docs/dyn/digitalassetlinks_v1.assetlinks.html

<html><body>
<style>

body, h1, h2, h3, div, span, p, pre, a {
  margin: 0;
  padding: 0;
  border: 0;
  font-weight: inherit;
  font-style: inherit;
  font-size: 100%;
  font-family: inherit;
  vertical-align: baseline;
}

body {
  font-size: 13px;
  padding: 1em;
}

h1 {
  font-size: 26px;
  margin-bottom: 1em;
}

h2 {
  font-size: 24px;
  margin-bottom: 1em;
}

h3 {
  font-size: 20px;
  margin-bottom: 1em;
  margin-top: 1em;
}

pre, code {
  line-height: 1.5;
  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}

pre {
  margin-top: 0.5em;
}

h1, h2, h3, p {
  font-family: Arial, sans serif;
}

h1, h2, h3 {
  border-bottom: solid #CCC 1px;
}

.toc_element {
  margin-top: 0.5em;
}

.firstline {
  margin-left: 2 em;
}

.method  {
  margin-top: 1em;
  border: solid 1px #CCC;
  padding: 1em;
  background: #EEE;
}

.details {
  font-weight: bold;
  font-size: 14px;
}

</style>

<h1><a href="digitalassetlinks_v1.html">Digital Asset Links API</a> . <a href="digitalassetlinks_v1.assetlinks.html">assetlinks</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
  <code><a href="#check">check(source_androidApp_packageName=None, source_web_site=None, target_androidApp_packageName=None, source_androidApp_certificate_sha256Fingerprint=None, SHA256=None, relation=None, target_web_site=None, target_androidApp_certificate_sha256Fingerprint=None, SHA256=None, x__xgafv=None)</a></code></p>
<p class="firstline">Determines whether the specified (directional) relationship exists between</p>
<h3>Method Details</h3>
<div class="method">
    <code class="details" id="check">check(source_androidApp_packageName=None, source_web_site=None, target_androidApp_packageName=None, source_androidApp_certificate_sha256Fingerprint=None, SHA256=None, relation=None, target_web_site=None, target_androidApp_certificate_sha256Fingerprint=None, SHA256=None, x__xgafv=None)</code>
  <pre>Determines whether the specified (directional) relationship exists between
the specified source and target assets.

The relation describes the intent of the link between the two assets as
claimed by the source asset.  An example for such relationships is the
delegation of privileges or permissions.

This command is most often used by infrastructure systems to check
preconditions for an action.  For example, a client may want to know if it
is OK to send a web URL to a particular mobile app instead. The client can
check for the relevant asset link from the website to the mobile app to
decide if the operation should be allowed.

A note about security: if you specify a secure asset as the source, such as
an HTTPS website or an Android app, the API will ensure that any
statements used to generate the response have been made in a secure way by
the owner of that asset.  Conversely, if the source asset is an insecure
HTTP website (that is, the URL starts with `http://` instead of
`https://`), the API cannot verify its statements securely, and it is not
possible to ensure that the website&#x27;s statements have not been altered by a
third party.  For more information, see the [Digital Asset Links technical
design
specification](https://github.com/google/digitalassetlinks/blob/master/well-known/details.md).

Args:
  source_androidApp_packageName: string, Android App assets are naturally identified by their Java package name.
For example, the Google Maps app uses the package name
`com.google.android.apps.maps`.
REQUIRED
  source_web_site: string, Web assets are identified by a URL that contains only the scheme, hostname
and port parts.  The format is

    http[s]://&lt;hostname&gt;[:&lt;port&gt;]

Hostnames must be fully qualified: they must end in a single period
(&quot;`.`&quot;).

Only the schemes &quot;http&quot; and &quot;https&quot; are currently allowed.

Port numbers are given as a decimal number, and they must be omitted if the
standard port numbers are used: 80 for http and 443 for https.

We call this limited URL the &quot;site&quot;.  All URLs that share the same scheme,
hostname and port are considered to be a part of the site and thus belong
to the web asset.

Example: the asset with the site `https://www.google.com` contains all
these URLs:

  *   `https://www.google.com/`
  *   `https://www.google.com:443/`
  *   `https://www.google.com/foo`
  *   `https://www.google.com/foo?bar`
  *   `https://www.google.com/foo#bar`
  *   `https://user@password:www.google.com/`

But it does not contain these URLs:

  *   `http://www.google.com/`       (wrong scheme)
  *   `https://google.com/`          (hostname does not match)
  *   `https://www.google.com:444/`  (port does not match)
REQUIRED
  target_androidApp_packageName: string, Android App assets are naturally identified by their Java package name.
For example, the Google Maps app uses the package name
`com.google.android.apps.maps`.
REQUIRED
  source_androidApp_certificate_sha256Fingerprint: string, The uppercase SHA-265 fingerprint of the certificate.  From the PEM
 certificate, it can be acquired like this:

    $ keytool -printcert -file $CERTFILE | grep SHA256:
    SHA256: 14:6D:E9:83:C5:73:06:50:D8:EE:B9:95:2F:34:FC:64:16:A0:83: \
        42:E6:1D:BE:A8:8A:04:96:B2:3F:CF:44:E5

or like this:

    $ openssl x509 -in $CERTFILE -noout -fingerprint -sha256
    SHA256 Fingerprint=14:6D:E9:83:C5:73:06:50:D8:EE:B9:95:2F:34:FC:64: \
        16:A0:83:42:E6:1D:BE:A8:8A:04:96:B2:3F:CF:44:E5

In this example, the contents of this field would be `14:6D:E9:83:C5:73:
06:50:D8:EE:B9:95:2F:34:FC:64:16:A0:83:42:E6:1D:BE:A8:8A:04:96:B2:3F:CF:
44:E5`.

If these tools are not available to you, you can convert the PEM
certificate into the DER format, compute the SHA-256 hash of that string
and represent the result as a hexstring (that is, uppercase hexadecimal
representations of each octet, separated by colons).
  relation: string, Query string for the relation.

We identify relations with strings of the format `&lt;kind&gt;/&lt;detail&gt;`, where
`&lt;kind&gt;` must be one of a set of pre-defined purpose categories, and
`&lt;detail&gt;` is a free-form lowercase alphanumeric string that describes the
specific use case of the statement.

Refer to [our API documentation](/digital-asset-links/v1/relation-strings)
for the current list of supported relations.

For a query to match an asset link, both the query&#x27;s and the asset link&#x27;s
relation strings must match exactly.

Example: A query with relation `delegate_permission/common.handle_all_urls`
matches an asset link with relation
`delegate_permission/common.handle_all_urls`.
  target_web_site: string, Web assets are identified by a URL that contains only the scheme, hostname
and port parts.  The format is

    http[s]://&lt;hostname&gt;[:&lt;port&gt;]

Hostnames must be fully qualified: they must end in a single period
(&quot;`.`&quot;).

Only the schemes &quot;http&quot; and &quot;https&quot; are currently allowed.

Port numbers are given as a decimal number, and they must be omitted if the
standard port numbers are used: 80 for http and 443 for https.

We call this limited URL the &quot;site&quot;.  All URLs that share the same scheme,
hostname and port are considered to be a part of the site and thus belong
to the web asset.

Example: the asset with the site `https://www.google.com` contains all
these URLs:

  *   `https://www.google.com/`
  *   `https://www.google.com:443/`
  *   `https://www.google.com/foo`
  *   `https://www.google.com/foo?bar`
  *   `https://www.google.com/foo#bar`
  *   `https://user@password:www.google.com/`

But it does not contain these URLs:

  *   `http://www.google.com/`       (wrong scheme)
  *   `https://google.com/`          (hostname does not match)
  *   `https://www.google.com:444/`  (port does not match)
REQUIRED
  target_androidApp_certificate_sha256Fingerprint: string, The uppercase SHA-265 fingerprint of the certificate.  From the PEM
 certificate, it can be acquired like this:

    $ keytool -printcert -file $CERTFILE | grep SHA256:
    SHA256: 14:6D:E9:83:C5:73:06:50:D8:EE:B9:95:2F:34:FC:64:16:A0:83: \
        42:E6:1D:BE:A8:8A:04:96:B2:3F:CF:44:E5

or like this:

    $ openssl x509 -in $CERTFILE -noout -fingerprint -sha256
    SHA256 Fingerprint=14:6D:E9:83:C5:73:06:50:D8:EE:B9:95:2F:34:FC:64: \
        16:A0:83:42:E6:1D:BE:A8:8A:04:96:B2:3F:CF:44:E5

In this example, the contents of this field would be `14:6D:E9:83:C5:73:
06:50:D8:EE:B9:95:2F:34:FC:64:16:A0:83:42:E6:1D:BE:A8:8A:04:96:B2:3F:CF:
44:E5`.

If these tools are not available to you, you can convert the PEM
certificate into the DER format, compute the SHA-256 hash of that string
and represent the result as a hexstring (that is, uppercase hexadecimal
representations of each octet, separated by colons).
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response message for the CheckAssetLinks call.
    &quot;maxAge&quot;: &quot;A String&quot;, # From serving time, how much longer the response should be considered valid
        # barring further updates.
        # REQUIRED
    &quot;errorCode&quot;: [ # Error codes that describe the result of the Check operation.
      &quot;A String&quot;,
    ],
    &quot;linked&quot;: True or False, # Set to true if the assets specified in the request are linked by the
        # relation specified in the request.
    &quot;debugString&quot;: &quot;A String&quot;, # Human-readable message containing information intended to help end users
        # understand, reproduce and debug the result.
        #
        #
        # The message will be in English and we are currently not planning to offer
        # any translations.
        #
        # Please note that no guarantees are made about the contents or format of
        # this string.  Any aspect of it may be subject to change without notice.
        # You should not attempt to programmatically parse this data.  For
        # programmatic access, use the error_code field below.
  }</pre>
</div>

</body></html>