feat: Add support for browser-based logins

For sites that only support logging in using a third-party login provider, allow logging in via a browser.
This new flow will open a custom tab where a user can log in using the supported mechanisms of the site,
then have the client id redirect back to to the app using a callback URL.
The auth code returned by the callback URL can then be used instead of a username and password to log in.

Author: xitij2000

app/src/main/AndroidManifest.xml

@@ -35,6 +35,12 @@
 
                 <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
+                <category android:name="android.intent.category.DEFAULT" />
+                <category android:name="android.intent.category.BROWSABLE" />
+                <data android:scheme="${applicationId}"  />
+            </intent-filter>
         </activity>
 
         <provider

app/src/main/java/org/openedx/app/AppActivity.kt

@@ -3,6 +3,7 @@ package org.openedx.app
 import android.content.pm.ActivityInfo
 import android.content.res.Configuration
 import android.graphics.Color
+import android.net.Uri
 import android.os.Bundle
 import android.view.View
 import android.view.WindowManager
@@ -49,6 +50,15 @@ class AppActivity : AppCompatActivity(), InsetHolder, WindowSizeHolder, AppDataH
 
     private var _windowSize = WindowSize(WindowType.Compact, WindowType.Compact)
 
+    private val authCode: String?
+        get() {
+            val data = intent?.data
+            if (data is Uri && data.scheme == BuildConfig.APPLICATION_ID && data.host == "oauth2Callback") {
+                return data.getQueryParameter("code")
+            }
+            return null
+        }
+
     override fun onSaveInstanceState(outState: Bundle) {
         outState.putInt(TOP_INSET, topInset)
         outState.putInt(BOTTOM_INSET, bottomInset)
@@ -103,8 +113,12 @@ class AppActivity : AppCompatActivity(), InsetHolder, WindowSizeHolder, AppDataH
                     .add(R.id.container, MainFragment())
                     .commit()
             } else {
+                val fragment = SignInFragment()
+                val bundle = Bundle()
+                bundle.putString("auth_code", authCode)
+                fragment.arguments = bundle
                 supportFragmentManager.beginTransaction()
-                    .add(R.id.container, SignInFragment())
+                    .add(R.id.container, fragment)
                     .commit()
             }
         }

auth/build.gradle

@@ -54,6 +54,7 @@ android {
 
 dependencies {
     implementation project(path: ':core')
+    implementation 'androidx.browser:browser:1.6.0'
 
     androidTestImplementation 'androidx.test.ext:junit:1.1.5'
     androidTestImplementation 'androidx.test.espresso:espresso-core:3.5.1'

auth/src/main/java/org/openedx/auth/data/api/AuthApi.kt

@@ -24,6 +24,17 @@ interface AuthApi {
         password: String,
     ): AuthResponse
 
+    @FormUrlEncoded
+    @POST(ApiConstants.URL_ACCESS_TOKEN)
+    suspend fun getAccessToken(
+        @Field("grant_type")
+        grantType: String,
+        @Field("client_id")
+        clientId: String,
+        @Field("code")
+        username: String,
+    ): AuthResponse
+
     @FormUrlEncoded
     @POST(ApiConstants.URL_ACCESS_TOKEN)
     fun refreshAccessToken(

auth/src/main/java/org/openedx/auth/data/repository/AuthRepository.kt

@@ -1,6 +1,7 @@
 package org.openedx.auth.data.repository
 
 import org.openedx.auth.data.api.AuthApi
+import org.openedx.auth.data.model.AuthResponse
 import org.openedx.auth.data.model.ValidationFields
 import org.openedx.core.ApiConstants
 import org.openedx.core.data.storage.CorePreferences
@@ -12,6 +13,16 @@ class AuthRepository(
     private val preferencesManager: CorePreferences,
 ) {
 
+    private suspend fun processAuthResponse(authResponse: AuthResponse) {
+        if (authResponse.error != null) {
+            throw EdxError.UnknownException(authResponse.error!!)
+        }
+        preferencesManager.accessToken = authResponse.accessToken ?: ""
+        preferencesManager.refreshToken = authResponse.refreshToken ?: ""
+        val user = api.getProfile().mapToDomain()
+        preferencesManager.user = user
+    }
+
     suspend fun login(
         username: String,
         password: String,
@@ -22,13 +33,16 @@ class AuthRepository(
             username,
             password
         )
-        if (authResponse.error != null) {
-            throw EdxError.UnknownException(authResponse.error!!)
-        }
-        preferencesManager.accessToken = authResponse.accessToken ?: ""
-        preferencesManager.refreshToken = authResponse.refreshToken ?: ""
-        val user = api.getProfile().mapToDomain()
-        preferencesManager.user = user
+        processAuthResponse(authResponse)
+    }
+
+    suspend fun login(code: String) {
+        val authResponse = api.getAccessToken(
+            ApiConstants.GRANT_TYPE_CODE,
+            org.openedx.core.BuildConfig.CLIENT_ID,
+            code,
+        )
+        processAuthResponse(authResponse)
     }
 
     suspend fun getRegistrationFields(): List<RegistrationField> {

auth/src/main/java/org/openedx/auth/domain/interactor/AuthInteractor.kt

@@ -13,6 +13,10 @@ class AuthInteractor(private val repository: AuthRepository) {
         repository.login(username, password)
     }
 
+    suspend fun login(code: String) {
+        repository.login(code)
+    }
+
     suspend fun getRegistrationFields(): List<RegistrationField> {
         return repository.getRegistrationFields()
     }

auth/src/main/java/org/openedx/auth/presentation/signin/SignInFragment.kt

@@ -2,9 +2,12 @@ package org.openedx.auth.presentation.signin
 
 import android.content.res.Configuration.UI_MODE_NIGHT_NO
 import android.content.res.Configuration.UI_MODE_NIGHT_YES
+import android.net.Uri
 import android.os.Bundle
+import android.util.Log
 import android.view.LayoutInflater
 import android.view.ViewGroup
+import androidx.browser.customtabs.CustomTabsIntent
 import androidx.compose.foundation.Image
 import androidx.compose.foundation.background
 import androidx.compose.foundation.layout.*
@@ -42,6 +45,7 @@ import org.openedx.core.ui.theme.appShapes
 import org.openedx.core.ui.theme.appTypography
 import org.koin.android.ext.android.inject
 import org.koin.androidx.viewmodel.ext.android.viewModel
+import org.openedx.core.BuildConfig
 
 class SignInFragment : Fragment() {
 
@@ -53,6 +57,10 @@ class SignInFragment : Fragment() {
         container: ViewGroup?,
         savedInstanceState: Bundle?,
     ) = ComposeView(requireContext()).apply {
+        val authCode = arguments?.getString("auth_code")
+        if (authCode is String) {
+            viewModel.login(authCode)
+        }
         setViewCompositionStrategy(ViewCompositionStrategy.DisposeOnViewTreeLifecycleDestroyed)
         setContent {
             OpenEdXTheme {
@@ -62,10 +70,12 @@ class SignInFragment : Fragment() {
                 val uiMessage by viewModel.uiMessage.observeAsState()
                 val loginSuccess by viewModel.loginSuccess.observeAsState(initial = false)
 
+                Log.d("TEST111", context.packageName)
                 LoginScreen(
                     windowSize = windowSize,
                     showProgress = showProgress,
                     uiMessage = uiMessage,
+                    browserLogin = BuildConfig.BROWSER_LOGIN,
                     onLoginClick = { login, password ->
                         viewModel.login(login, password)
                     },
@@ -76,6 +86,20 @@ class SignInFragment : Fragment() {
                     onForgotPasswordClick = {
                         viewModel.forgotPasswordClickedEvent()
                         router.navigateToRestorePassword(parentFragmentManager)
+                    },
+                    onLoginClickOauth = {
+                        val uri = Uri.parse("${BuildConfig.BASE_URL}oauth2/authorize")
+                            .buildUpon()
+                            .appendQueryParameter("client_id", BuildConfig.CLIENT_ID)
+                            .appendQueryParameter("redirect_uri", "${context.packageName}://oauth2Callback")
+                            .appendQueryParameter("response_type", "code")
+                            .build()
+                        val intent = CustomTabsIntent.Builder()
+                            .setUrlBarHidingEnabled(true)
+                            .setShowTitle(true)
+                            .build()
+                        intent.launchUrl(context, uri)
+
                     }
                 )
 
@@ -94,7 +118,9 @@ private fun LoginScreen(
     windowSize: WindowSize,
     showProgress: Boolean,
     uiMessage: UIMessage?,
+    browserLogin: Boolean,
     onLoginClick: (login: String, password: String) -> Unit,
+    onLoginClickOauth: () -> Unit,
     onRegisterClick: () -> Unit,
     onForgotPasswordClick: () -> Unit
 ) {
@@ -187,13 +213,27 @@ private fun LoginScreen(
                             style = MaterialTheme.appTypography.titleSmall
                         )
                         Spacer(modifier = Modifier.height(24.dp))
-                        AuthForm(
-                            buttonWidth,
-                            showProgress,
-                            onLoginClick,
-                            onRegisterClick,
-                            onForgotPasswordClick
-                        )
+                        if (browserLogin) {
+                            Column(
+                                modifier = Modifier.fillMaxSize(),
+                                verticalArrangement = Arrangement.SpaceAround,
+                                horizontalAlignment = Alignment.CenterHorizontally,
+                            ) {
+                                OpenEdXButton(
+                                    width = buttonWidth,
+                                    text = stringResource(id = R.string.auth_sign_in),
+                                    onClick = onLoginClickOauth,
+                                )
+                            }
+                        } else {
+                            AuthForm(
+                                buttonWidth,
+                                showProgress,
+                                onLoginClick,
+                                onRegisterClick,
+                                onForgotPasswordClick,
+                            )
+                        }
                     }
                 }
             }
@@ -334,9 +374,11 @@ private fun SignInScreenPreview() {
             windowSize = WindowSize(WindowType.Compact, WindowType.Compact),
             showProgress = false,
             uiMessage = null,
+            browserLogin = true,
             onLoginClick = { _, _ ->
 
             },
+            onLoginClickOauth = {},
             onRegisterClick = {},
             onForgotPasswordClick = {}
         )
@@ -353,9 +395,11 @@ private fun SignInScreenTabletPreview() {
             windowSize = WindowSize(WindowType.Expanded, WindowType.Expanded),
             showProgress = false,
             uiMessage = null,
+            browserLogin = true,
             onLoginClick = { _, _ ->
 
             },
+            onLoginClickOauth = {},
             onRegisterClick = {},
             onForgotPasswordClick = {}
         )

auth/src/main/java/org/openedx/auth/presentation/signin/SignInViewModel.kt

@@ -72,6 +72,30 @@ class SignInViewModel(
         }
     }
 
+    fun login(code: String) {
+        viewModelScope.launch {
+            try {
+                interactor.login(code)
+                _loginSuccess.value = true
+                setUserId()
+                analytics.userLoginEvent(LoginMethod.BROWSER.methodName)
+            } catch (e: Exception) {
+                if (e is EdxError.InvalidGrantException) {
+                    _uiMessage.value =
+                        UIMessage.SnackBarMessage(resourceManager.getString(CoreRes.string.core_error_invalid_grant))
+                } else if (e.isInternetError()) {
+                    _uiMessage.value =
+                        UIMessage.SnackBarMessage(resourceManager.getString(CoreRes.string.core_error_no_connection))
+                } else {
+                    _uiMessage.value =
+                        UIMessage.SnackBarMessage(resourceManager.getString(CoreRes.string.core_error_unknown_error))
+                }
+            }
+            _showProgress.value = false
+        }
+
+    }
+
     fun signUpClickedEvent() {
         analytics.signUpClickedEvent()
     }
@@ -91,6 +115,7 @@ private enum class LoginMethod(val methodName: String) {
     PASSWORD("Password"),
     FACEBOOK("Facebook"),
     GOOGLE("Google"),
-    MICROSOFT("Microsoft")
+    MICROSOFT("Microsoft"),
+    BROWSER("Browser"),
 }
 

core/build.gradle

@@ -49,6 +49,7 @@ android {
             buildConfigField "String", "FIREBASE_PROJECT_ID", "\"${firebase.projectId}\""
             buildConfigField "String", "FIREBASE_API_KEY", "\"${firebase.apiKey}\""
             buildConfigField "String", "FIREBASE_GCM_SENDER_ID", "\"${firebase.gcmSenderId}\""
+            buildConfigField "boolean", "BROWSER_LOGIN", "${ envMap.value.LOGIN_VIA_BROWSER }"
             resValue "string", "google_app_id", firebase.appId
             resValue "string", "platform_name", config.platformName
             resValue "string", "platform_full_name", config.platformFullName
@@ -70,6 +71,7 @@ android {
             buildConfigField "String", "FIREBASE_PROJECT_ID", "\"${firebase.projectId}\""
             buildConfigField "String", "FIREBASE_API_KEY", "\"${firebase.apiKey}\""
             buildConfigField "String", "FIREBASE_GCM_SENDER_ID", "\"${firebase.gcmSenderId}\""
+            buildConfigField "boolean", "BROWSER_LOGIN", "${ envMap.value.LOGIN_VIA_BROWSER }"
             resValue "string", "google_app_id", firebase.appId
             resValue "string", "platform_name", config.platformName
             resValue "string", "platform_full_name", config.platformFullName
@@ -91,6 +93,7 @@ android {
             buildConfigField "String", "FIREBASE_PROJECT_ID", "\"${firebase.projectId}\""
             buildConfigField "String", "FIREBASE_API_KEY", "\"${firebase.apiKey}\""
             buildConfigField "String", "FIREBASE_GCM_SENDER_ID", "\"${firebase.gcmSenderId}\""
+            buildConfigField "boolean", "BROWSER_LOGIN", "${ envMap.value.LOGIN_VIA_BROWSER }"
             resValue "string", "google_app_id", firebase.appId
             resValue "string", "platform_name", config.platformName
             resValue "string", "platform_full_name", config.platformFullName

core/src/main/java/org/openedx/core/ApiConstants.kt

@@ -11,6 +11,7 @@ object ApiConstants {
     const val URL_PASSWORD_RESET = "/password_reset/"
 
     const val GRANT_TYPE_PASSWORD = "password"
+    const val GRANT_TYPE_CODE = "authorization_code"
 
     const val TOKEN_TYPE_REFRESH = "refresh_token"