[APPC-4731] Support for external apps from the WebView Payment. Safe …

…check on url parameters
Catappult · Jan 14, 2025 · 4dee2cf · 4dee2cf
1 parent ed6cf74
commit 4dee2cf
Show file tree

Hide file tree

Showing 4 changed files with 37 additions and 21 deletions.
diff --git a/app/src/main/java/com/asfoundation/wallet/ui/webview_payment/WebViewPaymentActivity.kt b/app/src/main/java/com/asfoundation/wallet/ui/webview_payment/WebViewPaymentActivity.kt
@@ -1,11 +1,13 @@
 package com.asfoundation.wallet.ui.webview_payment
 
 import android.annotation.SuppressLint
+import android.content.ActivityNotFoundException
 import android.content.Context
 import android.content.Intent
 import android.content.pm.ActivityInfo
 import android.content.res.Configuration
 import android.graphics.Rect
+import android.net.Uri.parse
 import android.os.Build
 import android.os.Bundle
 import android.util.Log
@@ -28,7 +30,6 @@ import androidx.compose.foundation.layout.height
 import androidx.compose.foundation.layout.padding
 import androidx.compose.foundation.shape.RoundedCornerShape
 import androidx.compose.runtime.Composable
-import androidx.compose.runtime.MutableState
 import androidx.compose.runtime.mutableStateOf
 import androidx.compose.runtime.remember
 import androidx.compose.ui.Modifier
@@ -89,6 +90,8 @@ class WebViewPaymentActivity : AppCompatActivity() {
 
   private val compositeDisposable = CompositeDisposable()
 
+  private var shouldAllowExternalApps = true
+
   companion object {
     private const val SUCCESS_SCHEMA = "https://wallet.dev.appcoins.io/iap/success"
     const val TRANSACTION_BUILDER = "transactionBuilder"
@@ -201,22 +204,32 @@ class WebViewPaymentActivity : AppCompatActivity() {
             settings.domStorageEnabled = true
             settings.useWideViewPort = true
             webViewClient = object : WebViewClient() {
-              override fun shouldOverrideUrlLoading(view: WebView, clickUrl: String): Boolean {
-                when {
-                  clickUrl.contains(SUCCESS_SCHEMA) -> {
-                    finishActivity(Bundle().apply {
-                      putInt(AppcoinsBillingBinder.RESPONSE_CODE, AppcoinsBillingBinder.RESULT_OK)
-                    })
-                    return true
+              override fun shouldOverrideUrlLoading(view: WebView?, url: String?): Boolean {
+                if (url.isNullOrEmpty()) return false
+                return if (shouldAllowExternalApps) {
+                  if (url.startsWith("http://") || url.startsWith("https://")) {
+                    false
+                  } else {
+                    try {
+                      val intent = Intent(Intent.ACTION_VIEW, parse(url))
+                      view?.context?.startActivity(intent)
+                      true
+                    } catch (e: ActivityNotFoundException) {
+                      true
+                    }
                   }
+                } else {
+                  return false
                 }
-                return false
               }
             }
 
             addJavascriptInterface(
               WebViewPaymentInterface(
                 intercomCallback = { showSupport() },
+                allowExternalAppsCallback = {
+                  shouldAllowExternalApps = it
+                },
                 onPurchaseResultCallback = { webResult ->
                   sendPaymentSuccessEvent(
                     webResult?.uid ?: "",

diff --git a/app/src/main/java/com/asfoundation/wallet/ui/webview_payment/WebViewPaymentInterface.kt b/app/src/main/java/com/asfoundation/wallet/ui/webview_payment/WebViewPaymentInterface.kt
@@ -1,24 +1,28 @@
 package com.asfoundation.wallet.ui.webview_payment
 
-import android.content.Context
 import android.webkit.JavascriptInterface
-import android.widget.Toast
 import com.asfoundation.wallet.ui.webview_payment.models.WebViewPaymentErrorResponse
 import com.asfoundation.wallet.ui.webview_payment.models.WebViewPaymentResponse
 import com.google.gson.Gson
 
 
 class WebViewPaymentInterface(
   private val intercomCallback: () -> Unit,
+  private val allowExternalAppsCallback: (allow: Boolean) -> Unit,
   private val onPurchaseResultCallback: (WebViewPaymentResponse?) -> Unit,
-  private val onErrorCallback: (WebViewPaymentErrorResponse?) -> Unit
-  ) {
+  private val onErrorCallback: (WebViewPaymentErrorResponse?) -> Unit,
+) {
 
   @JavascriptInterface
   fun openIntercom() {
     intercomCallback()
   }
 
+  @JavascriptInterface
+  fun allowExternalApps(allow: Boolean) {
+    allowExternalAppsCallback(allow)
+  }
+
   @JavascriptInterface
   fun onPurchaseResult(result: String?) {
     onPurchaseResultCallback(parsePurchaseResult(result))

diff --git a/...ava/com/asfoundation/wallet/ui/webview_payment/usecases/CreateWebViewPaymentOspUseCase.kt b/...ava/com/asfoundation/wallet/ui/webview_payment/usecases/CreateWebViewPaymentOspUseCase.kt
@@ -57,12 +57,12 @@ class CreateWebViewPaymentOspUseCase @Inject constructor(
             "&payment_channel=wallet_app" +
             "&token=${ewt}" +
             "&origin=BDS" +
-            "&product=${transaction.skuId}" +
-            "&domain=${transaction.domain}" +
-            "&type=${transaction.type}" +
+            "&product=${transaction.skuId ?: ""}" +
+            "&domain=${transaction.domain ?: ""}" +
+            "&type=${transaction.type ?: ""}" +
             "&oem_id=${oemId ?: ""}" +
             "&reference=${transaction.orderReference ?: ""}" +
-            "&promo_code=${promoCode.code}" +
+            "&promo_code=${promoCode.code ?: ""}" +
             "&user_props=${analytics.getIndicativeSuperProperties().convertToBase64Url()}"
       }
   }

diff --git a/...ava/com/asfoundation/wallet/ui/webview_payment/usecases/CreateWebViewPaymentSdkUseCase.kt b/...ava/com/asfoundation/wallet/ui/webview_payment/usecases/CreateWebViewPaymentSdkUseCase.kt
@@ -9,7 +9,6 @@ import com.appcoins.wallet.core.utils.properties.HostProperties
 import com.appcoins.wallet.core.walletservices.WalletService
 import com.appcoins.wallet.feature.promocode.data.use_cases.GetCurrentPromoCodeUseCase
 import com.appcoins.wallet.feature.walletInfo.data.wallet.usecases.GetCountryCodeUseCase
-import com.asf.wallet.BuildConfig
 import com.asfoundation.wallet.entity.TransactionBuilder
 import com.asfoundation.wallet.ui.iab.InAppPurchaseInteractor
 import com.asfoundation.wallet.util.tuples.Quintuple
@@ -56,9 +55,9 @@ class CreateWebViewPaymentSdkUseCase @Inject constructor(
             "&payment_channel=wallet_app" +
             "&token=${ewt}" +
             "&origin=BDS" +
-            "&product=${transaction.skuId}" +
-            "&domain=${transaction.domain}" +
-            "&type=${transaction.type}" +
+            "&product=${transaction.skuId ?: ""}" +
+            "&domain=${transaction.domain ?: ""}" +
+            "&type=${transaction.type ?: ""}" +
             "&oem_id=${oemId ?: ""}" +
             "&reference=${
               (transaction.orderReference ?: "").convertToBase64Url()