gpt4 book ai didi

java - 谷歌播放完整性 API : a Nightmare

转载 作者:行者123 更新时间:2023-12-04 23:39:03 28 4
gpt4 key购买 nike

我需要一些帮助,伙计们!!我是一个自学成才的加密新手,在阅读、测试和错误两个多星期后,我发现了很少的人群知识,几乎没有来自谷歌的文档。
我正在尝试阅读完整性裁决,我已经设法让它 IntegrityTokenRequest

    String nonce = Base64.encodeToString("this_is_my_nonce".getBytes(), Base64.URL_SAFE | Base64.NO_WRAP | Base64.NO_PADDING);
IntegrityManager myIntegrityManager = IntegrityManagerFactory
.create(getApplicationContext());
// Request the integrity token by providing a nonce.
Task<IntegrityTokenResponse> myIntegrityTokenResponse = myIntegrityManager
.requestIntegrityToken(IntegrityTokenRequest
.builder()
.setNonce(nonce)
.build());

myIntegrityTokenResponse.addOnSuccessListener(new OnSuccessListener<IntegrityTokenResponse>() {
@Override
public void onSuccess(IntegrityTokenResponse myIntegrityTokenResponse) {
String token = myIntegrityTokenResponse.token();
// so here I have my Integrity token.
// now how do I read it??
}
}
根据文档,这一切都在 Play Console 中设置,并相应地创建了 Google Cloud 项目。现在出现了文档中的大漏洞:
a) JWT 有 4 个点将 JWT 分为 5 个部分,而不是这里描述的 3 个部分 https://jwt.io/
b) Developer.Android.com 建议在 Google 服务器上解密和验证
Developer.Android.com recommend to Decrypt and Verify on Google Servers
我不知道如何或将要执行此命令... :-(
c) 如果我选择解密并验证返回的 token ,它会更复杂,因为我没有自己的安全服务器环境,只有我的应用程序和 Google Play 控制台。
d) 我在已下载的 Google Cloud Platform OAuth 2.0 Client IDs "Android client for com.company.project"JSON 文件中找到,但(再次)不知道如何在我的应用程序中使用它从诚信 token 。
{"installed":
{"client_id":"123456789012-abcdefghijklmnopqrstuvwxyza0g2ahk.apps.googleusercontent.com",
"project_id":"myproject-360d3",
"auth_uri":"https://accounts.google.com/o/oauth2/auth",
"token_uri":"https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url":https://www.googleapis.com/oauth2/v1/certs
}
}
我确定我错过了很多,请帮助

最佳答案

非常感谢@John_S对于您的答案,我将其标记为最终答案,无论如何,我在这里为 future 的开发人员发布所有缺少的部分,以便他们可以缩短我在这个问题上的近一个月的时间,因为没有完整的文档或 java 示例(在写这篇文章的时间)用于 Google PlayIntegrity API。
首先,您需要在 Google Cloud 和 Google Play 中设置我们的项目,如 @John_S 所述,但缺少的部分是您需要将凭据设置为“ 服务帐户 ”,然后设置“ 添加 key ”,如 java.io.IOException: Error reading credentials from stream, 'type' field not specified 所述这个https://developers.google.com/workspace/guides/create-credentials#android;然后,您可以使用您的凭据下载 .json 文件。我的问题中描述的 .json 文件无效,因为它必须具有如下结构:

    {  "type": "service_account",
"project_id": "your-project",
"private_key_id": "your-key-id",
"private_key": "your-private-key",
"client_email": "your-email@appspot.gserviceaccount.com",
"client_id": "your-client-id",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/your-email%40appspot.gserviceaccount.com"
}
其次,一旦您下载了有效的 .json 文件,将其存储在“ src/main/resources/credentials.json ”(如果需要,创建新文件夹,而不是“res”文件夹),如所述这里 Where must the client_secrets.json file go in Android Studio project folder tree?
第三,要完成 build.gradle 的所有缺失部分,您必须包括:
dependencies {
implementation 'com.google.android.play:integrity:1.0.1'
implementation 'com.google.apis:google-api-services-playintegrity:v1-rev20220211-1.32.1'
implementation 'com.google.api-client:google-api-client-jackson2:1.20.0'
implementation 'com.google.auth:google-auth-library-credentials:1.7.0'
implementation 'com.google.auth:google-auth-library-oauth2-http:1.7.0'
}
并将它们导入您的项目
import com.google.android.gms.tasks.Task;
import com.google.android.play.core.integrity.IntegrityManager;
import com.google.android.play.core.integrity.IntegrityManagerFactory;
import com.google.android.play.core.integrity.IntegrityTokenRequest;
import com.google.android.play.core.integrity.IntegrityTokenResponse;
import com.google.api.services.playintegrity.v1.PlayIntegrity;
import com.google.api.services.playintegrity.v1.PlayIntegrityRequestInitializer;
import com.google.auth.oauth2.GoogleCredentials;
import com.google.api.services.playintegrity.v1.model.DecodeIntegrityTokenRequest;
import com.google.api.services.playintegrity.v1.model.DecodeIntegrityTokenResponse;
import com.google.api.client.googleapis.services.GoogleClientRequestInitializer;
import com.google.auth.http.HttpCredentialsAdapter;
import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.jackson2.JacksonFactory;
然后,请求“完整性 token ”并对其进行解码的完整代码将是:
    // create the NONCE  Base64-encoded, URL-safe, and non-wrapped String
String mynonce = Base64.encodeToString("this_is_my_nonce".getBytes(), Base64.URL_SAFE | Base64.NO_WRAP | Base64.NO_PADDING);

// Create an instance of a manager.
IntegrityManager myIntegrityManager = IntegrityManagerFactory.create(getApplicationContext());

// Request the integrity token by providing a nonce.
Task<IntegrityTokenResponse> myIntegrityTokenResponse = myIntegrityManager
.requestIntegrityToken(IntegrityTokenRequest
.builder()
.setNonce(mynonce)
// .setCloudProjectNumber(cloudProjNumber) // necessary only if sold outside Google Play
.build());

// get the time to check against the decoded integrity token time
timeRequest = Calendar.getInstance().getTimeInMillis();

myIntegrityTokenResponse.addOnSuccessListener(new OnSuccessListener<IntegrityTokenResponse>() {
@Override
public void onSuccess(IntegrityTokenResponse myIntegrityTokenResponse) {
try {
String token = myIntegrityTokenResponse.token();

DecodeIntegrityTokenRequest requestObj = new DecodeIntegrityTokenRequest();
requestObj.setIntegrityToken(token);

//Configure your credentials from the downloaded Json file from the resource
GoogleCredentials credentials = GoogleCredentials.fromStream(Objects.requireNonNull(getClass().getClassLoader()).getResourceAsStream("credentials.json"));
HttpRequestInitializer requestInitializer = new HttpCredentialsAdapter(credentials);

HttpTransport HTTP_TRANSPORT = new NetHttpTransport();
JsonFactory JSON_FACTORY = new JacksonFactory();
GoogleClientRequestInitializer initializer = new PlayIntegrityRequestInitializer();

PlayIntegrity.Builder playIntegrity = new PlayIntegrity.Builder(HTTP_TRANSPORT, JSON_FACTORY, requestInitializer).setApplicationName("your-project")
.setGoogleClientRequestInitializer(initializer);
PlayIntegrity play = playIntegrity.build();

// the DecodeIntegrityToken must be run on a parallel thread
Thread thread = new Thread(new Runnable() {
@Override
public void run() {
try {
DecodeIntegrityTokenResponse response = play.v1().decodeIntegrityToken("com.project.name", requestObj).execute();
String licensingVerdict = response.getTokenPayloadExternal().getAccountDetails().getAppLicensingVerdict();
if (licensingVerdict.equalsIgnoreCase("LICENSED")) {
// Looks good! LICENSED app
} else {
// LICENSE NOT OK
}
} catch (Exception e) {
// LICENSE error
}
}
});

// execute the parallel thread
thread.start();

} catch (Error | IOException e) {
// LICENSE error
} catch (Exception e) {
// LICENSE error
}
}
});
希望这可以帮助。

关于java - 谷歌播放完整性 API : a Nightmare,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/72193058/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com