github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-03-11 12:44:17 -05:00
Code Issues 144 Packages Projects Releases 116 Wiki Activity

[PM-28157] Revert "Add string extension to prefix URIs with www" (#6192)

Browse Source 
Co-authored-by: Álison Fernandes <vvolkgang@users.noreply.github.com>
This commit is contained in:
Patrick Honkonen
2025-12-01 09:12:14 -05:00
committed by GitHub
parent 489c0ea8d6
commit adf83cd315
4 changed files with 1 additions and 155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/src/main/kotlin/com/x8bit/bitwarden/data/credentials/manager/OriginManagerImpl.kt
View File

@@ -3,7 +3,6 @@ package com.x8bit.bitwarden.data.credentials.manager
import androidx.credentials.provider.CallingAppInfo
import com.bitwarden.network.service.DigitalAssetLinkService
import com.bitwarden.ui.platform.base.util.prefixHttpsIfNecessary
import com.bitwarden.ui.platform.base.util.prefixWwwIfNecessary
import com.x8bit.bitwarden.data.credentials.model.ValidateOriginResult
import com.x8bit.bitwarden.data.credentials.repository.PrivilegedAppRepository
import com.x8bit.bitwarden.data.platform.manager.AssetManager
@@ -41,13 +40,7 @@ class OriginManagerImpl(
): ValidateOriginResult {
return digitalAssetLinkService
.checkDigitalAssetLinksRelations(
sourceWebSite = relyingPartyId
// The DAL API does not allow redirects, so we add `www.` to prevent redirects
// when it is absent from the `relyingPartyId`. This ensures that relying
// parties storing their `assetlinks.json` at the `www.` subdomain do not fail
// verification checks.
.prefixWwwIfNecessary()
.prefixHttpsIfNecessary(),
sourceWebSite = relyingPartyId.prefixHttpsIfNecessary(),
targetPackageName = callingAppInfo.packageName,
targetCertificateFingerprint = callingAppInfo
.getSignatureFingerprintAsHexString()

58
app/src/test/kotlin/com/x8bit/bitwarden/data/credentials/manager/OriginManagerTest.kt
View File

@@ -242,64 +242,6 @@ class OriginManagerTest {
),
)
}
@Test
fun `validateOrigin should prefix www to rpId without www before checking asset links`() =
runTest {
coEvery {
mockDigitalAssetLinkService.checkDigitalAssetLinksRelations(
sourceWebSite = "https://www.example.com",
targetPackageName = DEFAULT_PACKAGE_NAME,
targetCertificateFingerprint = DEFAULT_CERT_FINGERPRINT,
relations = listOf("delegate_permission/common.handle_all_urls"),
)
} returns DEFAULT_ASSET_LINKS_CHECK_RESPONSE.asSuccess()
val result = originManager.validateOrigin(
relyingPartyId = "example.com",
callingAppInfo = mockNonPrivilegedAppInfo,
)
assertEquals(ValidateOriginResult.Success(null), result)
}
@Test
fun `validateOrigin should preserve existing www prefix when present`() = runTest {
coEvery {
mockDigitalAssetLinkService.checkDigitalAssetLinksRelations(
sourceWebSite = "https://www.example.com",
targetPackageName = DEFAULT_PACKAGE_NAME,
targetCertificateFingerprint = DEFAULT_CERT_FINGERPRINT,
relations = listOf("delegate_permission/common.handle_all_urls"),
)
} returns DEFAULT_ASSET_LINKS_CHECK_RESPONSE.asSuccess()
val result = originManager.validateOrigin(
relyingPartyId = "www.example.com",
callingAppInfo = mockNonPrivilegedAppInfo,
)
assertEquals(ValidateOriginResult.Success(null), result)
}
@Test
fun `validateOrigin should handle rpId with https scheme correctly`() = runTest {
coEvery {
mockDigitalAssetLinkService.checkDigitalAssetLinksRelations(
sourceWebSite = "https://www.example.com",
targetPackageName = DEFAULT_PACKAGE_NAME,
targetCertificateFingerprint = DEFAULT_CERT_FINGERPRINT,
relations = listOf("delegate_permission/common.handle_all_urls"),
)
} returns DEFAULT_ASSET_LINKS_CHECK_RESPONSE.asSuccess()
val result = originManager.validateOrigin(
relyingPartyId = "https://example.com",
callingAppInfo = mockNonPrivilegedAppInfo,
)
assertEquals(ValidateOriginResult.Success(null), result)
}
}
private const val DEFAULT_PACKAGE_NAME = "com.x8bit.bitwarden"