我正在通过AIDL机制公开一些API。客户端需要绑定到AIDL并同步调用方法。有什么方法可以检索客户端的Java包名称?
例如,如果我将方法boolean isFooAvailable()
公开为AIDL API,则可以从isFooAvalable的实现中确定绑定到AIDL服务的应用的Java软件包名称?
是的,您可以从实现中找到程序包名称,如下所示:
IAidl.Stub mBinder = new IAidl.Stub() {
@Override
public boolean isFooAvailable() throws RemoteException {
String pkgName = "";
int pid = Binder.getCallingPid();
ActivityManager am = (ActivityManager) getSystemService(ACTIVITY_SERVICE);
List<ActivityManager.RunningAppProcessInfo> processes = am.getRunningAppProcesses();
for (ActivityManager.RunningAppProcessInfo proc : processes) {
if (proc.pid == pid) {
pkgName = proc.processName;
}
}
// package name of calling application package
Log.e("Package Name", pkgName);
return false;
}
}
与UID相比,通过PID查找包名称是最好的方法。
在您可以使用的Service
内扩展CommonsWare给出的注释
PackageManager packageManager = context.getPackageManager();
String callingName = packageManager.getNameForUid(Binder.getCallingUid());
如果您试图限制呼叫者的访问,还应该检查呼叫应用程序的证书。
PackageInfo callingPackageInfo = packageManager
.getPackageInfo(callingPackage, PackageManager.GET_SIGNATURES);
// Make sure to check there is only one signature, or you may run into a security
// vulnerability: https://androidvulnerabilities.org/vulnerabilities/Fake_ID
verify(callingPackageInfo.signatures);