How does that trip wire work? If the user clears the app data, then surely the only way you could tell is by storing something outside of the app's scope (like on the server or in the Market app).
I'd be happy to contribute LenientPolicy. Actually modified it today so that it caches LICENSED and NOT_LICENSED responses (in the same way as ServerManagedPolicy) so that it doesn't have to call the server every time. This means LenientPolicy now uses the Obfuscator and no longer stores any non-obfuscated prefs. I'm happy to do the Javadoc but don't really have time to do the JUnit tests. Anyway, shouldn't someone other than the implementer do those? ;) On 29 July 2010 00:43, Trevor Johns <[email protected]> wrote: > I was considering writing something like this into the library, but it > wasn't a priority since I figured somebody would be able to defeat it easily > (as you mentioned ;)). If you be willing to clean it up (add JavaDocs and > JUnit tests) and sign a CLA, I'd be happy to accept it as a contribution for > a future release. Assuming you were amenable to the idea, of course. > > That being said, I'm currently working on a patch to ServerManagedPolicy > that will allow specifying an initial grace period in case the user is > offline during the initial license check. It will also have a tripwire that > can optionally delete an application's data if it detects the licensing > shared preferences have been deleted -- a consequence for trying to take > advantage of the grace period as a workaround. Since that's at the top of my > list, there's a very good chance that will be in r2 of the library. > > -- > Trevor Johns > Google Developer Programs, Android > http://developer.android.com > > On Wed, Jul 28, 2010 at 8:41 AM, Mark Carter <[email protected]>wrote: > >> I've been playing around with the new LVL announced yesterday and >> wanted to write a policy which only stops the user when it is certain >> that he does not have a license. >> >> In other words, the policy will only "dontAllow" the user if the last >> meaningful response from the licensing service was NOT_LICENSED. >> Therefore, if the user is offline when they first use the app, then >> they will be allowed in. >> >> The idea behind this is that I don't want genuine paying users to ever >> (within reason) be inconvenienced by this licensing system. >> >> The downside is that all the user needs to do is clear the app data >> and go offline before restarting the app. The app will continue >> working until they go online (and restart the app). >> >> My thoughts are: >> >> 1. Most users won't know about that workaround >> 2. Those users that are happy to use that workaround, probably >> wouldn't pay for the app anyway >> >> Any other thoughts? >> >> === >> >> Here is the code: >> >> public void processServerResponse(LicenseResponse response, >> ResponseData rawData) { >> mLastResponse = response; >> if (response == LicenseResponse.LICENSED || response == >> LicenseResponse.NOT_LICENSED) { >> // note - we don't want to say "IS_LICENSED" because that >> can be >> hacked >> SharedPreferences prefs = >> PreferenceManager.getDefaultSharedPreferences(this.mContext); >> Editor edit = prefs.edit(); >> if (response == LicenseResponse.LICENSED) { >> edit.remove(NOT_LICENSED_PREF); >> } else if (response == LicenseResponse.NOT_LICENSED) { >> edit.putBoolean(NOT_LICENSED_PREF, true); >> } >> edit.commit(); >> } >> } >> >> public boolean allowAccess() { >> if (mLastResponse == null) { >> // this is the first call >> return false; >> } >> switch (mLastResponse) { >> case LICENSED: >> return true; >> case NOT_LICENSED: >> return false; >> default: >> return !isDefinitelyNotLicensed(); >> } >> } >> >> public boolean isDefinitelyNotLicensed() { >> // if we don't know, then its NOT definitely not licensed. >> SharedPreferences prefs = >> PreferenceManager.getDefaultSharedPreferences(mContext); >> return prefs.getBoolean(NOT_LICENSED_PREF, false); >> } >> >> -- >> You received this message because you are subscribed to the Google >> Groups "Android Developers" group. >> To post to this group, send email to [email protected] >> To unsubscribe from this group, send email to >> [email protected]<android-developers%[email protected]> >> For more options, visit this group at >> http://groups.google.com/group/android-developers?hl=en >> > > > > > > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
