Include app2app device key JWT in the code exchange of reauthentication

#175 ref #174
authgear · Jan 9, 2024 · c555fe7 · c555fe7
2 parents ec8f663 + deaa823
commit c555fe7
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 3 deletions.
diff --git a/sdk/src/main/java/com/oursky/authgear/AuthgearCore.kt b/sdk/src/main/java/com/oursky/authgear/AuthgearCore.kt
@@ -795,7 +795,7 @@ internal class AuthgearCore(
         return userInfo
     }
 
-    private fun finishReauthentication(deepLink: String): UserInfo {
+    fun finishReauthentication(deepLink: String, verifier: Verifier? = null): UserInfo {
         val uri = Uri.parse(deepLink)
         val redirectUri = "${uri.scheme}://${uri.authority}${uri.path}"
         val state = uri.getQueryParameter("state")
@@ -820,15 +820,20 @@ internal class AuthgearCore(
                 state = state,
                 errorURI = errorURI
             )
-        val codeVerifier = storage.getOidcCodeVerifier(name)
+        val codeVerifier = verifier?.verifier ?: storage.getOidcCodeVerifier(name)
+        var app2appJwt: String? = null
+        if (app2AppOptions.isEnabled && Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+            app2appJwt = app2app.generateApp2AppJWT(forceNewKey = false)
+        }
         val tokenResponse = oauthRepo.oidcTokenRequest(
             OidcTokenRequest(
                 grantType = GrantType.AUTHORIZATION_CODE,
                 clientId = clientId,
                 xDeviceInfo = getDeviceInfo(this.application).toBase64URLEncodedString(),
                 code = code,
                 redirectUri = redirectUri,
-                codeVerifier = codeVerifier ?: ""
+                codeVerifier = codeVerifier ?: "",
+                xApp2AppDeviceKeyJwt = app2appJwt
             )
         )
         val userInfo = oauthRepo.oidcUserInfoRequest(tokenResponse.accessToken!!)

diff --git a/sdk/src/main/java/com/oursky/authgear/KotlinExtension.kt b/sdk/src/main/java/com/oursky/authgear/KotlinExtension.kt
@@ -66,6 +66,19 @@ suspend fun Authgear.finishAuthentication(
     }
 }
 
+/**
+ * @see [Authgear.finishReauthentication].
+ */
+@ExperimentalAuthgearApi
+suspend fun Authgear.finishReauthentication(
+    finishUri: String,
+    request: AuthenticationRequest
+): UserInfo {
+    return withContext(Dispatchers.IO) {
+        core.finishReauthentication(finishUri, request.verifier)
+    }
+}
+
 /**
  * @see [Authgear.authenticateAnonymously]
  */