Condividi tramite


AttributionSource Class

Definition

This class represents a source to which access to permission protected data should be attributed.

[Android.Runtime.Register("android/content/AttributionSource", ApiSince=31, DoNotGenerateAcw=true)]
public sealed class AttributionSource : Java.Lang.Object, Android.OS.IParcelable, IDisposable, Java.Interop.IJavaPeerable
[<Android.Runtime.Register("android/content/AttributionSource", ApiSince=31, DoNotGenerateAcw=true)>]
type AttributionSource = class
    inherit Object
    interface IParcelable
    interface IJavaObject
    interface IDisposable
    interface IJavaPeerable
Inheritance
AttributionSource
Attributes
Implements

Remarks

This class represents a source to which access to permission protected data should be attributed. Attribution sources can be chained to represent cases where the protected data would flow through several applications. For example, app A may ask app B for contacts and in turn app B may ask app C for contacts. In this case, the attribution chain would be A -> B -> C and the data flow would be C -> B -> A. There are two main benefits of using the attribution source mechanism: avoid doing explicit permission checks on behalf of the calling app if you are accessing private data on their behalf to send back; avoid double data access blaming which happens as you check the calling app's permissions and when you access the data behind these permissions (for runtime permissions). Also if not explicitly blaming the caller the data access would be counted towards your app vs to the previous app where yours was just a proxy.

Every Context has an attribution source and you can get it via Context#getAttributionSource() representing itself, which is a chain of one. You can attribute work to another app, or more precisely to a chain of apps, through which the data you would be accessing would flow, via Context#createContext( ContextParams) plus specifying an attribution source for the next app to receive the protected data you are accessing via AttributionSource.Builder#setNext( AttributionSource). Creating this attribution chain ensures that the datasource would check whether every app in the attribution chain has permission to access the data before releasing it. The datasource will also record appropriately that this data was accessed by the apps in the sequence if the data is behind a sensitive permission (e.g. dangerous). Again, this is useful if you are accessing the data on behalf of another app, for example a speech recognizer using the mic so it can provide recognition to a calling app.

You can create an attribution chain of you and any other app without any verification as this is something already available via the android.app.AppOpsManager APIs. This is supported to handle cases where you don't have access to the caller's attribution source and you can directly use the AttributionSource.Builder APIs. However, if the data flows through more than two apps (more than you access the data for the caller) you need to have a handle to the AttributionSource for the calling app's context in order to create an attribution context. This means you either need to have an API for the other app to send you its attribution source or use a platform API that pipes the callers attribution source.

You cannot forge an attribution chain without the participation of every app in the attribution chain (aside of the special case mentioned above). To create an attribution source that is trusted you need to create an attribution context that points to an attribution source that was explicitly created by the app that it refers to, recursively.

Since creating an attribution context leads to all permissions for apps in the attribution chain being checked, you need to expect getting a security exception when accessing permission protected APIs since some app in the chain may not have the permission.

Java documentation for android.content.AttributionSource.

Portions of this page are modifications based on work created and shared by the Android Open Source Project and used according to terms described in the Creative Commons 2.5 Attribution License.

Properties

AttributionTag

The attribution tag of the app accessing the permission protected data.

Class

Returns the runtime class of this Object.

(Inherited from Object)
Creator
DeviceId

Gets the device ID for this attribution source.

Handle

The handle to the underlying Android instance.

(Inherited from Object)
JniIdentityHashCode (Inherited from Object)
JniPeerMembers
Next

The next app to receive the permission protected data.

PackageName

The package that is accessing the permission protected data.

PeerReference (Inherited from Object)
Pid

The PID that is accessing the permission protected data.

ThresholdClass

This API supports the Mono for Android infrastructure and is not intended to be used directly from your code.

(Inherited from Object)
ThresholdType

This API supports the Mono for Android infrastructure and is not intended to be used directly from your code.

(Inherited from Object)
Uid

The UID that is accessing the permission protected data.

Methods

CheckCallingUid()

If you are handling an IPC and you don't trust the caller you need to validate whether the attribution source is one for the calling app to prevent the caller to pass you a source from another app without including themselves in the attribution chain.

Clone()

Creates and returns a copy of this object.

(Inherited from Object)
DescribeContents()
Dispose() (Inherited from Object)
Dispose(Boolean) (Inherited from Object)
EnforceCallingUid()

If you are handling an IPC and you don't trust the caller you need to validate whether the attribution source is one for the calling app to prevent the caller to pass you a source from another app without including themselves in the attribution chain.

Equals(Object)

Indicates whether some other object is "equal to" this one.

(Inherited from Object)
GetHashCode()

Returns a hash code value for the object.

(Inherited from Object)
IsTrusted(Context)

Checks whether this attribution source can be trusted.

JavaFinalize()

Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.

(Inherited from Object)
MyAttributionSource()

Returns a generic AttributionSource that represents the entire calling process.

Notify()

Wakes up a single thread that is waiting on this object's monitor.

(Inherited from Object)
NotifyAll()

Wakes up all threads that are waiting on this object's monitor.

(Inherited from Object)
SetHandle(IntPtr, JniHandleOwnership)

Sets the Handle property.

(Inherited from Object)
ToArray<T>() (Inherited from Object)
ToString()

Returns a string representation of the object.

(Inherited from Object)
UnregisterFromRuntime() (Inherited from Object)
Wait()

Causes the current thread to wait until it is awakened, typically by being <em>notified</em> or <em>interrupted</em>.

(Inherited from Object)
Wait(Int64, Int32)

Causes the current thread to wait until it is awakened, typically by being <em>notified</em> or <em>interrupted</em>, or until a certain amount of real time has elapsed.

(Inherited from Object)
Wait(Int64)

Causes the current thread to wait until it is awakened, typically by being <em>notified</em> or <em>interrupted</em>, or until a certain amount of real time has elapsed.

(Inherited from Object)
WriteToParcel(Parcel, ParcelableWriteFlags)

Explicit Interface Implementations

IJavaPeerable.Disposed() (Inherited from Object)
IJavaPeerable.DisposeUnlessReferenced() (Inherited from Object)
IJavaPeerable.Finalized() (Inherited from Object)
IJavaPeerable.JniManagedPeerState (Inherited from Object)
IJavaPeerable.SetJniIdentityHashCode(Int32) (Inherited from Object)
IJavaPeerable.SetJniManagedPeerState(JniManagedPeerStates) (Inherited from Object)
IJavaPeerable.SetPeerReference(JniObjectReference) (Inherited from Object)

Extension Methods

JavaCast<TResult>(IJavaObject)

Performs an Android runtime-checked type conversion.

JavaCast<TResult>(IJavaObject)
GetJniTypeName(IJavaPeerable)

Gets the JNI name of the type of the instance self.

JavaAs<TResult>(IJavaPeerable)

Try to coerce self to type TResult, checking that the coercion is valid on the Java side.

TryJavaCast<TResult>(IJavaPeerable, TResult)

Try to coerce self to type TResult, checking that the coercion is valid on the Java side.

Applies to