Added additional push related logic & support

Author: tal-mi

app/src/main/java/com/sap/cdc/bitsnbytes/cdc/IdentityServiceRepository.kt

@@ -265,7 +265,9 @@ class IdentityServiceRepository private constructor(context: Context) {
         return authenticationService.tfa().optInForPushAuthentication()
     }
 
-    //endregion
+    suspend fun optInForPushAuth(): IAuthResponse {
+        return authenticationService.authenticate().registerForAuthPushNotifications()
+    }
 
     //endregion
 

app/src/main/java/com/sap/cdc/bitsnbytes/ui/view/screens/LoginOptions.kt

@@ -55,6 +55,7 @@ import com.sap.cdc.bitsnbytes.ui.viewmodel.LoginOptionsViewModelPreview
 @Composable
 fun LoginOptionsView(viewModel: ILoginOptionsViewModel) {
     val context = LocalContext.current
+
     var loading by remember { mutableStateOf(false) }
     val executor = remember { ContextCompat.getMainExecutor(context) }
     var optionsError by remember { mutableStateOf("") }
@@ -77,50 +78,65 @@ fun LoginOptionsView(viewModel: ILoginOptionsViewModel) {
             title = "Passwordless Login",
             status = "Activated",
             actionLabel = "Deactivate",
-            onClick = { /* Handle deactivation */ },
+            onClick = {
+                
+            },
             inverse = false
         )
         SmallVerticalSpacer()
         OptionCard(
-            title = "Push 2-Factor Authentication",
+            title = "Push Authentication",
             status = "",
             actionLabel = "Activate",
             onClick = {
                 if (!notificationPermission.hasPermission) {
                     notificationPermission.launchPermissionRequest()
                 }
-                loading = true
-                viewModel.optInForPushTFA(
-                    success = {
+                    loading = true
+                    viewModel.optOnForPushAuth(success = {
                         optionsError = ""
                         loading = false
-                    },
-                    onFailedWith = { error ->
+                    }, onFailedWith = { error ->
                         optionsError = error?.errorDescription!!
                         loading = false
-                    }
-                )
+                    })
+            }, inverse = false
+        )
+        SmallVerticalSpacer()
+        OptionCard(
+            title = "Push 2-Factor Authentication",
+            status = "",
+            actionLabel = "Activate",
+            onClick = {
+                if (!notificationPermission.hasPermission) {
+                    notificationPermission.launchPermissionRequest()
+                }
+
+                loading = true
+                viewModel.optInForPushTFA(success = {
+                    optionsError = ""
+                    loading = false
+                }, onFailedWith = { error ->
+                    optionsError = error?.errorDescription!!
+                    loading = false
+                })
             },
             inverse = false
         )
         SmallVerticalSpacer()
         OptionCard(
-            title = "Biometrics",
-            status = when (viewModel.isBiometricActive()) {
+            title = "Biometrics", status = when (viewModel.isBiometricActive()) {
                 false -> "Deactivated"
                 true -> "Activated"
-            },
-            actionLabel = when (viewModel.isBiometricActive()) {
+            }, actionLabel = when (viewModel.isBiometricActive()) {
                 false -> "Activate"
                 true -> "Deactivate"
-            },
-            onClick = {
-                val promptInfo = BiometricPrompt.PromptInfo.Builder()
-                    .setAllowedAuthenticators(BIOMETRIC_STRONG)
-                    .setTitle("Biometric Authentication")
-                    .setSubtitle("Authenticate using your biometric credential")
-                    .setNegativeButtonText("Use another method")
-                    .build()
+            }, onClick = {
+                val promptInfo =
+                    BiometricPrompt.PromptInfo.Builder().setAllowedAuthenticators(BIOMETRIC_STRONG)
+                        .setTitle("Biometric Authentication")
+                        .setSubtitle("Authenticate using your biometric credential")
+                        .setNegativeButtonText("Use another method").build()
 
                 when (viewModel.isBiometricActive()) {
                     true -> {
@@ -139,8 +155,7 @@ fun LoginOptionsView(viewModel: ILoginOptionsViewModel) {
                         )
                     }
                 }
-            },
-            inverse = !viewModel.isBiometricActive()
+            }, inverse = !viewModel.isBiometricActive()
         )
 
         // Biometrics lock toggle
@@ -153,28 +168,24 @@ fun LoginOptionsView(viewModel: ILoginOptionsViewModel) {
         ) {
             Text(text = "Lock biometrics:")
             LargeHorizontalSpacer()
-            Switch(
-                checked = viewModel.isBiometricLocked(),
-                onCheckedChange = { checked ->
-                    when (checked) {
-                        true -> viewModel.biometricLock()
-                        false -> {
-                            val promptInfo = BiometricPrompt.PromptInfo.Builder()
-                                .setAllowedAuthenticators(BIOMETRIC_STRONG)
-                                .setTitle("Biometric Authentication")
-                                .setSubtitle("Authenticate using your biometric credential")
-                                .setNegativeButtonText("Use another method")
-                                .build()
-
-                            viewModel.biometricUnlock(
-                                activity = context as FragmentActivity,
-                                promptInfo = promptInfo,
-                                executor = executor
-                            )
-                        }
+            Switch(checked = viewModel.isBiometricLocked(), onCheckedChange = { checked ->
+                when (checked) {
+                    true -> viewModel.biometricLock()
+                    false -> {
+                        val promptInfo = BiometricPrompt.PromptInfo.Builder()
+                            .setAllowedAuthenticators(BIOMETRIC_STRONG)
+                            .setTitle("Biometric Authentication")
+                            .setSubtitle("Authenticate using your biometric credential")
+                            .setNegativeButtonText("Use another method").build()
+
+                        viewModel.biometricUnlock(
+                            activity = context as FragmentActivity,
+                            promptInfo = promptInfo,
+                            executor = executor
+                        )
                     }
                 }
-            )
+            })
         }
 
         LargeVerticalSpacer()
@@ -198,11 +209,7 @@ fun LoginOptionsViewPreview() {
 
 @Composable
 private fun OptionCard(
-    title: String,
-    status: String,
-    actionLabel: String,
-    inverse: Boolean,
-    onClick: () -> Unit
+    title: String, status: String, actionLabel: String, inverse: Boolean, onClick: () -> Unit
 ) {
     Card(
         //elevation = 4.dp,

app/src/main/java/com/sap/cdc/bitsnbytes/ui/viewmodel/LoginOptionsViewModel.kt

@@ -59,6 +59,13 @@ interface ILoginOptionsViewModel {
         //Stub.
     }
 
+    fun optOnForPushAuth(
+        success: () -> Unit,
+        onFailedWith: (CDCError?) -> Unit
+    ) {
+        // Stub.
+    }
+
     fun createPasskey(
         activity: ComponentActivity,
         success: () -> Unit,
@@ -87,6 +94,7 @@ class LoginOptionsViewModelPreview : ILoginOptionsViewModel {
 class LoginOptionsViewModel(context: Context) : BaseViewModel(context),
     ILoginOptionsViewModel {
 
+
     /**
      * Create instance of the biometric auth (no need to singleton it).
      */
@@ -99,6 +107,8 @@ class LoginOptionsViewModel(context: Context) : BaseViewModel(context),
             .sessionSecurityLevel() == SessionSecureLevel.BIOMETRIC
     )
 
+    //region BIOMETRIC
+
     /**
      * Check if biometric session encryption is active.
      * This is an application feature only to support the UI design.
@@ -185,6 +195,10 @@ class LoginOptionsViewModel(context: Context) : BaseViewModel(context),
         )
     }
 
+    //endregion
+
+    //region PUSH TFA
+
     override fun optInForPushTFA(
         success: () -> Unit,
         onFailedWith: (CDCError?) -> Unit
@@ -204,6 +218,33 @@ class LoginOptionsViewModel(context: Context) : BaseViewModel(context),
         }
     }
 
+    //endregion
+
+    //region PUSH AUTH
+
+    override fun optOnForPushAuth(
+        success: () -> Unit,
+        onFailedWith: (CDCError?) -> Unit
+    ) {
+        viewModelScope.launch {
+            val response = identityService.optInForPushTFA()
+            when (response.state()) {
+                AuthState.SUCCESS -> {
+                    // Success.
+                    success()
+                }
+
+                else -> {
+                    onFailedWith(response.toDisplayError())
+                }
+            }
+        }
+    }
+
+    //endregion
+
+    //region PASSKEYS
+
     private var passkeysAuthenticationProvider: IPasskeysAuthenticationProvider? = null
 
     override fun createPasskey(
@@ -251,5 +292,7 @@ class LoginOptionsViewModel(context: Context) : BaseViewModel(context),
             }
         }
     }
+
+    //endregion
 }
 

library/src/main/java/com/sap/cdc/android/sdk/auth/Auth.kt

@@ -199,6 +199,10 @@ interface IAuthApis {
     suspend fun clearPasskey(
         authenticationProvider: IPasskeysAuthenticationProvider,
     ): IAuthResponse
+
+    suspend fun registerForAuthPushNotifications(): IAuthResponse
+
+    suspend fun verifyAuthPushNotification(vToken: String): IAuthResponse
 }
 
 /**
@@ -291,6 +295,16 @@ internal class AuthApis(
         return flow.clearPasskeyCredential()
     }
 
+    override suspend fun registerForAuthPushNotifications(): IAuthResponse {
+        val flow = AccountAuthFlow(coreClient, sessionService)
+        return flow.registerAuthDevice()
+    }
+
+    override suspend fun verifyAuthPushNotification(vToken: String): IAuthResponse {
+        val flow = AccountAuthFlow(coreClient, sessionService)
+        return flow.verifyAuthPush(vToken)
+    }
+
 }
 
 /**

library/src/main/java/com/sap/cdc/android/sdk/auth/AuthEndpoints.kt

@@ -20,6 +20,10 @@ class AuthEndpoints {
 
         const val EP_ACCOUNTS_ID_TOKEN_EXCHANGE = "accounts.identity.token.exchange"
 
+        const val EP_ACCOUNT_AUTH_DEVICE_REGISTER = "accounts.devices.register"
+        const val EP_ACCOUNT_AUTH_DEVICE_UNREGISTER = "accounts.devices.unregister"
+        const val EP_ACCOUNT_AUTH_PUSH_VERIFY = "accounts.auth.push.verify"
+
         const val EP_SOCIALIZE_GET_IDS = "socialize.getIDs"
         const val EP_SOCIALIZE_LOGIN = "socialize.login"
         const val EP_SOCIALIZE_LOGOUT = "socialize.logout"

library/src/main/java/com/sap/cdc/android/sdk/auth/flow/AuthFlow.kt

@@ -11,6 +11,7 @@ import com.sap.cdc.android.sdk.auth.session.SessionService
 import com.sap.cdc.android.sdk.core.CoreClient
 import com.sap.cdc.android.sdk.core.api.CDCResponse
 import com.sap.cdc.android.sdk.extensions.parseRequiredMissingFieldsForRegistration
+import kotlinx.serialization.json.Json
 
 /**
  * Created by Tal Mirmelshtein on 10/06/2024
@@ -23,6 +24,12 @@ open class AuthFlow(val coreClient: CoreClient, val sessionService: SessionServi
         const val LOG_TAG = "AuthFlow"
     }
 
+    internal val json: Json = Json {
+        prettyPrint = true
+        isLenient = true
+        ignoreUnknownKeys = true
+    }
+
     /**
      * Override if needed to dispose various objects.
      */

library/src/main/java/com/sap/cdc/android/sdk/auth/flow/AuthFlowAccount.kt

@@ -5,11 +5,15 @@ import com.sap.cdc.android.sdk.auth.AuthEndpoints.Companion.EP_ACCOUNTS_GET_ACCO
 import com.sap.cdc.android.sdk.auth.AuthEndpoints.Companion.EP_ACCOUNTS_GET_CONFLICTING_ACCOUNTS
 import com.sap.cdc.android.sdk.auth.AuthEndpoints.Companion.EP_ACCOUNTS_ID_TOKEN_EXCHANGE
 import com.sap.cdc.android.sdk.auth.AuthEndpoints.Companion.EP_ACCOUNTS_SET_ACCOUNT_INFO
+import com.sap.cdc.android.sdk.auth.AuthEndpoints.Companion.EP_ACCOUNT_AUTH_DEVICE_REGISTER
 import com.sap.cdc.android.sdk.auth.AuthResponse
 import com.sap.cdc.android.sdk.auth.AuthenticationApi
+import com.sap.cdc.android.sdk.auth.AuthenticationService.Companion.CDC_AUTHENTICATION_SERVICE_SECURE_PREFS
+import com.sap.cdc.android.sdk.auth.AuthenticationService.Companion.CDC_DEVICE_INFO
 import com.sap.cdc.android.sdk.auth.IAuthResponse
 import com.sap.cdc.android.sdk.auth.session.SessionService
 import com.sap.cdc.android.sdk.core.CoreClient
+import com.sap.cdc.android.sdk.extensions.getEncryptedPreferences
 
 /**
  * Created by Tal Mirmelshtein on 10/06/2024
@@ -85,4 +89,28 @@ class AccountAuthFlow(coreClient: CoreClient, sessionService: SessionService) :
         return AuthResponse(tokenExchange)
     }
 
+    suspend fun registerAuthDevice(): IAuthResponse {
+        // Obtain device info from secure storage.
+        val esp = coreClient.siteConfig.applicationContext.getEncryptedPreferences(
+            CDC_AUTHENTICATION_SERVICE_SECURE_PREFS
+        )
+        val deviceInfo = esp.getString(CDC_DEVICE_INFO, "") ?: ""
+
+        CDCDebuggable.log(LOG_TAG, "registerDevice: with deviceInfo:$deviceInfo")
+        val registerDevice = AuthenticationApi(coreClient, sessionService).genericSend(
+            EP_ACCOUNT_AUTH_DEVICE_REGISTER,
+            mutableMapOf("deviceInfo" to deviceInfo)
+        )
+        return AuthResponse(registerDevice)
+    }
+
+    suspend fun verifyAuthPush(vToken: String): IAuthResponse {
+        CDCDebuggable.log(LOG_TAG, "verifyAuthPush: with vToken:$vToken")
+        val verifyAuthPush = AuthenticationApi(coreClient, sessionService).genericSend(
+            EP_ACCOUNT_AUTH_DEVICE_REGISTER,
+            mutableMapOf("vToken" to vToken)
+        )
+        return AuthResponse(verifyAuthPush)
+    }
+
 }