feat: add single sign on by saml (#420)

* revert: Support for login and registration via a browser custom tab (#371) This reverts commit 4566b1a

* feat: add saml sso

* fix: resolve conflicts and unit test

* fix: unit test issues

* fix: sso login flow and other fixes

* fix: sso login unit tests

* fix: sso login flow handle cookies error and display a message and other fixes

* fix: fixing detekt issues

* fix: merge fixes

* fix: fix detekt and unit tests issues

* fix: fix detekt issues

* fix: fix detekt issues

* fix: fix detekt issues

Author: RawanMatar89

app/schemas/org.openedx.app.room.AppDatabase/4.json

@@ -48,12 +48,6 @@
 
                 <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
-            <intent-filter>
-                <action android:name="android.intent.action.VIEW" />
-                <category android:name="android.intent.category.DEFAULT" />
-                <category android:name="android.intent.category.BROWSABLE" />
-                <data android:scheme="${applicationId}"  />
-            </intent-filter>
 
             <!-- Branch URI Scheme -->
             <intent-filter>

app/src/main/AndroidManifest.xml

@@ -2,9 +2,6 @@ package org.openedx.app
 
 import android.content.Intent
 import android.content.res.Configuration
-import android.graphics.Color
-import android.net.Uri
-import android.os.Build
 import android.os.Bundle
 import android.view.View
 import android.view.WindowManager
@@ -26,7 +23,6 @@ import org.openedx.app.databinding.ActivityAppBinding
 import org.openedx.app.deeplink.DeepLink
 import org.openedx.auth.presentation.logistration.LogistrationFragment
 import org.openedx.auth.presentation.signin.SignInFragment
-import org.openedx.core.ApiConstants
 import org.openedx.core.data.storage.CorePreferences
 import org.openedx.core.presentation.dialog.downloaddialog.DownloadDialogManager
 import org.openedx.core.presentation.global.InsetHolder
@@ -70,13 +66,6 @@ class AppActivity : AppCompatActivity(), InsetHolder, WindowSizeHolder {
     private val authCode: String?
         get() {
             val data = intent?.data
-            if (
-                data is Uri &&
-                data.scheme == BuildConfig.APPLICATION_ID &&
-                data.host == ApiConstants.BrowserLogin.REDIRECT_HOST
-            ) {
-                return data.getQueryParameter(ApiConstants.BrowserLogin.CODE_QUERY_PARAM)
-            }
             return null
         }
 
@@ -160,12 +149,8 @@ class AppActivity : AppCompatActivity(), InsetHolder, WindowSizeHolder {
             WindowCompat.setDecorFitsSystemWindows(this, false)
             val insetsController = WindowInsetsControllerCompat(this, binding.root)
             insetsController.isAppearanceLightStatusBars = !isUsingNightModeResources()
-            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.VANILLA_ICE_CREAM) {
-                insetsController.systemBarsBehavior =
-                    WindowInsetsControllerCompat.BEHAVIOR_SHOW_TRANSIENT_BARS_BY_SWIPE
-            } else {
-                window.statusBarColor = Color.TRANSPARENT
-            }
+            insetsController.systemBarsBehavior =
+                WindowInsetsControllerCompat.BEHAVIOR_SHOW_TRANSIENT_BARS_BY_SWIPE
         }
     }
 
@@ -176,7 +161,7 @@ class AppActivity : AppCompatActivity(), InsetHolder, WindowSizeHolder {
                     val fragment = if (viewModel.isLogistrationEnabled && authCode == null) {
                         LogistrationFragment()
                     } else {
-                        SignInFragment.newInstance(null, null, authCode = authCode)
+                        SignInFragment.newInstance(null, null)
                     }
                     addFragment(fragment)
                 }
@@ -224,7 +209,7 @@ class AppActivity : AppCompatActivity(), InsetHolder, WindowSizeHolder {
         this.intent = intent
 
         if (authCode != null) {
-            addFragment(SignInFragment.newInstance(null, null, authCode = authCode))
+            addFragment(SignInFragment.newInstance(null, null))
         }
 
         val extras = intent.extras

app/src/main/java/org/openedx/app/AppActivity.kt

@@ -13,6 +13,7 @@ import org.openedx.core.CalendarRouter
 import org.openedx.core.FragmentViewType
 import org.openedx.core.presentation.global.appupgrade.AppUpgradeRouter
 import org.openedx.core.presentation.global.appupgrade.UpgradeRequiredFragment
+import org.openedx.core.presentation.global.webview.SSOWebContentFragment
 import org.openedx.core.presentation.global.webview.WebContentFragment
 import org.openedx.core.presentation.settings.video.VideoQualityFragment
 import org.openedx.core.presentation.settings.video.VideoQualityType
@@ -434,6 +435,13 @@ class AppRouter :
         )
     }
 
+    override fun navigateToSSOWebContent(fm: FragmentManager, title: String, url: String) {
+        replaceFragmentWithBackStack(
+            fm,
+            SSOWebContentFragment.newInstance(title = title, url = url)
+        )
+    }
+
     override fun navigateToManageAccount(fm: FragmentManager) {
         replaceFragmentWithBackStack(fm, ManageAccountFragment())
     }

app/src/main/java/org/openedx/app/AppRouter.kt

@@ -23,7 +23,6 @@ import org.openedx.app.room.DatabaseManager
 import org.openedx.auth.presentation.AgreementProvider
 import org.openedx.auth.presentation.AuthAnalytics
 import org.openedx.auth.presentation.AuthRouter
-import org.openedx.auth.presentation.sso.BrowserAuthHelper
 import org.openedx.auth.presentation.sso.FacebookAuthHelper
 import org.openedx.auth.presentation.sso.GoogleAuthHelper
 import org.openedx.auth.presentation.sso.MicrosoftAuthHelper
@@ -224,7 +223,6 @@ val appModule = module {
     factory { FacebookAuthHelper() }
     factory { GoogleAuthHelper(get()) }
     factory { MicrosoftAuthHelper() }
-    factory { BrowserAuthHelper(get()) }
     factory { OAuthHelper(get(), get(), get()) }
     factory { VideoPreviewHelper(get(), get()) }
 

app/src/main/java/org/openedx/app/di/AppModule.kt

@@ -1,5 +1,6 @@
 package org.openedx.app.di
 
+import android.content.res.Resources
 import org.koin.core.module.dsl.viewModel
 import org.koin.core.qualifier.named
 import org.koin.dsl.module
@@ -113,11 +114,11 @@ val screenModule = module {
             get(),
             get(),
             get(),
-            get(),
         )
     }
 
-    viewModel { (courseId: String?, infoType: String?, authCode: String) ->
+    val lang = Resources.getSystem().configuration.locales[0].language
+    viewModel { (courseId: String?, infoType: String?) ->
         SignInViewModel(
             get(),
             get(),
@@ -135,7 +136,8 @@ val screenModule = module {
             get(),
             courseId,
             infoType,
-            authCode,
+            lang,
+            get()
         )
     }
 

app/src/main/java/org/openedx/app/di/ScreenModule.kt

@@ -37,17 +37,6 @@ interface AuthApi {
         @Field("asymmetric_jwt") isAsymmetricJwt: Boolean = true,
     ): AuthResponse
 
-    @FormUrlEncoded
-    @POST(ApiConstants.URL_ACCESS_TOKEN)
-    suspend fun getAccessTokenFromCode(
-        @Field("grant_type") grantType: String,
-        @Field("client_id") clientId: String,
-        @Field("code") code: String,
-        @Field("redirect_uri") redirectUri: String,
-        @Field("token_type") tokenType: String,
-        @Field("asymmetric_jwt") isAsymmetricJwt: Boolean = true,
-    ): AuthResponse
-
     @FormUrlEncoded
     @POST(ApiConstants.URL_ACCESS_TOKEN)
     fun refreshAccessToken(

auth/src/main/java/org/openedx/auth/data/api/AuthApi.kt

@@ -13,5 +13,4 @@ enum class AuthType(val postfix: String, val methodName: String) {
     GOOGLE(ApiConstants.AUTH_TYPE_GOOGLE, "Google"),
     FACEBOOK(ApiConstants.AUTH_TYPE_FB, "Facebook"),
     MICROSOFT(ApiConstants.AUTH_TYPE_MICROSOFT, "Microsoft"),
-    BROWSER(ApiConstants.AUTH_TYPE_BROWSER, "Browser")
 }

auth/src/main/java/org/openedx/auth/data/model/AuthType.kt

@@ -31,6 +31,16 @@ class AuthRepository(
             .processAuthResponse()
     }
 
+    suspend fun ssoLogin(
+        jwtToken: String
+    ) {
+        if (preferencesManager.accessToken.isBlank()) {
+            preferencesManager.accessToken = jwtToken
+        }
+        val user = api.getProfile()
+        preferencesManager.user = user
+    }
+
     suspend fun socialLogin(token: String?, authType: AuthType) {
         require(!token.isNullOrBlank()) { "Token is null" }
         api.exchangeAccessToken(
@@ -43,16 +53,6 @@ class AuthRepository(
             .processAuthResponse()
     }
 
-    suspend fun browserAuthCodeLogin(code: String) {
-        api.getAccessTokenFromCode(
-            grantType = ApiConstants.GRANT_TYPE_CODE,
-            clientId = config.getOAuthClientId(),
-            code = code,
-            redirectUri = "${config.getAppId()}://${ApiConstants.BrowserLogin.REDIRECT_HOST}",
-            tokenType = config.getAccessTokenType(),
-        ).mapToDomain().processAuthResponse()
-    }
-
     suspend fun getRegistrationFields(): List<RegistrationField> {
         return api.getRegistrationFields().fields?.map { it.mapToDomain() } ?: emptyList()
     }

auth/src/main/java/org/openedx/auth/data/repository/AuthRepository.kt

@@ -14,12 +14,14 @@ class AuthInteractor(private val repository: AuthRepository) {
         repository.login(username, password)
     }
 
-    suspend fun loginSocial(token: String?, authType: AuthType) {
-        repository.socialLogin(token, authType)
+    suspend fun ssoLogin(
+        jwtToken: String
+    ) {
+        repository.ssoLogin(jwtToken)
     }
 
-    suspend fun loginAuthCode(authCode: String) {
-        repository.browserAuthCodeLogin(authCode)
+    suspend fun loginSocial(token: String?, authType: AuthType) {
+        repository.socialLogin(token, authType)
     }
 
     suspend fun getRegistrationFields(): List<RegistrationField> {