Menu
We have follow Scottyab Safetynet Library.
We are facing error of “Status{statusCode=NETWORK_ERROR, resolution=null}” event though 4G internet connectivity available in our android device with package name com.safetynet.sample where as sample project is working fine with package name com.scottyab.safetynet.sample. We have check this solution but not work.
Below code where we have facing this issue
private void runSafetyNetTest() {
Log.v(TAG, "running SafetyNet.API Test");
requestNonce = generateOneTimeRequestNonce();
requestTimestamp = System.currentTimeMillis();
writeLog("running SafetyNet.API Test");
SafetyNet.SafetyNetApi.attest(googleApiClient, requestNonce)
.setResultCallback(new ResultCallback<SafetyNetApi.AttestationResult>() {
@Override
public void onResult(final SafetyNetApi.AttestationResult result) {
writeLog("running SafetyNet.API Result");
//result = Status{statusCode=NETWORK_ERROR, resolution=null}
if (!validateResultStatus(result)) {
return;
}
final String jwsResult = result.getJwsResult();
final SafetyNetResponse response = parseJsonWebSignature(jwsResult);
lastResponse = response;
writeLog("Res :: " + response);
//validate payload of the response
if (validateSafetyNetResponsePayload(response)) {
if (!TextUtils.isEmpty(googleDeviceVerificationApiKey)) {
//if the api key is set, run the AndroidDeviceVerifier
AndroidDeviceVerifier androidDeviceVerifier = new AndroidDeviceVerifier(googleDeviceVerificationApiKey, jwsResult);
androidDeviceVerifier.verify(new AndroidDeviceVerifier.AndroidDeviceVerifierCallback() {
@Override
public void error(String errorMsg) {
callback.error(RESPONSE_ERROR_VALIDATING_SIGNATURE, "Response signature validation error: " + errorMsg);
}
@Override
public void success(boolean isValidSignature) {
if (isValidSignature) {
callback.success(response.isCtsProfileMatch(), response.isBasicIntegrity());
} else {
callback.error(RESPONSE_FAILED_SIGNATURE_VALIDATION, "Response signature invalid");
}
}
});
} else {
Log.w(TAG, "No google Device Verification ApiKey defined");
callback.error(RESPONSE_FAILED_SIGNATURE_VALIDATION_NO_API_KEY, "No Google Device Verification ApiKey defined. Marking as failed. SafetyNet CtsProfileMatch: " + response.isCtsProfileMatch());
}
} else {
callback.error(RESPONSE_VALIDATION_FAILED, "Response payload validation failed");
}
}
}
);
}
314
The SafetyNet Attestation API is an anti-abuse API that allows app developers to assess the Android device their app is running on. The API should be used as a part of your abuse detection system to help determine whether your servers are interacting with your genuine app running on a genuine Android device.
SafetyNet provides a set of services and APIs that help protect your app against security threats, including device tampering, bad URLs, potentially harmful apps, and fake users.
The SafetyNet APIs offered by Google provide an extra layer of security to Android devices against unsecured apps or content. Developers integrate SafetyNet APIs into their apps to make them more secure.
This might be related to the fact that the attestation API has been marked as deprecated. The new one doesn't depend on the google client API, you should check this. Also Google released an example app using the new api, you can check here.
193
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
