From 8be650ddf72c87069010ad7d802597310e286f44 Mon Sep 17 00:00:00 2001 From: Brandon Page Date: Thu, 24 Aug 2023 18:52:59 -0700 Subject: [PATCH] Update Custom Domain opt-in boolean to be opt-in regex pattern. --- .../androidsdk/app/SalesforceSDKManager.java | 27 ++++++++++++------- .../androidsdk/ui/OAuthWebviewHelper.java | 20 ++++---------- 2 files changed, 22 insertions(+), 25 deletions(-) diff --git a/libs/SalesforceSDK/src/com/salesforce/androidsdk/app/SalesforceSDKManager.java b/libs/SalesforceSDK/src/com/salesforce/androidsdk/app/SalesforceSDKManager.java index d71b18b3e2..9f0fb10ea3 100644 --- a/libs/SalesforceSDK/src/com/salesforce/androidsdk/app/SalesforceSDKManager.java +++ b/libs/SalesforceSDK/src/com/salesforce/androidsdk/app/SalesforceSDKManager.java @@ -48,6 +48,7 @@ import android.webkit.CookieManager; import androidx.annotation.NonNull; +import androidx.annotation.Nullable; import androidx.lifecycle.Lifecycle; import androidx.lifecycle.LifecycleObserver; import androidx.lifecycle.OnLifecycleEvent; @@ -100,6 +101,7 @@ import java.util.SortedSet; import java.util.UUID; import java.util.concurrent.ConcurrentSkipListSet; +import java.util.regex.Pattern; /** * This class serves as an interface to the various @@ -182,7 +184,7 @@ public class SalesforceSDKManager implements LifecycleObserver { private boolean useHybridAuthentication = true; // hybrid authentication flows ON by default - but app can opt out by calling setUseHybridAuthentication(false) - private boolean shouldInferCustomDomain = false; // Do not detect use of Custom Domain input from login webview but app can opt in by calling setInferCustomDomain(ture) + private Pattern customDomainInferencePattern; private Theme theme = Theme.SYSTEM_DEFAULT; private String appName; @@ -676,20 +678,25 @@ public synchronized void setUseHybridAuthentication(boolean useHybridAuthenticat } /** - * Returns whether the SDK should infer if the user has entered a new login server through - * the "Use Custom Domain" button on the login screen. + * Returns the pattern used to detect the use of "Use Custom Domain" input from login web view. + * + * @return pattern if set or null */ - public boolean shouldInferCustomDomain() { - return this.shouldInferCustomDomain; + public synchronized Pattern getCustomDomainInferencePattern() { + return customDomainInferencePattern; } /** - * Sets whether the SDK should infer if the user has entered a new login server through - * the "Use Custom Domain" button on the login screen. - * @param shouldInferCustomDomain + * Detect use of "Use Custom Domain" input from login web view using the given regex. + * Example for a specific org: + * "^https:\\/\\/mobilesdk\\.my\\.salesforce\\.com\\/\\?startURL=%2Fsetup%2Fsecur%2FRemoteAccessAuthorizationPage\\.apexp" + * For any my domain: + * "^https:\\/\\/[a-zA-Z0-9]+\\.my\\.salesforce\\.com/\\?startURL=%2Fsetup%2Fsecur%2FRemoteAccessAuthorizationPage\\.apexp" + * + * @param pattern regex to use when detecting use of custom domain on login */ - public synchronized void setShouldInferCustomDomain(boolean shouldInferCustomDomain) { - this.shouldInferCustomDomain = shouldInferCustomDomain; + public synchronized void setCustomDomainInferencePattern(@Nullable Pattern pattern) { + this.customDomainInferencePattern = pattern; } /** diff --git a/libs/SalesforceSDK/src/com/salesforce/androidsdk/ui/OAuthWebviewHelper.java b/libs/SalesforceSDK/src/com/salesforce/androidsdk/ui/OAuthWebviewHelper.java index dd55e7faf3..47a6f7d317 100644 --- a/libs/SalesforceSDK/src/com/salesforce/androidsdk/ui/OAuthWebviewHelper.java +++ b/libs/SalesforceSDK/src/com/salesforce/androidsdk/ui/OAuthWebviewHelper.java @@ -100,6 +100,7 @@ import java.util.Map; import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; +import java.util.regex.Pattern; import okhttp3.Request; import okhttp3.Response; @@ -525,7 +526,10 @@ public boolean shouldOverrideUrlLoading(WebView view, WebResourceRequest request } // Check if user entered a custom domain - if (SalesforceSDKManager.getInstance().shouldInferCustomDomain() && isNewLoginUrl(uri)) { + String host = uri.getHost(); + Pattern customDomainPattern = SalesforceSDKManager.getInstance().getCustomDomainInferencePattern(); + if (host != null && !getLoginUrl().contains(host) && customDomainPattern != null + && customDomainPattern.matcher(uri.toString()).find()) { try { String baseUrl = "https://" + uri.getHost(); LoginServerManager serverManager = SalesforceSDKManager.getInstance().getLoginServerManager(); @@ -574,20 +578,6 @@ public boolean shouldOverrideUrlLoading(WebView view, WebResourceRequest request return authFlowFinished; } - private boolean isNewLoginUrl(Uri uri) { - String host = uri.getHost(); - String query = uri.getQuery(); - String path = uri.getPath(); - - if (host == null || query == null || path == null || getLoginUrl().contains(host)) { - return false; - } - - final String myDomainHost = ".my.salesforce.com"; - final String loginPath = "startURL=/setup/secur/RemoteAccessAuthorizationPage.apexp"; - return host.endsWith(myDomainHost) && query.startsWith(loginPath) && path.equals("/"); - } - @Override public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) { int primError = error.getPrimaryError();