Use Auth0.Android v2 [SDK-2429] #610
Conversation
| @@ -228,8 +228,8 @@ private void showPasswordlessLock() { | |||
|
|
|||
| private Auth0 getAccount() { | |||
| Auth0 account = new Auth0(getString(R.string.com_auth0_client_id), getString(R.string.com_auth0_domain)); | |||
| account.setOIDCConformant(true); | |||
| account.setLoggingEnabled(true); | |||
| DefaultClient netClient = new DefaultClient(10, 10, Collections.<String, String>emptyMap(), true); | |||
There was a problem hiding this comment.
Default values from Kotlin are not available for Java. I had to hardcode the timeout values. This is for the sample app that we ship with this repository, not included in the library package itself.
| @@ -76,8 +79,9 @@ private void parseAuthentication(Intent data) { | |||
| String accessToken = data.getStringExtra(Constants.ACCESS_TOKEN_EXTRA); | |||
| String tokenType = data.getStringExtra(Constants.TOKEN_TYPE_EXTRA); | |||
| String refreshToken = data.getStringExtra(Constants.REFRESH_TOKEN_EXTRA); | |||
| long expiresIn = data.getLongExtra(Constants.EXPIRES_IN_EXTRA, 0); | |||
There was a problem hiding this comment.
we no longer save the expires in (seconds) but rather the calculated expires at (date)
| .login(event.getUsername(), event.getPassword(), connection) | ||
| .addAuthenticationParameters(options.getAuthenticationParameters()); | ||
| .login(event.getUsername(), event.getPassword(), connection); | ||
| request.addParameters(options.getAuthenticationParameters()); |
There was a problem hiding this comment.
this method doesn't return the type "AuthenticationRequest", but "Request". So the chain had to be split.
| if (options.getScope() != null) { | ||
| request.setScope(options.getScope()); | ||
| } | ||
| if (options.getAudience() != null && options.getAccount().isOIDCConformant()) { |
There was a problem hiding this comment.
This method no longer exists. Moving on, everything is OIDC conformant
| } | ||
| Log.d(TAG, "Couldn't find an specific provider, using the default: " + WebAuthProvider.class.getSimpleName()); | ||
| webProvider.start(this, connection, extraAuthParameters, authProviderCallback, WEB_AUTH_REQUEST_CODE); | ||
| webProvider.start(this, connection, extraAuthParameters, new WebCallbackWrapper(authProviderCallback)); |
There was a problem hiding this comment.
Lock works with the concept of AuthProvider. These are implementations from users (or our library) that know different strategies to sign in. We provide one for the web auth flow, using our WebAuthProvider.
Because the AuthProvider interface takes an AuthCallback to return the results, and given that we've changed the callback type in the last SDK release, we have to wrap it in this new class WebCallbackWrapper (internal)
| * @param intent the intent received in the onActivityResult method. | ||
| * @return true if a result was expected and has a valid format, or false if not | ||
| */ | ||
| public boolean resume(int requestCode, int resultCode, Intent intent) { |
There was a problem hiding this comment.
Deprecated, removed. This class is internal anyway.
|
|
||
| client.newCall(req).enqueue(new Callback() { |
There was a problem hiding this comment.
We will no longer use the OkHttp client directly, but through the interface exposed by the Auth0 class. We still have to do the error handling, as we're doing here.
The logic in this class has been moved to a "background task" AsyncTask where the network request will be safely executed.
| @@ -22,9 +21,13 @@ | |||
| private PasswordComplexity passwordComplexity; | |||
|
|
|||
| private Connection(@NonNull String strategy, Map<String, Object> values) { | |||
| checkArgument(values != null && values.size() > 0, "Must have at least one value"); | |||
There was a problem hiding this comment.
This method went away. We're doing it here now instead.
| @@ -17,6 +17,7 @@ allprojects { | |||
| group = 'com.auth0.android' | |||
|
|
|||
| repositories { | |||
| mavenLocal() | |||
There was a problem hiding this comment.
temporary until we make a new release of the sdk
| } else { | ||
| request = apiClient.signUp(getEmail(), getPassword(), connection); | ||
| } | ||
| SignUpRequest request = apiClient.signUp(getEmail(), getPassword(), getUsername(), connection, userMetadata); |
There was a problem hiding this comment.
user metadata will be passed as an extra param of this method call, rather than later in the request parameters. The method accepts a nullable username, so we no longer need the if
| } | ||
|
|
||
| @Test | ||
| public void shouldStartWebViewWithOptions() { |
There was a problem hiding this comment.
"webview" (instead of an external browser) is no longer supported
| Intent intent = mock(Intent.class); | ||
| Options options = mock(Options.class); | ||
| WebProvider webProvider = new WebProvider(options); | ||
| assertThat(webProvider.resume(1, Activity.RESULT_CANCELED, intent), is(false)); |
There was a problem hiding this comment.
launching with a result code is no longer valid. This was only used for the "webview" flow.
| @@ -27,7 +27,7 @@ | |||
|
|
|||
| @Before | |||
| public void setUp() { | |||
| MockitoAnnotations.initMocks(this); | |||
| MockitoAnnotations.openMocks(this); | |||
There was a problem hiding this comment.
the previous one is marked as deprecated. In some classes, I had to change it to this new way for the tests to run successfully.
| @@ -35,11 +35,8 @@ | |||
|
|
|||
| private MockWebServer server; | |||
|
|
|||
| public ApplicationAPI() throws IOException { | |||
| // FIXME: Remove this if migrating to Robolectric 4.4 | |||
There was a problem hiding this comment.
this PR migrates to robolectric 4.4; And this code is no longer needed.
| /** | ||
| * Utility object for executing tests that use the networking client over HTTPS on localhost. | ||
| */ | ||
| public class SSLTestUtils { |
There was a problem hiding this comment.
this is a test helper class. Not included as part of the packaged library
| @@ -106,13 +118,15 @@ public void setUp() { | |||
| when(client.login(anyString(), anyString(), anyString())).thenReturn(authRequest); | |||
| when(client.loginWithOTP(anyString(), anyString())).thenReturn(authRequest); | |||
| when(client.createUser(anyString(), anyString(), anyString())).thenReturn(dbRequest); | |||
| when(client.createUser(anyString(), anyString(), anyString(), anyString())).thenReturn(dbRequest); | |||
| when(client.createUser(anyString(), anyString(), any(), anyString())).thenReturn(dbRequest); | |||
There was a problem hiding this comment.
any() required for the username parameter, as it could be null or a valid string
| implementation 'com.squareup:otto:1.3.8' | ||
| api 'com.auth0.android:auth0:1.29.0' | ||
| api 'com.auth0.android:auth0:2.1.0-SNAPSHOT' |
There was a problem hiding this comment.
also temporarily using a snapshot build built locally; makes sense for now
| dest.writeString(auth0.getTelemetry().getVersion()); | ||
| dest.writeString(auth0.getTelemetry().getLibraryVersion()); | ||
| } | ||
| //FIXME: Find a way to pass the NetworkingClient implementation |
There was a problem hiding this comment.
Mostly just for my own education, but what does this comment mean?
There was a problem hiding this comment.
This relates to the "note" I added to the PR description. Customizing the networking client was made available in the latest release of the SDK. But the way we accept that client is with a setter in the Auth0 class.
This library has an implementation that makes Auth0 "Parcelable" (similar to Serializable), so we could pass it across instances/classes to set up the widget. But because the NetworkingClient implementation cannot be serialized, it's not straightforward to update the Auth0 class to support it. I added the comment to come back to this later and evaluate if this is something we need to backport today or not.
There was a problem hiding this comment.
Hello there! I realize this is a very old PR, but I was wondering if this was ever floated to be fixed, as I noticed it's still in the current version...being able to pass in a custom networking client would be super useful for my team right now as we have to do weird proxy stuff but would prefer not to do a full migration to the raw SDK at the moment 😅
My understanding is lock is not really receiving any new feature requests, but wondering if this would qualify as a bugfix and if we can contribute to a PR somehow!
Thanks so much!
Changes
Targetting the newer Auth0 SDK imposes two new constraints/requirements:
Once these settings have been adjusted, the migration guide was followed to fix the compiling errors. These mostly were:
Map<String, Object>-->Map<String, String>AuthCallback-->CallbackVoidCallbackandTelemetryOIDC conformantNote: The
Auth0Parcelableclass, used to communicate theAuth0class settings between Lock instances, is not completely migrated. As of this PR, it's lacking support for customizing the networking client; a feature that was recently made available in Auth0 Android v2. A comment was added to re-evaluate this in the short term.References
See
SDK-2429.Testing
Compile errors in the tests have not been completely fixed yet (wip). Once they are fixed, this PR will be removed from DRAFT.