Related
I recently came across this app Purchase Apps, which is somehow able to retrieve apps I've paid for in google play after I signed in using my google account.
I'm trying to find out how it is being done as I want to build a similar app, but for the free apps which were downloaded.
However, I can't find which OAuth API Scope was used for retrieving that information, even after going through the entire list of APIs.
EDIT:
I'm putting a new bounty on this question, as suggested by a similar question I've asked about here, and because here and there I don't see a real answer about how to do it, and what can be done with it.
I'd like to refine the questions into multiple pieces:
What is the API that can be used to get information of purchased apps? Where can I read about it? Please show a full, working example of how to do it.
Can it do more ? Maybe perform search? Maybe show free apps that were installed? Maybe the time they were installed and uninstalled? And the categories of those apps?
Are there any special requirements for using this API ?
EDIT: I'm putting a max bounty on this, because no matter how much I've read and tried, I still failed to make a POC that can query the apps from the Play Store that the user has ever downloaded (name, package name, date installed and/or removed, icon URL, price...), including both paid and free apps.
If anyone finds a working sample, show how it's done, and also show how you've found about it (documentation or anything that has led you to the solution). I can't find it anywhere, and the current solutions here are too vague for me to start from.
Issue is resolved. The exploit has been closed.
We will be closing this bug due to being logged in a Preview version of Android. If the issue is still relevant and reproducible in the latest public release (Android Q), please capture a bugreport and log the bug in https://source.android.com/setup/contribute/report-bugs. If a reply is not received within the next 14 days, this issue will be closed. Thank you for your understanding.
Latest update:
This is a bug and Google will address it in the next update.
We've deferred this issue for consideration in a future release. Thank
you for your time to make Android better
This answer has turned into a conglomeration of ideas and been edited to include information from discussion in the comments.
The androidmarket api, would be a customised api written by the developer. It's not available to the public.
To address your concerns in the comments. The developer would have utilised the current apis available through Android Developer and Google to create a project that manages all of these.
As for accessing Full Account Access, I'm not sure exactly how these developers have achieved this.
I'd recommend using the AccountManager, which is part of android.accounts, has access to credentials and a method getUserData. The account manager has access to passwords and is capable of creating and deleting accounts. This, possibly used with Content Provider
See Udinic/SyncAdapter Authentication.
To reply to your comment:
This blog should help you to get started. Write your own Android Authenticator.
How these apps actually work, I cannot tell you. They may also have different implementations (unless they're a collaborative effort behind the scenes, they most certainly will be different).
One guess. Firstly use GoogleSignInAccount with com.google.android.gms.auth.api.signin.
There a definition for scope, to determine the extent of the permissions the app is granted.
Using requestScopes(), the
public static final String PROFILE
.../ It lets your web app access over-the-air Android app installs.
For example:
GoogleSignInOptions gso =
new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestEmail().
.requestScopes(new Scope("https://www.googleapis.com/auth/contacts.readonly"))
.build();
If full access can be gained a list of all apps used by the account holder can be found and compared to what's on the device.
Package Manager will retrieve a list of all apps currently installed on the device.
PackageInfo provides the details about the app.
INSTALL_REASON_USER will also filter out apps that have been actively installed by the user.
You might want to look at com.google.firebase.appindexing and Log User Actions. Different actions can be tracked.
The users account history is found at https://myactivity.google.com/myactivity.
A helpful link is the OAuth 2.0 Playground.
This github repo node-google-play, using node, is current and will call Google Play APIs. As did the archive that was used as an "unofficial" api, android-market-api, to query the market place.
App 1
The app claims to use the following permissions:
Version 2.1.8 can access:
$ In-app purchases
Other
receive data from Internet
view network connections
full network access
use accounts on the device
prevent device from sleeping
read Google service configuration
Noteworthy, the app doesn't set any permissions when there was a basic, install. I was unable to use any of the features, as I have no paid apps. So for the initial search - there were no permissions needed, which would indicate the app didn't have access to my account.
I checked the permissions - there were none set. So the only thing required was to accept the pop up, as displayed in your question.
App 2
The other app you refer to that does the same thing is more upfront about what is being accessed.
My Paid Apps
SECURITY/PRIVACY NOTICE
The first time you run this app, it will ask for full permission to your Google account. This is unfortunately
the only way to access the required information. No personal
information is stored, no information about your apps is shared with
the developer of this app, nor shared with any third parties.
Everything is kept on your phone only.
I've gone into detail over these apps in this blog post, which was for a university capstone project (no monetary gain). I'm inclined to think this is an exploit in the API and not status by design by Google, as there are no API calls to fetch purchases of apps other than the developer's own app. I hypothesize it's a zero day exploit, in which case there's no legitimate way to access this information.
In case of one of these applications (My Paid Apps), after checking the network traffic it is pretty obvious that it does use the Store's Account page to retrieve the list of paid applications.
Now, the mechanism it uses is the same mechanism that Google Chrome currently, and Pokemon GO supposedly at a point in time used.
In a nutshell, steps to do so are as follow:
Login:
What the mentioned program do for the first step is to log the user in and get access to the user's access token. To do so, it uses the android.accounts.AccountManager.getAuthToken() method. (See more: AccountManager)
However, as for the token scope, oauth2:https://www.google.com/accounts/OAuthLogin is requested.
It might be important to note that based on the OAth2 documentation from Google, this scope is not valid; however, it seems like a valid scope for Google OAuth v1.
Converting the newly retrieved access token to a ubertoken:
Now, what actually ubertoken supposed to do, is unknown and there is no official documentation about it. However, it was seen in the wild to be used by chrome browser to login users.
This is done by requesting the https://accounts.google.com/OAuthLogin?source=ChromiumBrowser&issueuberauth=1 page.
Converting ubertoken to website session:
Later on, using the newly created ubertoken it is possible to get a website session using the https://accounts.google.com/MergeSession API endpoint. After this step, the application is essentially capable of loading all personal pages that you can open using your browser while logged in; except some special pages including Payment settings.
Retrieving the list of paid applications:
Requesting and parsing the https://play.google.com/store/account page.
Following is the application's traffic as captured by 'Packet Capture':
As it is clearly visible in the picture, the end result is identical to what I get when I normally open the store's account page on my PC with Chrome Desktop:
Side note:
It seems none of these endpoints are documented as they are primarily used by Google's own programs and should be considered internal. Therefore I strongly recommend not using them in any program or code that you expect to run for a long time or in a production environment.
Also, there is bad news here for you too, it seems that the Google Play's account page only lists paid applications or special free apps (more especially OEM apps). I will try to find some time and dig deeper into the other application.
Interesting articles:
Pokemon tokens
Exploiting Google Chrome's OAuth2 Tokens
If you have root access, You can access /data/data/com.android.vending/databases/library.db
OnePlus3T:/data/data/com.android.vending/databases
-rw-rw---- 1 u0_a2 u0_a2 229376 2018-12-26 18:01 library.db
This database has all information, which app you have downloaded, which apps you have purchased, and even in which app you have done IAP.
Check ownership table, It has all information.
ownership (account STRING, library_id STRING, backend INTEGER, doc_id STRING, doc_type INTEGER, offer_type INTEGER, document_hash INTEGER, subs_valid_until_time INTEGER, app_certificate_hash STRING, app_refund_pre_delivery_endtime_ms INTEGER, app_refund_post_delivery_window_ms INTEGER, subs_auto_renewing INTEGER, subs_initiation_time INTEGER, subs_trial_until_time INTEGER, inapp_purchase_data STRING, inapp_signature STRING, preordered INTEGER, owned_via_license INTEGER, shared_by_me INTEGER, sharer_gaia_id TEXT, shareability INTEGER, purchase_time INTEGER, PRIMARY KEY (account, library_id, backend, doc_id, doc_type, offer_type))
Dealing with unofficial Google APIs is incredibly complicated territory. It's going to be possible to get this to work, but that's all I'll say. Proceed at your own risk.
The first thing you're going to need to do is get a Google Play auth token. This can be done several ways, but here's how they do it in Purchased Apps:
public static String getAuthToken(Activity activity, String userEmail) {
AccountManager accountManager = AccountManager.get(activity);
Account userAccount = new Account(userEmail, "com.google");
Bundle options = new Bundle();
options.putBoolean("suppressProgressScreen", true);
String token;
try {
Bundle result = accountManager
.getAuthToken(userAccount, "androidmarket", options, activity, null, null)
.getResult();
token = result.getString("authtoken");
} catch (OperationCanceledException e) {
Log.d(TAG, "Login canceled by user");
return null;
} catch (IOException | AuthenticatorException e) {
Log.e(TAG, "Login failed", e);
return null;
}
return token;
}
A few things to note here:
The above code must be run asynchronously. I recommend RxJava, but an AsyncTask will work.
You must supply a email for the account you want to use. I'll leave the details up to you but this is fairly easy using AccountManager.
After you have an auth token, you can now access any Google Play Store endpoint. The main one used by Purchased Apps is https://android.clients.google.com/fdfe/purchaseHistory. Another one you might be interested in is https://android.clients.google.com/fdfe/details?doc=(package name) (from APKfetch code). Here's a page with some more and some analysis. If you make a request to these APIs, you'll need to supply several headers:
Authorization - "GoogleLogin auth=(your auth token)"
User-Agent - "Android-Finsky/6.4.12.C-all%20%5B0%5D%202744941 (api=3,versionCode=80641200,sdk=" + VERSION.SDK_INT + ",isWideScreen=0)";
X-DFE-Device-Id - your device's Google Services Framework ID, obtained from AdvertisingIdClient.
X-DFE-Client-Id - "am-android-google"
Accept-Language - The device's language code, eg "en".
Now, you need to parse the response. Here's where things get tricky. These APIs returns a message encoded as a Protobuf, so it's essentially just binary data unless you have a schema (which of course, only Google has). One way to go about this in theory is to decompile the Google Play Store app and reuse their generated protobuf models with a tool like JADX.
Unfortunately, I've tried this and it doesn't really work. Protobuf model classes are just too complex for a standard decompiler. What you can use is a tool called PBTK. You'll ideally want to run this on the Google Play Store 6.1.12 APK, since that's the last version before they started using ProGuard. Do note that this program has two errors in its script that need to be fixed before running it: changing 'extracto' to 'extractor' in gui.py and removing the assertion statement on line 500 of jar_extract.py.
Now, that should output all of the response classes as .proto files. Create a folder under src/main called proto and drag the entire generated 'com' directory to it. You can delete everything that's not under com/google/android/finsky/protos. Follow instructions online to setup Gradle with the Protobuf Lite plugin.
When you want to parse a response, you can use the ResponseWrapper class, since they all appear to be contained under that.
That's about as far as I can take you. There's a good chance I got some part of this wrong; JADX is your best friend here, because the best way to figure out what an app is doing is by looking at its code. Hope this helps and happy developing!
you can get the package name of all installed apps on device and then get the information of every installed package that you find in the device from google play without any need to get to user account. there is some third party or unofficial apis to get google play apps details as json by getting the app package name. for example: https://42matters.com/
then use the received information for every package to find free ones.
i have two resources for you to consider, but first, in a word, no. there is no api from GOOGLE to let you do what you want, as these metrics arent stored in the phone, they are on the google play store servors, and google has no OFFICIAL api for the play store. you can however glean some info from these two sites:
https://www.quora.com/Is-there-an-API-for-the-Google-Play-Storeenter link description here
https://android.stackexchange.com/questions/162146/how-to-see-all-the-apps-i-have-downloaded-from-google-play-store
and this is enough to see how to accomplish this.
first, a list of what apps have been downloaded by an account is only referencable by the account. and this can be done through the play store. since your app will be installed on that users phone, this dosnt matter... you're in.
second, you will need a 3rd party API built for the GOOGLE PLAY STORE, there are some out there, check the first link.
using the api of your choice, you will send a get request, to the play store, and in return you should receive in most cases a json object to deserialize.
deserialize the object, and you will have your list. which list you get will depend on the endpoint you use, but that should be explained by/in the API itself.
good luck!
SITUATION
I have a set of functionalities in my app which changes based on the store it is installed from. E.g. I want to have a more restricted set of advertisements displayed for family audiences and children to be eligible for the Google Play for Education category. In other stores i still want to restrict but don't want to be as stringent as I will be in filtering out the ads.
General observation at my end is that if I opt-in for "Google Play for Education" category it takes a few more hours to get published because of the following (as stated on the developer console):
Checking this box submits this app for inclusion in the "educator
recommended" section of Google Play for Education. The final decision
on which apps to recommend is made by a 3rd party network of teachers.
If your app is selected, we will notify you by e-mail. If not, your
app will still be searchable in Google Play for Education.
Now before the app gets published in this category the network of teachers, I assume, download and test/verify if the guidelines are met and there are no violations.
PROBLEM
To differentiate between the store installed from I'm obviously using this:
PackageManager packageManager = context.getPackageManager();
String installer = packageManager.getInstallerPackageName(packageName);
if (installer == null) installer = ""; //to avoid NPE
if (installer.equals("com.android.vending")) {
//It is installed from Google Play store
//PROBLEM: THIS DOES NOT SEEM TO BE THE PACKAGE NAME RETURNED
//WHEN GOOGLE PLAY REVIEWERS/TESTERS ARE USING THE APP
}
else ...
....
....
//similarly handling other stores here
....
....
....
//After that also checking by installed app stores
....
....
What is happening: After being published things app properly identifies that it is downloaded from play store i.e. it gets com.android.vending as the installerPackageName. But, when it is being reviewed or tested by the network of teachers it appears to be getting a different installerPackageName. This is causing the app to think it has been downloaded from an app store other than Google Play Store. And because of this my app is rejected from the Education category. I need to know this installer package name to handle the scenario correctly.
How do i know this: I have a dedicated ad unit id to use when the detected app store is Google Play and all requests post successful publication (i.e. from the regular play store users) come to this google dedicated ad unit id. But, in the short span of time after submitting the app/update and before the app or and update is published, a few requests come to the non-google ad unit ids, causing the app to fail adherence to the guidelines to be eligible for "Google Play for Education" category. Because, the level of ad filtering in the non-google ad unit ids is slightly less. Hence the teachers evaluating/testing the app see some ads that they think are not as per guidelines and reject it.
Also, here is an article to support the fact that the app gets reviewed manually as well as by automated script before it is actually published to the store.
Current fix or limitation: I've disabled all other ad networks and have to use only admob. The setting of filters even at the strictest level in other ad networks doesn't seem to filter all ads that Google reviewers think are not suitable for children and family audiences. When using only admob the process is smooth and I always qualify.
What I'm looking for to overcome this problem: If i get to know the installerPackageName that is returned when the app is installed from where ever the reviewing network of teachers install the app from, I can handle that case exactly as i handle when i get com.android.vending and everything will be just fine.
I could not find any documentation or reference to obtain this information.
Also, if there is any other way i can identify it the app is in pending publication stage, I force all requests to go to the google ad unit id.
ASSUMPTION: There is a separate installer app for the reviewers and testers (automated/manual what ever it may be in the background) whose installerPackageName is NOT com.android.vending. If there is some Google guy around and can help confirm this (if allowed by Google), do comment. :-)
Other possibilities which i do not want to go with
Disable all other networks manually while the app is in pending publication phase and re-enable them once published. But, I don't want to do this because this would be like bluffing google and I don't want to go that way. I want my app logic to take care of it so that the same thing that is reviewed is let out in market.
I permanently stick with only admob. But this would be foolish as there are no such restrictions in other stores that I'm publishing my apps to and I will terribly lose on fill rate.
I there anyone who has had this issue before OR knows the installerPackageName for the review's download place OR knows how to determine if the app is currently in 'pending publication` state on playstore?
I can also possibly filter all by packagenames starting with com.android or com.google, but I want to keep that as last option. Also, would like to know if the installerPackage name is not set at all in case of those users. In that case I'll need to look at a completely different situation to handle the situation.
I find one thing that can help you in this case. It's analytics. Just create your custom event eg. INSTALLER_STRING in some of analytics systems and log that event when appropriate. Here is the example of event logging in Fabric Answers.
public static final String EVENT_OPEN_TOP_TRENDS = "EVENT_OPEN_TOP_TRENDS";
public static final String TOP_TRENDS_TYPE = "TOP_TRENDS_TYPE";
public static final String TYPE_TOP_TRENDS_IMAGES = "TYPE_TOP_TRENDS_IMAGES";
public static void logEvent(String eventId, String attributeName, String name) {
Answers.getInstance().logCustom(new CustomEvent(eventId).putCustomAttribute(attributeName, name));
}
logEvent(EVENT_OPEN_TOP_TRENDS, TOP_TRENDS_TYPE, TYPE_TOP_TRENDS_IMAGES);
Later on, you can see what are the sources your app was installer from on fabric website.
Check which results you will show using this log for all app you use do detect installer package name:
final PackageManager pm = getPackageManager();
//get a list of installed apps.
List<ApplicationInfo> packages = pm.getInstalledApplications(PackageManager.GET_META_DATA);
for (ApplicationInfo packageInfo : packages) {
String is = pm.getInstallerPackageName(packageInfo.packageName);//getPackageName());
Log.d(TAG, (packageInfo.packageName==null?"":packageInfo.packageName) + " : " + (is==null?"":is));
}
You will see the full list of installed apps & package sources, or log this data in your way your want.
EDIT
#Virus, i just want to give you a simple idea. if you want to know package installer name, you can just grab this data when you app is launched and send it to your own server using simple http GET request in order to detect the installer name. Republish you apo with this simple frabber. I think this the one solution.
I've created an android application, and also a paid key-application that can open some features in the regular application.
I tried to use this code to check if the paid key is installed:
protected static boolean isProInstalled(Context context) {
PackageManager manager = context.getPackageManager();
if (manager.checkSignatures(context.getPackageName(), "com.myapps.appkey")
== PackageManager.SIGNATURE_MATCH) {
//Pro key installed, and signatures match
return true;
}
return false;
}
It worked on my phone when I installed the two APKs that I exported from Eclipse (I think I exported them. Maybe it was directly with "run"/"debug". I can't remember). But when I uploaded them to Google Play - I got a message from a user that said that he bought the key but the features are still blocked.
Is there something I do wrong? What are those signatures anyway? Does it have anything with the alias and keystore when I export the APKs?
The debug key is the default used when you run from the IDE, so while testing, they both were using the same key. But you signed them with different keys for the store, so the signatures won't match.
As #NobuGames mentioned in the comments, at this point since you already published both apps, you can update the free one to check for the key hash of the paid app using a hard-coded string. This theoretically might make it easier for someone to make a premium-unlocked pirate version of your app, although if they are digging into your source code that far, I suspect they would have succeeded anyway. Think of that as a good problem to have (popular enough app for pirates to spend that much time hacking on yours).
So one of my applications was rejected from the Amazon app store today. The reason was because inside my app, I linked to the paid version of the app on the Android market. Disappointing, but whatever, I guess everyone wants their cut...
So now I'm left having to modify the application to change the Android market link to an Amazon app store link. Not really a big deal except for now if I do that I'm left with a discrepancy when I want to upload a newer version back to the Android market. After all, it would be rather dumb to link someone to the Amazon app store if they purchase the app from the Android market.
Now we all know that it is a pain supporting/managing multiple versions of the same app. Consequently my question becomes how can I link to both at the same time? Is there a way to tell where an app was downloaded from so I can code both links into the app and thus point the user automatically to one or the other? Secondly, is it against the Amazon TOS to give the user a choice (say I pop up a dialog instead and ask the user where to download from)?
Thanks all.
Edit: Direct from Amazon customer service "Re: Link to both markets" (I wish the approval process was as fast as these guys):
For the time being, we need any
linking to point back to the Amazon
Appstore only for market links.
Linking to your website is allowed,
just not other markets.
When pointing to other apps from
within your app, including up-sells,
completion of purchase must be from
the Amazon Appstore.
Good news! Apparently the latest version of the Amazon store finally sets PackageManager.getInstallerPackageName() to "com.amazon.venezia" to contrast with Google Play's "com.android.vending". This will be the easiest way to determine if your app is sideloaded, installed from Amazon, or installed from Google.
Here's what you can do:
Complete the preparation and signing of your application.
Install it on your test device
Use PackageManager.getPackageInfo
How to do this:
public static boolean isMarket(Context context){
boolean isMarketSig = false;
int currentSig = 1;
try {
Signature[] sigs = context.getPackageManager().getPackageInfo(context.getPackageName(), PackageManager.GET_SIGNATURES).signatures;
for (Signature sig : sigs)
{
currentSig = sig.hashCode();
Log.i("MyApp", "Signature hashcode : " + sig.hashCode());
// This Log is for first time testing so you can find out what the int value of your signature is.
}
} catch (Exception e){
e.printStackTrace();
}
//-1545485543 was the int I got from the log line above, so I compare the current signature hashCode value with that value to determine if it's market or not.
if (currentSig==-1545485543){
isMarketSig = true;
} else {
isMarketSig = false;
}
return isMarketSig;
}
public static void openStore(Context context){
if (isMarket(context)){
Intent goToMarket = new Intent(Intent.ACTION_VIEW,Uri.parse("market://d" +
"etails?id=com.jakar.myapp"));
goToMarket.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
context.startActivity(goToMarket);
} else {
Intent goToAppstore = new Intent(Intent.ACTION_VIEW,Uri.parse("http://www.amazon.com/gp/mas/dl/andro" +
"id?p=com.jakar.myapp"));
goToAppstore.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
context.startActivity(goToAppstore);
}
}
Basically, the hashCode() that you get from the app installed on your testing device will be the same one from the market. The hash code from the app store will be different because according to https://developer.amazon.com/help/faq.html, the app store signs the application with a signature specific to your developer account, so that will return a different value that what you actually signed it with.
Note: It works to open the market successfully, but I haven't yet deployed this method on the App Store, so I haven't completely tested it. I am confident it will work, but can make no guarantees, so if you use what I've suggested and it fails, please don't hold me accountable.
You can do the following things:
Check if the device based on its Manufacturer.
For ex: https://developer.amazon.com/sdk/fire/specifications.html
For writing reviews and opening the Amazon App Store use the following intent
amzn://apps/android?p=package_name
where p=Link to the detail page for a specific package name.
Ref: Amazon developer link.
https://developer.amazon.com/sdk/in-app-purchasing/sample-code/deeplink.html
As you said, you could use a boolean and then be forced to build your apps twice, so I bevelive it's not the best way.
The best way is to check if android market is installed and act accordingly: here.
Another even more complex way is to query the name of the installer of your app, using PackageManager.getInstallerPackageName. This needs extra work since the app can be installed by parallel markets even if you are on android device with android market installed, and also you must check if it's installed as debug/development (installer package name is null in this case).
What a hard way to do this. If you just want to open the market url, just check if the intent with the url for android market has any activity that knows how to handle it. If not, open up the amazon appstore with another intent.
/**
* Returns intent that opens app in Google Play or Amazon Appstore
* #param context
* #param packageName
* #return null if no market available, otherwise intent
*/
public static Intent showApp(Activity activity, String packageName)
{
Intent i = new Intent(Intent.ACTION_VIEW);
String url = "market://details?id=" + packageName;
i.setData(Uri.parse(url));
if (isIntentAvailable(activity, i))
{
return i;
}
i.setData(Uri.parse("http://www.amazon.com/gp/mas/dl/android?p=" + packageName));
if (isIntentAvailable(activity, i))
{
return i;
}
return null;
}
public static boolean isIntentAvailable(Context context, Intent intent) {
final PackageManager packageManager = context.getPackageManager();
List<ResolveInfo> list =
packageManager.queryIntentActivities(intent,
PackageManager.MATCH_DEFAULT_ONLY);
return list.size() > 0;
}
Another way is to build using ant. This way you can generate dynamically a java class with constants set to a value that represent the app market, and output different builds with ease. This however takes some learning but when you have it running, it's very easy.
I was also struggling with this, but decided that the instant success I'm seeing with my free app on Amazon warrants the time to create a second set of .apks when I make a new build. I went with the Amazon boolean flag for now, and create one common version, then a version incremented by one for the Amazon market. No other markets demand internal linking, AFAIK.
I eventually intend to code up a market chooser with a slick way to automatically figure out what to do, but there are a lot of variables - not just the market address of one app, but how different markets recognize the company name to find all apps. Some market apps hijack the main Android market protocol (e.g. Appslib and SlideMe if I remember correctly) but don't store the company name the same way. Then you need to decide where upsell links go - to the same market or to a common one (I only submitted my free app to most of the markets I use).
I am waiting for my paid app to be approved, but I am pretty sure it will be worth it to have it available on the Amazon market given how many downloads I've gotten for my free app.
Just refactor most of your project into a Project Library, and then create multiple projects (e.g., for each app store) that have only unique icon and string resources, their own package ID declared in the manifest, and then a main activity that extends the main activity that you have defined in your library.
That way, all the unique URLs can be provided by overriding, in each particular app project's activity, the virtual or abstract methods defined in your library's main activity. The library code that that displays these URLs can obtain them via a polymorphic call to each of those methods.
That way, each such specialized project will be very small, and maintenance will be mainly to your library, as described here:
Multiple Apps with a shared code base
I'm working on an app that extends the functionality of another, existing app. I want to know what the easiest way is to determine, through code, whether the first app is installed, preferably by referencing it by com.whoever.whatever but almost any criteria would be helpful.
android.content.pm.PackageManager mPm = getPackageManager(); // 1
PackageInfo info = mPm.getPackageInfo(pName, 0); // 2,3
Boolean installed = info != null;
Used in an activity, you need a context to get the PackageManager
Throws PackageManager.NameNotFoundException, I guess. check!
pName is something like 'com.yourcompany.appname', the same as the value of 'package' in the manifest of the app
The recommended way is to check whether the other application publishes an Intent. Most Intent are not owned by a particular app, so, say, if you're looking for a program that publishes "sending mail" intent, the program that gets opened may be Gmail application or Yahoo Mail application, depending on the user's choice and what was installed in the system.
You may want to look at this: http://developer.android.com/guide/topics/intents/intents-filters.html
Starting Android 12, this requires android.permission.QUERY_ALL_PACKAGES permission, which Google Play may or may not allow you to have
See more details https://developer.android.com/training/package-visibility