made the store method of sso internal and added support to pass headers

Author: pmathew92

auth0/src/main/java/com/auth0/android/authentication/storage/BaseCredentialsManager.kt

@@ -30,9 +30,16 @@ public abstract class BaseCredentialsManager internal constructor(
 
     @Throws(CredentialsManagerException::class)
     public abstract fun saveCredentials(credentials: Credentials)
-    public abstract fun saveSsoCredentials(ssoCredentials: SSOCredentials)
     public abstract fun getCredentials(callback: Callback<Credentials, CredentialsManagerException>)
-    public abstract fun getSsoCredentials(callback: Callback<SSOCredentials, CredentialsManagerException>)
+    public abstract fun getSsoCredentials(
+        headers: Map<String, String> = emptyMap(),
+        callback: Callback<SSOCredentials, CredentialsManagerException>
+    )
+
+    public abstract fun getSsoCredentials(
+        callback: Callback<SSOCredentials, CredentialsManagerException>
+    )
+
     public abstract fun getCredentials(
         scope: String?,
         minTtl: Int,
@@ -65,7 +72,13 @@ public abstract class BaseCredentialsManager internal constructor(
 
     @JvmSynthetic
     @Throws(CredentialsManagerException::class)
-    public abstract suspend fun awaitSsoCredentials(): SSOCredentials
+    public abstract suspend fun awaitSsoCredentials(headers: Map<String, String>)
+            : SSOCredentials
+
+    @JvmSynthetic
+    @Throws(CredentialsManagerException::class)
+    public abstract suspend fun awaitSsoCredentials()
+            : SSOCredentials
 
     @JvmSynthetic
     @Throws(CredentialsManagerException::class)

auth0/src/main/java/com/auth0/android/authentication/storage/CredentialsManager.kt

@@ -55,48 +55,41 @@ public class CredentialsManager @VisibleForTesting(otherwise = VisibleForTesting
         storage.store(LEGACY_KEY_CACHE_EXPIRES_AT, credentials.expiresAt.time)
     }
 
-
     /**
-     * Stores the given [SSOCredentials] refresh token in the storage.
-     * This method must be called if the SSOCredentials are obtained by directly invoking [AuthenticationAPIClient.fetchWebSsoToken] api and
-     * [rotating refresh token](https://auth0.com/docs/secure/tokens/refresh-tokens/refresh-token-rotation) are enabled for
-     * the client. Method will silently return ,if the passed credentials has no refresh token.
-     * This is still an experimental feature, test it thoroughly in the targeted devices and OS variants and let us know your feedback.
-     *
-     * @param ssoCredentials the credentials to save in the storage.
+     * Fetches a new [SSOCredentials] . It will fail with [CredentialsManagerException]
+     * if the existing refresh_token is null or no longer valid. This method will handle saving the refresh_token,
+     * if  a new one is issued.
+     * This is still an experimental feature, test it thoroughly and let us know your feedback.
      */
     @ExperimentalAuth0Api
-    override fun saveSsoCredentials(ssoCredentials: SSOCredentials) {
-        if (ssoCredentials.refreshToken.isNullOrEmpty())
-            return // No refresh token to save
-        serialExecutor.execute {
-            val existingRefreshToken = storage.retrieveString(KEY_REFRESH_TOKEN)
-            // Checking if the existing one needs to be replaced with the new one
-            if (ssoCredentials.refreshToken == existingRefreshToken)
-                return@execute
-            storage.store(KEY_REFRESH_TOKEN, ssoCredentials.refreshToken)
-        }
+    override fun getSsoCredentials(callback: Callback<SSOCredentials, CredentialsManagerException>) {
+        getSsoCredentials(emptyMap(), callback)
     }
 
     /**
      * Fetches a new [SSOCredentials] . It will fail with [CredentialsManagerException]
      * if the existing refresh_token is null or no longer valid. This method will handle saving the refresh_token,
      * if  a new one is issued.
-     * This is still an experimental feature, test it thoroughly in the targeted devices and OS variants and let us know your feedback.
+     * This is still an experimental feature, test it thoroughly and let us know your feedback.
      */
     @ExperimentalAuth0Api
-    override fun getSsoCredentials(callback: Callback<SSOCredentials, CredentialsManagerException>) {
+    override fun getSsoCredentials(
+        headers: Map<String, String>,
+        callback: Callback<SSOCredentials, CredentialsManagerException>
+    ) {
         serialExecutor.execute {
             val refreshToken = storage.retrieveString(KEY_REFRESH_TOKEN)
             if (refreshToken.isNullOrEmpty()) {
                 callback.onFailure(CredentialsManagerException.NO_REFRESH_TOKEN)
                 return@execute
             }
 
+            val request = authenticationClient.fetchWebSsoToken(refreshToken)
             try {
-                val sessionCredentials =
-                    authenticationClient.fetchWebSsoToken(refreshToken)
-                        .execute()
+                for (header in headers) {
+                    request.addHeader(header.key, header.value)
+                }
+                val sessionCredentials = request.execute()
                 saveSsoCredentials(sessionCredentials)
                 callback.onSuccess(sessionCredentials)
             } catch (error: AuthenticationException) {
@@ -121,22 +114,36 @@ public class CredentialsManager @VisibleForTesting(otherwise = VisibleForTesting
      * Fetches a new [SSOCredentials] . It will fail with [CredentialsManagerException]
      * if the existing refresh_token is null or no longer valid. This method will handle saving the refresh_token,
      * if  a new one is issued.
-     * This is still an experimental feature, test it thoroughly in the targeted devices and OS variants and let us know your feedback.
+     * This is still an experimental feature, test it thoroughly  and OS variants and let us know your feedback.
      */
     @JvmSynthetic
     @Throws(CredentialsManagerException::class)
     @ExperimentalAuth0Api
     override suspend fun awaitSsoCredentials(): SSOCredentials {
+        return awaitSsoCredentials(emptyMap())
+    }
+
+    /**
+     * Fetches a new [SSOCredentials] . It will fail with [CredentialsManagerException]
+     * if the existing refresh_token is null or no longer valid. This method will handle saving the refresh_token,
+     * if  a new one is issued.
+     * This is still an experimental feature, test it thoroughly and OS variants and let us know your feedback.
+     */
+    @JvmSynthetic
+    @Throws(CredentialsManagerException::class)
+    @ExperimentalAuth0Api
+    override suspend fun awaitSsoCredentials(headers: Map<String, String>): SSOCredentials {
         return suspendCancellableCoroutine { continuation ->
-            getSsoCredentials(object : Callback<SSOCredentials, CredentialsManagerException> {
-                override fun onSuccess(result: SSOCredentials) {
-                    continuation.resume(result)
-                }
+            getSsoCredentials(headers,
+                object : Callback<SSOCredentials, CredentialsManagerException> {
+                    override fun onSuccess(result: SSOCredentials) {
+                        continuation.resume(result)
+                    }
 
-                override fun onFailure(error: CredentialsManagerException) {
-                    continuation.resumeWithException(error)
-                }
-            })
+                    override fun onFailure(error: CredentialsManagerException) {
+                        continuation.resumeWithException(error)
+                    }
+                })
         }
     }
 
@@ -465,6 +472,23 @@ public class CredentialsManager @VisibleForTesting(otherwise = VisibleForTesting
         storage.remove(LEGACY_KEY_CACHE_EXPIRES_AT)
     }
 
+    /**
+     * Helper method to store the given [SSOCredentials] refresh token in the storage.
+     * Method will silently return ,if the passed credentials has no refresh token.
+     *
+     * @param ssoCredentials the credentials to save in the storage.
+     */
+    @VisibleForTesting(otherwise = VisibleForTesting.PRIVATE)
+    internal fun saveSsoCredentials(ssoCredentials: SSOCredentials) {
+        if (ssoCredentials.refreshToken.isNullOrEmpty())
+            return // No refresh token to save
+        val existingRefreshToken = storage.retrieveString(KEY_REFRESH_TOKEN)
+        // Checking if the existing one needs to be replaced with the new one
+        if (ssoCredentials.refreshToken == existingRefreshToken)
+            return // Same refresh token, no need to save
+        storage.store(KEY_REFRESH_TOKEN, ssoCredentials.refreshToken)
+    }
+
     @VisibleForTesting(otherwise = VisibleForTesting.PRIVATE)
     internal fun recreateCredentials(
         idToken: String,

auth0/src/main/java/com/auth0/android/authentication/storage/SecureCredentialsManager.kt

@@ -130,58 +130,47 @@ public class SecureCredentialsManager @VisibleForTesting(otherwise = VisibleForT
     }
 
     /**
-     * Stores the given [SSOCredentials] refresh token in the storage.
-     * This method must be called if the SSOCredentials are obtained by directly invoking [AuthenticationAPIClient.fetchWebSsoToken] api and
-     * [rotating refresh token](https://auth0.com/docs/secure/tokens/refresh-tokens/refresh-token-rotation) are enabled for
-     * the client. Method will silently return ,if the passed credentials has no refresh token.
-     * This is still an experimental feature, test it thoroughly in the targeted devices and OS variants and let us know your feedback.
-     *
-     * @param ssoCredentials the credentials to save in the storage.
+     * Fetches a new [SSOCredentials] . It will fail with [CredentialsManagerException]
+     * if the existing refresh_token is null or no longer valid. This method will handle saving the refresh_token,
+     * if  a new one is issued.
+     * This is still an experimental feature, test it thoroughly and let us know your feedback.
      */
     @ExperimentalAuth0Api
-    override fun saveSsoCredentials(ssoCredentials: SSOCredentials) {
-        if (ssoCredentials.refreshToken.isNullOrEmpty()) return // No refresh token to save
-        serialExecutor.execute {
-            lateinit var existingCredentials: Credentials
-            try {
-                existingCredentials = getExistingCredentials()
-            } catch (exception: CredentialsManagerException) {
-                Log.e(TAG,"Error while fetching existing credentials", exception)
-                return@execute
-            }
-            // Checking if the existing one needs to be replaced with the new one
-            if (existingCredentials.refreshToken == ssoCredentials.refreshToken)
-                return@execute
-            val newCredentials =
-                existingCredentials.copy(refreshToken = ssoCredentials.refreshToken)
-            saveCredentials(newCredentials)
-        }
+    override fun getSsoCredentials(callback: Callback<SSOCredentials, CredentialsManagerException>) {
+        getSsoCredentials(emptyMap(), callback)
     }
 
     /**
      * Fetches a new [SSOCredentials] . It will fail with [CredentialsManagerException]
      * if the existing refresh_token is null or no longer valid. This method will handle saving the refresh_token,
      * if  a new one is issued.
-     * This is still an experimental feature, test it thoroughly in the targeted devices and OS variants and let us know your feedback.
+     * This is still an experimental feature, test it thoroughly and let us know your feedback.
      */
     @ExperimentalAuth0Api
-    override fun getSsoCredentials(callback: Callback<SSOCredentials, CredentialsManagerException>) {
+    override fun getSsoCredentials(
+        headers: Map<String, String>,
+        callback: Callback<SSOCredentials, CredentialsManagerException>
+    ) {
         serialExecutor.execute {
-            lateinit var existingCredentials:Credentials
-            try{
+            lateinit var existingCredentials: Credentials
+            try {
                 existingCredentials = getExistingCredentials()
-            }catch (exception:CredentialsManagerException){
+            } catch (exception: CredentialsManagerException) {
                 callback.onFailure(exception)
                 return@execute
             }
             if (existingCredentials.refreshToken.isNullOrEmpty()) {
                 callback.onFailure(CredentialsManagerException.NO_REFRESH_TOKEN)
                 return@execute
             }
+
+            val request = authenticationClient.fetchWebSsoToken(existingCredentials.refreshToken!!)
             try {
+                for (header in headers) {
+                    request.addHeader(header.key, header.value)
+                }
                 val sessionCredentials =
-                    authenticationClient.fetchWebSsoToken(existingCredentials.refreshToken!!)
-                        .execute()
+                    request.execute()
                 saveSsoCredentials(sessionCredentials)
                 callback.onSuccess(sessionCredentials)
             } catch (error: AuthenticationException) {
@@ -211,22 +200,36 @@ public class SecureCredentialsManager @VisibleForTesting(otherwise = VisibleForT
      * Fetches a new [SSOCredentials] . It will fail with [CredentialsManagerException]
      * if the existing refresh_token is null or no longer valid. This method will handle saving the refresh_token,
      * if  a new one is issued.
-     * This is still an experimental feature, test it thoroughly in the targeted devices and OS variants and let us know your feedback.
+     * This is still an experimental feature, test it thoroughly and let us know your feedback.
      */
     @JvmSynthetic
     @Throws(CredentialsManagerException::class)
     @ExperimentalAuth0Api
     override suspend fun awaitSsoCredentials(): SSOCredentials {
+        return awaitSsoCredentials(emptyMap())
+    }
+
+    /**
+     * Fetches a new [SSOCredentials] . It will fail with [CredentialsManagerException]
+     * if the existing refresh_token is null or no longer valid. This method will handle saving the refresh_token,
+     * if  a new one is issued.
+     * This is still an experimental feature, test it thoroughly and let us know your feedback.
+     */
+    @JvmSynthetic
+    @Throws(CredentialsManagerException::class)
+    @ExperimentalAuth0Api
+    override suspend fun awaitSsoCredentials(headers: Map<String, String>): SSOCredentials {
         return suspendCancellableCoroutine { continuation ->
-            getSsoCredentials(object : Callback<SSOCredentials, CredentialsManagerException> {
-                override fun onSuccess(result: SSOCredentials) {
-                    continuation.resume(result)
-                }
+            getSsoCredentials(headers,
+                object : Callback<SSOCredentials, CredentialsManagerException> {
+                    override fun onSuccess(result: SSOCredentials) {
+                        continuation.resume(result)
+                    }
 
-                override fun onFailure(error: CredentialsManagerException) {
-                    continuation.resumeWithException(error)
-                }
-            })
+                    override fun onFailure(error: CredentialsManagerException) {
+                        continuation.resumeWithException(error)
+                    }
+                })
         }
     }
 
@@ -763,6 +766,30 @@ public class SecureCredentialsManager @VisibleForTesting(otherwise = VisibleForT
         fragmentActivity!!.clear()
     }
 
+    /**
+     * Helper method to stores the given [SSOCredentials] refresh token in the storage.
+     * Method will silently return ,if the passed credentials has no refresh token.
+     *
+     * @param ssoCredentials the credentials to save in the storage.
+     */
+    @VisibleForTesting(otherwise = VisibleForTesting.PRIVATE)
+    internal fun saveSsoCredentials(ssoCredentials: SSOCredentials) {
+        if (ssoCredentials.refreshToken.isNullOrEmpty()) return // No refresh token to save
+        lateinit var existingCredentials: Credentials
+        try {
+            existingCredentials = getExistingCredentials()
+        } catch (exception: CredentialsManagerException) {
+            Log.e(TAG, "Error while fetching existing credentials", exception)
+            return
+        }
+        // Checking if the existing one needs to be replaced with the new one
+        if (existingCredentials.refreshToken == ssoCredentials.refreshToken)
+            return
+        val newCredentials =
+            existingCredentials.copy(refreshToken = ssoCredentials.refreshToken)
+        saveCredentials(newCredentials)
+    }
+
     internal companion object {
         private val TAG = SecureCredentialsManager::class.java.simpleName
 

auth0/src/test/java/com/auth0/android/authentication/storage/SecureCredentialsManagerTest.kt

@@ -1859,32 +1859,32 @@ public class SecureCredentialsManagerTest {
                     )
                 secureCredsManager.getCredentials(object :
                     Callback<Credentials, CredentialsManagerException> {
-                    override fun onFailure(exception: CredentialsManagerException) {
-                        throw exception
+                    override fun onFailure(error: CredentialsManagerException) {
+                        throw error
                     }
 
-                    override fun onSuccess(credentials: Credentials) {
+                    override fun onSuccess(result: Credentials) {
                         // Verify all instances retrieved the same credentials
                         MatcherAssert.assertThat(
                             renewedCredentials.accessToken,
-                            Is.`is`(credentials.accessToken)
+                            Is.`is`(result.accessToken)
                         )
                         MatcherAssert.assertThat(
                             renewedCredentials.idToken,
-                            Is.`is`(credentials.idToken)
+                            Is.`is`(result.idToken)
                         )
                         MatcherAssert.assertThat(
                             renewedCredentials.refreshToken,
-                            Is.`is`(credentials.refreshToken)
+                            Is.`is`(result.refreshToken)
                         )
-                        MatcherAssert.assertThat(renewedCredentials.type, Is.`is`(credentials.type))
+                        MatcherAssert.assertThat(renewedCredentials.type, Is.`is`(result.type))
                         MatcherAssert.assertThat(
                             renewedCredentials.expiresAt,
-                            Is.`is`(credentials.expiresAt)
+                            Is.`is`(result.expiresAt)
                         )
                         MatcherAssert.assertThat(
                             renewedCredentials.scope,
-                            Is.`is`(credentials.scope)
+                            Is.`is`(result.scope)
                         )
                         latch.countDown()
                     }