search

herzhenr / spic-android

A Simple Play Integrity Checker which uses Google Play Integrity API to check the Integrity of the Device
MIT License
170 stars 20 forks source link

Support New Opt In Filed values #5

Open herzhenr opened 7 months ago

herzhenr commented 7 months ago

Google has added two opt in fields recentDeviceActivity and playProtectVerdict (see Docs). The app has to be adjusted to show the new files within the UI.

herzhenr commented 7 months ago

I have activated the opt in fields within the Google Play Console. The new structure of the json response looks like this:


{
  "requestDetails": {
    "requestPackageName": "com.package.name",
    "timestampMillis": "1617893780",
    "nonce": "aGVsbG8gd29scmQgdGhlcmU"
  },
  "appIntegrity": {
    "appRecognitionVerdict": "PLAY_RECOGNIZED",
    "packageName": "com.package.name",
    "certificateSha256Digest": [
      "6a6a1474b5cbbb2b1aa57e0bc3"
    ],
    "versionCode": "42"
  },
  "deviceIntegrity": {
    "deviceRecognitionVerdict": [
      "MEETS_DEVICE_INTEGRITY",
      "MEETS_BASIC_INTEGRITY",
      "MEETS_STRONG_INTEGRITY"
    ],
    "recentDeviceActivity": {
      "deviceActivityLevel": "LEVEL_3"
    }
  },
  "accountDetails": {
    "appLicensingVerdict": "LICENSED"
  },
  "environmentDetails": {
    "playProtectVerdict": "NO_ISSUES"
  }
}

Example Request form an unrecognised device:

{
  "requestDetails": {
    "requestPackageName": "com.henrikherzig.playintegritychecker",
    "timestampMillis": "1703946171154",
    "nonce": "QmlvUXpDNHZtQkdKdGtCZ2o2Yk1ibWFkQ2VCakJoaGhjMDFtclNIY0w1eVpiaG44R2g\u003d"
  },
  "appIntegrity": {
    "appRecognitionVerdict": "UNEVALUATED"
  },
  "deviceIntegrity": {
    "recentDeviceActivity": {
      "deviceActivityLevel": "UNEVALUATED"
    }
  },
  "accountDetails": {
    "appLicensingVerdict": "UNEVALUATED"
  },
  "environmentDetails": {
    "playProtectVerdict": "UNEVALUATED"
  }
}