I read many documentations but I don't understand clearly. i have done all these things. 1.firebase project link google console app. 2.enebled Play Integrity APL in google console and in google cloud also. they showing play integrity api enabled.
Now the question is how to integrate in android app and how to validate request at server I am using java in android studio and node js on server
Thank you :)
I got this piece of code somewhere I applied this code at splash screen and checking is app LICENSED if yes then i am giving access to app. I test release version on my device I got access. I rolled out this app with this code then while rolling out i got warning This release contains artifacts which are not protected by google play. your app may be vulnerable tampering and redistribution. that mean Play Integrity API not applied yet.
public class PlayIntegrityApi {
private final String TAG = "PlayIntegrityApi";
private final Context context;
private long timeRequest;
boolean isAppOk = true;
public PlayIntegrityApi(Context context) {
this.context = context;
}
public boolean IsLicensedApp() {
byte[] strBytes = android.util.Base64.decode(PLAY_INTEGRITY_SECRET, android.util.Base64.DEFAULT);
byte[] encoded = android.util.Base64.encode(
strBytes, android.util.Base64.URL_SAFE | android.util.Base64.NO_PADDING | android.util.Base64.NO_WRAP);
String nonce = new String(encoded);
// create the NONCE Base64-encoded, URL-safe, and non-wrapped String
String myNonce = Base64.encodeToString(nonce.getBytes(), Base64.URL_SAFE | Base64.NO_WRAP | Base64.NO_PADDING);
// Create an instance of a manager.
IntegrityManager myIntegrityManager = IntegrityManagerFactory.create(context);
// Request the integrity token by providing a nonce.
Task<IntegrityTokenResponse> myIntegrityTokenResponse = myIntegrityManager
.requestIntegrityToken(IntegrityTokenRequest
.builder()
.setNonce(myNonce)
.setCloudProjectNumber(Long.parseLong(CLOUD_PROJECT_NUMBER)) // necessary only if sold outside Google Play
.build());
// get the time to check against the decoded integrity token time
timeRequest = Calendar.getInstance().getTimeInMillis();
myIntegrityTokenResponse.addOnSuccessListener(new OnSuccessListener<IntegrityTokenResponse>() {
@Override
public void onSuccess(IntegrityTokenResponse myIntegrityTokenResponse) {
try {
String token = myIntegrityTokenResponse.token();
DecodeIntegrityTokenRequest requestObj = new DecodeIntegrityTokenRequest();
requestObj.setIntegrityToken(token);
//Configure your credentials from the downloaded Json file from the resource
GoogleCredentials credentials = GoogleCredentials.fromStream(Objects.requireNonNull(getClass().getClassLoader()).getResourceAsStream("credentials.json"));
HttpRequestInitializer requestInitializer = new HttpCredentialsAdapter(credentials);
HttpTransport HTTP_TRANSPORT = new NetHttpTransport();
JsonFactory JSON_FACTORY = new JacksonFactory();
GoogleClientRequestInitializer initializer = new PlayIntegrityRequestInitializer();
PlayIntegrity.Builder playIntegrity = new PlayIntegrity.Builder(HTTP_TRANSPORT, JSON_FACTORY, requestInitializer).setApplicationName(APPLICATION_NAME)
.setGoogleClientRequestInitializer(initializer);
PlayIntegrity play = playIntegrity.build();
// the DecodeIntegrityToken must be run on a parallel thread
Thread thread = new Thread(() -> {
try {
DecodeIntegrityTokenResponse response = play.v1().decodeIntegrityToken("com.mydoamin.package", requestObj).execute();
String licensingVerdict = response.getTokenPayloadExternal().getAccountDetails().getAppLicensingVerdict();
if (licensingVerdict.equalsIgnoreCase("LICENSED")) {
isAppOk = true;
Log.d(TAG, "LICENSED OK APP");
// Looks good! LICENSED app
} else {
Log.d(TAG, "LICENSED NOT OK APP");
// LICENSE NOT OK
}
} catch (Exception e) {
// LICENSE error
}
isAppOk = false;
});
// execute the parallel thread
thread.start();
} catch (Error | Exception e) {
// LICENSE error
}
}
});
return isAppOk;
}
}