feat: add useTrustedWebActivity option for Android Web Auth#1590
Conversation
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (6)
🚧 Files skipped from review as they are similar to previous changes (4)
📝 WalkthroughWalkthroughThis PR adds an optional ChangesTrusted Web Activity option for Android web auth
Estimated code review effort: 3 (Moderate) | ~25 minutes Sequence Diagram(s)sequenceDiagram
participant ExampleApp
participant NativeBridgeManager
participant Auth0NativeModule
ExampleApp->>NativeBridgeManager: authorize({ useTrustedWebActivity: true })
NativeBridgeManager->>Auth0NativeModule: webAuth(..., useTrustedWebActivity)
Auth0NativeModule->>Auth0NativeModule: withTrustedWebActivity() on login builder
ExampleApp->>NativeBridgeManager: clearSession({ useTrustedWebActivity: true })
NativeBridgeManager->>Auth0NativeModule: webAuthLogout(..., useTrustedWebActivity)
Auth0NativeModule->>Auth0NativeModule: withTrustedWebActivity() on logout builder
Suggested reviewers: 🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Warning There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure. 🔧 ESLint
ESLint install failed. For unrecoverable errors, disable the tool in CodeRabbit configuration. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
| safariViewControllerPresentationStyle: Double?, | ||
| additionalParameters: ReadableMap?, | ||
| allowedBrowserPackages: ReadableArray?, | ||
| useTrustedWebActivity: Boolean?, |
There was a problem hiding this comment.
Should this be nullable ? Default as false ?
There was a problem hiding this comment.
Yes, and unless its true we are not adding withTrustedWebActivity()
| - The **SHA-256 fingerprint** from step 1. | ||
|
|
||
| 3. Save. Digital Asset Links verification now succeeds and the login page renders full-screen. | ||
|
|
There was a problem hiding this comment.
Pbly just mention they can validate the same with
{DOMAIN}/.well-known/assetlinks.json
There was a problem hiding this comment.
updated the example
Adds a
useTrustedWebActivityoption toauthorizeandclearSession. On Android, this launches the login/logout flow as a Trusted Web Activity (full-screen, no address bar) instead of a Custom Tab, falling back to a Custom Tab if Digital Asset Links verification fails. No-op on iOS and Web.Requires registering the app's SHA-256 fingerprint and package name in the Auth0 Dashboard (see EXAMPLES.md).
Usage
Summary by CodeRabbit
New Features
Documentation
Tests