-
Notifications
You must be signed in to change notification settings - Fork 133
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Missing Android P support for SecureCredentialsManager class #187
Comments
Thanks for the report 🙆♂️ |
@lbalmaceda, can I take this up? |
@TheGamer007 sure. Make sure that versions pre-P still work by checking the version code on runtime, and add tests 👌 |
@lbalmaceda I've added the version code check along with the suggested solution as per this SO answer. Instead of using For P and above, I am fetching those, then constructing a
All the current tests are passing. For adding a new test, initially I duplicated the The execution is taking the expected route, but the test fails when the Upon debugging the passing API 23 test, I saw that the I'm guessing the automated test for API 28 needs to be modified for it to work properly? Could you give me some pointers as to where I might be going wrong? Meanwhile, I plan to see if it fails on a device test as well, in which case I'd have to modify my code logic. |
@TheGamer007 There's an annotation you can use for robolectric to run a test under a different API level than the one declared by the project. That is being used on the 23AndUp test you mentioned. @Config(sdk = Build.VERSION_CODES.{code})
public void shouldDoX(){
} That test is mocking what the returned object should be in this line, so for this new test you'll have to make the mock return what you expect. I suggest you take a real device running that API level and see how the output looks like, so you emulate the real behavior on the test. Feel free to post the PR so I can follow your code changes. |
I tested the method on an API 27 device and an API 28 emulator. Even in my solution, it seems the From what I can see, the only usages of Would it be fine to use the following approach then? It does not yield warnings / exceptions on Android P, and the code for older versions is unchanged.
|
* Add Android P support for SecureCredentialsManager Fixes #187 * fix old test configuration * fix old test configuration
I continuously see the following warning in the logcat logs when using Auth0 with the SecureCredentialsManager in Android 9 (P)
W/KeyStore: KeyStore exception android.os.ServiceSpecificException: (code 7) at android.os.Parcel.createException(Parcel.java:1956) at android.os.Parcel.readException(Parcel.java:1910) at android.os.Parcel.readException(Parcel.java:1860) at android.security.IKeystoreService$Stub$Proxy.get(IKeystoreService.java:786) at android.security.KeyStore.get(KeyStore.java:195) at android.security.keystore.AndroidKeyStoreSpi.engineGetCertificateChain(AndroidKeyStoreSpi.java:118) at java.security.KeyStoreSpi.engineGetEntry(KeyStoreSpi.java:484) at java.security.KeyStore.getEntry(KeyStore.java:1560) at com.auth0.android.authentication.storage.CryptoUtil.getRSAKeyEntry(CryptoUtil.java:88) at com.auth0.android.authentication.storage.CryptoUtil.RSADecrypt(CryptoUtil.java:166) at com.auth0.android.authentication.storage.CryptoUtil.getAESKey(CryptoUtil.java:204) at com.auth0.android.authentication.storage.CryptoUtil.decrypt(CryptoUtil.java:225) at com.auth0.android.authentication.storage.SecureCredentialsManager.continueGetCredentials(SecureCredentialsManager.java:208) at com.auth0.android.authentication.storage.SecureCredentialsManager.getCredentials(SecureCredentialsManager.java:175)
The root cause is probably the same as in this other library´s issue: adorsys/secure-storage-android#30
The text was updated successfully, but these errors were encountered: