Merge branch 'main' into app_state_argument_addition

auth0 · Mar 5, 2025 · 3cca445 · 3cca445
2 parents 740cc0e + 7068a38
commit 3cca445
Show file tree

Hide file tree

Showing 9 changed files with 48 additions and 32 deletions.
diff --git a/.github/workflows/publish-af.yml b/.github/workflows/publish-af.yml
@@ -13,23 +13,23 @@ env:
   flutter: '3.x'
 
 jobs:
-#  rl-scanner:
-#    uses: ./.github/workflows/rl-scanner.yml
-#    with:
-#      flutter: '3.x'
-#      artifact-name: 'auth0-flutter-af.zip'
-#    secrets:
-#      RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
-#      RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
-#      SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
-#      PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
-#      PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
-#      PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
+  rl-scanner:
+    uses: ./.github/workflows/rl-scanner.yml
+    with:
+      flutter: '3.x'
+      artifact-name: 'auth0-flutter-af.zip'
+    secrets:
+      RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
+      RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
+      SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
+      PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
+      PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
+      PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
 
   publish:
     name: Publish auth0_flutter to pub.dev
     environment: ${{ github.event.pull_request.head.repo.fork && 'external' || 'internal' }}
-#    needs: rl-scanner
+    needs: rl-scanner
     runs-on: ubuntu-latest
 
     permissions:

diff --git a/.github/workflows/publish-afpi.yml b/.github/workflows/publish-afpi.yml
@@ -13,23 +13,23 @@ env:
   flutter: '3.x'
 
 jobs:
-#  rl-scanner:
-#    uses: ./.github/workflows/rl-scanner.yml
-#    with:
-#      flutter: '3.x'
-#      artifact-name: 'auth0-flutter-afpi.zip'
-#    secrets:
-#      RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
-#      RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
-#      SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
-#      PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
-#      PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
-#      PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
+  rl-scanner:
+    uses: ./.github/workflows/rl-scanner.yml
+    with:
+      flutter: '3.x'
+      artifact-name: 'auth0-flutter-afpi.zip'
+    secrets:
+      RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
+      RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
+      SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
+      PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
+      PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
+      PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
 
   publish:
     name: Publish auth0_flutter_platform_interface to pub.dev
     environment: ${{ github.event.pull_request.head.repo.fork && 'external' || 'internal' }}
-#    needs: rl-scanner
+    needs: rl-scanner
     runs-on: ubuntu-latest
 
     permissions:

diff --git a/auth0_flutter/.shiprc b/auth0_flutter/.shiprc
@@ -15,7 +15,7 @@
       "= '{MAJOR}.{MINOR}.{PATCH}'"
     ]
   },
-  "prebump": "flutter analyze && dart pub upgrade auth0_flutter_platform_interface --tighten",
+  "prebump": "flutter analyze --no-fatal-infos --no-fatal-warnings && dart pub upgrade auth0_flutter_platform_interface --tighten",
   "prFilters": [
     {
       "type": "title",

diff --git a/auth0_flutter/EXAMPLES.md b/auth0_flutter/EXAMPLES.md
@@ -365,6 +365,8 @@ try {
 
 ### Android: Custom schemes
 
+> Whenever possible, Auth0 recommends using [Android App Links](https://auth0.com/docs/applications/enable-android-app-links) as a secure way to link directly to content within your app. Custom URL schemes can be subject to [client impersonation attacks](https://datatracker.ietf.org/doc/html/rfc8252#section-8.6).
+
 On Android, `https` is used by default as the callback URL scheme. This works best for Android API 23+ if you're using [Android App Links](https://auth0.com/docs/get-started/applications/enable-android-app-links-support), but in previous Android versions, this may show the intent chooser dialog prompting the user to choose either your app or the browser. You can change this behavior by using a custom unique scheme so that Android opens the link directly with your app.
 
 1. Update the `auth0Scheme` manifest placeholder on the `android/build.gradle` file.

diff --git a/auth0_flutter/README.md b/auth0_flutter/README.md
@@ -196,6 +196,8 @@ Re-declare the activity manually using `tools:node="remove"` in the `android/src
 > read more about setting this value in the [Auth0.Android SDK
 > README](https://github.com/auth0/Auth0.Android#a-note-about-app-deep-linking).
 
+> Whenever possible, Auth0 recommends using [Android App Links](https://auth0.com/docs/applications/enable-android-app-links) as a secure way to link directly to content within your app. Custom URL schemes can be subject to [client impersonation attacks](https://datatracker.ietf.org/doc/html/rfc8252#section-8.6).
+
 > 💡 If your Android app is using [product flavors](https://developer.android.com/studio/build/build-variants#product-flavors), you might need to specify different manifest placeholders for each flavor.
 
 ##### iOS/macOS: Configure the associated domain

diff --git a/auth0_flutter/test/web/auth0_extension_type_mocks.dart b/auth0_flutter/test/web/auth0_extension_type_mocks.dart
@@ -9,11 +9,12 @@ import 'dart:js_interop';
 
 @JSExport()
 class Auth0ClientImpl {
-  Future<void> handleRedirectCallback([final String? url]) => throw '';
+  Future<void> handleRedirectCallback([final String? url]) =>
+      throw Exception('');
 }
 
 @JSExport()
 class WebCredentialsImpl {
-  String access_token = throw '';
+  @JSExport('access_token')
+  String accessToken = throw Exception('');
 }
-
diff --git a/auth0_flutter/test/web/extensions/credentials_extension_test.dart b/auth0_flutter/test/web/extensions/credentials_extension_test.dart
@@ -18,7 +18,8 @@ void main() {
       const expiresIn = 8400;
       const expectedTokenType = 'Bearer';
       final webCredentials = WebCredentials(
-          access_token: accessToken, id_token: idToken, expires_in: expiresIn.toJS);
+          access_token: accessToken, id_token: idToken,
+          expires_in: expiresIn.toJS);
       final result = CredentialsExtension.fromWeb(webCredentials);
 
       expect(result.accessToken, accessToken);

diff --git a/auth0_flutter_platform_interface/CHANGELOG.md b/auth0_flutter_platform_interface/CHANGELOG.md
@@ -1,5 +1,15 @@
 # Change Log
 
+## [afpi-v1.9.0](https://github.com/auth0/auth0-flutter/tree/afpi-v1.9.0) (2025-03-05)
+[Full Changelog](https://github.com/auth0/auth0-flutter/compare/afpi-v1.8.0...afpi-v1.9.0)
+
+**Added**
+- Added support for WASM compilation [\#516](https://github.com/auth0/auth0-flutter/pull/516) ([pmathew92](https://github.com/pmathew92))
+
+**Updated**
+- Updated Flutter version to 3.24.0 ([pmathew92](https://github.com/pmathew92))
+- Updated Dart sdk version to 3.5.0 ([pmathew92](https://github.com/pmathew92))
+
 ## [afpi-v1.8.0](https://github.com/auth0/auth0-flutter/tree/afpi-v1.8.0) (2025-02-10)
 [Full Changelog](https://github.com/auth0/auth0-flutter/compare/afpi-v1.7.0...afpi-v1.8.0)
 

diff --git a/auth0_flutter_platform_interface/pubspec.yaml b/auth0_flutter_platform_interface/pubspec.yaml
@@ -1,6 +1,6 @@
 name: auth0_flutter_platform_interface
 description: A common platform interface for the auth0_flutter federated plugin.
-version: 1.8.0
+version: 1.9.0
 
 homepage: https://github.com/auth0/auth0-flutter