Skip to content

Commit

Permalink
feat: UUI-2211 fixed obfuscation if else case error
Browse files Browse the repository at this point in the history
  • Loading branch information
@pklawikowski-schibsted
pklawikowski-schibsted authored Dec 2, 2024
1 parent 85193ec commit 1a9684a
Show file tree
Hide file tree
Showing 3 changed files with 34 additions and 16 deletions.
3 changes: 1 addition & 2 deletions webflows/src/main/java/com/schibsted/account/webflows/persistence/ObfuscatedSessionFinder.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,11 +118,10 @@ internal object ObfuscatedSessionFinder {
gson.fromJson(storedUserSessionJson, StoredUserSession::class.java)
return Either.Right(result)
}
}
} ?: return Either.Left(StorageError.UnexpectedError(Throwable("No session found.")))
} catch (e: Exception) {
return Either.Left(StorageError.UnexpectedError(e))
}
return Either.Left(StorageError.UnexpectedError(Throwable("Unknown error.")))
}

/**
Expand Down
25 changes: 14 additions & 11 deletions webflows/src/main/java/com/schibsted/account/webflows/persistence/SessionStorage.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ import androidx.security.crypto.EncryptedSharedPreferences
import androidx.security.crypto.MasterKey
import com.google.gson.Gson
import com.google.gson.GsonBuilder
import com.google.gson.JsonSyntaxException
import com.schibsted.account.webflows.loginPrompt.SessionInfoManager
import com.schibsted.account.webflows.user.StoredUserSession
import com.schibsted.account.webflows.util.Either
Expand Down Expand Up @@ -54,8 +53,7 @@ internal class MigratingSessionStorage(
// if no existing session found, look in previous storage
lookupPreviousStorage(clientId, callback)
}
}
.onFailure { lookupPreviousStorage(clientId, callback) }
}.onFailure { lookupPreviousStorage(clientId, callback) }
}
}

Expand All @@ -80,12 +78,15 @@ internal class MigratingSessionStorage(
}
}

internal class EncryptedSharedPrefsStorage(context: Context) : SessionStorage {
internal class EncryptedSharedPrefsStorage(
context: Context,
) : SessionStorage {
private val gson = GsonBuilder().setDateFormat("MM dd, yyyy HH:mm:ss").create()

private val prefs: SharedPreferences? by lazy {
val masterKey =
MasterKey.Builder(context.applicationContext)
MasterKey
.Builder(context.applicationContext)
.setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
.build()

Expand Down Expand Up @@ -141,7 +142,7 @@ internal class EncryptedSharedPrefsStorage(context: Context) : SessionStorage {
val editor = prefs?.edit()
editor?.remove(clientId)
editor?.apply()
} catch (e: SecurityException) {
} catch (e: Exception) {
Timber.e(
"Error occurred while trying to delete from encrypted shared preferences",
e,
Expand All @@ -154,7 +155,10 @@ internal class EncryptedSharedPrefsStorage(context: Context) : SessionStorage {
}
}

internal class SharedPrefsStorage(context: Context, serverUrl: String) : SessionStorage {
internal class SharedPrefsStorage(
context: Context,
serverUrl: String,
) : SessionStorage {
private val gson = GsonBuilder().setDateFormat("MM dd, yyyy HH:mm:ss").create()
private val prefs = context.getSharedPreferences(PREFERENCE_FILENAME, Context.MODE_PRIVATE)
private val sessionInfoManager = SessionInfoManager(context, serverUrl)
Expand Down Expand Up @@ -189,14 +193,13 @@ internal class SharedPrefsStorage(context: Context, serverUrl: String) : Session
private fun Gson.getStoredUserSession(
clientId: String,
json: String?,
): StorageReadResult {
return try {
): StorageReadResult =
try {
ObfuscatedSessionFinder.getDeobfuscatedStoredUserSessionIfViable(
this,
clientId,
json,
)
} catch (e: JsonSyntaxException) {
} catch (e: Exception) {
Either.Left(StorageError.UnexpectedError(e))
}
}
22 changes: 19 additions & 3 deletions webflows/src/test/java/com/schibsted/account/webflows/client/ClientTest.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,13 @@ import java.util.Date
import java.util.concurrent.CompletableFuture

class ClientTest {
private fun authResultIntent(authResponseParameters: String?): Intent {
return mockk {
private fun authResultIntent(authResponseParameters: String?): Intent =
mockk {
every { data } returns
mockk {
every { query } returns authResponseParameters
}
}
}

@Test
fun handleAuthenticationResponseShouldReturnUserToCallback() {
Expand Down Expand Up @@ -192,6 +191,23 @@ class ClientTest {
}
}

@Test
fun existingSessionIsNotResumeableIfNoSessionFound() {
val sessionStorageMock: SessionStorage = mockk(relaxUnitFun = true)
val error = StorageError.UnexpectedError(Exception("No session found."))
every { sessionStorageMock.get(clientConfig.clientId, any()) } answers {
val callback = secondArg<StorageReadCallback>()
callback(Left(error))
}
val client = getClient(sessionStorage = sessionStorageMock)

client.resumeLastLoggedInUser { result ->
result.assertLeft {
assertEquals(error, it)
}
}
}

@Test
fun storageErrorIsPropagatedToCallback() {
val sessionStorageMock: SessionStorage = mockk(relaxUnitFun = true)
Expand Down

0 comments on commit 1a9684a

Please sign in to comment.