diff options
author | Joseph Wen <josephwen@google.com> | 2015-02-25 14:00:39 -0500 |
---|---|---|
committer | Joseph Wen <josephwen@google.com> | 2015-04-07 16:57:40 -0400 |
commit | 6a34bb2d6a6cbc7a70bdf0c53d238dc28e0b1d58 (patch) | |
tree | 712a98d57ba64d4979ebf7f1f285c4c073ca487d /packages/StatementService/Android.mk | |
parent | b43755be6e95b39619bb64b283710092468154cf (diff) | |
download | frameworks_base-6a34bb2d6a6cbc7a70bdf0c53d238dc28e0b1d58.zip frameworks_base-6a34bb2d6a6cbc7a70bdf0c53d238dc28e0b1d58.tar.gz frameworks_base-6a34bb2d6a6cbc7a70bdf0c53d238dc28e0b1d58.tar.bz2 |
Implement IntentFilter verification service.
This commit adds a verifier that verifies a host delegates permission for
an app to handle Url for the host using the Statement protocol.
- Implements the Statement protocol
-- The protocol defines a file format that represents statements.
-- The protocol defines where each asset type should put their statement
declaration. For web asset, the statement file should be hosted at
<scheme>://<host>:<port>/.well-known/associations.json.
- Implements IntentFilterVerificationReceiver, an interface between
StatementService and PackageManager. PackageManager will send a
broadcast with action Intent.ACTION_INTENT_FILTER_NEEDS_VERIFICATION.
The service will process the request and returns the results by calling
PackageManager.verifyIntentFilter().
To verify an IntentFilter like this defined in Android app com.test.app
<intent-filter>
<data android:scheme="https" />
<data android:host="www.test.com" />
<data android:pathPattern=".*"/>
</intent-filter>
The service will try to retrieve the statement file from
https://www.test.com:443/.well-known/associations.json and try to find
a JSON object equivalent to
{'relation': ['delegate_permission/common.handle_all_urls'],
'target': {'namespace': 'android_app',
'package_name': 'com.test.app',
'sha256_cert_fingerprints': [APP_CERT_FP]}}
The entry should have the correct relation, package name, and
certificate sha256 fingerprint.
Because this implementation will send a HTTP request for each host
specified in the intent-filter in AndroidManifest.xml, to avoid overwhelming
the network at app install time, we limit the maximum number of hosts we will
verify for a single app to 10. Any app with more than 10 hosts in the
autoVerify=true intent-filter won't be auto verified.
Change-Id: I787c9d176e4110aa441eb5fe4fa9651a071c6610
Diffstat (limited to 'packages/StatementService/Android.mk')
-rw-r--r-- | packages/StatementService/Android.mk | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/packages/StatementService/Android.mk b/packages/StatementService/Android.mk new file mode 100644 index 0000000..f0adb1c --- /dev/null +++ b/packages/StatementService/Android.mk @@ -0,0 +1,33 @@ +# Copyright (C) 2015 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +LOCAL_PATH:= $(call my-dir) +include $(CLEAR_VARS) + +LOCAL_MODULE_TAGS := optional + +LOCAL_SRC_FILES := $(call all-java-files-under, src) + +LOCAL_PROGUARD_FLAG_FILES := proguard.flags + +LOCAL_PACKAGE_NAME := StatementService +LOCAL_PRIVILEGED_MODULE := true + +LOCAL_STATIC_JAVA_LIBRARIES := \ + libprotobuf-java-nano \ + volley + +include $(BUILD_PACKAGE) + +include $(call all-makefiles-under,$(LOCAL_PATH)/src) |