Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LinkAuth abstraction for lookup and signup #10019

Merged
merged 5 commits into from
Jan 29, 2025
Merged

LinkAuth abstraction for lookup and signup #10019

merged 5 commits into from
Jan 29, 2025
+738 −3

Conversation

toluo-stripe
Copy link
Contributor

@toluo-stripe toluo-stripe commented Jan 28, 2025
edited
Loading

Summary

LinkAuth will be used as an abstraction to call lookup and signup. It will use attestation endpoints when the attestation flag is enabled. It will use the old endpoints otherwise. LinkAuth will replace LinkAccountManager in

  • SignUpVieModel (for look up and signup)
  • LinkActivityViewModel (for look up)

LinkAuth uses LinkAccountManager and IntegrityRequestManager underneath.

Motivation

JIRA

Testing

  • Added tests
  • Modified tests
  • Manually verified

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jan 28, 2025
edited
Loading

Diffuse output:

OLD: identity-example-release-base.apk (signature: V1, V2)
NEW: identity-example-release-pr.apk (signature: V1, V2)

          │          compressed          │         uncompressed         
          ├───────────┬───────────┬──────┼───────────┬───────────┬──────
 APK      │ old       │ new       │ diff │ old       │ new       │ diff 
──────────┼───────────┼───────────┼──────┼───────────┼───────────┼──────
      dex │     2 MiB │     2 MiB │  0 B │   4.1 MiB │   4.1 MiB │  0 B 
     arsc │     1 MiB │     1 MiB │  0 B │     1 MiB │     1 MiB │  0 B 
 manifest │   2.3 KiB │   2.3 KiB │  0 B │     8 KiB │     8 KiB │  0 B 
      res │ 302.6 KiB │ 302.6 KiB │  0 B │ 456.7 KiB │ 456.7 KiB │  0 B 
   native │   6.2 MiB │   6.2 MiB │  0 B │  15.8 MiB │  15.8 MiB │  0 B 
    asset │   7.1 KiB │   7.1 KiB │  0 B │   6.9 KiB │   6.9 KiB │  0 B 
    other │  90.4 KiB │  90.4 KiB │ +8 B │ 170.7 KiB │ 170.7 KiB │  0 B 
──────────┼───────────┼───────────┼──────┼───────────┼───────────┼──────
    total │   9.6 MiB │   9.6 MiB │ +8 B │  21.5 MiB │  21.5 MiB │  0 B 

 DEX     │ old   │ new   │ diff      
─────────┼───────┼───────┼───────────
   files │     1 │     1 │ 0         
 strings │ 19975 │ 19975 │ 0 (+0 -0) 
   types │  6193 │  6193 │ 0 (+0 -0) 
 classes │  4985 │  4985 │ 0 (+0 -0) 
 methods │ 29820 │ 29820 │ 0 (+0 -0) 
  fields │ 17538 │ 17538 │ 0 (+0 -0) 

 ARSC    │ old  │ new  │ diff 
─────────┼──────┼──────┼──────
 configs │  164 │  164 │  0   
 entries │ 3624 │ 3624 │  0
APK 
   compressed    │   uncompressed   │                                           
──────────┬──────┼───────────┬──────┤                                           
 size     │ diff │ size      │ diff │ path                                      
──────────┼──────┼───────────┼──────┼───────────────────────────────────────────
 28.5 KiB │ +4 B │  63.1 KiB │  0 B │ ∆ META-INF/CERT.SF                        
 25.4 KiB │ +4 B │    63 KiB │  0 B │ ∆ META-INF/MANIFEST.MF                    
    272 B │ +1 B │     120 B │  0 B │ ∆ META-INF/version-control-info.textproto 
  1.2 KiB │ -1 B │   1.2 KiB │  0 B │ ∆ META-INF/CERT.RSA                       
──────────┼──────┼───────────┼──────┼───────────────────────────────────────────
 55.3 KiB │ +8 B │ 127.4 KiB │  0 B │ (total)

toluo-stripe
toluo-stripe commented Jan 28, 2025
View reviewed changes
paymentsheet/src/main/java/com/stripe/android/link/account/DefaultLinkAuth.kt
Comment on lines +121 to +133
private val Throwable.isAttestationError: Boolean
get() = when (this) {
// Stripe backend could not verify the intregrity of the request
is APIException -> stripeError?.code == "link_failed_to_attest_request"
// Interaction with Integrity API to generate tokens resulted in a failure
is AttestationError -> true
else -> false
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This logic was obtained from FC

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

instead of copying this fn could we move it into a location where both FC + PaymentSheet can use it? e.g. I think payments-core may be used by both

@toluo-stripe toluo-stripe marked this pull request as ready for review January 28, 2025 22:58
@toluo-stripe toluo-stripe requested review from a team as code owners January 28, 2025 22:58
amk-stripe
amk-stripe reviewed Jan 29, 2025
View reviewed changes
paymentsheet/src/test/java/com/stripe/android/link/account/DefaultLinkAuthTest.kt
}

@Test
fun `sign in attempt with token fetch failure returns AttestationFailed`() = runTest {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

how is this different from the test case above?

paymentsheet/src/main/java/com/stripe/android/link/account/DefaultLinkAuth.kt
Comment on lines +121 to +133
private val Throwable.isAttestationError: Boolean
get() = when (this) {
// Stripe backend could not verify the intregrity of the request
is APIException -> stripeError?.code == "link_failed_to_attest_request"
// Interaction with Integrity API to generate tokens resulted in a failure
is AttestationError -> true
else -> false
}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

instead of copying this fn could we move it into a location where both FC + PaymentSheet can use it? e.g. I think payments-core may be used by both

paymentsheet/src/main/java/com/stripe/android/link/account/DefaultLinkAuth.kt
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are several places in this file where getOrThrow is being used on a result -- can you update to instead take advantage of the result type (ie use something like .onSuccess and .onFailure?

paymentsheet/src/main/java/com/stripe/android/link/account/DefaultLinkAuth.kt
return signupResult.toLinkAuthResult()
}

override suspend fun lookUp(
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this function be named lookUpConsumer for consistency with LinkAccountManager?

ok to do in a follow up

amk-stripe
amk-stripe previously approved these changes Jan 29, 2025
View reviewed changes
Copy link
Collaborator

@amk-stripe amk-stripe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok to address PR comments later

@toluo-stripe toluo-stripe force-pushed the tolu/link/link_auth_interface branch from ad0f050 to 7b949db Compare January 29, 2025 20:16
@toluo-stripe toluo-stripe force-pushed the tolu/link/link_auth_interface branch from 7b949db to 492e84b Compare January 29, 2025 21:09
@toluo-stripe toluo-stripe merged commit 36d226c into master Jan 29, 2025
13 checks passed
@toluo-stripe toluo-stripe deleted the tolu/link/link_auth_interface branch January 29, 2025 21:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amk-stripe amk-stripe amk-stripe approved these changes

@jaynewstrom-stripe jaynewstrom-stripe Awaiting requested review from jaynewstrom-stripe jaynewstrom-stripe is a code owner automatically assigned from stripe/android-payments-reviewers

@carlosmuvi-stripe carlosmuvi-stripe Awaiting requested review from carlosmuvi-stripe

Assignees
No one assigned
Labels
Link
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@toluo-stripe @amk-stripe