Android + Dropbox SDK + ProGaurd = Frustration

So it's no secret that I have been playing with the Dropbox API for my next Android App (yet to be announced).  In order to interact with Dropbox you have to sign all of your requests with special keys that they provide - if you lose these keys, or someone compromises them -- you are SOL and someone could potentially pretend to be your app.

Java is pretty easy to decompile to pull out constant strings - so how do you combat this? Obfuscation!

The Android SDK (since 2.3?) comes with Progaurd built-in.  Everything you read says its super easy to enable - and works well out of the box.

... maybe so if you aren't using any 3rd party libraries.

ProGaurd does NOT work well out of the box with the Dropbox code and libraries.  Below is my progaurd config that finally produced a usable apk:

-optimizationpasses 5
-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-dontpreverify
-verbose

-dontoptimize

-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class com.android.vending.licensing.ILicensingService
-keep public class * extends org.apache.commons.logging.LogFactory

-libraryjars /Users/npike/Documents/workspace/PicturePushr/lib/apache-mime4j-0.6.jar
-libraryjars /Users/npike/Documents/workspace/PicturePushr/lib/dropbox-client-1.0-SNAPSHOT.jar
-libraryjars /Users/npike/Documents/workspace/PicturePushr/lib/httpmime-4.0.jar
-libraryjars /Users/npike/Documents/workspace/PicturePushr/lib/json_simple-1.1.jar
-libraryjars /Users/npike/Documents/workspace/PicturePushr/lib/signpost-commonshttp4-1.2.1.1.jar
-libraryjars /Users/npike/Documents/workspace/PicturePushr/lib/signpost-core-1.2.1.1.jar

-dontwarn org.apache.commons.logging.LogFactory,org.apache.commons.codec.binary.Base64,net.jcip.annotations.NotThreadSafe,net.jcip.annotations.Immutable,net.jcip.annotations.ThreadSafe

-keepclasseswithmembernames class * {
native ;
}

-keepclasseswithmembernames class * {
public (android.content.Context, android.util.AttributeSet);
}

-keepclasseswithmembernames class * {
public (android.content.Context, android.util.AttributeSet, int);
}

-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}

-keep class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator *;
}


Download

Android Code Snippet: Uploading a file to DropBox with DropBox SDK for Java/Android

I won't cover the code necessary to actually login to dropbox (use their sample app to figure that out!), but just the specific API call to upload a file to Dropbox.

Surprisingly, they dont seem to provide any language specific API information what-so-ever.