Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a ContentProvider for allowing remote-application access to KeePass databases #38

Open
wants to merge 10 commits into
base: master
Choose a base branch
from
Open

Add a ContentProvider for allowing remote-application access to KeePass databases #38

wants to merge 10 commits into from

Conversation

pfn
Copy link

@pfn pfn commented Aug 31, 2013

As I've written it:

  1. The client application must open the KeePass database itself (it sends database/password/keyfile to the ContentProvider's open() method)
  2. If the current client uid == the starting client uid: access is automatically granted
  3. If the uid is not the same, an access prompt will be shown. Choices are Deny, Allow and Always. 'Always' gets reset upon app changes (e.g. updates)

Clients should copy com.keepassdroid.provider.Contract locally to make use of the ContentProvider I have created.

I will be publishing an app that will make use of this new ContentProvider soon and would like to see KeePass have this support by then :-)

Future changes to the ContentProvider that I might implement would be icon fetching support, for rendering entry icons in the local client.

There is a very trivial test case included with my pull request.

@pfn
Copy link
Author

pfn commented Sep 1, 2013

Lets get some discussion going around this pull request prior to merging. I have some more things I'll likely be changing (behavior of "open", adding a "close", etc.)

@pfn
Copy link
Author

pfn commented Sep 1, 2013

See https://github.com/pfn/keepshare for an idea of how this ContentProvider is being used.

@pfn
Copy link
Author

pfn commented Sep 10, 2013

No rush on merging this pull request anymore, I'm embedding a keepassdroid fork internally for now

@mathstuf
Copy link

mathstuf commented Apr 9, 2015

Why not have a provider API which asks for specific information so that the user can choose to only expose specific entries to applications? This seems way too broad to me. I'm working on adding the SecretService DBus API to keepassx and it seems like a sensible API for this kind of stuff. How easy would it be to "port" the API to a ContentProvider API for Android and use that here?

@pfn
Copy link
Author

pfn commented Apr 9, 2015

@mathstuf That's exactly what this PR was doing: a content provider that allows searching and access to stuff, per-entry access control is a bit strict, but general access is reasonable. In any case, I've further dropped this as I've ported the native keepass libraries to java and no longer use keepassdroid as a backend.

@mathstuf
Copy link

mathstuf commented Apr 9, 2015

I don't see why per-entry (even on a per-application basis) is too strict. I certainly don't want Firefox extensions able to poke around my SSH key passwords for instance and I see no reason to trust it to do so.

@J-Jamet J-Jamet mentioned this pull request Mar 2, 2018
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@pfn @mathstuf @bpellin