HOTFIX - Fixed issue with Smart Lock save not working on release build

SChakravorti21 · SChakravorti21 · commit 58b4042f9b71 · 2019-02-04T13:32:11.000-05:00
diff --git a/app/src/main/java/com/sakaimobile/development/sakaiclient20/networking/utilities/CASWebViewClient.java b/app/src/main/java/com/sakaimobile/development/sakaiclient20/networking/utilities/CASWebViewClient.java
@@ -1,6 +1,5 @@
 package com.sakaimobile.development.sakaiclient20.networking.utilities;
 
-import android.graphics.Bitmap;
 import android.os.Build;
 import android.webkit.CookieManager;
 import android.webkit.WebResourceResponse;
@@ -69,12 +68,12 @@ public WebResourceResponse shouldInterceptRequest(WebView view, String url) {
         // We only need to intercept once authentication is complete, as the
         // the cookies do not change afterwards
         if (url.startsWith("https://sakai.rutgers.edu/portal") && !gotHeaders)
-            return handleRequest(url);
+            return handleRequest(view, url);
 
         return super.shouldInterceptRequest(view, url);
     }
 
-    private WebResourceResponse handleRequest(String url) {
+    private WebResourceResponse handleRequest(WebView view, String url) {
         // After intercepting the request, we need to handle it
         // ourselves. This is done by creating an OkHttp3 Call,
         // which we add the Sakai cookies to. Without the cookies,
@@ -93,42 +92,53 @@ private WebResourceResponse handleRequest(String url) {
             return null;
         }
 
-        // After getting the response from Sakai, we can get the
-        // headers if it has what we want. Specifically, we need
-        // the X-Sakai-Session cookie.
-        String sakaiSessionHeader = response.headers().get("x-sakai-session");
-        if (sakaiSessionHeader != null && !gotHeaders) {
-            gotHeaders = true;
-            sakaiLoadedListener.onLoginSuccess(username, password);
-        }
+        // onPageStarted is not a good place to intercept credentials because
+        // it is called too late in the release build variant. Instead, perform that
+        // operation here. Call to post() is necessary for eval to run on the UI thread.
+        view.post(() -> {
+            // It is possible that we are moving away from this page,
+            // so in case it is the login page, extract the username and password
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT) {
+                // We get both credentials as an array to prevent synchronization issues
+                // with getting username and password separately.
+                view.evaluateJavascript(
+                    "[document.querySelector('#username').value, document.querySelector('#password').value]",
+                    credentials -> {
+                        // JS-evaluated strings have double quotes surrounding them, necessitating
+                        // all the null and length checks, and odd substring indices.
+                        if(credentials != null && !"null".equals(credentials)
+                                && !"undefined".equals(credentials) && credentials.length() > 7) {
+                            final String separator = "\",\"";
+                            int separatorIndex = credentials.indexOf(separator);
+                            this.username = credentials.substring(2, separatorIndex);
+                            this.password = credentials.substring(separatorIndex + separator.length(), credentials.length() - 2);
+                        }
+                        // Whether we got username and password or not, the authentication was
+                        // successful and this must be indicated to the LoginActivity
+                        tryCompleteLogin(response);
+                    }
+                );
+            } else {
+                // Can't evaluate JS, just login as usual
+                tryCompleteLogin(response);
+            }
+        });
 
         // We need to return a WebResourceResponse, otherwise the
         // WebView will think that the request is hanging. The WebView
         // renders this response.
         // We do not need to modify the mimeType or encoding of the response.
-        return new WebResourceResponse(null, null,
-                response.body().byteStream()
-        );
+        return new WebResourceResponse(null, null, response.body().byteStream());
     }
 
-    @Override
-    public void onPageStarted(WebView view, String url, Bitmap favicon) {
-        super.onPageStarted(view, url, favicon);
-        // It is possible that we are moving away from this page,
-        // so in case it is the login page, extract the username and password
-        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT) {
-            // JS-evaluated strings have double quotes surrounding them, necessitating
-            // all the null and length checks
-            view.evaluateJavascript("document.querySelector('#username').value", username -> {
-                if(username != null && !"null".equals(username) && username.length() > 2) {
-                    this.username = username.substring(1, username.length() - 1);
-                }
-            });
-            view.evaluateJavascript("document.querySelector('#password').value", password -> {
-                if(password != null && !"null".equals(password) && password.length() > 2) {
-                    this.password = password.substring(1, password.length() - 1);
-                }
-            });
+    private void tryCompleteLogin(Response response) {
+        // After getting the response from Sakai, we can get the
+        // headers if it has what we want. Specifically, we need
+        // the X-Sakai-Session cookie.
+        String sakaiSessionHeader = response.headers().get("x-sakai-session");
+        if (sakaiSessionHeader != null && !gotHeaders) {
+            gotHeaders = true;
+            sakaiLoadedListener.onLoginSuccess(username, password);
         }
     }
 }
