github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-03-22 12:32:53 -05:00
Code Issues 144 Packages Projects Releases 118 Wiki Activity

[PR #1034] [MERGED] [KnownUsernameField] Entries update (main ones) #2714

New Issue
Closed
opened 2025-11-26 23:23:05 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-26 23:23:05 -06:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/bitwarden/android/pull/1034
Author: @contribucious
Created: 8/6/2020
Status: Merged
Merged: 8/7/2020
Merged by: @cscharf

Base: masterHead: KnownUsernameField--entries-update--main-ones

📝 Commits (5)

  • b7a6aac [KUF] Fix Google; Add natl/dskp Amazon/eBay & Atlassian+Bitly ENT.+Tumblr+Yandex
  • 6e50ce5 Less spacing
  • b9728dc Even less spacing
  • f963b9f Additional reduction of spacing
  • 9e1a307 [Perf. optim.] Google: most frequently used entry in first position

📊 Changes

1 file changed (+173 additions, -8 deletions)

View changed files

📝 src/Android/Accessibility/AccessibilityHelpers.cs (+173 -8)

📄 Description

CONTEXT: This is an update of this new system (system allowing "user ID" field detection — i.e. email/username/phone/whatever — without "password" field using the accessibility service).

UPDATED: Entries.

RELATED: https://github.com/bitwarden/mobile/pull/880#issuecomment-646830516

 

Summary

 
This fixes support for:

  • [see post n°1 below] Google

This adds missing OAuth support for:

  • [see post n°2 below] PayPal

This adds support for:

  • [see post n°3 below] national + desktop Amazon — the latter uses a different value.
  • [see post n°4 below] national eBay
  • [see post n°5 below] Atlassian
  • [see post n°6 below] Bitly — enterprise users.
  • [see post n°7 below] Tumblr
  • [see post n°8 below] Yandex
  • [see post n°9 below] ... + My docomo from NTT DOCOMO — in a separate section, as part of a Top 20 Japan.
     

💡 For all: Both the mobile version and the desktop version of these web sites/applications have been tested and are supported.
 

About OAuth authentication

Read me ...

 

Taken from the source code:

// NOTE: The case of OAuth compatible web sites/applications that also provide
//       a "user ID only" login page in this situation
//       was taken into account in the tests as well.

↪️ See screenshots in the posts below for web sites/applications using a "user ID only" login page also for OAuth authentication.
 

OAuth usage examples ...

OAuth_Google_Yandex_example
➡️ Example of login using OAuth (right), in this case with a lot of choices because on a support forum of a website selling ... an OAuth module for a known CMS and a popular forum system (and using it as a proof of proper functioning on its own website and forum).

OAuth_Atlassian_Bitbucket_example
➡️ Example of login using OAuth, in this case on AppVeyor.

   

About n°6/7/8/9 (coming from the Top 100 WW)

Read me ...  

These were added as part of a standard verification (checked one by one, looking for "user ID only" login pages, in two rounds — round 1: desktop mode, round 2: mobile mode) of a recent Top 100 of the most visited websites in the world(*, see warning before) (source: SimilarWeb 2019) followed by the same process for this Top 50 (source: Alexa Internet 2020).

For the Top 100, about a dozen used a "user ID only" login page, but the majority was well coded, allowing Bitwarden to display a prompt automatically.

Among the remaining contenders:

  • One was not to be added in the main section (customer area of a Japanese mobile phone operator, despite being the first one there in Japan, namely NTT DOCOMO). Added but in a separate section, as part of a Top 20 Japan.
  • Two did not have an "id" attribute regarding their login field (mail.ru both in desktop and mobile version + baidu.com mobile).
  • ... There were ultimately three entries that were addable: Bitly (.com), Tumblr (.com) and Yandex (.com/.ru/various TLDs). :octocat:

top-100-websites-worldwide
 

(*) WARNING > Two entries in this Top 100 list are visibly known to be a source of adware/malware: tsyndicate (position 86) and crptgate (position 95). Also note that microsoftonline.com (position 52) is indeed a domain name belonging to Microsoft, despite what the image above indicates.

 
 

ℹ️ Based on my research for this PR, I will take the opportunity to improve a little bit this file as well. 👍

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/bitwarden/android/pull/1034 **Author:** [@contribucious](https://github.com/contribucious) **Created:** 8/6/2020 **Status:** ✅ Merged **Merged:** 8/7/2020 **Merged by:** [@cscharf](https://github.com/cscharf) **Base:** `master` ← **Head:** `KnownUsernameField--entries-update--main-ones` --- ### 📝 Commits (5) - [`b7a6aac`](https://github.com/bitwarden/android/commit/b7a6aac8c89a4faf3ed93be350009fa5a4e9ee81) [KUF] Fix Google; Add natl/dskp Amazon/eBay & Atlassian+Bitly ENT.+Tumblr+Yandex - [`6e50ce5`](https://github.com/bitwarden/android/commit/6e50ce54f2591ad8994e8074cefc8130eb2155a6) Less spacing - [`b9728dc`](https://github.com/bitwarden/android/commit/b9728dc180bfeedea08f66e3cfb183abc13a5578) Even less spacing - [`f963b9f`](https://github.com/bitwarden/android/commit/f963b9fe9b4f9e03dc768b64906af48b1e439ffb) Additional reduction of spacing - [`9e1a307`](https://github.com/bitwarden/android/commit/9e1a30744f8f42401ee466654ccac375964bac7f) [Perf. optim.] Google: most frequently used entry in first position ### 📊 Changes **1 file changed** (+173 additions, -8 deletions) <details> <summary>View changed files</summary> 📝 `src/Android/Accessibility/AccessibilityHelpers.cs` (+173 -8) </details> ### 📄 Description **CONTEXT:** This is an update of [this new system](https://github.com/bitwarden/mobile/pull/880) _(system allowing "user ID" field detection — i.e. email/username/phone/whatever — without "password" field using the accessibility service)_. **UPDATED:** Entries. **RELATED:** https://github.com/bitwarden/mobile/pull/880#issuecomment-646830516 ___ &nbsp; # Summary &nbsp; **This fixes support for:** - [see post n°1 below] **Google** **This adds missing OAuth support for:** - [see post n°2 below] **PayPal** **This adds support for:** - [see post n°3 below] national + desktop **Amazon** — the latter uses a different value. - [see post n°4 below] national **eBay** - [see post n°5 below] **Atlassian** - [see post n°6 below] **Bitly** — enterprise users. - [see post n°7 below] **Tumblr** - [see post n°8 below] **Yandex** - - [see post n°9 below] ... + **My docomo** from [NTT DOCOMO](https://en.wikipedia.org/wiki/NTT_Docomo) — in a separate section, as part of a **Top 20 Japan**. &nbsp; :bulb: **For all:** Both the mobile version and the desktop version of these web sites/applications have been tested and are supported. &nbsp; # About OAuth authentication <details> <summary>Read me ...</summary> &nbsp; **Taken from the source code:** ``` // NOTE: The case of OAuth compatible web sites/applications that also provide // a "user ID only" login page in this situation // was taken into account in the tests as well. ``` :arrow_right_hook: See screenshots in the posts below for web sites/applications using a "user ID only" login page also for OAuth authentication. &nbsp; ### OAuth usage examples ... ![OAuth_Google_Yandex_example](https://user-images.githubusercontent.com/4764956/88304117-21e04600-cd08-11ea-995e-0652d914ce87.png) :arrow_right: Example of login using OAuth _(right)_, in this case with a lot of choices because on a support forum of a website selling ... an OAuth module for a known CMS and a popular forum system _(and using it as a proof of proper functioning on its own website and forum)_. ![OAuth_Atlassian_Bitbucket_example](https://user-images.githubusercontent.com/4764956/88304110-20168280-cd08-11ea-8603-fa923fac0634.png) :arrow_right: Example of login using OAuth, in this case on AppVeyor. </details> &nbsp; &nbsp; # About n°6/7/8/9 (coming from the Top 100 WW) <details> <summary>Read me ...</summary> &nbsp; These were added as part of a standard verification (checked one by one, looking for "user ID only" login pages, in two rounds — **round 1:** desktop mode, **round 2:** mobile mode) of a [recent Top 100 of the most visited websites in the world](https://www.visualcapitalist.com/ranking-the-top-100-websites-in-the-world/)(*, see warning before) _(source: SimilarWeb 2019)_ followed by the same process for [this Top 50](https://en.wikipedia.org/wiki/List_of_most_popular_websites) _(source: Alexa Internet 2020)_. For the Top 100, about a dozen used a "user ID only" login page, but the majority was well coded, allowing Bitwarden to display a prompt automatically. ### Among the remaining contenders: - **One** was not to be added in the main section (customer area of a Japanese mobile phone operator, despite being [the first one](https://en.wikipedia.org/wiki/List_of_mobile_network_operators_of_the_Asia_Pacific_region#Japan) there in Japan, namely **NTT DOCOMO**). Added but in a separate section, as part of a Top 20 Japan. - **Two** did not have an "id" attribute regarding their login field (**mail.ru** both in desktop and mobile version + **baidu.com** mobile). - ... There were ultimately **three** entries that were addable: **Bitly** (.com), **Tumblr** (.com) and **Yandex** (.com/.ru/various TLDs). :octocat: ![top-100-websites-worldwide](https://user-images.githubusercontent.com/4764956/87396414-1af05f80-c5b3-11ea-84a9-c3bddc402405.jpg) &nbsp; ###### (*) WARNING > Two entries in this Top 100 list are visibly known to be a source of adware/malware: _tsyndicate_ (position 86) and _crptgate_ (position 95). Also note that _microsoftonline.com_ (position 52) is indeed a [domain name belonging to Microsoft](https://forums.malwarebytes.com/topic/242508-delist-loginmicrosoftonlinecom/), despite what the image above indicates. </details> &nbsp; &nbsp; :information_source: Based on my research for this PR, I will take the opportunity to improve a little bit [this file](https://github.com/bitwarden/server/blob/004e3c58ee866398a4cf31201cf7205d334fac7b/src/Core/Utilities/StaticStore.cs) as well. :thumbsup: --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2025-11-26 23:23:05 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#2714
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?