CallingAppInfo
public final class CallingAppInfo
Information pertaining to the calling application.
| Throws | |
|---|---|
kotlin.NullPointerException |
If |
kotlin.IllegalArgumentException |
If Note : Credential providers are not expected to utilize the constructor in this class for any production flow. This constructor must only be used for testing purposes. |
Summary
Public constructors |
|---|
CallingAppInfo(constructs an instance of |
Public methods |
|
|---|---|
final String |
Returns the origin of the calling app. |
final @NonNull String |
the calling package name of the calling app |
final @NonNull SigningInfo |
the signingInfo associated with the calling app |
final boolean |
Returns true if the |
Public constructors
CallingAppInfo
public CallingAppInfo(
@NonNull String packageName,
@NonNull SigningInfo signingInfo,
String origin
)
constructs an instance of CallingAppInfo
| Parameters | |
|---|---|
@NonNull String packageName |
the calling package name of the calling app |
@NonNull SigningInfo signingInfo |
the signingInfo associated with the calling app |
String origin |
the origin of the calling app. This is only set when a privileged app like a browser, calls on behalf of another application. |
Public methods
getOrigin
public final String getOrigin(@NonNull String privilegedAllowlist)
Returns the origin of the calling app. This is only non-null if a privileged app like a browser calls Credential Manager APIs on behalf of another application.
Additionally, in order to get the origin, the credential provider must provide an allowlist of privileged browsers/apps that it trusts. This allowlist must be in the form of a valid, non-empty JSON. The origin will only be returned if the packageName and the SHA256 hash of the newest signature obtained from the signingInfo, is present in the privilegedAllowlist.
Packages that are signed with multiple signers will only receive the origin if all of the signatures are present in the privilegedAllowlist.
The format of this privilegedAllowlist JSON must adhere to the following sample.
{"apps": [
{
"type": "android",
"info": {
"package_name": "com.example.myapp",
"signatures" : [
{"build": "release",
"cert_fingerprint_sha256": "59:0D:2D:7B:33:6A:BD:FB:54:CD:3D:8B:36:8C:5C:3A:
7D:22:67:5A:9A:85:9A:6A:65:47:FD:4C:8A:7C:30:32"
},
{"build": "userdebug",
"cert_fingerprint_sha256": "59:0D:2D:7B:33:6A:BD:FB:54:CD:3D:8B:36:8C:5C:3A:7D:
22:67:5A:9A:85:9A:6A:65:47:FD:4C:8A:7C:30:32"
}]
}
}
]}
All keys in the JSON must be exactly as stated in the sample above. Note that if the build for a given fingerprint is specified as 'userdebug', that fingerprint will only be considered if the device is on a 'userdebug' build, as determined by Build.TYPE.
| Throws | |
|---|---|
kotlin.IllegalArgumentException |
If |
kotlin.IllegalStateException |
If the origin is non-null, but the |
getPackageName
public final @NonNull String getPackageName()
the calling package name of the calling app
getSigningInfo
public final @NonNull SigningInfo getSigningInfo()
the signingInfo associated with the calling app
isOriginPopulated
public final boolean isOriginPopulated()
Returns true if the origin is populated, and false otherwise.
Note that the origin is only populated if a privileged app like a browser calls Credential Manager APIs on behalf of another application.