Android installation
The Nevis Mobile Authentication SDK binaries for Android are provided by Nevis in an archive file.
For convenience, Nevis also offers a public Maven repository where the SDK is available.
To obtain the release flavor of the SDK, contact us on [email protected].
Installation from Public Maven Repository
The nevis-mobile-authentication-sdk-android-package GitHub repository, contains the debug
flavor of the Nevis Mobile Authentication SDK. You can follow the following steps to integrate the SDK in your application using this repository.
The following steps assume that the NEVIS_MOBILE_AUTHENTICATION_SDK_ANDROID_VERSION
contains the SDK version. Set the console environment variable as follows:
- Add the repositories containing the SDK aar in the
build.gradle
file of your application module:
buildscript {
repositories {
maven {
url "https://maven.pkg.github.com/nevissecurity/nevis-mobile-authentication-sdk-android-package"
credentials {
username = <GITHUB_USERNAME>
password = <GITHUB_PERSONAL_ACCESS_TOKEN>
}
}
}
}
Accessing GitHub packages requires you to have a GitHub account. You have to provide a Personal Access Token, as described here.
- In the
build.gradle
file of your application module, add the SDK dependency and its required dependencies:
dependencies {
implementation "ch.nevis:nevis-mobile-authentication-sdk-android-debug:${NEVIS_MOBILE_SDK_ANDROID_VERSION}"
}
Installation Using Archive Provided by Nevis
The SDK is provided as compressed archive. After unpacking, you see the following structure:
debug
contains the binary files and POM files of thedebug
flavor.release
contains the binary files, that is, AAR library and finalization library, and the POM files of therelease
flavor.release/postBuildFinalizer
contains the scripts required to perform the finalization of the library in case a cross-platform framework is used.
Finalization
There are a number of protection mechanisms only included in the release
flavor that require a procedure during the building of the application called finalization.
The finalization updates the binaries of the library with information about your application to execute those protection mechanisms during runtime. If you use Gradle to build the application, the finalization can be done using a Gradle plugin.
The debug
flavor does not require finalization.
Deploy libraries to the Maven repository
You can follow the official instructions of Maven to deploy the Nevis Mobile Authentication SDK in your local and remote repositories.
The following examples assume that the NEVIS_MOBILE_AUTHENTICATION_SDK_ANDROID_VERSION
contains the SDK version. Set the console environment variable as follows:
export NEVIS_MOBILE_AUTHENTICATION_SDK_ANDROID_VERSION=3.1.0.3198
The following maven command shows how to deploy the release SDK, as well as the SDK finalization library locally:
mvn install:install-file -Dfile=release/nevis-mobile-authentication-sdk-android-${NEVIS_MOBILE_AUTHENTICATION_SDK_ANDROID_VERSION}.aar -DgroupId=ch.nevis -DartifactId=nevis-mobile-authentication-sdk-android -Dversion=${NEVIS_MOBILE_AUTHENTICATION_SDK_ANDROID_VERSION} -DpomFile=release/nevis-mobile-authentication-sdk-android-${NEVIS_MOBILE_AUTHENTICATION_SDK_ANDROID_VERSION}.pom
mvn install:install-file -Dfile=release/nevis-mobile-authentication-sdk-android-finalizer-${NEVIS_MOBILE_AUTHENTICATION_SDK_ANDROID_VERSION}.jar -DgroupId=ch.nevis -DartifactId=nevis-mobile-authentication-sdk-android-finalizer -Dversion=${NEVIS_MOBILE_AUTHENTICATION_SDK_ANDROID_VERSION} -DpomFile=release/nevis-mobile-authentication-sdk-android-finalizer-${NEVIS_MOBILE_AUTHENTICATION_SDK_ANDROID_VERSION}.pom
Update the build.gradle
File
To integrate the Nevis Mobile Authentication SDK for Android into your application, do as follows:
- Add the repositories containing the SDK aar and the SDK finalizer in the
build.gradle
file of your application module. - In the same
buildscript
block, define the SDK finalizer dependency as well.
In the following snippet, it is assumed that the SDK aar dependency and the finalizer are published to the repo.mycompany.com/maven2
Maven repository.
For convenience, you can define the ${NEVIS_MOBILE_AUTHENTICATION_SDK_ANDROID_VERSION}
variable in the gradle.properties
file. The variable contains the version of the SDK.
buildscript {
repositories {
mavenLocal()
maven {
url "http://repo.mycompany.com/maven2"
}
}
dependencies {
classpath "ch.nevis:nevis-mobile-authentication-sdk-android-finalizer:${NEVIS_MOBILE_SDK_ANDROID_VERSION}"
}
}
- In the
build.gradle
file of your application module, add the SDK dependency and its required dependencies. The dependency to be defined for therelease
flavor is the following:
dependencies {
implementation "ch.nevis:nevis-mobile-authentication-sdk-android:${NEVIS_MOBILE_SDK_ANDROID_VERSION}"
}
dependencies {
implementation "ch.nevis:nevis-mobile-authentication-sdk-android-debug:${NEVIS_MOBILE_SDK_ANDROID_VERSION}"
}
- In the
build.gradle
file of your application module, the SDK finalization plugin is required when using therelease
flavor, that is, for production. This finalizes the hardening framework protection of the SDK as part of the gradle build of your application. Apply the plugin using therelease
flavor as follows:
apply plugin: 'finalize'
The finalization plugin has to be applied on app level.
Manifest placeholders
The plugin requires access to the AndroidManifest.xml
when executed. So, if you use manifest placeholders, they have to be resolved before the plugin runs. If you want to resolve the placeholders on a variant basis, and you use Android Gradle Plugin 7.0 or later, use androidComponent
as in the following example:
android {
androidComponents {
onVariants(selector().all(), variant -> {
variant.manifestPlaceholders = [attributeName : "$attributeValue"]
})
If you use an earlier version of the Android Gradle Plugin than 7.0, and use the merged flavor of the variant to resolve the placeholders, execute the plugin after project evaluation:
android { applicationVariants.all {
variant ->
variant.getMergedFlavor().manifestPlaceholders = [attributeName : "$attributeValue"]
}
}
[...]
project.afterEvaluate { apply plugin: 'finalize' }
Example - application module build.gradle
file using both release
and debug
SDK dependencies
In the following example, the two out-of-the box build types provided by the Android Gradle plugin are used: release
and debug
. It is assumed that the SDK dependencies are published to the local Maven repository, see deployment.
As only the release
flavor of the SDK requires finalization, the finalization plugin is only applied during assembly of the release
build type.
repositories {
// It is assumed that the Nevis SDK is deployed to the local Maven
// repository
mavenLocal()
// Maven Central and Google repositories have the transitive dependencies
// required by the Nevis SDK
mavenCentral()
google()
}
buildscript {
repositories {
// It is assumed that the Nevis SDK finalizer library is deployed
// to the local Maven repository
mavenLocal()
// The Android Gradle Plugin is accessible from the Google repository
// mavenCentral is required to get its transitive dependencies
google()
mavenCentral()
}
dependencies{
classpath "ch.nevis:nevis-mobile-authentication-sdk-android-finalizer:${NEVIS_MOBILE_SDK_ANDROID_VERSION}"
classpath 'com.android.tools.build:gradle:7.0.3'
}
}
apply plugin: 'com.android.application'
android {
compileSdkVersion 30
defaultConfig {
minSdkVersion 23
targetSdkVersion 30
}
defaultConfig {
applicationId "ch.nevis.doc.sdksampleapp"
versionCode 1
versionName "1.0"
}
compileOptions {
sourceCompatibility JavaVersion.VERSION_1_8
targetCompatibility JavaVersion.VERSION_1_8
}
}
// Apply the SDK finalization plugin if we are using a Nevis SDK
// flavor that requires it.
if (isNevisSdkFinalizationRequired()) {
apply plugin: 'finalize'
}
// Add the SDK dependency that corresponds to the build type that we
// are assembling.
addSDKDependency(project.gradle.startParameter.taskNames)
dependencies {
// Add the dependencies of your application. The Nevis SDK dependencies have
// been added in addSDKDependency
}
private boolean isNevisSdkFinalizationRequired() {
return project.gradle.startParameter.taskNames.find { name -> name.endsWith("assembleRelease") } != null
}
private void addSDKDependency(List<String> taskNames) {
if (taskNames.size() == 1) {
def taskName = taskNames.iterator().next()
if (taskName.endsWith('assembleDebug')) {
project.dependencies.add('implementation', "ch.nevis:nevis-mobile-authentication-sdk-android-debug:${NEVIS_MOBILE_SDK_ANDROID_VERSION}")
}
if (taskName.endsWith('assembleRelease')) {
project.dependencies.add('implementation', "ch.nevis:nevis-mobile-authentication-sdk-android:${NEVIS_MOBILE_SDK_ANDROID_VERSION}")
}
}
}