PM-26577: Support multiple schemes for Duo, WebAuthn, and SSO callbacks

[david-livefront]

🎟️ Tracking

PM-26577

📔 Objective

This PR updates the Duo and WebAuthn logic to send the appropriate deeplink scheme data.

Note: This PR is on hold until the WebConnector logic is updated.

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[david-livefront]

This parent param is required by the WebAuthn Connector but it does not really use the value.

I have an open question about what I should be sending here.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.34%. Comparing base (275d90b) to head (26c74a3).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #6339   +/-   ##
=======================================
  Coverage   86.34%   86.34%           
=======================================
  Files         791      791           
  Lines       56717    56720    +3     
  Branches     8213     8213           
=======================================
+ Hits        48971    48974    +3     
  Misses       4891     4891           
  Partials     2855     2855           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

Checkmarx One – Scan Summary & Details – 523e9fc4-611e-4a0c-bc61-5be05b5190c3

Great job! No new security vulnerabilities introduced in this pull request

[claude]

Claude finished @david-livefront's task in 4m 30s —— View job

---

Code Review Summary

PR: PM-26577: Support multiple schemes for Duo, WebAuthn, and SSO callbacks

• Gather context and understand the PR changes
• Read all changed files in detail
• Review code for correctness, security, and best practices
• Post review findings

---

Overview

This PR switches Duo, WebAuthn, and SSO authentication callbacks from the custom bitwarden:// scheme to HTTPS app links (https://) for known environments (US, EU, Internal), while maintaining the custom scheme for self-hosted environments. This is a security improvement — HTTPS app links with autoVerify="true" are resistant to scheme hijacking compared to custom URI schemes.

Changes Reviewed

File	Change
AndroidManifest.xml	Added bitwarden.pw host for internal environment app link verification
EnvironmentUrlDataJsonExtensions.kt (app)	Switched US/EU/Internal from CustomScheme to HttpsScheme with correct host/path
EnvironmentUrlDataJsonExtensions.kt (data)	Returns "https" for US/EU/Internal appLinksScheme
AuthRepositoryTest.kt	Updated DEEPLINK_SCHEME from "bitwarden" to "https"
EnvironmentUrlDataJsonExtensionsTest.kt (app)	Updated all assertions to use HttpsScheme with correct hosts
EnvironmentUrlsDataJsonExtensionsTest.kt (data)	Updated expected scheme to "https" for US/EU/Internal
EnterpriseSignOnViewModelTest.kt	Updated SSO AuthTabData expectations
TwoFactorLoginViewModelTest.kt	Updated Duo and WebAuthn AuthTabData expectations

Findings

✅ No new issues found in this PR's changed code.

Category	Status
Security	HTTPS app links improve security over custom URI schemes (resistant to scheme hijacking)
Correctness	Environment-to-host mapping is correct (US→bitwarden.com, EU→bitwarden.eu, Internal→bitwarden.pw)
Manifest	Intent filter with autoVerify="true" correctly lists all three hosts and path patterns
Backward Compat	Self-hosted environments still use bitwarden:// custom scheme — no breaking change
Test Coverage	All environment types and callback kinds (duo, webauthn, sso) covered in tests
HttpsScheme model	callbackUrl correctly computes as "https://$host/$path" (e.g., https://bitwarden.com/duo-callback)
TODO cleanup	All // TODO: PM-26577 comments properly removed

Pre-existing Issue (not in this PR's diff)

⚠️ IntentManagerImpl.kt:97 on main still contains "\\${authTabData.path}" which produces a backslash-prefixed path (e.g., \duo-callback). This PR activates the HttpsScheme code path for US/EU/Internal, meaning AuthTabIntent.launch() will receive \duo-callback instead of /duo-callback on devices that support AuthTab. This should be fixed (change \\ to /) before or alongside merging this PR to avoid broken authentication redirects.

Fix IntentManagerImpl.kt backslash →

---

Reviewed by Claude Code

[claude]

❌ CRITICAL: The path parameter uses a backslash (\\) instead of a forward slash (/). In Kotlin, "\\${authTabData.path}" produces \duo-callback (with a literal backslash), but URL paths require forward slashes.

This will cause the AuthTab to register callbacks with malformed paths like \duo-callback instead of /duo-callback, breaking authentication redirect verification for Duo, WebAuthn, and SSO flows when using HTTPS app links on devices that support AuthTab.

Suggested change

	.launch(launcher, uri, authTabData.host, "\\${authTabData.path}")
	.launch(launcher, uri, authTabData.host, "/${authTabData.path}")

[david-livefront]

@claude This has been addressed

[claude]

Claude finished @david-livefront's task in 1m 0s —— View job

---

Verification Status

• Verify the backslash issue has been fixed in IntentManagerImpl.kt

Thanks for the update! However, I'm still seeing the backslash in the current code at IntentManagerImpl.kt:97:

.launch(launcher, uri, authTabData.host, "\\${authTabData.path}")

The current commit on the PR branch is 64c8a7e and still contains "\\${authTabData.path}".

If you've committed a fix locally, it may not have been pushed yet. The path should use a forward slash:

.launch(launcher, uri, authTabData.host, "/${authTabData.path}")

Let me know if you'd like me to make this fix, or if there's a pending push I should wait for!