Aarogya Setu Android app native code

Overview

Aarogya Setu Android app

alt text

Aarogya Setu is a mobile application developed by the Government of India to connect essential health services with the people of India in our combined fight against COVID-19. The App is aimed at augmenting the initiatives of the Government of India, particularly the Department of Health, in proactively reaching out to and informing the users of the app regarding risks, best practices and relevant advisories pertaining to the containment of COVID-19.

Features

Aarogya Setu mobile application provides the following features:

  • Minimal and simple user interface, which user can get easily acquainted with
  • Scan nearby Aarogya Setu user using BluetoothLE Scanner
  • Advertise to nearby Aarogya Setu user using BluetoothLE GATT Server
  • Update user about nearby activity using Location Service
  • Secure information transfer with SSL Pinning
  • Encrypt any sensitive information
  • Available in 12 different languages
  • Nation wide COVID-19 Statistics
  • Self-Assessment as per MoHFW and ICMR guidelines
  • Emergency Helpline Contact
  • List of ICMR approved labs with COVID-19 testing facilities
  • e-Pass integration

The Aarogya Setu App is being widely used by more than 11 Crore Users. The App has been highly successful in identifying people with high risk of COVID-19 infection and has also played a major role in identifying potential COVID-19 hotspots. In the larger public interest and in order to help the international community in their COVID-19 efforts, the Government of India is opening the source code of this App under Apache License 2.0.

If you find any security issues or vulnerabilities in the code, then you can send the details to us at : [email protected]

If you want to convey any other feedback regarding the App or Code, then you can send it to us at : [email protected]

Setup

Requirements

  • JDK 8
  • Latest Android SDK tools
  • Latest Android platform tools
  • Android SDK 21 or newer
  • AndroidX

Configure

  • ./keystore.properties
  • Firebase - google-services.json

keystore.properties

Setup a keystore.properties at the root folder with following sample detail and your configurations

# Server SSL Keys
ssl_public_key=<Your Public Key>
ssl_backup_key=<Your Backup Key>
ssl_auth_key=<Your Auth Key>
ssl_auth_backup_key=<Your Auth Backup Key>

aws_api_key=<Your AWS Key>
platform_key=android_key

# Android Keystore details
android_alias=YourAndroidAlias
android_keystore=YourAndroidKeyStore
transformation=AES/GCM/NoPadding

# BLE UUIDs
service_uuid=YOURUUID-1234-ABCD-WXYZ-A12B34C56D78
did_uuid=YOURUUID-1234-ABCD-WXYZ-A12B34C56E78
pinger_uuid=YOURUUID-1234-ABCD-WXYZ-A12B34C56F78


# API URLs
webview_url = <Your Web URL>
webview_host = <Your Web Host>
app_host_url = <Your App Host>
auth_host_url = <Your Auth Host>

# API End Points
bulk_upload_api = /api/v1/end/point/1/
register_user_api = /api/v1/end/point/2/
update_fcm_token_api = /api/v1/end/point/3/
check_status_api = /api/v1/end/point/4/
fetch_config_api = /api/v1/end/point/5/
generate_otp_api = endPoint6
validate_otp_api = endPoint7
refresh_auth_token_api = endPoint8
qr_fetch_api = endPoint9
call_us_url=tel:1075
faq_url=<Your URL>
privacy_policy_url=<Your URL>
tnc_url=<Your URL>
verify_app_url=<Your URL>

# APK sign Keystore details:
key_store_cetificate = yourCertificate.jks
key_store_password = yourStorePassword
key_alias = yourAlias
key_password = yourPassword

Firebase and google-services.json

Setup Firebase for the different environment. Download the google-services.json for each of the environments and put it in the corresponding folder.

Debug: ./app/src/debug/google-services.json

Production: ./app/src/google-services.json

Build

./gradlew assembleDebug

Download App

Get it on Google Play

Comments
  • Do Check for Mock Location

    Do Check for Mock Location

    Since there isn't any method called to check whether mock location is enabled or not, hackers/miscreants can use any mock location app to hide their real location and report infection from this fake location. Since the program does not have any checks for Temporary phone numbers , A user could register/login using a temporary phone number hide his location and report a fake covid infection case. adding this simple permission check will prevent this

    public static boolean isMockSettingsON(Context context) { // returns true if mock location enabled, false if not enabled. if (Settings.Secure.getString(context.getContentResolver(), Settings.Secure.ALLOW_MOCK_LOCATION).equals("0")) return false; else return true; }

    opened by dorky-handler 29
  • App doesn't show any warning on connecting with PC by USB (High Priority)

    App doesn't show any warning on connecting with PC by USB (High Priority)

    The app doesn't show any warning or ask for any password if the user connects it with the PC through USB, as there would be the chance of decompiling the app via ADB shell and hacker can apply reversing techniques to alter the various personal credentials which would result in privacy threat or any other crucial threat.

    opened by iamsh4shank 15
  • App config file which is externally unauthorized can be seen..

    App config file which is externally unauthorized can be seen..

    Hello,

    i am able to view the data on here https://fp.swaraksha.gov.in/api/v1/app/config/ It says this error when opening this link on browser

    Unauthorized The server could not verify that you are authorized to access the URL requested. You either supplied the wrong credentials (e.g. a bad password), or your browser doesn't understand how to supply the credentials required.

    I just used my proxy intercept tool to check this and it showed me the data in response code.

    Below are the request and response...

    Request :-

    GET /api/v1/app/config/ HTTP/1.1 pt: 9cf23ec2-d83c-4778-aca5-d7fb64ae1b2d ver: 1047 ver-name: 1.1.3 os: 23 device-type: samsung-SAMSUNG-SM-N910A Content-Type: application/json pt: 9cf23ec2-d83c-4778-aca5-d7fb64ae1b2d ver: 1047 Host: fp.swaraksha.gov.in Connection: close Accept-Encoding: gzip, deflate User-Agent: okhttp/3.14.7

    Response :-

    HTTP/1.1 200 OK Date: Fri, 30 May 2020 19:22:03 GMT Content-Type: application/json Connection: close Server: nginx Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Headers: Authorization, pt, ver, content-type Content-Length: 203

    {"f_upgrade_android":{"min_version":1041,"specific_version":[0]},"is_force_upgrade_required_ios":{"min_version":"0.0","specific_version":["1.5"]},"max_count_read_write":10,"max_data_persisting_days":30}

    opened by Onyx2406 10
  • Build fails because of missing keystore.properties

    Build fails because of missing keystore.properties

    The gradle build of the project looks for a keystore.properties file, which is missing from the checked in codebase.

    def keystorePropertiesFile = rootProject.file("keystore.properties")
    def keystoreProperties = new Properties()
    keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
    

    While the details are mentioned in the readme, please checkin a default file as is which needs to be configured by the developers running the build.

    opened by sudheesh001 10
  • Edit text Full name issue

    Edit text Full name issue

    Full name field does not contain any special character like €,*,%,# etc..

    Use regex and also Add toast message if user try to add special char in full name field.

    opened by JayMoliya33 7
  • Use Aadhaar card scanning as login info [Not an issue]

    Use Aadhaar card scanning as login info [Not an issue]

    Hi There,

    I think, people are not giving the correct info while logging in. I advice to scan Aadhaar card and this info will always be correct. Or else, some how the registered mobile no should get info from Aadhaar server(using an API).

    One more idea can be here is that our testing kits should have hardware inbuilt and we may buy them from medical shops to test. This kit should only be activated only by app by scanning Aadhaar card. So if someone tests +ve then we have the correct info and officials can track them easily.

    -Thanks

    opened by custadian 6
  • App crashed:- When clicks on back button after clearing chat

    App crashed:- When clicks on back button after clearing chat

    Scenario:- App crashed:- When clicks on back button after clearing chat 98661A9B-937D-4D98-A2F4-D94A6CF7BF96_1_105_c

    Steps to reproduce:-

    1. Click on "Access Again" in hompage
    2. Provide the information in chat accordingly
    3. Clear chat clicking on FAB button
    4. Click on tooltip and close the tooltip
    5. Click on Back button in mobile will close the app
    6. Then open the app again

    Actual:- App crashed

    opened by ArjitRout 6
  • Why the native framework is not adopted?

    Why the native framework is not adopted?

    Instead of developing the App for two Platforms with two different codebases, you can have got in one codebase if you have used a framework like flutter. That would be much easier for developers to find a bug and that will be rectified with ease.

    opened by pradpant 6
  • No rate limit on login page.

    No rate limit on login page.

    Hi, there is no rate limit of otp attempts on login page which enables to brute force the 6 digit and takeover the account. Please add rate limit after 3-4 attempts.

    opened by Onyx2406 5
  • Can someone help in setting up this project in my IDE PLEASE

    Can someone help in setting up this project in my IDE PLEASE

    I have been trying to do it for so long but no success. I will close this issue once someone helps me, so please dont comment "No questions in issue"

    opened by divyank00 5
  • [Request] [Feature] Improving battery life through Accelerometer.

    [Request] [Feature] Improving battery life through Accelerometer.

    Almost all modern smartphones have an Accelerometer in them while the phone is set to idle for more than say 10min,

    1. let the Aarogya Setu app daemon go into sleep, to conserver battery power.
    2. But, the daemon only wakes up if it detects any rapid change from the accelerometer or GPS
    3. And then starts doing its business.
    opened by jash-maester 5
  • Unsuccessful account deletion

    Unsuccessful account deletion

    I want to find out if there is a way to delete an account (Name) tied to a number and recreate a different account with the same number.

    I have initially created an account with Name ABC for my number 1234567890. Now I want to delete ABC and create XYZ for that number. I tried deleting the account title from the settings option, but it looks like it isn't deleting the details. When I log in again, it fetches the old information and displays it.

    This is very important as I need to update the account details as my aadhar card is tied to this number, and now I cannot use the aarogya setu app as it shows some others' details.

    It looks like it is just deleting on the front end and not doing it on the backend. Not sure, though. I came to this conclusion because when I click on the delete button, it immediately navigates to the registration flow within a fraction of a second.

    opened by nasreekar 0
  • [Suggestion] Add an option for choosing vaccine other than Covishield, Covaxin

    [Suggestion] Add an option for choosing vaccine other than Covishield, Covaxin

    So my parents are vaccinated with 2 doses of Pfizer which was in USA. Now after 6months visit they are back and the app is asking them to choose amongst: Covishield, Covaxin or Do not know. Instead, it can offer a "Other vaccine" option and subsequently ask the user to type the vaccine name or provide the list of most common vaccines outside of India.

    opened by nivramam 0
  • [BUG] Error in identity validation

    [BUG] Error in identity validation

    If a user is registered as a beneficiary from another mobile number, and then if they try to use the same document validation to check details in their app, wrong details are being displayed.

    For example, my friend adds me as a beneficiary using my Aadhar card details. Now if I try to add myself as a beneficiary in my phone, I can't use my Aadhar Card details on my phone. It shows me wrong details for that, which can lead to confusion.

    opened by dewanshrawat15 0
  • correction in autofill feature of mobile number in Aarogya Setu App

    correction in autofill feature of mobile number in Aarogya Setu App

    Before filling

    1623239085546

    After tapping on the respective phone number

    1623239085535

    • The problem is it not taking the last three characters of the mobile numbers can you pls assign me this task for correction.
    opened by jhonsnow456 1
A Python native extension written in Kotlin Native

Kotlin Python Ext This is a proof of concept for a Python extension in Kotlin. It is recommended to read the Official Python C API Documentation befor

Martmists 20 Jun 22, 2022
Native-loader - Safely load native libraries in Java

Native Loader ??️ Safe native loading in Java based off of the native-loader use

Mixtape 1 Oct 19, 2022
React-native-user-interface - Change React Native userinterface at runtime

react-native-user-interface change RN userinterface at runtime. Installation npm

Ahmed Eid 0 Jan 11, 2022
UML model and code examples of design patterns for Kotlin/Native. The model is created with Astah.

Design Pattern Examples in Kotlin/Native Model and code examples of GoF Design Patterns for Kotlin/Native. This project is available for the following

Takaaki Teshima 3 Jun 27, 2022
Clothes shop native android app

ShopApp I built this clothes shop native android app in which I tried to implement clean architecture principles and use Jetpack Compose to create the

Oucif Mohammed 5 Dec 7, 2022
ShopApp - A Native Android Shop app with kotlin

A Native Android Shop app. Light Theme Dark Theme I've used: Kotlin The MVVM architecture pattern Jetpack Compose Hilt for dependency injectio

null 16 Feb 17, 2022
Third-party native Jellyfin Android app

Findroid Findroid is third-party Android application for Jellyfin that provides a native user interface to browse and play movies and series. I am dev

Jarne Demeulemeester 513 Jan 1, 2023
GamesStore - A Native Android app

GamesStore A Native Android app. This is a small project where I implemented a d

null 16 Nov 15, 2022
Jerboa - A native android app for Lemmy

Jerboa An Android client for Lemmy, a federated reddit alternative Join Lemmy ·

Dessalines 84 Dec 23, 2022
SkillHub - A location based native android app built for the University of Nigeria

SkillHub SkillHub is a location based native android app built for the Universit

Nnamani Chinonso   1 Jan 23, 2022
Native Android App for Women's Soccer News (Women's Month)

Native Android App for Women's Soccer News (Women's Month)

DIO 24 Aug 19, 2022
Android native news App using API from thenewsapi.com and Retrofit Library

FlashBytes-Android-News-App Android Material Design News App using API from https://www.thenewsapi.com/ and Retrofit Library Screen Splash, Onboard Sc

claudysoft 4 Nov 11, 2022
KotlinSample - Template project for building a GTK3 Kotlin/Native app against the elementary Flatpak runtime

GTK3 Kotlin/Native Sample This is a working example of how to write and build a

David Hewitt 10 Dec 5, 2022
🌄 Photo editor using native modules for iOS and Android. Inherit from 2 available libraries, Brightroom (iOS) and PhotoEditor (Android)

React Native Photo Editor (RNPE) ?? Image editor using native modules for iOS and Android. Inherit from 2 available libraries, Brightroom (iOS) and Ph

Baron Ha. 242 Dec 28, 2022
Initiate immediate phone call for React Native on iOS and Android.

react-native-immediate-call-library Initiate immediate phone call for React Native on iOS and Android. Getting started Using npm: npm install react-na

null 7 Sep 7, 2022
A 2020s compatible React Native keyboard avoiding view for Android and iOS that just works.

react-native-keyboard-shift Example Snack coming soon Until then: Clone this repo: git clone https://github.com/FullStackCraft/react-native-keyboard-s

Full Stack Craft 66 Aug 16, 2022
Inspection tools for native android apps

InspectElement This project was just an exercise based on Android Developer Assistant, I have used AccessibilityService for inspecting, You can change

AmirHosseinAghajari 4 Sep 9, 2022
Native android application that scans for text in images. Uses ML kit under the hood.

Scannerate - Ad free Text Recognition Android application built using Kotlin to extract text from images. Uses Google's ML kit library under the hood.

null 24 Dec 1, 2022
⚡️ A supercharged native Web View for iOS and Android ⚡️

⚡️ A supercharged native Web View for iOS and Android ⚡️ Ionic Portals is a supercharged native Web View component for iOS and Android that lets you a

Ionic 46 Dec 27, 2022