Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SDKS-1747 / SDKS-2022 - DeviceBinding/Verifier - Do not merge to develop #184

Merged
merged 16 commits into from
Sep 29, 2022
Merged

SDKS-1747 / SDKS-2022 - DeviceBinding/Verifier - Do not merge to develop #184

merged 16 commits into from
Sep 29, 2022

Conversation

jeyanthanperiyasamy
Copy link
Contributor

JIRA Ticket

Please link jira ticket here

Description

Briefly describe the change and any information that would help speedup the review and testing.

Definition of Done Checklist:

  • Acceptance criteria is met.
  • All tasks listed in the user story have been completed.
  • Coded to standards.
  • Ensure backward compatibility.
  • API reference docs is updated.
  • Unit tests are written.
  • Integration tests are written.
  • e2e tests are written.
  • Functional spec is written/updated.
  • contains example code snippets.
  • Change log updated.
  • Documentation story is created and tracked.
  • Tech debts and remaining tasks are tracked in separated ticket(s).

sonatype-lift[bot]
sonatype-lift bot reviewed Aug 10, 2022
View reviewed changes
forgerock-auth/src/main/java/org/forgerock/android/auth/callback/DeviceBindingCallback.kt Outdated
keyCallBack = keyAware.generateKeys(context, it)
}
}
catch (e: Exception) {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TooGenericExceptionCaught: Caught exception is too generic. Prefer catching specific exceptions to the case that is currently handled.

Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.

When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.

Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

sonatype-lift[bot]
sonatype-lift bot reviewed Aug 10, 2022
View reviewed changes
forgerock-auth/src/main/java/org/forgerock/android/auth/callback/DeviceBindingCallback.kt Outdated
setDeviceName("jan device")
setJws(jws)
Listener.onSuccess(listener, null)
} catch (e: Exception) {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TooGenericExceptionCaught: Caught exception is too generic. Prefer catching specific exceptions to the case that is currently handled.

Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.

When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.

Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

sonatype-lift[bot]
sonatype-lift bot reviewed Aug 10, 2022
View reviewed changes
forgerock-auth/src/main/java/org/forgerock/android/auth/devicebind/KeyAware.kt Outdated
jsonObject.put("userId", userId)
jsonObject.put("kid", uuid)
} catch (e: JSONException) {
throw RuntimeException(e)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TooGenericExceptionThrown: RuntimeException is a too generic Exception. Prefer throwing specific exceptions that indicate a specific error case.

Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.

When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.

Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

sonatype-lift[bot]
sonatype-lift bot reviewed Aug 10, 2022
View reviewed changes
forgerock-auth/src/main/java/org/forgerock/android/auth/devicebind/KeyAware.kt
val hash: ByteArray? = digest.digest(value.toByteArray())
Base64.encodeToString(hash, Base64.DEFAULT)
} catch (e: NoSuchAlgorithmException) {
throw RuntimeException(e)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TooGenericExceptionThrown: RuntimeException is a too generic Exception. Prefer throwing specific exceptions that indicate a specific error case.

Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.

When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.

Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

sonatype-lift[bot]
sonatype-lift bot reviewed Aug 11, 2022
View reviewed changes
forgerock-auth/src/main/java/org/forgerock/android/auth/devicebind/PreferenceUtil.kt Outdated
jsonObject.put("userId", userId)
jsonObject.put("kid", uuid)
} catch (e: JSONException) {
throw RuntimeException(e)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TooGenericExceptionThrown: RuntimeException is a too generic Exception. Prefer throwing specific exceptions that indicate a specific error case.

Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.

When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.

Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

@jeyanthanperiyasamy jeyanthanperiyasamy force-pushed the SDKS-1747-DeviceBind branch 2 times, most recently from 4dcfd17 to 079d921 Compare August 15, 2022 15:35
sonatype-lift[bot]
sonatype-lift bot reviewed Aug 15, 2022
View reviewed changes
forgerock-auth/src/main/java/org/forgerock/android/auth/devicebind/KeyAware.kt
} catch (e: NoSuchAlgorithmException) {
throw RuntimeException(e)
}
catch (e: Exception) {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TooGenericExceptionCaught: Caught exception is too generic. Prefer catching specific exceptions to the case that is currently handled.

Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.

When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.

Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

@jeyanthanperiyasamy jeyanthanperiyasamy force-pushed the SDKS-1747-DeviceBind branch 5 times, most recently from 7d76290 to 3720dc3 Compare August 16, 2022 06:23
@jeyanthanperiyasamy jeyanthanperiyasamy force-pushed the SDKS-1747-DeviceBind branch 3 times, most recently from 54a850d to 3c38c07 Compare August 16, 2022 14:55
witrisna
witrisna reviewed Aug 16, 2022
View reviewed changes
forgerock-auth/src/main/java/org/forgerock/android/auth/callback/DeviceBindingCallback.kt Show resolved Hide resolved
forgerock-auth/src/main/java/org/forgerock/android/auth/callback/DeviceBindingCallback.kt Outdated
listener: FRListener<Void>,
keyAware: KeyAwareInterface = KeyAware(userId),
encryptedPreference: PreferenceUtil = PreferenceUtil(),
executorService: ScheduledExecutorService? = Executors.newSingleThreadScheduledExecutor(),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of using ExecutorService, will it be easier if we just use some calculation with currenttime and timeout?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good idea

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done, made it even easier

forgerock-auth/src/main/java/org/forgerock/android/auth/callback/DeviceBindingCallback.kt Outdated Show resolved Hide resolved
forgerock-auth/src/main/java/org/forgerock/android/auth/callback/DeviceBindingCallback.kt Outdated Show resolved Hide resolved
forgerock-auth/src/main/java/org/forgerock/android/auth/callback/DeviceBindingCallback.kt Outdated Show resolved Hide resolved
@jeyanthanperiyasamy jeyanthanperiyasamy force-pushed the SDKS-1747-DeviceBind branch 8 times, most recently from 341147f to 3db7b89 Compare August 18, 2022 06:05
sonatype-lift[bot]
sonatype-lift bot reviewed Aug 25, 2022
View reviewed changes
...uth/src/main/java/org/forgerock/android/auth/devicebind/SharedPreferencesDeviceRepository.kt
jsonObject.put("kid", uuid)
jsonObject.put("authType", authenticationType.serializedValue)
} catch (e: JSONException) {
throw RuntimeException(e)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TooGenericExceptionThrown: RuntimeException is a too generic Exception. Prefer throwing specific exceptions that indicate a specific error case.

Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.

When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.

Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

@jeyanthanperiyasamy jeyanthanperiyasamy force-pushed the SDKS-1747-DeviceBind branch 4 times, most recently from 05ecf86 to 6b5b1ac Compare August 25, 2022 14:20
spetrov
spetrov requested changes Aug 25, 2022
View reviewed changes
Copy link
Contributor

@spetrov spetrov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall everything looks good to me!
My only ask is to please add java docs to public interfaces. Currently, the docs are not consistent - e.g. in some places function parameters include description of the params, and return values, etc... and in others these a missing...

forgerock-auth/src/main/java/org/forgerock/android/auth/DeviceIdentifier.java Show resolved Hide resolved
forgerock-auth/src/main/java/org/forgerock/android/auth/DeviceIdentifier.java Show resolved Hide resolved
forgerock-auth/src/main/java/org/forgerock/android/auth/callback/AbstractCallback.java Show resolved Hide resolved
forgerock-auth/src/main/java/org/forgerock/android/auth/callback/AbstractCallback.java Show resolved Hide resolved
forgerock-auth/src/main/java/org/forgerock/android/auth/devicebind/BiometricBindingHandler.kt Show resolved Hide resolved
forgerock-auth/src/main/java/org/forgerock/android/auth/devicebind/BiometricBindingHandler.kt Show resolved Hide resolved
forgerock-auth/src/main/java/org/forgerock/android/auth/devicebind/BiometricBindingHandler.kt Show resolved Hide resolved
spetrov
spetrov previously approved these changes Aug 26, 2022
View reviewed changes
@jeyanthanperiyasamy jeyanthanperiyasamy changed the title SDKS-1747 - DeviceBinding SDKS-1747 / SDKS-2022 - DeviceBinding Device Binding Sep 16, 2022
@jeyanthanperiyasamy jeyanthanperiyasamy changed the title SDKS-1747 / SDKS-2022 - DeviceBinding Device Binding SDKS-1747 / SDKS-2022 - DeviceBinding/Verifier Sep 16, 2022
@jeyanthanperiyasamy jeyanthanperiyasamy changed the title SDKS-1747 / SDKS-2022 - DeviceBinding/Verifier SDKS-1747 / SDKS-2022 - DeviceBinding/Verifier - Do not merge to develop Sep 16, 2022
sonatype-lift[bot]
sonatype-lift bot reviewed Sep 16, 2022
View reviewed changes
...rock-auth/src/main/java/org/forgerock/android/auth/callback/DeviceSigningVerifierCallback.kt
}
}
}
catch (e: Exception) {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TooGenericExceptionCaught: Caught exception is too generic. Prefer catching specific exceptions to the case that is currently handled.

ℹ️ Learn about @sonatype-lift commands

You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.

Command Usage
@sonatype-lift ignore Leave out the above finding from this PR
@sonatype-lift ignoreall Leave out all the existing findings from this PR
@sonatype-lift exclude <file|issue|path|tool> Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file

Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.

Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]

spetrov
spetrov approved these changes Sep 29, 2022
View reviewed changes
Copy link
Contributor

@spetrov spetrov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍🏻

@spetrov spetrov merged commit 8339b1e into develop Sep 29, 2022
@spetrov spetrov deleted the SDKS-1747-DeviceBind branch September 29, 2022 20:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sonatype-lift sonatype-lift[bot] sonatype-lift[bot] left review comments

@witrisna witrisna witrisna left review comments

@cerebrl cerebrl cerebrl left review comments

@spetrov spetrov spetrov approved these changes

@george-bafaloukas-forgerock george-bafaloukas-forgerock Awaiting requested review from george-bafaloukas-forgerock

@rodrigoareis rodrigoareis Awaiting requested review from rodrigoareis

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jeyanthanperiyasamy @spetrov @cerebrl @witrisna