From 98a3f037eb976578c0cf93952297ed3ba9613526 Mon Sep 17 00:00:00 2001
From: Rob Walker <hi@robwalker.co>
Date: Mon, 2 Oct 2023 09:46:19 +0100
Subject: [PATCH] fix: Added `androidTrustedWebActivity` config to opt-in to
 EXTRA_LAUCH_AS_TRUSTED_WEB_ACTIVITY (#908)

* fix: Added `androidTrustedWebActivity` config to opt-in to EXTRA_LAUNCH_AS_TRUSTED_WEB_ACTIVITY

* lint
---
 .changeset/two-rice-collect.md                   |  5 +++++
 README.md                                        |  1 +
 .../main/java/com/rnappauth/RNAppAuthModule.java | 15 +++++++++++----
 index.d.ts                                       |  1 +
 index.js                                         |  2 ++
 index.spec.js                                    | 16 +++++++++++-----
 6 files changed, 31 insertions(+), 9 deletions(-)
 create mode 100644 .changeset/two-rice-collect.md

diff --git a/.changeset/two-rice-collect.md b/.changeset/two-rice-collect.md
new file mode 100644
index 00000000..2568a85c
--- /dev/null
+++ b/.changeset/two-rice-collect.md
@@ -0,0 +1,5 @@
+---
+'react-native-app-auth': minor
+---
+
+Added `androidTrustedWebActivity` config to opt-in to EXTRA_LAUNCH_AS_TRUSTED_WEB_ACTIVITY
diff --git a/README.md b/README.md
index 30cced6c..43d23213 100644
--- a/README.md
+++ b/README.md
@@ -141,6 +141,7 @@ with optional overrides.
 - **iosCustomBrowser** - (`string`) (default: undefined) _IOS_ override the used browser for authorization, used to open an external browser. If no value is provided, the `SFAuthenticationSession` or `SFSafariViewController` are used.
 - **iosPrefersEphemeralSession** - (`boolean`) (default: `false`) _IOS_ indicates whether the session should ask the browser for a private authentication session.
 - **androidAllowCustomBrowsers** - (`string[]`) (default: undefined) _ANDROID_ override the used browser for authorization. If no value is provided, all browsers are allowed.
+- **androidTrustedWebActivity** - (`boolean`) (default: `false`) _ANDROID_ Use [`EXTRA_LAUNCH_AS_TRUSTED_WEB_ACTIVITY`](https://developer.chrome.com/docs/android/trusted-web-activity/) when opening web view.
 - **connectionTimeoutSeconds** - (`number`) configure the request timeout interval in seconds. This must be a positive number. The default values are 60 seconds on iOS and 15 seconds on Android.
 
 #### result
diff --git a/android/src/main/java/com/rnappauth/RNAppAuthModule.java b/android/src/main/java/com/rnappauth/RNAppAuthModule.java
index bf910a68..c14fe538 100644
--- a/android/src/main/java/com/rnappauth/RNAppAuthModule.java
+++ b/android/src/main/java/com/rnappauth/RNAppAuthModule.java
@@ -240,6 +240,7 @@ public void authorize(
             final boolean dangerouslyAllowInsecureHttpRequests,
             final ReadableMap customHeaders,
             final ReadableArray androidAllowCustomBrowsers,
+            final boolean androidTrustedWebActivity,
             final Promise promise
     ) {
         this.parseHeaderMap(customHeaders);
@@ -269,7 +270,8 @@ public void authorize(
                         redirectUrl,
                         useNonce,
                         usePKCE,
-                        additionalParametersMap
+                        additionalParametersMap,
+                        androidTrustedWebActivity
                 );
             } catch (ActivityNotFoundException e) {
                 promise.reject("browser_not_found", e.getMessage());
@@ -300,7 +302,8 @@ public void onFetchConfigurationCompleted(
                                         redirectUrl,
                                         useNonce,
                                         usePKCE,
-                                        additionalParametersMap
+                                        additionalParametersMap,
+                                        androidTrustedWebActivity
                                 );
                             } catch (ActivityNotFoundException e) {
                                 promise.reject("browser_not_found", e.getMessage());
@@ -642,7 +645,8 @@ private void authorizeWithConfiguration(
             final String redirectUrl,
             final Boolean useNonce,
             final Boolean usePKCE,
-            final Map<String, String> additionalParametersMap
+            final Map<String, String> additionalParametersMap,
+            final Boolean androidTrustedWebActivity
     ) {
 
         String scopesString = null;
@@ -717,7 +721,10 @@ private void authorizeWithConfiguration(
 
             CustomTabsIntent.Builder intentBuilder = authService.createCustomTabsIntentBuilder();
             CustomTabsIntent customTabsIntent = intentBuilder.build();
-            customTabsIntent.intent.putExtra(TrustedWebUtils.EXTRA_LAUNCH_AS_TRUSTED_WEB_ACTIVITY, true);
+
+            if (androidTrustedWebActivity) {
+                customTabsIntent.intent.putExtra(TrustedWebUtils.EXTRA_LAUNCH_AS_TRUSTED_WEB_ACTIVITY, true);
+            }
 
             Intent authIntent = authService.getAuthorizationRequestIntent(authRequest, customTabsIntent);
 
diff --git a/index.d.ts b/index.d.ts
index aaa5c5ee..67e96730 100644
--- a/index.d.ts
+++ b/index.d.ts
@@ -88,6 +88,7 @@ export type AuthConfiguration = BaseAuthConfiguration & {
     | 'samsung'
     | 'samsungCustomTab'
   )[];
+  androidTrustedWebActivity?: boolean;
   iosPrefersEphemeralSession?: boolean;
 };
 
diff --git a/index.js b/index.js
index afe37552..829b6406 100644
--- a/index.js
+++ b/index.js
@@ -209,6 +209,7 @@ export const authorize = ({
   skipCodeExchange = false,
   iosCustomBrowser = null,
   androidAllowCustomBrowsers = null,
+  androidTrustedWebActivity = false,
   connectionTimeoutSeconds,
   iosPrefersEphemeralSession = false,
 }) => {
@@ -239,6 +240,7 @@ export const authorize = ({
     nativeMethodArguments.push(dangerouslyAllowInsecureHttpRequests);
     nativeMethodArguments.push(customHeaders);
     nativeMethodArguments.push(androidAllowCustomBrowsers);
+    nativeMethodArguments.push(androidTrustedWebActivity);
   }
 
   if (Platform.OS === 'ios') {
diff --git a/index.spec.js b/index.spec.js
index 43973926..071012f5 100644
--- a/index.spec.js
+++ b/index.spec.js
@@ -63,6 +63,7 @@ describe('AppAuth', () => {
     iosCustomBrowser: 'safari',
     iosPrefersEphemeralSession: true,
     androidAllowCustomBrowsers: ['chrome'],
+    androidTrustedWebActivity: false,
   };
 
   const registerConfig = {
@@ -738,7 +739,8 @@ describe('AppAuth', () => {
             config.clientAuthMethod,
             false,
             config.customHeaders,
-            config.androidAllowCustomBrowsers
+            config.androidAllowCustomBrowsers,
+            config.androidTrustedWebActivity
           );
         });
       });
@@ -761,7 +763,8 @@ describe('AppAuth', () => {
             config.clientAuthMethod,
             false,
             config.customHeaders,
-            config.androidAllowCustomBrowsers
+            config.androidAllowCustomBrowsers,
+            config.androidTrustedWebActivity
           );
         });
 
@@ -782,7 +785,8 @@ describe('AppAuth', () => {
             config.clientAuthMethod,
             false,
             config.customHeaders,
-            config.androidAllowCustomBrowsers
+            config.androidAllowCustomBrowsers,
+            config.androidTrustedWebActivity
           );
         });
 
@@ -803,7 +807,8 @@ describe('AppAuth', () => {
             config.clientAuthMethod,
             true,
             config.customHeaders,
-            config.androidAllowCustomBrowsers
+            config.androidAllowCustomBrowsers,
+            config.androidTrustedWebActivity
           );
         });
       });
@@ -833,7 +838,8 @@ describe('AppAuth', () => {
             config.clientAuthMethod,
             false,
             customHeaders,
-            config.androidAllowCustomBrowsers
+            config.androidAllowCustomBrowsers,
+            config.androidTrustedWebActivity
           );
         });
       });