Menu
I am exposing some API through AIDL mechanism. Clients need to bind to the AIDL and call methods synchronously. Is there a way I can retrieve the client's Java package name?
For example, if I expose a method boolean isFooAvailable() as AIDL API, from within the implementation of isFooAvalable, can I determine the Java package name of the app that binds to the AIDL service?
522
Expanding on the comment given by CommonsWare, inside your Service you can use
PackageManager packageManager = context.getPackageManager();
String callingName = packageManager.getNameForUid(Binder.getCallingUid());
If you're trying to restrict access to of callers you should also check the certificates of the calling app.
PackageInfo callingPackageInfo = packageManager
.getPackageInfo(callingPackage, PackageManager.GET_SIGNATURES);
// Make sure to check there is only one signature, or you may run into a security
// vulnerability: https://androidvulnerabilities.org/vulnerabilities/Fake_ID
verify(callingPackageInfo.signatures);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
