1 <?xml version="1.0" encoding="UTF-8"?> 2 <!-- 3 Copyright 2015 The Android Open Source Project 4 5 Licensed under the Apache License, Version 2.0 (the "License"); 6 you may not use this file except in compliance with the License. 7 You may obtain a copy of the License at 8 9 http://www.apache.org/licenses/LICENSE-2.0 10 11 Unless required by applicable law or agreed to in writing, software 12 distributed under the License is distributed on an "AS IS" BASIS, 13 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 See the License for the specific language governing permissions and 15 limitations under the License. 16 --> 17 <!-- TODO(thagikura) Add tests for Activity once InstrumentationTests can be run 18 on an emulator or a device. 19 At this moment, due to the different API between the image and the SDK, they can't be launched. 20 E.g. Skipping device 'Nexus 5 - MNC', due to different API preview 'MNC' and 'android-MNC' 21 --> 22 <sample> 23 <name>Confirm Credential</name> 24 <group>Security</group> 25 <package>com.example.android.confirmcredential</package> 26 27 <minSdk>23</minSdk> 28 29 <strings> 30 <intro> 31 <![CDATA[ 32 This sample demonstrates how you can use device credentials (PIN, Pattern, Password) in your app 33 to authenticate the user before they are trying to complete some actions. 34 ]]> 35 </intro> 36 </strings> 37 38 <!-- The basic templates have already been enabled. Uncomment more as desired. --> 39 <template src="base" /> 40 41 <metadata> 42 <!-- Values: {DRAFT | PUBLISHED | INTERNAL | DEPRECATED | SUPERCEDED} --> 43 <status>PUBLISHED</status> 44 <categories>Security</categories> 45 <technologies>Android</technologies> 46 <languages>Java</languages> 47 <solutions>Mobile</solutions> 48 <!-- Values: {BEGINNER | INTERMEDIATE | ADVANCED | EXPERT} --> 49 <level>INTERMEDIATE</level> 50 <!-- Dimensions: 512x512, PNG fomrat --> 51 <icon>screenshots/big-icon.png</icon> 52 <!-- Path to screenshots. Use <img> tags for each. --> 53 <screenshots> 54 <img>screenshots/1-purchase.png</img> 55 <img>screenshots/2-show-confirm-credential.png</img> 56 <img>screenshots/3-already-authenticated.png</img> 57 </screenshots> 58 <api_refs> 59 <android>android.app.KeyguardManager.createConfirmDeviceCredentialIntent</android> 60 <android>android.security.KeyGenParameterSpec</android> 61 <android>java.security.KeyStore</android> 62 <android>javax.crypto.Cipher</android> 63 <android>javax.crypto.KeyGenerator</android> 64 </api_refs> 65 66 <description> 67 <![CDATA[ 68 A sample that demonstrates how to use device credentials (PIN, Pattern, Password) in your app 69 ]]> 70 </description> 71 72 <intro> 73 <![CDATA[ 74 This sample demonstrates how you can use device credentials (PIN, Pattern, Password) in your app 75 to authenticate the user before they are trying to complete some actions. 76 77 First you need to create a symmetric key in the Android Key Store using [KeyGenerator][1] 78 which can be only be used after the user has authenticated after the user is authenticated 79 with their device credentials and pass [KeyGenParameterSpec][2]. 80 81 By setting an integer value to the 82 [KeyGenParameterSpec.Builder.setUserAuthenticationValidityDurationSeconds][3], you can consider the 83 user as authenticated if the user has been authenticated with the device credentials 84 within the last x seconds. 85 86 Then by calling [KeyguardManager.createConfirmDeviceCredentialIntent][4], you can show a screen 87 to confirm device credentials to the user. 88 89 [1]: https://developer.android.com/reference/javax/crypto/KeyGenerator.html 90 [2]: https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.html 91 [3]: https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.Builder.html#setUserAuthenticationValidityDurationSeconds%28int%29 92 [4]: https://developer.android.com/reference/android/app/KeyguardManager.html#createConfirmDeviceCredentialIntent%28java.lang.CharSequence,%20java.lang.CharSequence%29 93 ]]> 94 </intro> 95 </metadata> 96 </sample> 97
