使用 AMAPI 管理自定义应用

作为基于 Android Management API 的 EMM,您可以在设备上远程管理自定义应用。这包括安装和卸载这些应用。此功能是通过使用 AMAPI SDK 在本地开发扩展应用来实现的。

前提条件

  • 您的扩展应用已与 AMAPI SDK 集成。
  • 设备是全托管式设备。
  • 需要 AMAPI SDK v1.6.0-rc01 或更高版本。

1. 准备应用以使用该功能

1.1. 在扩展应用中与 AMAPI SDK 集成

自定义应用管理流程要求您在扩展应用中集成 AMAPI SDK。如需详细了解此库以及如何将其添加到应用中,请参阅 AMAPI SDK 集成指南

1.2. 更新应用的清单以支持 FileProvider

  • 按照 AMAPI SDK 集成指南中的说明,将 Android 设备政策 (ADP) 应用的 <queries> 元素添加到 AndroidManifest.xml
  • <application> 标记内,将以下 <provider> 代码段实现到应用的 AndroidManifest.xml 中。此代码段用于在分享自定义应用 APK 时存储文件,从而能够使用 AMAPI 安装自定义应用。

AndroidManifest.xml

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.example.customapp">
  <queries>
    <package android:name="com.google.android.apps.work.clouddpc" />
  </queries>

  <application>

    <!--This is used to store files when sharing the custom app apk.-->
    <provider
        android:name="com.google.android.managementapi.customapp.provider.CustomAppProvider"
        android:authorities="${applicationId}.AmapiCustomAppProvider"
        android:exported="false"
        android:grantUriPermissions="true">
      <meta-data
          android:name="android.support.FILE_PROVIDER_PATHS"
          android:resource="@xml/file_provider_paths" />
    </provider>
  </application>
</manifest>
  • 在应用的 res/xml/ 目录中创建一个新的 XML 文件,其中包含自定义 APK 的存储路径。

file_provider_paths.xml

<?xml version="1.0" encoding="utf-8"?>
<paths xmlns:android="http://schemas.android.com/apk/res/android">
  <cache-path
      name="android_managementapi_custom_apks"
      path="com.google.android.managementapi/customapp/apks/" />
</paths>

2. 与 AMAPI SDK 的自定义应用功能集成

2.1. 准备自定义 APK 文件以供安装

在部署之前,必须先准备好应用的 APK 文件以供安装。 以下代码段演示了此过程:

Kotlin

import android.net.Uri
import androidx.core.net.Uri
import java.io.File
...
import com.google.android.managementapi.commands.LocalCommandClient
import com.google.android.managementapi.commands.LocalCommandClient.InstallCustomAppCommandHelper
import com.google.android.managementapi.commands.LocalCommandClientFactory

...

fun prepareApkFile(): Uri? {
    // Get the storage location of custom APK files from AM API
    val client: LocalCommandClient = LocalCommandClientFactory.create(context)
    val installCustomAppCommandHelper = client.installCustomAppCommandHelper

    val customApksStorageDir: File = installCustomAppCommandHelper.customApksStorageDirectory ?: return null

    // Once you get hold of the custom APKs storage directory, you must store your custom APK
    // in that location before issuing the install command.
    val customApkFile: File = fetchMyAppToDir(customApksStorageDir) ?: return null
    val customApkFileUri: Uri = customApkFile.toUri()

    return customApkFileUri
}

Java

import android.net.Uri;
import androidx.core.net.Uri;
import java.io.File;
...
import com.google.android.managementapi.commands.LocalCommandClient;
import com.google.android.managementapi.commands.LocalCommandClient.InstallCustomAppCommandHelper;
import com.google.android.managementapi.commands.LocalCommandClientFactory;

...

Uri prepareApkFile() {
  // Get the storage location of custom APK files from AM API
  LocalCommandClient client = LocalCommandClientFactory.create();
  InstallCustomAppCommandHelper installCustomAppCommandHelper = client.getInstallCustomAppCommandHelper();
  File customApksStorageDir = installCustomAppCommandHelper.getCustomApksStorageDirectory();

  // Once you get hold of the custom APKs storage directory, you must store your custom APK
  // in that location before issuing the install command.
  File customApkFile = fetchMyAppToDir(customApksStorageDir);
  Uri customApkFileUri = Uri.fromFile(customApkFile);
  ...
}

2.2. 发出安装自定义应用的请求

以下代码段展示了如何发出安装自定义应用的请求:

Kotlin

import android.content.Context
import android.net.Uri
import android.util.Log
import com.google.android.managementapi.commands.LocalCommandClientFactory
import com.google.android.managementapi.commands.model.Command
import com.google.android.managementapi.commands.model.IssueCommandRequest
import com.google.android.managementapi.commands.model.IssueCommandRequest.InstallCustomApp
import kotlinx.coroutines.CoroutineScope
import kotlinx.coroutines.launch
import kotlinx.coroutines.guava.await
import kotlinx.coroutines.withContext
import java.lang.Exception

private const val TAG = "MyClass"

...

    // Requires a file URI of the APK file.
    fun issueInstallCustomAppCommand(packageName: String, fileUri: Uri) {
        coroutineScope.launch {
            try {
                withContext(coroutineScope.coroutineContext) {
                    val result: Command = LocalCommandClientFactory.create(context)
                        .issueCommand(createInstallCustomAppRequest(packageName, fileUri)).await()
                    // Process the returned command result here.
                    Log.i(TAG, "Successfully issued command: $result")
                }
            } catch (t: Exception) {
                Log.e(TAG, "Failed to issue command", t)
                // Handle the exception (e.g., show an error message)
            } finally {
                // Make sure to clean up the apk file after the command is executed.
                cleanUpApkFile(fileUri)
            }
        }
    }

    private fun createInstallCustomAppRequest(packageName: String, fileUri: Uri): IssueCommandRequest {
        return IssueCommandRequest.builder()
            .setInstallCustomApp(
                InstallCustomApp.builder()
                    .setPackageName(packageName)
                    .setPackageUri(fileUri.toString())
                    .build()
            )
            .build()
    }
}

Java

import android.util.Log;
...
import com.google.android.managementapi.commands.LocalCommandClientFactory;
import com.google.android.managementapi.commands.model.Command;
import com.google.android.managementapi.commands.model.GetCommandRequest;
import com.google.android.managementapi.commands.model.IssueCommandRequest;
import com.google.android.managementapi.commands.model.IssueCommandRequest.ClearAppsData;
import com.google.common.collect.ImmutableList;
import com.google.common.util.concurrent.FutureCallback;
import com.google.common.util.concurrent.Futures;
import com.google.common.util.concurrent.MoreExecutors;

...

  // Requires a file URI of the APK file.
  void issueInstallCustomAppCommand(String packageName, Uri fileUri) {
    Futures.addCallback(
        LocalCommandClientFactory.create(getContext())
            .issueCommand(createInstallCustomAppRequest(packageName, fileUri)),
        new FutureCallback() {
          @Override
          public void onSuccess(Command result) {
            // Process the returned command result here.
            Log.i(TAG, "Successfully issued command");
          }

          @Override
          public void onFailure(Throwable t) {
            Log.e(TAG, "Failed to issue command", t);
          }
        },
        MoreExecutors.directExecutor());
  }

  IssueCommandRequest createInstallCustomAppRequest(String packageName, Uri fileUri) {
    return IssueCommandRequest.builder()
        .setInstallCustomApp(
            InstallCustomApp.builder()
                .setPackageName(packageName)
                .setPackageUri(fileUri.toString())
                .build()
        )
        .build();
  }

2.3. 发出请求以获取已安装的应用

Kotlin

import android.content.Context
import com.google.android.managementapi.device.DeviceClientFactory
import com.google.android.managementapi.device.model.GetDeviceRequest
import kotlinx.coroutines.guava.await

  suspend fun getInstalledApps(context: Context) =
    DeviceClientFactory.create(context)
      .getDevice(GetDeviceRequest.getDefaultInstance())
      .await()
      .getApplicationReports()

Java

import android.content.Context;
import com.google.android.managementapi.device.DeviceClientFactory;
import com.google.android.managementapi.device.model.GetDeviceRequest;
import com.google.android.managementapi.device.model.Device;
import com.google.common.util.concurrent.Futures;
import com.google.common.util.concurrent.ListenableFuture;
import com.google.common.util.concurrent.MoreExecutors;
import java.util.List;
import java.util.concurrent.Executor;

public ListenableFuture<List> getInstalledApps() {
        ListenableFuture deviceFuture =
            DeviceClientFactory.create(context)
                .getDevice(GetDeviceRequest.getDefaultInstance());

        return Futures.transform(
            deviceFuture,
            Device::getApplicationReports,
            executor // Use the provided executor
        );
    }

3. 为设备配置自定义应用管理政策

  1. 设置一个 policy,其中包含您打算管理的自定义应用。

      {
    "statusReportingSettings": {
      "applicationReportsEnabled": true
    },
    "applications": [
    {
      "signingKeyCerts": [
        {
        "signingKeyCertFingerprintSha256": <sha256 signing key certificate hash value>
        }
      ],
      "packageName": "<emm_extensibility_app>",
      "installType": "AVAILABLE",
      "lockTaskAllowed": true,
      "defaultPermissionPolicy": "GRANT",
      "extensionConfig": {
          "notificationReceiver": "com.example.customapp.NotificationReceiverService"
      }
    },
    {
      "signingKeyCerts": [
        {
        "signingKeyCertFingerprintSha256": <sha256 signing key certificate hash value>
        },
      ],
      "packageName": "<custom_app>",
      "installType": "CUSTOM",
      "lockTaskAllowed": true,
      "defaultPermissionPolicy": "GRANT",
      "customAppConfig": {
    "userUninstallSettings": "DISALLOW_UNINSTALL_BY_USER"
      }
    }
    ]
  }
  ```

  2. 通过调用 enterprises.enrollmentTokens.create 为设备创建注册令牌,并将 allowPersonalUsage 设置为 PERSONAL_USAGE_DISALLOWED

  3. 使用注册令牌以全托管模式配置设备。

  4. 从受管理的 Play 安装可扩展性应用。

  5. 您的可扩展性应用:

    • 可以下载自定义应用的 APK 文件
    • 可以发出安装自定义应用的请求(请参阅前面显示的代码段
    • 应收到响应

API

服务器-客户端 API

请参阅以下列出的新字段和枚举: