Skip to content

Better error handling and retry mechanism for integrity token provider #3214

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
shubham1g5 merged 3 commits into from
Jun 25, 2025
Merged

Better error handling and retry mechanism for integrity token provider #3214

shubham1g5 merged 3 commits into from
Jun 25, 2025

Conversation

@shubham1g5
Copy link
Contributor

@shubham1g5 shubham1g5 commented Jun 24, 2025

Product Description/

https://dimagi.atlassian.net/browse/CI-115

Technical Summary

Noticing a few Firebase logs that implies that the integrity token provider is getting stale and we need to re-prepare in response for this error

Failure Logs:

 Non-fatal Exception: com.google.android.play.core.integrity.StandardIntegrityException: -19: Standard Integrity API error (-19): The StandardIntegrityTokenProvider is invalid (e.g. it is outdated).
Request a new integrity token provider by calling StandardIntegrityManager#prepareIntegrityToken. (https://developer.android.com/google/play/integrity/reference/com/google/android/play/core/integrity/model/StandardIntegrityErrorCode.html#INTEGRITY_TOKEN_PROVIDER_INVALID).

There are no details available in Google docs around why and when the token provider goes invalid, searching around the internet it seems like the behavior can vary device to device quite greatly and it's possible for the provider to go invalid in a matter of seconds.

Labels and Review

  • Do we need to enhance the manual QA test coverage ? If yes, the "QA Note" label is set correctly
  • Does the PR introduce any major changes worth communicating ? If yes, the "Release Note" label is set and a "Release Note" is specified in PR description.
  • Risk label is set correctly
  • The set of people pinged as reviewers is appropriate for the level of risk of the change

@shubham1g5 shubham1g5 marked this pull request as ready for review June 24, 2025 10:44
pm-dimagi
pm-dimagi reviewed Jun 24, 2025
View reviewed changes
Jignesh-dimagi
Jignesh-dimagi reviewed Jun 24, 2025
View reviewed changes
app/src/org/commcare/android/integrity/IntegrityTokenViewModel.kt Outdated
callback: IntegrityTokenCallback,
hasRetried: Boolean
) {
if (exception is StandardIntegrityException && exception.errorCode == -19 && !hasRetried) {
Copy link
Contributor

@Jignesh-dimagi Jignesh-dimagi Jun 24, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@shubham1g5 Google doc says same retry for error code =-18 also, not sure if we want to handle that case too.

Also, if we can compare like exception.errorCode ==INTEGRITY_TOKEN_PROVIDER_INVALID

Copy link
Contributor Author

@shubham1g5 shubham1g5 Jun 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks, this prompted me to handle other common error codes as well and provide more dintinctive error messages, please have a look again.

pm-dimagi
pm-dimagi reviewed Jun 24, 2025
View reviewed changes
app/src/org/commcare/android/integrity/IntegrityTokenViewModel.kt Outdated
callback: IntegrityTokenCallback,
hasRetried: Boolean
) {
if (exception is StandardIntegrityException && exception.errorCode == -19 && !hasRetried) {
Copy link
Contributor

@pm-dimagi pm-dimagi Jun 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just for my reference want to know from where -19 is coming is there any doc related to this

Copy link
Contributor Author

@shubham1g5 shubham1g5 Jun 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

look at the failure logs attached in the PR description

@Jignesh-dimagi
Copy link
Contributor

Jignesh-dimagi commented Jun 25, 2025

@shubham1g5 Changes looks good to me. Just small thing if we can put some logger here also

@shubham1g5
Copy link
Contributor Author

shubham1g5 commented Jun 25, 2025

@Jignesh-dimagi good catch, added here

@shubham1g5 shubham1g5 merged commit 9e4821a into june_beta_hotfix Jun 25, 2025
1 check passed
@shubham1g5 shubham1g5 deleted the tokenProviderFix branch June 25, 2025 09:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Jignesh-dimagi Jignesh-dimagi Jignesh-dimagi approved these changes

@OrangeAndGreen OrangeAndGreen Awaiting requested review from OrangeAndGreen

@pm-dimagi pm-dimagi Awaiting requested review from pm-dimagi

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@shubham1g5 @Jignesh-dimagi @pm-dimagi