メルカリとソウゾウアプリのアプリ間連携の仕組み in 2017 summer

by operandoOS

Slide 1

Slide 1 text

ϝϧΧϦͱι΢κ΢ΞϓϦͷ  ΞϓϦؒ࿈ܞͷ࢓૊Έ  in 2017 summer Souzoh Android Talk #1

Slide 2

Slide 2 text

About Me Shinobu Okano @operandoOS Mercari, Inc. Souzoh, Inc.

Slide 3

Slide 3 text

Compassͷࣗݾ঺հ • Ͳ͏΋ɺAndroidνʔϜͷ΍͍͖ͬͯʂͰ͢ • ਏͦ͏ͳਓΛॿ͚Δ܎Ͱ͢ • ϓϩμΫτͷ੒ՌΛউखʹOSSʹ͢Δͷ͕ಘҙͰ͢ʂ • ౔೔͸ळ༿ݪͷελόʹ͍·͢(ݟ͚ͭͨΒ࿩͔͚ͯ͠΍͍ͬͯͩ͘͞...) • ϛελʔυʔφπɺήʔϜɺຊ େ޷͖Ͱ͢ʂ • ϝϧΧϦ → ϝϧΧϦ Ξος → ϝϧΧϦ Χ΢ϧ

Slide 4

Slide 4 text

ΞϓϦؒ࿈ܞͱ͸ʁ • ΞϓϦA͔ΒΞϓϦBͷػೳΛݺͼग़͢ • ͸͍ɺΘ͔Γ·͢ɻIntentͰ͢Ͷ • ϝϧΧϦ Χ΢ϧ͔ΒϝϧΧϦͷग़඼Ұཡը໘  ʹભҠ͢Δ

Slide 5

Slide 5 text

ΞϓϦؒ࿈ܞͱ͸ʁ

Slide 6

Slide 6 text

ΞϓϦؒ࿈ܞͱ͸ʁ • AΞϓϦ͔Βऔಘͨ͠৘ใΛΞϓϦBͰ࢖༻ͯ͠  ϢʔβʹػೳΛఏڙ͢Δ • ϝϧΧϦ͕อ࣋ͯ͠Δͷ৘ใΛϝϧΧϦ Χ΢ϧ͕  औಘͯ͠γʔϜϨεʹϩάΠϯ • ΞΧ΢ϯτ࿈ܞɺID࿈ܞ

Slide 7

Slide 7 text

ΞϓϦؒ࿈ܞͱ͸ʁ

Slide 8

Slide 8 text

ϝϧΧϦͱι΢κ΢ΞϓϦͷΞϓϦؒ࿈ܞ • ηΧϯυύʔςΟʔ(ࣗࣾΞϓϦؒ)Ͱͷ࿈ܞ͕ϝΠϯ • αʔυύʔςΟʔ޲͚ͷ࿈ܞ͸·ͣ͸΍Βͳ͍લఏ

Slide 9

Slide 9 text

͜Ε͔Β࿩͢͜ͱ • ͜ʔΏʔ࢓૊ΈΛ࡞ΔͨΊͷ࢓૊Έ͸Androidʹෳ਺͋Δ • ͦͷதͰ͍͔ͭ͘ݕ౼ͨ͠΋ͷͱ࣮ࡍʹ  ࢖͍ͬͯΔ΋ͷΛ͝঺հ͢Δ͍ͧʂ • ଞʹ΋৭ʑ͋Γͦ͏͔ͩΒɺ஌ݟ͋Ε͹  ڭ͍͑ͯͩ͘͞ʂ

Slide 10

Slide 10 text

࿩͞ͳ͍͜ͱ • ओʹAndroidΞϓϦଆͷ࢓૊Έͷ঺հͳͷͰ  όοΫΤϯυͷ࢓૊Έ͸࿩͠·ͤΜ • mercari Tech Conf 2017ʹظ଴ʂ • https://techconf.mercari.com/2017/

Slide 11

Slide 11 text

஫ҙ఺ • ࿈ܞͷͨΊͷ࣮૷Λ͍͔ͭ͘ͷͤͯ·͕͢ɺ  ηΩϡϦςΟతͳͱ͜Ζ͸࣌ؒͷؔ܎্୺ં͍ͬͯ·͢ • ঺հ͢Δํ๏౳ͰΞϓϦؒ࿈ܞΛ࣮૷͢Δ৔߹͸ɺ  ඞͣAndroid ηΩϡΞίʔσΟϯάΨΠυΛ͓ಡΈ͍ͩ͘͞ʂ • https://www.jssec.org/dl/ android_securecoding.pdf

Slide 12

Slide 12 text

ΞϓϦ͕อ࣋ͯ͠Δ৘ใΛ  ΞϓϦؒ࿈ܞͰ΍ΓͱΓ͢Δ

Slide 13

Slide 13 text

sharedUserId

Slide 14

Slide 14 text

sharedUserId • AndroidͰ͸ΞϓϦຖʹϢʔβ ID(uid)ׂ͕Γ౰ͯΒΕΔ • sharedUserIdͷػೳΛ࢖༻͢ΔͱҟͳΔΞϓϦʹಉ͡ uidΛׂΓ౰ͯΔ͜ͱ͕Ͱ͖Δ • ಉ͡uidʹ͢Δͱޓ͍ͷΞϓϦͰ࡞੒ͨϑΝΠϧͷ  Φʔφʔ͕ಉ͡ʹͳΔ • Αͬͯɺ࡞੒ͨ͠ϑΝΠϧ͸͓ޓ͍ʹಡΈॻ͖ՄೳʹͳΔ

Slide 15

Slide 15 text

sharedUserId • ಉ͡uidΛׂΓ౰ͯΔʹ͸͓ޓ͍ͷΞϓϦʹ  ҎԼͷ৚͕݅ඞཁ 1. ಉҰͷূ໌ॻͰॺ໊͍ͯ͠Δ 2. AndroidManaifest.xml಺Ͱಉ͡ android:sharedUserIdΛࢦఆ͍ͯ͠Δ

Slide 16

Slide 16 text

.... .... AndroidManifest.xml

Slide 17

Slide 17 text

sharedUserId Demo AΞϓϦͰ࡞੒ͨ͠SharedPreferencesΛ BΞϓϦͰಡΈࠐΈ஋Λऔಘ͢Δ

Slide 18

Slide 18 text

sharedUserId // AΞϓϦ(com.os.operando.application.interoperability.sample) getSharedPreferences("master_app", MODE_PRIVATE).edit().putInt("int", 1).apply(); // BΞϓϦ(com.example.shareduserid_app) // ஋͕औಘͰ͖Δ try { Context c = createPackageContext(“com.os.operando.application.interoperability.sample", CONTEXT_RESTRICTED); int i = c.getSharedPreferences(“master_app”, MODE_PRIVATE).getInt("int", 0); Log.d(TAG, i + ""); // 1 } catch (PackageManager.NameNotFoundException e) { e.printStackTrace(); }

Slide 19

Slide 19 text

sharedUserIdΛ࢖ͬͯΞϓϦؒͰ  ৘ใΛڞ༗͢Δ • ࣮૷͸؆୯ • ޓ͍ͷΞϓϦ͕࡞੒ͨ͠ϑΝΠϧಡΈॻ͖͠์୊

Slide 20

Slide 20 text

͕͔ͩ͠͠... • ࡞੒ͨ͠ϑΝΠϧͳΒͳΜͰ΋ڞ༗Ͱ͖ΔͷͰɺ৭ΜͳϑΝΠϧ ΛಡΈॻ͖࢝͠ΊΔةݥੑ͕͋Δ • ϝϧΧϦͱι΢κ΢ΞϓϦಉ࢜ͷ༻్ͱͯ͠͸ڞ༗͗ͯ͢͠Δ • ڞ༗Ͱ͖Δ৘ใ͸੍ݶ͢Δ΄͏͕؅ཧ͠΍͍͢ • ยํͷΞϓϦʹ੬ऑੑ͕͋Δͱޓ͍ʹ΍ΒΕͯ·͏ةݥੑ΋͋Δ • ݱঢ়Ͱ͸࢖༻͠ͳ͍͜ͱʹͨ͠

Slide 21

Slide 21 text

AccountManager

Slide 22

Slide 22 text

AccountManager • αʔϏε͝ͱͷϢʔβʔ৘ใʢΞΧ΢ϯτʣ Λ؅ཧ͢Δ࢓૊Έ • ઃఆͷΞΧ΢ϯτͷͱ͜ΖͰ؅ཧ͞ΕͯΔ͋Ε • ෳ਺ΞϓϦͰೝূ৘ใΛڞ༗͢Δ͜ͱ΋Ͱ͖Δ • ͪΌΜͱཧղ͢Ε͹ͱͯ΋ศརͳ࢓૊Έ

Slide 23

Slide 23 text

͕͔ͩ͠͠ • ΅͘ʹ͸ͪΐͬͱ೉͍͠Ͱ͢ɺAndroidઌੜ... • ݸਓతʹ͸ͪΌΜͱཧղͯ͠࢖͏ͷ͕ͪΐͬͱ೉͍͠࢓૊Έͳҹ৅ • ϝϧΧϦͱι΢κ΢ΞϓϦಉ࢜ͷ࿈ܞʹͯ͠͸ɺ΍Γ͍ͨ͜ͱʹ  ରͯ͠ϋΠεϖοΫ͗͢Δ • த్൒୺ʹ࣮૷͢Δͱ੬ऑੑʹͳΔ͠ɺෛ࠴ʹ΋ͳΔ • αʔυύʔςΟʔͱͷ࿈ܞ·Ͱߟ͑ΔͳΒAccountManager͕ྑͦ͞͏

Slide 24

Slide 24 text

AccountManagerͷࢀߟࢿྉ • Android ʹ͓͚ΔΞΧ΢ϯτ؅ཧ • http://tech.gunosy.io/entry/android-accounts • Android ͷΞΧ΢ϯτϚωʔδϟ (AccountManager) ͷ֓આ • http://vividcode.hatenablog.com/entry/ android/account-manager

Slide 25

Slide 25 text

ContentProvider

Slide 26

Slide 26 text

ContentProvider • ͬ͘͟Γ͍͏ͱΞϓϦؒͰσʔλΛڞ༗͢ΔͨΊͷίϯϙʔωϯτ • DBΛ࢖༻͢ΔΑ͏ͳઃܭʹͳͬͯΔ • ੲͳʹ͔ͱηΩϡϦςΟपΓͰΑ͘ొ৔ͨ͠ίϯϙʔωϯτ • ઃఆ࣍ୈͰͲΜͳΞϓϦ͔ΒͰ΋ಡΈॻ͖Ͱ͖Δ • ઃఆ࣍ୈͰಛఆͷΞϓϦ͚ͩಡΈॻ͖Ͱ͖ΔΑ͏ʹ͢Δ͜ͱ΋Ͱ͖Δ

Slide 27

Slide 27 text

Permission • ΞϓϦ͝ͱʹಠࣗͷPermissionΛ࡞Δ͜ͱ͕Ͱ͖Δ • AndroidManifest.xmlʹఆٛ͢Δ • protectionLevelΛsignatureʹ͢Δ͜ͱͰɺಉ͡ॺ໊Λ࣋ͭΞϓϦ ʹͷΈPermissionͷ࢖༻ΛڐՄ͢Δ͜ͱ͕Ͱ͖Δ • ຊࢿྉ಺ͰͷSignature Permission͸͜ΕΛҙຯ͢Δ • https://developer.android.com/guide/topics/manifest/ permission-element.html#plevel

Slide 28

Slide 28 text

Signature Permissionͷఆٛ ...

Slide 29

Slide 29 text

Android Component + Permission • Androidͷίϯϙʔωϯτʹ͸PermissionΛࢦఆͰ͖Δ • ίϯϙʔωϯτΛར༻͢ΔΞϓϦʹPermissionͷఆٛΛཁٻͰ͖Δ • ίϯϙʔωϯτͷఏڙଆ͕ΞϓϦಠࣗͷSignature PermissionΛ  ఆٛ͢Δ • ίϯϙʔωϯτͷఏڙଆ͸ٻΊΔPermission͕ར༻ଆʹ  ఆٛ͞Ε͍ͯͳ͚Ε͹ίϯϙʔωϯτͷ࢖༻ΛෆՄೳʹͰ͖Δ

Slide 30

Slide 30 text

ContentProvider + Permission • ContentProvider΋ίϯϙʔωϯτͳͷͰPermission͕ࢦఆͰ͖Δ • readPermissionଐੑͱwritePermissionଐੑ͕ଘࡏ͢Δ • ಡΈॻ͖ͲͪΒͱ΋ಉ͡Permissionͷ͍ͨ͠৔߹͸permissionଐੑΛ࢖͏ • permissionଐੑʹΞϓϦಠࣗͷSignature PermissionΛࢦఆ͢Ε͹  ಉ͡ॺ໊Λ࣋ͭΞϓϦͰ͔͠ಡΈग़ͤͳ͍ContentProvider͕࡞ΕΔ • ଞͷίϯϙʔωϯτ(ActivityͳͲ)΋ಉ༷ͷखॱͰಉ͜͡ͱ͕Ͱ͖Δ

Slide 31

Slide 31 text

ContentProvider + Permission

Slide 32

Slide 32 text

Uses Signature Permission

Slide 33

Slide 33 text

ContentProvider + Permission • ͜ͷ࢓૊ΈͰηΩϡΞʹΞϓϦؒͰσʔλΛ  ڞ༗͢Δ͜ͱ͕Ͱ͖Δ • ΍ͬͨͧʂ • ϝϧΧϦͱι΢κ΢ΞϓϦͷΞΧ΢ϯτ࿈ܞ͸ ͜ͷ࢓૊ΈΛ࠾༻ͯ͠·͢

Slide 34

Slide 34 text

͕͔ͩ͠͠ • Signature PermissionʹҰ෦ ࠔͬͨ໰୊͕ଘࡏ͢Δ • Android 5.0ະຬͩͱɺPermission ఆٛઌউͪ໰୊͕͋Δ • ͔֬5.0ະຬͩͬͨؾ͕͢Δ͚Ͳιʔε͕ݟ͔ͭΒͳ͔ͬͨͷͰόʔδϣϯ  ҙࣝ͠ͳ͍΄͏͕͍͍ • protectionLevel͕signatureͷPermissionΛఆٛ͢ΔલʹɺprotectionLevel͕ ऑ͍(normalͱ͔)ಉ໊ͷPermission͕ఆٛ͞Εͯ͠·͏ͱɺಉ͡ॺ໊Λ࣋ͨͳ͍ ΞϓϦ͔ΒͰ΋ίϯϙʔωϯτ͕ݺͼग़ͤΔ • ୺຤಺ʹطʹಉ໊ͷpermissionͷఆ͕ٛ͋Δ৔߹ɺޙ͔Βఆٛ͞ΕΔ৘ใ͕  ্ॻ͖͞Εͳ͍໰୊͕͋Δ

Slide 35

Slide 35 text

ಠࣗఆٛ Signature PermissionΛճආ Ͱ͖ΔAndroid OSͷಛੑͱͦͷରࡦ • ৄࡉ͸ηΩϡΞίʔσΟϯάΨΠυͷ ʮ5.2.3.1. ಠࣗఆٛ Signature PermissionΛճ ආͰ͖ΔAndroid OSͷಛੑͱͦͷରࡦʯΛࢀর • https://www.jssec.org/report/ securecoding.html • ରࡦ΋ͪΌΜͱಡΜͰͶʂ

Slide 36

Slide 36 text

ઈରηΩϡΞίʔσΟϯά ΨΠυಡΜͰ͍ͩ͘͞ʂ  ͓ئ͍͠·͢ʂ

Slide 37

Slide 37 text

ΞϓϦؒ ػೳ࿈ܞ

Slide 38

Slide 38 text

IntentͰ͠ΐʁ؆୯؆୯

Slide 39

Slide 39 text

ͦ͏ࢥ͏Ͱ͠ΐʁ

Slide 40

Slide 40 text

ผͷΞϓϦͷػೳΛݺͼग़͢ • ผΞϓϦͷίϯϙʔωϯτΛ໌ࣔతIntent͢Δͷ͸஍ຯʹ೉͍͠ • ݺͼग़͠ઌͷΞϓϦͷίϯϙʔωϯτ໊͕มΘͬͨΒݺͼग़ͤͳ͍ • ҉໧తIntent͸ԣऔΓ͞ΕΔةݥੑ͕͋Δ • Intent Filterఆٛ͢Ε͹୭Ͱ΋ϑοΫͰ͖Δ • Ϣʔβ͕ޡͬͯมͳΞϓϦʹIntentΛ౉ͯ͠͠·͏ةݥੑ͕͋Δ • ͦΕͧΕͷIntentͰΞϓϦؒ࿈ܞΛ͢Δ৔߹ʹͲ͏͢Δ͔

Slide 41

Slide 41 text

໌ࣔతIntentͰ࿈ܞ • ϝϧΧϦɾι΢κ΢ΞϓϦͷΑ͏ʹࣗࣾΞϓϦಉ࢜ͷݺͼग़͠  ͳΒܾ·Γ͸࡞ΕΔ • ϝϧΧϦͷಛఆͷActivityΛ໌ࣔతʹݺͼग़͍ͨ͠ʂ • ݺͼग़͍ͨ͠Activity͸Activity AliasͰఆٛ͢Δͷ͕ྑͦ͞͏ • ࣮ࡍͷActivity໊͕มߋ͞Εͯ΋େৎ෉ʂ • ࣗࣾΞϓϦҎ֎͔Βݺͼग़͞Εͨ͘ͳ͔ͬͨΒίϯϙʔωϯτʹ Signature PermissionΛ͚ͭΔ

Slide 42

Slide 42 text

໌ࣔతIntentͰ࿈ܞ ػೳఏڙଆ

Slide 43

Slide 43 text

໌ࣔతIntentͰ࿈ܞ ར༻ଆ // ར༻ଆ Intent i = new Intent(); i.setComponent(new ComponentName("com.os.operando.sample", “com.os.operando.sample.SettingAliasActivity")); startActivity(i);

Slide 44

Slide 44 text

҉໧తIntent??Ͱ࿈ܞ • URI = Deep LinkͰػೳΛݺͼग़͢ • Intent#setPackageϝιουͰ໌ࣔతʹͲͷΞϓϦʹରͯ͠ͷ Intentͳͷ͔Λࢦఆ͢Δ • ಉ͡Intent FilterΛఆٛͨ͠ΞϓϦ͕͋ͬͯ΋ϑοΫ͞Εͳ͍ • https://developer.android.com/reference/android/content/ Intent.html#setPackage(java.lang.String)

Slide 45

Slide 45 text

҉໧తIntent??Ͱ࿈ܞ ػೳఏڙଆ

Slide 46

Slide 46 text

҉໧తIntent??Ͱ࿈ܞ ར༻ଆ // ύοέʔδ໊Λ໌ࣔతʹઃఆ͢Δ Intent i = new Intent(Intent.ACTION_VIEW, Uri.parse("https://sample")); i.setPackage("com.os.operando.sample"); startActivity(i);

Slide 47

Slide 47 text

޾ͤ ☺

Slide 48

Slide 48 text

͕͔ͩ͠͠ • IntentઌͷΞϓϦ͕ύοέʔδ໊ಉ͡ͳِ෺ΞϓϦ ͩͱࠔΔ • ΋͠IntentʹηΩϡΞͳ৘ใΛͷͤͯͨ৔߹౪Έऔ ΒΕΔةݥੑ͕͋Δ • ͦ͏Ͱͳͯ͘΋ِ෺ΞϓϦ͕ಈ͍ͯ͠·͏ͷ͸ࠔΔ

Slide 49

Slide 49 text

• ࿈ܞઌ͕ࣗࣾΞϓϦ + ಉҰॺ໊ͷΞϓϦΛର৅ͱͯ͠Δ͜ͱ͕લఏͷ৔߹ • ࿈ܞઌͷΞϓϦͷॺ໊͕ࣗࣾͷॺ໊͔Ͳ͏͔Λௐ΂Δ • PackageManager#getPackageInfoͷﬂagʹ PackageManager.GET_SIGNATURESΛࢦఆ͢Δͱॺ໊ͷ৘ใ͕खʹೖΔ • ΞϓϦ͕Πϯετʔϧ͞Ε͍ͯΔ͔Ͳ͏͔΋߹Θͤͯௐ΂Δ͜ͱ͕Ͱ͖Δ • https://developer.android.com/reference/android/content/pm/ PackageManager.html#getPackageInfo(java.lang.String, int) ࿈ܞઌͷͷΞϓϦ͕ຊ෺͔Ͳ͏͔Λௐ΂Δ

Slide 50

Slide 50 text

࿈ܞઌͷͷΞϓϦ͕ຊ෺͔Ͳ͏͔Λௐ΂Δ • ࣮૷ํ๏͸ηΩϡΞίʔσΟϯάΨΠυΛ  ࢀর͍ͯͩ͘͠͞ʂ • https://www.jssec.org/dl/ android_securecoding.pdf

Slide 51

Slide 51 text

αϯϓϧίʔυ https://github.com/operando/ Application-Interoperability-Sample

Slide 52

Slide 52 text

·ͱΊ • ΞϓϦؒ࿈ܞͱҰݴͰݴͬͯ΋࣮૷ํ๏͸৭ʑ͋ΔΑ • ͱʹ͔͘ηΩϡϦςΟ͸ؾΛ͚ͭͯͶʂ • มʹಠ࣮ࣗ૷Λ͠ͳ͍ͰɺAndroid͕ఏڙ͢ΔػೳΛ ࢖ͬͨ΄͏͕͍͍ • ৗʹ࠷ળͷ࣮૷ํ๏͸໛ࡧ͠ଓ͚Δ

Slide 53

Slide 53 text

Thanks!!