feat(AWSMobileClient): Adds option to specify browser for HostedUI (#2152)

Adds the option for a customer to specify a browser other than the default (Chrome) to launch HostedUI when signing in and out. Resolves #539

Author: TrekSoft

aws-android-sdk-cognitoauth/src/main/java/com/amazonaws/mobileconnectors/cognitoauth/Auth.java

@@ -104,6 +104,11 @@ public final class Auth {
      */
     private final String signOutRedirectUri;
 
+    /**
+     * Optional string specifying the browser to open custom tabs. Defaults to Chrome if left null.
+     */
+    private String browserPackage;
+
     /**
      * Scopes for the requested tokens.
      */
@@ -144,6 +149,14 @@ public void setPersistenceEnabled(boolean isPersistenceEnabled) {
         awsKeyValueStore.setPersistenceEnabled(this.isPersistenceEnabled);
     }
 
+    /**
+     * Update the browser package to use for launching a custom tab.
+     * @param browserPackage the browser package to use for launching a custom tab.
+     */
+    public void setBrowserPackage(String browserPackage) {
+        this.browserPackage = browserPackage;
+    }
+
     /**
      * Instantiates {@link Auth}.
      * <p><b>Note: </b>This SDK not obfuscate the App Secret. When using App Secret in the production
@@ -612,6 +625,13 @@ public String getSignOutRedirectUri() {
         return signOutRedirectUri;
     }
 
+    /**
+     * @return Optional browser package set for this {@link Auth} instance.
+     */
+    public String getBrowserPackage() {
+        return browserPackage;
+    }
+
     /**
      * @return Identity Provider set for this {@link Auth} instance.
      */
@@ -652,7 +672,12 @@ public Bundle getCustomTabExtras() {
      * @param activity Activity to launch custom tabs from and to listen for the intent completions.
      */
     public void getSession(final Activity activity) {
-        this.user.getSession(true, activity);
+        if (getBrowserPackage() != null) {
+            this.user.getSession(true, activity, getBrowserPackage());
+        } else {
+            this.user.getSession(true, activity);
+        }
+
     }
 
     /**
@@ -687,7 +712,11 @@ public void setAuthHandler(final AuthHandler authHandler) {
      * </p>
      */
     public void signOut() {
-        this.user.signOut(false);
+        if (getBrowserPackage() != null) {
+            this.user.signOut(false, getBrowserPackage());
+        } else {
+            this.user.signOut(false);
+        }
     }
 
     /**
@@ -697,7 +726,11 @@ public void signOut() {
      *                             but the session may still be alive from the browser.
      */
     public void signOut(final boolean clearLocalTokensOnly) {
-        this.user.signOut(clearLocalTokensOnly);
+        if (getBrowserPackage() != null) {
+            this.user.signOut(clearLocalTokensOnly, getBrowserPackage());
+        } else {
+            this.user.signOut(clearLocalTokensOnly);
+        }
     }
 
     /**

aws-android-sdk-cognitoauth/src/main/java/com/amazonaws/mobileconnectors/cognitoauth/AuthClient.java

@@ -64,6 +64,11 @@ public class AuthClient {
      */
     public static final int CUSTOM_TABS_ACTIVITY_CODE = 49281;
 
+    /**
+     * Specifies what browser package to default to if one isn't specified.
+     */
+    private static final String DEFAULT_BROWSER_PACKAGE = ClientConstants.CHROME_PACKAGE;
+
     /**
      * Android application context.
      */
@@ -162,6 +167,26 @@ protected void setUsername(final String username) {
      *                 This must not be null when showSignInIfExpired is true.
      */
     protected void getSession(final boolean showSignInIfExpired, final Activity activity) {
+        getSession(showSignInIfExpired, activity, DEFAULT_BROWSER_PACKAGE);
+    }
+
+    /**
+     * Launches user authentication screen and returns a redirect Uri through an {@link Intent}.
+     * <p>
+     *     Checks for cached, valid tokens and launches the Cognito Web UI if no valid tokens are
+     *     found. This method uses PKCE for authentication. This SDK, therefore, uses code-grant flow
+     *     to authenticate user. The proof-key and a state is generated and its hash is used in added
+     *     as query parameters to create the authentication FQDN.
+     *     The state value set this method is used to temporarily cache the proof-key on the device.
+     *     To exchange the code for tokens, the {@link Auth#getTokens(Uri)} method will use the
+     *     state in the redirect uri to fetch the stored proof-key.
+     * </p>
+     * @param showSignInIfExpired true if the web UI should launch when the session is expired
+     * @param activity The activity to launch the sign in experience from.
+     *                 This must not be null when showSignInIfExpired is true.
+     * @param browserPackage String specifying the browser package to launch the specified url.
+     */
+    protected void getSession(final boolean showSignInIfExpired, final Activity activity, final String browserPackage) {
         try {
             proofKey = Pkce.generateRandom();
             proofKeyHash = Pkce.generateHash(proofKey);
@@ -188,9 +213,10 @@ protected void getSession(final boolean showSignInIfExpired, final Activity acti
                     pool.getScopes(),
                     userHandler,
                     showSignInIfExpired,
+                    browserPackage,
                     activity);
         } else if (showSignInIfExpired) {
-            launchCognitoAuth(pool.getSignInRedirectUri(), pool.getScopes(), activity);
+            launchCognitoAuth(pool.getSignInRedirectUri(), pool.getScopes(), activity, browserPackage);
         } else {
             userHandler.onFailure(new Exception("No cached session"));
         }
@@ -211,8 +237,21 @@ protected String getUsername() {
      * </p>
      */
     public void signOut() {
+        signOut(DEFAULT_BROWSER_PACKAGE);
+    }
+
+    /**
+     * Signs-out a user.
+     * <p>
+     *     Clears cached tokens for the user. Launches the sign-out Cognito web end-point to
+     *     clear all Cognito Auth cookies stored by Chrome.
+     * </p>
+     *
+     * @param browserPackage String specifying the browser package to launch the specified url.
+     */
+    public void signOut(String browserPackage) {
         LocalDataManager.clearCache(pool.awsKeyValueStore, context, pool.getAppId(), userId);
-        launchSignOut(pool.getSignOutRedirectUri());
+        launchSignOut(pool.getSignOutRedirectUri(), browserPackage);
     }
 
     /**
@@ -226,9 +265,24 @@ public void signOut() {
      *                             but the session may still be alive from the browser.
      */
     public void signOut(final boolean clearLocalTokensOnly) {
+        signOut(clearLocalTokensOnly, DEFAULT_BROWSER_PACKAGE);
+    }
+
+    /**
+     * Signs-out a user.
+     * <p>
+     *     Clears cached tokens for the user. Launches the sign-out Cognito web end-point to
+     *     clear all Cognito Auth cookies stored by Chrome.
+     * </p>
+     *
+     * @param clearLocalTokensOnly true if signs out the user from the client,
+     *                             but the session may still be alive from the browser.
+     * @param browserPackage String specifying the browser package to launch the specified url.
+     */
+    public void signOut(final boolean clearLocalTokensOnly, final String browserPackage) {
         LocalDataManager.clearCache(pool.awsKeyValueStore, context, pool.getAppId(), userId);
         if (!clearLocalTokensOnly) {
-            launchSignOut(pool.getSignOutRedirectUri());
+            launchSignOut(pool.getSignOutRedirectUri(), browserPackage);
         }
     }
 
@@ -385,6 +439,7 @@ public void run() {
      * @param tokenScopes Required: A {@link Set<String>} specifying all scopes for the tokens.
      * @param callback Required: {@link AuthHandler}.
      * @param showSignInIfExpired true if the web UI should launch when the refresh token is expired
+     * @param browserPackage String specifying the browser package to launch the specified url.
      * @param activity The activity to launch the sign in experience from.
      *                 This must not be null if showSignInIfExpired is true.
      */
@@ -393,6 +448,7 @@ private void refreshSession(final AuthUserSession session,
                                 final Set<String> tokenScopes,
                                 final AuthHandler callback,
                                 final boolean showSignInIfExpired,
+                                final String browserPackage,
                                 final Activity activity) {
         new Thread(new Runnable() {
             final Handler handler = new Handler(context.getMainLooper());
@@ -437,7 +493,7 @@ public void run() {
                         returnCallback = new Runnable() {
                             @Override
                             public void run() {
-                                launchCognitoAuth(redirectUri, tokenScopes, activity);
+                                launchCognitoAuth(redirectUri, tokenScopes, activity, browserPackage);
                             }
                         };
                     } else {
@@ -525,8 +581,13 @@ private Map<String, String> generateTokenRefreshRequest(final String redirectUri
      * @param tokenScopes Required: A {@link Set<String>} specifying all scopes for the tokens.
      * @param activity The activity to launch the sign in experience from.
      *                 This must not be null if showSignInIfExpired is true.
+     * @param browserPackage String specifying the browser package to launch the specified url.
      */
-    private void launchCognitoAuth(final String redirectUri, final Set<String> tokenScopes, final Activity activity) {
+    private void launchCognitoAuth(
+            final String redirectUri,
+            final Set<String> tokenScopes,
+            final Activity activity,
+            final String browserPackage) {
         // Build the complete web domain to launch the login screen
         Uri.Builder builder = new Uri.Builder()
                 .scheme(ClientConstants.DOMAIN_SCHEME)
@@ -569,36 +630,40 @@ private void launchCognitoAuth(final String redirectUri, final Set<String> token
 
         final Uri fqdn = builder.build();
         LocalDataManager.cacheState(pool.awsKeyValueStore, context, state, proofKey, tokenScopes);
-        launchCustomTabs(fqdn, activity);
+        launchCustomTabs(fqdn, activity, browserPackage);
     }
 
     /**
      * Creates the FQDM for Cognito's sign-out endpoint and launches Cognito Auth Web-Domain to
      * sign-out.
      * @param redirectUri Required: The redirect Uri, which will be launched after authentication.
+     * @param browserPackage String specifying the browser package to launch the specified url.
      */
-    private void launchSignOut(final String redirectUri) {
+    private void launchSignOut(final String redirectUri, final String browserPackage) {
         Uri.Builder builder = new Uri.Builder()
                 .scheme(ClientConstants.DOMAIN_SCHEME)
                 .authority(pool.getAppWebDomain()).appendPath(ClientConstants.DOMAIN_PATH_SIGN_OUT)
                 .appendQueryParameter(ClientConstants.DOMAIN_QUERY_PARAM_CLIENT_ID, pool.getAppId())
                 .appendQueryParameter(ClientConstants.DOMAIN_QUERY_PARAM_LOGOUT_URI, redirectUri);
         final Uri fqdn = builder.build();
-        launchCustomTabsWithoutCallback(fqdn);
+        launchCustomTabsWithoutCallback(fqdn, browserPackage);
     }
 
     /**
-     * Launches the HostedUI webpage on Chrome Tab.
+     * Launches the HostedUI webpage on a Custom Tab.
      * @param uri Required: {@link Uri}.
      * @param activity Activity to launch custom tabs from and which will listen for the intent completion.
+     * @param browserPackage Optional string specifying the browser package to launch the specified url.
+     *                       Defaults to Chrome if null.
      */
-    private void launchCustomTabs(final Uri uri, final Activity activity) {
+    private void launchCustomTabs(final Uri uri, final Activity activity, final String browserPackage) {
     	try {
 	        CustomTabsIntent.Builder builder = new CustomTabsIntent.Builder(mCustomTabsSession);
 	        mCustomTabsIntent = builder.build();
 	        if(pool.getCustomTabExtras() != null)
 	            mCustomTabsIntent.intent.putExtras(pool.getCustomTabExtras());
-	        mCustomTabsIntent.intent.setPackage(ClientConstants.CHROME_PACKAGE);
+	        mCustomTabsIntent.intent.setPackage(
+	                browserPackage != null ? browserPackage : DEFAULT_BROWSER_PACKAGE);
             mCustomTabsIntent.intent.setData(uri);
             activity.startActivityForResult(
                 CustomTabsManagerActivity.createStartIntent(context, mCustomTabsIntent.intent),
@@ -610,16 +675,19 @@ private void launchCustomTabs(final Uri uri, final Activity activity) {
     }
 
     /**
-     * Launches the HostedUI page on Chrome Tab without paying attention to callbacks.
+     * Launches the HostedUI page on Custom Tab without paying attention to callbacks.
      * @param uri Required: {@link Uri}.
+     * @param browserPackage Optional string specifying the browser package to launch the specified url.
+     *                       Defaults to Chrome if null.
      */
-    private void launchCustomTabsWithoutCallback(final Uri uri) {
+    private void launchCustomTabsWithoutCallback(final Uri uri, final String browserPackage) {
         try {
             CustomTabsIntent.Builder builder = new CustomTabsIntent.Builder(mCustomTabsSession);
             mCustomTabsIntent = builder.build();
             if(pool.getCustomTabExtras() != null)
                 mCustomTabsIntent.intent.putExtras(pool.getCustomTabExtras());
-            mCustomTabsIntent.intent.setPackage(ClientConstants.CHROME_PACKAGE);
+            mCustomTabsIntent.intent.setPackage(
+                    browserPackage != null ? browserPackage : DEFAULT_BROWSER_PACKAGE);
             mCustomTabsIntent.intent.addFlags(Intent.FLAG_ACTIVITY_NO_HISTORY);
             mCustomTabsIntent.intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
             mCustomTabsIntent.launchUrl(context, uri);

aws-android-sdk-mobile-client/src/main/java/com/amazonaws/mobile/client/AWSMobileClient.java

@@ -1530,6 +1530,9 @@ public Void run() throws Exception {
                 }
                 if (signOutOptions.isInvalidateTokens()) {
                     if (hostedUI != null) {
+                        if (signOutOptions.getBrowserPackage() != null) {
+                            hostedUI.setBrowserPackage(signOutOptions.getBrowserPackage());
+                        }
                         hostedUI.signOut();
                     } else if (mOAuth2Client != null) {
                         final CountDownLatch latch = new CountDownLatch(1);
@@ -3316,6 +3319,9 @@ public void run() {
                     hostedUIBuilder.setIdpIdentifier(idpIdentifier);
                 }
                 hostedUI = hostedUIBuilder.build();
+                if (signInUIOptions.getBrowserPackage() != null) {
+                    hostedUI.setBrowserPackage(signInUIOptions.getBrowserPackage());
+                }
                 hostedUI.getSession(callingActivity);
             }
         };

aws-android-sdk-mobile-client/src/main/java/com/amazonaws/mobile/client/SignInUIOptions.java

@@ -14,6 +14,8 @@ public class SignInUIOptions {
         this.builder = builder;
     }
 
+    public String getBrowserPackage() { return builder.browserPackage; }
+
     public Integer getLogo() {
         return builder.logo;
     }
@@ -39,6 +41,7 @@ public static Builder builder() {
     }
 
     public static class Builder {
+        private String browserPackage;
         private Integer logo;
         private Integer backgroundColor;
         private boolean canCancel;
@@ -52,6 +55,17 @@ public Builder logo(final Integer logoResourceId) {
             return this;
         }
 
+        /**
+         * Specify which browser package to use for the sign in operation (e.g. "org.mozilla.firefox").
+         * Defaults to the Chrome package if not specified.
+         * @param browserPackage the browser package to use for the sign in operation (e.g. "org.mozilla.firefox").
+         * @return The builder object.
+         */
+        public Builder browserPackage(final String browserPackage) {
+            this.browserPackage = browserPackage;
+            return this;
+        }
+
         public Builder backgroundColor(final Integer logoResourceId) {
             backgroundColor = logoResourceId;
             return this;

aws-android-sdk-mobile-client/src/main/java/com/amazonaws/mobile/client/SignOutOptions.java

@@ -19,6 +19,8 @@ public boolean isInvalidateTokens() {
         return builder.invalidateTokens;
     }
 
+    public String getBrowserPackage() { return builder.browserPackage; }
+
     /**
      * Start creating a SignOutOptions object with this builder.
      *
@@ -29,6 +31,7 @@ public static Builder builder() {
     }
 
     public static class Builder {
+        private String browserPackage;
         private boolean signOutGlobally;
         private boolean invalidateTokens;
 
@@ -46,6 +49,18 @@ public Builder signOutGlobally(final boolean signOutGlobally) {
             return this;
         }
 
+        /**
+         * If {@link #invalidateTokens} is true, this can optionally be used to specify which browser package should
+         * perform the sign out action (e.g. "org.mozilla.firefox"). Defaults to the Chrome package if not specified.
+         *
+         * @param browserPackage String specifying the browser to open custom tabs.
+         * @return Builder object for chaining
+         */
+        public Builder browserPackage(final String browserPackage) {
+            this.browserPackage = browserPackage;
+            return this;
+        }
+
         /**
          * When the functionality is available, invalidate tokens on the server by making a call.
          * This is currently only supported with OAuth sessions that support this functionality.