feat: Enforce API key restrictions when used in Android. (#740)

* feat: Enforce API key restrictions when used in Android.

* Revert version to 0.18.2

* Update README.

* Reformat.

* Use api instead of implementation for okhttp.

* Delete unused files.

Author: arriolac

README.md

@@ -30,44 +30,28 @@ APIs:
 Keep in mind that the same [terms and conditions](https://developers.google.com/maps/terms) apply
 to usage of the APIs when they're accessed through this library.
 
-## Intended usage of this library
-
-The Java Client for Google Maps Services is designed for use in server applications. This library
-is not intended for use inside of an Android app, due to the potential for loss of API keys.
-
-If you are building a mobile application, you will need to introduce a proxy server to act as 
-intermediary between your mobile application and the [Google Maps API Web Services]. The Java
-Client for Google Maps Services would make an excellent choice as the basis for such a proxy server.
-
-Please see [Making the most of the Google Maps Web Service APIs] for more detail.
-
-Looking for our Android [Maps](https://developers.google.com/maps/documentation/android-sdk/intro) or 
-[Places](https://developers.google.com/places/android-sdk/intro) SDKs?
-
-## Support
-
-This library is community supported. We're comfortable enough with the stability and features of
-the library that we want you to build real production applications on it. We will try to support,
-through Stack Overflow, the public and protected surface of the library and maintain backwards
-compatibility in the future; however, while the library is in version 0.x, we reserve the right
-to make backwards-incompatible changes. If we do remove some functionality (typically because
-better functionality exists or if the feature proved infeasible), our intention is to deprecate
-and give developers a year to update their code.
-
-If you find a bug, or have a feature suggestion, please [log an issue][issues]. If you'd like to
-contribute, please read [How to Contribute][contrib].
-
 ## Requirements
 
 - Java 1.8 or later.
 - A Google Maps API key.
 
-### API keys
+## API keys
 Each Google Maps Web Service request requires an API key. API keys are generated in the 'Credentials' page of the 'APIs & Services' tab of Google Cloud console.
 
-For even more information on getting started with Google Maps Platform and generating/restricting an API key, see [Get Started with Google Maps Platform](https://developers.google.com/maps/gmp-get-started) in our docs.
+For even more information on getting started with Google Maps Platform and generating an API key, see [Get Started with Google Maps Platform](https://developers.google.com/maps/gmp-get-started) in our docs.
+
+### API Key Security
+
+The Java Client for Google Maps Services is designed for use in both server and Android applications.
+In either case, it is important to add [API key restrictions](https://developers.google.com/maps/api-security-best-practices?hl=it)
+to improve the security of your API key. Additional security measures, such as hiding your key
+from version control, should also be put in place to further improve the security of your API key.
 
-Important: This key should be kept secret on your server.
+You can refer to [API Security Best Practices](https://developers.google.com/maps/api-security-best-practices) to learn
+more about this topic.
+
+**NOTE**: If you are using this library on Android, ensure that your application
+is using at least version 0.19.0 of this library so that API key restrictions can be enforced.
 
 ## Installation
 
@@ -236,6 +220,19 @@ req.setCallback(new PendingResult.Callback<GeocodingResult[]>() {
     # Run the tests
     $ ./gradlew test
 
+## Support
+
+This library is community supported. We're comfortable enough with the stability and features of
+the library that we want you to build real production applications on it. We will try to support,
+through Stack Overflow, the public and protected surface of the library and maintain backwards
+compatibility in the future; however, while the library is in version 0.x, we reserve the right
+to make backwards-incompatible changes. If we do remove some functionality (typically because
+better functionality exists or if the feature proved infeasible), our intention is to deprecate
+and give developers a year to update their code.
+
+If you find a bug, or have a feature suggestion, please [log an issue][issues]. If you'd like to
+contribute, please read [How to Contribute][contrib].
+
 
 [apikey]: https://developers.google.com/maps/faq#keysystem
 [clientid]: https://developers.google.com/maps/documentation/business/webservices/auth

build.gradle

@@ -56,14 +56,14 @@ dependencies {
     api 'com.google.code.gson:gson:2.8.6'
     api 'io.opencensus:opencensus-api:0.25.0'
     implementation 'org.slf4j:slf4j-api:1.7.26'
-    testImplementation 'junit:junit:4.12'
-    testImplementation 'org.mockito:mockito-core:3.0.0'
+    testImplementation 'junit:junit:4.13.2'
     testImplementation 'com.squareup.okhttp3:mockwebserver:4.9.1'
     testImplementation 'org.apache.httpcomponents:httpclient:4.5.9'
     testImplementation 'org.slf4j:slf4j-simple:1.7.26'
     testImplementation 'org.apache.commons:commons-lang3:3.9'
     testImplementation 'org.json:json:20180813'
     testImplementation 'io.opencensus:opencensus-impl:0.25.0'
+    testImplementation "org.mockito:mockito-inline:3.11.2"
 }
 
 task updateVersion(type: Copy) {

src/main/java/com/google/maps/OkHttpRequestHandler.java

@@ -17,25 +17,24 @@
 
 import com.google.gson.FieldNamingPolicy;
 import com.google.maps.GeoApiContext.RequestHandler;
+import com.google.maps.android.AndroidAuthenticationConfig;
+import com.google.maps.android.AndroidAuthenticationConfigProvider;
+import com.google.maps.android.AndroidAuthenticationInterceptor;
 import com.google.maps.internal.ApiResponse;
 import com.google.maps.internal.ExceptionsAllowedToRetry;
 import com.google.maps.internal.HttpHeaders;
 import com.google.maps.internal.OkHttpPendingResult;
 import com.google.maps.internal.RateLimitExecutorService;
 import com.google.maps.metrics.RequestMetrics;
-import java.io.IOException;
 import java.net.Proxy;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.TimeUnit;
-import okhttp3.Authenticator;
 import okhttp3.Credentials;
 import okhttp3.Dispatcher;
 import okhttp3.MediaType;
 import okhttp3.OkHttpClient;
 import okhttp3.Request;
 import okhttp3.RequestBody;
-import okhttp3.Response;
-import okhttp3.Route;
 
 /**
  * A strategy for handling URL requests using OkHttp.
@@ -130,6 +129,11 @@ public Builder() {
       rateLimitExecutorService = new RateLimitExecutorService();
       dispatcher = new Dispatcher(rateLimitExecutorService);
       builder.dispatcher(dispatcher);
+
+      final AndroidAuthenticationConfigProvider provider =
+          new AndroidAuthenticationConfigProvider();
+      final AndroidAuthenticationConfig config = provider.provide();
+      builder.addInterceptor(new AndroidAuthenticationInterceptor(config));
     }
 
     @Override
@@ -168,18 +172,14 @@ public Builder proxy(Proxy proxy) {
     public Builder proxyAuthentication(String proxyUserName, String proxyUserPassword) {
       final String userName = proxyUserName;
       final String password = proxyUserPassword;
-
       builder.proxyAuthenticator(
-          new Authenticator() {
-            @Override
-            public Request authenticate(Route route, Response response) throws IOException {
-              String credential = Credentials.basic(userName, password);
-              return response
-                  .request()
-                  .newBuilder()
-                  .header("Proxy-Authorization", credential)
-                  .build();
-            }
+          (route, response) -> {
+            String credential = Credentials.basic(userName, password);
+            return response
+                .request()
+                .newBuilder()
+                .header("Proxy-Authorization", credential)
+                .build();
           });
       return this;
     }

src/main/java/com/google/maps/android/AndroidAuthenticationConfig.java

@@ -0,0 +1,24 @@
+package com.google.maps.android;
+
+import org.jetbrains.annotations.Nullable;
+
+/**
+ * Configuration object containing Android authentication parameters for a particular installation.
+ * The parameters in this config are used by all requests so that API key restrictions can be
+ * enforced.
+ */
+public class AndroidAuthenticationConfig {
+  public static AndroidAuthenticationConfig EMPTY = new AndroidAuthenticationConfig(null, null);
+
+  /** The package name of the Android app. */
+  @Nullable public final String packageName;
+
+  /** The SHA-1 fingerprint of the certificate used to sign the Android app. */
+  @Nullable public final String certFingerprint;
+
+  public AndroidAuthenticationConfig(
+      @Nullable String packageName, @Nullable String certFingerprint) {
+    this.packageName = packageName;
+    this.certFingerprint = certFingerprint;
+  }
+}

src/main/java/com/google/maps/android/AndroidAuthenticationConfigProvider.java

@@ -0,0 +1,19 @@
+package com.google.maps.android;
+
+/**
+ * Provides a {@link AndroidAuthenticationConfig} that is specific to the environment the library is
+ * in.
+ */
+public class AndroidAuthenticationConfigProvider {
+
+  /** @return the environment specific {@link AndroidAuthenticationConfig} */
+  public AndroidAuthenticationConfig provide() {
+    Context context = Context.getApplicationContext();
+    if (context == null) {
+      return AndroidAuthenticationConfig.EMPTY;
+    }
+
+    return new AndroidAuthenticationConfig(
+        context.getPackageName(), CertificateHelper.getSigningCertificateSha1Fingerprint(context));
+  }
+}

src/main/java/com/google/maps/android/AndroidAuthenticationInterceptor.java

@@ -0,0 +1,43 @@
+package com.google.maps.android;
+
+import com.google.maps.internal.HttpHeaders;
+import java.io.IOException;
+import okhttp3.Interceptor;
+import okhttp3.Request;
+import okhttp3.Response;
+import org.jetbrains.annotations.NotNull;
+
+/**
+ * Intercepts requests and provides Android-specific headers so that API key restrictions can be
+ * enforced.
+ */
+public class AndroidAuthenticationInterceptor implements Interceptor {
+
+  private final AndroidAuthenticationConfig config;
+
+  public AndroidAuthenticationInterceptor(AndroidAuthenticationConfig config) {
+    this.config = config;
+  }
+
+  @NotNull
+  @Override
+  public Response intercept(@NotNull Chain chain) throws IOException {
+    final Request request = chain.request();
+
+    if (config == AndroidAuthenticationConfig.EMPTY) {
+      // Not in Android environment
+      return chain.proceed(request);
+    }
+
+    final Request.Builder builder = chain.request().newBuilder();
+    if (config.packageName != null) {
+      builder.addHeader(HttpHeaders.X_ANDROID_PACKAGE, config.packageName);
+    }
+
+    if (config.certFingerprint != null) {
+      builder.addHeader(HttpHeaders.X_ANDROID_CERT, config.certFingerprint);
+    }
+
+    return chain.proceed(builder.build());
+  }
+}

src/main/java/com/google/maps/android/CertificateHelper.java

@@ -0,0 +1,60 @@
+package com.google.maps.android;
+
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
+
+/** Helper class for obtaining information about an Android app's signing certificate. */
+public class CertificateHelper {
+
+  /**
+   * Obtains the SHA-1 fingerprint of the certificate used to sign the app.
+   *
+   * @param context a Context
+   * @return the SHA-1 fingerprint if obtainable, otherwise, <code>null</code>
+   */
+  @Nullable
+  public static String getSigningCertificateSha1Fingerprint(@NotNull Context context) {
+    final PackageManager pm = context.getPackageManager();
+    if (pm == null) {
+      return null;
+    }
+
+    // PackageManage.GET_SIGNATURES == 64
+    PackageInfo packageInfo = pm.getPackageInfo(context.getPackageName(), 64);
+    if (packageInfo == null) {
+      return null;
+    }
+
+    Object signingSignature = packageInfo.signingSignature();
+    if (signingSignature == null) {
+      return null;
+    }
+
+    try {
+      MessageDigest md = MessageDigest.getInstance("SHA-1");
+      Class<?> signatureClass = Class.forName("android.content.pm.Signature");
+      Method toByteArrayMethod = signatureClass.getMethod("toByteArray");
+      byte[] byteArray = (byte[]) toByteArrayMethod.invoke(signingSignature);
+      byte[] digest = md.digest(byteArray);
+      return bytesToHex(digest);
+    } catch (NoSuchAlgorithmException
+        | ClassNotFoundException
+        | IllegalAccessException
+        | NoSuchMethodException
+        | InvocationTargetException e) {
+      return null;
+    }
+  }
+
+  private static String bytesToHex(byte[] byteArray) {
+    final StringBuilder sb = new StringBuilder();
+    for (byte b : byteArray) {
+      sb.append(String.format("%02X", b));
+    }
+    return sb.toString();
+  }
+}