Android Crash Course by Kevin McMahon

Guides, Tutorials and Links

Developer Site Official Android Training Site 31 Days of Android Google I/O Sessions The World of ListViews REST Webservices Android Developer Tools Android Pro Tips Memory Management for Android Apps AppDevWiki - Android Frameworks Android Toolbox What New Android Developers Need to Know Vogella Tutorials Understanding LinearLayouts and Gravity

Open Source Apps

Github for Android Gaug.es

Quick Refresh of Android System Stack

What is Android Application Framework Dalvik Virtual Machine Customized Linux kernel Optimized OpenGL graphics Rich development environment Dalvik runs multiple VMs efficiently requires a .class to .dex transformation JIT (as of Android 2.2) Each Android Application:

1. Runs in their own process 2. Runs on their own VM Native

Android Application Concepts

Activities orchestrates user interface views apps are composed of 1-to-n number of activities one activity required to be marked as main and shown first upon launch each activity is given a default window to draw in. contents of the window is provided by a hierarchy of views Services headless activities similar to traditional services in Unix and Windows environments possible to bind to an ongoing service and communicate via exposed interface runs in main application process but doesnt block other components or UI Content Providers provides a contract/API for accessing data that an app exposes controlled access to data contacts, music, video, pictures, etc Intents Eventing mechanism Intent objects are passive data that is of interest to the component that is receiving the intent Filterable Resources Images, layout descriptions, binary blobs and string dictionaries Abstraction layer which helps decouples code Makes managing assets easier Localization Multiple displays Different hardware configurations Fragments

A self-contained component with its own UI and lifecycle. Can be reused in different parts of an applications user interface depending on the desired UI flow for a particular device or screen. Can be thought of as a mini-activity First introduced in Android 3.0 Honeycomb but backwards compatibility via support library exists. Android Fragment Transactions

Android Life Cycle

You have to know this cold Application Activity Saving and restoring state Impact on fragments Fragment life cycle

Android Project Setup and Configuration

What API Level Should I Target?

UI View Components
View Hierarchies
Tree of elements compose views XML lends itself nicely Root View DecorView (internal class but represents the devices viewport) Typical setup FrameLayout LinearLayout with multiple FrameLayouts (title bar in one, screen other) Most important node is the FrameLayout w/ id/content Content View setContentView() replaces everything under the current content node with tree

view specified Process of loading and merging called layout inflation Not directly from XML but from the binary format Android creates during build after inflation the views are added to rendering chain and can be drawn Rendering of Views Done in two passes measuring layout Best Practices Draw only what is necessary use ViewStub Toggle visibility: View.GONE, View.INVISIBLE, View.VISIBLE Avoid clutter reduce and simplify clean layouts are better for users and better for performance Reuse Views cache ViewHolder Avoid excessive nesting Leverage RelativeLayouts Avoid duplication by using these tags: <include /> <merge />

Arranging Layouts
layouts vs. layout managers layouts == XML layout managers == ViewGroups classes android.View android.Widget layout attributes and parameters

attributes two different types of attributes view class view parent class (layout managers) Example: TextView class attribute : android:text parent attribute : android:padding Find all of them here: android.R.attr parameters width and height MUST always be present on any Android view can take specific values (100px, 100dp, 100sp) can take special values fill_parent (match_parent) : take as much room as possible wrap_content : take only what you need margin and padding ids + means create this id if you havent already

4 main layout managers

FrameLayout Everything top left stacked on top of each other LinearLayout supports horiz (default) or vert orientation respects order of elements RelativeLayout layout elements relative to each other example: android:layout_rightOf TableLayout

LinearLayout child adds TableRow container to hold table cells each cell must be an individual view which can be layout manager or view group

Security
Linux Security Model
users (UID) and groups (GID) concept permissions if you are not explicitly granted the permission, you dont have it permissions are assigned to each resource resources are typically files defined owner for each resource (UID) defined groupd for each resource (GID) each resource has 3 sets of permissions: owner, group, and world 1 File : RWX for Owner, RWX for Group, RWX for World

Android Security Model

based on Linux so it follows that the Linux model underlies when app is installed new UID is created for the app and applied to app resources (in the Linux sense) Isolation == Separation of Control (SoC) SoC : all data stored by app are given full permissions associated to the app UID and no permissions otherwise UIDs are unique to the device. Same app on two different phones have no guarantee that they have the same UID You can: run other components under the same UID store data on removable media (SD cards) BUT: erodes SoC

Android File System Isolation

data stored : /data/data/app_package_name inside that directory : ./files directory is created and assigned UID and full permissions of the app as app is owner isolation By default, when new files are created, permissions are set to give the apps UID full control no other permissions are set Four caveats apps that run with the same UID can access each others files root UID can access ANY files on the device data written to external storage (aka SD cards) dont use the Linux permissions-based controls. (data on SD is accessible by anyone) developers CAN change permissions on the files and make them available to others when you create a file, you can modify that default by supplying one or more of the filesystem permission flags to the openFileOutput() method call. MODE_PRIVATE (DEFAULT) MODE_WORLD_WRITABLE (All apps can write to this file) MODE_WORLD_READABLE (All apps can read this file) code: OutputStreamWriter out = new OutputStreamWriter(openFileOutput(scores, MODE_WORLD_READABLE | MODE_WORLD_WRITEABLE)); Rule of Thumb : assign app resources such as files, in this case, just enough permissions to do what needs to be done and no more.

Application Signing, Attribution and Attestation

Apps must be digitally signed before installation on device Why? identifies who created the app allows apps signed by the same creator to interact with each other at a higher degree Digital Signature cryptographic construct that a developer applies to software to prove that they wrote it. tech version of your hand-written signature

made possible by two things: digital certificate identifies each developer (your development drivers license private key (effectively a really long and random number) digital certs provided by a CA (DMV in the license metaphor) will have to prove who you say you are can tell that multiple pieces of software are from same digital certificate can identify who wrote it because cert is assocated to identify via the CA self-signed certificate (wax seal). dont have to prove identify can tell that multiple pieces of software are from same digital certificate cannot associate identity to cert apps DO NOT require certs that are provided from a CA Debug Signing : APK generated signed with debug key/certificate with default debug credentials created when Android SDK installed Release Signing : APK created unsigned and then ADT tool jarsigner used to sign with release credentials you can shareUserId between apps and subsequently share data access Components in the same package can run in separate processes allows components that are part of different apps but written by the same developer to run in the same process, lets components that are part of the same app to run in different processes. Components can run in separate, private process android:process=:com.example.processIdNumber5 (the colon makes it private) prevents other components from sharing process if component crashes, wont crash other components. (isolation)

Android Preferences and Database Isolation

SharedPreferences KVP primitives

SharedPreferences object in app is a representation of an XML file on the file system stored in ./shared_prefs directory under /data/data/app_package_name directory getSharedPreferences() method takes same args as openFileOutput() so same file permissions apply SQLite more structured data than KVP or flat files stored in the ./databases openOrCreateDatabase() have same args as openFileOutput() and getSharedPreferences()

Application Permissions
Uses install-time permission request model app specifies in manifest which of these permissions it requires

Steps to Manually Build a Release APK

1. Generate Release Key $ keytool -genkey -v -keystore sampleapp.keystore -alias sampleapp -keyalg RSA -keysize 2048 -validity 10000 2. Build in release mode $ ant release 3. Sign and Verify $ jarsigner -verbose -keystore keystore/sampleapp.keystore bin/sampleapp-release-unsigned.apk sampleapp $ jarsigner -verbose -verify bin/sampleapp-releaseunsigned.apk 4. Zipalign $ zipalign -v 4 sampleapp-release-unsigned.apk sampleapprelease.apk

Resources
Android Bootstrap Project - A template/bootstrap/boilerplate application that includes tons of great open source tools and frameworks.

Tools
SDK Tools (most useful tools in bold) android : Manages Android virtual devices (AVD) which the emulator uses, creates/updates projects and libraries, updates the SDK components ddms : provides port-forwarding services, screen capture on the device, thread and heap information on the device, logcat, process, and radio state information, incoming call and SMS spoofing, location data spoofing, and more. dmtracedump : gives you an alternate way of generating graphical call-stack diagrams from trace log files. draw9patch : Tool which allows you to easily create a ninepatch graphic using a WYSIWYG editor. emulator : A virtual mobile device that runs on your computer. The emulator lets you develop and test Android applications without using a physical device. hierarchyviewer : Allows you to debug and optimize your user interface. hprof-conv : Tool that converts the HPROF file that is generated by the Android SDK tools to a standard format so you can view the file in a profiling tool of your choice. mksdcard : Tool that lets you quickly create a FAT32 disk image that you can load in the emulator, to simulate the presence of an SD card in the device. monkey : A program that runs on your emulator or device and generates pseudorandom streams of user events such as clicks, touches, or gestures, as well as a number of system-level events. monkey runner : A tool provides an API for writing programs that control an Android device or emulator from outside of Android code. Not related to the monkey tool mentioned above. traceview : Graphical viewer for execution logs saved by your application. Build Tools Android Development Tools (ADT)

Includes the tools that compile, transform and package your Android code. Tools used in this process include : aidl,aapt,dexdump,dx proguard : ProGuard tool shrinks, optimizes, and obfuscates your code by removing unused code and renaming classes, fields, and methods with semantically obscure names. lint : Scans Android project sources for potential bugs. zipalign : Archive alignment tool that provides important optimization to Android application (.apk) files. Platform Tools adb : Android Debug Bridge (adb) is a versatile command line tool that lets you communicate with an emulator instance or connected Android-powered device. logcat : The Android logging system provides a mechanism for collecting and viewing system debug output. IDEs Intellij Eclipse

Packaging
Maven with Android Maven Plugin Good Intro to Maven series Gradle with Android Gradle Plugin

Bootstrap
Android Bootstrap Project : A collection of the most popular and useful Android frameworks that form a basic skeleton for a modern Android app.

Key Development Frameworks

RoboGuice Ignition ActionBarSherlock

ViewPagerIndicator Android Compatibility Library Otto - Event Bus

Testing Frameworks
Robolectric Robotium Eggplant