如何隐藏我的 Dropbox api 密钥

Question

有什么方法可以创建一个可以从其他类调用的 Dropbox API 活动？我有一个下载部分，我可以将它放在自己的类中，然后在需要时调用该类，而不是重写每个类中的代码吗？

还有没有办法隐藏我的 Dropbox API 密钥？

这是我目前设置 API 的方式。必须有一种更安全的方式，因为我不想显示我的详细信息。

public static String  APP_TYPE ="/FOLDER -- LOCATION-- FOR--DOWNLOADS";
public static String path = Environment.getExternalStorageDirectory().getAbsolutePath() + APP_TYPE;
public static File Dir = new File (path);
AndroidAuthSession session = buildSession();

static DropboxAPI<AndroidAuthSession> dropboxAPI;
private final String APP_KEY = "MY -- KEY";
private final String APP_ACCESS = "MY -- PASSWORD";
private final String TOKEN = "MY -- ACCESS -- TOKEN";

然后在我的onCreate

  Dir.mkdir();

        dropboxAPI = new DropboxAPI<AndroidAuthSession>(session);

我用我的点击命令来调用它。

  DownloadFromDropboxFromPath(path + "downloadFileFromDropbox", +APP_TYPE +"MY.apk");

最后这是我调用 API 的实际方式。

 private AndroidAuthSession buildSession() {
    AppKeyPair appKeyPair = new AppKeyPair(APP_KEY, APP_ACCESS);
    AndroidAuthSession session = new AndroidAuthSession(appKeyPair);
    session.setOAuth2AccessToken(TOKEN);
    return session;
}

static final int UploadFromSelectApp = 9501;
static final int UploadFromFilemanager = 9502;
public static String DropboxUploadPathFrom = "";
public static String DropboxUploadName = "";
public static String DropboxDownloadPathFrom = "";
public static String DropboxDownloadPathTo = "";

private void UploadToDropboxFromPath(String uploadPathFrom, String uploadPathTo) {
    Toast.makeText(getApplicationContext(), "Upload file ...", Toast.LENGTH_SHORT).show();
    final String uploadPathF = uploadPathFrom;
    final String uploadPathT = uploadPathTo;
    Thread th = new Thread(new Runnable() {
        public void run() {
            File tmpFile = null;
            try {
                tmpFile = new File(uploadPathF);
            } catch (Exception e) {
                e.printStackTrace();
            }
            FileInputStream fis = null;
            try {
                fis = new FileInputStream(tmpFile);
            } catch (FileNotFoundException e) {
                e.printStackTrace();
            }
            try {
                dropboxAPI.putFileOverwrite(uploadPathT, fis, tmpFile.length(), null);
            } catch (Exception e) {
            }
            getMain().runOnUiThread(new Runnable() {
                @Override
                public void run() {
                    Toast.makeText(getApplicationContext(), "File successfully uploaded.", Toast.LENGTH_SHORT).show();
                }
            });
        }
    });
    th.start();
}

private void DownloadFromDropboxFromPath(String downloadPathTo, final String downloadPathFrom) {
    DropboxDownloadPathTo = downloadPathTo;
    DropboxDownloadPathFrom = downloadPathFrom;

    runOnUiThread(new Runnable() {
        @Override
        public void run() {

            Toast.makeText(getApplicationContext(), "Downloading  Please wait ...", Toast.LENGTH_LONG).show();
            Thread th = new Thread(new Runnable() {
                public void run() {
                    final File file = new File(DropboxDownloadPathTo + DropboxDownloadPathFrom.substring(DropboxDownloadPathFrom.lastIndexOf('.')));
                    if (file.exists()) file.delete();

                    try {
                        FileOutputStream outputStream = new FileOutputStream(file);
                        castingapplistview.dropboxAPI.getFile(DropboxDownloadPathFrom, null, outputStream, null);
                        getMain().runOnUiThread(new Runnable() {
                            @Override
                            public void run() {
                                Toast.makeText(getApplicationContext(), "File successfully downloaded.", Toast.LENGTH_SHORT).show();
                                showInterstitial();

                                Intent promptInstall = new Intent(Intent.ACTION_VIEW).setDataAndType(Uri.fromFile(file),
                                        "application/vnd.android.package-archive");
                                promptInstall.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);

                                startActivity(promptInstall);
                            }
                        });
                    } catch (Exception e) {
                        e.printStackTrace();
                    }

                }
            });
            th.start();
        }
    });
}

@Override
public void onActivityResult(int requestCode, int resultCode, Intent intent) {
    if (requestCode == UploadFromFilemanager) {
        final Uri currFileURI = intent.getData();
        final String pathFrom = currFileURI.getPath();
        Toast.makeText(getApplicationContext(), "Upload file ...", Toast.LENGTH_SHORT).show();
        Thread th = new Thread(new Runnable() {
            public void run() {
                getMain().runOnUiThread(new Runnable() {
                    @Override
                    public void run() {
                        UploadToDropboxFromPath(pathFrom, "/db-test/" + DropboxUploadName + pathFrom.substring(pathFrom.lastIndexOf('.')));
                        Toast.makeText(getApplicationContext(), "File successfully uploaded.", Toast.LENGTH_SHORT).show();
                    }
                });
            }
        });
        th.start();
    }
    if (requestCode == UploadFromSelectApp) {
        Toast.makeText(getApplicationContext(), "Upload file ...", Toast.LENGTH_SHORT).show();
        final Uri uri = intent.getData();

        DropboxUploadPathFrom = getPath(getApplicationContext(), uri);
        if (DropboxUploadPathFrom == null) {
            DropboxUploadPathFrom = uri.getPath();
        }
        Thread th = new Thread(new Runnable() {
            public void run() {
                try {
                    final File file = new File(DropboxUploadPathFrom);
                    InputStream inputStream = getContentResolver().openInputStream(uri);

                    dropboxAPI.putFile("/db-test/" + DropboxUploadName + file.getName().substring(file.getName().lastIndexOf("."),
                            file.getName().length()), inputStream, file.length(), null, new ProgressListener() {
                        @Override
                        public long progressInterval() {
                            return 100;
                        }

                        @Override
                        public void onProgress(long arg0, long arg1) {
                        }
                    });
                    getMain().runOnUiThread(new Runnable() {
                        @Override
                        public void run() {
                            Toast.makeText(getApplicationContext(), "File successfully uploaded.", Toast.LENGTH_SHORT).show();
                        }
                    });
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
        });
        th.start();
    }
    super.onActivityResult(requestCode, resultCode, intent);
}

public String getPath(Context context, Uri contentUri) {
    Cursor cursor = null;
    try {
        String[] proj = {MediaStore.Images.Media.DATA, MediaStore.Video.Media.DATA, MediaStore.Audio.Media.DATA};
        cursor = context.getContentResolver().query(contentUri, proj, null, null, null);
        int column_index = cursor.getColumnIndexOrThrow(MediaStore.Images.Media.DATA);
        cursor.moveToFirst();
        String s = cursor.getString(column_index);
        if (s != null) {
            cursor.close();
            return s;
        }
    } catch (Exception e) {
    }
    try {
        int column_index = cursor.getColumnIndexOrThrow(MediaStore.Video.Media.DATA);
        cursor.moveToFirst();
        String s = cursor.getString(column_index);
        if (s != null) {
            cursor.close();
            return s;
        }
    } catch (Exception e) {
    }
    try {
        int column_index = cursor.getColumnIndexOrThrow(MediaStore.Audio.Media.DATA);
        cursor.moveToFirst();
        String s = cursor.getString(column_index);
        cursor.close();
        return s;
    } finally {
        if (cursor != null) {
            cursor.close();
        }
    }
}

public castingapplistview getMain() {
    return this;
        }

    }

目前，我在每个使用 Dropbox API 的活动中都有所有这些代码。当然，我可以确保隐藏我的钥匙进入自己的班级吗？一如既往的感谢。

Answer 1

答案是否定的。没有办法在您的应用程序中完美地隐藏您的密钥。您可以将它们从存储库中隐藏，但要对拥有您的 .apk 文件的人隐藏要困难得多。有足够坚定的人，会得到他们。话虽这么说，有很多方法可以使它变得困难，包括使用 NDK 和 JNI，如果应用程序调用提供了正确的应用程序签名，则有一个函数将返回您的密钥，您可以做的不仅仅是混淆 c/ c++代码。

任何可以反编译您的应用程序的人，也就是任何人，都可以获得您的密钥。将其放入 gradle 文件中，不会使其不受想要它的人的影响。它被编译成一个 java 类，即使经过混淆，也可以找到。

这是一篇不错的文章，可以指导您前进。

http://www.informit.com/articles/article.aspx?p=2268753&seqNum=4

Answer 2

有什么方法可以创建一个可以从其他类调用的 Dropbox API 活动？我有一个下载部分，我可以将它放在自己的类中，然后在需要时调用该类，而不是重写每个类中的代码吗？

是的。您可以使用这些常量创建一个超类，并在需要时进行扩展。

还有没有办法隐藏我的 Dropbox API 密钥？

是的，你可以把它们放在你的 build.gradle (module:app) 中

android {
    ...

    defaultConfig {
        ...
    }

    buildTypes {
        release {
        ...
    }

    buildTypes.each {
        it.buildConfigField 'String', 'MY_API_TOKEN_KEY', MyApiTokenValue
    }
}

要将它们用于您的活动（或任何 Java 类），只需使用：

BuildConfig.MY_API_TOKEN_KEY

你可以看到它在 this repository 上运行。