SafetyNetApi

public interface SafetyNetApi

The main entry point for interacting with SafetyNet.

Nested Class Summary

class SafetyNetApi.AttestationResponse Response from attest(byte[], String) that contains a Compatibility Test Suite attestation result. 
interface SafetyNetApi.AttestationResult This interface was deprecated. use SafetyNetApi.AttestationResponse returned by attest(byte[], String).  
class SafetyNetApi.HarmfulAppsResponse A Response returned from listHarmfulApps()
interface SafetyNetApi.HarmfulAppsResult This interface was deprecated. use SafetyNetApi.HarmfulAppsResponse returned from listHarmfulApps().  
class SafetyNetApi.RecaptchaTokenResponse Response from verifyWithRecaptcha(String)
interface SafetyNetApi.RecaptchaTokenResult This interface was deprecated. use SafetyNetApi.RecaptchaTokenResponse returned from verifyWithRecaptcha(String).  
class SafetyNetApi.SafeBrowsingResponse Response for lookupUri(String, String, int...)
interface SafetyNetApi.SafeBrowsingResult This interface was deprecated. use SafetyNetApi.SafeBrowsingResponse returned from lookupUri(String, String, int...).  
class SafetyNetApi.VerifyAppsUserResponse A Response to get user decisions for the Verify Apps API. 
interface SafetyNetApi.VerifyAppsUserResult This interface was deprecated. use SafetyNetApi.VerifyAppsUserResponse returned from APIs in SafetyNetClient.  

Public Method Summary

abstract PendingResult<SafetyNetApi.AttestationResult>
attest(GoogleApiClient client, byte[] nonce)
This method was deprecated. use attest(byte[], String).
abstract PendingResult<SafetyNetApi.VerifyAppsUserResult>
enableVerifyApps(GoogleApiClient client)
This method was deprecated. use enableVerifyApps().
abstract PendingResult<SafetyNetApi.VerifyAppsUserResult>
isVerifyAppsEnabled(GoogleApiClient client)
This method was deprecated. use isVerifyAppsEnabled().
abstract boolean
isVerifyAppsEnabled(Context context)
This method was deprecated. use isVerifyAppsEnabled().
abstract PendingResult<SafetyNetApi.HarmfulAppsResult>
listHarmfulApps(GoogleApiClient client)
This method was deprecated. use listHarmfulApps().
abstract PendingResult<SafetyNetApi.SafeBrowsingResult>
lookupUri(GoogleApiClient client, String uri, int... threatTypes)
This method was deprecated. use lookupUri(String, String, int...).
abstract PendingResult<SafetyNetApi.SafeBrowsingResult>
lookupUri(GoogleApiClient client, String uri, String apiKey, int... threatTypes)
This method was deprecated. use lookupUri(String, String, int...).
abstract PendingResult<SafetyNetApi.RecaptchaTokenResult>
verifyWithRecaptcha(GoogleApiClient client, String siteKey)
This method was deprecated. use verifyWithRecaptcha(String).

Public Methods

public abstract PendingResult<SafetyNetApi.AttestationResult> attest (GoogleApiClient client, byte[] nonce)

This method was deprecated.
use attest(byte[], String).

Provides attestation results for the device.

An attestation result states whether the device where it is running matches the profile of a device that has passed Android compatibility testing.

When you request a compatibility check, you must provide a nonce, which is a random token generated in a cryptographically secure manner. You can obtain a nonce by generating one within your app each time you make a compatibility check request. As a more secure option, you can obtain a nonce from your own server, using a secure connection.

A nonce used with an attestation request should be at least 16 bytes in length. After you make a request, the response from the SafetyNetApi.AttestationResult includes your nonce, so you can verify it against the one you sent. You should only use a nonce value once, for a single request. Use a different nonce for any subsequent attestation requests. For tips on using cryptography functions, see Security Tips.

Parameters
client The GoogleApiClient to service the call. The client must be connected using connect() before invoking this method.
nonce A cryptographic nonce used for anti-replay and tracking of requests.
See Also

public abstract PendingResult<SafetyNetApi.VerifyAppsUserResult> enableVerifyApps (GoogleApiClient client)

This method was deprecated.
use enableVerifyApps().

Prompts the user to enable Verify Apps if it is currently turned off.

public abstract PendingResult<SafetyNetApi.VerifyAppsUserResult> isVerifyAppsEnabled (GoogleApiClient client)

This method was deprecated.
use isVerifyAppsEnabled().

Checks whether Verify Apps is enabled.

public abstract boolean isVerifyAppsEnabled (Context context)

This method was deprecated.
use isVerifyAppsEnabled().

Checks whether Verify Apps is enabled.

This call blocks and must not be called on the main thread.

public abstract PendingResult<SafetyNetApi.HarmfulAppsResult> listHarmfulApps (GoogleApiClient client)

This method was deprecated.
use listHarmfulApps().

Gets a list of known, potentially harmful apps installed.

public abstract PendingResult<SafetyNetApi.SafeBrowsingResult> lookupUri (GoogleApiClient client, String uri, int... threatTypes)

This method was deprecated.
use lookupUri(String, String, int...).

Checks whether a URI is known to have specific threats.

This call requires that the API key (generated in the developer console) be added to the application's manifest.

Parameters
client The GoogleApiClient to service the call. The client must be connected using connect() before invoking this method.
uri A String that represents the URI that should be looked up.
threatTypes integers from SafeBrowsingThreat to indicate that the URI should be queried for these threat types.

public abstract PendingResult<SafetyNetApi.SafeBrowsingResult> lookupUri (GoogleApiClient client, String uri, String apiKey, int... threatTypes)

This method was deprecated.
use lookupUri(String, String, int...).

Checks whether a URI is known to have specific threats.

Parameters
client The GoogleApiClient to service the call. The client must be connected using connect() before invoking this method.
uri A String that represents the URI that should be looked up.
apiKey The API key generated from the developer console described here: https://developer.android.com/training/safebrowsing/index.html#api-key.
threatTypes integers from SafeBrowsingThreat to indicate that the URI should be queried for these threat types.

public abstract PendingResult<SafetyNetApi.RecaptchaTokenResult> verifyWithRecaptcha (GoogleApiClient client, String siteKey)

This method was deprecated.
use verifyWithRecaptcha(String).

Provides user attestation with reCAPTCHA.

If reCAPTCHA is confident that this is a real user on a real device it will return a token with no challenge. Otherwise it will provide a visual/audio challenge to attest the humanness of the user before returning a token.

When you make a request with this API, you must provide your client GoogleApiClient and site public key as parameters, and after the request completes, you can get the SafetyNetApi.RecaptchaTokenResult from the response.

Parameters
client The GoogleApiClient to service the call. The client must be connected using connect() before invoking this method.
siteKey A site public key registered for this app at https://g.co/recaptcha/androidsignup