This blog mainly records how to use Google Play service for security detection.
1 The use of Google play service principle
The Google Play service provides a wide range of APIs for users to use,
To allow applications to integrate Google's newest products and features at a low cost.
When using the Google Play service, the basic principle is shown in the following illustration, where:
1, the application in the use of Google Play service,
You must integrate the client Library provided by Google,
Through the client Library, the application can communicate with the Google Play service IPC.
2, Google Play service is a stand-alone operation in the system backstage services,
Published jointly with Google Play store.
3, Google Play store is responsible for updating Google Play Service.
As you can see, by introducing the client library, Google
Decoupling the app from Google Play service.
This way, even if you don't modify the application, just update Google Play Services,
The application will be able to use the latest version of Google's offering functionality.
At the same time, the Client library can also conduct access control and other related operations.
2 Integrated Client Library
To use the client Library, we first need to use the Android Studio SDK Manager to load Google Repository.
As shown above, the main is to check the red line part, and then click to download.
After downloading Google Repository, you only need to modify the Build.gradle file for the application module.
Load the corresponding library file.
For example:
dependencies {
Compile filetree (dir: ' Libs ', include: [' *.jar ']) ..... ....
.
.. Add a dependency on the Play-service
//google Play Service update, modify the corresponding version number
compile ' com.google.android.gms:play-services : 11.0.1 '
}
1 2 3 4 5 6 7 8
Note here that Com.google.android.gms:play-services introduces a collection of all the Google Play service APIs.
When we only need a specific API interface, we can only introduce separate libraries,
This will reduce the size of the application and avoid excessive number of methods in the application.
For example, when you need only safetynet, you can only compile:
com.google.android.gms:play-services-safetynet:11.0.1
1
At present, all the independent API libraries defined by play service can refer to the following links:
Https://developers.google.com/android/guides/setup
3 Make sure the Google Play service on the device is available
Once the application has been imported into the client library, we can use the interface provided by the client library in the application.
However, we know that an application will be installed on a different manufacturer's machine,
Part of the manufacturer's ROM does not integrate Google Play Store, let alone Google Play service.
Therefore, when the application needs to use the Google Play service function,
The first thing to do is to determine whether the current device has a corresponding capability.
Now, from the documentation, determine if Google Play service is available,
The best way to do this is to use the interface provided by Googleapiavailability in the client library.
The specific approach is similar to:
If the entire application relies on the Google Play Service//Then make a judgment in the Onresume interface of mainactivity//If only some of the functions depend on the service, you can make a judgment before using it specifically @Override protected
void Onresume () {super.onresume ();
Obtain googleapiavailability single case googleapiavailability googleapiavailability = Googleapiavailability.getinstance ();
Use the interface to determine whether device supports Google Play Service int ret = googleapiavailability.isgoogleplayservicesavailable (this); Support, the result will return SUCCESS if (ret = = connectionresult.success) {log.d (TAG, "This phone has available Google Servic
e inside "); .............
}
else {LOG.E (TAG, "This phone don ' t have available Google service inside"); When not supported, you can use Geterrordialog to get a prompt box in which the 2nd parameter passes the error message//The prompt box will generate a different style depending on the error message///For example, when I test myself, the first time Google Play service is not the most
The new,//dialog box will display this information and provide download updates to the keys Googleapiavailability.geterrordialog (this, ret, 0). Show (); }
}
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
4 using Google API Client Access Service
When device support Google Play service, the application can use the corresponding function.
As the following illustration shows, the application must actually use the Google API client in the client library to access specific services.
As can be seen from the figure, Google API client as a bridge between the application and service, responsible for specific communication details.
The way to get Google API client in an application is as follows:
Private Googleapiclient mgoogleapiclient; If you create a Googleapiclient object before the OnStart function of the activity is invoked,//You can make use of automanage to automatically connect Googleplayservice private when the object is OnStart
void Connectgoogleplayservice () {LOG.D (TAG, "Connect to Google Play service"); Mgoogleapiclient = new Googleapiclient.builder (this)//here Use Automatic Management, manual connection, you can obtain the client, the active call its Connect interface//incoming fail Edlistener for processing to fail. Enableautomanage (this, new Failedlistener ())//We are concerned about security detection, so we can add SAFETYNET.API//No This usage has now been deprecated. ADDAPI (SAFETYNET.API)//Add callback object with notification of success or failure of the connection. Addconnectioncallbacks (New Conne
Ctioncallback ()). build (); Private class Failedlistener implements Googleapiclient.onconnectionfailedlistener {@Override public void Onco
Nnectionfailed (@NonNull connectionresult connectionresult) {log.e (TAG, "Connect failed:" + connectionresult);
You can do some error handling ..... ...} Private class Connectioncallback implements Googleapiclient.connectioncallbacks {@Override public void onconnected (@Nullable Bundle Bundle) {log.d (TAG, "Connect t
o Google Play Service success ");
Connect successfully, do the work accordingly ...}.}
@Override public void onconnectionsuspended (int i) {log.e (TAG, "Connect to Google Play service fail");
Connection failed, processing ...}..} }
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 A.
Once the application is created Googleapiclient and the Google Play service is successfully connected,
You can use the corresponding function through the corresponding API.
5 SafetyNet Security detection function
Let's take safetynet as an example to see how to use the security detection features provided by the Google Play service.
5.1 Attestation API
From the results returned from documents and tests, the Attestation API is primarily used to detect:
The security and compatibility of the appliance's Android operating environment is somewhat similar to that of the CTS test.
It is to be noted that:
Before using this API, you need to access the Google developers Console,
Open the Android Device verification API and apply for the corresponding APK key.
Specific Web site can search, there are Google Mail can apply.
After applying to the key value, you need to add the following in the applied Androidmanifest.xml:
<meta-data android:name= "Com.google.android.safetynet.ATTEST_API_KEY"
<!--here * Hidden part of the information-->
Android:value= "Aizasycpvflnc********-*********2ncvgi2sj0"/>
1 2 3
When the key value is added, the application can use the SafetyNet attest interface.
Here we take an old-fashioned invocation as an example of how the APIs are used:
private void attest () {//ATTEST interface requires a token with a length of not less than bytes byte[] nonce = Getrequestnonce ();//Should be at Lea
St Bytes in length. As you can see, the interface is passed in Mgoogleapiclient//Can be thought of, its underlying implementation needs to rely on mgoogleapiclient to communicate SafetyNet.SafetyNetApi.attest ( Mgoogleapiclient, Nonce)//Set callback interface, when the connection service is returned the result will be notified//can see here is the design of an asynchronous callback