CallingAppInfo

Artifact: androidx.credentials:credentials

Added in 1.2.0

Kotlin |Java

class CallingAppInfo

Information pertaining to the calling application.

Summary

Public constructors
`@VisibleForTesting @DeprecatedSinceApi(api = 28, message = "Use the SigningInfo based constructor instead") CallingAppInfo( packageName: String, signatures: List<Signature>, origin: String? )` Constructs an instance of `CallingAppInfo`
`@RequiresApi(value = 28) @VisibleForTesting CallingAppInfo( packageName: String, signingInfo: SigningInfo, origin: String? )` Constructs an instance of `CallingAppInfo`

Public functions
`open operator Boolean`	`equals(other: Any?)`
`String?`	`getOrigin(privilegedAllowlist: String)` Returns the origin of the calling app.
`open Int`	`hashCode()`
`Boolean`	`isOriginPopulated()` Returns true if the `origin` is populated, and false otherwise.

Public properties
`String`	`packageName` the calling package name of the calling app
`lateinit SigningInfo`	`signingInfo` the signingInfo associated with the calling app, added at API level 28
`SigningInfoCompat`	`signingInfoCompat` the signing information associated with the calling app, which can be used across all Android API levels

Public constructors

CallingAppInfo

@VisibleForTesting
@DeprecatedSinceApi(api = 28, message = "Use the SigningInfo based constructor instead")
CallingAppInfo(
    packageName: String,
    signatures: List<Signature>,
    origin: String? = null
)

Constructs an instance of CallingAppInfo

Parameters
`packageName: String`	the calling package name of the calling app
`signatures: List<Signature>`	the app signatures, which should be retrieved from the app's `PackageInfo.signatures`
`origin: String? = null`	the origin of the calling app. This is only set when a privileged app like a browser, calls on behalf of another application.

Throws
`kotlin.NullPointerException`	If `packageName` is null
`kotlin.NullPointerException`	If the class is initialized with a null `signingInfo` on Android API 28 and above
`kotlin.IllegalArgumentException`	If `packageName` is empty

CallingAppInfo

Added in 1.2.0

@RequiresApi(value = 28)
@VisibleForTesting
CallingAppInfo(
    packageName: String,
    signingInfo: SigningInfo,
    origin: String? = null
)

Constructs an instance of CallingAppInfo

Parameters
`packageName: String`	the calling package name of the calling app
`signingInfo: SigningInfo`	the signingInfo associated with the calling app
`origin: String? = null`	the origin of the calling app. This is only set when a privileged app like a browser, calls on behalf of another application.

Throws
`kotlin.NullPointerException`	If `packageName` is null
`kotlin.NullPointerException`	If the class is initialized with a null `signingInfo` on Android P and above
`kotlin.IllegalArgumentException`	If `packageName` is empty

Public functions

equals

open operator fun equals(other: Any?): Boolean

getOrigin

Added in 1.2.0

fun getOrigin(privilegedAllowlist: String): String?

Returns the origin of the calling app. This is only non-null if a privileged app like a browser calls Credential Manager APIs on behalf of another application.

Additionally, in order to get the origin, the credential provider must provide an allowlist of privileged browsers/apps that it trusts. This allowlist must be in the form of a valid, non-empty JSON. The origin will only be returned if the packageName and the SHA256 hash of the newest signature obtained from the signingInfo, is present in the privilegedAllowlist.

Packages that are signed with multiple signers will only receive the origin if all of the signatures are present in the privilegedAllowlist.

The format of this privilegedAllowlist JSON must adhere to the following sample.

{"apps": [
   {
      "type": "android",
      "info": {
         "package_name": "com.example.myapp",
         "signatures" : [
         {"build": "release",
             "cert_fingerprint_sha256": "59:0D:2D:7B:33:6A:BD:FB:54:CD:3D:8B:36:8C:5C:3A:
             7D:22:67:5A:9A:85:9A:6A:65:47:FD:4C:8A:7C:30:32"
         },
         {"build": "userdebug",
         "cert_fingerprint_sha256": "59:0D:2D:7B:33:6A:BD:FB:54:CD:3D:8B:36:8C:5C:3A:7D:
         22:67:5A:9A:85:9A:6A:65:47:FD:4C:8A:7C:30:32"
         }]
      }
    }
]}

All keys in the JSON must be exactly as stated in the sample above. Note that if the build for a given fingerprint is specified as 'userdebug', that fingerprint will only be considered if the device is on a 'userdebug' build, as determined by Build.TYPE.

Throws
`kotlin.IllegalArgumentException`	If `privilegedAllowlist` is empty, or an invalid JSON, or does not follow the format detailed above
`kotlin.IllegalStateException`	If the origin is non-null, but the `packageName` and `signingInfo` do not have a match in the `privilegedAllowlist`

hashCode

open fun hashCode(): Int

isOriginPopulated

Added in 1.2.0

fun isOriginPopulated(): Boolean

Returns true if the origin is populated, and false otherwise.

Note that the origin is only populated if a privileged app like a browser calls Credential Manager APIs on behalf of another application.

Public properties

packageName

Added in 1.2.0

val packageName: String

the calling package name of the calling app

signingInfo

Added in 1.2.0

lateinit val signingInfo: SigningInfo

the signingInfo associated with the calling app, added at API level 28

signingInfoCompat

Added in 1.5.0-alpha05

val signingInfoCompat: SigningInfoCompat

the signing information associated with the calling app, which can be used across all Android API levels