Okay, so here's the dance I did to get SafetyNet working with the AEX 6 alphas and "Device certified" status - I'm currently running AEX 6 0827 build with unofficial mindthegapps, Nameless kernel r18, official TWRP 3.2.3-0, and Magisk 17.2 from the canary channel (but 17.1 was working fine for me last week).
First of all, this whole thing depends on using Magisk. You will need to be rooted to teach your phone to lie about not being rooted/bootloader unlocked. It also depends on not using Xposed. You will never pass SafetyNet with Xposed installed, so decide now what's more important to you. You will also need TWRP from
here, although if you've got the AEX 6 alpha going already I assume you have this.
We're going to install Magisk, install a module that lets you edit the device fingerprint to something that is considered certified (there's a Zuk Z2 Pro fingerprint for Nougat that passes and we'll fib a little and use that), then use the "hide Magisk Manager" function to repackage MM with a random name to avoid detection, and lastly make sure that Pokemon Go, Google Pay, and any other apps are selected for hiding in the "MagiskHide" setting. That should get you back to "Device certified" status in the Play Store, and PoGo authenticating without issue.
1. Anyway, grab Magisk 17.1 from the official forum
here - scroll to the Downloads section, and get the latest official (17.1 as of this writing). Not a bad idea to grab the latest uninstaller & copy of the Magisk Manager apk, just in case you need to troubleshoot later.
Copy these to your phone's internal storage somewhere, reboot into TWRP, and install the .zip for Magisk 17.1. It worked fine for me upgrading in place over a previous 16.x install, but if you really want to get a clean start, flash the uninstaller script, wipe /system, reboot to recovery (reasons... wiping /system sometimes wipes temporarily-mounted things from the recovery environment's memory because filesystems), then dirty flash the rom & GApps without wiping data, and flash the current Magisk installer zip last. This should give you clean /boot, /system, and /vendor partitions to start from without losing anything. Wipe cache & dalvik and reboot system.
2. After a little spinning, you should be up and have Magisk Manager available in the app drawer. Run it, tap on the menu icon in the upper-left, and go to Downloads. You're looking for a module named "MagiskHide Props Config" by
@Didgeridoohan (currently v2.4.1-v29). Download & install that, and reboot.
3. You'll need a terminal emulator now, because all the really good Magisk modules do their config this way (true story). I recommend Termux (
termux.com with links to Play Store and F-Droid downloads), but you can enable the built-in terminal app through developer options as well. Anyway, run your terminal emulator, then type "su" and enter to get a root shell. Magisk should pop up asking if you want to allow root access, and you'll need to say yes. Now to use the Magisk module you downloaded in step two, type "props" and hit enter, and you should get a menu for "MagiskHide Props Config"; we want option 1 - "Edit device fingerprint". So type 1 and enter, and follow the instructions (F to select a fingerprint, 14 for Zuk, 1 for Zuk Z2 Pro (7.0), Y for yes to confirm, Y for yes reboot now). After rebooting you should now have a different device fingerprint (loaded via Magisk, the original is still there and build.prop is unchanged - yay systemless modding!)
4. Now we need to hide Magisk Manager from detection - Pokemon Go is sneaky and doing things it shouldn't snooping around the file system (this is actually an Android bug; when an app asks to see a folder that it doesn't have permission to access, it gets told "permission denied", but if the file doesn't exist it gets told "file not found" instead of "permission denied", so PoGo can still look for the presence of Magisk Manager in /data/app and the old module download folder in /data/media/MagiskManager even if without permissions - BOOO!). First use a file browser to go browse internal storage and see if there's a "MagiskManager" folder; if there is, delete it. It's just a temp folder created for downloading updates/modules, and
@topjohnwu already changed the code to not use it any more in 17.x releases... I think it just saves things to Downloads now. Now open Magisk Manager, menu button in upper-left, Settings, and there should be an option to "Hide Magisk Manager" by reinstalling with a random package name. Choose that; it will take a minute and then close itself. It just reinstalled itself with a new package name and uninstalled the original, nifty!
5. Now open Magisk Manager from your app drawer again, go into Settings and make sure that "Magisk Hide" is enabled, then go into the Magisk Hide menu, and search for apps you want to hide root from - namely, Pokemon Go, Google Pay, and any other things like banking apps.
6. Testing time! First use the built-in "Tap to start SafetyNet check" button in Magisk Manager, and tell it yes if it asks to download proprietary code. You should get both ctsProfile: true and basicIntegrity:true. If not, go back into MM settings and toggle MagiskHide off & back on again. If that doesn't work, reboot and try again. I'm going to assume this worked. You shouldn't need "preserve force encryption" unless you encrypted your phone (I did and it seems to work fine), and we don't have an Android Verified Boot device with dm-verity so checking the second box shouldn't do anything. Now try running the Google Play Store app, open menu, go to Settings, and scroll down. Play Protect certification should show "Device is certified". Whew, getting closer... Now just to be on the safe side, you should clear all data from Pokemon Go, and run it. Put in date of birth, tell it yes to permissions, and you SHOULD be solid.
7. Troubleshooting. You tell me; this all worked for me. Sometimes something will occasionally kill the MagiskHide function and it'll fail to authenticate when switching accounts/signing in to PoGo. Just close the app, open Magisk Manager, go to Settings, and toggle Magisk Hide off and back on again, and that should fix it without even having to reboot. If it's still not working, perhaps they changed something server side or with a recent PoGo update, and you want to try using the bleeding edge canary builds of Magisk; head over
here for instructions on how to switch to the canary release channel. If that still hasn't fixed it, probably time to join the discussion in
this forum and see if someone else has the same issue.
That's what I've got, and I've been running PoGo just fine on the AEX 6 Pie alpha since it came out by using the certified device fingerprint and hidden/repackaged Magisk Manager setup.
Also, for what it's worth:
I've been using the GCam mod by "arthur" from
here, specifically the MGCamera_5.1.0.18_R4X_v.5.1.19.apk (I haven't tried the more recent ones). It has a LOT of configuration options, most of which don't need touching. But! Settings > Advanced Settings > Main camera > Base model: Nexus 5X (I like the detail), Settings > Advanced Settings > Front-camera > Base model: Nexus 5X and then Manual fixed black level offset: 15.30 (this makes selfie cam look natural instead of yellow/green). Play around with other options at your own risk.
It doesn't have the blue/pink color shift when HDR+ is enabled unlike the Arnova releases, HDR+ works, portrait mode works, it's either ZSL or close to it, and you can fix the color of the selfie cam! Everything I've tried works! It's a miracle, take photos and be happy!
*Edit: fixed description of AVB/dm-verity
