Open MrCsabaToth opened 3 years ago
The hack went in with this commit: https://github.com/DIYGPSTracker/DIYGPSManager/commit/270f9c099b5b1e7921364cb89c4fe3b8cc05c881
val getInstance2: Method =
FirebaseMessaging::class.java.getDeclaredMethod("getInstance", FirebaseApp::class.javaObjectType)
getInstance2.setAccessible(true) // if security settings allow this
// FirebaseMessaging.getInstance(appSingleton.firebaseApp!!)
// null is for static methods
val firebaseMessaging: FirebaseMessaging =
getInstance2.invoke(null, appSingleton.firebaseApp!!) as FirebaseMessaging
firebaseMessaging.subscribeToTopic(GEO_FENCE_TOPIC)
.addOnCompleteListener { task ->
if (!task.isSuccessful) {
Timber.d("Could not subscribe to topic ${GEO_FENCE_TOPIC}")
} else {
Timber.d("Subscribed to topic ${GEO_FENCE_TOPIC}")
}
}
Currently the messages don't arrive which is possibly due to https://github.com/DIYGPSTracker/DIYGPSMessaging/issues/1 but we have to verify the receiver end as well.
https://stackoverflow.com/questions/62253691/firebasemessaging-getinstancefirebaseapp-for-secondary-app-supposed-to-be-publ The constructor which referenced by the documents is not public in real life. Right now I'm using Java reflection to access it and set it to public in the name of "sudo make me a sandwitch!". But it'd be better to have a more legitimate solution.
This is all due to the fact that we are operating everything on secondary databases, which is not the usual way. We use secondary databases because each app user brings their own database and configures it, so I as the author don't have to store any highly sensitive data.