feat: Two factor auth confirmation

Compose/Basics/src/main/kotlin/com/infomaniak/core/compose/basics/Dimens.kt

@@ -31,6 +31,9 @@ object Dimens {
     /** 32 dp */
     val avatarSize = 32.dp
 
+    /** 40 dp */
+    val bigAvatarSize = 40.dp
+
     /** 8 dp */
     val smallCornerRadius = 8.dp
     /** 16 dp */

Compose/Basics/src/main/kotlin/com/infomaniak/core/compose/basics/WithLatestNotNull.kt

@@ -0,0 +1,39 @@
+/*
+ * Infomaniak Core - Android
+ * Copyright (C) 2025 Infomaniak Network SA
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package com.infomaniak.core.compose.basics
+
+import androidx.compose.runtime.Composable
+import androidx.compose.runtime.getValue
+import androidx.compose.runtime.mutableStateOf
+import androidx.compose.runtime.remember
+
+/**
+ * Gives access to the latest non null value of the receiver.
+ *
+ * Helpful to keep showing populated UI during exit animations.
+ */
+@Composable
+fun <T> T?.WithLatestNotNull(content: @Composable (T) -> Unit) {
+    // The implementation is similar to rememberUpdatedState.
+    val value by remember { mutableStateOf(this) }.also {
+        if (this != null) it.value = this
+    }
+    value?.let {
+        content(it)
+    }
+}

CrossAppLogin/Back/src/main/kotlin/com/infomaniak/core/crossapplogin/back/internal/deviceinfo/AbstractDeviceInfoUpdateWorker.kt

@@ -15,7 +15,7 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
-@file:OptIn(ExperimentalCoroutinesApi::class)
+@file:OptIn(ExperimentalCoroutinesApi::class, ExperimentalSplittiesApi::class, ExperimentalContracts::class)
 
 package com.infomaniak.core.crossapplogin.back.internal.deviceinfo
 
@@ -39,19 +39,26 @@ import com.infomaniak.core.autoCancelScope
 import com.infomaniak.core.cancellable
 import com.infomaniak.core.crossapplogin.back.CrossAppLogin
 import com.infomaniak.core.crossapplogin.back.internal.deviceinfo.DeviceInfo.Type
-import com.infomaniak.core.crossapplogin.back.internal.extensions.toHexDashStringKotlin2
 import com.infomaniak.core.network.networking.HttpUtils
 import com.infomaniak.core.network.networking.ManualAuthorizationRequired
 import com.infomaniak.core.sentry.SentryLog
 import io.ktor.client.HttpClient
 import io.ktor.client.engine.okhttp.OkHttp
+import io.ktor.client.plugins.HttpRequestRetry
+import io.ktor.client.plugins.HttpResponseValidator
 import io.ktor.client.plugins.contentnegotiation.ContentNegotiation
+import io.ktor.client.plugins.defaultRequest
+import io.ktor.client.request.accept
 import io.ktor.client.request.post
 import io.ktor.client.request.setBody
+import io.ktor.client.statement.HttpResponse
+import io.ktor.client.statement.request
 import io.ktor.http.ContentType
+import io.ktor.http.HttpHeaders
 import io.ktor.http.contentType
 import io.ktor.http.headers
 import io.ktor.http.isSuccess
+import io.ktor.http.userAgent
 import io.ktor.serialization.kotlinx.json.json
 import kotlinx.coroutines.Deferred
 import kotlinx.coroutines.ExperimentalCoroutinesApi
@@ -64,10 +71,15 @@ import kotlinx.coroutines.flow.first
 import kotlinx.coroutines.flow.map
 import kotlinx.coroutines.flow.mapLatest
 import kotlinx.coroutines.flow.stateIn
+import kotlinx.serialization.SerializationException
 import okhttp3.OkHttpClient
+import splitties.experimental.ExperimentalSplittiesApi
 import splitties.init.appCtx
 import java.io.IOException
 import java.util.concurrent.TimeUnit
+import kotlin.contracts.ExperimentalContracts
+import kotlin.contracts.InvocationKind
+import kotlin.contracts.contract
 import kotlin.time.Duration.Companion.milliseconds
 import kotlin.uuid.ExperimentalUuidApi
 import kotlin.uuid.Uuid
@@ -114,7 +126,7 @@ abstract class AbstractDeviceInfoUpdateWorker(
 
         val currentCrossAppDeviceId = sharedDeviceIdManager.crossAppDeviceIdFlow.first()
 
-        val deviceInfo = currentDeviceInfo(currentCrossAppDeviceId)
+        val deviceInfo = currentDeviceInfo(currentCrossAppDeviceId, deviceInfoUpdateManager.currentAppAppVersions())
 
         val deviceInfoUpdatersForUserId = DynamicLazyMap<Long, Deferred<Outcome>>(
             cacheManager = { userId, deferred ->
@@ -163,17 +175,34 @@ abstract class AbstractDeviceInfoUpdateWorker(
             install(ContentNegotiation) {
                 json()
             }
+            install(HttpRequestRetry) {
+                maxRetries = 3
+                retryOnExceptionIf { request, cause -> cause !is SerializationException }
+            }
+            defaultRequest {
+                userAgent(HttpUtils.getUserAgent)
+                headers {
+                    @OptIn(ManualAuthorizationRequired::class) // Already handled by the http client.
+                    HttpUtils.getHeaders().forEach { (header, value) -> append(header, value) }
+                }
+                contentType(ContentType.Application.Json)
+                accept(ContentType.Application.Json)
+            }
+            HttpResponseValidator {
+                validateResponse { response ->
+                    response.validateContentType { accepted, received ->
+                        val url = response.request.url
+                        val method = response.request.method
+                        throw IllegalArgumentException("Expected Content-Type $accepted but got $received from $method on $url")
+                    }
+                }
+            }
         }
 
         SentryLog.i(TAG, "Will attempt updating device info for user id $targetUserId")
 
         val url = ApiRoutesCore.sendDeviceInfo()
         val response = httpClient.post(url) {
-            headers {
-                @OptIn(ManualAuthorizationRequired::class) // Already handled by the http client.
-                HttpUtils.getHeaders().forEach { (header, value) -> append(header, value) }
-            }
-            contentType(ContentType.Application.Json)
             setBody(deviceInfo)
         }
         if (response.status.isSuccess()) {
@@ -184,7 +213,7 @@ abstract class AbstractDeviceInfoUpdateWorker(
             val httpStatusCode = response.status.value
             val errorMessage = "attemptUpdatingDeviceInfoIfNeeded led to http $httpStatusCode"
             when (httpStatusCode) {
-                in 500..599 -> {
+                in 500..<600 -> {
                     SentryLog.i(TAG, errorMessage)
                     Outcome.ShouldRetry
                 }
@@ -210,7 +239,10 @@ abstract class AbstractDeviceInfoUpdateWorker(
     }
 
     @ExperimentalUuidApi
-    private fun currentDeviceInfo(currentCrossAppDeviceId: Uuid): DeviceInfo {
+    private fun currentDeviceInfo(
+        currentCrossAppDeviceId: Uuid,
+        appAppVersions: DeviceInfoUpdateManager.AppVersions,
+    ): DeviceInfo {
         val hasTabletSizedScreen = appCtx.resources.configuration.smallestScreenWidthDp >= 600
         val packageManager = appCtx.packageManager
         val isFoldable = when {
@@ -228,7 +260,32 @@ abstract class AbstractDeviceInfoUpdateWorker(
                 hasTabletSizedScreen -> Type.Tablet
                 else -> Type.Phone
             },
-            uuidV4 = currentCrossAppDeviceId.toHexDashStringKotlin2(),
+            uuidV4 = currentCrossAppDeviceId.toHexDashString(),
+            capabilities = listOf(
+                "2fa:push_challenge:approval",
+            ),
+            version = appAppVersions.versionName
         )
     }
 }
+
+private inline fun HttpResponse.validateContentType(
+    onContentTypeMismatch: (accepted: String, received: String?) -> Unit
+) {
+    contract { callsInPlace(onContentTypeMismatch, InvocationKind.AT_MOST_ONCE) }
+    val acceptedContentType = request.headers[HttpHeaders.Accept]
+    val receivedContentType = headers[HttpHeaders.ContentType]
+
+    when (acceptedContentType) {
+        receivedContentType, null -> return
+    }
+
+    val expectedContentType = ContentType.parse(acceptedContentType)
+
+    if (expectedContentType == ContentType.Any) return
+
+    val actualContentType = receivedContentType?.let { ContentType.parse(it) }
+    if (actualContentType?.match(expectedContentType) ?: false) return
+
+    onContentTypeMismatch(acceptedContentType, receivedContentType)
+}

CrossAppLogin/Back/src/main/kotlin/com/infomaniak/core/crossapplogin/back/internal/deviceinfo/DeviceInfo.kt

@@ -28,6 +28,8 @@ internal data class DeviceInfo(
     val type: Type,
     @SerialName("uid")
     val uuidV4: String,
+    val capabilities: List<String>,
+    val version: String?,
 ) {
     @Serializable
     enum class Type {

CrossAppLogin/Back/src/main/kotlin/com/infomaniak/core/crossapplogin/back/internal/deviceinfo/DeviceInfoUpdateManager.kt

@@ -15,6 +15,8 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
+@file:OptIn(ExperimentalSplittiesApi::class)
+
 package com.infomaniak.core.crossapplogin.back.internal.deviceinfo
 
 import android.os.Build.VERSION.SDK_INT
@@ -29,6 +31,8 @@ import kotlinx.coroutines.flow.collectLatest
 import kotlinx.coroutines.flow.distinctUntilChanged
 import kotlinx.coroutines.flow.map
 import kotlinx.coroutines.invoke
+import splitties.coroutines.suspendBlockingLazy
+import splitties.experimental.ExperimentalSplittiesApi
 import splitties.init.appCtx
 import java.io.DataInputStream
 import java.io.DataOutputStream
@@ -46,12 +50,18 @@ class DeviceInfoUpdateManager private constructor() {
 
     private val lastSyncedKeyDir = appCtx.filesDir.resolve("lastSyncedDeviceInfoKeys")
 
-    private val currentAppVersion by lazy {
+    data class AppVersions(
+        val versionName: String?,
+        val versionCode: Long,
+    )
+
+    val currentAppAppVersions = suspendBlockingLazy(Dispatchers.IO) {
         appCtx.packageManager.getPackageInfo(appCtx.packageName, 0).let {
-            when {
+            val versionCode = when {
                 SDK_INT >= 28 -> it.longVersionCode
                 else -> @Suppress("Deprecation") it.versionCode.toLong()
             }
+            AppVersions(versionName = it.versionName, versionCode = versionCode)
         }
     }
 
@@ -68,6 +78,7 @@ class DeviceInfoUpdateManager private constructor() {
                 )
                 lastSyncedAppVersion = stream.readLong()
             }
+            val currentAppVersion = currentAppAppVersions().versionCode
             currentAppVersion == lastSyncedAppVersion && lastSyncedUuid == crossAppDeviceId
         } catch (_: FileNotFoundException) {
             false
@@ -77,6 +88,7 @@ class DeviceInfoUpdateManager private constructor() {
     @Throws(IOException::class)
     suspend fun updateLastSyncedKey(crossAppDeviceId: Uuid, userId: Long) = Dispatchers.IO {
         val lastSyncedKeyFile = lastSyncKeyFileForUser(userId)
+        val currentAppVersion = currentAppAppVersions().versionCode
         lastSyncedKeyFile.write { outputStream ->
             DataOutputStream(outputStream).use {
                 crossAppDeviceId.toLongs { mostSignificantBits: Long, leastSignificantBits: Long ->