I have developed one SDK containig a layout with some sensitive input fields. This SDK will be provided to third party App. Everything is working fine.
Problem is, I don't want third party App to fetch any of information from the input fields. But while using that SDK(.aar file) he can get the resource id's of those SDK input fields.
What can be done to prevent the resource id's from been exposed.
Code used in third party app to integrate the SDK,
Intent intent = new Intent();
intent.setComponent(new ComponentName("com.package_name", "com.package_name.class_name"));
startActivity(intent);
I don't want third party App to fetch any of information from the input fields
It is code in their app. They can get at whatever they want.
What can be done to prevent the resource id's from been exposed.
If by "exposed", you mean "available at compile time as simple R constants", you can whitelist the IDs that should be public, and the build tools will hide the remainder.
Note that this will not stop an interested party from accessing those fields from within their own process. It will merely add a few minutes to the development process.