Summary of Changes

Hello @neelanshsahai, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the Shrine Android application by integrating the Credential Manager Signal API. This integration allows the app to communicate important credential lifecycle events and user metadata to the credential provider, improving overall authentication flow and user experience. Key changes include the addition of new signaling functions, a dedicated 'Update Profile' screen to showcase user detail signaling, and the persistence of critical authentication identifiers. The underlying AndroidX Credential library has also been updated to support these new capabilities.

Highlights

• Credential Manager Signal API Implementation: The core of this PR is the implementation of the Credential Manager Signal API. This includes new functions in CredentialManagerUtils to signal unknown credentials, accepted credential IDs, and current user details to the credential provider. This functionality is crucial for improving the user experience and security by allowing the app to communicate credential state changes.
• New 'Update Profile' Screen: A new 'Update Profile' screen has been added to the application. This screen serves as a demonstration of how the signalUserDetails API can be used to update user metadata (like name and display name) with the credential provider.
• Persistence of Authentication Identifiers: The application now persists key authentication identifiers such as the Relying Party ID (rpId), User ID (userId), and Credential ID (credId) using Android's DataStore. This ensures that these critical pieces of information are available across app sessions for consistent credential management and signaling.
• Passkey Management UI Enhancements: The Passkey Management screen has been enhanced with new UI capabilities. Users can now select multiple passkeys using checkboxes, and a new button allows signaling accepted credential IDs, providing more granular control over passkey management.
• AndroidX Credential Library Upgrade: The AndroidX Credential library has been updated to version 1.6.0-alpha05. This upgrade is essential as it provides the necessary APIs and functionalities for the newly implemented Credential Manager Signal API.

Code Review

This pull request adds the implementation for the Credential Manager Signal API, which allows the app to inform the credential provider about changes to credentials on the server. The changes include adding new screens and logic to test these APIs. My review focuses on the correctness of the JSON payloads for the Signal API, the user experience of the new UI elements, and general code quality. I've found a critical issue in how the JSON for signaling accepted credential IDs is constructed, and another critical issue where the UI for deleting credentials doesn't actually perform the deletion on the server. There are also several medium to high severity issues related to JSON construction, hardcoded strings, and UI functionality that should be addressed.

Code Review

This pull request adds the Signal API implementation and related UI for updating user profiles and managing passkeys. The changes are extensive, touching on data models, repositories, ViewModels, and UI screens. My review focuses on improving code correctness, maintainability, and robustness. Key feedback includes fixing a bug in manual JSON construction, addressing a logic issue with credential deletion, improving state management in the new UI, and resolving potential memory leaks in the ViewModel. There are also some minor suggestions for using string resources.

No additional comments - please address existing comments especially regarding json request construction and resend for re-review. Thanks Neelansh! Great work!