Skip to content

Commit

Permalink
SDKS-3346 Potential CustomTabManager ServiceConnection leak.
Browse files Browse the repository at this point in the history
  • Loading branch information
witrisna committed Aug 13, 2024
1 parent 06cf8c7 commit f6d1ca8
Show file tree
Hide file tree
Showing 5 changed files with 19 additions and 9 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@
#### Added
- Skip Type 4 TextOutputCallback [SDKS-3227]

#### Fixed
- Potential CustomTabManager ServiceConnection leak. [SDKS-3346]

## [4.5.0]
#### Added
- Added SDK support for deleting registered WebAuthn devices from the server. [SDKS-1710]
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,9 @@ import org.forgerock.android.auth.exception.BrowserAuthenticationException
*/
internal class AuthorizeContract :
ActivityResultContract<Browser, Result<AuthorizationResponse, Throwable>>() {

private lateinit var authorizationService: AuthorizationService

/**
* Creates an intent for the authorization request.
*
Expand Down Expand Up @@ -63,7 +66,7 @@ internal class AuthorizeContract :
//Allow caller to override AppAuth default setting
val appAuthConfigurationBuilder = AppAuthConfiguration.Builder()
configurer.appAuthConfigurationBuilder.accept(appAuthConfigurationBuilder)
val authorizationService =
authorizationService =
AuthorizationService(context, appAuthConfigurationBuilder.build())

//Allow caller to override custom tabs default setting
Expand All @@ -73,7 +76,6 @@ internal class AuthorizeContract :

val request = builder.build()
return authorizationService.getAuthorizationRequestIntent(request, intentBuilder.build())

}

/**
Expand All @@ -87,6 +89,7 @@ internal class AuthorizeContract :
resultCode: Int,
intent: Intent?,
): Result<AuthorizationResponse, Throwable> {
authorizationService.dispose()
intent?.let { i ->
val error = AuthorizationException.fromIntent(i)
error?.let {
Expand All @@ -100,7 +103,8 @@ internal class AuthorizeContract :
val result = AuthorizationResponse.fromIntent(i)
result?.let {
return Result.Success(it)
} ?: return Result.Failure(BrowserAuthenticationException("Failed to retrieve authorization code"))
}
?: return Result.Failure(BrowserAuthenticationException("Failed to retrieve authorization code"))
}
return Result.Failure(BrowserAuthenticationException("No response data"))
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,9 @@ import org.forgerock.android.auth.StringUtils
*/
internal class EndSessionContract :
ActivityResultContract<EndSessionInput, Result<EndSessionResponse, Throwable>>() {

private lateinit var authorizationService: AuthorizationService

/**
* Creates an intent for the end session request.
* @param context The context to use for creating the intent.
Expand All @@ -52,10 +55,10 @@ internal class EndSessionContract :
builder.setIdTokenHint(input.idToken)
}

val authService =
authorizationService =
AuthorizationService(context, input.appAuthConfiguration)

return authService.getEndSessionRequestIntent(builder.build())
return authorizationService.getEndSessionRequestIntent(builder.build())
}

/**
Expand All @@ -68,6 +71,7 @@ internal class EndSessionContract :
resultCode: Int,
intent: Intent?,
): Result<EndSessionResponse, Throwable> {
authorizationService.dispose()
intent?.let { i ->
val resp = EndSessionResponse.fromIntent(i)
resp?.let {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ public void testSha256Pinning() throws InterruptedException {
ServerConfig serverConfig = ServerConfig.builder()
.context(context)
.url("https://api.ipify.org")
.pin("2lFvaIHpsTcbb5uqa08S2k6wzLKscXXx1k1hKoX9R1Q=")
.pin("tWrCr1GAahCs75/Wfx+5pjRXCtOTzMPyw8TNPPivO0I=")
.build();

OkHttpClient client = OkHttpClientProvider.getInstance().lookup(serverConfig);
Expand Down Expand Up @@ -122,7 +122,7 @@ public void testMultiplePinning() throws InterruptedException {
ServerConfig serverConfig = ServerConfig.builder()
.context(context)
.url("https://api.ipify.org")
.pin("2lFvaIHpsTcbb5uqa08S2k6wzLKscXXx1k1hKoX9R1Q=")
.pin("tWrCr1GAahCs75/Wfx+5pjRXCtOTzMPyw8TNPPivO0I=")
.pin("invalid")
.build();

Expand Down Expand Up @@ -214,7 +214,7 @@ public void testBuildStepWithCustomPin() throws InterruptedException {
.context(context)
.url("https://api.ipify.org")
.buildStep(builder -> builder.certificatePinner(
new CertificatePinner.Builder().add("api.ipify.org", "sha1/FAx66BsuUMrmrBnZ8F0GKxBZxLs=" ).build()))
new CertificatePinner.Builder().add("api.ipify.org", "sha256/tWrCr1GAahCs75/Wfx+5pjRXCtOTzMPyw8TNPPivO0I=" ).build()))
.build();

OkHttpClient client = OkHttpClientProvider.getInstance().lookup(serverConfig);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,6 @@ class EnvViewModel : ViewModel() {
}
oauth {
oauthClientId = "AndroidTest"
oauthRedirectUri = "org.forgerock.demo:/oauth2redirect"
oauthCacheSeconds = 0
oauthScope = "openid profile email address phone"
oauthThresholdSeconds = 0
Expand Down

0 comments on commit f6d1ca8

Please sign in to comment.