From 13d233a03ff7142c6ca78975cbd8028a3e6d677c Mon Sep 17 00:00:00 2001 From: Ilya Kushnir Date: Fri, 23 Dec 2022 03:58:41 +0200 Subject: [PATCH] Add "deprecationInformation" field support SafetyNet now rolled out new "deprecationInformation" field in their responses (present randomly, not in all responses), which YASNAC can't handle correctly and crashed app. https://groups.google.com/g/safetynet-api-clients/c/tq4IusNWJus --- .../com/scottyab/safetynet/SafetyNetResponse.java | 15 +++++++++++++++ .../scottyab/sateynet/sample/MainActivity.java | 4 +++- sample/src/main/res/values/strings.xml | 2 +- 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/safetynetlib/src/main/java/com/scottyab/safetynet/SafetyNetResponse.java b/safetynetlib/src/main/java/com/scottyab/safetynet/SafetyNetResponse.java index 799f633..629ecfd 100644 --- a/safetynetlib/src/main/java/com/scottyab/safetynet/SafetyNetResponse.java +++ b/safetynetlib/src/main/java/com/scottyab/safetynet/SafetyNetResponse.java @@ -38,6 +38,7 @@ public class SafetyNetResponse { private boolean basicIntegrity; private String evaluationType; private String advice; + private String deprecationInformation; //forces the parse() private SafetyNetResponse() { @@ -119,6 +120,15 @@ public String getAdvice() { return advice; } + /** + * Info about SN API Deprecation + * + * @return + */ + public String getDeprecationInformation() { + return deprecationInformation; + } + /** * Parse the JSON string into populated SafetyNetResponse object * @@ -174,6 +184,10 @@ public static SafetyNetResponse parse(@NonNull String decodedJWTPayload) { response.advice = root.getString("advice"); } + if (root.has("deprecationInformation")) { + response.deprecationInformation = root.getString("deprecationInformation"); + } + return response; } catch (JSONException e) { Log.e(TAG, "problem parsing decodedJWTPayload:" + e.getMessage(), e); @@ -194,6 +208,7 @@ public String toString() { ", basicIntegrity=" + basicIntegrity + ", evaluationType=" + evaluationType + ", advice=" + advice + + ", deprecationInformation=" + deprecationInformation + '}'; } diff --git a/sample/src/main/java/com/scottyab/sateynet/sample/MainActivity.java b/sample/src/main/java/com/scottyab/sateynet/sample/MainActivity.java index 3edb5cf..195cf4a 100644 --- a/sample/src/main/java/com/scottyab/sateynet/sample/MainActivity.java +++ b/sample/src/main/java/com/scottyab/sateynet/sample/MainActivity.java @@ -168,12 +168,14 @@ public void onAnimationUpdate(ValueAnimator animator) { private void updateUIWithSuccessfulResult(SafetyNetResponse safetyNetResponse) { String advice = safetyNetResponse.getAdvice() == null ? "None available" : safetyNetResponse.getAdvice(); + String deprecationInformation = safetyNetResponse.getDeprecationInformation() == null ? "None available" : safetyNetResponse.getDeprecationInformation(); resultsTV.setText(getString(R.string.safety_results, safetyNetResponse.isCtsProfileMatch(), safetyNetResponse.isBasicIntegrity(), safetyNetResponse.getEvaluationType(), - advice)); + advice, + deprecationInformation)); resultNoteTV.setText(R.string.safety_results_note); successResultsContainer.setVisibility(View.VISIBLE); diff --git a/sample/src/main/res/values/strings.xml b/sample/src/main/res/values/strings.xml index d002a5a..c98d644 100644 --- a/sample/src/main/res/values/strings.xml +++ b/sample/src/main/res/values/strings.xml @@ -7,7 +7,7 @@ Share version %1$s [%2$d] View code on GitHub - SafetyNet response\nCTS profile match: %1$b\nBasic Integrity: %2$b\nEvaluation type: %3$s\nAdvice: %4$s + SafetyNet response\nCTS profile match: %1$b\nBasic Integrity: %2$b\nEvaluation type: %3$s\nAdvice: %4$s\nDeprecation Information: %5$s Note: The "basicIntegrity" field is a weaker check than "ctsProfileMatch". For apps requiring stronger checks, use only the result from "ctsProfileMatch". One time request token Request timestamp