PM-26577: Support multiple schemes for Duo, WebAuthn, and SSO callbacks#6339
PM-26577: Support multiple schemes for Duo, WebAuthn, and SSO callbacks#6339david-livefront wants to merge 1 commit intomainfrom
Conversation
| .getEncoder() | ||
| .encodeToString(json.toString().toByteArray(Charsets.UTF_8)) | ||
| val parentParam = URLEncoder.encode(CALLBACK_URI, "UTF-8") | ||
| val parentParam = URLEncoder.encode(callbackUri, "UTF-8") |
There was a problem hiding this comment.
This parent param is required by the WebAuthn Connector but it does not really use the value.
I have an open question about what I should be sending here.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #6339 +/- ##
=======================================
Coverage 86.34% 86.34%
=======================================
Files 791 791
Lines 56717 56720 +3
Branches 8213 8213
=======================================
+ Hits 48971 48974 +3
Misses 4891 4891
Partials 2855 2855 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
795738e to
60679da
Compare
|
Great job! No new security vulnerabilities introduced in this pull request |
60679da to
fc73da8
Compare
fc73da8 to
1174c47
Compare
1174c47 to
d702bbf
Compare
ffb771d to
375d447
Compare
375d447 to
3e821aa
Compare
|
Claude finished @david-livefront's task in 4m 30s —— View job Code Review SummaryPR: PM-26577: Support multiple schemes for Duo, WebAuthn, and SSO callbacks
OverviewThis PR switches Duo, WebAuthn, and SSO authentication callbacks from the custom Changes Reviewed
Findings✅ No new issues found in this PR's changed code.
Pre-existing Issue (not in this PR's diff)
Fix IntentManagerImpl.kt backslash → Reviewed by Claude Code |
app/src/main/kotlin/com/x8bit/bitwarden/data/platform/util/EnvironmentUrlDataJsonExtensions.kt
Outdated
Show resolved
Hide resolved
app/src/test/kotlin/com/x8bit/bitwarden/data/auth/repository/util/WebAuthUtilsTest.kt
Outdated
Show resolved
Hide resolved
3e821aa to
64c8a7e
Compare
app/src/main/kotlin/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryImpl.kt
Show resolved
Hide resolved
| is AuthTabData.HttpsScheme -> { | ||
| AuthTabIntent.Builder() | ||
| .build() | ||
| .launch(launcher, uri, authTabData.host, "\\${authTabData.path}") |
There was a problem hiding this comment.
❌ CRITICAL: The path parameter uses a backslash (\\) instead of a forward slash (/). In Kotlin, "\\${authTabData.path}" produces \duo-callback (with a literal backslash), but URL paths require forward slashes.
This will cause the AuthTab to register callbacks with malformed paths like \duo-callback instead of /duo-callback, breaking authentication redirect verification for Duo, WebAuthn, and SSO flows when using HTTPS app links on devices that support AuthTab.
| .launch(launcher, uri, authTabData.host, "\\${authTabData.path}") | |
| .launch(launcher, uri, authTabData.host, "/${authTabData.path}") |
There was a problem hiding this comment.
Claude finished @david-livefront's task in 1m 0s —— View job
Verification Status
- Verify the backslash issue has been fixed in
IntentManagerImpl.kt
Thanks for the update! However, I'm still seeing the backslash in the current code at IntentManagerImpl.kt:97:
.launch(launcher, uri, authTabData.host, "\\${authTabData.path}")The current commit on the PR branch is 64c8a7e and still contains "\\${authTabData.path}".
If you've committed a fix locally, it may not have been pushed yet. The path should use a forward slash:
.launch(launcher, uri, authTabData.host, "/${authTabData.path}")Let me know if you'd like me to make this fix, or if there's a pending push I should wait for!
64c8a7e to
59c70c1
Compare
59c70c1 to
9b129e3
Compare
9b129e3 to
26c74a3
Compare

🎟️ Tracking
PM-26577
📔 Objective
This PR updates the Duo and WebAuthn logic to send the appropriate deeplink scheme data.
Note: This PR is on hold until the WebConnector logic is updated.
⏰ Reminders before review
🦮 Reviewer guidelines
:+1:) or similar for great changes:memo:) or ℹ️ (:information_source:) for notes or general info:question:) for questions:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion:art:) for suggestions / improvements:x:) or:warning:) for more significant problems or concerns needing attention:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt:pick:) for minor or nitpick changes