1

I´m currently trying to share information between different applications in Android, the goal I´d like to achieve is having the same behavior the KeyChain data share have in iOS but in Android.

I´ve already given a try using SharedPreferences and using "shareUserId" attribute inside Manifest, (by default Android applications behave as sandBoxes and they are not allowed to share data, they also haven´t a common context, so a "fake" one must be built) issues here come by the fact that is mandatory to know every app´s packageName so the data share happens between those apps with the same shareUserID value. I mean, I would like to access this resources without having to ask for the application that stored them.

Context appOne = createPackageContext("com.xxx.zzz.appOne", CONTEXT_INCLUDE_CODE); mSharedPref = appOne.getSharedPreferences("Test", Context.MODE_PRIVATE);

Other way I tried was using the AccountManager in order to store that information so other applications could reach it. Bad news were that this account will be shared among all applications installed in the system and i will like this behavior to be more restrictive in terms that I would like to be able to choose which apps will have access to this information and those who won´t.

Reference to related post (Should you use AccountManager for storing Usernames and Passwords for an Android app?)

Is there anyway to achieve this goal? Any help or hint will be appreciated, been stuck in here for a couple of days... If extra information is needed feel free to ask for it. Thanks in advance.

Community
  • 1
  • 1
Chema Rubio
  • 91
  • 1
  • 5
  • `ContentProvider ` is best – M D Apr 15 '16 at 10:36
  • Thanks for your reply, That´s not a suitable option for me though. ContentProviders will allow me to do my own check permissions and apps with the same signature will share there providers if asked. http://stackoverflow.com/questions/6120025/how-to-restrict-content-provider-data-across-applications Anyway it doesn´t solve the fact that I have to wonder which provider will provide the data I´m asking for, it still remains in each data provider in each application by itself. What I was asking for, was an approach as close as possible to the iOS keyChain. – Chema Rubio Apr 15 '16 at 11:25
  • "Anyway it doesn´t solve the fact that I have to wonder which provider will provide the data I´m asking for, it still remains in each data provider in each application by itself." -- that is by design, and pretty much all solutions will have that characteristic. Users can uninstall apps whenever they want, so having the data in one magic app is unreliable. – CommonsWare Apr 15 '16 at 11:36
  • 1
    Totally agree CommonsWare, thanks. iOS keychain sets apart some OS space so a group of apps will access to it. That´s how you get the data without the need of knowing who stored it there. That´s what i´m looking for. – Chema Rubio Apr 15 '16 at 11:41
  • You could abuse the [`getAuthToken`](http://developer.android.com/reference/android/accounts/AbstractAccountAuthenticator.html#getAuthToken%28android.accounts.AccountAuthenticatorResponse,%20android.accounts.Account,%20java.lang.String,%20android.os.Bundle%29) method for this. A client that wishes to get an auth token usually provides an extras `Bundle`. You can use this `Bundle` to provide some kind of "authentication" for the app that tries to get the value and return an error if the client app is not "authenticated". But that's more sort of a hack than a solid solution. – Marten Apr 15 '16 at 19:13

0 Answers0