1<?xml version="1.0" encoding="UTF-8"?> 2<!-- 3 Copyright 2015 The Android Open Source Project 4 5 Licensed under the Apache License, Version 2.0 (the "License"); 6 you may not use this file except in compliance with the License. 7 You may obtain a copy of the License at 8 9 http://www.apache.org/licenses/LICENSE-2.0 10 11 Unless required by applicable law or agreed to in writing, software 12 distributed under the License is distributed on an "AS IS" BASIS, 13 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 See the License for the specific language governing permissions and 15 limitations under the License. 16--> 17<!-- TODO(thagikura) Add tests for Activity once InstrumentationTests can be run 18 on an emulator or a device. 19 At this moment, due to the different API between the image and the SDK, they can't be launched. 20 E.g. Skipping device 'Nexus 5 - MNC', due to different API preview 'MNC' and 'android-MNC' 21 --> 22<sample> 23 <name>Confirm Credential</name> 24 <group>Security</group> 25 <package>com.example.android.confirmcredential</package> 26 27 <minSdk>23</minSdk> 28 29 <strings> 30 <intro> 31 <![CDATA[ 32This sample demonstrates how you can use device credentials (PIN, Pattern, Password) in your app 33to authenticate the user before they are trying to complete some actions. 34 ]]> 35 </intro> 36 </strings> 37 38 <!-- The basic templates have already been enabled. Uncomment more as desired. --> 39 <template src="base" /> 40 41 <metadata> 42 <!-- Values: {DRAFT | PUBLISHED | INTERNAL | DEPRECATED | SUPERCEDED} --> 43 <status>PUBLISHED</status> 44 <categories>Security</categories> 45 <technologies>Android</technologies> 46 <languages>Java</languages> 47 <solutions>Mobile</solutions> 48 <!-- Values: {BEGINNER | INTERMEDIATE | ADVANCED | EXPERT} --> 49 <level>INTERMEDIATE</level> 50 <!-- Dimensions: 512x512, PNG fomrat --> 51 <icon>screenshots/big-icon.png</icon> 52 <!-- Path to screenshots. Use <img> tags for each. --> 53 <screenshots> 54 <img>screenshots/1-purchase.png</img> 55 <img>screenshots/2-show-confirm-credential.png</img> 56 <img>screenshots/3-already-authenticated.png</img> 57 </screenshots> 58 <api_refs> 59 <android>android.app.KeyguardManager.createConfirmDeviceCredentialIntent</android> 60 <android>android.security.KeyGenParameterSpec</android> 61 <android>java.security.KeyStore</android> 62 <android>javax.crypto.Cipher</android> 63 <android>javax.crypto.KeyGenerator</android> 64 </api_refs> 65 66 <description> 67 <![CDATA[ 68A sample that demonstrates how to use device credentials (PIN, Pattern, Password) in your app 69 ]]> 70 </description> 71 72 <intro> 73 <![CDATA[ 74This sample demonstrates how you can use device credentials (PIN, Pattern, Password) in your app 75to authenticate the user before they are trying to complete some actions. 76 77First you need to create a symmetric key in the Android Key Store using [KeyGenerator][1] 78which can be only be used after the user has authenticated after the user is authenticated 79with their device credentials and pass [KeyGenParameterSpec][2]. 80 81By setting an integer value to the 82[KeyGenParameterSpec.Builder.setUserAuthenticationValidityDurationSeconds][3], you can consider the 83user as authenticated if the user has been authenticated with the device credentials 84within the last x seconds. 85 86Then by calling [KeyguardManager.createConfirmDeviceCredentialIntent][4], you can show a screen 87to confirm device credentials to the user. 88 89[1]: https://developer.android.com/reference/javax/crypto/KeyGenerator.html 90[2]: https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.html 91[3]: https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.Builder.html#setUserAuthenticationValidityDurationSeconds%28int%29 92[4]: https://developer.android.com/reference/android/app/KeyguardManager.html#createConfirmDeviceCredentialIntent%28java.lang.CharSequence,%20java.lang.CharSequence%29 93 ]]> 94 </intro> 95 </metadata> 96</sample> 97
