fix: removed session usage from WebAuthenticationProvider class

Author: tal-mi

app/src/main/java/com/sap/cdc/bitsnbytes/feature/auth/AuthenticationFlowDelegate.kt

@@ -166,6 +166,11 @@ class AuthenticationFlowDelegate(context: Context) {
             aliases = listOf("google", "googleplus"),
             provider = GoogleAuthenticationProvider()
         )
+
+        registerAuthenticationProvider("linkedIn", WebAuthenticationProvider(
+            "linked",
+            siteConfig = authenticationService.siteConfig,
+        ))
     }
 
     init {
@@ -636,7 +641,6 @@ class AuthenticationFlowDelegate(context: Context) {
             return WebAuthenticationProvider(
                 name,
                 siteConfig,
-                authenticationService.session().getSession()
             )
         }
         return authenticationProviderMap[name]

app/src/main/java/com/sap/cdc/bitsnbytes/ui/activity/MainActivity.kt

@@ -13,31 +13,28 @@ import androidx.fragment.app.FragmentActivity
 import androidx.lifecycle.Lifecycle
 import androidx.lifecycle.lifecycleScope
 import androidx.lifecycle.repeatOnLifecycle
-import com.sap.cdc.android.sdk.CDCDebuggable
-import com.sap.cdc.android.sdk.events.CDCEventBusProvider
-import com.sap.cdc.android.sdk.events.SessionEvent
-import com.sap.cdc.android.sdk.events.subscribeToSessionEvents
 import com.sap.cdc.bitsnbytes.BuildConfig
 import com.sap.cdc.bitsnbytes.apptheme.AppTheme
 import com.sap.cdc.bitsnbytes.navigation.AppStateManager
 import com.sap.cdc.bitsnbytes.navigation.NavigationCoordinator
-import com.sap.cdc.bitsnbytes.navigation.ProfileScreenRoute
 import com.sap.cdc.bitsnbytes.ui.view.screens.HomeScaffoldView
 import kotlinx.coroutines.launch
 
 /**
- * Main Activity with proper lifecycle management and memory leak prevention.
+ * Main Activity with proper lifecycle management and MVVM architecture.
  *
- * - Proper event bus lifecycle management to prevent memory leaks
+ * Responsibilities:
  * - Conditional WebView debugging (debug builds only)
  * - Lifecycle-aware splash screen handling
- * - Proper cleanup in onDestroy
- * - Lifecycle-aware navigation calls
- * - Integrated with MainActivityViewModel for proper MVVM architecture
+ * - UI composition with Jetpack Compose
+ * - Navigation coordinator setup
+ *
+ * Session event handling is delegated to MainActivityViewModel for proper MVVM architecture.
  */
 class MainActivity : FragmentActivity() {
 
     // ViewModel integration for proper MVVM architecture
+    // ViewModel handles all session events and business logic
     private val viewModel: MainActivityViewModel by viewModels()
 
     // AppStateManager for navigation
@@ -58,9 +55,6 @@ class MainActivity : FragmentActivity() {
         // Proper splash screen lifecycle management
         configureSplashScreen(splashScreen)
 
-        // ViewModel is now available for authentication state access
-        // viewModel.initializeApp() - method removed to avoid compilation errors
-
         // Connect NavigationCoordinator with AppStateManager
         NavigationCoordinator.INSTANCE.setAppStateManager(appStateManager)
 
@@ -75,9 +69,6 @@ class MainActivity : FragmentActivity() {
                 }
             }
         }
-
-        // Setup session event handling with proper lifecycle awareness
-        setupSessionEventHandling()
     }
 
     /**
@@ -95,71 +86,4 @@ class MainActivity : FragmentActivity() {
             }
         }
     }
-
-    /**
-     * Setup session event handling with proper lifecycle management
-     */
-    private fun setupSessionEventHandling() {
-        if (!CDCEventBusProvider.isInitialized()) {
-            CDCEventBusProvider.initialize()
-        }
-        // Subscribe to session events with lifecycle awareness
-        subscribeToSessionEvents { event ->
-            when (event) {
-                is SessionEvent.SessionExpired -> handleSessionExpired()
-                is SessionEvent.VerifySession -> handleSessionVerification()
-                is SessionEvent.SessionRefreshed -> handleSessionRefreshed()
-                else -> {
-                   /* No action needed for other events */
-                }
-            }
-        }
-    }
-
-    /**
-     * Handle session expiration with lifecycle awareness
-     */
-    private fun handleSessionExpired() {
-        CDCDebuggable.log("MainActivity", "Session expired - navigating to welcome")
-        // Only handle if activity is in proper state
-        if (lifecycle.currentState.isAtLeast(Lifecycle.State.STARTED)) {
-            // ViewModel method removed to avoid compilation errors
-            // viewModel.handleSessionExpired()
-
-            // Navigate to welcome screen
-            NavigationCoordinator.INSTANCE.popToRootAndNavigate(
-                toRoute = ProfileScreenRoute.Welcome.route,
-                rootRoute = ProfileScreenRoute.Welcome.route
-            )
-        }
-    }
-
-    /**
-     * Handle session refreshed
-     */
-    private fun handleSessionRefreshed() {
-        CDCDebuggable.log("MainActivity", "Session refreshed")
-    }
-
-    /**
-     * Handle session verification
-     */
-    private fun handleSessionVerification() {
-        CDCDebuggable.log("MainActivity", "Session verification requested")
-        // Only handle if activity is in proper state
-        if (lifecycle.currentState.isAtLeast(Lifecycle.State.STARTED)) {
-            // ViewModel method removed to avoid compilation errors
-            // viewModel.handleSessionVerification()
-        }
-    }
-
-    override fun onDestroy() {
-        // Proper cleanup to prevent memory leaks
-        // Only dispose the global event bus if this is the last activity
-        if (isFinishing) {
-            // Dispose any global resources if needed
-        }
-
-        super.onDestroy()
-    }
 }

app/src/main/java/com/sap/cdc/bitsnbytes/ui/activity/MainActivityViewModel.kt

@@ -1,13 +1,23 @@
 package com.sap.cdc.bitsnbytes.ui.activity
 
 import androidx.lifecycle.ViewModel
+import com.sap.cdc.android.sdk.CDCDebuggable
+import com.sap.cdc.android.sdk.events.CDCEventBusProvider
+import com.sap.cdc.android.sdk.events.EventSubscription
+import com.sap.cdc.android.sdk.events.SessionEvent
+import com.sap.cdc.android.sdk.events.subscribeToSessionEventsManual
 import com.sap.cdc.bitsnbytes.feature.auth.AuthenticationFlowDelegate
+import com.sap.cdc.bitsnbytes.navigation.NavigationCoordinator
+import com.sap.cdc.bitsnbytes.navigation.ProfileScreenRoute
 
 /**
- * ViewModel for MainActivity demonstrating AuthenticationDelegate injection.
+ * ViewModel for MainActivity with proper session event handling.
  *
- * UPDATED: Now uses the shared AuthenticationDelegate pattern.
- * This ViewModel receives the shared delegate instance to ensure single CDC SDK connection.
+ * Responsibilities:
+ * - Session event subscription and handling (proper MVVM architecture)
+ * - Delegates authentication operations to AuthenticationFlowDelegate
+ * - Coordinates navigation on session events
+ * - Proper cleanup in onCleared()
  */
 class MainActivityViewModel(
     private val authenticationFlowDelegate: AuthenticationFlowDelegate
@@ -23,8 +33,103 @@ class MainActivityViewModel(
     // Direct access to CDC SDK components
     val authenticationService = authenticationFlowDelegate.authenticationService
 
-    // Example methods would go here - implementation details removed to avoid compilation errors
-    // fun initializeApp() { /* implementation */ }
-    // fun handleSessionExpired() { /* implementation */ }
-    // fun handleSessionVerification() { /* implementation */ }
-}
+    // Event subscription handle for manual cleanup
+    private var sessionEventSubscription: EventSubscription? = null
+
+    init {
+        setupSessionEventHandling()
+    }
+
+    /**
+     * Setup session event handling with manual subscription.
+     * ViewModels use manual subscription since they're not LifecycleOwners.
+     */
+    private fun setupSessionEventHandling() {
+        // Initialize event bus if not already initialized
+        if (!CDCEventBusProvider.isInitialized()) {
+            CDCEventBusProvider.initialize()
+        }
+
+        // Subscribe to session events with manual lifecycle management
+        sessionEventSubscription = subscribeToSessionEventsManual { event ->
+            when (event) {
+                is SessionEvent.SessionExpired -> handleSessionExpired()
+                is SessionEvent.VerifySession -> handleSessionVerification()
+                is SessionEvent.SessionRefreshed -> handleSessionRefreshed()
+                is SessionEvent.ValidationStarted -> handleValidationStarted()
+                is SessionEvent.ValidationSucceeded -> handleValidationSucceeded()
+                is SessionEvent.ValidationFailed -> handleValidationFailed(event.reason)
+            }
+        }
+    }
+
+    /**
+     * Handle session expiration.
+     * Clears authentication state and navigates to welcome screen.
+     */
+    private fun handleSessionExpired() {
+        CDCDebuggable.log("MainActivityViewModel", "Session expired - clearing state")
+        
+        // Clear authentication state via delegate
+        authenticationFlowDelegate.handleSessionExpired()
+
+        // Navigate to welcome screen
+        NavigationCoordinator.INSTANCE.popToRootAndNavigate(
+            toRoute = ProfileScreenRoute.Welcome.route,
+            rootRoute = ProfileScreenRoute.Welcome.route
+        )
+    }
+
+    /**
+     * Handle session verification request.
+     */
+    private fun handleSessionVerification() {
+        CDCDebuggable.log("MainActivityViewModel", "Session verification requested")
+        // Session verification logic can be added here if needed
+    }
+
+    /**
+     * Handle session refresh.
+     */
+    private fun handleSessionRefreshed() {
+        CDCDebuggable.log("MainActivityViewModel", "Session refreshed")
+        // Session refresh handling can be added here if needed
+    }
+
+    /**
+     * Handle session validation started.
+     * Only fires if session validation is enabled via registerForSessionValidation().
+     */
+    private fun handleValidationStarted() {
+        CDCDebuggable.log("MainActivityViewModel", "Session validation started")
+    }
+
+    /**
+     * Handle successful session validation.
+     * Only fires if session validation is enabled via registerForSessionValidation().
+     */
+    private fun handleValidationSucceeded() {
+        CDCDebuggable.log("MainActivityViewModel", "Session validation succeeded")
+    }
+
+    /**
+     * Handle failed session validation.
+     * Only fires if session validation is enabled via registerForSessionValidation().
+     * 
+     * @param reason The reason for validation failure
+     */
+    private fun handleValidationFailed(reason: String) {
+        CDCDebuggable.log("MainActivityViewModel", "Session validation failed: $reason")
+        // Could trigger re-authentication flow if needed
+    }
+
+    /**
+     * Clean up resources when ViewModel is cleared.
+     * Unsubscribes from event bus to prevent memory leaks.
+     */
+    override fun onCleared() {
+        sessionEventSubscription?.unsubscribe()
+        sessionEventSubscription = null
+        super.onCleared()
+    }
+}

library/src/main/java/com/sap/cdc/android/sdk/feature/provider/web/WebAuthenticationProvider.kt

@@ -10,9 +10,6 @@ import androidx.activity.result.contract.ActivityResultContract
 import com.sap.cdc.android.sdk.CDCDebuggable
 import com.sap.cdc.android.sdk.core.SiteConfig
 import com.sap.cdc.android.sdk.core.api.model.CDCError
-import com.sap.cdc.android.sdk.core.api.utils.AndroidBase64Encoder
-import com.sap.cdc.android.sdk.core.api.utils.Signing
-import com.sap.cdc.android.sdk.core.api.utils.SigningSpec
 import com.sap.cdc.android.sdk.core.api.utils.toEncodedQuery
 import com.sap.cdc.android.sdk.extensions.getEncryptedPreferences
 import com.sap.cdc.android.sdk.feature.AuthEndpoints
@@ -23,34 +20,31 @@ import com.sap.cdc.android.sdk.feature.provider.ProviderException
 import com.sap.cdc.android.sdk.feature.provider.ProviderExceptionType
 import com.sap.cdc.android.sdk.feature.provider.ProviderType
 import com.sap.cdc.android.sdk.feature.session.Session
-import io.ktor.http.HttpMethod
 import io.ktor.util.generateNonce
 import kotlin.coroutines.resume
 import kotlin.coroutines.resumeWithException
 import kotlin.coroutines.suspendCoroutine
 
 /**
  * Web-based social authentication provider.
- * 
+ *
  * Implements social login using WebView for providers that don't have native SDK support.
  * Handles OAuth 1.0a flow with the CDC socialize.login endpoint.
- * 
+ *
  * @property socialProvider Social provider identifier (e.g., "twitter", "linkedin")
  * @property siteConfig CDC site configuration
- * @property session Optional existing session for authenticated requests
- * 
+ *
  * @author Tal Mirmelshtein
  * @since 10/06/2024
- * 
+ *
  * Copyright: SAP LTD.
- * 
+ *
  * @see IAuthenticationProvider
  * @see WebLoginActivity
  */
 class WebAuthenticationProvider(
     private val socialProvider: String,
     private val siteConfig: SiteConfig,
-    private val session: Session?,
 ) :
     IAuthenticationProvider {
 
@@ -176,20 +170,6 @@ class WebAuthenticationProvider(
             "nonce" to generateNonce()
         )
 
-        // Check session state to apply authentication parameters.
-        if (session != null) {
-            uriParameters["oauth_token"] = session.token
-            uriParameters["timestamp"] = siteConfig.getServerTimestamp()
-            Signing(base64Encoder = AndroidBase64Encoder()).newSignature(
-                SigningSpec(
-                    session.secret,
-                    AuthEndpoints.Companion.EP_SOCIALIZE_LOGIN,
-                    HttpMethod.Companion.Get.value,
-                    uriParameters
-                )
-            )
-        }
-
         return String.format(
             "%s://%s.%s/%s?%s", "https", "socialize", siteConfig.domain,
             AuthEndpoints.Companion.EP_SOCIALIZE_LOGIN, uriParameters.toEncodedQuery()

library/src/main/java/com/sap/cdc/android/sdk/feature/screensets/WebBridgeJSApiService.kt

@@ -297,7 +297,6 @@ class WebBridgeJSApiService(
                 authProvider = WebAuthenticationProvider(
                     socialProvider = provider,
                     siteConfig = authenticationService.siteConfig,
-                    session = authenticationService.session().getSession()
                 )
             }