Add snippets for creating passkey (#485)

cy245 · web-flow · commit 7eb5acdd60a5 · 2025-04-01T14:19:15.000-04:00
diff --git a/identity/credentialmanager/src/main/java/com/example/identity/credentialmanager/PasskeyAndPasswordFunctions.kt b/identity/credentialmanager/src/main/java/com/example/identity/credentialmanager/PasskeyAndPasswordFunctions.kt
@@ -22,6 +22,8 @@ import android.os.Build
 import android.os.Bundle
 import android.util.Log
 import androidx.annotation.RequiresApi
+import androidx.credentials.CreatePasswordRequest
+import androidx.credentials.CreatePublicKeyCredentialRequest
 import androidx.credentials.CredentialManager
 import androidx.credentials.CustomCredential
 import androidx.credentials.GetCredentialRequest
@@ -30,7 +32,14 @@ import androidx.credentials.GetPasswordOption
 import androidx.credentials.GetPublicKeyCredentialOption
 import androidx.credentials.PasswordCredential
 import androidx.credentials.PublicKeyCredential
+import androidx.credentials.exceptions.CreateCredentialCancellationException
+import androidx.credentials.exceptions.CreateCredentialCustomException
+import androidx.credentials.exceptions.CreateCredentialException
+import androidx.credentials.exceptions.CreateCredentialInterruptedException
+import androidx.credentials.exceptions.CreateCredentialProviderConfigurationException
+import androidx.credentials.exceptions.CreateCredentialUnknownException
 import androidx.credentials.exceptions.GetCredentialException
+import androidx.credentials.exceptions.publickeycredential.CreatePublicKeyCredentialDomException
 import kotlinx.coroutines.coroutineScope
 import kotlinx.coroutines.runBlocking
 import org.json.JSONObject
@@ -43,6 +52,7 @@ class PasskeyAndPasswordFunctions (
   // CredentialManager.
   private val credentialManager = CredentialManager.create(context)
   // [END android_identity_initialize_credman]
+  private val activityContext = context
 
   // Placeholder for TAG log value.
   val TAG = ""
@@ -55,8 +65,7 @@ class PasskeyAndPasswordFunctions (
    */
   @RequiresApi(Build.VERSION_CODES.UPSIDE_DOWN_CAKE)
   fun signInFlow(
-    creationResult: JSONObject,
-    activityContext: Context,
+    creationResult: JSONObject
   ) {
     val requestJson = creationResult.toString()
     // [START android_identity_get_password_passkey_options]
@@ -166,6 +175,93 @@ class PasskeyAndPasswordFunctions (
     }
   }
   // [END android_identity_launch_sign_in_flow_2]
+
+  // [START android_identity_create_passkey]
+  suspend fun createPasskey(requestJson: String, preferImmediatelyAvailableCredentials: Boolean) {
+    val createPublicKeyCredentialRequest = CreatePublicKeyCredentialRequest(
+      // Contains the request in JSON format. Uses the standard WebAuthn
+      // web JSON spec.
+      requestJson = requestJson,
+      // Defines whether you prefer to use only immediately available
+      // credentials, not hybrid credentials, to fulfill this request.
+      // This value is false by default.
+      preferImmediatelyAvailableCredentials = preferImmediatelyAvailableCredentials,
+    )
+
+    // Execute CreateCredentialRequest asynchronously to register credentials
+    // for a user account. Handle success and failure cases with the result and
+    // exceptions, respectively.
+    coroutineScope {
+      try {
+        val result = credentialManager.createCredential(
+          // Use an activity-based context to avoid undefined system
+          // UI launching behavior
+          context = activityContext,
+          request = createPublicKeyCredentialRequest,
+        )
+        //  Handle passkey creation result
+      } catch (e : CreateCredentialException){
+        handleFailure(e)
+      }
+    }
+  }
+  // [END android_identity_create_passkey]
+
+  // [START android_identity_handle_create_passkey_failure]
+  fun handleFailure(e: CreateCredentialException) {
+    when (e) {
+      is CreatePublicKeyCredentialDomException -> {
+        // Handle the passkey DOM errors thrown according to the
+        // WebAuthn spec.
+      }
+      is CreateCredentialCancellationException -> {
+        // The user intentionally canceled the operation and chose not
+        // to register the credential.
+      }
+      is CreateCredentialInterruptedException -> {
+        // Retry-able error. Consider retrying the call.
+      }
+      is CreateCredentialProviderConfigurationException -> {
+        // Your app is missing the provider configuration dependency.
+        // Most likely, you're missing the
+        // "credentials-play-services-auth" module.
+      }
+      is CreateCredentialCustomException -> {
+        // You have encountered an error from a 3rd-party SDK. If you
+        // make the API call with a request object that's a subclass of
+        // CreateCustomCredentialRequest using a 3rd-party SDK, then you
+        // should check for any custom exception type constants within
+        // that SDK to match with e.type. Otherwise, drop or log the
+        // exception.
+      }
+      else -> Log.w(TAG, "Unexpected exception type ${e::class.java.name}")
+    }
+  }
+  // [END android_identity_handle_create_passkey_failure]
+
+  // [START android_identity_register_password]
+  suspend fun registerPassword(username: String, password: String) {
+    // Initialize a CreatePasswordRequest object.
+    val createPasswordRequest =
+      CreatePasswordRequest(id = username, password = password)
+
+    // Create credential and handle result.
+    coroutineScope {
+      try {
+        val result =
+          credentialManager.createCredential(
+            // Use an activity based context to avoid undefined
+            // system UI launching behavior.
+            activityContext,
+            createPasswordRequest
+          )
+        // Handle register password result
+      } catch (e: CreateCredentialException) {
+        handleFailure(e)
+      }
+    }
+  }
+  // [END android_identity_register_password]
 }
 
 sealed class ExampleCustomCredential {
diff --git a/identity/credentialmanager/src/main/jsonSnippets.json b/identity/credentialmanager/src/main/jsonSnippets.json
@@ -38,29 +38,98 @@
     // [END android_identity_assetlinks_json]
     },
 
-    // JSON request and response formats
-    // [START android_identity_format_json_request_passkey]
     {
-      "challenge": "T1xCsnxM2DNL2KdK5CLa6fMhD7OBqho6syzInk_n-Uo",
-      "allowCredentials": [],
-      "timeout": 1800000,
-      "userVerification": "required",
-      "rpId": "credential-manager-app-test.glitch.me"
+      "FormatJsonRequestPasskey":
+      // JSON request format
+      // [START android_identity_format_json_request_passkey]
+      {
+        "challenge": "T1xCsnxM2DNL2KdK5CLa6fMhD7OBqho6syzInk_n-Uo",
+        "allowCredentials": [],
+        "timeout": 1800000,
+        "userVerification": "required",
+        "rpId": "credential-manager-app-test.glitch.me"
+      }
+      // [END android_identity_format_json_request_passkey]
     },
-    // [END android_identity_format_json_request_passkey]
 
-    // [START android_identity_format_json_response_passkey]
     {
-      "id": "KEDetxZcUfinhVi6Za5nZQ",
-      "type": "public-key",
-      "rawId": "KEDetxZcUfinhVi6Za5nZQ",
-      "response": {
-        "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiVDF4Q3NueE0yRE5MMktkSzVDTGE2Zk1oRDdPQnFobzZzeXpJbmtfbi1VbyIsIm9yaWdpbiI6ImFuZHJvaWQ6YXBrLWtleS1oYXNoOk1MTHpEdll4UTRFS1R3QzZVNlpWVnJGUXRIOEdjVi0xZDQ0NEZLOUh2YUkiLCJhbmRyb2lkUGFja2FnZU5hbWUiOiJjb20uZ29vZ2xlLmNyZWRlbnRpYWxtYW5hZ2VyLnNhbXBsZSJ9",
-        "authenticatorData": "j5r_fLFhV-qdmGEwiukwD5E_5ama9g0hzXgN8thcFGQdAAAAAA",
-        "signature": "MEUCIQCO1Cm4SA2xiG5FdKDHCJorueiS04wCsqHhiRDbbgITYAIgMKMFirgC2SSFmxrh7z9PzUqr0bK1HZ6Zn8vZVhETnyQ",
-        "userHandle": "2HzoHm_hY0CjuEESY9tY6-3SdjmNHOoNqaPDcZGzsr0"
+      "FormatJsonResponsePasskey":
+      // JSON response format
+      // [START android_identity_format_json_response_passkey]
+      {
+        "id": "KEDetxZcUfinhVi6Za5nZQ",
+        "type": "public-key",
+        "rawId": "KEDetxZcUfinhVi6Za5nZQ",
+        "response": {
+          "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiVDF4Q3NueE0yRE5MMktkSzVDTGE2Zk1oRDdPQnFobzZzeXpJbmtfbi1VbyIsIm9yaWdpbiI6ImFuZHJvaWQ6YXBrLWtleS1oYXNoOk1MTHpEdll4UTRFS1R3QzZVNlpWVnJGUXRIOEdjVi0xZDQ0NEZLOUh2YUkiLCJhbmRyb2lkUGFja2FnZU5hbWUiOiJjb20uZ29vZ2xlLmNyZWRlbnRpYWxtYW5hZ2VyLnNhbXBsZSJ9",
+          "authenticatorData": "j5r_fLFhV-qdmGEwiukwD5E_5ama9g0hzXgN8thcFGQdAAAAAA",
+          "signature": "MEUCIQCO1Cm4SA2xiG5FdKDHCJorueiS04wCsqHhiRDbbgITYAIgMKMFirgC2SSFmxrh7z9PzUqr0bK1HZ6Zn8vZVhETnyQ",
+          "userHandle": "2HzoHm_hY0CjuEESY9tY6-3SdjmNHOoNqaPDcZGzsr0"
+        }
       }
+      // [END android_identity_format_json_response_passkey]
+    },
+    {
+      "CreatePasskeyJsonRequest":
+      // Json request for creating a passkey
+      // [START android_identity_create_passkey_request_json]
+      {
+        "challenge": "abc123",
+        "rp": {
+          "name": "Credential Manager example",
+          "id": "credential-manager-test.example.com"
+        },
+        "user": {
+          "id": "def456",
+          "name": "helloandroid@gmail.com",
+          "displayName": "helloandroid@gmail.com"
+        },
+        "pubKeyCredParams": [
+          {
+            "type": "public-key",
+            "alg": -7
+          },
+          {
+            "type": "public-key",
+            "alg": -257
+          }
+        ],
+        "timeout": 1800000,
+        "attestation": "none",
+        "excludeCredentials": [
+          {
+            "id": "ghi789",
+            "type": "public-key"
+          },
+          {
+            "id": "jkl012",
+            "type": "public-key"
+          }
+        ],
+        "authenticatorSelection": {
+          "authenticatorAttachment": "platform",
+          "requireResidentKey": true,
+          "residentKey": "required",
+          "userVerification": "required"
+        }
+      }
+      // [END android_identity_create_passkey_request_json]
+    },
+    {
+      "CreatePasskeyHandleJsonResponse":
+      // Json response when creating a passkey
+      // [START android_identity_create_passkey_response_json]
+      {
+        "id": "KEDetxZcUfinhVi6Za5nZQ",
+        "type": "public-key",
+        "rawId": "KEDetxZcUfinhVi6Za5nZQ",
+        "response": {
+          "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoibmhrUVhmRTU5SmI5N1Z5eU5Ka3ZEaVh1Y01Fdmx0ZHV2Y3JEbUdyT0RIWSIsIm9yaWdpbiI6ImFuZHJvaWQ6YXBrLWtleS1oYXNoOk1MTHpEdll4UTRFS1R3QzZVNlpWVnJGUXRIOEdjVi0xZDQ0NEZLOUh2YUkiLCJhbmRyb2lkUGFja2FnZU5hbWUiOiJjb20uZ29vZ2xlLmNyZWRlbnRpYWxtYW5hZ2VyLnNhbXBsZSJ9",
+          "attestationObject": "o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YViUj5r_fLFhV-qdmGEwiukwD5E_5ama9g0hzXgN8thcFGRdAAAAAAAAAAAAAAAAAAAAAAAAAAAAEChA3rcWXFH4p4VYumWuZ2WlAQIDJiABIVgg4RqZaJyaC24Pf4tT-8ONIZ5_Elddf3dNotGOx81jj3siWCAWXS6Lz70hvC2g8hwoLllOwlsbYatNkO2uYFO-eJID6A"
+        }
+      }
+      // [END android_identity_create_passkey_response_json]
     }
-    // [END android_identity_format_json_response_passkey]
+
   ]
 }
diff --git a/identity/credentialmanager/src/main/othersnippets b/identity/credentialmanager/src/main/othersnippets
@@ -0,0 +1,18 @@
+// [START android_identity_apk_key_hash]
+android:apk-key-hash:<sha256_hash-of-apk-signing-cert>
+// [END android_identity_apk_key_hash]
+
+// [START android_identity_keytool_sign]
+keytool -list -keystore <path-to-apk-signing-keystore>
+// [END android_identity_keytool_sign]
+
+// [START android_identity_fingerprint_decode_python]
+import binascii
+import base64
+fingerprint = '91:F7:CB:F9:D6:81:53:1B:C7:A5:8F:B8:33:CC:A1:4D:AB:ED:E5:09:C5'
+print("android:apk-key-hash:" + base64.urlsafe_b64encode(binascii.a2b_hex(fingerprint.replace(':', ''))).decode('utf8').replace('=', ''))
+// [END android_identity_fingerprint_decode_python]
+
+// [START android_identity_fingerprint_decoded]
+android:apk-key-hash:kffL-daBUxvHpY-4M8yhTavt5QnFEI2LsexohxrGPYU
+// [END android_identity_fingerprint_decoded]
