Add fido-android-ui module for WebAuthn operations with hardware security keys

.github/dependabot.yml

@@ -2,7 +2,7 @@ version: 2
 updates:
   # Keep Gradle dependencies up to date
   - package-ecosystem: "gradle"
-    directory: "/"              # Root where build.gradle/settings.gradle reside
+    directory: "/"              # Root where build.gradle.kts/settings.gradle.kts reside
     schedule:
       interval: "daily"         # Adjust to "weekly" if preferred
     open-pull-requests-limit: 5

.pre-commit-config.yaml

@@ -2,7 +2,7 @@ repos:
   - repo: local
     hooks:
       - id: spotless
-        name: reformat Java
+        name: reformat sources
         language: script
         entry: scripts/spotless.py
         always_run: true

AndroidDemo/build.gradle.kts

@@ -19,6 +19,7 @@ import org.jetbrains.kotlin.gradle.dsl.JvmTarget
 plugins {
     alias(libs.plugins.android.application)
     alias(libs.plugins.kotlin.android)
+    alias(libs.plugins.kotlinx.serialization)
     id("yubikit-common")
 }
 
@@ -70,10 +71,12 @@ dependencies {
     implementation(project(":yubiotp"))
     implementation(project(":oath"))
     implementation(project(":piv"))
+    implementation(project(":fido-android-ui"))
     implementation(project(":support"))
 
     coreLibraryDesugaring(libs.desugar.jdk.libs)
     implementation(libs.kotlinx.coroutines.android)
+    implementation(libs.kotlinx.serialization.json)
 
     implementation(libs.androidx.core.ktx)
     implementation(libs.androidx.fragment.ktx)
@@ -89,6 +92,7 @@ dependencies {
     implementation(libs.androidx.navigation.fragment.ktx)
     implementation(libs.androidx.navigation.ui.ktx)
     implementation(libs.androidx.navigation.dynamic.features.fragment)
+    implementation(libs.androidx.webkit)
 
     implementation(libs.bcpkix.jdk15to18)
     implementation(libs.logback.android)

AndroidDemo/src/androidTest/java/com/yubico/yubikit/android/app/ExampleInstrumentedTest.kt

@@ -35,4 +35,4 @@ class ExampleInstrumentedTest {
         val appContext = InstrumentationRegistry.getInstrumentation().targetContext
         assertEquals("com.yubico.yubikit.android.app.test", appContext.packageName)
     }
-}
+}

AndroidDemo/src/main/AndroidManifest.xml

@@ -6,7 +6,7 @@
     <application
         android:name="androidx.multidex.MultiDexApplication"
         android:allowBackup="true"
-        android:label="@string/app_name"
+        android:label="@string/yk_fido_app_name"
         android:supportsRtl="true"
         android:icon="@mipmap/ic_launcher"
         android:roundIcon="@mipmap/ic_launcher_round"

AndroidDemo/src/main/java/com/yubico/yubikit/android/app/MainActivity.kt

@@ -71,8 +71,16 @@ class MainActivity : AppCompatActivity() {
         navController = findNavController(R.id.nav_host_fragment)
         // Passing each menu ID as a set of Ids because each
         // menu should be considered as top level destinations.
-        appBarConfiguration = AppBarConfiguration(setOf(
-                R.id.nav_management, R.id.nav_yubiotp, R.id.nav_piv, R.id.nav_oath), drawerLayout)
+        appBarConfiguration =
+            AppBarConfiguration(
+                setOf(
+                    R.id.nav_management,
+                    R.id.nav_yubiotp,
+                    R.id.nav_piv,
+                    R.id.nav_oath,
+                ),
+                drawerLayout,
+            )
         setupActionBarWithNavController(navController, appBarConfiguration)
         navView.setupWithNavController(navController)
 
@@ -123,12 +131,17 @@ class MainActivity : AppCompatActivity() {
             R.id.action_about -> {
                 val binding = DialogAboutBinding.inflate(LayoutInflater.from(this))
                 AlertDialog.Builder(this)
-                        .setView(binding.root)
-                        .create().apply {
-                            setOnShowListener {
-                                binding.version.text = String.format(Locale.getDefault(), getString(R.string.version), BuildConfig.VERSION_NAME)
-                            }
-                        }.show()
+                    .setView(binding.root)
+                    .create().apply {
+                        setOnShowListener {
+                            binding.version.text =
+                                String.format(
+                                    Locale.getDefault(),
+                                    getString(R.string.yk_provider_service_version_label),
+                                    BuildConfig.VERSION_NAME,
+                                )
+                        }
+                    }.show()
             }
         }
         return super.onOptionsItemSelected(item)
@@ -168,4 +181,4 @@ class MainActivity : AppCompatActivity() {
         yubikit.stopUsbDiscovery()
         super.onDestroy()
     }
-}
+}

AndroidDemo/src/main/java/com/yubico/yubikit/android/app/MainViewModel.kt

@@ -34,4 +34,4 @@ class MainViewModel : ViewModel() {
     }
 
     val yubiKey = MutableLiveData<YubiKeyDevice?>()
-}
+}

AndroidDemo/src/main/java/com/yubico/yubikit/android/app/ui/UiUtils.kt

@@ -28,11 +28,17 @@ import kotlin.coroutines.resume
 import kotlin.coroutines.suspendCoroutine
 
 @UiThread
-suspend fun getSecret(context: Context, @StringRes title: Int, @StringRes hint: Int = R.string.pin) = suspendCoroutine { cont ->
-    val view = LayoutInflater.from(context).inflate(R.layout.dialog_pin, null).apply {
-        findViewById<TextInputLayout>(R.id.dialog_pin_textinputlayout).hint = context.getString(hint)
-    }
-    val dialog = AlertDialog.Builder(context)
+suspend fun getSecret(
+    context: Context,
+    @StringRes title: Int,
+    @StringRes hint: Int = R.string.pin,
+) = suspendCoroutine { cont ->
+    val view =
+        LayoutInflater.from(context).inflate(R.layout.dialog_pin, null).apply {
+            findViewById<TextInputLayout>(R.id.dialog_pin_textinputlayout).hint = context.getString(hint)
+        }
+    val dialog =
+        AlertDialog.Builder(context)
             .setTitle(title)
             .setView(view)
             .setPositiveButton(android.R.string.ok) { _, _ ->
@@ -46,4 +52,4 @@ suspend fun getSecret(context: Context, @StringRes title: Int, @StringRes hint:
             }
             .create()
     dialog.show()
-}
+}

AndroidDemo/src/main/java/com/yubico/yubikit/android/app/ui/YubiKeyFragment.kt

@@ -21,27 +21,21 @@ import android.os.Bundle
 import android.view.View
 import android.widget.TextView
 import android.widget.Toast
-
 import androidx.fragment.app.Fragment
 import androidx.fragment.app.activityViewModels
 import androidx.lifecycle.lifecycleScope
-
 import com.yubico.yubikit.android.app.MainViewModel
 import com.yubico.yubikit.android.app.R
 import com.yubico.yubikit.android.transport.nfc.NfcYubiKeyDevice
 import com.yubico.yubikit.core.YubiKeyDevice
 import com.yubico.yubikit.core.application.ApplicationNotAvailableException
-
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.launch
 import kotlinx.coroutines.withContext
-
 import org.slf4j.LoggerFactory
-
 import java.io.Closeable
 
 abstract class YubiKeyFragment<App : Closeable, VM : YubiKeyViewModel<App>> : Fragment() {
-
     private val logger = LoggerFactory.getLogger(YubiKeyFragment::class.java)
 
     private val activityViewModel: MainViewModel by activityViewModels()
@@ -50,11 +44,15 @@ abstract class YubiKeyFragment<App : Closeable, VM : YubiKeyViewModel<App>> : Fr
     private lateinit var yubiKeyPrompt: AlertDialog
     private lateinit var emptyText: TextView
 
-    override fun onViewCreated(view: View, savedInstanceState: Bundle?) {
+    override fun onViewCreated(
+        view: View,
+        savedInstanceState: Bundle?,
+    ) {
         emptyText = view.findViewById(R.id.empty_view)
         emptyText.visibility = View.VISIBLE
 
-        yubiKeyPrompt = AlertDialog.Builder(context)
+        yubiKeyPrompt =
+            AlertDialog.Builder(context)
                 .setTitle("Insert YubiKey")
                 .setMessage(R.string.need_yubikey)
                 .setOnCancelListener { viewModel.pendingAction.value = null }
@@ -125,4 +123,4 @@ abstract class YubiKeyFragment<App : Closeable, VM : YubiKeyViewModel<App>> : Fr
             }
         }
     }
-}
+}

AndroidDemo/src/main/java/com/yubico/yubikit/android/app/ui/YubiKeyViewModel.kt

@@ -28,7 +28,12 @@ abstract class YubiKeyViewModel<Session : Closeable> : ViewModel() {
 
     val pendingAction = MutableLiveData<(Session.() -> String?)?>()
 
-    abstract fun getSession(device: YubiKeyDevice, onError: (Throwable) -> Unit, callback: (Session) -> Unit)
+    abstract fun getSession(
+        device: YubiKeyDevice,
+        onError: (Throwable) -> Unit,
+        callback: (Session) -> Unit,
+    )
+
     abstract fun Session.updateState()
 
     fun onYubiKeyDevice(device: YubiKeyDevice) {
@@ -53,4 +58,4 @@ abstract class YubiKeyViewModel<Session : Closeable> : ViewModel() {
             }
         }
     }
-}
+}

AndroidDemo/src/main/java/com/yubico/yubikit/android/app/ui/fido/FidoAppLocalFragment.kt

@@ -0,0 +1,115 @@
+/*
+ * Copyright (C) 2025-2026 Yubico.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.yubico.yubikit.android.app.ui.fido
+
+import android.os.Bundle
+import android.view.LayoutInflater
+import android.view.View
+import android.view.ViewGroup
+import androidx.fragment.app.Fragment
+import androidx.lifecycle.lifecycleScope
+import com.yubico.yubikit.android.app.databinding.FragmentFidoAppLocalBinding
+import com.yubico.yubikit.core.internal.codec.Base64
+import com.yubico.yubikit.fido.android.ui.FidoClient
+import com.yubico.yubikit.fido.android.ui.Origin
+import kotlinx.coroutines.launch
+import kotlinx.serialization.json.Json
+import org.slf4j.LoggerFactory
+import kotlin.random.Random
+
+class FidoAppLocalFragment : Fragment() {
+    private val logger = LoggerFactory.getLogger(FidoAppLocalFragment::class.java)
+    private var _binding: FragmentFidoAppLocalBinding? = null
+    val binding get() = _binding!!
+    private lateinit var fidoClient: FidoClient
+
+    override fun onCreateView(
+        inflater: LayoutInflater,
+        container: ViewGroup?,
+        savedInstanceState: Bundle?,
+    ): View? {
+        fidoClient = FidoClient(this)
+        _binding = FragmentFidoAppLocalBinding.inflate(inflater, container, false)
+        return binding.root
+    }
+
+    override fun onDestroyView() {
+        super.onDestroyView()
+        _binding = null
+    }
+
+    private fun buildMcRequest(
+        userName: String,
+        userDisplayName: String = userName,
+    ): String {
+        val challenge = ByteArray(16).also { Random.nextBytes(it) }
+        val userId = ByteArray(32).also { Random.nextBytes(it) }
+        val request =
+            McRequest(
+                challenge = Base64.toUrlSafeString(challenge),
+                rp = Rp(RP_ID, RP_ID),
+                user = User(Base64.toUrlSafeString(userId), userName, userDisplayName),
+            )
+
+        return json.encodeToString(request)
+    }
+
+    private fun buildGaRequest(): String {
+        val challenge = ByteArray(16).also { Random.nextBytes(it) }
+        val request =
+            GaRequest(
+                challenge = Base64.toUrlSafeString(challenge),
+                rpId = RP_ID,
+            )
+        return json.encodeToString(request)
+    }
+
+    override fun onViewCreated(
+        view: View,
+        savedInstanceState: Bundle?,
+    ) {
+        super.onViewCreated(view, savedInstanceState)
+
+        binding.btnMc.setOnClickListener {
+            lifecycleScope.launch {
+                val request = buildMcRequest("App test user")
+                logger.debug("Make credential request: {}", request)
+
+                fidoClient.makeCredential(Origin(ORIGIN), request, null)
+                    .onSuccess { logger.debug("Successful MC: {}", it) }
+                    .onFailure { logger.error("Error during MC: ", it) }
+            }
+        }
+
+        binding.btnGa.setOnClickListener {
+            lifecycleScope.launch {
+                val request = buildGaRequest()
+                logger.debug("Get assertions request: {}", request)
+
+                fidoClient.getAssertion(Origin(ORIGIN), request, null)
+                    .onSuccess { logger.debug("Successful GA: {}", it) }
+                    .onFailure { logger.error("Error during GA:", it) }
+            }
+        }
+    }
+
+    companion object {
+        const val ORIGIN = "https://demo.yubico.app"
+        const val RP_ID = "demo.yubico.app"
+        val json = Json { encodeDefaults = true }
+    }
+}