diff options
Diffstat (limited to 'core/java/android/service/trust')
3 files changed, 204 insertions, 0 deletions
diff --git a/core/java/android/service/trust/ITrustAgentService.aidl b/core/java/android/service/trust/ITrustAgentService.aidl new file mode 100644 index 0000000..863a249 --- /dev/null +++ b/core/java/android/service/trust/ITrustAgentService.aidl @@ -0,0 +1,28 @@ +/* + * Copyright (C) 2014 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.service.trust; + +import android.os.Bundle; +import android.service.trust.ITrustAgentServiceCallback; + +/** + * Communication channel from TrustManagerService to the TrustAgent. + * @hide + */ +oneway interface ITrustAgentService { + void onUnlockAttempt(boolean successful); + void setCallback(ITrustAgentServiceCallback callback); +} diff --git a/core/java/android/service/trust/ITrustAgentServiceCallback.aidl b/core/java/android/service/trust/ITrustAgentServiceCallback.aidl new file mode 100644 index 0000000..c346771 --- /dev/null +++ b/core/java/android/service/trust/ITrustAgentServiceCallback.aidl @@ -0,0 +1,28 @@ +/* + * Copyright (C) 2014 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package android.service.trust; + +import android.os.Bundle; +import android.os.UserHandle; + +/** + * Communication channel from the TrustAgentService back to TrustManagerService. + * @hide + */ +oneway interface ITrustAgentServiceCallback { + void enableTrust(String message, long durationMs, boolean initiatedByUser); + void revokeTrust(); +} diff --git a/core/java/android/service/trust/TrustAgentService.java b/core/java/android/service/trust/TrustAgentService.java new file mode 100644 index 0000000..d5ce429 --- /dev/null +++ b/core/java/android/service/trust/TrustAgentService.java @@ -0,0 +1,148 @@ +/** + * Copyright (C) 2014 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package android.service.trust; + +import android.annotation.SdkConstant; +import android.app.Service; +import android.content.Intent; +import android.os.Handler; +import android.os.IBinder; +import android.os.RemoteException; +import android.util.Slog; + +/** + * A service that notifies the system about whether it believes the environment of the device + * to be trusted. + * + * <p>To extend this class, you must declare the service in your manifest file with + * the {@link android.Manifest.permission#BIND_TRUST_AGENT_SERVICE} permission + * and include an intent filter with the {@link #SERVICE_INTERFACE} action. For example:</p> + * <pre> + * <service android:name=".TrustAgent" + * android:label="@string/service_name" + * android:permission="android.permission.BIND_TRUST_AGENT_SERVICE"> + * <intent-filter> + * <action android:name="android.service.trust.TrustAgentService" /> + * </intent-filter> + * <meta-data android:name="android.service.trust.trustagent" + * android:value="@xml/trust_agent" /> + * </service></pre> + * + * <p>The associated meta-data file can specify an activity that is accessible through Settings + * and should allow configuring the trust agent, as defined in + * {@link android.R.styleable#TrustAgent}. For example:</p> + * + * <pre> + * <trust_agent xmlns:android="http://schemas.android.com/apk/res/android" + * android:settingsActivity=".TrustAgentSettings" /></pre> + */ +public class TrustAgentService extends Service { + private final String TAG = TrustAgentService.class.getSimpleName() + + "[" + getClass().getSimpleName() + "]"; + + /** + * The {@link Intent} that must be declared as handled by the service. + */ + @SdkConstant(SdkConstant.SdkConstantType.SERVICE_ACTION) + public static final String SERVICE_INTERFACE + = "android.service.trust.TrustAgentService"; + + /** + * The name of the {@code meta-data} tag pointing to additional configuration of the trust + * agent. + */ + public static final String TRUST_AGENT_META_DATA = "android.service.trust.trustagent"; + + private static final int MSG_UNLOCK_ATTEMPT = 1; + + private static final boolean DEBUG = false; + + private ITrustAgentServiceCallback mCallback; + + private Handler mHandler = new Handler() { + public void handleMessage(android.os.Message msg) { + switch (msg.what) { + case MSG_UNLOCK_ATTEMPT: + onUnlockAttempt(msg.arg1 != 0); + break; + } + }; + }; + + /** + * Called when the user attempted to authenticate on the device. + * + * @param successful true if the attempt succeeded + */ + protected void onUnlockAttempt(boolean successful) { + } + + private void onError(String msg) { + Slog.v(TAG, "Remote exception while " + msg); + } + + /** + * Call to enable trust on the device. + * + * @param message describes why the device is trusted, e.g. "Trusted by location". + * @param durationMs amount of time in milliseconds to keep the device in a trusted state. Trust + * for this agent will automatically be revoked when the timeout expires. + * @param initiatedByUser indicates that the user has explicitly initiated an action that proves + * the user is about to use the device. + */ + protected final void enableTrust(String message, long durationMs, boolean initiatedByUser) { + if (mCallback != null) { + try { + mCallback.enableTrust(message, durationMs, initiatedByUser); + } catch (RemoteException e) { + onError("calling enableTrust()"); + } + } + } + + /** + * Call to revoke trust on the device. + */ + protected final void revokeTrust() { + if (mCallback != null) { + try { + mCallback.revokeTrust(); + } catch (RemoteException e) { + onError("calling revokeTrust()"); + } + } + } + + @Override + public final IBinder onBind(Intent intent) { + if (DEBUG) Slog.v(TAG, "onBind() intent = " + intent); + return new TrustAgentServiceWrapper(); + } + + private final class TrustAgentServiceWrapper extends ITrustAgentService.Stub { + @Override + public void onUnlockAttempt(boolean successful) { + mHandler.obtainMessage(MSG_UNLOCK_ATTEMPT, successful ? 1 : 0, 0) + .sendToTarget(); + } + + public void setCallback(ITrustAgentServiceCallback callback) { + mCallback = callback; + } + } + +} |