Supporting App2App OAuth Flows

library/java/net/openid/appauth/Utils.java

@@ -22,7 +22,7 @@
 /**
  * Utility class for common operations.
  */
-class Utils {
+public class Utils {
     private static final int INITIAL_READ_BUFFER_SIZE = 1024;
 
     private Utils() {

library/java/net/openid/appauth/app2app/CertificateFingerprintEncoding.java

@@ -0,0 +1,89 @@
+/*
+ * Copyright 2016 The AppAuth for Android Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.openid.appauth.app2app;
+
+import android.util.Base64;
+import androidx.annotation.NonNull;
+
+import org.json.JSONArray;
+import org.json.JSONException;
+
+import java.util.HashSet;
+import java.util.Set;
+
+final class CertificateFingerprintEncoding {
+
+    private static final int DECIMAL = 10;
+    private static final int HEXADECIMAL = 16;
+    private static final int HALF_BYTE = 4;
+
+    private CertificateFingerprintEncoding() {}
+
+    /**
+     * This method takes the certificate fingerprints from the '/.well-known/assetlinks.json' file
+     * and decodes it in the correct way to compare the hashes with the ones found on the device.
+     */
+    @NonNull
+    protected static Set<String> certFingerprintsToDecodedString(
+            @NonNull JSONArray certFingerprints) {
+        Set<String> hashes = new HashSet<>();
+
+        for (int i = 0; i < certFingerprints.length(); i++) {
+            try {
+                byte[] byteArray = hexStringToByteArray(certFingerprints.get(i).toString());
+                String str = Base64.encodeToString(byteArray, DECIMAL);
+                hashes.add(str);
+            } catch (JSONException e) {
+                e.printStackTrace();
+            }
+        }
+
+        return hashes;
+    }
+
+    /**
+     * This method converts a hex string that is separated by colons into a ByteArray.
+     *
+     * <p>Example hexString: 4F:69:88:01:...
+     */
+    @NonNull
+    private static byte[] hexStringToByteArray(@NonNull String hexString) {
+        String[] hexValues = hexString.split(":");
+        byte[] byteArray = new byte[hexValues.length];
+        String str;
+        int tmp = 0;
+
+        for (int i = 0; i < hexValues.length; ++i) {
+            str = hexValues[i];
+            tmp = 0;
+            tmp = hexValue(str.charAt(0));
+            tmp <<= HALF_BYTE;
+            tmp |= hexValue(str.charAt(1));
+            byteArray[i] = (byte) tmp;
+        }
+
+        return byteArray;
+    }
+
+    /** Converts a single hex digit into its decimal value. */
+    private static int hexValue(char hexChar) {
+        int digit = Character.digit(hexChar, HEXADECIMAL);
+        if (digit < 0) {
+            throw new IllegalArgumentException("Invalid hex char " + hexChar);
+        } else {
+            return digit;
+        }
+    }
+}

library/java/net/openid/appauth/app2app/README.md

@@ -0,0 +1,5 @@
+# App2App Redirection
+
+Further information about the ``app2app`` package
+can be found [here](https://github.com/oauthstuff/app2app-evolution/blob/master/AppAuth-Integration.md)
+and [here](https://github.com/oauthstuff/app2app-evolution).

library/java/net/openid/appauth/app2app/RedirectSession.java

@@ -0,0 +1,81 @@
+/*
+ * Copyright 2016 The AppAuth for Android Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package net.openid.appauth.app2app;
+
+import android.content.Context;
+import android.net.Uri;
+import androidx.annotation.NonNull;
+
+import org.json.JSONArray;
+
+import java.util.Set;
+
+/** Class to hold all important information to perform a secure redirection. */
+class RedirectSession {
+
+    private Context mContext;
+    private Uri mUri;
+    private String mBasePackageName = "";
+    private Set<String> mBaseCertFingerprints;
+    private JSONArray mAssetLinksFile = null;
+
+    protected RedirectSession(@NonNull Context context, @NonNull Uri uri) {
+        this.mContext = context;
+        this.mUri = uri;
+    }
+
+    @NonNull
+    protected Context getContext() {
+        return mContext;
+    }
+
+    protected void setContext(@NonNull Context context) {
+        this.mContext = context;
+    }
+
+    @NonNull
+    protected Uri getUri() {
+        return mUri;
+    }
+
+    protected void setUri(@NonNull Uri uri) {
+        this.mUri = uri;
+    }
+
+    @NonNull
+    protected String getBasePackageName() {
+        return mBasePackageName;
+    }
+
+    protected void setBasePackageName(@NonNull String basePackageName) {
+        this.mBasePackageName = basePackageName;
+    }
+
+    protected Set<String> getBaseCertFingerprints() {
+        return mBaseCertFingerprints;
+    }
+
+    protected void setBaseCertFingerprints(Set<String> baseCertFingerprints) {
+        this.mBaseCertFingerprints = baseCertFingerprints;
+    }
+
+    public JSONArray getAssetLinksFile() {
+        return mAssetLinksFile;
+    }
+
+    public void setAssetLinksFile(JSONArray assetLinksFile) {
+        this.mAssetLinksFile = assetLinksFile;
+    }
+}