1

We are trying to add the safety net API's to our app. When we test on real devices everything works fine, however when testing on emulators there is no response from the safety net servers. The purpose of the API is to detect emulated devices, so dont know why its not working on an emulator.

Below is the API call:

SafetyNet.getClient(activity).attest(getRequestNonce(nonceData), "<Key-here>").addOnSuccessListener(activity, new OnSuccessListener() {
    public void onSuccess(AttestationResponse response) {
        String[] jwtParts = response.getJwsResult().split("\\.");
        if(jwtParts.length == 3) {
            String sharedpreferences = new String(Base64.decode(jwtParts[1], 0));
            SharedPreferences editor = context.getSharedPreferences("DecodedPayload", 0);
            Editor editor1 = editor.edit();
            editor1.putString("decodedPayload", sharedpreferences);
            editor1.commit();
            Log.d("ContentValues", "The Safety net response is: " + sharedpreferences);
        } else {
            SharedPreferences sharedpreferences1 = context.getSharedPreferences("DecodedPayload", 0);
            Editor editor2 = sharedpreferences1.edit();
            editor2.putString("decodedPayload", "CND");
            editor2.commit();
            Log.d("ContentValues", "The safety net response could not be decoded");
        }

    }
}).addOnFailureListener(activity, new OnFailureListener() {
    public void onFailure(@NonNull Exception e) {
        if(e instanceof ApiException) {
            ApiException apiException = (ApiException)e;
            Log.d("ContentValues", "Error while fetching safety net result: " + ((ApiException)e).getStatusCode() + " " + ((ApiException)e).getStatusMessage());
            SharedPreferences sharedpreferences = context.getSharedPreferences("DecodedPayload", 0);
            Editor editor = sharedpreferences.edit();
            editor.putString("decodedPayload", "ERR");
            editor.commit();
            Log.d("ContentValues", "The safety net response could not be decoded");
        } else {
            Log.d("ContentValues", "Unknown Error while fetching safety net results: " + e.getMessage());
        }

    }
});

}

None of the handlers gets a response even after waiting for as long as 30 seconds. Can someone please help out.

Sid
  • 1,224
  • 3
  • 23
  • 48

2 Answers2

1

Most likely the emulator you are running doesn't have Google Play Services installed. Since Google Play Services is responsible for implementing Attestation, Attestation simply won't work on a device without Google Play Services.

When using Attestation, or any other Google Play Services API, you should check that Google Play Services is installed, and is at a version that you need (optimally, you should check that it's at the latest version).

Historically, official AVD images did not include Google Play Services, and you could technically sideload it. However, around April 2017, there are now official AVD images that include Play Store (and with it, Google Play Services).

Oscar
  • 346
  • 2
  • 11
0

It is a late response but maybe someone needs in the future. Try to use different listeners come with SafetyNet, all complete and success listeners does not response despite safetyNet returns success. Also you can check api calls and success, fail situations from Google Cloud Platform in Android Device Verification API dashboard.

        SafetyNet.getClient(this).attest(generateOneTimeRequestNonce(), "API_KEY")
                .addOnFailureListener { e ->
                    Log.i(TAG, "SafetyNet callback fail")
                }
                .addOnSuccessListener { resp ->
                    Log.i(TAG, "SafetyNet callback success")
                    val response = parseJsonWebSignature(resp.jwsResult)!!

                    when {
                        response.isCtsProfileMatch -> {
                            //profile of the device running your app matches the profile of a device that has passed Android compatibility testing.

                        }
                        response.isBasicIntegrity -> {
                            //then the device running your app likely wasn't tampered with, but the device has not necessarily passed Android compatibility testing.

                        }
                        else -> {
                            //handle fail, maybe warn user device is unsupported or in compromised state? (this is up to you!)

                        }
                    }
                }
DiRiNoiD
  • 1,281
  • 2
  • 18
  • 24