4.3.1.1 创建/使用私有内容供应器

私有内容供应器是只由单一应用使用的内容提供者,它是最安全的内容供应器 [8]。

下面展示了如何实现私有内容供应器的示例代码。

要点(创建内容供应器):

  1. 将导出属性显式设置为false

  2. 即使数据来自相同应用,也应该小心并安全地处理收到的请求数据。

  3. 可以发送敏感信息,因为它在同一应用内发送和接收所有信息。

AndroidManifest.xml

  1. <?xml version="1.0" encoding="utf-8"?>
  2. <manifest xmlns:android="http://schemas.android.com/apk/res/android"
  3.     package="org.jssec.android.provider.privateprovider">
  5.     <application
  6.         android:icon="@drawable/ic_launcher"
  7.         android:label="@string/app_name" >
  8.         <activity
  9.             android:name=".PrivateUserActivity"
  10.             android:label="@string/app_name"
  11.             android:exported="true" >
  12.             <intent-filter>
  13.                 <action android:name="android.intent.action.MAIN" />
  14.                 <category android:name="android.intent.category.LAUNCHER" />
  15.             </intent-filter>
  16.         </activity>
  18.         <!-- *** POINT 1 *** Explicitly set the exported attribute to false. -->
  19.         <provider
  20.         android:name=".PrivateProvider"
  21.         android:authorities="org.jssec.android.provider.privateprovider"
  22.         android:exported="false" />
  23.     </application>
  24. </manifest>

PrivateProvider.java

  1. package org.jssec.android.provider.privateprovider;
  3. import android.content.ContentProvider;
  4. import android.content.ContentUris;
  5. import android.content.ContentValues;
  6. import android.content.UriMatcher;
  7. import android.database.Cursor;
  8. import android.database.MatrixCursor;
  9. import android.net.Uri;
  11. public class PrivateProvider extends ContentProvider {
  13.     public static final String AUTHORITY = "org.jssec.android.provider.privateprovider";
  14.     public static final String CONTENT_TYPE = "vnd.android.cursor.dir/vnd.org.jssec.contenttype";
  15.     public static final String CONTENT_ITEM_TYPE = "vnd.android.cursor.item/vnd.org.jssec.contenttype";
  16.     // Expose the interface that the Content Provider provides.
  18.     public interface Download {
  19.         public static final String PATH = "downloads";
  20.         public static final Uri CONTENT_URI = Uri.parse("content://" + AUTHORITY + "/" + PATH);
  21.     }
  23.     public interface Address {
  24.         public static final String PATH = "addresses";
  25.         public static final Uri CONTENT_URI = Uri.parse("content://" + AUTHORITY + "/" + PATH);
  26.     }
  28.     // UriMatcher
  29.     private static final int DOWNLOADS_CODE = 1;
  30.     private static final int DOWNLOADS_ID_CODE = 2;
  31.     private static final int ADDRESSES_CODE = 3;
  32.     private static final int ADDRESSES_ID_CODE = 4;
  33.     private static UriMatcher sUriMatcher;
  35.     static {
  36.         sUriMatcher = new UriMatcher(UriMatcher.NO_MATCH);
  37.         sUriMatcher.addURI(AUTHORITY, Download.PATH, DOWNLOADS_CODE);
  38.         sUriMatcher.addURI(AUTHORITY, Download.PATH + "/#", DOWNLOADS_ID_CODE);
  39.         sUriMatcher.addURI(AUTHORITY, Address.PATH, ADDRESSES_CODE);
  40.         sUriMatcher.addURI(AUTHORITY, Address.PATH + "/#", ADDRESSES_ID_CODE);
  41.     }
  43.     // Since this is a sample program,
  44.     // query method returns the following fixed result always without using database.
  45.     private static MatrixCursor sAddressCursor = new MatrixCursor(new String[] { "_id", "city" });
  47.     static {
  48.         sAddressCursor.addRow(new String[] { "1", "New York" });
  49.         sAddressCursor.addRow(new String[] { "2", "Longon" });
  50.         sAddressCursor.addRow(new String[] { "3", "Paris" });
  51.     }
  53.     private static MatrixCursor sDownloadCursor = new MatrixCursor(new String[] { "_id", "path" });
  55.     static {
  56.         sDownloadCursor.addRow(new String[] { "1", "/sdcard/downloads/sample.jpg" });
  57.         sDownloadCursor.addRow(new String[] { "2", "/sdcard/downloads/sample.txt" });
  58.     }
  60.     @Override
  61.     public boolean onCreate() {
  62.         return true;
  63.     }
  65.     @Override
  66.     public String getType(Uri uri) {
  67.         // *** POINT 2 *** Handle the received request data carefully and securely,
  68.         // even though the data comes from the same application.
  69.         // Here, whether uri is within expectations or not, is verified by UriMatcher#match() and switch case.
  70.         // Checking for other parameters are omitted here, due to sample.
  71.         // Please refer to "3.2 Handle Input Data Carefully and Securely."
  72.         // *** POINT 3 *** Sensitive information can be sent since it is sending and receiving all within the same application.
  73.         // However, the result of getType rarely has the sensitive meaning.
  74.         switch (sUriMatcher.match(uri)) {
  75.             case DOWNLOADS_CODE:
  76.             case ADDRESSES_CODE:
  77.                 return CONTENT_TYPE;
  78.             case DOWNLOADS_ID_CODE:
  79.             case ADDRESSES_ID_CODE:
  80.                 return CONTENT_ITEM_TYPE;
  81.             default:
  82.                 throw new IllegalArgumentException("Invalid URI:" + uri);
  83.         }
  84.     }
  86.     @Override
  87.     public Cursor query(Uri uri, String[] projection, String selection,
  88.         String[] selectionArgs, String sortOrder) {
  89.         // *** POINT 2 *** Handle the received request data carefully and securely,
  90.         // even though the data comes from the same application.
  91.         // Here, whether uri is within expectations or not, is verified by UriMatcher#match() and switch case.
  92.         // Checking for other parameters are omitted here, due to sample.
  93.         // Please refer to "3.2 Handle Input Data Carefully and Securely."
  94.         // *** POINT 3 *** Sensitive information can be sent since it is sending and receiving all within the same application.
  95.         // It depends on application whether the query result has sensitive meaning or not.
  96.         switch (sUriMatcher.match(uri)) {
  97.             case DOWNLOADS_CODE:
  98.             case DOWNLOADS_ID_CODE:
  99.                 return sDownloadCursor;
  100.             case ADDRESSES_CODE:
  101.             case ADDRESSES_ID_CODE:
  102.                 return sAddressCursor;
  103.             default:
  104.                 throw new IllegalArgumentException("Invalid URI:" + uri);
  105.         }
  106.     }
  108.     @Override
  109.     public Uri insert(Uri uri, ContentValues values) {
  110.         // *** POINT 2 *** Handle the received request data carefully and securely,
  111.         // even though the data comes from the same application.
  112.         // Here, whether uri is within expectations or not, is verified by UriMatcher#match() and switch case.
  113.         // Checking for other parameters are omitted here, due to sample.
  114.         // Please refer to "3.2 Handle Input Data Carefully and Securely."
  115.         // *** POINT 3 *** Sensitive information can be sent since it is sending and receiving all within the same application.
  116.         // It depends on application whether the issued ID has sensitive meaning or not.
  117.         switch (sUriMatcher.match(uri)) {
  118.             case DOWNLOADS_CODE:
  119.                 return ContentUris.withAppendedId(Download.CONTENT_URI, 3);
  120.             case ADDRESSES_CODE:
  121.                 return ContentUris.withAppendedId(Address.CONTENT_URI, 4);
  122.             default:
  123.                 throw new IllegalArgumentException("Invalid URI:" + uri);
  124.         }
  125.     }
  127.     @Override
  128.     public int update(Uri uri, ContentValues values, String selection,
  129.         String[] selectionArgs) {
  130.         // *** POINT 2 *** Handle the received request data carefully and securely,
  131.         // even though the data comes from the same application.
  132.         // Here, whether uri is within expectations or not, is verified by UriMatcher#match() and switch case.
  133.         // Checking for other parameters are omitted here, due to sample.
  134.         // Please refer to "3.2 Handle Input Data Carefully and Securely."
  135.         // *** POINT 3 *** Sensitive information can be sent since it is sending and receiving all within the same application.
  136.         // It depends on application whether the number of updated records has sensitive meaning or not.
  137.         switch (sUriMatcher.match(uri)) {
  138.             case DOWNLOADS_CODE:
  139.                 return 5; // Return number of updated records
  140.             case DOWNLOADS_ID_CODE:
  141.                 return 1;
  142.             case ADDRESSES_CODE:
  143.                 return 15;
  144.             case ADDRESSES_ID_CODE:
  145.                 return 1;
  146.             default:
  147.                 throw new IllegalArgumentException("Invalid URI:" + uri);
  148.         }
  149.     }
  151.     @Override
  152.     public int delete(Uri uri, String selection, String[] selectionArgs) {
  153.         // *** POINT 2 *** Handle the received request data carefully and securely,
  154.         // even though the data comes from the same application.
  155.         // Here, whether uri is within expectations or not, is verified by UriMatcher#match() and switch case.
  156.         // Checking for other parameters are omitted here, due to sample.
  157.         // Please refer to "3.2 Handle Input Data Carefully and Securely."
  158.         // *** POINT 3 *** Sensitive information can be sent since it is sending and receiving all within the same application.
  159.         // It depends on application whether the number of deleted records has sensitive meaning or not.
  160.         switch (sUriMatcher.match(uri)) {
  161.             case DOWNLOADS_CODE:
  162.                 return 10; // Return number of deleted records
  163.             case DOWNLOADS_ID_CODE:
  164.                 return 1;
  165.             case ADDRESSES_CODE:
  166.                 return 20;
  167.             case ADDRESSES_ID_CODE:
  168.                 return 1;
  169.             default:
  170.                 throw new IllegalArgumentException("Invalid URI:" + uri);
  171.         }
  172.     }
  174. }

下面是活动的示例,它使用私有内容供应器。

要点(使用内容供应器):

  1. 敏感信息可以发送,因为目标供应器在相同应用中。

  2. 小心和安全地处理收到的结果数据,即使数据来自相同应用。

PrivateUserActivity.java

  1. package org.jssec.android.provider.privateprovider;
  3. import android.app.Activity;
  4. import android.database.Cursor;
  5. import android.net.Uri;
  6. import android.os.Bundle;
  7. import android.view.View;
  8. import android.widget.TextView;
  10. public class PrivateUserActivity extends Activity {
  12.     public void onQueryClick(View view) {
  13.         logLine("[Query]");
  14.         Cursor cursor = null;
  15.         try {
  16.             // *** POINT 4 *** Sensitive information can be sent since the destination provider is in the same application.
  17.             cursor = getContentResolver().query(
  18.                 PrivateProvider.Download.CONTENT_URI, null, null, null, null);
  19.             // *** POINT 5 *** Handle received result data carefully and securely,
  20.             // even though the data comes from the same application.
  21.             // Omitted, since this is a sample. Please refer to "3.2 Handling Input Data Carefully and Securely."
  22.             if (cursor == null) {
  23.                 logLine(" null cursor");
  24.             } else {
  25.                 boolean moved = cursor.moveToFirst();
  26.                 while (moved) {
  27.                     logLine(String.format(" %d, %s", cursor.getInt(0), cursor.getString(1)));
  28.                     moved = cursor.moveToNext();
  29.                 }
  30.             }
  31.         }
  32.         finally {
  33.             if (cursor != null) cursor.close();
  34.         }
  35.     }
  37.     public void onInsertClick(View view) {
  38.         logLine("[Insert]");
  39.         // *** POINT 4 *** Sensitive information can be sent since the destination provider is in the same application.
  40.         Uri uri = getContentResolver().insert(PrivateProvider.Download.CONTENT_URI, null);
  41.         // *** POINT 5 *** Handle received result data carefully and securely,
  42.         // even though the data comes from the same application.
  43.         // Omitted, since this is a sample. Please refer to "3.2 Handling Input Data Carefully and Securely."
  44.         logLine(" uri:" + uri);
  45.     }
  47.     public void onUpdateClick(View view) {
  48.     logLine("[Update]");
  49.         // *** POINT 4 *** Sensitive information can be sent since the destination provider is in the same application.
  50.         int count = getContentResolver().update(PrivateProvider.Download.CONTENT_URI, null, null, null);
  51.         // *** POINT 5 *** Handle received result data carefully and securely,
  52.         // even though the data comes from the same application.
  53.         // Omitted, since this is a sample. Please refer to "3.2 Handling Input Data Carefully and Securely."
  54.         logLine(String.format(" %s records updated", count));
  55.     }
  57.     public void onDeleteClick(View view) {
  58.     logLine("[Delete]");
  59.         // *** POINT 4 *** Sensitive information can be sent since the destination provider is in the same application.
  60.         int count = getContentResolver().delete(
  61.         PrivateProvider.Download.CONTENT_URI, null, null);
  62.         // *** POINT 5 *** Handle received result data carefully and securely,
  63.         // even though the data comes from the same application.
  64.         // Omitted, since this is a sample. Please refer to "3.2 Handling Input Data Carefully and Securely."
  65.         logLine(String.format(" %s records deleted", count));
  66.     }
  68.     private TextView mLogView;
  70.     @Override
  71.     public void onCreate(Bundle savedInstanceState) {
  72.         super.onCreate(savedInstanceState);
  73.         setContentView(R.layout.main);
  74.         mLogView = (TextView)findViewById(R.id.logview);
  75.     }
  77.     private void logLine(String line) {
  78.         mLogView.append(line);
  79.         mLogView.append("¥n");
  80.     }
  81. }