@W-21146662: [Android] App attestation integration testing#3
Draft
JohnsonEricAtSalesforce wants to merge 1 commit intodevfrom
Draft
Conversation
libs/SalesforceSDK/src/com/salesforce/androidsdk/app/SalesforceSDKManager.kt
Outdated
Show resolved
Hide resolved
| * TODO: This will need to be made production-ready in the future. ECJ20260312 | ||
| // TODO: Discuss a suitable scope for this as attaching it to this singleton may further legacy patterns. ECJ20260312 | ||
| */ | ||
| fun testGooglePlayIntegrityApiPreparation() { |
Owner
Author
There was a problem hiding this comment.
This SalesforceSDKManager.testGooglePlayIntegrityApiPreparation method will not exist in the production version. It's only present to support this rough proof-of-concept test.
| * @param restClient The REST client to use | ||
| */ | ||
| @Suppress("unused") | ||
| internal class AppAttestationChallengeApiClient( |
Owner
Author
There was a problem hiding this comment.
This new AppAttestationChallengeApiClient is modeled on the earlier stand-alone REST clients such as SfapApiClient. This new API only has one endpoint and its documentation is not finished.
JohnsonEricAtSalesforce
force-pushed
the
feature/w-21146662_android-app-attestation-integration-testing
branch
2 times, most recently
from
98efc08 to
8d39060
Compare
JohnsonEricAtSalesforce
force-pushed
the
feature/w-21146662_android-app-attestation-integration-testing
branch
from
8d39060 to
082b018
Compare
| val salesforceAppAttestationChallenge = testSalesforceMobileAppAttestationChallengeRequest() | ||
| val salesforceAppAttestationChallengeHashByteArray = MessageDigest.getInstance("SHA-256") | ||
| .digest(salesforceAppAttestationChallenge.toByteArray(UTF_8)) | ||
| val salesforceAppAttestationChallengeHashHexString = salesforceAppAttestationChallengeHashByteArray.joinToString("") { "%02x".format(it) } |
Owner
Author
There was a problem hiding this comment.
We spent some time today getting the correct SHA256 hashed hex string that exactly matches the Google Guava Hasher version that the backend is expecting. This snippet was aided by our agent tools.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🛑 Draft Pull Request To This Fork Rather Than Upstream - Intended For Discussion Only 🛑
This is a quick proof-of-concept for integrating the new Salesforce Mobile App Attestation Challenge API Endpoint and the Google Play Integrity API into one of Salesforce Mobile SDK's sample apps so that the new attestation parameter can be delivered to the Salesforce org when needed
This code isn't intended to be production-ready for this work item nor will this pull request be merged.
For an overview, here are the key tasks the app and MSDK have to complete to use Google Play Integrity API with the updated Salesforce org:
Production Considerations:
attestationparameter can be passed to all Salesforce orgs. It will be ignored appropriately