@CheckReturnValue
@ExperimentalApi(value="https://github.com/grpc/grpc-java/issues/8022")
public abstract class SecurityPolicy
extends java.lang.Object
SecurityPolicies or
UntrustedSecurityPolicies classes. Implementing your own security policy requires
significant care, and an understanding of the details and pitfalls of Android security.
IMPORTANT For any concrete extensions of this class, it's assumed that the authorization status of a given UID will not change as long as a process with that UID is alive.
In order words, we expect the security policy for a given transport to remain constant for the lifetime of that transport. This is considered acceptable because no transport will survive the re-installation of the applications involved.
| Modifier | Constructor and Description |
|---|---|
protected |
SecurityPolicy() |
| Modifier and Type | Method and Description |
|---|---|
abstract io.grpc.Status |
checkAuthorization(int uid)
Decides whether the given Android UID is authorized.
|
public abstract io.grpc.Status checkAuthorization(int uid)
IMPORTANT: This method may block for extended periods of time.
As long as any given UID has active processes, this method should return the same value for that UID. In order words, policy changes which occur while a transport instance is active, will have no effect on that transport instance.
uid - The Android UID to authenticate.Status object, with OK indicating authorized.