Android Question Firebase FCM API(v1) update to B4A

M

marcelo_efn

Member
Licensed User
Longtime User
Hi
I developed some Apps in B4A that use FCM to exchange messages between them.
After changing Firebase to HTTP V1, communication between them stopped working.
I have been studying the articles published here on the forum:
https://www.b4x.com/android/forum/threads/b4x-firebase-push-notifications-2023.148715/
https://www.b4x.com/android/forum/threads/solved-notifications-stopped-suddenly-any-help.163091/

From what I understand, the best solution at the moment is to use B4J. So this is my difficulty. I have always developed Apps with B4A and never needed to use B4J.
How do I make B4J work together with B4A?
Do I have to install the B4J IDE on my computer? Use B4J code and create a .jar library to be read by B4A? Sorry but I don't know how to start.

Could anyone help me in a basic step by step way?
 
Sort by date Sort by votes

aeric

Expert
Licensed User
Longtime User
Follow the installation steps on download page

Learn Cross Platform App Development IoT, Desktop & Server | B4J

B4J is a 100% free programming tool, similar to B4A that generates desktop, server and web applications.
www.b4x.com

The steps are basically same as how you install B4A. Just configure the paths and ready to go.

Download the attached project, unzip and open the .b4j project. Compile in debug will do. You can see messages in the Logs.
 
Upvote 0
M

marcelo_efn

Member
Licensed User
Longtime User
Thank you @aeric for your instructions. I installed it and started some tests.
@DonManfred Thank you for your observations.

If B4J Sendingtool Code is not compatible with B4A, how will we ensure that B4A Apps can send and receive messages?
 
Upvote 0
A

Alex_197

Well-Known Member
Licensed User
Longtime User
marcelo_efn said:
Thank you @aeric for your instructions. I installed it and started some tests.
@DonManfred Thank you for your observations.

If B4J Sendingtool Code is not compatible with B4A, how will we ensure that B4A Apps can send and receive messages?
Click to expand...
You need some server that will take a request, for example something like this
B4X: 
https://www.example.com?WhereToSend=deviceid&Title=MyMessageTile&Body=MyMessageBody

and then send this message to another device
 
Upvote 0

DonManfred

Expert
Licensed User
Longtime User
marcelo_efn said:
how will we ensure that B4A Apps can send and receive messages?
Click to expand...
You are not expected to send them from Android.

To send them from Android (which does not work any longer) you need to implement a serverkey in your app; a Hacker will easily extract the key.

Setup a B4J Server on your Server and call this server to send the notification.
 
Upvote 0
M

marcelo_efn

Member
Licensed User
Longtime User
Thank you @Alex_197 and @DonManfred

Therefore, B4A lost the ability to send notifications. At this point, for B4A to be able to send notifications, external adaptations will need to be made.
Depending on external adaptations can generate instability and slowness in the application.

We need to help Erel develop a solution for this case.
I continue to trust that B4A is the best Android development tool.
 
Upvote 0

aeric

Expert
Licensed User
Longtime User
marcelo_efn said:
B4A lost the ability to send notifications. At this point, for B4A to be able to send notifications, external adaptations will need to be made.
Depending on external adaptations can generate instability and slowness in the application.
Click to expand...
I don't agree with you that B4A has lost the so call ability to send notifications.

I never seen any tutorial that we use B4A as the sending tool.
Using B4A to replace the B4J Sending tool is not the right way!
It poses security risk to add the API_Key to the Android app as a client.
Even prior to Google changes the API to Http V1, we still rely on another middleware written in PHP, C#, VB.Net or use the code from B4J-SendingTool.

It is not fair to blame that this is a problem of B4A.
If someone program their Android app in Java, JavaScript or C# using this wrong way, can you also blame these language too?

I also not agree about your statement about the dependency of the middleware that cause instability and slowness in the application.
Delay of receiving notification may cause by your mobile network.
The tool is simple and can work instantly.

marcelo_efn said:
We need to help Erel develop a solution for this case.
Click to expand...
The right solution is already available.
I don't think "We" need to develop a new "wrong" way.
 
Upvote 0
M

marcelo_efn

Member
Licensed User
Longtime User
Maybe we're talking about different things, but I found this code and was using it:

B4X: 
Private Sub SendMessage(id As String, Title As String, Body As String)
   Dim Job As HttpJob
   Job.Initialize("fcm", Me)
   Dim m As Map = CreateMap("to": $"${id}"$)
   Dim data As Map = CreateMap("title": Title, "body": Body)
   m.Put("data": data)
   Dim jg As JSONGenerator
   jg.Initialize(m)
   Job.PostString("https://fcm.googleapis.com/fcm/send", jg.ToString)
   Job.GetRequest.SetContentType("application/json;charset=UTF-8")
   Job.GetRequest.SetHeader("Authorization", "key=" & API_KEY)
End Sub
https://www.b4x.com/android/forum/t...-cloud-messaging-fcm.67716/page-3#post-433583

If the use of this code was compromising security, I was not aware of it. But it worked well on B4A.

Now I don't think there will be any other way. Follow your suggestion of another middleware.

I'm not blaming B4A. But before, my B4A App sent messages without needing other resources.

Thank you @aeric for your guidance. Congratulations on your help to other users of this forum, as I have seen.
 
Upvote 0

mcqueccu

Well-Known Member
Licensed User
Longtime User
Okay, so this is the situation. It is only a security Risk if the sending Tool (example B4A App) is uploaded to the Store with your KEYS.

The first B4J Sending Tool non-UI using the Firebase Legacy key, depends on okHttputils, and with the power of B4X cross platform compatibility,
I converted it to B4XPages UI, which runs on my Android phone and iPhone (screenshot attached)
NOTE: Its not an App Uploaded to the Stores. Its just on MY PHONE.

1. Its very convenient for me, Because I can send notifications to all my Apps, right from my phones, anywhere.
2. I also Someone, who uses it to send automated reminders on specific dates (using PHP and Cronjobs).

With these two scenarios, some users cannot depend on B4J Sending Tool alone.

The firebase v1 now requires Auth, and people are still looking for ways to be able to convert the new sending tool with auth for their use on their personal phones and their servers for their convenience.

 
Upvote 0

aeric

Expert
Licensed User
Longtime User
You are right but not everyone knows what they are doing or see why they should not do in this way. Here we already seen an example.
Google saw this is a problem and introduce us a "better" way.
Or else their support team will be busy answering to questions such as "why my firebase quota has been finished and my credit card is charged?"
 
Upvote 0
W

wes58

Active Member
Licensed User
Longtime User
I can't agree with that. I haven't seen anything that Google has been doing over the years is "better way".
1. You have a color screen and they decided that you can only have white notification icons.
2. You have big screen with resolution 2340x1080 and they tell you that notification icon has to be 24x24 pixel otherwise it is not displayed correctly. Except on Samsung phones because Samsung knows it is a bad idea.
3. How many times did we have to change how the services work - every change of Google SDK. And every time it is harder to do anything.
4. Limiting access to the files/folders. Because they think it is better, safer - and they have millions of permissions which obviously don't work if they have to limit what the user can do with THEIR phone.
5. You use fingerprint unlock and they tell you for your security you have to enter PIN every couple of days. That's the most absurd reason I heard of! I should be able to decide how I use my phone, not to be forced by Google.
6 And now Firebase messaging. It was working fine for so many years and it was easy to implement on devices like ESP8266 or ESP32, but now they made it harder or even impossible to run on some of those devices. I also liked to be able to send messages from my phone. And now the only way to do it, is to get access and refresh token using b4J sending tool, and then use refresh token on ESP32 and my phone to send messages. You don't need b4J after that.
7. There are probably many others...

If the hacker really wants to do something Google can't stop them. How many application with malware they have in their playstore?
 
Upvote 0

aeric

Expert
Licensed User
Longtime User
Did you see that i have double quoted the word "better"?

You don't need to tell me the above as I am not representing Google.
I believe there are reasons why they wanted/have/needed to do those things. I believe whatever they do are bound to questions by authority and security auditors.
 
Upvote 0
M

marcelo_efn

Member
Licensed User
Longtime User

I agree with you.
Google only prioritizes what's important to them and their own security.
 
Upvote 0
You must log in or register to reply here.

Similar Threads

  • Article
B4A Library [B4X] FirebaseFirestore
Replies
13
Views
3K
Claude Obiri Amadu
  • Article
B4A Library [B4X] Supabase - The Open Source Firebase alternative
2 3
Replies
59
Views
16K
Alexander Stolte
  • Locked
  • Article
Android Tutorial [B4X] Firebase Push Notifications 2023+
2
Replies
36
Views
18K
aeric
  • Locked
  • Article
B4A Library FirebaseAdMob v1.6
2 3
Replies
42
Views
26K
Erel
  • Locked
  • Article
B4A Library FirebaseNotifications - Push messages / Firebase Cloud Messaging (FCM)
15 16 17
Replies
339
Views
202K
Erel
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…