-
-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add support for regular fido service
- Loading branch information
Showing
8 changed files
with
260 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
113 changes: 113 additions & 0 deletions
113
...ervices-fido/core/src/main/kotlin/org/microg/gms/fido/core/regular/Fido2RegularService.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,113 @@ | ||
/* | ||
* SPDX-FileCopyrightText: 2022 microG Project Team | ||
* SPDX-License-Identifier: Apache-2.0 | ||
*/ | ||
|
||
package org.microg.gms.fido.core.regular | ||
|
||
import android.app.KeyguardManager | ||
import android.app.PendingIntent | ||
import android.app.PendingIntent.FLAG_IMMUTABLE | ||
import android.app.PendingIntent.FLAG_UPDATE_CURRENT | ||
import android.content.Context | ||
import android.content.Context.KEYGUARD_SERVICE | ||
import android.content.Intent | ||
import android.os.Build.VERSION.SDK_INT | ||
import android.os.Parcel | ||
import androidx.lifecycle.Lifecycle | ||
import androidx.lifecycle.LifecycleOwner | ||
import androidx.lifecycle.lifecycleScope | ||
import com.google.android.gms.common.Feature | ||
import com.google.android.gms.common.api.CommonStatusCodes | ||
import com.google.android.gms.common.api.Status | ||
import com.google.android.gms.common.internal.ConnectionInfo | ||
import com.google.android.gms.common.internal.GetServiceRequest | ||
import com.google.android.gms.common.internal.IGmsCallbacks | ||
import com.google.android.gms.fido.fido2.api.IBooleanCallback | ||
import com.google.android.gms.fido.fido2.api.ICredentialListCallback | ||
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialCreationOptions | ||
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialRequestOptions | ||
import com.google.android.gms.fido.fido2.internal.regular.IFido2RegularCallbacks | ||
import com.google.android.gms.fido.fido2.internal.regular.IFido2RegularService | ||
import org.microg.gms.BaseService | ||
import org.microg.gms.common.GmsService | ||
import org.microg.gms.common.GmsService.FIDO2_REGULAR | ||
import org.microg.gms.fido.core.ui.AuthenticatorActivity | ||
import org.microg.gms.fido.core.ui.AuthenticatorActivity.Companion.SOURCE_APP | ||
import org.microg.gms.fido.core.ui.AuthenticatorActivity.Companion.KEY_SOURCE | ||
import org.microg.gms.fido.core.ui.AuthenticatorActivity.Companion.KEY_OPTIONS | ||
import org.microg.gms.fido.core.ui.AuthenticatorActivity.Companion.KEY_SERVICE | ||
import org.microg.gms.fido.core.ui.AuthenticatorActivity.Companion.KEY_TYPE | ||
import org.microg.gms.fido.core.ui.AuthenticatorActivity.Companion.TYPE_REGISTER | ||
import org.microg.gms.fido.core.ui.AuthenticatorActivity.Companion.TYPE_SIGN | ||
import org.microg.gms.utils.warnOnTransactionIssues | ||
|
||
const val TAG = "Fido2Regular" | ||
|
||
class Fido2RegularService : BaseService(TAG, FIDO2_REGULAR) { | ||
override fun handleServiceRequest(callback: IGmsCallbacks, request: GetServiceRequest, service: GmsService) { | ||
callback.onPostInitCompleteWithConnectionInfo( | ||
CommonStatusCodes.SUCCESS, | ||
Fido2RegularServiceImpl(this, lifecycle).asBinder(), | ||
ConnectionInfo().apply { | ||
features = arrayOf( | ||
Feature("is_user_verifying_platform_authenticator_available", 1), | ||
Feature("is_user_verifying_platform_authenticator_available_for_credential", 1) | ||
) | ||
} | ||
); | ||
} | ||
} | ||
|
||
class Fido2RegularServiceImpl(private val context: Context, private val lifecycle: Lifecycle) : | ||
IFido2RegularService.Stub(), LifecycleOwner { | ||
override fun getRegisterPendingIntent(callbacks: IFido2RegularCallbacks, options: PublicKeyCredentialCreationOptions) { | ||
lifecycleScope.launchWhenStarted { | ||
val intent = Intent(context, AuthenticatorActivity::class.java) | ||
.putExtra(KEY_SERVICE, FIDO2_REGULAR.SERVICE_ID) | ||
.putExtra(KEY_SOURCE, SOURCE_APP) | ||
.putExtra(KEY_TYPE, TYPE_REGISTER) | ||
.putExtra(KEY_OPTIONS, options.serializeToBytes()) | ||
|
||
val pendingIntent = | ||
PendingIntent.getActivity(context, options.hashCode(), intent, FLAG_UPDATE_CURRENT or FLAG_IMMUTABLE) | ||
callbacks.onPendingIntent(Status.SUCCESS, pendingIntent) | ||
} | ||
} | ||
|
||
override fun getSignPendingIntent(callbacks: IFido2RegularCallbacks, options: PublicKeyCredentialRequestOptions) { | ||
lifecycleScope.launchWhenStarted { | ||
val intent = Intent(context, AuthenticatorActivity::class.java) | ||
.putExtra(KEY_SERVICE, FIDO2_REGULAR.SERVICE_ID) | ||
.putExtra(KEY_SOURCE, SOURCE_APP) | ||
.putExtra(KEY_TYPE, TYPE_SIGN) | ||
.putExtra(KEY_OPTIONS, options.serializeToBytes()) | ||
|
||
val pendingIntent = | ||
PendingIntent.getActivity(context, options.hashCode(), intent, FLAG_UPDATE_CURRENT or FLAG_IMMUTABLE) | ||
callbacks.onPendingIntent(Status.SUCCESS, pendingIntent) | ||
} | ||
} | ||
|
||
override fun isUserVerifyingPlatformAuthenticatorAvailable(callbacks: IBooleanCallback) { | ||
lifecycleScope.launchWhenStarted { | ||
if (SDK_INT < 24) { | ||
callbacks.onBoolean(false) | ||
} else { | ||
val keyguardManager = context.getSystemService(KEYGUARD_SERVICE) as? KeyguardManager? | ||
callbacks.onBoolean(keyguardManager?.isDeviceSecure == true) | ||
} | ||
} | ||
} | ||
|
||
override fun getCredentialList(callbacks: ICredentialListCallback, rpId: String) { | ||
lifecycleScope.launchWhenStarted { | ||
runCatching { callbacks.onCredentialList(emptyList()) } | ||
} | ||
} | ||
|
||
override fun getLifecycle(): Lifecycle = lifecycle | ||
|
||
override fun onTransact(code: Int, data: Parcel, reply: Parcel?, flags: Int): Boolean = | ||
warnOnTransactionIssues(code, reply, flags, TAG) { super.onTransact(code, data, reply, flags) } | ||
} |
3 changes: 3 additions & 0 deletions
3
...aidl/com/google/android/gms/fido/fido2/api/common/PublicKeyCredentialCreationOptions.aidl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
package com.google.android.gms.fido.fido2.api.common; | ||
|
||
parcelable PublicKeyCredentialCreationOptions; |
3 changes: 3 additions & 0 deletions
3
.../aidl/com/google/android/gms/fido/fido2/api/common/PublicKeyCredentialRequestOptions.aidl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
package com.google.android.gms.fido.fido2.api.common; | ||
|
||
parcelable PublicKeyCredentialRequestOptions; |
8 changes: 8 additions & 0 deletions
8
.../main/aidl/com/google/android/gms/fido/fido2/internal/regular/IFido2RegularCallbacks.aidl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
package com.google.android.gms.fido.fido2.internal.regular; | ||
|
||
import android.app.PendingIntent; | ||
import com.google.android.gms.common.api.Status; | ||
|
||
interface IFido2RegularCallbacks { | ||
void onPendingIntent(in Status status, in PendingIntent pendingIntent); | ||
} |
14 changes: 14 additions & 0 deletions
14
...rc/main/aidl/com/google/android/gms/fido/fido2/internal/regular/IFido2RegularService.aidl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
package com.google.android.gms.fido.fido2.internal.regular; | ||
|
||
import com.google.android.gms.fido.fido2.internal.regular.IFido2RegularCallbacks; | ||
import com.google.android.gms.fido.fido2.api.IBooleanCallback; | ||
import com.google.android.gms.fido.fido2.api.ICredentialListCallback; | ||
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialCreationOptions; | ||
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialRequestOptions; | ||
|
||
interface IFido2RegularService { | ||
void getRegisterPendingIntent(IFido2RegularCallbacks callbacks, in PublicKeyCredentialCreationOptions options) = 0; | ||
void getSignPendingIntent(IFido2RegularCallbacks callbacks, in PublicKeyCredentialRequestOptions options) = 1; | ||
void isUserVerifyingPlatformAuthenticatorAvailable(IBooleanCallback callbacks) = 2; | ||
void getCredentialList(ICredentialListCallback callbacks, String rpId) = 3; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
53 changes: 53 additions & 0 deletions
53
play-services-fido/src/main/java/org/microg/gms/fido/fido2/Fido2GmsClient.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
/* | ||
* SPDX-FileCopyrightText: 2022 microG Project Team | ||
* SPDX-License-Identifier: Apache-2.0 | ||
*/ | ||
|
||
package org.microg.gms.fido.fido2; | ||
|
||
import static org.microg.gms.fido.fido2.Constants.MICROG_FIDO_SERVICE_PACKAGE_NAME; | ||
|
||
import android.content.Context; | ||
import android.os.IBinder; | ||
import android.os.RemoteException; | ||
|
||
import com.google.android.gms.fido.fido2.api.IBooleanCallback; | ||
import com.google.android.gms.fido.fido2.api.ICredentialListCallback; | ||
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialCreationOptions; | ||
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialRequestOptions; | ||
import com.google.android.gms.fido.fido2.internal.regular.IFido2RegularCallbacks; | ||
import com.google.android.gms.fido.fido2.internal.regular.IFido2RegularService; | ||
|
||
import org.microg.gms.common.GmsClient; | ||
import org.microg.gms.common.GmsService; | ||
import org.microg.gms.common.api.ConnectionCallbacks; | ||
import org.microg.gms.common.api.OnConnectionFailedListener; | ||
|
||
public class Fido2GmsClient extends GmsClient<IFido2RegularService> { | ||
public Fido2GmsClient(Context context, ConnectionCallbacks callbacks, OnConnectionFailedListener connectionFailedListener) { | ||
super(context, callbacks, connectionFailedListener, GmsService.FIDO2_REGULAR.ACTION); | ||
serviceId = GmsService.FIDO2_REGULAR.SERVICE_ID; | ||
additionalTargetApplication = MICROG_FIDO_SERVICE_PACKAGE_NAME; | ||
} | ||
|
||
public void getRegisterPendingIntent(IFido2RegularCallbacks callbacks, PublicKeyCredentialCreationOptions options) throws RemoteException { | ||
getServiceInterface().getRegisterPendingIntent(callbacks, options); | ||
} | ||
|
||
public void getSignPendingIntent(IFido2RegularCallbacks callbacks, PublicKeyCredentialRequestOptions options) throws RemoteException { | ||
getServiceInterface().getSignPendingIntent(callbacks, options); | ||
} | ||
|
||
public void isUserVerifyingPlatformAuthenticatorAvailable(IBooleanCallback callback) throws RemoteException { | ||
getServiceInterface().isUserVerifyingPlatformAuthenticatorAvailable(callback); | ||
} | ||
|
||
public void getCredentialList(ICredentialListCallback callbacks, String rpId) throws RemoteException { | ||
getServiceInterface().getCredentialList(callbacks, rpId); | ||
} | ||
|
||
@Override | ||
protected IFido2RegularService interfaceFromBinder(IBinder binder) { | ||
return IFido2RegularService.Stub.asInterface(binder); | ||
} | ||
} |