Remove custom scheme manifest placeholder for RedirectUriReceiverActivity

.github/workflows/build.yml

@@ -8,15 +8,15 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
-      - name: Set up JDK 11
+      - uses: actions/checkout@v3
+      - name: Set up JDK 17
         uses: actions/setup-java@v2
         with:
-          java-version: '11'
-          distribution: 'adopt'
+          java-version: '17'
+          distribution: 'temurin'
 
       - name: Cache Gradle packages
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: |
             ~/.gradle/caches
@@ -29,4 +29,4 @@ jobs:
         run: ./gradlew check jacoco assemble
 
       - name: Codecov
-        uses: codecov/codecov-action@v1
+        uses: codecov/codecov-action@v3

README.md

@@ -281,7 +281,7 @@ this redirect URI.
 
 We recommend using a custom scheme based redirect URI (i.e. those of form
 `my.scheme:/path`), as this is the most widely supported across all versions of
-Android. To avoid conflicts with other apps, it is recommended to configure a 
+Android. To avoid conflicts with other apps, it is recommended to configure a
 distinct scheme using "reverse domain name notation". This can either match
 your service web domain (in reverse) e.g. `com.example.service` or your package
 name `com.example.app` or be something completely new as long as it's distinct
@@ -290,15 +290,6 @@ possible if it contains illegal characters for URI schemes (like underscores)
 or if you already have another handler for that scheme - so just use something
 else.
 
-When a custom scheme is used, AppAuth can be easily configured to capture
-all redirects using this custom scheme through a manifest placeholder:
-
-```groovy
-android.defaultConfig.manifestPlaceholders = [
-  'appAuthRedirectScheme': 'com.example.app'
-]
-```
-
 Alternatively, the redirect URI can be directly configured by adding an
 intent-filter for AppAuth's RedirectUriReceiverActivity to your
 AndroidManifest.xml:
@@ -466,7 +457,7 @@ private void endSession() {
 @Override
 protected void onActivityResult(int requestCode, int resultCode, Intent data) {
   if (requestCode == RC_END_SESSION) {
-    EndSessionResonse resp = EndSessionResonse.fromIntent(data);
+    EndSessionResponse resp = EndSessionResponse.fromIntent(data);
     AuthorizationException ex = AuthorizationException.fromIntent(data);
     // ... process the response or exception ...
   } else {

app/AndroidManifest.xml

@@ -11,9 +11,7 @@
  * express or implied. See the License for the specific language governing permissions and
  * limitations under the License.
 -->
-<manifest
-        xmlns:android="http://schemas.android.com/apk/res/android"
-        package="net.openid.appauthdemo" >
+<manifest xmlns:android="http://schemas.android.com/apk/res/android">
 
     <uses-permission android:name="android.permission.INTERNET" />
 
@@ -31,8 +29,6 @@
     </queries>
 
     <application
-            android:allowBackup="false"
-            android:fullBackupContent="false"
             android:icon="@mipmap/ic_launcher"
             android:label="@string/app_name_short"
             android:theme="@style/AppTheme"

app/README-Google.md

@@ -28,8 +28,5 @@
    }
    ```
 
-3. Finally, replace the `appAuthRedirectScheme` manifest placeholder in `build.gradle` (for Module: app) with
-   `com.googleusercontent.apps.PREFIX`.
-
 After this is done, install the app (`./gradlew :app:installDebug`). Authorizing a Google account
 and retrieving user info should now work.

app/README.md

@@ -8,21 +8,15 @@ with an invalid configuration.
 The configuration file MUST contain a JSON object. The following properties can be specified:
 
   - `redirect_uri` (required): The redirect URI to use for receiving the authorization response.
-    This can either be a custom scheme URI (com.example.app:/oauth2redirect/example-provider) or 
-    an https app link (https://www.example.com/path). Custom scheme URIs are better supported 
-    across all versions of Android, however many authorization server implementations require an 
+    This can either be a custom scheme URI (com.example.app:/oauth2redirect/example-provider) or
+    an https app link (https://www.example.com/path). Custom scheme URIs are better supported
+    across all versions of Android, however many authorization server implementations require an
     https URI. Consult the documentation for your authorization server.
 
-    The value specified here should match the value specified for `appAuthRedirectScheme` in the
-    `build.gradle` (Module: app), so that the demo app can capture the response.
-
   - `end_session_redirect_uri` (required): The redirect URI to use for receiving the end session response.
-    This should be a custom scheme URI (com.example.app:/oauth2redirect/example-provider). 
-    Consult the documentation for your authorization server. 
+    This should be a custom scheme URI (com.example.app:/oauth2redirect/example-provider).
+    Consult the documentation for your authorization server.
 
-    The value specified here should match the value specified for `appAuthRedirectScheme` in the
-    `build.gradle` (Module: app), so that the demo app can capture the response.
-
     NOTE: Scheme of the URI should be the same as `redirect_uri` but callback should be different.
 
   - `authorization_scope` (required): The scope string to use for the authorization request.

app/build.gradle

@@ -4,16 +4,11 @@ apply from: '../config/android-common.gradle'
 apply from: '../config/keystore.gradle'
 
 android {
+    namespace 'net.openid.appauthdemo'
     defaultConfig {
         applicationId 'net.openid.appauthdemo'
         project.archivesBaseName = 'appauth-demoapp'
         vectorDrawables.useSupportLibrary = true
-
-        // Make sure this is consistent with the redirect URI used in res/raw/auth_config.json,
-        // or specify additional redirect URIs in AndroidManifest.xml
-        manifestPlaceholders = [
-                'appAuthRedirectScheme': 'net.openid.appauthdemo'
-        ]
     }
 
     signingConfigs {
@@ -30,6 +25,10 @@ android {
         targetCompatibility JavaVersion.VERSION_1_8
     }
 
+    lintOptions {
+        lintConfig = file("${projectDir}/lint.xml")
+    }
+
     buildTypes {
         debug {
             signingConfig signingConfigs.debugAndRelease

app/java/net/openid/appauthdemo/Configuration.java

@@ -209,10 +209,7 @@ private void readConfiguration() throws InvalidConfigurationException {
 
         if (!isRedirectUriRegistered()) {
             throw new InvalidConfigurationException(
-                    "redirect_uri is not handled by any activity in this app! "
-                            + "Ensure that the appAuthRedirectScheme in your build.gradle file "
-                            + "is correctly configured, or that an appropriate intent filter "
-                            + "exists in your app manifest.");
+                    "redirect_uri is not handled by any activity in this app!");
         }
 
         if (getConfigString("discovery_uri") == null) {

app/java/net/openid/appauthdemo/ConnectionBuilderForTesting.java

@@ -55,7 +55,7 @@ public final class ConnectionBuilderForTesting implements ConnectionBuilder {
     private static final String HTTP = "http";
     private static final String HTTPS = "https";
 
-    @SuppressLint("TrustAllX509TrustManager")
+    @SuppressLint({"TrustAllX509TrustManager", "CustomX509TrustManager"})
     private static final TrustManager[] ANY_CERT_MANAGER = new TrustManager[] {
             new X509TrustManager() {
                 public X509Certificate[] getAcceptedIssuers() {

app/lint.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<lint>
+    <issue id="NotificationPermission">
+        <ignore regexp="com.bumptech.glide.request.target.NotificationTarget" />
+    </issue>
+</lint>

build.gradle

@@ -8,7 +8,7 @@ buildscript {
         google()
     }
     dependencies {
-        classpath 'com.android.tools.build:gradle:4.2.1'
+        classpath 'com.android.tools.build:gradle:8.0.1'
         classpath 'org.ajoberstar.grgit:grgit-gradle:4.1.1'
         classpath 'org.jacoco:org.jacoco.core:0.8.7'
     }

config/android-common.gradle

@@ -1,4 +1,5 @@
 android {
+    namespace 'net.openid.appauth'
     compileSdkVersion rootProject.compileSdkVersion
     defaultConfig {
         minSdkVersion rootProject.minSdkVersion
@@ -41,7 +42,7 @@ task jar(type: Copy, dependsOn:'bundleRelease') {
 // produces a JAR containing sources
 task sourcesJar(type: Jar, dependsOn:'generateReleaseSources') {
     from android.sourceSets.main.java.srcDirs
-    classifier = 'sources'
+    archiveClassifier = 'sources'
 }
 
 tasks.withType(JavaCompile) {

config/coverage.gradle

@@ -8,14 +8,17 @@ android {
             }
         }
     }
+    unitTestVariants.all {
+        it.mergedFlavor.manifestPlaceholders = ['appAuthRedirectScheme': 'net.openid.appauthdemo']
+    }
 }
 
 task jacocoTestReport(type: JacocoReport, dependsOn: "testDebugUnitTest") {
     group = "Reporting"
     description = "Generate Jacoco coverage reports after running tests."
     reports {
-        xml.enabled = true
-        html.enabled = true
+        xml.required.set(true)
+        html.required.set(true)
     }
     // Class R is used, but usage will not be covered, so ignore this class from report
     afterEvaluate {

config/javadoc.gradle

@@ -3,13 +3,14 @@ configurations {
 }
 
 dependencies {
-    mdDoclet 'org.jdrupes.mdoclet:doclet:2.0.0'
+    mdDoclet 'org.jdrupes.mdoclet:doclet:3.1.0'
 }
 
 task androidJavadoc(type: JavaExec) {
-    jvmArgs = ['--add-exports=jdk.javadoc/jdk.javadoc.internal.tool=ALL-UNNAMED']
+    jvmArgs = ['--add-exports=jdk.javadoc/jdk.javadoc.internal.tool=ALL-UNNAMED',
+               '--add-exports=jdk.compiler/com.sun.tools.javac.tree=ALL-UNNAMED']
     classpath files(project.android.getBootClasspath())
-    main = 'jdk.javadoc.internal.tool.Main'
+    mainClass = 'jdk.javadoc.internal.tool.Main'
     ext.destinationDir = file("${project.buildDir}/docs/javadoc")
     args = ['-doctitle', "AppAuth for Android",
             '-use',
@@ -22,10 +23,11 @@ task androidJavadoc(type: JavaExec) {
             '-d', ext.destinationDir,
             '-Xdoclint:none',
     ] + android.sourceSets.main.java.sourceFiles.files
+    mustRunAfter(':library:assembleRelease', ':library:assembleDebug')
 }
 
 task javadocJar(type: Jar, dependsOn: androidJavadoc) {
-    classifier = 'javadoc'
+    archiveClassifier = 'javadoc'
     from androidJavadoc.ext.destinationDir
 }
 

config/style.gradle

@@ -10,7 +10,7 @@ task checkAllSource(type: Checkstyle) {
     afterEvaluate {
         source 'java'
         include '**/*.java'
-        classpath = files project.configurations.compile.files
+        classpath = files()
     }
 }
 

config/testdeps.gradle

@@ -1,9 +1,9 @@
 testImplementation 'junit:junit:4.13.2'
 testImplementation 'org.hamcrest:hamcrest:2.2'
 testImplementation 'org.mockito:mockito-core:3.10.0'
-testImplementation 'org.robolectric:robolectric:4.5.1'
+testImplementation 'org.robolectric:robolectric:4.9'
 testImplementation 'org.assertj:assertj-core:3.19.0'
-testImplementation 'androidx.test.ext:junit:1.1.3'
-testImplementation 'androidx.test.ext:truth:1.3.0'
+testImplementation 'androidx.test.ext:junit:1.1.5'
+testImplementation 'androidx.test.ext:truth:1.5.0'
 testImplementation 'com.google.truth:truth:1.1.3'
 testImplementation 'xmlpull:xmlpull:1.1.3.1'

gradle/wrapper/gradle-wrapper.properties

@@ -1,4 +1,4 @@
 #Sat Jun 13 20:20:21 CEST 2020
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.8.3-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.1.1-all.zip

library/AndroidManifest.xml

@@ -12,8 +12,7 @@
  * express or implied. See the License for the specific language governing permissions and
  * limitations under the License.
 -->
-<manifest xmlns:android="http://schemas.android.com/apk/res/android"
-    package="net.openid.appauth">
+<manifest xmlns:android="http://schemas.android.com/apk/res/android">
 
   <uses-permission android:name="android.permission.INTERNET" />
 
@@ -24,14 +23,7 @@
       android:theme="@style/Theme.AppCompat.Translucent.NoTitleBar"
       android:launchMode="singleTask" />
 
-    <activity android:name=".RedirectUriReceiverActivity" android:exported="true">
-      <intent-filter>
-        <action android:name="android.intent.action.VIEW"/>
-        <category android:name="android.intent.category.DEFAULT"/>
-        <category android:name="android.intent.category.BROWSABLE"/>
-        <data android:scheme="${appAuthRedirectScheme}"/>
-      </intent-filter>
-    </activity>
+    <activity android:name=".RedirectUriReceiverActivity" android:exported="true"/>
   </application>
 
   <queries>

library/java/net/openid/appauth/RedirectUriReceiverActivity.java

@@ -23,14 +23,6 @@
  * destroys the browser tab before returning the result to the completion
  * {@link android.app.PendingIntent}
  * provided to {@link AuthorizationService#performAuthorizationRequest}.
- *
- * App developers using this library must override the `appAuthRedirectScheme`
- * property in their `build.gradle` to specify the custom scheme that will be used for
- * the OAuth2 redirect. If custom scheme redirect cannot be used with the identity provider
- * you are integrating with, then a custom intent filter should be defined in your
- * application manifest instead. For example, to handle
- * `https://www.example.com/oauth2redirect`:
- *
  * ```xml
  * <intent-filter>
  *   <action android:name="android.intent.action.VIEW"/>

library/javatests/AndroidManifest.xml

@@ -13,12 +13,11 @@
  * limitations under the License.
 -->
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:tools="http://schemas.android.com/tools"
-    package="net.openid.appauth">
+    xmlns:tools="http://schemas.android.com/tools">
 
     <application>
         <activity android:name=".RedirectUriReceiverActivity"
-            android:exported="true" tools:node="replace">
+            android:exported="true">
             <intent-filter>
                 <action android:name="android.intent.action.VIEW"/>
                 <category android:name="android.intent.category.DEFAULT"/>

library/javatests/net/openid/appauth/browser/AnyBrowserMatcherTest.java

@@ -16,7 +16,6 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 
-import net.openid.appauth.BuildConfig;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.robolectric.RobolectricTestRunner;

library/javatests/net/openid/appauth/browser/BrowserAllowListTest.java

@@ -16,7 +16,6 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 
-import net.openid.appauth.BuildConfig;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.robolectric.RobolectricTestRunner;

library/javatests/net/openid/appauth/browser/BrowserDenyListTest.java

@@ -16,7 +16,6 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 
-import net.openid.appauth.BuildConfig;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.robolectric.RobolectricTestRunner;

library/javatests/net/openid/appauth/browser/CustomTabManagerTest.java

@@ -14,7 +14,6 @@
 import androidx.browser.customtabs.CustomTabsServiceConnection;
 import androidx.browser.customtabs.CustomTabsSession;
 import java.util.List;
-import net.openid.appauth.BuildConfig;
 
 import org.junit.After;
 import org.junit.Before;

library/javatests/net/openid/appauth/browser/DelimitedVersionTest.java

@@ -16,7 +16,6 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 
-import net.openid.appauth.BuildConfig;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.robolectric.RobolectricTestRunner;

library/javatests/net/openid/appauth/browser/VersionRangeTest.java

@@ -16,7 +16,6 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 
-import net.openid.appauth.BuildConfig;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.robolectric.RobolectricTestRunner;

library/javatests/net/openid/appauth/browser/VersionedBrowserMatcherTest.java

@@ -19,7 +19,6 @@
 import java.util.Collections;
 import java.util.HashSet;
 
-import net.openid.appauth.BuildConfig;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;

library/javatests/net/openid/appauth/internal/LoggerTest.java

@@ -23,7 +23,6 @@
 
 import android.util.Log;
 
-import net.openid.appauth.BuildConfig;
 
 import org.junit.After;
 import org.junit.Before;