Use app supplied API key for safetynet queries

This commit is contained in:
Klaus Flittner 2018-09-21 18:00:52 +02:00 committed by Marvin W
parent e32cb84397
commit b2d6965608
3 changed files with 9 additions and 9 deletions

View File

@ -139,15 +139,15 @@ public class Attestation {
}
}
public String attest() throws IOException {
public String attest(String apiKey) throws IOException {
if (payload == null) {
throw new IllegalStateException("missing payload");
}
return attest(new AttestRequest(ByteString.of(payload), droidGaurdResult)).result;
return attest(new AttestRequest(ByteString.of(payload), droidGaurdResult), apiKey).result;
}
private AttestResponse attest(AttestRequest request) throws IOException {
HttpURLConnection connection = (HttpURLConnection) new URL(SafetyNetPrefs.get(context).getServiceUrl()).openConnection();
private AttestResponse attest(AttestRequest request, String apiKey) throws IOException {
HttpURLConnection connection = (HttpURLConnection) new URL(SafetyNetPrefs.get(context).getServiceUrl(apiKey)).openConnection();
connection.setRequestMethod("POST");
connection.setDoInput(true);
connection.setDoOutput(true);

View File

@ -52,7 +52,7 @@ public class SafetyNetClientServiceImpl extends ISafetyNetService.Stub {
@Override
public void attest(ISafetyNetCallbacks callbacks, byte[] nonce) throws RemoteException {
attestWithApiKey(callbacks, nonce, null);
attestWithApiKey(callbacks, nonce, "AIzaSyDqVnJBjE5ymo--oBJt3On7HQx9xNm1RHA");
}
@Override
@ -82,7 +82,7 @@ public class SafetyNetClientServiceImpl extends ISafetyNetService.Stub {
if (dg != null && dg.getStatusCode() == 0 && dg.getResult() != null) {
attestation.setDroidGaurdResult(Base64.encodeToString(dg.getResult(), Base64.NO_WRAP + Base64.NO_PADDING + Base64.URL_SAFE));
}
AttestationData data = new AttestationData(attestation.attest());
AttestationData data = new AttestationData(attestation.attest(apiKey));
callbacks.onAttestationData(Status.SUCCESS, data);
} else {
callbacks.onAttestationData(dg == null ? Status.INTERNAL_ERROR : new Status(dg.getStatusCode()), null);

View File

@ -21,7 +21,7 @@ import android.content.SharedPreferences;
import android.preference.PreferenceManager;
public class SafetyNetPrefs implements SharedPreferences.OnSharedPreferenceChangeListener {
private static final String OFFICIAL_ATTEST_URL = "https://www.googleapis.com/androidcheck/v1/attestations/attest?alt=PROTO&key=AIzaSyDqVnJBjE5ymo--oBJt3On7HQx9xNm1RHA";
private static final String OFFICIAL_ATTEST_BASE_URL = "https://www.googleapis.com/androidcheck/v1/attestations/attest?alt=PROTO&key=";
public static final String PREF_SNET_DISABLED = "snet_disabled";
public static final String PREF_SNET_OFFICIAL = "snet_official";
@ -88,8 +88,8 @@ public class SafetyNetPrefs implements SharedPreferences.OnSharedPreferenceChang
return official;
}
public String getServiceUrl() {
if (official) return OFFICIAL_ATTEST_URL;
public String getServiceUrl(String apiKey) {
if (official) return OFFICIAL_ATTEST_BASE_URL + apiKey;
return customUrl;
}
}