TrustAgentService.java revision 7e03dfcb796ef1a6000a5fd5fda03c9e15ea62e1 
1/**
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package android.service.trust;
18
19import android.annotation.SdkConstant;
20import android.app.Service;
21import android.content.Intent;
22import android.os.Handler;
23import android.os.IBinder;
24import android.os.RemoteException;
25import android.util.Slog;
26
27/**
28 * A service that notifies the system about whether it believes the environment of the device
29 * to be trusted.
30 *
31 * <p>To extend this class, you must declare the service in your manifest file with
32 * the {@link android.Manifest.permission#BIND_TRUST_AGENT} permission
33 * and include an intent filter with the {@link #SERVICE_INTERFACE} action. For example:</p>
34 * <pre>
35 * &lt;service android:name=".TrustAgent"
36 *          android:label="&#64;string/service_name"
37 *          android:permission="android.permission.BIND_TRUST_AGENT">
38 *     &lt;intent-filter>
39 *         &lt;action android:name="android.service.trust.TrustAgentService" />
40 *     &lt;/intent-filter>
41 *     &lt;meta-data android:name="android.service.trust.trustagent"
42 *          android:value="&#64;xml/trust_agent" />
43 * &lt;/service></pre>
44 *
45 * <p>The associated meta-data file can specify an activity that is accessible through Settings
46 * and should allow configuring the trust agent, as defined in
47 * {@link android.R.styleable#TrustAgent}. For example:</p>
48 *
49 * <pre>
50 * &lt;trust-agent xmlns:android="http://schemas.android.com/apk/res/android"
51 *          android:settingsActivity=".TrustAgentSettings" /></pre>
52 */
53public class TrustAgentService extends Service {
54    private final String TAG = TrustAgentService.class.getSimpleName() +
55            "[" + getClass().getSimpleName() + "]";
56
57    /**
58     * The {@link Intent} that must be declared as handled by the service.
59     */
60    @SdkConstant(SdkConstant.SdkConstantType.SERVICE_ACTION)
61    public static final String SERVICE_INTERFACE
62            = "android.service.trust.TrustAgentService";
63
64    /**
65     * The name of the {@code meta-data} tag pointing to additional configuration of the trust
66     * agent.
67     */
68    public static final String TRUST_AGENT_META_DATA = "android.service.trust.trustagent";
69
70    private static final int MSG_UNLOCK_ATTEMPT = 1;
71
72    private static final boolean DEBUG = false;
73
74    private ITrustAgentServiceCallback mCallback;
75
76    private Handler mHandler = new Handler() {
77        public void handleMessage(android.os.Message msg) {
78            switch (msg.what) {
79                case MSG_UNLOCK_ATTEMPT:
80                    onUnlockAttempt(msg.arg1 != 0);
81                    break;
82            }
83        };
84    };
85
86    /**
87     * Called when the user attempted to authenticate on the device.
88     *
89     * @param successful true if the attempt succeeded
90     */
91    public void onUnlockAttempt(boolean successful) {
92    }
93
94    private void onError(String msg) {
95        Slog.v(TAG, "Remote exception while " + msg);
96    }
97
98    /**
99     * Call to grant trust on the device.
100     *
101     * @param message describes why the device is trusted, e.g. "Trusted by location".
102     * @param durationMs amount of time in milliseconds to keep the device in a trusted state. Trust
103     *                   for this agent will automatically be revoked when the timeout expires.
104     * @param initiatedByUser indicates that the user has explicitly initiated an action that proves
105     *                        the user is about to use the device.
106     */
107    public final void grantTrust(CharSequence message, long durationMs, boolean initiatedByUser) {
108        if (mCallback != null) {
109            try {
110                mCallback.grantTrust(message.toString(), durationMs, initiatedByUser);
111            } catch (RemoteException e) {
112                onError("calling enableTrust()");
113            }
114        }
115    }
116
117    /**
118     * Call to revoke trust on the device.
119     */
120    public final void revokeTrust() {
121        if (mCallback != null) {
122            try {
123                mCallback.revokeTrust();
124            } catch (RemoteException e) {
125                onError("calling revokeTrust()");
126            }
127        }
128    }
129
130    @Override
131    public final IBinder onBind(Intent intent) {
132        if (DEBUG) Slog.v(TAG, "onBind() intent = " + intent);
133        return new TrustAgentServiceWrapper();
134    }
135
136    private final class TrustAgentServiceWrapper extends ITrustAgentService.Stub {
137        @Override
138        public void onUnlockAttempt(boolean successful) {
139            mHandler.obtainMessage(MSG_UNLOCK_ATTEMPT, successful ? 1 : 0, 0)
140                    .sendToTarget();
141        }
142
143        public void setCallback(ITrustAgentServiceCallback callback) {
144            mCallback = callback;
145        }
146    }
147
148}
149