drgreen/android_frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_frameworks_base/packages/StatementService/AndroidManifest.xml
Joseph Wen 6a34bb2d6a Implement IntentFilter verification service. 
This commit adds a verifier that verifies a host delegates permission for
an app to handle Url for the host using the Statement protocol.

- Implements the Statement protocol
-- The protocol defines a file format that represents statements.
-- The protocol defines where each asset type should put their statement
declaration. For web asset, the statement file should be hosted at
<scheme>://<host>:<port>/.well-known/associations.json.

- Implements IntentFilterVerificationReceiver, an interface between
StatementService and PackageManager. PackageManager will send a
broadcast with action Intent.ACTION_INTENT_FILTER_NEEDS_VERIFICATION.
The service will process the request and returns the results by calling
PackageManager.verifyIntentFilter().

To verify an IntentFilter like this defined in Android app com.test.app
<intent-filter>
  <data android:scheme="https" />
  <data android:host="www.test.com" />
  <data android:pathPattern=".*"/>
</intent-filter>

The service will try to retrieve the statement file from
https://www.test.com:443/.well-known/associations.json and try to find
a JSON object equivalent to
{'relation': ['delegate_permission/common.handle_all_urls'],
 'target': {'namespace': 'android_app',
            'package_name': 'com.test.app',
            'sha256_cert_fingerprints': [APP_CERT_FP]}}
The entry should have the correct relation, package name, and
certificate sha256 fingerprint.

Because this implementation will send a HTTP request for each host
specified in the intent-filter in AndroidManifest.xml, to avoid overwhelming
the network at app install time, we limit the maximum number of hosts we will
verify for a single app to 10. Any app with more than 10 hosts in the
autoVerify=true intent-filter won't be auto verified.

Change-Id: I787c9d176e4110aa441eb5fe4fa9651a071c6610
2015-04-07 16:57:40 -04:00

52 lines
2.1 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (C) 2015 The Android Open Source Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.android.statementservice"
android:versionCode="1"
android:versionName="1.0">
<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
<uses-permission android:name="android.permission.INTENT_FILTER_VERIFICATION_AGENT"/>
<application
android:label="@string/service_name"
android:allowBackup="false">
<service
android:name=".DirectStatementService"
android:exported="false">
<intent-filter>
<category android:name="android.intent.category.DEFAULT"/>
<action android:name="com.android.statementservice.aosp.service.CHECK_ACTION"/>
</intent-filter>
</service>
<receiver
android:name=".IntentFilterVerificationReceiver"
android:permission="android.permission.BIND_INTENT_FILTER_VERIFIER">
<!-- Set the priority 1 so newer implementation can have higher priority. -->
<intent-filter
android:priority="1">
<action android:name="android.intent.action.INTENT_FILTER_NEEDS_VERIFICATION"/>
<data android:mimeType="application/vnd.android.package-archive"/>
</intent-filter>
</receiver>
</application>
</manifest>
Reference in New Issue View Git Blame Copy Permalink