-
Notifications
You must be signed in to change notification settings - Fork 130
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make Credential Managers save the refreshed value #118
Conversation
@lbalmaceda is it possible to improve your code-coverage, is this an issue due to the test env only covering a specific API version so other tests can't be executed? I guess question is, what's not being covered? |
Regarding your question on date storage, I think ~1 second is fine, given that the expiry time is say 12 or 24 hours? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
First pass
README.md
Outdated
1. **Instantiate the manager** | ||
You'll need an `AuthenticationAPIClient` instance used to renew the credentials when they expire and a `Storage`. The Storage implementation is up to you. We provide a `SharedPreferencesStorage` that uses `SharedPreferences` to create a file in the application's directory with Context.MODE_PRIVATE mode. This implementation is thread safe and can either be obtained through a Singleton like method or be created every time it's needed. | ||
1. **Instantiate the manager:** | ||
You'll need an `AuthenticationAPIClient` instance to renew the credentials when they expire and a `Storage`. We provide a `SharedPreferencesStorage` that uses `SharedPreferences` to create a file in the application's directory with **Context.MODE_PRIVATE** mode. This implementation is thread safe and can either be obtained through a shared method or on demand. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and a -> and a Storage
Storage
object.
We provide a -> We provide a SharedPreferencesStorage
that uses SharedPreferences
SharedPreferencesStorage
class that implements SharedPreferences
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm. But SharedPreferences
is a KeyValue store class rather than an interface that you could implement.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wasn't sure tbh just mentioned it
README.md
Outdated
When you want to log the user out: | ||
|
||
```java | ||
manager.clearCredentials(); | ||
``` | ||
|
||
|
||
### Encryption enforced (Min API 21) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is the language used typically min API X
or API X+
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
real example: Retrofit requires at minimum Java 7 or Android 2.3.
README.md
Outdated
|
||
#### Requiring Authentication | ||
|
||
You can require the user authentication to obtain credentials. This will make the manager prompt the user with the device's configured LockScreen, which they must pass correctly in order to obtain the credentials. **This feature is only available on devices where the user has setup a secured LockScreen** (PIN, Pattern, Password or Fingerprint). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems wordy, do we need to explain what a user has to do to pass a LockScreen?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the interesting point here is letting them know that no extra PIN/Pwd needs to bet setup/remembered by them, as we use the one they already use for their phone. And of course, if the phone didn't have any secure lockscreen setup, this won't work.
@@ -65,7 +65,7 @@ public void saveCredentials(@NonNull Credentials credentials) { | |||
*/ | |||
public void getCredentials(@NonNull final BaseCallback<Credentials, CredentialsManagerException> callback) { | |||
String accessToken = storage.retrieveString(KEY_ACCESS_TOKEN); | |||
String refreshToken = storage.retrieveString(KEY_REFRESH_TOKEN); | |||
final String refreshToken = storage.retrieveString(KEY_REFRESH_TOKEN); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How come this one is now final?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Because I use it on an anonymous function right below and needs any variable accessed from outside its scope to be final. -> https://github.com/auth0/Auth0.Android/pull/118/files#diff-2651976c12b43b2192543b92b10ed2e4R91
} | ||
KeyguardManager kManager = (KeyguardManager) activity.getSystemService(Context.KEYGUARD_SERVICE); | ||
this.authIntent = Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP ? kManager.createConfirmDeviceCredentialIntent(title, description) : null; | ||
this.authenticateBeforeDecrypt = (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M && kManager.isDeviceSecure() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Readability would be better with parenthesis. Think of parentheses like comments in code: they aren't strictly necessary, and in theory a competent developer should be able to figure out code without them. And yet, these cues are exceedingly helpful.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will add them but TBH it would almost look the same, as the new line is already doing that thing you mention 😛
78f33ab
to
79642f2
Compare
README.md
Outdated
@@ -434,20 +434,26 @@ users | |||
> In all the cases, the `User ID` parameter is the unique identifier of the auth0 account instance. i.e. in `google-oauth2|123456789081523216417` it would be the part after the '|' pipe: `123456789081523216417`. | |||
|
|||
|
|||
### Credentials Manager | |||
This library ships with a `CredentialsManager` class to easily store and retrieve fresh Credentials from a given `Storage`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🤔 I think you're commenting on the deleted line.
9b0da89
to
348ba26
Compare
My only concern in this PR is that when serializing theCredentials
object, Gson (our Json library) will serialize Java Dates to a string value (not long timestamps), thus losing the precision (milis). Should I make the serializer serialize Longs instead? (I've to code that logic) or is it an edge case and we're ok having a 1 second expiredCredentials
?EDIT: Fixed. Now Gson serializes dates in a correct format including Timezone and Millis.
Depends on this PR getting merged: #115. Once merged, a rebase will make diff clearer here.
Closes #109