-
Notifications
You must be signed in to change notification settings - Fork 346
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a ContentProvider for allowing remote-application access to KeePass databases #38
base: master
Are you sure you want to change the base?
Conversation
allows permitted apps to access usernames and passwords from databases Update target API levels to api14 (to allow for using device default themes) add unit test for ContentProvider
Conflicts: AndroidManifest.xml
Conflicts: CHANGELOG
Lets get some discussion going around this pull request prior to merging. I have some more things I'll likely be changing (behavior of "open", adding a "close", etc.) |
See https://github.com/pfn/keepshare for an idea of how this ContentProvider is being used. |
No rush on merging this pull request anymore, I'm embedding a keepassdroid fork internally for now |
Why not have a provider API which asks for specific information so that the user can choose to only expose specific entries to applications? This seems way too broad to me. I'm working on adding the SecretService DBus API to keepassx and it seems like a sensible API for this kind of stuff. How easy would it be to "port" the API to a ContentProvider API for Android and use that here? |
@mathstuf That's exactly what this PR was doing: a content provider that allows searching and access to stuff, per-entry access control is a bit strict, but general access is reasonable. In any case, I've further dropped this as I've ported the native keepass libraries to java and no longer use keepassdroid as a backend. |
I don't see why per-entry (even on a per-application basis) is too strict. I certainly don't want Firefox extensions able to poke around my SSH key passwords for instance and I see no reason to trust it to do so. |
As I've written it:
Clients should copy
com.keepassdroid.provider.Contract
locally to make use of the ContentProvider I have created.I will be publishing an app that will make use of this new ContentProvider soon and would like to see KeePass have this support by then :-)
Future changes to the ContentProvider that I might implement would be icon fetching support, for rendering entry icons in the local client.
There is a very trivial test case included with my pull request.