android
diff --git a/‎identity/credentialmanager/src/main/java/com/example/identity/credentialmanager/CredentialManagerHandler.kt‎
Lines changed: 48 additions & 32 deletions b/‎identity/credentialmanager/src/main/java/com/example/identity/credentialmanager/CredentialManagerHandler.kt‎
Lines changed: 48 additions & 32 deletions
diff --git a/‎identity/credentialmanager/src/main/java/com/example/identity/credentialmanager/CredentialProviderDummyActivity.kt‎
Lines changed: 27 additions & 12 deletions b/‎identity/credentialmanager/src/main/java/com/example/identity/credentialmanager/CredentialProviderDummyActivity.kt‎
Lines changed: 27 additions & 12 deletions
diff --git a/‎identity/credentialmanager/src/main/java/com/example/identity/credentialmanager/Fido2ToCredmanMigration.kt‎
Lines changed: 71 additions & 40 deletions b/‎identity/credentialmanager/src/main/java/com/example/identity/credentialmanager/Fido2ToCredmanMigration.kt‎
Lines changed: 71 additions & 40 deletions
@@ -1,3 +1,19 @@
+/*
+ * Copyright 2025 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package com.example.identity.credentialmanager
 
 import android.app.Activity
@@ -13,39 +29,39 @@ import androidx.credentials.exceptions.GetCredentialException
 
 // This class is mostly copied from https://github.com/android/identity-samples/blob/main/WebView/CredentialManagerWebView/CredentialManagerHandler.kt.
 class CredentialManagerHandler(private val activity: Activity) {
-  private val mCredMan = CredentialManager.create(activity.applicationContext)
-  private val TAG = "CredentialManagerHandler"
-  /**
-   * Encapsulates the create passkey API for credential manager in a less error-prone manner.
-   *
-   * @param request a create public key credential request JSON required by [CreatePublicKeyCredentialRequest].
-   * @return [CreatePublicKeyCredentialResponse] containing the result of the credential creation.
-   */
-  suspend fun createPasskey(request: String): CreatePublicKeyCredentialResponse {
-    val createRequest = CreatePublicKeyCredentialRequest(request)
-    try {
-      return mCredMan.createCredential(activity, createRequest) as CreatePublicKeyCredentialResponse
-    } catch (e: CreateCredentialException) {
-      // For error handling use guidance from https://developer.android.com/training/sign-in/passkeys
-      Log.i(TAG, "Error creating credential: ErrMessage: ${e.errorMessage}, ErrType: ${e.type}")
-      throw e
+    private val mCredMan = CredentialManager.create(activity.applicationContext)
+    private val TAG = "CredentialManagerHandler"
+    /**
+     * Encapsulates the create passkey API for credential manager in a less error-prone manner.
+     *
+     * @param request a create public key credential request JSON required by [CreatePublicKeyCredentialRequest].
+     * @return [CreatePublicKeyCredentialResponse] containing the result of the credential creation.
+     */
+    suspend fun createPasskey(request: String): CreatePublicKeyCredentialResponse {
+        val createRequest = CreatePublicKeyCredentialRequest(request)
+        try {
+            return mCredMan.createCredential(activity, createRequest) as CreatePublicKeyCredentialResponse
+        } catch (e: CreateCredentialException) {
+            // For error handling use guidance from https://developer.android.com/training/sign-in/passkeys
+            Log.i(TAG, "Error creating credential: ErrMessage: ${e.errorMessage}, ErrType: ${e.type}")
+            throw e
+        }
     }
-  }
 
-  /**
-   * Encapsulates the get passkey API for credential manager in a less error-prone manner.
-   *
-   * @param request a get public key credential request JSON required by [GetCredentialRequest].
-   * @return [GetCredentialResponse] containing the result of the credential retrieval.
-   */
-  suspend fun getPasskey(request: String): GetCredentialResponse {
-    val getRequest = GetCredentialRequest(listOf(GetPublicKeyCredentialOption(request, null)))
-    try {
-      return mCredMan.getCredential(activity, getRequest)
-    } catch (e: GetCredentialException) {
-      // For error handling use guidance from https://developer.android.com/training/sign-in/passkeys
-      Log.i(TAG, "Error retrieving credential: ${e.message}")
-      throw e
+    /**
+     * Encapsulates the get passkey API for credential manager in a less error-prone manner.
+     *
+     * @param request a get public key credential request JSON required by [GetCredentialRequest].
+     * @return [GetCredentialResponse] containing the result of the credential retrieval.
+     */
+    suspend fun getPasskey(request: String): GetCredentialResponse {
+        val getRequest = GetCredentialRequest(listOf(GetPublicKeyCredentialOption(request, null)))
+        try {
+            return mCredMan.getCredential(activity, getRequest)
+        } catch (e: GetCredentialException) {
+            // For error handling use guidance from https://developer.android.com/training/sign-in/passkeys
+            Log.i(TAG, "Error retrieving credential: ${e.message}")
+            throw e
+        }
     }
-  }
 }
@@ -1,3 +1,19 @@
+/*
+ * Copyright 2025 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package com.example.identity.credentialmanager
 
 import android.annotation.SuppressLint
@@ -46,7 +62,7 @@ import java.security.spec.ECParameterSpec
 import java.security.spec.ECPoint
 import java.security.spec.EllipticCurve
 
-class CredentialProviderDummyActivity: FragmentActivity() {
+class CredentialProviderDummyActivity : FragmentActivity() {
 
     private val PERSONAL_ACCOUNT_ID: String = ""
     private val FAMILY_ACCOUNT_ID: String = ""
@@ -85,7 +101,7 @@ class CredentialProviderDummyActivity: FragmentActivity() {
 
         val biometricPrompt = BiometricPrompt(
             this,
-            {  }, // Pass in your own executor
+            { }, // Pass in your own executor
             object : AuthenticationCallback() {
                 override fun onAuthenticationError(errorCode: Int, errString: CharSequence) {
                     super.onAuthenticationError(errorCode, errString)
@@ -109,7 +125,7 @@ class CredentialProviderDummyActivity: FragmentActivity() {
 
                     // Generate a credential key pair
                     val spec = ECGenParameterSpec("secp256r1")
-                    val keyPairGen = KeyPairGenerator.getInstance("EC");
+                    val keyPairGen = KeyPairGenerator.getInstance("EC")
                     keyPairGen.initialize(spec)
                     val keyPair = keyPairGen.genKeyPair()
 
@@ -165,7 +181,7 @@ class CredentialProviderDummyActivity: FragmentActivity() {
     @RequiresApi(VERSION_CODES.P)
     fun appInfoToOrigin(info: CallingAppInfo): String {
         val cert = info.signingInfo.apkContentsSigners[0].toByteArray()
-        val md = MessageDigest.getInstance("SHA-256");
+        val md = MessageDigest.getInstance("SHA-256")
         val certHash = md.digest(cert)
         // This is the format for origin
         return "android:apk-key-hash:${b64Encode(certHash)}"
@@ -240,7 +256,7 @@ class CredentialProviderDummyActivity: FragmentActivity() {
             )
         )
 
-        //Set the final response back
+        // Set the final response back
         val result = Intent()
         val response = CreatePasswordResponse()
         PendingIntentHandler.setCreateCredentialResponse(result, response)
@@ -300,10 +316,11 @@ class CredentialProviderDummyActivity: FragmentActivity() {
 
         val biometricPrompt = BiometricPrompt(
             this,
-            {  }, // Pass in your own executor
+            { }, // Pass in your own executor
             object : BiometricPrompt.AuthenticationCallback() {
                 override fun onAuthenticationError(
-                    errorCode: Int, errString: CharSequence
+                    errorCode: Int,
+                    errString: CharSequence
                 ) {
                     super.onAuthenticationError(errorCode, errString)
                     finish()
@@ -330,7 +347,7 @@ class CredentialProviderDummyActivity: FragmentActivity() {
                         packageName = packageName
                     )
 
-                    val sig = Signature.getInstance("SHA256withECDSA");
+                    val sig = Signature.getInstance("SHA256withECDSA")
                     sig.initSign(privateKey)
                     sig.update(response.dataToSign())
                     response.signature = sig.sign()
@@ -401,9 +418,7 @@ class CredentialProviderDummyActivity: FragmentActivity() {
     }
 
     // [START android_identity_credential_pending_intent]
-    fun createSettingsPendingIntent(): PendingIntent
-    // [END android_identity_credential_pending_intent]
-    {
+    fun createSettingsPendingIntent(): PendingIntent { // [END android_identity_credential_pending_intent]
         return PendingIntent.getBroadcast(this, 0, Intent(), PendingIntent.FLAG_IMMUTABLE)
     }
 
@@ -468,7 +483,7 @@ data class CredentialsInfo(
     val passwords: List<PasswordInfo> = listOf()
 )
 
-class ECPrivateKeyImpl: ECPrivateKey {
+class ECPrivateKeyImpl : ECPrivateKey {
     override fun getAlgorithm(): String = ""
     override fun getFormat(): String = ""
     override fun getEncoded(): ByteArray = byteArrayOf()
 
@@ -1,3 +1,19 @@
+/*
+ * Copyright 2025 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package com.example.identity.credentialmanager
 
 import android.app.Activity
@@ -16,6 +32,7 @@ import androidx.credentials.GetPublicKeyCredentialOption
 import androidx.credentials.PublicKeyCredential
 import androidx.credentials.exceptions.CreateCredentialException
 import com.example.identity.credentialmanager.ApiResult.Success
+import java.io.StringWriter
 import okhttp3.MediaType.Companion.toMediaTypeOrNull
 import okhttp3.OkHttpClient
 import okhttp3.Request.Builder
@@ -24,7 +41,6 @@ import okhttp3.RequestBody.Companion.toRequestBody
 import okhttp3.Response
 import okhttp3.ResponseBody
 import org.json.JSONObject
-import java.io.StringWriter
 import ru.gildor.coroutines.okhttp.await
 
 class Fido2ToCredmanMigration(
@@ -44,12 +60,15 @@ class Fido2ToCredmanMigration(
         // ...
         val call = client.newCall(
             Builder()
-                .method("POST", jsonRequestBody {
-                    name("attestation").value("none")
-                    name("authenticatorSelection").objectValue {
-                        name("residentKey").value("required")
+                .method(
+                    "POST",
+                    jsonRequestBody {
+                        name("attestation").value("none")
+                        name("authenticatorSelection").objectValue {
+                            name("residentKey").value("required")
+                        }
                     }
-            }).build()
+                ).build()
         )
         // ...
     }
@@ -61,14 +80,17 @@ class Fido2ToCredmanMigration(
             Builder()
                 .url("$BASE_URL/<your api url>")
                 .addHeader("Cookie", formatCookie(sessionId))
-                .method("POST", jsonRequestBody {
-                    name("attestation").value("none")
-                    name("authenticatorSelection").objectValue {
-                        name("authenticatorAttachment").value("platform")
-                        name("userVerification").value("required")
-                        name("residentKey").value("required")
+                .method(
+                    "POST",
+                    jsonRequestBody {
+                        name("attestation").value("none")
+                        name("authenticatorSelection").objectValue {
+                            name("authenticatorAttachment").value("platform")
+                            name("userVerification").value("required")
+                            name("residentKey").value("required")
+                        }
                     }
-                }).build()
+                ).build()
         )
         val response = call.await()
         return response.result("Error calling the api") {
@@ -108,10 +130,13 @@ class Fido2ToCredmanMigration(
      * @return a JSON object.
      */
     suspend fun signinRequest(): ApiResult<JSONObject> {
-        val call = client.newCall(Builder().url(buildString {
-            append("$BASE_URL/signinRequest")
-        }).method("POST", jsonRequestBody {})
-            .build()
+        val call = client.newCall(
+            Builder().url(
+                buildString {
+                    append("$BASE_URL/signinRequest")
+                }
+            ).method("POST", jsonRequestBody {})
+                .build()
         )
         val response = call.await()
         return response.result("Error calling /signinRequest") {
@@ -129,31 +154,36 @@ class Fido2ToCredmanMigration(
      * including the newly-registered one.
      */
     suspend fun signinResponse(
-        sessionId: String, response: JSONObject, credentialId: String
+        sessionId: String,
+        response: JSONObject,
+        credentialId: String
     ): ApiResult<Unit> {
 
         val call = client.newCall(
             Builder().url("$BASE_URL/signinResponse")
-                .addHeader("Cookie",formatCookie(sessionId))
-                .method("POST", jsonRequestBody {
-                    name("id").value(credentialId)
-                    name("type").value(PUBLIC_KEY.toString())
-                    name("rawId").value(credentialId)
-                    name("response").objectValue {
-                        name("clientDataJSON").value(
-                            response.getString("clientDataJSON")
-                        )
-                        name("authenticatorData").value(
-                            response.getString("authenticatorData")
-                        )
-                        name("signature").value(
-                            response.getString("signature")
-                        )
-                        name("userHandle").value(
-                            response.getString("userHandle")
-                        )
+                .addHeader("Cookie", formatCookie(sessionId))
+                .method(
+                    "POST",
+                    jsonRequestBody {
+                        name("id").value(credentialId)
+                        name("type").value(PUBLIC_KEY.toString())
+                        name("rawId").value(credentialId)
+                        name("response").objectValue {
+                            name("clientDataJSON").value(
+                                response.getString("clientDataJSON")
+                            )
+                            name("authenticatorData").value(
+                                response.getString("authenticatorData")
+                            )
+                            name("signature").value(
+                                response.getString("signature")
+                            )
+                            name("userHandle").value(
+                                response.getString("userHandle")
+                            )
+                        }
                     }
-                }).build()
+                ).build()
         )
         val apiResponse = call.await()
         return apiResponse.result("Error calling /signingResponse") {
@@ -169,11 +199,12 @@ class Fido2ToCredmanMigration(
         Toast.makeText(
             activity,
             "Fetching previously stored credentials",
-            Toast.LENGTH_SHORT)
+            Toast.LENGTH_SHORT
+        )
             .show()
         var result: GetCredentialResponse? = null
         try {
-            val request= GetCredentialRequest(
+            val request = GetCredentialRequest(
                 listOf(
                     GetPublicKeyCredentialOption(
                         creationResult.toString(),
@@ -234,7 +265,7 @@ class Fido2ToCredmanMigration(
 }
 
 sealed class ApiResult<out R> {
-    class Success<T>: ApiResult<T>()
+    class Success<T> : ApiResult<T>()
 }
 
 class ApiException(message: String) : RuntimeException(message)