| /* |
| * Copyright 2022 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package androidx.credentials |
| |
| import android.annotation.SuppressLint |
| import android.app.PendingIntent |
| import android.content.Context |
| import android.content.Intent |
| import android.net.Uri |
| import android.os.CancellationSignal |
| import androidx.annotation.RequiresApi |
| import androidx.credentials.exceptions.ClearCredentialException |
| import androidx.credentials.exceptions.ClearCredentialProviderConfigurationException |
| import androidx.credentials.exceptions.CreateCredentialException |
| import androidx.credentials.exceptions.CreateCredentialProviderConfigurationException |
| import androidx.credentials.exceptions.GetCredentialException |
| import androidx.credentials.exceptions.GetCredentialProviderConfigurationException |
| import java.util.concurrent.Executor |
| |
| /** |
| * Manages user authentication flows. |
| * |
| * An application can call the CredentialManager apis to launch framework UI flows for a user to |
| * register a new credential or to consent to a saved credential from supported credential |
| * providers, which can then be used to authenticate to the app. |
| * |
| * This class contains its own exception types. They represent unique failures during the Credential |
| * Manager flow. As required, they can be extended for unique types containing new and unique |
| * versions of the exception - either with new 'exception types' (same credential class, different |
| * exceptions), or inner subclasses and their exception types (a subclass credential class and all |
| * their exception types). |
| * |
| * For example, if there is an UNKNOWN exception type, assuming the base Exception is |
| * [ClearCredentialException], we can add an 'exception type' class for it as follows: |
| * ``` |
| * class ClearCredentialUnknownException( |
| * errorMessage: CharSequence? = null |
| * ) : ClearCredentialException(TYPE_CLEAR_CREDENTIAL_UNKNOWN_EXCEPTION, errorMessage) { |
| * // ...Any required impl here...// |
| * companion object { |
| * private const val TYPE_CLEAR_CREDENTIAL_UNKNOWN_EXCEPTION: String = |
| * "androidx.credentials.TYPE_CLEAR_CREDENTIAL_UNKNOWN_EXCEPTION" |
| * } |
| * } |
| * ``` |
| * |
| * Furthermore, the base class can be subclassed to a new more specific credential type, which then |
| * can further be subclassed into individual exception types. The first is an example of a 'inner |
| * credential type exception', and the next is a 'exception type' of this subclass exception. |
| * |
| * ``` |
| * class UniqueCredentialBasedOnClearCredentialException( |
| * type: String, |
| * errorMessage: CharSequence? = null |
| * ) : ClearCredentialException(type, errorMessage) { |
| * // ... Any required impl here...// |
| * } |
| * // .... code and logic .... // |
| * class UniqueCredentialBasedOnClearCredentialUnknownException( |
| * errorMessage: CharSequence? = null |
| * ) : ClearCredentialException(TYPE_UNIQUE_CREDENTIAL_BASED_ON_CLEAR_CREDENTIAL_UNKNOWN_EXCEPTION, |
| * errorMessage) { |
| * // ... Any required impl here ... // |
| * companion object { |
| * private const val |
| * TYPE_UNIQUE_CREDENTIAL_BASED_ON_CLEAR_CREDENTIAL_UNKNOWN_EXCEPTION: String = |
| * "androidx.credentials.TYPE_CLEAR_CREDENTIAL_UNKNOWN_EXCEPTION" |
| * } |
| * } |
| * ``` |
| */ |
| @SuppressLint("ObsoleteSdkInt") // Accommodate dependencies with a lower min sdk requirement |
| internal class CredentialManagerImpl internal constructor(private val context: Context) : |
| CredentialManager { |
| companion object { |
| /** |
| * An intent action that shows a screen that let user enable a Credential Manager provider. |
| */ |
| private const val INTENT_ACTION_FOR_CREDENTIAL_PROVIDER_SETTINGS: String = |
| "android.settings.CREDENTIAL_PROVIDER" |
| } |
| |
| /** |
| * Requests a credential from the user. |
| * |
| * This API uses callbacks instead of Kotlin coroutines. |
| * |
| * The execution potentially launches framework UI flows for a user to view available |
| * credentials, consent to using one of them, etc. |
| * |
| * @param context the context used to launch any UI needed; use an activity context to make sure |
| * the UI will be launched within the same task stack |
| * @param request the request for getting the credential |
| * @param cancellationSignal an optional signal that allows for cancelling this call |
| * @param executor the callback will take place on this executor |
| * @param callback the callback invoked when the request succeeds or fails |
| */ |
| override fun getCredentialAsync( |
| context: Context, |
| request: GetCredentialRequest, |
| cancellationSignal: CancellationSignal?, |
| executor: Executor, |
| callback: CredentialManagerCallback<GetCredentialResponse, GetCredentialException>, |
| ) { |
| val provider: CredentialProvider? = |
| CredentialProviderFactory(context).getBestAvailableProvider(request) |
| if (provider == null) { |
| callback.onError( |
| GetCredentialProviderConfigurationException( |
| "getCredentialAsync no provider dependencies found - please ensure " + |
| "the desired provider dependencies are added" |
| ) |
| ) |
| return |
| } |
| provider.onGetCredential(context, request, cancellationSignal, executor, callback) |
| } |
| |
| /** |
| * Requests a credential from the user. |
| * |
| * This API uses callbacks instead of Kotlin coroutines. |
| * |
| * Different from the other `getCredentialAsync(GetCredentialRequest, Activity)` API, this API |
| * launches the remaining flows to retrieve an app credential from the user, after the completed |
| * prefetch work corresponding to the given `pendingGetCredentialHandle`. Use this API to |
| * complete the full credential retrieval operation after you initiated a request through the |
| * [prepareGetCredentialAsync] API. |
| * |
| * The execution can potentially launch UI flows to collect user consent to using a credential, |
| * display a picker when multiple credentials exist, etc. |
| * |
| * @param context the context used to launch any UI needed; use an activity context to make sure |
| * the UI will be launched within the same task stack |
| * @param pendingGetCredentialHandle the handle representing the pending operation to resume |
| * @param cancellationSignal an optional signal that allows for cancelling this call |
| * @param executor the callback will take place on this executor |
| * @param callback the callback invoked when the request succeeds or fails |
| */ |
| @RequiresApi(34) |
| override fun getCredentialAsync( |
| context: Context, |
| pendingGetCredentialHandle: PrepareGetCredentialResponse.PendingGetCredentialHandle, |
| cancellationSignal: CancellationSignal?, |
| executor: Executor, |
| callback: CredentialManagerCallback<GetCredentialResponse, GetCredentialException>, |
| ) { |
| val provider: CredentialProvider? = |
| CredentialProviderFactory(context) |
| .getBestAvailableProvider(shouldFallbackToPreU = false) |
| if (provider == null) { |
| callback.onError( |
| GetCredentialProviderConfigurationException("No Credential Manager provider found") |
| ) |
| return |
| } |
| provider.onGetCredential( |
| context, |
| pendingGetCredentialHandle, |
| cancellationSignal, |
| executor, |
| callback |
| ) |
| } |
| |
| /** |
| * Prepares for a get-credential operation. Returns a [PrepareGetCredentialResponse] that can |
| * later be used to launch the credential retrieval UI flow to finalize a user credential for |
| * your app. |
| * |
| * This API uses callbacks instead of Kotlin coroutines. |
| * |
| * This API doesn't invoke any UI. It only performs the preparation work so that you can later |
| * launch the remaining get-credential operation (involves UIs) through the [getCredentialAsync] |
| * API which incurs less latency than executing the whole operation in one call. |
| * |
| * @param request the request for getting the credential |
| * @param cancellationSignal an optional signal that allows for cancelling this call |
| * @param executor the callback will take place on this executor |
| * @param callback the callback invoked when the request succeeds or fails |
| */ |
| @RequiresApi(34) |
| override fun prepareGetCredentialAsync( |
| request: GetCredentialRequest, |
| cancellationSignal: CancellationSignal?, |
| executor: Executor, |
| callback: CredentialManagerCallback<PrepareGetCredentialResponse, GetCredentialException>, |
| ) { |
| val provider: CredentialProvider? = |
| CredentialProviderFactory(context) |
| .getBestAvailableProvider(shouldFallbackToPreU = false) |
| if (provider == null) { |
| callback.onError( |
| GetCredentialProviderConfigurationException("No Credential Manager provider found") |
| ) |
| return |
| } |
| provider.onPrepareCredential(request, cancellationSignal, executor, callback) |
| } |
| |
| /** |
| * Registers a user credential that can be used to authenticate the user to the app in the |
| * future. |
| * |
| * This API uses callbacks instead of Kotlin coroutines. |
| * |
| * The execution potentially launches framework UI flows for a user to view their registration |
| * options, grant consent, etc. |
| * |
| * @param context the context used to launch any UI needed; use an activity context to make sure |
| * the UI will be launched within the same task stack |
| * @param request the request for creating the credential |
| * @param cancellationSignal an optional signal that allows for cancelling this call |
| * @param executor the callback will take place on this executor |
| * @param callback the callback invoked when the request succeeds or fails |
| */ |
| override fun createCredentialAsync( |
| context: Context, |
| request: CreateCredentialRequest, |
| cancellationSignal: CancellationSignal?, |
| executor: Executor, |
| callback: CredentialManagerCallback<CreateCredentialResponse, CreateCredentialException>, |
| ) { |
| val provider: CredentialProvider? = |
| CredentialProviderFactory(this.context).getBestAvailableProvider(request) |
| if (provider == null) { |
| callback.onError( |
| CreateCredentialProviderConfigurationException( |
| "createCredentialAsync no provider dependencies found - please ensure the " + |
| "desired provider dependencies are added" |
| ) |
| ) |
| return |
| } |
| provider.onCreateCredential(context, request, cancellationSignal, executor, callback) |
| } |
| |
| /** |
| * Clears the current user credential state from all credential providers. |
| * |
| * This API uses callbacks instead of Kotlin coroutines. |
| * |
| * You should invoked this api after your user signs out of your app to notify all credential |
| * providers that any stored credential session for the given app should be cleared. |
| * |
| * A credential provider may have stored an active credential session and use it to limit |
| * sign-in options for future get-credential calls. For example, it may prioritize the active |
| * credential over any other available credential. When your user explicitly signs out of your |
| * app and in order to get the holistic sign-in options the next time, you should call this API |
| * to let the provider clear any stored credential session. |
| * |
| * If the API is called with [ClearCredentialRequestTypes.CLEAR_RESTORE_CREDENTIAL] then any |
| * restore credential stored on device will be cleared. |
| * |
| * @param request the request for clearing the app user's credential state |
| * @param cancellationSignal an optional signal that allows for cancelling this call |
| * @param executor the callback will take place on this executor |
| * @param callback the callback invoked when the request succeeds or fails |
| */ |
| override fun clearCredentialStateAsync( |
| request: ClearCredentialStateRequest, |
| cancellationSignal: CancellationSignal?, |
| executor: Executor, |
| callback: CredentialManagerCallback<Void?, ClearCredentialException>, |
| ) { |
| val provider: CredentialProvider? = |
| CredentialProviderFactory(context).getBestAvailableProvider(request.requestType) |
| if (provider == null) { |
| callback.onError( |
| ClearCredentialProviderConfigurationException( |
| "clearCredentialStateAsync no provider dependencies found - please ensure the " + |
| "desired provider dependencies are added" |
| ) |
| ) |
| return |
| } |
| provider.onClearCredential(request, cancellationSignal, executor, callback) |
| } |
| |
| /** |
| * Returns a pending intent that shows a screen that lets a user enable a Credential Manager |
| * provider. |
| * |
| * @return the pending intent that can be launched |
| */ |
| @RequiresApi(34) |
| override fun createSettingsPendingIntent(): PendingIntent { |
| val intent: Intent = Intent(INTENT_ACTION_FOR_CREDENTIAL_PROVIDER_SETTINGS) |
| intent.setData(Uri.parse("package:" + context.getPackageName())) |
| return PendingIntent.getActivity(context, 0, intent, PendingIntent.FLAG_IMMUTABLE) |
| } |
| } |