1/*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.statementservice.retriever;
18
19import android.util.JsonReader;
20
21import org.json.JSONException;
22
23import java.io.IOException;
24import java.io.StringReader;
25
26/**
27 * A handle representing the identity and address of some digital asset. An asset is an online
28 * entity that typically provides some service or content. Examples of assets are websites, Android
29 * apps, Twitter feeds, and Plus Pages.
30 *
31 * <p> Asset can be represented by a JSON string. For example, the web site https://www.google.com
32 * can be represented by
33 * <pre>
34 * {"namespace": "web", "site": "https://www.google.com"}
35 * </pre>
36 *
37 * <p> The Android app with package name com.google.test that is signed by a certificate with sha256
38 * fingerprint 11:22:33 can be represented by
39 * <pre>
40 * {"namespace": "android_app",
41 *  "package_name": "com.google.test",
42 *  "sha256_cert_fingerprints": ["11:22:33"]}
43 * </pre>
44 *
45 * <p>Given a signed APK, Java 7's commandline keytool can compute the fingerprint using:
46 * {@code keytool -list -printcert -jarfile signed_app.apk}
47 */
48public abstract class AbstractAsset {
49
50    /**
51     * Returns a JSON string representation of this asset. The strings returned by this function are
52     * normalized -- they can be used for equality testing.
53     */
54    public abstract String toJson();
55
56    /**
57     * Returns a key that can be used by {@link AbstractAssetMatcher} to lookup the asset.
58     *
59     * <p> An asset will match an {@code AssetMatcher} only if the value of this method is equal to
60     * {@code AssetMatcher.getMatchedLookupKey()}.
61     */
62    public abstract int lookupKey();
63
64    /**
65     * Creates a new Asset from its JSON string representation.
66     *
67     * @throws AssociationServiceException if the assetJson is not well formatted.
68     */
69    public static AbstractAsset create(String assetJson)
70            throws AssociationServiceException {
71        JsonReader reader = new JsonReader(new StringReader(assetJson));
72        reader.setLenient(false);
73        try {
74            return AssetFactory.create(JsonParser.parse(reader));
75        } catch (JSONException | IOException e) {
76            throw new AssociationServiceException(
77                    "Input is not a well formatted asset descriptor.", e);
78        }
79    }
80
81    /**
82     * If this is the source asset of a statement file, should the retriever follow
83     * any insecure (non-HTTPS) include statements made by the asset.
84     */
85    public abstract boolean followInsecureInclude();
86}
87