GithubHelp home page GithubHelp logo

caapim / android-mas-sdk Goto Github PK

View Code? Open in Web Editor NEW
14.0 48.0 22.0 6.95 MB

Install and use the Mobile SDK for Android™

License: Other

Java 100.00%
android-sdk mas masfoundation masstorage masidentitymanagement masconnecta android-mas-sdk

android-mas-sdk's Introduction

Maintenance

⚠️ Please note that this repo will be archived in the near future. Please do not submit any new changes as they are no longer being accepted. Please contact Broadcom support https://support.broadcom.com/ to report any defects or make a request for an update. Broadcom is continuing support for the SDK but will no longer maintain the public GitHub community.

Android™ Mobile SDK

for CA Mobile API Gateway

CA Mobile API Gateway (MAG) provides enterprises with a secure mobile backend that integrates systems and allows control over which users, devices, and applications can access your APIs. The MAG enables developers to leverage standards for API security such as (OAuth2, OpenID Connect, PKI) through client SDKs for Android.

The CA Mobile API Gateway also provides powerful mobile backend services through SDKs and APIs for developers to help accelerate the app development process.

Get Started

Check out our documentation for sample code and more.

Android Mobile SDK Frameworks

The Android Mobile SDK consists of these frameworks:

  • MASConnecta - Pub/Sub messagin service.
  • MASFoundation - Core services to handle user authentication, device and app registration, requests and local storage of certificates, keys, and token credentials for accessing protected APIs.
  • MASStorage - Storage services for private local storage.
  • MASUI - Resources to implement a user login dialog, Social Login, One-Time Password, and Proximity Login (QR code and BLE).

For more information about our mobile products see the developer website.

Features

  • Secure API Calls - Protect APIs with Mutual TLS and control API access on application, user and device level.
  • Authentication - Implement authentication with username/password, Facebook, Google, Twitter sign-in.
  • Second Factor Auth - Secure critical APIs with One Time Password.
  • Single Sign-On - Share user credentials between your apps.
  • Enterprise Browser - Extend the single sign-on session to web applications.
  • Proximity Login - Transfer the user session between devices and platforms.
  • Fingerprint Sessions Lock - Support phone unlocking using fingerprint recognition.
  • Pub/Sub - Create real-time, IoT-friendly apps using an MQTT-based Pub/Sub infrastructure.
  • Adhoc Groups - Create groups on-the-fly for collaborative apps.
  • Local Storage - Store data on devices with enterprise-grade encryption.
  • UI Template - Provides resources to implement a user login dialog, Social Login, One-Time Password, and Proximity Login (QR code and BLE), to save time during UI creation and app prototyping.

Installation

Edit your build.gradle file and add below dependency:

    dependencies {
        implementation 'com.ca.apim:mas-foundation:2.2.0'

        implementation 'com.ca.apim:mas-connecta:2.2.0' // (Optional) Only required when using mas connecta
        implementation 'com.ca.apim:mas-storage:2.2.0' // (Optional) Only required when using mas storage
        implementation 'com.ca.apim:masui:2.2.0' // (Optional) Only required when using MASUI Template. The MAS UI library provides sample user interfaces for Login, OTP, Social Login, and Enterprise Browser.

        implementation 'org.bouncycastle:bcpkix-jdk15on:1.64' // (Optional) Only required when you want to support Android 4.1.x
    }

SDK Releases

The compiled release binaries can be found here: Releases

Sample Apps

All sample apps have moved to GITHub as of 2.1.00 release. Links will redirect to the latest released versions.

Communication

  • Have general questions or need help?, use Stack Overflow. (Tag 'massdk')
  • Find a bug?, open an issue with the steps to reproduce it.
  • Request a feature or have an idea?, open an issue.

How You Can Contribute

Contributions are welcome and much appreciated. To learn more, see the Contribution Guidelines.

Documentation

For more documentation including API references, go to our main website.

License

Copyright (c) 2019 Broadcom. All Rights Reserved. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.

This software may be modified and distributed under the terms of the MIT license. See the LICENSE file for details.

android-mas-sdk's People

Contributors

ab-sub avatar abhisheknaidu-462 avatar arindamhit avatar belailovszky avatar bmckercher avatar bobbyweber avatar forcekinetics avatar jasonwangyvr avatar magnolia628 avatar manutripathi82 avatar mirnazaki avatar mujeebhk avatar nagarajudeshettybroadcom avatar ruqiya-kaladgi avatar skalim avatar spetrov avatar witrisna avatar xuel270 avatar ysd24 avatar zakirjt avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

vamsirajendra luisamorim sattim sunwinds wbrunca gazza7205 pikturemerollin marloschida mishkakipi ottend4362 nesimi patrickpaulin gleamingthekube dnys1 tubbz-alt ruqiya lbmanit eduardoroju chinnikrishna-private ets-android1 hylkeb saschazegerman

android-mas-sdk's Issues

Android Application crash after generating signed version

My application is getting crash after generating signed version. Before that the application was working fine.

Error log

Caused by java.lang.NoSuchMethodError No interface method destroy()V in class Ljavax/crypto/SecretKey; or its super classes (declaration of 'javax.crypto.SecretKey' appears in /system/framework/core-oj.jar) com.ca.mas.core.util.KeyUtilsSymmetric.destroyKey (KeyUtilsSymmetric.java:649) com.ca.mas.core.util.KeyUtilsSymmetric.computeMac (KeyUtilsSymmetric.java:611) com.ca.mas.core.util.KeyUtilsSymmetric.encrypt (KeyUtilsSymmetric.java:526) com.ca.mas.core.security.DefaultEncryptionProvider.encrypt (DefaultEncryptionProvider.java:57) com.ca.mas.core.storage.MASSecureSharedStorage.save (MASSecureSharedStorage.java:38) com.ca.mas.core.datasource.MASSecureStorageDataSource.put (MASSecureStorageDataSource.java:71) com.ca.mas.core.store.ClientCredentialStorage.saveClientCredentials (ClientCredentialStorage.java:35) com.ca.mas.core.context.MssoContext.setClientCredentials (MssoContext.java:565) com.ca.mas.core.policy.ClientCredentialAssertion.processRequest (ClientCredentialAssertion.java:70) com.ca.mas.core.policy.PolicyManager.processRequest (PolicyManager.java:119) com.ca.mas.core.policy.PolicyManager.execute (PolicyManager.java:152) com.ca.mas.core.context.MssoContext.executeRequest (MssoContext.java:401) com.ca.mas.core.service.MssoService.onProcessRequest (MssoService.java:138) com.ca.mas.core.service.MssoService.onCredentialsObtained (MssoService.java:118) com.ca.mas.core.service.MssoService.onHandleWork (MssoService.java:87) androidx.core.app.JobIntentService$CommandProcessor.doInBackground (JobIntentService.java:392)

Device Information
Brand: HUAWEI
Model: P9 lite
Orientation: Portrait
RAM free: 1.59 GB
Disk free: 948.13 MB
Operating System
Version: 7.0
Orientation: Portrait
Rooted: No

MAS SDK version 2.0.0

is there any solution to fix this?.

connected_gateway.json file is accessible

connected_gateway.json is getting created temporarily in the device storage which contains all the information related to client id, client secret, and the endpoints. I found that it is being created in ConfigurationManager.java file.

Is there any way to hide this json file or the contents of the json file?

Broken link in Readme

The getting started link in the Readme file is incorrectly formatted and goes nowhere.

Wrong offline mode behavior

After a rigorous testing of the authentication sequence interrupted by entering offline mode, I have found an incorrect behavior of MAS v.2.1.00 in part of the exception handling logic. I see the root cause to be an incorrect authentication process behavior when an OAuth request cannot be performed due to offline mode. There is a missing exception handling thrown by OAuthClient in MSSOService class (https://github.com/CAAPIM/Android-MAS-SDK/blob/Stable/mas-foundation/src/main/java/com/ca/mas/core/service/MssoService.java#L198).
As far as I can see, the handleErrorResponse() call shall be added to the catch block (OAuthException and OAuthServerException) in order to notify listeners on the failed authentication process (via the MASCallback.onError()).

Issue with Android P

Hi,
I am using your API (ver-1.4.00) in my project. it is not working on Android P only.
getting Prompt with "Detected problems with API compatibility" warning message and also getting an exception

android.os.ServiceSpecificException: (code 7)
at android.os.Parcel.createException(Parcel.java:1956)
at android.os.Parcel.readException(Parcel.java:1910)
at android.os.Parcel.readException(Parcel.java:1860)
at android.security.IKeystoreService$Stub$Proxy.get(IKeystoreService.java:786)
at android.security.KeyStore.get(KeyStore.java:195)
at android.security.KeyStore.get(KeyStore.java:206)
at java.lang.reflect.Method.invoke(Native Method)
at com.ca.mas.core.security.KeyStoreAdapter.get(KeyStoreAdapter.java:120)
at com.ca.mas.core.storage.implementation.KeyStoreStorage.readData(KeyStoreStorage.java:175)
at com.ca.mas.core.storage.implementation.KeyStoreStorage.deleteData(KeyStoreStorage.java:410)
at com.ca.mas.core.datasource.KeystoreDataSource.remove(KeystoreDataSource.java:158)
at com.ca.mas.core.store.PrivateTokenStorage.clear(PrivateTokenStorage.java:102)
at com.ca.mas.core.conf.ConfigurationManager$ClientChangeListener.onUpdated(ConfigurationManager.java:418)
at com.ca.mas.core.conf.ConfigurationManager.activate(ConfigurationManager.java:170)
at com.ca.mas.core.MobileSsoFactory.getInstance(MobileSsoFactory.java:171)
at com.ca.mas.core.MobileSsoFactory.getInstance(MobileSsoFactory.java:88)
at com.ca.mas.foundation.MAS.start(MAS.java:233)
at com.digitaslbi.hastingsdirect.HDApplication.initCAGateway(HDApplication.java:61)
at com.digitaslbi.hastingsdirect.HDApplication.onCreate(HDApplication.java:43)
at android.app.Instrumentation.callApplicationOnCreate(Instrumentation.java:1154)
at android.app.ActivityThread.handleBindApplication(ActivityThread.java:5871)
at android.app.ActivityThread.access$1100(ActivityThread.java:199)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1650)
at android.os.Handler.dispatchMessage(Handler.java:106)
at android.os.Looper.loop(Looper.java:193)
at android.app.ActivityThread.main(ActivityThread.java:6669)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:858)

i am testing on Pixel that have official android P.
please help to resolve this issue.

CA Mobile SDK (MAG/MAS) - SNI Client Support

This is not an issue, just a question.

We are implementing MAS/MAG/RAS SDK at a customer, and to fulfill some networking infrastructure requirements (Firewall/WAF/Reverse Proxy...) our customer is asking if the "Mobile SDK for CA Mobile API Gateway" (https://mas.ca.com) supports SNI (Server Name Indication).

We couldn't find this information in the official documentation.

By our searches in the Official Documentation and CA Communities site, we believe that CA API Gateway (Server) does not have SNI support, but the question above is specific for the Mobile Client SDK (Android/iOS/etc).

If the Mobile Client SDK supports SNI, we need to know if there is any limitation in any of the supported Operating Systems.

Best Regards,

Marlos Chida

Use custom policies in request/response processing

Greetings everyone. I was reading the source code in order to know better how the SDK works to develop a Demo APP and came to know PolicyManager.java (com.ca.mas.core.policy.PolicyManager).

I couldn't find any documentation about the use of custom policies when a request/response is processed (here and at mas.ca.com), but It seems ready and there's an "official" way to do It already implemented in PolicyManager.java. The code loops into a custom policies variable, set by the property "PROP_ADD_CUSTOM_POLICIES" (wich has the value "msso.add.custom.policies"), and adds them before adding the Default Policies (Classes "xxxAssertion").

"PROP_ADD_CUSTOM_POLICIES" is set in MobileSsoConfig.java, which states that "PROP_ADD_CUSTOM_POLICIES" is an "ArrayList of String. Add a list of custom policies to intercept the Default Policy execution.".

The only places I found setting this properties were DefaultConfiguration.java and ConfigurationManager.java. Following the code logic, "PROP_ADD_CUSTOM_POLICIES" should probably be defined in Config.java, at "public static Config[] values = {..." using the same pattern as the other settings, and set at ConfigurationManager.java's create method ("conf.putProperty(attr.key, getValue(attr, jsonObject));".

So, after all this analysis, I could't find a way to use this feature. Setting "msso.add.custom.policies" in my msso_config.json with my custom policy class name doesn't work, as the property is never read and set, per my debugs. Maybe I missed something, or this feature is not ready for use now, but the foundations are set.

I would appreciate any comments, thoughts and directions on this question.

I have a fully configured and licensed CA API Gateway to do any testing required.

Enhancement - Encryption of tokens when AMS storage is used

Tokens (access, refresh and id) are currently stored base64 encoded in AMS.
Encryption keys may be derived from client_id and/or client_secret obtained during device initialization (used symmetrically or asymmetrically)
Another option is the key pair generated for device-id

App freezes when you press "cancel" in Lock Screen method selection

Greetings!

I believe I found an issue that affects Android apps using MAS SDK: the first time you launch an App and the device has no Lock Screen method selected (neither PIN, nor Pattern, nor Fingerprint...), SDK fires the Settings Page asking for Lock Screen method selection. If the user hits "Cancel" or "Back" on this screen, the device gets stuck and the app freeze.

That issue rise some questions:

  • Is it mandatory that Android devices have Lock Screen enabled to use MAS SDK Apps?

  • Can we disable this behavior (for MASFoundation use only)?

  • Is it possible to fix this issue, either showing a message saying "Lock Screen is mandatory" or adjusting the SDK?

[CRASH] AccountManagerUtil.java line 59

Hi, im having the following issue in the AccountManagerUtil when I run
MAS.start(context, config);.

Im using com.ca:mas-foundation:1.8.01-Beta1.

Caused by java.lang.NullPointerException: Attempt to invoke virtual method 'boolean java.lang.String.equals(java.lang.Object)' on a null object reference
       at com.ca.mas.core.storage.sharedstorage.AccountManagerUtil.<init> + 59(AccountManagerUtil.java:59)
       at com.ca.mas.core.storage.sharedstorage.MASSharedStorage.getStorageProvider + 167(MASSharedStorage.java:167)
       at com.ca.mas.core.storage.sharedstorage.MASSharedStorage.<init> + 69(MASSharedStorage.java:69)
       at com.ca.mas.core.storage.MASSecureSharedStorage.<init> + 28(MASSecureSharedStorage.java:28)
       at com.ca.mas.core.datasource.MASSecureStorageDataSource.<init> + 51(MASSecureStorageDataSource.java:51)
       at java.lang.reflect.Constructor.newInstance0(Constructor.java)
       at java.lang.reflect.Constructor.newInstance + 343(Constructor.java:343)
       at com.ca.mas.core.datasource.DataSourceFactory.getStorage + 23(DataSourceFactory.java:23)
       at com.ca.mas.core.store.StorageProvider.createTokenManager + 87(StorageProvider.java:87)
       at com.ca.mas.core.store.StorageProvider.<init> + 41(StorageProvider.java:41)
       at com.ca.mas.core.store.StorageProvider.getInstance + 51(StorageProvider.java:51)
       at com.ca.mas.core.conf.ConfigurationManager$ClientChangeListener.onUpdated + 406(ConfigurationManager.java:406)
       at com.ca.mas.core.conf.ConfigurationManager.activate + 170(ConfigurationManager.java:170)
       at com.ca.mas.core.MobileSsoFactory.getInstance + 169(MobileSsoFactory.java:169)
       at com.ca.mas.foundation.MAS.start + 169(MAS.java:169)

[CRASH] AndroidKeyStoreRepository.java line 86

I'm trying initialize with MAS.start(this, false);, occur the crash above:

Im using implementation 'com.ca:mas-foundation:1.9.10'`

Caused by com.ca.mas.core.datasource.DataSourceException java.lang.reflect.InvocationTargetException

com.ca.mas.core.datasource.DataSourceFactory.getStorage (DataSourceFactory.java:25)
com.ca.mas.core.store.StorageProvider.createTokenManager (StorageProvider.java:87)
com.ca.mas.core.store.StorageProvider.<init> (StorageProvider.java:41)
com.ca.mas.core.store.StorageProvider.getInstance (StorageProvider.java:51)
com.ca.mas.core.conf.ConfigurationManager$ClientChangeListener.onUpdated (ConfigurationManager.java:407)
com.ca.mas.core.conf.ConfigurationManager.activate (ConfigurationManager.java:171)
com.ca.mas.core.MobileSsoFactory.getInstance (MobileSsoFactory.java:169)
com.ca.mas.core.MobileSsoFactory.getInstance (MobileSsoFactory.java:86)
com.ca.mas.foundation.MAS.start (MAS.java:182)```

Issue with Shared Storage

Hi, i am using the MASFoundation.Xamarin 1.9, downloaded from the nuget packages in Visual Studio. After configuring the Secure Account Manager Storage, when i try to start the SDK, i get the following error:
Error:Java.Lang.RuntimeException:java.lang.reflect.InvocationTargetException ---> Java.Lang.Reflect.InvocationTargetException:Exception of type 'Java.Lang.Reflect.InvocationTargetException' was thrown. ---> Com.CA.Mas.Foundation.MASSharedStorageException:uid 10382 cannot explicitly add accounts of type: @2131492947 --- End of inner exception stack trace ---...

Here is a snippet from msso_config.json:
"mobile_sdk": { "sso_enabled": true, "location_enabled": true, "location_provider": "network", "msisdn_enabled": true, "enable_public_key_pinning": false, "trusted_public_pki": false, "trusted_cert_pinned_public_key_hashes": [], "client_cert_rsa_keybits": 1024, "storage": { "class": "com.ca.mas.core.datasource.MASSecureStorageDataSource" } },

Here is my authenticator.xml:
<account-authenticator xmlns:android="http://schemas.android.com/apk/res/android" android:accountType="@string/acc_name" android:icon="@drawable/logo" android:smallIcon="@drawable/logo_small" android:label="@string/app_name"/>

Here is my manifest file:
<?xml version="1.0" encoding="utf-8"?> <manifest xmlns:android="http://schemas.android.com/apk/res/android" android:versionCode="1" android:versionName="1.0" package="com.companyname.TallerMAG" android:installLocation="auto"> <uses-permission android:name="android.permission.INTERNET" /> <uses-permission android:name="android.permission.AUTHENTICATE_ACCOUNTS" /> <uses-permission android:name="android.permission.USE_CREDENTIALS" /> <uses-permission android:name="android.permission.GET_ACCOUNTS" /> <uses-permission android:name="android.permission.MANAGE_ACCOUNTS" /> <uses-permission android:name="android.permission.ACCOUNT_MANAGER" /> <uses-sdk android:minSdkVersion="21" android:targetSdkVersion="27" /> <application android:label="TallerMAG.Android"> <service android:name="com.ca.mas.core.storage.sharedstorage.MASAuthenticatorService" android:exported="false"> <intent-filter> <action android:name="android.accounts.AccountAuthenticator" /> </intent-filter> <meta-data android:name="account.name" android:resource="@string/acc_name" /> <meta-data android:name="android.accounts.AccountAuthenticator" android:resource="@xml/authenticator" /> </service> </application> </manifest>

And the exception is thrown by invoking MAS.Start(activity,true)

Any ideas about where am i doing it wrong?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.