android-studioretrofitokhttphttpserverandroid-security

OkHttp: <-- HTTP FAILED: java.net.UnknownServiceException: CLEARTEXT communication to 10.0.2.2 not permitted by network security policy


I have implemented google sign-in with Firebase authentication in my Android app succesfully. enter image description here

As you see, I have logged-in with my account and it appears on the Firebase console.

The function firebaseAuthWithGoogle authenticates the user with Firebase after he logs-in with Google Sign-in:

private void firebaseAuthWithGoogle(GoogleSignInAccount acct) {
    Log.d(TAG, "firebaseAuthWithGoogle:" + acct.getId());
AuthCredential credential = GoogleAuthProvider.getCredential(acct.getIdToken(), null);
mFirebaseAuth.signInWithCredential(credential)
        .addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
            @Override
            public void onComplete(@NonNull Task<AuthResult> task) {
                if (task.isSuccessful()) {
                    // Sign in success, update UI with the signed-in user's information
                    Log.d(TAG, "signInWithCredential:success");
                    final FirebaseUser user = mFirebaseAuth.getCurrentUser();


                    //This is to connect to the http server and save the user data in my MySql database
                    FirebaseInstanceId.getInstance().getInstanceId().addOnSuccessListener(LoginActivity.this, new OnSuccessListener<InstanceIdResult>() {
                        @Override
                        public void onSuccess(InstanceIdResult instanceIdResult) {
                            String userToken = instanceIdResult.getToken();
                            String uid = user.getUid();
                            String name = user.getDisplayName();
                            String email = user.getEmail();
                            String profileUrl = user.getPhotoUrl().toString();
                            String coverUrl = "";
                            UserInterface userInterface = ApiClient.getApiClient().create(UserInterface.class);
                            Call<Integer> call = userInterface.signin(new LoginActivity.UserInfo(uid,name,email,profileUrl,coverUrl,userToken));

                            call.enqueue(new Callback<Integer>() {
                                @Override
                                public void onResponse(Call<Integer> call, Response<Integer> response) {
                                    progressDialog.dismiss();
                                    Toast.makeText(LoginActivity.this,"Login succesfull AFTER API CALL",Toast.LENGTH_SHORT).show();
                                    startActivity(new Intent(LoginActivity.this,MainActivity.class));
                                    finish();

                                }

                                @Override
                                public void onFailure(Call<Integer> call, Throwable t) {
                                    progressDialog.dismiss();
                                    Toast.makeText(LoginActivity.this,"Login failed AFTER API CALL",Toast.LENGTH_SHORT).show();

                                }
                            });
                        }
                    });
                } else {
                    // If sign in fails, display a message to the user.


                 Log.w(TAG, "signInWithCredential:failure", task.getException());
                    }

                    // ...
                }
            });
}

Another thing the function firebaseAuthWithGoogle does is: Connect to the http Apache server and save the user information in a MySQL users table through this code snippet:

 //This is to connect to the http server and save the user data in my MySql database
                        FirebaseInstanceId.getInstance().getInstanceId().addOnSuccessListener(LoginActivity.this, new OnSuccessListener<InstanceIdResult>() {
                            @Override
                            public void onSuccess(InstanceIdResult instanceIdResult) {
                                String userToken = instanceIdResult.getToken();
                                String uid = user.getUid();
                                String name = user.getDisplayName();
                                String email = user.getEmail();
                                String profileUrl = user.getPhotoUrl().toString();
                                String coverUrl = "";
                                UserInterface userInterface = ApiClient.getApiClient().create(UserInterface.class);
                                Call<Integer> call = userInterface.signin(new LoginActivity.UserInfo(uid,name,email,profileUrl,coverUrl,userToken));

                                call.enqueue(new Callback<Integer>() {
                                    @Override
                                    public void onResponse(Call<Integer> call, Response<Integer> response) {
                                        progressDialog.dismiss();
                                        Toast.makeText(LoginActivity.this,"Login succesfull AFTER API CALL",Toast.LENGTH_SHORT).show();
                                        startActivity(new Intent(LoginActivity.this,MainActivity.class));
                                        finish();

                                    }

                                    @Override
                                    public void onFailure(Call<Integer> call, Throwable t) {
                                        progressDialog.dismiss();
                                        Toast.makeText(LoginActivity.this,"Login failed AFTER API CALL",Toast.LENGTH_SHORT).show();

                                    }
                                });
                            }
                        });
                    } 

So after the user has been succesfully authenticated, the call to the server fails and this line is obviously executed:

 Toast.makeText(LoginActivity.this,"Login failed AFTER API CALL",Toast.LENGTH_SHORT).show();  

I am using Retrofit as an http client along with okhttp as an http body interceptor to log the http requests as follows:

ApiClient.java

  public  static  Retrofit getApiClient(){
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor().setLevel(HttpLoggingInterceptor.Level.BODY);
        OkHttpClient httpClient = new OkHttpClient.Builder()
                .addInterceptor(httpLoggingInterceptor)
                .build();

        if(retrofit==null){
            retrofit = new Retrofit.Builder().baseUrl(BASE_URL)
                    .client(httpClient)
                    .addConverterFactory(GsonConverterFactory.create())
                    .build();

        }
        return retrofit;
    }
}

So after the Toast Text "Login failed AFTER API CALL" appears on the emulator, I have this on the log:

D/OkHttp: --> POST http://10.0.2.2/friendster/public/app/login
    Content-Type: application/json; charset=UTF-8
    Content-Length: 413
D/OkHttp: {"CoverUrl":"","email":"MyEmail@gmail.com","name":"Ahmed Ghrib","profileUrl":"https://lh6.googleusercontent.com/-S8l_5gZaXJ8/AAAAAAI/AAAAAAAAAAA/ACHi3rfObo6-Ta-wxrMUvcAZ8Yg/s96-c/photo.jpg","uid":"YACACYYDcGVr26N8OHuTuQlQqvU2","userToken":"ecxdtFaKldI:APA91bHb1PAA5hU6i1oMqnSsDXXkAaXNb6dynyaYmhU_soHTWmLXud6REjCpqTjsGpgdBh1NMYUqAr3SaTUWapN4v73zkvyYD2f3yegUP3H38eeU_JtH7NOSMKbF4U"}
D/OkHttp: --> END POST (413-byte body)
W/e.myapplicatio: Verification of okhttp3.internal.http.ExchangeCodec okhttp3.internal.connection.RealConnection.newCodec$okhttp(okhttp3.OkHttpClient, okhttp3.Interceptor$Chain) took 134.353ms
D/OkHttp: <-- HTTP FAILED: java.net.UnknownServiceException: CLEARTEXT communication to 10.0.2.2 not permitted by network security policy  

So I found-out that this is causing the error:

CLEARTEXT communication to 10.0.2.2 not permitted by network security policy

After going through StackOverflow, I found-out that I needed to create this file:

src/main/res/xml/network_security_config.xml

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">api.example.com(to be adjusted)</domain>
    </domain-config>
</network-security-config> 

And adding this to the Manifest:

 <application
     ---
        android:networkSecurityConfig="@xml/network_security_config">  

Having tested my database with Postman, I am sure the problem lies in my Android project.
I thought that this should've solved the issue. But, I still have the exact same issue. I still get this error in the log:

CLEARTEXT communication to 10.0.2.2 not permitted by network security policy


Solution

  • Use this instead for the security configuration file:

    src/main/res/xml/network_security_config.xml

    <?xml version="1.0" encoding="utf-8"?>
    <network-security-config>
        <!--Set application-wide security config using base-config tag.-->
        <base-config cleartextTrafficPermitted="true"/>
    </network-security-config>  
    

    It has solved my problem :)