Exception "TwitterAuthConfig must not be created with null consumer key or secret." and cannot launch app

android
unity

#1

I use fabric(twitter) on Unity.

Installation of fabric and set-up is all done. (including login my twitter account.)
And build/launching on iOS is also successfully done.

but on Android , I got following errors when I open app.
and failed to launch it.

java.lang.RuntimeException: Unable to create application io.fabric.unity.android.FabricApplication: io.fabric.unity.android.FabricInitializationException: Could not instantiate kits
at android.app.ActivityThread.handleBindApplication(ActivityThread.java:4512)
at android.app.ActivityThread.access$1400(ActivityThread.java:150)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1329)

Caused by: java.lang.reflect.InvocationTargetException
at java.lang.reflect.Constructor.constructNative(Native Method)
at java.lang.reflect.Constructor.newInstance(Constructor.java:417)
at io.fabric.unity.android.KitInstantiator.instantiateTwitterKit(KitInstantiator.java:81)

Caused by: java.lang.IllegalArgumentException: TwitterAuthConfig must not be created with null consumer key or secret.
at com.twitter.sdk.android.core.TwitterAuthConfig.(TwitterAuthConfig.java:56)
at java.lang.reflect.Constructor.constructNative(Native Method)
at java.lang.reflect.Constructor.newInstance(Constructor.java:417)

Is there way to solve this errors ?


#2

Hey @kamasu, in Unity if you head to “Assets -> Editor Default Resources -> FabricSettings” and then in the right panel, “Installed Kits -> Twitter -> Meta”, do you see values in there for your Twitter API key and secret?


#3

Thanks for replying.
Yes, all fields are filled and these seem to be correct value.
I attach the screenshot.


#4

That looks right to me. I haven’t been able to reproduce this on my end. Can you paste a screenshot of your Unity build settings for Android?


#5

Thanks for helping me.
I found the cause and solution!

My twitter secret is consisted of only numbers (Ex. “1234”)
I checked .apk manifest by using aapt :
aapt dump xmltree ******.apk AndroidManifest.xml > hoge.txt

and I got following:
... A: android:name(0x01010003)="io.fabric.twittercore.secret" (Raw: "io.fabric.twittercore.secret") A: android:value(0x01010024)=(type 0x10)0x[ twitter secret hexadecimal ] ...
I guessed that my twitter secret is recognized as integer.
so I change my twitter secret to alphabetical one and it works very well !

but there is new concern…
I can extract my twitter id and secret from .apk file easily.
I think it is not secure…


#6

@kamasu, nice catch! Great to hear it’s working now. I’ll share your concern with the team so they can investigate alternatives - thanks for calling that out!