Support scanning URL-based sync setup codes (#5957)

Task/Issue URL: https://app.asana.com/1/137249556945/project/72649045549333/task/1209921186465304?focus=true 

### Description

#5944 allows the barcodes to be rendered as URL-based; this PR is the other side of the coin in adding support for scanning URL-based sync setup barcodes.

#### A note on feature flagging

For feature flagging around URL-based barcodes, I’ve separated out the ability to render them vs the ability to scan them. I think this will help the logistics around rolling it out, but sense-check that for me.

| Feature flag | Description | Default state |
|--------|--------|--------|
|`syncSetupBarcodeIsUrlBased` | Whether to render URL-based or plain barcodes  | Off by default |
| `canScanUrlBasedSyncSetupBarcodes` | Whether we can scan URL-based codes | On by default (it’s a kill-switch |


### Steps to test this PR

You’ll need two devices, at least one of them being a real device so you can scan the barcode using its camera.

#### Scanning a `connect` code

- [x] Log out of sync on both devices
- [x] Choose `Sync with another device` on both
- [x] Scan the barcode **using the system camera** first, to verify you are dealing with a URL-based barcode
- [x] Scan the barcode from inside sync settings; verify sync sets up correctly


#### Scanning an `exchange` code

- [x] Log out of sync on a physical device; stay logged in on the other
- [x] Choose `Sync with another device` on both
- [x] Using physical device, scan the barcode **using the system camera** first, to verify you are dealing with a URL-based barcode
- [x] Using physical device, scan the barcode from inside sync settings; verify sync sets up correctly



#### Scanning a plaintext `recovery` code

- [x] Log out of sync on a physical device; stay logged in on the other
- [x] On the logged-in device, disable `exchangeKeysToSyncWithAnotherDevice`
- [x] Choose `Sync with another device` on both devices
- [x] Using physical device, scan the barcode **using the system camera** first, and verify you are **not** dealing with a URL-based barcode; this should be just the b64-encoded recovery code (recovery codes aren’t allowed in URLs, so disabling `exchangeKeysToSyncWithAnotherDevice` means URL-based codes won’t show either)
- [x] Using physical device, scan the barcode from inside sync settings; verify sync sets up correctly


#### Scanning a URL-based `recovery` code
This isn’t acceptable so we won’t generate URLs containing recovery codes, but let’s test what happens if one is scanned. [Barcode for testing what happens if you scan a recovery code inside a URL](https://app.asana.com/1/137249556945/task/1210110837732281?focus=true)

- [x] Log out of sync on a physical device (don’t need the other device for this test)
- [x] Choose `Sync with another device` on the physical device
- [x] Using physical device, scan the barcode linked above from inside sync settings; verify sync is **not** set up and you see an error message. In the logs, you’ll see `Recovery code found inside a URL which is not acceptable`

Author: CDRussell

sync/sync-impl/src/main/java/com/duckduckgo/sync/impl/SyncAccountRepository.kt

@@ -33,12 +33,16 @@ import com.duckduckgo.sync.impl.AccountErrorCodes.EXCHANGE_FAILED
 import com.duckduckgo.sync.impl.AccountErrorCodes.GENERIC_ERROR
 import com.duckduckgo.sync.impl.AccountErrorCodes.INVALID_CODE
 import com.duckduckgo.sync.impl.AccountErrorCodes.LOGIN_FAILED
-import com.duckduckgo.sync.impl.CodeType.UNKNOWN
 import com.duckduckgo.sync.impl.ExchangeResult.*
 import com.duckduckgo.sync.impl.Result.Error
 import com.duckduckgo.sync.impl.Result.Success
 import com.duckduckgo.sync.impl.SyncAccountRepository.AuthCode
+import com.duckduckgo.sync.impl.SyncAuthCode.Connect
+import com.duckduckgo.sync.impl.SyncAuthCode.Exchange
+import com.duckduckgo.sync.impl.SyncAuthCode.Recovery
+import com.duckduckgo.sync.impl.SyncAuthCode.Unknown
 import com.duckduckgo.sync.impl.pixels.*
+import com.duckduckgo.sync.impl.ui.qrcode.SyncBarcodeUrl
 import com.duckduckgo.sync.impl.ui.qrcode.SyncBarcodeUrlWrapper
 import com.duckduckgo.sync.store.*
 import com.squareup.anvil.annotations.*
@@ -52,11 +56,11 @@ import timber.log.Timber
 
 interface SyncAccountRepository {
 
-    fun getCodeType(stringCode: String): CodeType
+    fun parseSyncAuthCode(stringCode: String): SyncAuthCode
     fun isSyncSupported(): Boolean
     fun createAccount(): Result<Boolean>
     fun isSignedIn(): Boolean
-    fun processCode(stringCode: String): Result<Boolean>
+    fun processCode(code: SyncAuthCode): Result<Boolean>
     fun getAccountInfo(): AccountInfo
     fun logout(deviceId: String): Result<Boolean>
     fun deleteAccount(): Result<Boolean>
@@ -129,58 +133,72 @@ class AppSyncAccountRepository @Inject constructor(
         }
     }
 
-    override fun processCode(stringCode: String): Result<Boolean> {
-        val decodedCode: String? = kotlin.runCatching {
-            return@runCatching stringCode.decodeB64()
-        }.getOrNull()
-        if (decodedCode == null) {
-            Timber.w("Failed while b64 decoding barcode; barcode is unusable")
-            return Error(code = INVALID_CODE.code, reason = "Failed to decode code")
-        }
-
-        kotlin.runCatching {
-            Adapters.recoveryCodeAdapter.fromJson(decodedCode)?.recovery
-        }.getOrNull()?.let {
-            Timber.d("Sync: code is a recovery code")
-            return login(it)
-        }
+    override fun processCode(code: SyncAuthCode): Result<Boolean> {
+        when (code) {
+            is Recovery -> {
+                Timber.d("Sync: code is a recovery code")
+                return login(code.b64Code)
+            }
 
-        kotlin.runCatching {
-            Adapters.recoveryCodeAdapter.fromJson(decodedCode)?.connect
-        }.getOrNull()?.let {
-            Timber.d("Sync: code is a connect code")
-            return connectDevice(it)
-        }
+            is Connect -> {
+                Timber.d("Sync: code is a connect code")
+                return connectDevice(code.b64Code)
+            }
 
-        kotlin.runCatching {
-            Adapters.invitationCodeAdapter.fromJson(decodedCode)?.exchangeKey
-        }.getOrNull()?.let {
-            if (!syncFeature.exchangeKeysToSyncWithAnotherDevice().isEnabled()) {
-                Timber.w("Sync: Scanned exchange code type but exchanging keys to sync with another device is disabled")
-                return@let null
+            is Exchange -> {
+                if (!syncFeature.exchangeKeysToSyncWithAnotherDevice().isEnabled()) {
+                    Timber.w("Sync: Scanned exchange code type but exchanging keys to sync with another device is disabled")
+                } else {
+                    return onInvitationCodeReceived(code.b64Code)
+                }
             }
 
-            return onInvitationCodeReceived(it)
+            else -> {
+                Timber.d("Sync: code type unknown")
+            }
         }
-
-        Timber.e("Sync: code is not supported")
+        Timber.e("Sync: code type (${code.javaClass.simpleName}) is not supported")
         return Error(code = INVALID_CODE.code, reason = "Failed to decode code")
     }
 
-    override fun getCodeType(stringCode: String): CodeType {
+    override fun parseSyncAuthCode(stringCode: String): SyncAuthCode {
+        // check first if it's a URL which contains the code
+        val (code, wasInUrl) = kotlin.runCatching {
+            SyncBarcodeUrl.parseUrl(stringCode)?.webSafeB64EncodedCode?.removeUrlSafetyToRestoreB64()
+                ?.let { Pair(it, true) }
+                ?: Pair(stringCode, false)
+        }.getOrDefault(Pair(stringCode, false))
+
+        if (wasInUrl && syncFeature.canScanUrlBasedSyncSetupBarcodes().isEnabled().not()) {
+            Timber.e("Feature to allow scanning URL-based sync setup codes is disabled")
+            return Unknown(code)
+        }
+
         return kotlin.runCatching {
-            val decodedCode = stringCode.decodeB64()
-            when {
-                Adapters.recoveryCodeAdapter.fromJson(decodedCode)?.recovery != null -> CodeType.RECOVERY
-                Adapters.recoveryCodeAdapter.fromJson(decodedCode)?.connect != null -> CodeType.CONNECT
-                Adapters.invitationCodeAdapter.fromJson(decodedCode)?.exchangeKey != null -> CodeType.EXCHANGE
-                else -> UNKNOWN
-            }
-        }.onFailure {
+            val decodedCode = code.decodeB64()
+
+            canParseAsRecoveryCode(decodedCode)?.let {
+                if (wasInUrl) {
+                    throw IllegalArgumentException("Sync: Recovery code found inside a URL which is not acceptable")
+                } else {
+                    Recovery(it)
+                }
+            }
+                ?: canParseAsExchangeCode(decodedCode)?.let { Exchange(it) }
+                ?: canParseAsConnectCode(decodedCode)?.let { Connect(it) }
+                ?: Unknown(code)
+        }.onSuccess {
+            Timber.i("Sync: code type is ${it.javaClass.simpleName}. was inside url: $wasInUrl")
+        }.getOrElse {
             Timber.e(it, "Failed to decode code")
-        }.getOrDefault(UNKNOWN)
+            Unknown(code)
+        }
     }
 
+    private fun canParseAsRecoveryCode(decodedCode: String) = Adapters.recoveryCodeAdapter.fromJson(decodedCode)?.recovery
+    private fun canParseAsExchangeCode(decodedCode: String) = Adapters.invitationCodeAdapter.fromJson(decodedCode)?.exchangeKey
+    private fun canParseAsConnectCode(decodedCode: String) = Adapters.recoveryCodeAdapter.fromJson(decodedCode)?.connect
+
     private fun onInvitationCodeReceived(invitationCode: InvitationCode): Result<Boolean> {
         // Sync: InviteFlow - B (https://app.asana.com/0/72649045549333/1209571867429615)
         Timber.d("Sync-exchange: InviteFlow - B. code is an exchange code $invitationCode")
@@ -625,7 +643,8 @@ class AppSyncAccountRepository @Inject constructor(
             }
 
             is Success -> {
-                val loginResult = processCode(stringCode)
+                val codeType = parseSyncAuthCode(stringCode)
+                val loginResult = processCode(codeType)
                 if (loginResult is Error) {
                     syncPixels.fireUserSwitchedLoginError()
                 }
@@ -911,11 +930,11 @@ enum class AccountErrorCodes(val code: Int) {
     EXCHANGE_FAILED(56),
 }
 
-enum class CodeType {
-    RECOVERY,
-    CONNECT,
-    EXCHANGE,
-    UNKNOWN,
+sealed interface SyncAuthCode {
+    data class Recovery(val b64Code: RecoveryCode) : SyncAuthCode
+    data class Connect(val b64Code: ConnectCode) : SyncAuthCode
+    data class Exchange(val b64Code: InvitationCode) : SyncAuthCode
+    data class Unknown(val code: String) : SyncAuthCode
 }
 
 sealed class Result<out R> {

sync/sync-impl/src/main/java/com/duckduckgo/sync/impl/SyncFeature.kt

@@ -56,4 +56,7 @@ interface SyncFeature {
 
     @Toggle.DefaultValue(DefaultFeatureValue.FALSE)
     fun syncSetupBarcodeIsUrlBased(): Toggle
+
+    @Toggle.DefaultValue(DefaultFeatureValue.TRUE)
+    fun canScanUrlBasedSyncSetupBarcodes(): Toggle
 }

sync/sync-impl/src/main/java/com/duckduckgo/sync/impl/ui/EnterCodeViewModel.kt

@@ -28,14 +28,14 @@ import com.duckduckgo.sync.impl.AccountErrorCodes.CREATE_ACCOUNT_FAILED
 import com.duckduckgo.sync.impl.AccountErrorCodes.INVALID_CODE
 import com.duckduckgo.sync.impl.AccountErrorCodes.LOGIN_FAILED
 import com.duckduckgo.sync.impl.Clipboard
-import com.duckduckgo.sync.impl.CodeType.EXCHANGE
 import com.duckduckgo.sync.impl.ExchangeResult.AccountSwitchingRequired
 import com.duckduckgo.sync.impl.ExchangeResult.LoggedIn
 import com.duckduckgo.sync.impl.ExchangeResult.Pending
 import com.duckduckgo.sync.impl.R
 import com.duckduckgo.sync.impl.Result
 import com.duckduckgo.sync.impl.Result.Error
 import com.duckduckgo.sync.impl.SyncAccountRepository
+import com.duckduckgo.sync.impl.SyncAuthCode
 import com.duckduckgo.sync.impl.SyncFeature
 import com.duckduckgo.sync.impl.onFailure
 import com.duckduckgo.sync.impl.onSuccess
@@ -100,10 +100,10 @@ class EnterCodeViewModel @Inject constructor(
         pastedCode: String,
     ) {
         val previousPrimaryKey = syncAccountRepository.getAccountInfo().primaryKey
-        val codeType = syncAccountRepository.getCodeType(pastedCode)
-        when (val result = syncAccountRepository.processCode(pastedCode)) {
+        val codeType = syncAccountRepository.parseSyncAuthCode(pastedCode)
+        when (val result = syncAccountRepository.processCode(codeType)) {
             is Result.Success -> {
-                if (codeType == EXCHANGE) {
+                if (codeType is SyncAuthCode.Exchange) {
                     pollForRecoveryKey(previousPrimaryKey = previousPrimaryKey, code = pastedCode)
                 } else {
                     onLoginSuccess(previousPrimaryKey)

sync/sync-impl/src/main/java/com/duckduckgo/sync/impl/ui/SyncConnectViewModel.kt

@@ -29,7 +29,6 @@ import com.duckduckgo.sync.impl.AccountErrorCodes.CREATE_ACCOUNT_FAILED
 import com.duckduckgo.sync.impl.AccountErrorCodes.INVALID_CODE
 import com.duckduckgo.sync.impl.AccountErrorCodes.LOGIN_FAILED
 import com.duckduckgo.sync.impl.Clipboard
-import com.duckduckgo.sync.impl.CodeType.EXCHANGE
 import com.duckduckgo.sync.impl.ExchangeResult.AccountSwitchingRequired
 import com.duckduckgo.sync.impl.ExchangeResult.LoggedIn
 import com.duckduckgo.sync.impl.ExchangeResult.Pending
@@ -39,6 +38,7 @@ import com.duckduckgo.sync.impl.R.dimen
 import com.duckduckgo.sync.impl.Result.Error
 import com.duckduckgo.sync.impl.Result.Success
 import com.duckduckgo.sync.impl.SyncAccountRepository
+import com.duckduckgo.sync.impl.SyncAuthCode.Exchange
 import com.duckduckgo.sync.impl.getOrNull
 import com.duckduckgo.sync.impl.onFailure
 import com.duckduckgo.sync.impl.onSuccess
@@ -173,14 +173,14 @@ class SyncConnectViewModel @Inject constructor(
 
     fun onQRCodeScanned(qrCode: String) {
         viewModelScope.launch(dispatchers.io()) {
-            val codeType = syncAccountRepository.getCodeType(qrCode)
-            when (val result = syncAccountRepository.processCode(qrCode)) {
+            val codeType = syncAccountRepository.parseSyncAuthCode(qrCode)
+            when (val result = syncAccountRepository.processCode(codeType)) {
                 is Error -> {
                     processError(result)
                 }
 
                 is Success -> {
-                    if (codeType == EXCHANGE) {
+                    if (codeType is Exchange) {
                         pollForRecoveryKey()
                     } else {
                         syncPixels.fireLoginPixel()

sync/sync-impl/src/main/java/com/duckduckgo/sync/impl/ui/SyncInternalSettingsViewModel.kt

@@ -210,7 +210,8 @@ constructor(
 
     fun onQRScanned(contents: String) {
         viewModelScope.launch(dispatchers.io()) {
-            val result = syncAccountRepository.processCode(contents)
+            val codeType = syncAccountRepository.parseSyncAuthCode(contents)
+            val result = syncAccountRepository.processCode(codeType)
             if (result is Error) {
                 command.send(Command.ShowMessage("$result"))
             }
@@ -220,7 +221,8 @@ constructor(
 
     fun onConnectQRScanned(contents: String) {
         viewModelScope.launch(dispatchers.io()) {
-            val result = syncAccountRepository.processCode(contents)
+            val codeType = syncAccountRepository.parseSyncAuthCode(contents)
+            val result = syncAccountRepository.processCode(codeType)
             when (result) {
                 is Error -> {
                     command.send(Command.ShowMessage("$result"))
@@ -289,7 +291,8 @@ constructor(
     private suspend fun authFlow(
         pastedCode: String,
     ) {
-        val result = syncAccountRepository.processCode(pastedCode)
+        val codeType = syncAccountRepository.parseSyncAuthCode(pastedCode)
+        val result = syncAccountRepository.processCode(codeType)
         when (result) {
             is Result.Success -> command.send(Command.LoginSuccess)
             is Result.Error -> {

sync/sync-impl/src/main/java/com/duckduckgo/sync/impl/ui/SyncLoginViewModel.kt

@@ -27,14 +27,14 @@ import com.duckduckgo.sync.impl.AccountErrorCodes.CONNECT_FAILED
 import com.duckduckgo.sync.impl.AccountErrorCodes.CREATE_ACCOUNT_FAILED
 import com.duckduckgo.sync.impl.AccountErrorCodes.INVALID_CODE
 import com.duckduckgo.sync.impl.AccountErrorCodes.LOGIN_FAILED
-import com.duckduckgo.sync.impl.CodeType.EXCHANGE
 import com.duckduckgo.sync.impl.ExchangeResult.AccountSwitchingRequired
 import com.duckduckgo.sync.impl.ExchangeResult.LoggedIn
 import com.duckduckgo.sync.impl.ExchangeResult.Pending
 import com.duckduckgo.sync.impl.R
 import com.duckduckgo.sync.impl.Result.Error
 import com.duckduckgo.sync.impl.Result.Success
 import com.duckduckgo.sync.impl.SyncAccountRepository
+import com.duckduckgo.sync.impl.SyncAuthCode
 import com.duckduckgo.sync.impl.onFailure
 import com.duckduckgo.sync.impl.onSuccess
 import com.duckduckgo.sync.impl.pixels.SyncPixels
@@ -87,14 +87,14 @@ class SyncLoginViewModel @Inject constructor(
 
     fun onQRCodeScanned(qrCode: String) {
         viewModelScope.launch(dispatchers.io()) {
-            val codeType = syncAccountRepository.getCodeType(qrCode)
-            when (val result = syncAccountRepository.processCode(qrCode)) {
+            val codeType = syncAccountRepository.parseSyncAuthCode(qrCode)
+            when (val result = syncAccountRepository.processCode(codeType)) {
                 is Error -> {
                     processError(result)
                 }
 
                 is Success -> {
-                    if (codeType == EXCHANGE) {
+                    if (codeType is SyncAuthCode.Exchange) {
                         pollForRecoveryKey()
                     } else {
                         syncPixels.fireLoginPixel()

sync/sync-impl/src/main/java/com/duckduckgo/sync/impl/ui/SyncWithAnotherActivityViewModel.kt

@@ -29,7 +29,6 @@ import com.duckduckgo.sync.impl.AccountErrorCodes.CREATE_ACCOUNT_FAILED
 import com.duckduckgo.sync.impl.AccountErrorCodes.INVALID_CODE
 import com.duckduckgo.sync.impl.AccountErrorCodes.LOGIN_FAILED
 import com.duckduckgo.sync.impl.Clipboard
-import com.duckduckgo.sync.impl.CodeType.EXCHANGE
 import com.duckduckgo.sync.impl.ExchangeResult.AccountSwitchingRequired
 import com.duckduckgo.sync.impl.ExchangeResult.LoggedIn
 import com.duckduckgo.sync.impl.ExchangeResult.Pending
@@ -41,6 +40,7 @@ import com.duckduckgo.sync.impl.Result.Error
 import com.duckduckgo.sync.impl.Result.Success
 import com.duckduckgo.sync.impl.SyncAccountRepository
 import com.duckduckgo.sync.impl.SyncAccountRepository.AuthCode
+import com.duckduckgo.sync.impl.SyncAuthCode
 import com.duckduckgo.sync.impl.SyncFeature
 import com.duckduckgo.sync.impl.onFailure
 import com.duckduckgo.sync.impl.onSuccess
@@ -171,15 +171,15 @@ class SyncWithAnotherActivityViewModel @Inject constructor(
     fun onQRCodeScanned(qrCode: String) {
         viewModelScope.launch(dispatchers.io()) {
             val previousPrimaryKey = syncAccountRepository.getAccountInfo().primaryKey
-            val codeType = syncAccountRepository.getCodeType(qrCode)
-            when (val result = syncAccountRepository.processCode(qrCode)) {
+            val codeType = syncAccountRepository.parseSyncAuthCode(qrCode)
+            when (val result = syncAccountRepository.processCode(codeType)) {
                 is Error -> {
                     Timber.w("Sync: error processing code ${result.reason}")
                     emitError(result, qrCode)
                 }
 
                 is Success -> {
-                    if (codeType == EXCHANGE) {
+                    if (codeType is SyncAuthCode.Exchange) {
                         pollForRecoveryKey(previousPrimaryKey = previousPrimaryKey, qrCode = qrCode)
                     } else {
                         onLoginSuccess(previousPrimaryKey)