Hello All,
Following is the draft specification for Android SBI. Please provide your feedback and review comments for the same.
Also please find the direct link to the full SBI specs here, a new section on Android is now added: https://docs.mosip.io/1.1.5/biometrics/mosip-device-service-specification#android-sbi-specification
Regards,
Sanjith Sundaram
Introduction:
This document explains the mechanism for the SBI devices to communicate in the android operating system.
Status:
Draft document V 0.9
Approach:
Discovery will return the appId of the discovered items. User will be given a choice to choose one of the discovered SBI app. The selected app responds back to the intent using the default intent callback functionality.
Device Discovery:
Request: io.sbi.device
action: io.sbi.device
data: no change
type: application/json
Request Schema: No change in the data structure. The serialized request data as byte array is set in the intent extras with key as “input”.
Response Schema: No change in the data structure. The serialized response data (byte array) is set in the intent extras with key as “response”.
callbackId should be set to the appId, can not be empty in android.
Device Info:
Request: appId.Info
action: appId.Info
data: no change
type: application/json
Request Schema: No change in the data structure. The serialized request data as a byte array is set in the intent extras with the key as “input”.
Response Schema: No change in the data structure. The serialized response data as a byte array is set in the intent extras with the key as “response”.
deviceInfo:callbackId should be set to the appId, can not be empty in android.
Capture:
Request: appId.Capture
action: appId.Capture
data: no change
type: application/json
flag: FLAG_GRANT_READ_URI_PERMISSION
Request Schema: No change in the data structure. The serialized request data as a byte array is set in the intent extras with the key as “input”.
Response Schema: No change in the data structure. The response content is set as content URI “content://authority/path/id” in the intent extras as a string with the key as “response”.
URI must be invalidated right after the read.
rCapture:
Request: appId.rCapture
action: appId.rCapture
data: no change
type: application/json
flag: FLAG_GRANT_READ_URI_PERMISSION
Request Schema: No change in the data structure. The serialized request data as byte array is set in the intent extras with key as “input”.
Response Schema: No change in the data structure. The response content is set as content URI “content://authority/path/id” in the intent extras as a string with the key as “response”.
The content provider should not support insert, update, delete
Device Stream:
On receiving rCapture request MDS must show the stream within its UI in the foreground.
Security:
Ensure to set the correct authority in the manifest and set the android:exported as “False”
Android Tab Specs:
Android 9 and above with hardware-backed key store