prevent NPE when browser re-triggers authentication

auth0 · Feb 1, 2018 · fd4baed · fd4baed
1 parent 69a5809
commit fd4baed
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 1 deletion.
diff --git a/auth0/src/main/java/com/auth0/android/provider/AuthenticationActivity.java b/auth0/src/main/java/com/auth0/android/provider/AuthenticationActivity.java
@@ -71,7 +71,11 @@ protected void onCreate(@Nullable Bundle savedInstanceState) {
     @Override
     protected void onResume() {
         super.onResume();
-        if (!intentLaunched) {
+        if (!intentLaunched && getIntent().getExtras() == null) {
+            //Activity was launched in an unexpected way
+            finish();
+            return;
+        } else if (!intentLaunched) {
             intentLaunched = true;
             launchAuthenticationIntent();
             return;

diff --git a/auth0/src/test/java/com/auth0/android/provider/AuthenticationActivityTest.java b/auth0/src/test/java/com/auth0/android/provider/AuthenticationActivityTest.java
@@ -70,6 +70,22 @@ private void createActivity(Intent configurationIntent) {
         activityShadow = shadowOf(activity);
     }
 
+    @SuppressWarnings("deprecation")
+    @Test
+    public void shouldFinishGracefullyWhenCalledByError() throws Exception {
+        Intent intent = new Intent(callerActivity, AuthenticationActivity.class);
+        //An invalid call will not pass any expected extras
+        createActivity(intent);
+
+        activityController.create().newIntent(intent).start().resume();
+
+        verifyNoMoreInteractions(customTabsController);
+        assertThat(activity.getDeliveredIntent(), is(nullValue()));
+        assertThat(activity.isFinishing(), is(true));
+
+        activityController.destroy();
+    }
+
     @SuppressWarnings("deprecation")
     @Test
     public void shouldAuthenticateUsingBrowser() throws Exception {