Improve consistency around Expires At in CredentialsManager

auth0/src/main/java/com/auth0/android/authentication/storage/SecureCredentialsManager.java

@@ -248,12 +248,13 @@ private void continueGetCredentials(final BaseCallback<Credentials, CredentialsM
  return;
  }
  final Credentials credentials = gson.fromJson(json, Credentials.class);
- if (isEmpty(credentials.getAccessToken()) && isEmpty(credentials.getIdToken()) || credentials.getExpiresAt() == null) {
+ Long expiresAt = storage.retrieveLong(KEY_EXPIRES_AT);
+ if (isEmpty(credentials.getAccessToken()) && isEmpty(credentials.getIdToken()) || expiresAt == null) {
  callback.onFailure(new CredentialsManagerException("No Credentials were previously set."));
  decryptCallback = null;
  return;
  }
- if (credentials.getExpiresAt().getTime() > getCurrentTimeInMillis()) {
+ if (expiresAt > getCurrentTimeInMillis()) {
  callback.onSuccess(credentials);
  decryptCallback = null;
  return;

auth0/src/test/java/com/auth0/android/authentication/storage/SecureCredentialsManagerTest.java

@@ -712,6 +712,7 @@ public void shouldRequireAuthenticationIfAPI23AndLockScreenEnabled() {
  public void shouldGetCredentialsAfterAuthentication() {
  Date expiresAt = new Date(CredentialsMock.CURRENT_TIME_MS + 123456L * 1000);
  insertTestCredentials(true, true, false, expiresAt);
+ when(storage.retrieveLong("com.auth0.credentials_expires_at")).thenReturn(expiresAt.getTime());
 
  //Require authentication
  Activity activity = spy(Robolectric.buildActivity(Activity.class).create().start().resume().get());
@@ -750,6 +751,36 @@ public void shouldGetCredentialsAfterAuthentication() {
  assertThat(retryCheck, is(false));
  }
 
+ @Test
+ public void shouldNotGetCredentialsWhenCredentialsHaveExpired() {
+ Date credentialsExpiresAt = new Date(CredentialsMock.CURRENT_TIME_MS + 123456L * 1000);
+ Date storedExpiresAt = new Date(CredentialsMock.CURRENT_TIME_MS - 60L * 1000);
+ insertTestCredentials(true, true, false, credentialsExpiresAt);
+ when(storage.retrieveLong("com.auth0.credentials_expires_at")).thenReturn(storedExpiresAt.getTime());
+
+ //Require authentication
+ Activity activity = spy(Robolectric.buildActivity(Activity.class).create().start().resume().get());
+ KeyguardManager kService = mock(KeyguardManager.class);
+ when(activity.getSystemService(Context.KEYGUARD_SERVICE)).thenReturn(kService);
+ when(kService.isKeyguardSecure()).thenReturn(true);
+ Intent confirmCredentialsIntent = mock(Intent.class);
+ when(kService.createConfirmDeviceCredentialIntent("theTitle", "theDescription")).thenReturn(confirmCredentialsIntent);
+ boolean willRequireAuthentication = manager.requireAuthentication(activity, 123, "theTitle", "theDescription");
+ assertThat(willRequireAuthentication, is(true));
+
+ manager.getCredentials(callback);
+
+ //Should fail because of expired credentials
+ verify(callback).onFailure(exceptionCaptor.capture());
+ CredentialsManagerException exception = exceptionCaptor.getValue();
+ assertThat(exception, is(notNullValue()));
+ assertThat(exception.getMessage(), is("No Credentials were previously set."));
+
+ //A second call to checkAuthenticationResult should fail as callback is set to null
+ final boolean retryCheck = manager.checkAuthenticationResult(123, Activity.RESULT_OK);
+ assertThat(retryCheck, is(false));
+ }
+
  @Test
  public void shouldNotGetCredentialsAfterCanceledAuthentication() {
  Date expiresAt = new Date(CredentialsMock.CURRENT_TIME_MS + 123456L * 1000);