent Code=1
"Response error. Publisher identifiers not found: ca-app-pub-0123456789012345"
I have triple checked, my publisherID is correct, it is something like "pub-0123456789012345".
When I check my AdMob account status I see that
"Your account is active and in good standing."
I have followed the directions of Google to receive user consent for personalized ads. I am in the USA, so use this line:
PACConsentInformation.sharedInstance.debugGeography = .EEA
When I disable this line, I don't get the error above anymore, but the error below:
Error loading form: Error: request is not in EEA or unknown.
I have tried to use this line instead but nothing changed:
PACConsentInformation.sharedInstance.debugGeography = PACDebugGeography.EEA
My only guess is that for the reason that my AdMob account is USA based, I get "publisherID not found" error when I enable ".EEA". But how can I do the testing if my guess is true?
I am doing the testing both on simulator and on the phone. I could not manage to display the consent form anywhere.
The code I am using is below:
// advertiseIDOfPhone and publisherID are constants defined elsewhere
PACConsentInformation.sharedInstance.debugIdentifiers = [advertiseIDOfPhone]
PACConsentInformation.sharedInstance.debugGeography = .EEA
PACConsentInformation.sharedInstance.requestConsentInfoUpdate(forPublisherIdentifiers: [publisherID])
{(_ error: Error?) -> Void in
if let error = error {
// Consent info update failed.
print("☢️ Consent info update failed. Error: \(error)")
} else {
print("☢️ Consent info updated.")
// Consent info update succeeded. The shared PACConsentInformation
// instance has been updated.
switch PACConsentInformation.sharedInstance.consentStatus {
case .nonPersonalized:
print("☢️ Personalized ads consent NOT given.")
case .personalized:
print("☢️ Personalized ads consent given.")
case .unknown:
print("☢️ Unknown consent.")
guard let privacyUrl = URL(string: "yourWebsiteURL"),
let form = PACConsentForm(applicationPrivacyPolicyURL: privacyUrl) else {
print("incorrect privacy URL.")
return
}
form.shouldOfferPersonalizedAds = true
form.shouldOfferNonPersonalizedAds = true
form.shouldOfferAdFree = true
form.load {(_ error: Error?) -> Void in
print("⚛️ Load complete.")
if let error = error {
// Handle error.
print("⚛️ Error loading form: \(error.localizedDescription)")
} else {
form.present(from: self) { (error, userPrefersAdFree) in
if error != nil {
// Handle error.
} else if userPrefersAdFree {
// User prefers to use a paid version of the app.
//buy the pro Version
}
}
}
}
default:
break
}
print("☢️ isRequestLocationInEEAOrUnknown: \(PACConsentInformation.sharedInstance.isRequestLocationInEEAOrUnknown)")
}
}
Where can be my mistake here? Is the code I am using good?
--
It seems that this is a known bug:
Kindly note that we are aware of this issue, and our Engineering team
is already working on a resolution. Rest assured that we are keeping
an eye out on this, and that we will update you for any news regarding
this issue.
Regards, Ziv Yves Sanchez Mobile Ads SDK Team
I didn't expect a bug from Google in such a fundamental aspect of a big product and unfortunately I have spent hours on this problem trying to find my mistake somewhere...
While they work on a resolution, you can use the Google Test Publisher ID:
pub-3940256099942544
My account gives me the error but I was able to use the test ID to implement and test the Consent SDK. Just make sure you switch back to your ID before you distribute the app.
I got the Same Issue!
This is not our Code's fault. Admob not serving ads.
Go to Admob Console
In Home There is Dialog Box: "Don't serve Until PaymentDetails Entered"
Click the Learn more and create an AdSense account
after that enter payment details
That's all they will serve ads after 24 hours after the account verified
I have the same issue.
Until I updated my settings on https://fundingchoices.google.com.
Go to the webpage, select APP on the left side, go in and activate the app you are using.

How can I devide users into different groups(Identity pools) automatically?

I'm using AWS Cognito in my iOS app to implement the user signup & signin functions. I used the official Amplify SDK DOCs(https://aws-amplify.github.io/docs/ios/authentication) as a reference, and the app works well. But, actually I want to give my users different access authority which can achieve different contents(like files in S3).
While the user signing up the app, they must choose a group. Based on the group, they are given different access authority.
I've read the SDK DOCs and developer guide but I haven't found a good way to implement this function.
Is there any function in cognito I can use to separate users into different Identity pools? Or can anybody show me some samples which allow users having different access authority.
AWSMobileClient.sharedInstance().signUp(username: "your_username",
password: "Abc#123!",
userAttributes: ["email":"john#doe.com", "phone_number": "+1973123456"]) { (signUpResult, error) in
if let signUpResult = signUpResult {
switch(signUpResult.signUpConfirmationState) {
case .confirmed:
print("User is signed up and confirmed.")
case .unconfirmed:
print("User is not confirmed and needs verification via \(signUpResult.codeDeliveryDetails!.deliveryMedium) sent at \(signUpResult.codeDeliveryDetails!.destination!)")
case .unknown:
print("Unexpected case")
}
} else if let error = error {
if let error = error as? AWSMobileClientError {
switch(error) {
case .usernameExists(let message):
print(message)
default:
break
}
}
print("\(error.localizedDescription)")
}
}
You don't have to put users in different identity pools. Cognito already has user groups that you can use to assign different roles.
I am not familiar with IOS but there should be an admin add user to group method that you can use.

iOS DeviceCheck API - GenerateToken gives error Code 0

I'm trying to implement the new iOS 11 DeviceCheck API (https://developer.apple.com/documentation/devicecheck), but token generation always fails. I've tried on simulator and iPhone SE, with wifi and mobile data. Apple ID in settings is my normal, non-sandbox account.
This is an existing app for an organization - from the docs it sounds like the only configuration requirement is to make sure App ID is set up in the apple developer portal.
Anyone else having this issue?
The exact error message is:
The operation couldn’t be completed. (com.apple.devicecheck.error error 0.)
This is the code I'm using, nothing fancy.
if #available(iOS 11.0, *) {
let device = DCDevice.current
if (device.isSupported) {
device.generateToken(completionHandler: { (data, error) in
if let token = data{
print("token: \(token)")
}else if let error = error{
print("error: \(error.localizedDescription)")
}
})
} else {
print("devicecheck not supported")
}
}
In my case, this error was caused by my iPhone's time being horribly out of sync. I manually changed the device's time to be the actual, current time (Settings → General → Date & Time). After that, the error went away and I was able to generate tokens.
Your code seems fine to me. The problem is simulator. It won't pass device.isSupported. You need to run it on real device.

Fetching data from Facebook page's events page

I would like to pull data from a Facebook event page that would fetch all the events listed by a Facebook page. I have to up the iOS SDK, but i am now unsure how to call the Graph API. I found the PAGE ID for a Facebook group page i want to take the events from by looking at the page's source code and finding "PAGEID".
I have set it up all in my dashboard along with my Bundle ID. The only left is to call the Graph API, but i am unsure and left confused when trying to following their doc.
Show us the code you tried already and what is not working.
Have you tried this already? (where {page-id} is your page's ID):
let connection = GraphRequestConnection()
connection.add(GraphRequest(graphPath: "/{page-id}/events")) { httpResponse, result in
switch result {
case .success(let response):
print("Graph Request Succeeded: \(response)")
case .failed(let error):
print("Graph Request Failed: \(error)")
}
}
connection.start()

Resources