Reputation: 7442
Invalidate all gcm tokens
My app uses gcm. Each time user logs in, new gcm token is registered and sent to my 3rd party server. Each time user logs out, gcm token is unregistered. This woks without any problems.
The problem is that when it comes to testing, tester can uninstall the app without loging out, and then install it back again and log into another account. Then he'll recieve two gcms from two different account. This means he'll recieve private gcms for account hes not currently loged into. This can even happen with live users sometimes.
GCM documentation states that gcm tokens can expire sometimes if the application is uninstalled. In practice, this never happens.
http://developer.android.com/google/gcm/gcm.html
GCM documentation also states that you can unregister GCM tokens by executing
Intent unregIntent = new Intent("com.google.android.c2dm.intent.UNREGISTER");
unregIntent.putExtra("app", PendingIntent.getBroadcast(this, 0, new Intent(), 0));
startService(unregIntent);
But this method doesn't seem to work if you try it after reinstall. I do recieve callback which tells me that token is unregistered, but gcm token still works ok.
My question is: can you ensure that there are no valid gcm tokens for your application? I'd really like to unregister all existing tokens during application first start, or at least reset them from the phone settings.
Upvotes: 5
Views: 3165
Answers (2)
Reputation: 8691
GCM tokens for your app are unique for each device, so if you ever get a different user telling you they are using the same GCM token as some other user, then you know that the situation you described has occurred. Basically, every time you receive a GCM token, you should delete all older records that have that same GCM token before assigning it ONLY to the new user.
Upvotes: 2
Reputation: 26994
I believe you'll receive an error when your server send a message to the invalidated registration id. I think you can catch this error to delete these registrations id from your database/datastore.
Also from the doc (canonical id):
If later on you try to send a message using a different registration ID, GCM will process the request as usual, but it will include the canonical registration ID in the registration_id field of the response. Make sure to replace the registration ID stored in your server with this canonical ID, as eventually the ID you're using will stop working.
Upvotes: 1
Related Questions
- Clearing app data not clearing GCM token nor GCM subscribing topics
- Android - not getting GCM token
- Have any solution for validate gcm token?
- Android GCM - How to remove bad device tokens from my (third party) database?
- How to refresh registration token in GCM that expired after a while?
- Unregister token on new Google Cloud Messaging
- Expiration tokens of gcm
- How to initiate an android GCM token refresh?
- Do old GCM tokens live on even after an uninstall?
- How to clear Notification from GCM