Update Custom Domain opt-in boolean to be opt-in regex pattern.

forcedotcom · Aug 25, 2023 · 8be650d · 8be650d
1 parent 1c75ec4
commit 8be650d
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 25 deletions.
diff --git a/libs/SalesforceSDK/src/com/salesforce/androidsdk/app/SalesforceSDKManager.java b/libs/SalesforceSDK/src/com/salesforce/androidsdk/app/SalesforceSDKManager.java
@@ -48,6 +48,7 @@
 import android.webkit.CookieManager;
 
 import androidx.annotation.NonNull;
+import androidx.annotation.Nullable;
 import androidx.lifecycle.Lifecycle;
 import androidx.lifecycle.LifecycleObserver;
 import androidx.lifecycle.OnLifecycleEvent;
@@ -100,6 +101,7 @@
 import java.util.SortedSet;
 import java.util.UUID;
 import java.util.concurrent.ConcurrentSkipListSet;
+import java.util.regex.Pattern;
 
 /**
  * This class serves as an interface to the various
@@ -182,7 +184,7 @@ public class SalesforceSDKManager implements LifecycleObserver {
 
     private boolean useHybridAuthentication = true; // hybrid authentication flows ON by default - but app can opt out by calling setUseHybridAuthentication(false)
 
-    private boolean shouldInferCustomDomain = false; // Do not detect use of Custom Domain input from login webview but app can opt in by calling setInferCustomDomain(ture)
+    private Pattern customDomainInferencePattern;
 
     private Theme theme =  Theme.SYSTEM_DEFAULT;
     private String appName;
@@ -676,20 +678,25 @@ public synchronized void setUseHybridAuthentication(boolean useHybridAuthenticat
     }
 
     /**
-     * Returns whether the SDK should infer if the user has entered a new login server through
-     * the "Use Custom Domain" button on the login screen.
+     * Returns the pattern used to detect the use of "Use Custom Domain" input from login web view.
+     *
+     * @return pattern if set or null
      */
-    public boolean shouldInferCustomDomain() {
-        return this.shouldInferCustomDomain;
+    public synchronized Pattern getCustomDomainInferencePattern() {
+        return customDomainInferencePattern;
     }
 
     /**
-     * Sets whether the SDK should infer if the user has entered a new login server through
-     * the "Use Custom Domain" button on the login screen.
-     * @param shouldInferCustomDomain
+     *  Detect use of "Use Custom Domain" input from login web view using the given regex.
+     *  Example for a specific org:
+     *    "^https:\\/\\/mobilesdk\\.my\\.salesforce\\.com\\/\\?startURL=%2Fsetup%2Fsecur%2FRemoteAccessAuthorizationPage\\.apexp"
+     *  For any my domain:
+     *    "^https:\\/\\/[a-zA-Z0-9]+\\.my\\.salesforce\\.com/\\?startURL=%2Fsetup%2Fsecur%2FRemoteAccessAuthorizationPage\\.apexp"
+     *
+     * @param pattern regex to use when detecting use of custom domain on login
      */
-    public synchronized void setShouldInferCustomDomain(boolean shouldInferCustomDomain) {
-        this.shouldInferCustomDomain = shouldInferCustomDomain;
+    public synchronized void setCustomDomainInferencePattern(@Nullable Pattern pattern) {
+        this.customDomainInferencePattern = pattern;
     }
 
     /**

diff --git a/libs/SalesforceSDK/src/com/salesforce/androidsdk/ui/OAuthWebviewHelper.java b/libs/SalesforceSDK/src/com/salesforce/androidsdk/ui/OAuthWebviewHelper.java
@@ -100,6 +100,7 @@
 import java.util.Map;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
+import java.util.regex.Pattern;
 
 import okhttp3.Request;
 import okhttp3.Response;
@@ -525,7 +526,10 @@ public boolean shouldOverrideUrlLoading(WebView view, WebResourceRequest request
             }
 
             // Check if user entered a custom domain
-            if (SalesforceSDKManager.getInstance().shouldInferCustomDomain() && isNewLoginUrl(uri)) {
+            String host = uri.getHost();
+            Pattern customDomainPattern = SalesforceSDKManager.getInstance().getCustomDomainInferencePattern();
+            if (host != null && !getLoginUrl().contains(host) && customDomainPattern != null
+                    && customDomainPattern.matcher(uri.toString()).find()) {
                 try {
                     String baseUrl = "https://" + uri.getHost();
                     LoginServerManager serverManager = SalesforceSDKManager.getInstance().getLoginServerManager();
@@ -574,20 +578,6 @@ public boolean shouldOverrideUrlLoading(WebView view, WebResourceRequest request
             return authFlowFinished;
         }
 
-        private boolean isNewLoginUrl(Uri uri) {
-            String host = uri.getHost();
-            String query = uri.getQuery();
-            String path = uri.getPath();
-
-            if (host == null || query == null || path == null || getLoginUrl().contains(host)) {
-                return false;
-            }
-
-            final String myDomainHost = ".my.salesforce.com";
-            final String loginPath = "startURL=/setup/secur/RemoteAccessAuthorizationPage.apexp";
-            return host.endsWith(myDomainHost) && query.startsWith(loginPath) && path.equals("/");
-        }
-
         @Override
         public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
             int primError = error.getPrimaryError();