android-app | Official ProtonVPN Android app | VPN library

 by   ProtonVPN C Version: 4.6.12.1 License: GPL-3.0

kandi X-RAY | android-app Summary

kandi X-RAY | android-app Summary

android-app is a C library typically used in Networking, VPN applications.,roid-app has no bugs, it has no vulnerabilities, it has a Strong Copyleft License and it has medium support. You can download it from GitHub.

Copyright (c) 2019 Proton Technologies AG.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              android-app has a medium active ecosystem.
              It has 1390 star(s) with 219 fork(s). There are 77 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 44 open issues and 43 have been closed. On average issues are closed in 51 days. There are 3 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of android-app is 4.6.12.1

            kandi-Quality Quality

              android-app has 0 bugs and 0 code smells.

            kandi-Security Security

              android-app has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              android-app code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              android-app is licensed under the GPL-3.0 License. This license is Strong Copyleft.
              Strong Copyleft licenses enforce sharing, and you can use them when creating open source projects.

            kandi-Reuse Reuse

              android-app releases are available to install and integrate.
              Installation instructions, examples and code snippets are available.

            Top functions reviewed by kandi - BETA

            kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
            Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of android-app
            Get all kandi verified functions for this library.

            android-app Key Features

            No Key Features are available at this moment for android-app.

            android-app Examples and Code Snippets

            No Code Snippets are available at this moment for android-app.

            Community Discussions

            QUESTION

            'set-env' error when trying to build Android app using GitHub Actions - don't understand how to use Environment Files in this circumstance
            Asked 2022-Apr-15 at 14:43

            I am new to GitHub Actions and want to build and deploy my Android app to "internal testing" at the Google Play store. I have seen some good articles on it, but have been running into the 'set-env' error. I have followed the link but still do not understand how to apply it to my specific use case.

            The set-env command is disabled. Please upgrade to using Environment Files or opt into unsecure command execution by setting the ACTIONS_ALLOW_UNSECURE_COMMANDS environment variable to true. For more information see: https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/

            Here is the error:

            There seems to be some good examples without the environment files, which seems like the right way to go. I am following this, this, and this. All have some simple steps, but this is where I am having the problem:

            ...

            ANSWER

            Answered 2022-Apr-15 at 14:43

            use an updated version of the actions/setup-java step, like:

            Source https://stackoverflow.com/questions/71885354

            QUESTION

            Error: MainActivity must extend android.app.Activity [Instantiatable]
            Asked 2022-Mar-31 at 02:13

            I tried upgrading Android Gradle Plugin from 4.2.2 to 7.0.1 using the upgrade assistant which is available in Android Studio at Tools > AGP Upgrade Assistant. The only change it made was to my project-level build.gradle file:

            ...

            ANSWER

            Answered 2021-Aug-24 at 16:35

            the Android Gradle Plugin documentation still says classpath 'com.android.tools.build:gradle:4.2.0' instead of 7.0.1.

            You need to read further down the page, to this and this. That table is only relevant for pre-7.0.0 versions.

            Is this a bug in Android Gradle Plugin 7.0.1?

            Quite possibly. Or, perhaps beyond, as the Instantiatable Lint check has a history of problems.

            If your scenario does not match one of those three August 2021 bugs, and you are in position to provide a reproducible test case, file a fresh issue! Beyond that, if a clean-and-rebuild is not clearing up your problem, you might need to simply disable the Instantiatable Lint check for the time being by adding the following to all of your build.gradle files at the application or library level (i.e. all except your project-level build.gradle):

            Source https://stackoverflow.com/questions/68899665

            QUESTION

            Android WearOS app SocketTimeoutException failing to connect to a local server when bluetooth connected
            Asked 2022-Mar-17 at 10:56

            I am developing a smartwatch app which connects to an API and make requests. The thing is, when I try to connect to the server and my phone is not connected to the watch, it works well and it connects to my local pc serving a rails API in 192.168.1.132:3000. The problem comes when the watch is connected to the phone via bluetooth. I get this error:

            ...

            ANSWER

            Answered 2022-Mar-17 at 10:56

            I'm not sure about the failure to connect specifically to local addresses over bluetooth, but you can request a specific network and set it as the default.

            https://github.com/square/okhttp/issues/2404

            or specify it using a socketfactory

            https://programmer.ink/think/the-implementation-of-okhttp-multi-network-communication.html

            Source https://stackoverflow.com/questions/71500333

            QUESTION

            Jetpack Compose Previews: No Backgrounds, No System UI
            Asked 2022-Mar-15 at 14:00

            I am bootstrapping a new app with Jetpack Compose and Material 3. I've created a bunch of new apps lately with this configuration, so this problem has me stuck: I cannot get the IDE's compose previews to show a background or system UI. The compiled app works great.

            I tried building this sample app with Jetpack Compose + Material 3 I created a while back and all of the previews are just fine in the same version of the IDE. I also tried downgrading my libraries to match that sample app's libraries. No luck. The sample app has working previews, mine does not.

            I DO have the compose UI tooling included in my Gradle script for my debug variant, and I am previewing with the debug variant.

            Thoughts?

            Here is what I see:

            This is how I generate this screen code sample:

            ...

            ANSWER

            Answered 2022-Feb-17 at 21:25

            I think that your code should looks like this:

            Source https://stackoverflow.com/questions/71150471

            QUESTION

            Passing URL as a parameter to Jetpack Compose Navigation
            Asked 2022-Feb-02 at 23:58

            I have created a destination for HistoryDetail screen in my app.

            ...

            ANSWER

            Answered 2021-Aug-27 at 09:24

            Navigation routes are equivalent to urls. Generally you're supposed to pass something like id there.

            When you need to pass a url inside another url, you need to encode it:

            Source https://stackoverflow.com/questions/68950770

            QUESTION

            In Gradle version catalog file libs.version.toml plugins name is not recognised
            Asked 2022-Jan-03 at 13:44

            I am using the version catalog to effectively share the dependency across different Gradle modules in the Android project.

            I am using below libs.versions.toml file

            ...

            ANSWER

            Answered 2022-Jan-03 at 13:44

            After a bit of digging and exploring some open source projects, I found the solution for the above issue. Initially, I was using the distributionUrl=https\://services.gradle.org/distributions/gradle-7.0.2-bin.zip as my Gradle version in gradle-wrapper.properties but to fix the issue I updated the Gradle version to 7.3.2

            So changing the distribution URL to distributionUrl=https\://services.gradle.org/distributions/gradle-7.3.2-all.zip fixed the issue for me

            Source https://stackoverflow.com/questions/70558590

            QUESTION

            How to securely store a hardcoded API key on Android?
            Asked 2022-Jan-03 at 11:06

            In my Android project, I want to store an API key in a secured manner. That key is generated from outside the app and need to be stored somehow in the app before building the app.

            I've seen some examples of how to use the KeyStore (like this or this), but as far as I understand, those are solutions to store secret keys generated during runtime, and not keys that I would store somewhere in my code.

            I've also checked the other methods explained here, but they look like the API key could quite easily be retrieved thanks to reverse engineering.

            I also don't want to store my key in my code, also because it could easily be retrieved via reverse engineering.

            The purpose of it is to be able to send that key everytime I call a webservice that I've made, so I'm sure (or almost sure) that the call comes from the original app that I'm making and that will be published on the Play Store, and not from elsewhere.

            I'm far from being a security expert, so any help would be appreciated.

            Thanks.

            ...

            ANSWER

            Answered 2022-Jan-03 at 11:06
            YOUR CHALLENGE

            The purpose of it is to be able to send that key everytime I call a webservice that I've made, so I'm sure (or almost sure) that the call comes from the original app that I'm making and that will be published on the Play Store, and not from elsewhere.

            This is a very hard task to achieve, but not impossible one and here is where one needs to make a deep dive in mobile API security and understand the mechanics behind it.

            It's fundamental to have a clear understand between the difference of who is in the API request versus what is making that API request, otherwise any security solution you may devise/use may not have the intended results.

            The Difference Between WHO and WHAT is Accessing the API Server

            I wrote a series of articles around API and Mobile security, and in the article Why Does Your Mobile App Need An Api Key? you can read in detail the difference between who and what is accessing your API server, but I will extract here the main takes from it:

            The what is the thing making the request to the API server. Is it really a genuine instance of your mobile app, or is it a bot, an automated script or an attacker manually poking around your API server with a tool like Postman?

            The who is the user of the mobile app that we can authenticate, authorize and identify in several ways, like using OpenID Connect or OAUTH2 flows.

            So, you need to think about the who as the user your API server will be able to Authenticate and Authorize access to the data, and you need to think about the what as the software making that request in behalf of the user.

            REVERSE ENGINEERING

            I also don't want to store my key in my code, also because it could easily be retrieved via reverse engineering.

            That's very true, it's more or less easily achieved depending on the method used to hide the API key, as per the ones you mention:

            I've also checked the other methods explained here, but they look like the API key could quite easily be retrieved thanks to reverse engineering.

            No matter how secure the API key has been stored, be it in the Android Keystore, encrypted, obfuscated, etc, at some point the API key will need to be in plain text to be sent on the API request header, and in this moment it will be vulnerable to be extracted via static reverse engineering, via a MitM attack or via an instrumentation framework

            I have wrote the article How to Extract an API key from a Mobile App with Static Binary Analysis to illustrate how easy it can be done:

            The range of open source tools available for reverse engineering is huge, and we really can't scratch the surface of this topic in this article, but instead we will focus in using the Mobile Security Framework(MobSF) to demonstrate how to reverse engineer the APK of our mobile app. MobSF is a collection of open source tools that present their results in an attractive dashboard, but the same tools used under the hood within MobSF and elsewhere can be used individually to achieve the same results.

            During this article we will use the Android Hide Secrets research repository that is a dummy mobile app with API keys hidden using several different techniques.

            I also wrote another article to achieve it during runtime, Steal that Api Key with a Man in the Middle Attack:

            In order to help to demonstrate how to steal an API key, I have built and released in Github the Currency Converter Demo app for Android, which uses the same JNI/NDK technique we used in the earlier Android Hide Secrets app to hide the API key.

            So, in this article you will learn how to setup and run a MitM attack to intercept https traffic in a mobile device under your control, so that you can steal the API key. Finally, you will see at a high level how MitM attacks can be mitigated.

            An instrumentation framework can also be used during runtime to hook into the code that uses the API key in order to extract it. For example with the popular Frida framework:

            Inject your own scripts into black box processes. Hook any function, spy on crypto APIs or trace private application code, no source code needed. Edit, hit save, and instantly see the results. All without compilation steps or program restarts.

            So, no matter what it's done to secure the API key, once it's on the API request will be vulnerable to be extracted.

            MOBILE API SECURITY

            Anything that runs on the client side and needs some secret to access an API can be abused in different ways and you can learn more on this series of articles about Mobile API Security Techniques. This articles will teach you how API Keys, User Access Tokens, HMAC and TLS Pinning can be used to protect the API and how they can be bypassed.

            POSSIBLE SOLUTIONS

            I recommend you to read this answer I gave to the question How to secure an API REST for mobile app?, especially the sections Hardening and Shielding the Mobile App, Securing the API Server and A Possible Better Solution.

            The possible best solution for your problem is known by Mobile App Attestation, that will let your backend know that what is making the request is indeed a genuine and untampered version of your mobile app, as you wish to achieve:

            The purpose of it is to be able to send that key everytime I call a webservice that I've made, so I'm sure (or almost sure) that the call comes from the original app that I'm making and that will be published on the Play Store, and not from elsewhere.

            Do You Want To Go The Extra Mile?

            In any response to a security question I always like to reference the excellent work from the OWASP foundation.

            For APIS

            OWASP API Security Top 10

            The OWASP API Security Project seeks to provide value to software developers and security assessors by underscoring the potential risks in insecure APIs, and illustrating how these risks may be mitigated. In order to facilitate this goal, the OWASP API Security Project will create and maintain a Top 10 API Security Risks document, as well as a documentation portal for best practices when creating or assessing APIs.

            For Mobile Apps

            OWASP Mobile Security Project - Top 10 risks

            The OWASP Mobile Security Project is a centralized resource intended to give developers and security teams the resources they need to build and maintain secure mobile applications. Through the project, our goal is to classify mobile security risks and provide developmental controls to reduce their impact or likelihood of exploitation.

            OWASP - Mobile Security Testing Guide:

            The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.

            Source https://stackoverflow.com/questions/68685462

            QUESTION

            Callback when task goes into background or comes into foreground?
            Asked 2021-Dec-20 at 14:15

            I have an activity A, it launches custom-tab. I need to know while the custom tab is open, if the task (of which the activity is part of) goes to background or comes to foreground.

            I am aware of this question How to detect when an Android app goes to the background and come back to the foreground . The solutions mentioned for this question don't work for me because as soon as custom tab is launched, the onbackground callback is received, which is not what I want. I want onbackground callback, when the task containing the activity A goes to background.

            ...

            ANSWER

            Answered 2021-Dec-17 at 02:47

            The relationship between your activity and chrome custom tabs depends on the launchMode. You can launch the custom tab in current stack or a new stack.

            Source https://stackoverflow.com/questions/69985252

            QUESTION

            The language changes automatically when I change the night mode
            Asked 2021-Nov-07 at 10:21

            I added day/night mode option in my android app as explained here. But when I change it, the language changes automatically.

            This is my function

            ...

            ANSWER

            Answered 2021-Nov-07 at 10:21

            The problem that when you change the dark mode, the activity restarts with the default settings (default language), so you need to explicitly force the user's language.

            But setting that explicitly every time you change the dark mode could be boilerplate, and this also could require a one more restart of the activity to apply the language.

            Instead of that, you can use a customized ContextWrapper where you can apply the preferred language at the very beginning of your app in the attachBaseContext() activity callback by wrapping this customized ContextWrapper:

            The custom context wrapper:

            Source https://stackoverflow.com/questions/69866027

            QUESTION

            Where to put in-app update implementation in Android
            Asked 2021-Oct-20 at 04:56

            I am trying to implement in app updates in my app, but there is a disconnect between the documentation/tutorials that I have looked at and the actual final implementation.

            I followed various code tutorials from:

            https://developer.android.com/guide/playcore/in-app-updates/kotlin-java#start-update https://www.section.io/engineering-education/android-application-in-app-update-using-android-studio/ https://medium.com/android-news/implement-in-app-update-in-android-68892bd11e35 https://www.raywenderlich.com/8034025-in-app-updates-getting-started

            The code itself is fairly straightforward.

            But what I found missing from all of these tutorials was how to actually call the in-app updates. These tutorials all seem to make a dedicated in-app update activity. How do I launch this in-app update activity from my main activity? Or alternatively, how do I incorporate the in app update code into my already existing main activity?

            I assume I want some sort of async launch of an in app update listener or something along those lines, but I can't seem to wrap my head around the last step of integrating all the in-app update code/in-app update activity into my app.

            Edit: here's a sample of what I've tried

            ...

            ANSWER

            Answered 2021-Aug-30 at 17:25

            are you looking for this:

            call to prompt for FlexibleUpdate, this will pop up the google prompt and the user can tap "Install" from there. It seems to handle the download/install all in one and i dont have to do the "reload" snackbar step the docs were talking about.

            Source https://stackoverflow.com/questions/68596439

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install android-app

            Install sdk, ndk, cmake, swig
            Clone this repository
            ./gradlew assembleProdDebug or open and build in Android Studio
            To complete a release build signing keys need to be provided: ./gradlew assembleProdRelease -PkeyStoreFilePath= -PkeyStoreKeyAlias= -PkeyStorePassword= -PkeyStoreKeyPassword= `.

            Support

            If you would like to contribute, please keep in mind the following rules:. Internally our CI automatically checks all pull requests for code style issues, and runs our tests. However you can run those locally as well.
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/ProtonVPN/android-app.git

          • CLI

            gh repo clone ProtonVPN/android-app

          • sshUrl

            git@github.com:ProtonVPN/android-app.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular VPN Libraries

            algo

            by trailofbits

            streisand

            by StreisandEffect

            brook

            by txthinking

            Try Top Libraries by ProtonVPN

            linux-cli-community

            by ProtonVPNPython

            win-app

            by ProtonVPNC++

            protonvpn-cli

            by ProtonVPNShell

            linux-app

            by ProtonVPNPython

            ios-app

            by ProtonVPNSwift