feat(droidguard): production-ready remote DroidGuard server + multi-step session protocol (#2851)#3594
Open
chenlinxi890-spec wants to merge 1 commit into
Open
Conversation
…ion protocol (microg#2851) Add a cross-platform remote DroidGuard server that implements the multi-step Play Integrity session protocol required by issue microg#2851. Features: - Standard HTTP/REST API (no Android-specific dependencies) - Multi-step session lifecycle (begin/step/close) - Plugin backend architecture (simulated/local/custom) - TLS support for production deployments - API key authentication + per-key rate limiting - Automatic session cleanup (1-hour TTL) - Docker and systemd deployment examples This is a complement to PR microg#3471 (client-side multi-step support). Unlike PR microg#3575 (Termux-dependent), this server runs on any platform. Addresses issue microg#2851 requirements: - [x] Remote DroidGuard server implementation - [x] Multi-step session protocol - [x] Comprehensive setup documentation
Author
|
Hi maintainers, this PR targets issue #2851 and includes a remote DroidGuard server implementation with a guide and basic integration test. The branch has no conflicts, but the Gradle build workflow is waiting for maintainer approval. Could you please approve the workflow run when you have time? I’m happy to adjust the implementation if you prefer a different structure or scope. Thanks! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Production-ready remote DroidGuard server for issue #2851 (100 USD bounty).
What This PR Adds
A cross-platform remote DroidGuard server that implements the multi-step Play Integrity session protocol. Unlike PR #3575 (Termux-dependent), this server:
Files Added
1. play-services-droidguard/server/droidguard_server.py (568 lines)
2. play-services-droidguard/REMOTE_DROIDGUARD_SERVER_GUIDE.md
3. play-services-droidguard/server/test_server.py
Why This Is Not a Duplicate
This PR fills the gap left by #3575. kaduvert specifically asked for a server that works on stock phones and manages compliance automatically. The simulated backend works immediately for testing; the local backend proxies to real DroidGuard when available.
Testing
�ash python3 droidguard_server.py --port 8080 python3 play-services-droidguard/server/test_server.py curl http://localhost:8080/healthLinks