Skip to content

Add Signal API implementation (Provider) #160

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add Signal API implementation (Provider) #160

wants to merge 2 commits into from
+409 −34

Conversation

neelanshsahai
Copy link

No description provided.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Aug 25, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Summary of Changes

Hello @neelanshsahai, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces the implementation of the Android Credential Provider Events API (Signal API) into the MyVault application. This allows the credential provider to receive and respond to various signals from the Android system, such as requests to hide/unhide specific credentials or update user details associated with credentials. The changes include integrating new dependencies, defining a dedicated service to handle these signals, updating the data layer to manage credential visibility, and enhancing the UI to reflect these changes, along with notification support.

Highlights

  • Signal API Integration: The pull request integrates the Android Credential Provider Events API, enabling the MyVault application to receive and process various signals from the Android system's credential manager. This includes handling requests to hide/unhide credentials and update user details.
  • Credential Visibility Management: A new 'hidden' flag has been introduced for 'PasskeyItem's, allowing the credential provider to manage the visibility of credentials. This enables the system to instruct the provider to hide or unhide specific credentials from the user's view.
  • Dynamic User Detail Updates: The implementation now supports updating user details, such as username and display name, for passkeys in response to 'SignalCurrentUserDetailsRequest' events, ensuring credential information remains current.
  • Notification Support: A notification system has been added to provide immediate feedback to the user when a Signal API event is successfully processed by the credential provider, enhancing transparency.
  • Database and UI Updates: The local database schema has been updated to accommodate the new 'hidden' status for passkeys, and the UI components have been modified to filter and display only non-hidden passkeys, ensuring a consistent user experience.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in issue comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Aug 25, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request adds the Signal API implementation to the credential provider, allowing it to react to events from relying parties, such as credential updates or deletions. The changes include a new service to handle these signals, UI updates to reflect credential state, and necessary database modifications. My review has identified a critical performance issue due to blocking the main thread, a logic bug in a database query, and some leftover debugging code that should be cleaned up.

...p/src/main/java/com/example/android/authentication/myvault/data/CredentialProviderService.kt Outdated
Comment on lines 75 to 80
for (i in 0 until value.length()) {
val item = value.get(i)
if (item is String) {
listAllAcceptedCredIds.add(item)
}
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The for-loop to extract strings from the JSONArray can be written more idiomatically and safely in Kotlin.

                for (i in 0 until value.length()) {
                    value.optString(i)?.let { listAllAcceptedCredIds.add(it) }
                }

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

here as well

@neelanshsahai neelanshsahai force-pushed the signal_api_provider branch 2 times, most recently from d4814f5 to 1ac8dfc Compare August 28, 2025 13:47
cy245
cy245 requested changes Sep 5, 2025
View reviewed changes
niharika2810
niharika2810 requested changes Sep 8, 2025
View reviewed changes
...p/src/main/java/com/example/android/authentication/myvault/data/CredentialProviderService.kt Outdated
Comment on lines 75 to 80
for (i in 0 until value.length()) {
val item = value.get(i)
if (item is String) {
listAllAcceptedCredIds.add(item)
}
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

here as well

@cy245 cy245 requested a review from jbabs1 September 11, 2025 17:12
@neelanshsahai neelanshsahai force-pushed the signal_api_provider branch 2 times, most recently from 768b319 to f334169 Compare September 18, 2025 19:15
@cy245
Copy link
Contributor

cy245 commented Sep 26, 2025

/gemini review

gemini-code-assist[bot]
gemini-code-assist bot reviewed Sep 26, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request successfully implements the Signal API for the credential provider. It correctly adds the necessary dependencies, manifest entries for the new service, and UI changes to handle hidden credentials. The core logic resides in the new CredentialProviderService, which listens for and processes signals from relying parties. My review focuses on improving the robustness and performance of this new service. Key feedback points include using the appropriate Coroutine Dispatcher for I/O operations, improving error logging by replacing printStackTrace with Log.e, and ensuring database access methods are correctly marked as suspend to prevent blocking the main thread. I've also included a suggestion to refactor some logic for better code clarity.

...p/src/main/java/com/example/android/authentication/myvault/data/CredentialProviderService.kt
Comment on lines 165 to 179
val listAllAcceptedCredIds = mutableListOf<String>()
when (val value = request.get(ACCEPTED_CREDENTIAL_IDS)) {
is String -> listAllAcceptedCredIds.add(value)
is JSONArray -> {
for (i in 0 until value.length()) {
val item = value.get(i)
if (item is String) {
listAllAcceptedCredIds.add(item)
}
}
}

else -> { /*do nothing*/
}
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

This block for parsing ACCEPTED_CREDENTIAL_IDS can be made more concise and functional using a when expression and mapNotNull for the JSONArray case. This improves readability and reduces mutability.

            val listAllAcceptedCredIds = when (val value = request.get(ACCEPTED_CREDENTIAL_IDS)) {
                is String -> listOf(value)
                is JSONArray -> (0 until value.length()).mapNotNull { value.optString(it) }
                else -> emptyList()
            }

@neelanshsahai
Add Signal API implementation (Provider)
42b9454 
Change-Id: I5284a17da9791cd64e8d7ea8befe96dd5c770e76
@neelanshsahai neelanshsahai requested a review from cy245 October 6, 2025 14:33
@neelanshsahai
Fix code review changes
cfaaaed 
Change-Id: I0571c151e62851634783b2aa8943b47fb84eea36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbabs1 jbabs1 jbabs1 left review comments

@niharika2810 niharika2810 Awaiting requested review from niharika2810 niharika2810 is a code owner

@cy245 cy245 Awaiting requested review from cy245 cy245 is a code owner

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@neelanshsahai @cy245 @niharika2810 @jbabs1