背景:

SamSung SM-N9006 Android5.0在应用中拍照之后，无法获取拍照之后的数据，报错FileUriExposedException

思路：

参考官方文档对该错误的解释，是由于出于安全考虑，Android 7.0[API24]以及以上版本不支持file://，使用content://URI，可能三星这款机型动了Framework吧。

Note: We are using getUriForFile(Context, String, File) which returns a content:// URI. For more recent apps targeting Android 7.0 (API level 24) and higher, passing a file:// URI across a package boundary causes a FileUriExposedException. Therefore, we now present a more generic way of storing images using a FileProvider.

关键方法:

1.启动照相时，借助FileProvider生成content://URI保存拍照结果
老方法

    /** * 老方法[Android7.0以及以上报错FileUriExposedException] */
    private void doTakePhotoOld() {
        Intent intent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE);
        if (intent.resolveActivity(getPackageManager()) != null) {
            File newFile = createTakePhotoFile();
            intent.putExtra(MediaStore.EXTRA_OUTPUT, Uri.fromFile(newFile));
            startActivityForResult(intent, REQUEST_CAMERA);
        }
    }

新方法

    /** * 解决三星手机拍照后无法获取数据，android 7.0手机拍照后获取数据适配。 * 报错FileUriExposedException(SamSung SM-N9006 Android5.0也有这问题) */
    private void doTakePhoto() {
        Intent takePictureIntent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE);
        if (takePictureIntent.resolveActivity(getPackageManager())!=null){
            midFile = null;
            try {
                midFile = createImageFile();
            } catch (IOException e) {
                e.printStackTrace();
            }
            if (midFile!=null){
                Uri photoURI = FileProvider.getUriForFile(this,FILE_AUTHORITY,midFile);
                // fix java.lang.SecurityException: Permission Denial: opening provider android.support.v4.content.FileProvider from ProcessRecord{42725078 24872:com.android.camera/u0a14} (pid=24872, uid=10014) that is not exported from uid 10310
                List<ResolveInfo> resInfoList= getPackageManager().queryIntentActivities(takePictureIntent, PackageManager.MATCH_DEFAULT_ONLY);
                for (ResolveInfo resolveInfo : resInfoList) {
                    String packageName = resolveInfo.activityInfo.packageName;
                    grantUriPermission(packageName, photoURI,
                            Intent.FLAG_GRANT_WRITE_URI_PERMISSION);
                }
                // fix java.lang.SecurityException: Permission Denial: opening provider android.support.v4.content.FileProvider from ProcessRecord{42725078 24872:com.android.camera/u0a14} (pid=24872, uid=10014) that is not exported from uid 10310
                takePictureIntent.putExtra(MediaStore.EXTRA_OUTPUT,photoURI);
                this.startActivityForResult(takePictureIntent, GetByCamre);
            }
        }
    }

    /** *storage/emulated/0/.REAPP/._Image:SDCard路径加上.REAPP/._Image/temp.img * @return 接收拍照返回数据位置, * @throws IOException */
    private File createImageFile() throws IOException {
        File dir = new File(SuFileInfo.getInstance().getImagePath());
        if (!dir.exists()){
            dir.mkdirs();
        }
        // 以上为了规避用户删除了._Image目录，报错java.io.IOException: open failed: ENOENT (No such file or directory)
        File file = new File(dir, TempImageMame);
        if (!file.exists()){
            file.createNewFile();
        }
        return file;
    }

小米复现java.lang.SecurityException: Permission Denial: opening provider android.support.v4.content.FileProvider from ProcessRecord{42725078 24872:com.android.camera/u0a14} (pid=24872, uid=10014) that is not exported from uid 10310，此时需要for循环授权进行修复。

2.对FileProvider进行设置
2.1AndroidManifest.xml注册

<application ... 
    <provider
        android:name="android.support.v4.content.FileProvider"
        android:authorities="com.harry.shopping.fileprovider"
        android:exported="false"
        android:grantUriPermissions="true">
        <meta-data
            android:name="android.support.FILE_PROVIDER_PATHS"
            android:resource="@xml/file_paths"/>
    </provider>
    ...
</application>

注意，android:authorities属性值和之前FileProvider.getUriForFile方法使用的authorities必须保持一致。
2.2在res/xml新建file_paths.xml设置文件路径

<?xml version="1.0" encoding="utf-8"?>
<paths xmlns:android="http://schemas.android.com/apk/res/android">
    <external-path name="images" path="Android/data/com.harry.shopping/files/Pictures" />
</paths>

经过以上操作就可以在onActivityResult里面获取到照片路径mCurrentPhotoPath。

附录1：使用时FileProvider五个步骤

1.定义一个FileProvider，并在AndroidManifest.xml注册。一般v4包下的的FileProvider即可

<provider android:name="android.support.v4.content.FileProvider" android:authorities="com.harry.shopping.fileprovider" android:exported="false" android:grantUriPermissions="true">
    <meta-data android:name="android.support.FILE_PROVIDER_PATHS" android:resource="@xml/file_paths"/>
</provider>

2.Provider配置文件路径
2.1配置meta-data指定保存文件路径

<meta-data
    android:name="android.support.FILE_PROVIDER_PATHS"
    android:resource="@xml/file_paths"/>

2.2在xml文件下新建file_paths配置路径

<?xml version="1.0" encoding="utf-8"?>
<paths xmlns:android="http://schemas.android.com/apk/res/android">
    <external-path name="images" path="Android/data/com.harry.shopping/files/Pictures" />
</paths>

name表示生成URI时的别名，path是指相对路径

<files-path name="name" path="path" />
Context.getFilesDir()

<cache-path name="name" path="path" />
Context.getCacheDir()

<external-path name="name" path="path" />
Environment.getExternalStorageDirectory()

<external-files-path name="name" path="path" />
Context#getExternalFilesDir(String) Context.getExternalFilesDir(null).

<external-cache-path name="name" path="path" />
Context.getExternalCacheDir()

3.为一个文件生成Content URI

File imagePath = new File(Context.getFilesDir(), "images");
File newFile = new File(imagePath, "default_image.jpg");
Uri contentUri = getUriForFile(getContext(), "com.mydomain.fileprovider", newFile);

生成URI：content://com.mydomain.fileprovider/my_images/default_image.jpg4.为URI临时授权,两种方法

1)Context.grantUriPermission(package, Uri, mode_flags);
// mode_flags可以设置为 FLAG_GRANT_READ_URI_PERMISSION, FLAG_GRANT_WRITE_URI_PERMISSION

权限失效：用户取消权限[revokeUriPermission() ]或者手机重启

2)Intent intent = new  Intent();
intent.setData(Uri);
intent.setFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION|Intent.FLAG_GRANT_WRITE_URI_PERMISSION);
setResult(RESULT_OK,intent);

权限失效：返回处理结果Activity所在的stack结束
5.发送这个URI给其他APP，两种方法 1)startActivityResult() 2)借助ClipData处理

附录2：最近路径容易搞混，也打印记录下

Context.getFilesDir()=/data/data/com.harry.shopping/files
Context.getCacheDir()=/data/data/com.harry.shopping/cache
Environment.getExternalStorageDirectory()=/storage/emulated/0
getExternalFilesDir(Environment.DIRECTORY_PICTURES)=/storage/emulated/0/Android/data/com.harry.shopping/files/Pictures
Context.getExternalFilesDir(null)=/storage/emulated/0/Android/data/com.harry.shopping/files
Context.getExternalCacheDir()=/storage/emulated/0/Android/data/com.harry.shopping/cache

总结

这类问题比较简单，查看报错Log，参考官方文档，借助FileProvider可以方便的处理这类安全问题。

参考文献：

developer.android.com/training/ca…
developer.android.com/reference/a…