Skip to content

refactor: Address post-V4-merge review comments and add missing tests#1017

Merged
pmathew92 merged 2 commits into
mainfrom
merge_fixes
Jul 10, 2026
Merged

refactor: Address post-V4-merge review comments and add missing tests#1017
pmathew92 merged 2 commits into
mainfrom
merge_fixes

Conversation

@pmathew92

@pmathew92 pmathew92 commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Summary

Follow-up cleanup after merging v4_development into main (#1011), addressing CodeRabbit review comments that were worth acting on.

  • CustomTabsController: dispatch AuthTabIntent.launch(...) on the main thread via threadSwitcher.mainThread(...), matching the existing failure-callback dispatch pattern (ActivityResultLauncher.launch() must run on the main thread).
  • SecureCredentialsManagerTest: remove the redundant org.mockito.Mockito.verify static import that clashed with org.mockito.kotlin.verify, resolving overload-resolution ambiguity across all verify(...) call sites. Added tests for clearAll() DPoP key-pair deletion (including the deletion-failure path), executor lifecycle cleanup in tearDown(), and a crypto-exception stub case.
  • SSOCredentialsDeserializerTest: added error-path tests (non-object JSON, empty object, missing expires_in).
  • README: corrected the minimum supported Android API level to 26 (v4 baseline).
  • MyAccountAPIClient: documented the required scope in KDoc.
  • Minor housekeeping: dropped the stale v4_development trigger from test.yml, ignored plans/ and docs/.

Test plan

  • ./gradlew :auth0:compileDebugUnitTestKotlin — BUILD SUCCESSFUL
  • ./gradlew :auth0:testDebugUnitTest — full unit suite green

Summary by CodeRabbit

  • Bug Fixes

    • Improved Auth Tab launches by ensuring they run on the main thread, increasing reliability.
    • Strengthened secure credential handling during cleanup and refresh failure scenarios.
    • Improved validation and error reporting for malformed SSO credential responses.
  • Documentation

    • Updated Android requirements to API level 26+ with Java 17+.
    • Added guidance for applications using a minimum SDK below API 26.
    • Documented the required scope for retrieving authentication methods.

@pmathew92 pmathew92 requested a review from a team as a code owner July 10, 2026 06:02
@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown

Review Change Stack

Important

Review skipped

Review was skipped as selected files did not have any reviewable changes.

💤 Files selected but had no reviewable changes (1)
  • .github/workflows/rl-scanner.yml
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: f9021535-89bb-41eb-8be3-38fdfbfea466

📥 Commits

Reviewing files that changed from the base of the PR and between 85d4d17 and 0b27270.

📒 Files selected for processing (1)
  • .github/workflows/rl-scanner.yml

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

The PR updates repository configuration and Android compatibility documentation, dispatches Auth Tab launches on the main thread, and strengthens credential-manager concurrency, cleanup, encryption-failure, and SSO deserialization tests.

Changes

SDK maintenance

Layer / File(s) Summary
Repository and SDK documentation updates
.github/workflows/test.yml, .gitignore, README.md, auth0/src/main/java/com/auth0/android/myaccount/MyAccountAPIClient.kt
Pull request filtering, ignored paths, Android API requirements, Gradle examples, and authentication-method scope documentation are updated.
Main-thread Auth Tab launch
auth0/src/main/java/com/auth0/android/provider/CustomTabsController.java
Auth Tab launching now runs through the main-thread switcher.
Credential manager concurrency and cleanup tests
auth0/src/test/java/com/auth0/android/authentication/storage/SecureCredentialsManagerTest.kt
Tests track executors for teardown and cover DPoP deletion failures and refreshed credential persistence failures.
SSO credential deserialization validation
auth0/src/test/java/com/auth0/android/request/internal/SSOCredentialsDeserializerTest.kt
Negative tests cover non-object JSON, empty objects, and missing expires_in values.

Estimated code review effort: 3 (Moderate) | ~20 minutes

Suggested reviewers: kishore7snehil

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the PR as a post-merge refactor that addresses review comments and adds missing tests.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch merge_fixes

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@pmathew92 pmathew92 merged commit 6d183e8 into main Jul 10, 2026
7 checks passed
@pmathew92 pmathew92 deleted the merge_fixes branch July 10, 2026 06:43
@pmathew92 pmathew92 mentioned this pull request Jul 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants