Add Signal API implementation (RP)

Author: Neelansh Sahai

Shrine/app/src/main/java/com/authentication/shrine/CredentialManagerUtils.kt

@@ -33,11 +33,19 @@ import androidx.credentials.GetCredentialResponse
 import androidx.credentials.GetPasswordOption
 import androidx.credentials.GetPublicKeyCredentialOption
 import androidx.credentials.GetRestoreCredentialOption
+import androidx.credentials.SignalAllAcceptedCredentialIdsRequest
+import androidx.credentials.SignalCurrentUserDetailsRequest
+import androidx.credentials.SignalUnknownCredentialRequest
 import androidx.credentials.exceptions.CreateCredentialException
 import androidx.credentials.exceptions.GetCredentialCancellationException
 import androidx.credentials.exceptions.publickeycredential.GetPublicKeyCredentialDomException
 import com.authentication.shrine.repository.SERVER_CLIENT_ID
 import com.google.android.libraries.identity.googleid.GetGoogleIdOption
+import androidx.datastore.core.DataStore
+import androidx.datastore.preferences.core.Preferences
+import com.authentication.shrine.repository.AuthRepository.Companion.RP_ID_KEY
+import com.authentication.shrine.repository.AuthRepository.Companion.USER_ID_KEY
+import com.authentication.shrine.repository.AuthRepository.Companion.read
 import org.json.JSONObject
 import javax.inject.Inject
 
@@ -48,6 +56,7 @@ import javax.inject.Inject
  */
 class CredentialManagerUtils @Inject constructor(
     private val credentialManager: CredentialManager,
+    private val dataStore: DataStore<Preferences>,
 ) {
 
     /**
@@ -249,6 +258,40 @@ class CredentialManagerUtils @Inject constructor(
         val clearRequest = ClearCredentialStateRequest(requestType = TYPE_CLEAR_RESTORE_CREDENTIAL)
         credentialManager.clearCredentialState(clearRequest)
     }
+
+    @SuppressLint("RestrictedApi")
+    suspend fun signalUnknown(
+        credentialId: String,
+    ) {
+        credentialManager.signalCredentialState(
+            SignalUnknownCredentialRequest(
+                """{"rpId":"${dataStore.read(RP_ID_KEY)}", "credentialId":"$credentialId"}""",
+            ),
+        )
+    }
+
+    @SuppressLint("RestrictedApi")
+    suspend fun signalAcceptedIds(
+        credentialIds: List<String>,
+    ) {
+        credentialManager.signalCredentialState(
+            SignalAllAcceptedCredentialIdsRequest(
+                """{"rpId":"${dataStore.read(RP_ID_KEY)}","userId":"${dataStore.read(USER_ID_KEY)}","allAcceptedCredentialIds":["${credentialIds.joinToString(",")}"]}""",
+            ),
+        )
+    }
+
+    @SuppressLint("RestrictedApi")
+    suspend fun signalUserDetails(
+        newName: String,
+        newDisplayName: String,
+    ) {
+        credentialManager.signalCredentialState(
+            SignalCurrentUserDetailsRequest(
+                """{"rpId":"${dataStore.read(RP_ID_KEY)}","userId":"${dataStore.read(USER_ID_KEY)}", "name":"$newName","displayName":"$newDisplayName"}""",
+            ),
+        )
+    }
 }
 
 sealed class GenericCredentialManagerResponse {

Shrine/app/src/main/java/com/authentication/shrine/ShrineApplication.kt

@@ -109,8 +109,12 @@ object AppModule {
     @Provides
     fun providesCredentialManagerUtils(
         credentialManager: CredentialManager,
+        dataStore: DataStore<Preferences>,
     ): CredentialManagerUtils {
-        return CredentialManagerUtils(credentialManager)
+        return CredentialManagerUtils(
+            credentialManager = credentialManager,
+            dataStore = dataStore,
+        )
     }
 
     @Singleton

Shrine/app/src/main/java/com/authentication/shrine/model/PasskeysList.kt

@@ -47,4 +47,5 @@ data class PasskeyCredential(
     val aaguid: String,
     val registeredAt: Long,
     val providerIcon: String,
+    val isSelected: Boolean = false,
 )

Shrine/app/src/main/java/com/authentication/shrine/repository/AuthRepository.kt

@@ -75,6 +75,9 @@ class AuthRepository @Inject constructor(
         val USERNAME = stringPreferencesKey("username")
         val IS_SIGNED_IN_THROUGH_PASSKEYS = booleanPreferencesKey("is_signed_passkeys")
         val SESSION_ID = stringPreferencesKey("session_id")
+        val RP_ID_KEY = stringPreferencesKey("rp_id_key")
+        val USER_ID_KEY = stringPreferencesKey("user_id_key")
+        val CRED_ID = stringPreferencesKey("cred_id")
         val RESTORE_KEY_CREDENTIAL_ID = stringPreferencesKey("restore_key_credential_id")
 
         // Value for restore credential AuthApiService parameter
@@ -99,6 +102,8 @@ class AuthRepository @Inject constructor(
                 prefs[USERNAME] = username
                 response.getSessionId()?.also {
                     prefs[SESSION_ID] = it
+                } ?: run {
+                    signOut()
                 }
             }
             return true
@@ -122,6 +127,8 @@ class AuthRepository @Inject constructor(
                 prefs[USERNAME] = username
                 response.getSessionId()?.also {
                     prefs[SESSION_ID] = it
+                } ?: run {
+                    signOut()
                 }
             }
             setSessionWithPassword(password)
@@ -152,6 +159,8 @@ class AuthRepository @Inject constructor(
                         prefs[USERNAME] = response.body()?.username.orEmpty()
                         response.getSessionId()?.also {
                             prefs[SESSION_ID] = it
+                        } ?: run {
+                            signOut()
                         }
                     }
                     return true
@@ -197,8 +206,11 @@ class AuthRepository @Inject constructor(
                 )
                 if (response.isSuccessful) {
                     dataStore.edit { prefs ->
+                        prefs[RP_ID_KEY] = response.body()?.rp?.id ?: ""
                         response.getSessionId()?.also {
                             prefs[SESSION_ID] = it
+                        } ?: run {
+                            signOut()
                         }
                     }
                     return response.getJsonObject()
@@ -260,6 +272,7 @@ class AuthRepository @Inject constructor(
                 )
                 if (apiResult.isSuccessful) {
                     dataStore.edit { prefs ->
+                        prefs[CRED_ID] = rawId
                         if (credentialResponse is CreateRestoreCredentialResponse) {
                             prefs[RESTORE_KEY_CREDENTIAL_ID] = rawId
                         }
@@ -287,8 +300,11 @@ class AuthRepository @Inject constructor(
         val response = authApiService.signInRequest()
         if (response.isSuccessful) {
             dataStore.edit { prefs ->
+                prefs[RP_ID_KEY] = response.body()?.rpId ?: ""
                 response.getSessionId()?.also {
                     prefs[SESSION_ID] = it
+                } ?: run {
+                    signOut()
                 }
             }
             return response.getJsonObject()
@@ -340,8 +356,11 @@ class AuthRepository @Inject constructor(
                         )
                         if (apiResult.isSuccessful) {
                             dataStore.edit { prefs ->
+                                prefs[CRED_ID] = credentialId
                                 apiResult.getSessionId()?.also {
                                     prefs[SESSION_ID] = it
+                                } ?: run {
+                                    signOut()
                                 }
                             }
                             return true
@@ -489,6 +508,9 @@ class AuthRepository @Inject constructor(
                 cookie = sessionId.createCookieHeader(),
             )
             if (apiResult.isSuccessful) {
+                dataStore.edit { prefs ->
+                    prefs[USER_ID_KEY] = apiResult.body()?.userId ?: ""
+                }
                 return apiResult.body()
             } else if (apiResult.code() == 401) {
                 signOut()
@@ -541,7 +563,7 @@ class AuthRepository @Inject constructor(
                     signOut()
                 }
             }
-        }catch (e: Exception) {
+        } catch (e: Exception) {
             Log.e(TAG, "Cannot call deleteRestoreKey", e)
         }
         return false

Shrine/app/src/main/java/com/authentication/shrine/ui/MainMenuScreen.kt

@@ -55,6 +55,7 @@ fun MainMenuScreen(
     onSettingsButtonClicked: () -> Unit,
     onHelpButtonClicked: () -> Unit,
     navigateToLogin: () -> Unit,
+    navigateToUpdateProfile: () -> Unit,
     viewModel: HomeViewModel,
     modifier: Modifier = Modifier,
     credentialManagerUtils: CredentialManagerUtils,
@@ -71,6 +72,7 @@ fun MainMenuScreen(
         onHelpButtonClicked = onHelpButtonClicked,
         navigateToLogin = navigateToLogin,
         onSignOut = onSignOut,
+        navigateToUpdateProfile = navigateToUpdateProfile,
         modifier = modifier,
     )
 }
@@ -93,6 +95,7 @@ fun MainMenuScreen(
     onSettingsButtonClicked: () -> Unit,
     onHelpButtonClicked: () -> Unit,
     navigateToLogin: () -> Unit,
+    navigateToUpdateProfile: () -> Unit,
     onSignOut: () -> Unit,
     modifier: Modifier = Modifier,
 ) {
@@ -121,6 +124,7 @@ fun MainMenuScreen(
                 onHelpButtonClicked,
                 onSignOut,
                 navigateToLogin,
+                navigateToUpdateProfile,
             )
         }
     }
@@ -142,6 +146,7 @@ private fun MainMenuButtonsList(
     onHelpButtonClicked: () -> Unit,
     onSignOut: () -> Unit,
     navigateToLogin: () -> Unit,
+    navigateToUpdateProfile: () -> Unit,
     modifier: Modifier = Modifier,
 ) {
     Column(
@@ -172,6 +177,11 @@ private fun MainMenuButtonsList(
             buttonText = stringResource(R.string.sign_out),
             isButtonDark = false,
         )
+
+        ShrineButton(
+            onClick = navigateToUpdateProfile,
+            buttonText = "Update Profile",
+        )
     }
 }
 
@@ -188,6 +198,7 @@ fun PasskeysSignedPreview() {
             onHelpButtonClicked = { },
             navigateToLogin = { },
             onSignOut = { },
+            navigateToUpdateProfile = { },
         )
     }
 }