xref: /aosp_15_r20/external/mobile-data-download/proto/download_config.proto (revision 6fa6b5e213d87a73421ed761ee7d492115d5f98c) 
1// Copyright 2022 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//      http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14syntax = "proto2";
15
16package mdi.download;
17
18import "google/protobuf/any.proto";
19import "transform.proto";
20
21option java_package = "com.google.mobiledatadownload";
22option java_outer_classname = "DownloadConfigProto";
23option objc_class_prefix = "Icing";
24
25// The top-level proto for Mobile Data Download (<internal>).
26message DownloadConfig {
27  repeated DataFileGroup data_file_group = 1;
28
29  reserved 2;
30}
31
32// HTTP headers are described in https://tools.ietf.org/html/rfc7230#section-3.2
33// as key:value, where the value may have a whitespace on each end.
34message ExtraHttpHeader {
35  optional string key = 1;
36  optional string value = 2;
37}
38
39// A FileGroup is a set of files that should be atomically updated.
40// Next id: 29
41message DataFileGroup {
42  // Unique name to identify the group. It should be unique per owner package.
43  // In GMSCore, use the module name as the prefix of the group name.
44  //
45  // Ex: A group name in mdisync module could be named: mdisync-profile-photos.
46  //
47  // This shouldn't ideally be something like "config", and
48  // instead should better define the feature it will be used for.
49  //
50  // Ex: "icing-language-detection-model", "smart-action-detection-model"
51  //
52  // IMPORTANT: this group name will be logged to clearcut, and must never
53  // contain PII.
54  optional string group_name = 1;
55
56  // The name of the package that owns this group. If this field is left empty,
57  // the owner is assumed to be the package name of the host app.
58  //
59  // The files will only be downloaded onto the device if the owner package is
60  // present on the device.
61  //
62  // Ex: "com.google.android.gms", "com.google.android.apps.bugle"
63  optional string owner_package = 6;
64
65  // Client set version number used to identify the file group.
66  //
67  // Note that this does not uniquely identify the contents of the file group.
68  // It simply reflects a snapshot of client config changes.
69  // For example: say there's a file group 'language-detector-model' that
70  // downloads a different file per user locale.
71  // data_file_group {
72  //   file_group_name = 'language-detector-model'
73  //   file_group_version_number = 1
74  //   file {
75  //      url = 'en-model'
76  //   }
77  // }
78  // data_file_group {
79  //   file_group_name = 'language-detector-model'
80  //   file_group_version_number = 1
81  //   file {
82  //      url = 'es-model'
83  //   }
84  // }
85  // Note that even though the actual contents of the file group are different
86  // for each locale, the version is the same because this config was pushed
87  // at the same snapshot.
88  //
89  // Available GMS v18+.
90  optional int32 file_group_version_number = 10;
91
92  reserved 20;
93
94  // Custom metadata attached to the file group.
95  //
96  // This allows clients to include specific metadata about the group for their
97  // own processing purposes. The metadata will be stored with the group and
98  // accessible when the file group is retrieved.
99  //
100  // This property should only be used if absolutely necessary. Please consult
101  // with <internal>@ if you have questions about this property or a potential
102  // use-case.
103  //
104  // Available for aMDD Lib only.
105  optional google.protobuf.Any custom_metadata = 27;
106
107  reserved 22;
108
109  reserved 21;
110
111  enum AllowedReaders {
112    ALL_GOOGLE_APPS = 0;
113    ONLY_GOOGLE_PLAY_SERVICES = 1;
114    ALL_APPS = 2;
115  }
116
117  // Defines who is allowed to read this file group. Currently the options are:
118  //
119  // ALL_GOOGLE_APPS: accessible to all Google 1p Apps.
120  // ONLY_GOOGLE_PLAY_SERVICES: accessible to only GMS Core.
121  //
122  // If this field is not explicitly set it defaults to "ALL_GOOGLE_APPS".
123  //
124  // Available GMS v20+.
125  optional AllowedReaders allowed_readers_enum = 12;
126
127  // Length of time (in seconds) for which a file group version will live after
128  // a newer version became fully downloaded. Clients should set this time
129  // to be more than the time in which they call MDD to refresh their data.
130  // NOTE: MDD will delete the file group version within a day of this time.
131  // Ex: 172800  // 2 Days
132  optional int64 stale_lifetime_secs = 3;
133
134  // The timestamp at which this filegroup should be deleted specified in
135  // seconds since epoch. This is a hard deadline and can be applied to file
136  // groups still in the ACTIVE state. If the value is 0, that is the same as
137  // unset (no expiration). Expiration is performed at next cleanup time, which
138  // is typically daily. Therefore, file groups may remain even after expired,
139  // and may do so indefinitely if cleanup is not scheduled.
140  //
141  // NOTE this is not the way to delete a file group. For example, setting an
142  // expiration date in the past will fail, potentially leaving an unexpired
143  // file group in place indefinitely. Use the MDD removeFileGroup API for that
144  // on device. From the server, the way to delete a file group is to add a new
145  // one with the same name, but with no files (this functions as a tombstone).
146  //
147  // NOTE b/252890898 for behavior on CastOS (cMDD)
148  // NOTE b/252885626 for missing support for delete in MobServe Ingress
149  optional int64 expiration_date = 11;
150
151  // Specify the conditions under which the file group should be downloaded.
152  optional DownloadConditions download_conditions = 13;
153
154  // Setting this flag to true will mean that the downloaded files will appear
155  // to be in a directory by themselves.
156  // The file name/file path of the exposed file will be the filename set in the
157  // file.relative_file_path field, OR if that field is empty, the file name
158  // from the file.url_to_download field. This enables downloaded files to refer
159  // to each other by name.
160  // It's invalid to set this flag to true if two files end up with the same
161  // file path.
162  // Valid on iOS, cMDD, and aMDD.
163  //
164  // NOTE: For aMDD, this feature is not available if Android Blob Sharing is
165  // enabled or if using an API level below 21 (L). If either case is true, this
166  // option will be ignored.
167  optional bool preserve_filenames_and_isolate_files = 14;
168
169  // List of files in the group.
170  repeated DataFile file = 2;
171
172  // Tag for the network traffic to download this file group.
173  // Tag space is determined by the host app.
174  // For Gmscore, the tag should come from:
175  // <internal>
176  optional int32 traffic_tag = 16;
177
178  // Extra HTTP headers to apply when downloading all files in the group.
179  repeated ExtraHttpHeader group_extra_http_headers = 17;
180
181  reserved 19;
182
183  // Unique identifier of a DataFileGroup config (i.e. a "snapshot") created
184  // when using MDD Ingress API.
185  optional int64 build_id = 23;
186
187  // A fingerprint allowing clients to identify a DataFileGroup
188  // config based on a given set of properties (i.e. a "partition" of
189  // any file group properties). This can be used by clients as an exact match
190  // for a class of DataFileGroups during targeting or as a compatibility check.
191  optional string variant_id = 26;
192
193  // The locales compatible with the file group. This can be different from the
194  // device locale.
195  //
196  // Values in this list may be exact locales (e.g. "en-US") or language-only
197  // ("en-*").
198  // Example 1: locale = ["en-US"]; // compatible with "en-US" only
199  // Example 2: locale = ["en-US", "en-CA"]; // compatible with "en-US" or
200  //                                         // "en-CA"
201  // Example 3: locale = ["en-*"]; // compatible with all "en" locales
202  repeated string locale = 25;
203
204  reserved 28;
205
206  reserved 4, 5, 7, 8, 9, 15, 18, 24, 248813966 /*aMDD extension*/,
207      248606552 /*cMDD extension*/;
208}
209
210// A data file represents all the metadata to download the file and then
211// manage it on the device.
212// Next tag: 22
213//
214// This should not contain any fields that are marked internal, as we compare
215// the protos directly to decide if it is a new version of the file.
216// LINT.IfChange(data_file)
217message DataFile {
218  // A unique identifier of the file within the group, that can be used to
219  // get this file from the group.
220  // Ex: "language-detection-model"
221  optional string file_id = 7;
222
223  // Url from where the file is to be downloaded.
224  // Ex: https://www.gstatic.com/group-name/model_1234.zip
225  optional string url_to_download = 2;
226
227  // Exact size of the file. This is used to check if there is space available
228  // for the file before scheduling the download.
229  // The byte_size is optional. If not set, MDD will not be able check the space
230  // available before schedulding the download.
231  optional int32 byte_size = 4;
232
233  // Enum for checksum types.
234  // NOTE: do not add any new checksum type here, older MDD versions would break
235  // otherwise.
236  enum ChecksumType {
237    // Default checksum is SHA1.
238    DEFAULT = 0;
239
240    // No checksum is provided.
241    // This is NOT currently supported by iMDD. Please contact <internal>@ if you
242    // need this feature.
243    NONE = 1;
244
245    // This is currently only supported by cMDD. If you need it for Android or
246    // iOS, please contact MDD team <internal>@.
247    SHA256 = 2;
248  }
249
250  optional ChecksumType checksum_type = 15;
251
252  // SHA1 checksum to verify the file before it can be used. This is also used
253  // to de-duplicate files between different groups.
254  // For most files, this will be the checksum of the file being downloaded.
255  // For files with download_transform, this should contain the transform of
256  // the file after the transforms have been applied.
257  // The checksum is optional. If not set, the checksum_type must be
258  // ChecksumType.NONE.
259  optional string checksum = 5;
260
261  // The following are <internal> transforms to apply to the downloaded files.
262  // Transforms are bi-directional and defined in terms of what they do on
263  // write. Since these transforms are applied while reading, their
264  // directionality is reversed. Eg, you'll see 'compress' to indicate that the
265  // file should be decompressed.
266
267  // These transforms are applied once by MDD after downloading the file.
268  // Currently only compress is available.
269  // Valid on Android. iOS support is tracked by b/118828045.
270  optional mobstore.proto.Transforms download_transforms = 11;
271
272  // If DataFile has download_transforms, this field must be provided with the
273  // SHA1 checksum of the file before any transform are applied. The original
274  // checksum would also be checked after the download_transforms are applied.
275  optional string downloaded_file_checksum = 14;
276
277  // Exact size of the downloaded file. If the DataFile has download transforms
278  // like compress and zip, the downloaded file size would be different than
279  // the final file size on disk. Client could use
280  // this field to track the downloaded file size and calculate the download
281  // progress percentage. This field is not used by MDD currently.
282  optional int32 downloaded_file_byte_size = 16;
283
284  // These transforms are evaluated by the caller on-the-fly when reading the
285  // data with MobStore. Any transforms installed in the caller's MobStore
286  // instance is available.
287  // Valid on Android and cMDD. iOS support is tracked by b/118759254.
288  optional mobstore.proto.Transforms read_transforms = 12;
289
290  // List of delta files that can be encoded and decoded with base files.
291  // If the device has any base file, the delta file which is much
292  // smaller will be downloaded instead of the full file.
293  // For most clients, only one delta file should be enough. If specifying
294  // multiple delta files, they should be in a sequence from the most recent
295  // base file to the oldest.
296  // This is currently only supported on Android.
297  repeated DeltaFile delta_file = 13;
298
299  enum AndroidSharingType {
300    // The dataFile isn't available for sharing.
301    UNSUPPORTED = 0;
302
303    // If sharing with the Android Blob Sharing Service isn't available, fall
304    // back to normal behavior, i.e. download locally.
305    ANDROID_BLOB_WHEN_AVAILABLE = 1;
306  }
307
308  // Defines whether the file should be shared and how.
309  // NOTE: currently this field is only used by aMDD and has no effect on iMDD.
310  optional AndroidSharingType android_sharing_type = 17;
311
312  // Enum for android sharing checksum types.
313  enum AndroidSharingChecksumType {
314    NOT_SET = 0;
315
316    // If the file group should be shared through the Android Blob Sharing
317    // Service, the checksum type must be set to SHA256.
318    SHA2_256 = 1;
319  }
320
321  optional AndroidSharingChecksumType android_sharing_checksum_type = 18;
322
323  // Checksum used to access files through the Android Blob Sharing Service.
324  optional string android_sharing_checksum = 19;
325
326  // Relative file path and file name to be preserved within the parent
327  // directory when creating symlinks for the file groups that have
328  // preserve_filenames_and_isolate_files set to true.
329  // This filename should NOT start or end with a '/', and it can not contain
330  // the substring '..'.
331  // Working example: "subDir/FileName.txt".
332  optional string relative_file_path = 20;
333
334  // Custom metadata attached to the file.
335  //
336  // This allows clients to include specific metadata about the file for their
337  // own processing purposes. The metadata will be stored with the file and
338  // accessible when the file's file group is retrieved.
339  //
340  // This property should only be used if absolutely necessary. Please consult
341  // with <internal>@ if you have questions about this property or a potential
342  // use-case.
343  //
344  // Available for aMDD Lib only.
345  optional google.protobuf.Any custom_metadata = 21;
346
347  reserved 1, 3, 6, 8, 9;
348}
349// LINT.ThenChange(
350//     <internal>,
351//     <internal>)
352
353// A delta file represents all the metadata to download for a diff file encoded
354// based on a base file
355// LINT.IfChange(delta_file)
356message DeltaFile {
357  // These fields all mirror the similarly-named fields in DataFile.
358  optional string url_to_download = 1;
359  optional int32 byte_size = 2;
360  optional string checksum = 3;
361
362  // Enum of all diff decoders supported
363  enum DiffDecoder {
364    // Default to have no diff decoder specified, will thrown unsupported
365    // exception
366    UNSPECIFIED = 0;
367
368    // VcDIFF decoder
369    // Generic Differencing and Compression Data Format
370    // For more information, please refer to rfc3284
371    // The VcDiff decoder for GMS service:
372    // <internal>
373    VC_DIFF = 1;
374  }
375  // The diff decoder used to generate full file with delta and base file.
376  // For MDD as a GMS service, a VcDiff decoder will be registered and injected
377  // in by default. Using MDD as a library, clients need to register and inject
378  // in a VcDiff decoder, otherwise, an exception will be thrown.
379  optional DiffDecoder diff_decoder = 5;
380
381  // The base file represents to a full file on device. It should contain the
382  // bare minimum fields of a DataFile to identify a DataFile on device.
383  optional BaseFile base_file = 6;
384
385  reserved 4;
386}
387// LINT.ThenChange(
388//     <internal>,
389//     <internal>)
390
391message BaseFile {
392  // SHA1 checksum of the base file to identify a file on device. It should
393  // match the checksum field of the base file used to generate the delta file.
394  optional string checksum = 1;
395}
396
397// LINT.IfChange
398// Next id: 5
399message DownloadConditions {
400  // TODO(b/143548753): The first value in an enum must have a specific prefix.
401  enum DeviceStoragePolicy {
402    // MDD will block download of files in android low storage. Currently MDD
403    // doesn't delete the files in case the device reaches low storage
404    // after the file has been downloaded.
405    BLOCK_DOWNLOAD_IN_LOW_STORAGE = 0;
406
407    // Block download of files only under a lower threshold defined here
408    // <internal>
409    BLOCK_DOWNLOAD_LOWER_THRESHOLD = 1;
410
411    // Set the storage threshold to an extremely low value when downloading.
412    // IMPORTANT: if the download make the device runs out of disk, this could
413    // render the device unusable.
414    // This should only be used for critical use cases such as privacy
415    // violations. Emergency fix should not belong to this category. Please
416    // talks to <internal>@ when you want to use this option.
417    EXTREMELY_LOW_THRESHOLD = 2;
418  }
419
420  // Specify the device storage under which the files should be downloaded.
421  // By default, the files will only be downloaded if the device is not in
422  // low storage.
423  optional DeviceStoragePolicy device_storage_policy = 1;
424
425  // TODO(b/143548753): The first value in an enum must have a specific prefix.
426  enum DeviceNetworkPolicy {
427    // Only download files on wifi.
428    DOWNLOAD_ONLY_ON_WIFI = 0;
429
430    // Allow download on any network including wifi and cellular.
431    DOWNLOAD_ON_ANY_NETWORK = 1;
432
433    // Allow downloading only on wifi first, then after a configurable time
434    // period set in the field download_first_on_wifi_period_secs below,
435    // allow downloading on any network including wifi and cellular.
436    DOWNLOAD_FIRST_ON_WIFI_THEN_ON_ANY_NETWORK = 2;
437  }
438
439  // Specify the device network under which the files should be downloaded.
440  // By default, the files will only be downloaded on wifi.
441  //
442  // If your feature targets below v20 and want to download on cellular in
443  // these versions of gms, also set allow_download_without_wifi = true;
444  optional DeviceNetworkPolicy device_network_policy = 2;
445
446  // This field will only be used when the
447  // DeviceNetworkPolicy = DOWNLOAD_FIRST_ON_WIFI_THEN_ON_ANY_NETWORK
448  // MDD will download the file only on wifi for this period of time. If the
449  // download was not finished, MDD will download on any network including
450  // wifi and cellular.
451  // Ex: 604800  // 7 Days
452  optional int64 download_first_on_wifi_period_secs = 4;
453
454  // TODO(b/143548753): The first value in an enum must have a specific prefix.
455  enum ActivatingCondition {
456    // The download is activated as soon the server side config is received and
457    // the server configured download conditions are satisfied.
458    ALWAYS_ACTIVATED = 0;
459
460    // The download is activated when both server side activation conditions
461    // are satisfied and the client has activated the download on device.
462    //
463    // Clients can activate this group using the activateFileGroup API.
464    // <internal>
465    DEVICE_ACTIVATED = 1;
466  }
467
468  // Specify how the download is activated. By default, the download is
469  // activated as soon as server configured activating conditions are satisfied.
470  optional ActivatingCondition activating_condition = 3;
471}
472// LINT.ThenChange(
473// <internal>,
474// <internal>)
475
476message PhConfig {
477  repeated PhClient ph_client = 1;
478}
479
480// Config for a client that wants to download their data file group using
481// a phenotype flag. It contains the phenotype flag name where the client
482// config is present.
483// This is used by clients that want to download data files conditionally. Its
484// current usage is to download webref slices.
485message PhClient {
486  // The phenotype flag name where the config is present.
487  optional string ph_flag_name = 1;
488}
489
490// ManifestConfig to support on device targeting.
491// The ManifestConfig could be in a payload of a PH flag or it could be in the
492// content of a Manifest file. See <internal> for more
493// details.
494// Each ManifestConfig.Entry will have a Modifier and a corresponding
495// DataFileGroup. The Modifier will be used for on device filtering/targeting.
496message ManifestConfig {
497  message Entry {
498    // All the modifier variables are used for filtering/targeting on the device
499    // side. For example, we can specify the locale "en_US" and does the
500    // targeting on the device based on this locale. If you need to add more
501    // fields to Modifier, please email <internal>@.
502    message Modifier {
503      // Locales for which this DataFileGroup is valid.
504      // Locales defined here are application's specific.
505      // It will be consumed by the application's
506      // ManifestConfigFlagPopulator.Overrider to do on-device targeting. The
507      // Overrider will interprete the locales to select best locale matches.
508      // For example, it can invoke the LanguageMatcher [1] to support
509      // "Local Inheritance" [2].
510      // [1]
511      // <internal>
512      // [2] <internal>
513      repeated string locale = 1;
514
515      // Custom Properties.
516      // Defined by each application. The application needs to provide a
517      // ManifestConfigOverrider
518      // (<internal>
519      // that understands and filters entries based on this Custom Properties.
520      optional google.protobuf.Any custom_properties = 2;
521
522      message Location {
523        // S2CellId (<internal>) associated with this DataFileGroup. It will be
524        // used to do location based targeting on device, optionally filtering
525        // extraneous slices if the user has location permissions enabled.
526        // Otherwise location targeting will be based on a rough estimate from
527        // IP-based geolocation on the server. The type fixed64 is a bit more
528        // efficient than int64 for our purposes. This is because int64 uses
529        // prefix encoding, however, for the S2CellIds the high-order bits
530        // encode the face-ID and as a result we often end up with large
531        // numbers.
532        optional fixed64 s2_cell_id = 1;
533      }
534
535      optional Location location = 3;
536    }
537
538    optional Modifier modifier = 1;
539    optional DataFileGroup data_file_group = 2;
540  }
541
542  message UrlTemplate {
543    // Template to construct a {@code DataFile}'s url_to_download on device.
544    // If the url template should be used, the url_to_download field should be
545    // left unpopulated. If the url template and the url_to_download are both
546    // populated, the template will be ignored.
547    optional string file_url_template = 1;
548  }
549
550  repeated Entry entry = 1;
551
552  // Template definition for constructing URLs on device. It applies to every
553  // DataFile defined in the ManifestConfig.
554  optional UrlTemplate url_template = 2;
555}
556
557// The flag that MDD gets from P/H, and contains information about the manifest
558// file to be downloaded.
559// Next id: 3
560message ManifestFileFlag {
561  // The ID for the manifest file. This should be unique in the host app space.
562  optional string manifest_id = 1;
563
564  // The url to the manifest file on Google hosting service.
565  optional string manifest_file_url = 2;
566}
567