added support for external urls

Namitjain07 · Namitjain07 · commit 160a55de6d6c · 2025-11-20T21:45:48.000+05:30
diff --git a/DEEP_LINKING_GUIDE.md b/DEEP_LINKING_GUIDE.md
@@ -0,0 +1,106 @@
+# Deep Linking & External URL Support
+
+## Overview
+The PrivacyFirst app now supports opening external URLs from other apps, browsers, and links. When you click a link anywhere in the system, you'll see an option to "Open with PrivacyFirst".
+
+## Features Added
+
+### 1. Intent Filters
+- **HTTP/HTTPS URLs**: The app can now handle all http:// and https:// links
+- **Custom Deep Links**: Support for custom `privacyfirst://open` URLs
+- **Launch Mode**: Set to `singleTask` to prevent multiple instances
+
+### 2. URL Handling
+When a user clicks a link from:
+- A web browser
+- Email client
+- Messaging app
+- Any other app
+
+The system will show "Open with PrivacyFirst" as an option.
+
+## How It Works
+
+### Android Manifest Changes
+Added intent filters to `MainActivity`:
+```xml
+<!-- Deep link support for http/https URLs -->
+<intent-filter android:autoVerify="true">
+    <action android:name="android.intent.action.VIEW" />
+    <category android:name="android.intent.category.DEFAULT" />
+    <category android:name="android.intent.category.BROWSABLE" />
+    <data android:scheme="http" />
+    <data android:scheme="https" />
+</intent-filter>
+
+<!-- Custom app deep links -->
+<intent-filter>
+    <action android:name="android.intent.action.VIEW" />
+    <category android:name="android.intent.category.DEFAULT" />
+    <category android:name="android.intent.category.BROWSABLE" />
+    <data android:scheme="privacyfirst" android:host="open" />
+</intent-filter>
+```
+
+### MainActivity Updates
+- Extracts URLs from incoming `ACTION_VIEW` intents
+- Passes URL to the navigation system via `pendingUrlState`
+- Handles both fresh app launches and already-running app scenarios via `onNewIntent()`
+
+### Navigation Updates
+- `AppNavigation` accepts optional `pendingUrlState` parameter
+- Passes the pending URL to `WebViewScreen`
+
+### WebViewScreen Updates
+- Accepts optional `externalUrl` parameter
+- Loads external URL if provided, otherwise loads default HTML page
+- Maintains all existing security features (whitelist checking, SSL verification, etc.)
+
+## Usage Examples
+
+### From Other Apps
+1. Click any web link in an email, message, or document
+2. Select "Open with PrivacyFirst" from the dialog
+3. The URL opens in PrivacyFirst's secure WebView
+
+### Custom Deep Links
+Create a deep link in your content:
+```html
+<a href="privacyfirst://open?url=https://example.com">Open in PrivacyFirst</a>
+```
+
+### Testing
+You can test deep linking using ADB:
+```bash
+# Test HTTP link
+adb shell am start -a android.intent.action.VIEW -d "https://www.example.com" com.secure.privacyfirst
+
+# Test custom deep link
+adb shell am start -a android.intent.action.VIEW -d "privacyfirst://open" com.secure.privacyfirst
+```
+
+## Security Considerations
+
+### Whitelist Protection
+- External URLs still respect the whitelist settings
+- Non-whitelisted domains show a warning dialog
+- Users must explicitly approve non-whitelisted URLs
+
+### Security Levels
+- **HIGH**: Screenshots blocked, downloads disabled
+- **MEDIUM**: HTTPS enforced, SSL strictly verified
+- **LOW**: HTTP allowed, more permissive SSL handling
+
+### SSL Verification
+All external URLs go through the same SSL verification process as internally navigated URLs.
+
+## User Experience
+
+1. **First Launch**: User clicks link → System shows "Open with" dialog → User selects PrivacyFirst
+2. **App Running**: URL loads immediately in existing WebView
+3. **Non-whitelisted URLs**: Warning dialog appears, user can approve or cancel
+
+## Notes
+- The app uses `singleTask` launch mode to prevent duplicate instances
+- Existing navigation and authentication flows are preserved
+- External URLs clear when user navigates away or closes the app
diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
@@ -29,12 +29,30 @@
         <activity
             android:name=".MainActivity"
             android:exported="true"
+            android:launchMode="singleTask"
             android:configChanges="orientation|screenSize"
             android:theme="@style/Theme.PrivacyFirst">
             <intent-filter>
                 <action android:name="android.intent.action.MAIN" />
                 <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
+            
+            <!-- Deep link support for http/https URLs -->
+            <intent-filter android:autoVerify="true">
+                <action android:name="android.intent.action.VIEW" />
+                <category android:name="android.intent.category.DEFAULT" />
+                <category android:name="android.intent.category.BROWSABLE" />
+                <data android:scheme="http" />
+                <data android:scheme="https" />
+            </intent-filter>
+            
+            <!-- Custom app deep links -->
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
+                <category android:name="android.intent.category.DEFAULT" />
+                <category android:name="android.intent.category.BROWSABLE" />
+                <data android:scheme="privacyfirst" android:host="open" />
+            </intent-filter>
         </activity>
         
         <activity
diff --git a/app/src/main/java/com/secure/privacyfirst/MainActivity.kt b/app/src/main/java/com/secure/privacyfirst/MainActivity.kt
@@ -1,6 +1,9 @@
 package com.secure.privacyfirst
 
+import android.content.Intent
+import android.net.Uri
 import android.os.Bundle
+import android.util.Log
 import android.webkit.WebView
 import androidx.appcompat.app.AppCompatActivity
 import androidx.activity.OnBackPressedCallback
@@ -9,6 +12,7 @@ import androidx.activity.enableEdgeToEdge
 import androidx.compose.foundation.layout.fillMaxSize
 import androidx.compose.material3.MaterialTheme
 import androidx.compose.material3.Surface
+import androidx.compose.runtime.mutableStateOf
 import androidx.compose.ui.Modifier
 import androidx.compose.ui.graphics.Color
 import androidx.compose.ui.graphics.toArgb
@@ -20,8 +24,13 @@ import com.secure.privacyfirst.auth.AuthStateManager
 import com.secure.privacyfirst.navigation.AppNavigation
 import com.secure.privacyfirst.ui.theme.PrivacyFirstTheme
 
+private const val TAG = "MainActivity"
+
 class MainActivity : AppCompatActivity() {
     
+    // Mutable state to hold the incoming URL from external sources
+    private val pendingUrl = mutableStateOf<String?>(null)
+    
     private val appLifecycleObserver = object : DefaultLifecycleObserver {
         override fun onStop(owner: LifecycleOwner) {
             super.onStop(owner)
@@ -42,6 +51,9 @@ class MainActivity : AppCompatActivity() {
         // Enable WebView debugging
         WebView.setWebContentsDebuggingEnabled(true)
         
+        // Handle incoming intent URL
+        handleIncomingIntent(intent)
+        
         enableEdgeToEdge()
         
         // Edge-to-edge automatically handles system bar colors
@@ -68,7 +80,27 @@ class MainActivity : AppCompatActivity() {
                     modifier = Modifier.fillMaxSize(),
                     color = MaterialTheme.colorScheme.background
                 ) {
-                    AppNavigation()
+                    AppNavigation(pendingUrlState = pendingUrl)
+                }
+            }
+        }
+    }
+    
+    override fun onNewIntent(intent: Intent) {
+        super.onNewIntent(intent)
+        // Handle new intents when app is already running
+        handleIncomingIntent(intent)
+    }
+    
+    private fun handleIncomingIntent(intent: Intent?) {
+        intent?.let {
+            when (it.action) {
+                Intent.ACTION_VIEW -> {
+                    val url = it.data?.toString()
+                    if (!url.isNullOrEmpty()) {
+                        Log.d(TAG, "Received external URL: $url")
+                        pendingUrl.value = url
+                    }
                 }
             }
         }
diff --git a/app/src/main/java/com/secure/privacyfirst/navigation/AppNavigation.kt b/app/src/main/java/com/secure/privacyfirst/navigation/AppNavigation.kt
@@ -2,6 +2,7 @@ package com.secure.privacyfirst.navigation
 
 import androidx.compose.runtime.Composable
 import androidx.compose.runtime.LaunchedEffect
+import androidx.compose.runtime.MutableState
 import androidx.compose.runtime.collectAsState
 import androidx.compose.runtime.getValue
 import androidx.compose.ui.platform.LocalContext
@@ -19,7 +20,7 @@ import com.secure.privacyfirst.ui.screens.PasswordManagerScreen
 import com.secure.privacyfirst.ui.screens.SetupPinScreen
 
 @Composable
-fun AppNavigation() {
+fun AppNavigation(pendingUrlState: MutableState<String?>? = null) {
     val navController = rememberNavController()
     val context = LocalContext.current
     val database = AppDatabase.getDatabase(context)
@@ -91,7 +92,7 @@ fun AppNavigation() {
         }
         
         composable(Screen.WebView.route) {
-            WebViewScreen()
+            WebViewScreen(externalUrl = pendingUrlState?.value)
         }
 
         composable(Screen.Auth.route) {
diff --git a/app/src/main/java/com/secure/privacyfirst/ui/screens/WebViewScreen.kt b/app/src/main/java/com/secure/privacyfirst/ui/screens/WebViewScreen.kt
@@ -56,9 +56,10 @@ import kotlinx.coroutines.launch
 private const val TAG = "WebViewScreen"
 private const val CAMERA_PERMISSION_REQUEST_CODE = 100
 private const val MIC_PERMISSION_REQUEST_CODE = 101
+private const val DEFAULT_URL = "file:///android_asset/index.html"
 
 @Composable
-fun WebViewScreen() {
+fun WebViewScreen(externalUrl: String? = null) {
     val context = LocalContext.current
     val scope = rememberCoroutineScope()
     val preferencesManager = remember { UserPreferencesManager(context) }
@@ -72,12 +73,16 @@ fun WebViewScreen() {
     var whitelistUrls by remember { mutableStateOf<List<String>>(emptyList()) }
     var isLoadingWhitelist by remember { mutableStateOf(true) }
     
+    // External URL state
+    var urlToLoad by remember { mutableStateOf(externalUrl) }
+    var initialUrlLoaded by remember { mutableStateOf(false) }
+    
     // Warning dialog states
     var showCameraWarning by remember { mutableStateOf(false) }
     var showMicWarning by remember { mutableStateOf(false) }
     var showExternalAppWarning by remember { mutableStateOf(false) }
     var showExitDialog by remember { mutableStateOf(false) }
-    var externalUrl by remember { mutableStateOf("") }
+    var externalUrlDialog by remember { mutableStateOf("") }
     var pendingPermissionRequest by remember { mutableStateOf<PermissionRequest?>(null) }
     
     // Fetch whitelist on start
@@ -358,7 +363,7 @@ fun WebViewScreen() {
                             
                             if (!isAllowed) {
                                 // Show external app warning instead of blocking directly
-                                externalUrl = url
+                                externalUrlDialog = url
                                 showExternalAppWarning = true
                                 Log.w(TAG, "Non-whitelisted domain attempted: $host")
                                 return true
@@ -519,29 +524,44 @@ fun WebViewScreen() {
                         }
                     }
                     
-                    // Load custom HTML from assets with user's name
+                    // Load initial URL (external or default)
                     try {
-                        val htmlContent = context.assets.open("index.html").bufferedReader().use { it.readText() }
-                        val displayName = if (userName.isNotBlank()) userName else "User"
-                        Log.d(TAG, "Loading HTML with userName: '$displayName'")
-                        val personalizedHtml = htmlContent.replace("Welcome, Nimit", "Welcome, $displayName")
-                        loadDataWithBaseURL(
-                            "file:///android_asset/",
-                            personalizedHtml,
-                            "text/html",
-                            "UTF-8",
-                            null
-                        )
+                        val initialUrl = urlToLoad ?: DEFAULT_URL
+                        if (initialUrl.startsWith("http://") || initialUrl.startsWith("https://")) {
+                            // Load external URL
+                            Log.d(TAG, "Loading external URL: $initialUrl")
+                            loadUrl(initialUrl)
+                        } else {
+                            // Load custom HTML from assets with user's name
+                            val htmlContent = context.assets.open("index.html").bufferedReader().use { it.readText() }
+                            val displayName = if (userName.isNotBlank()) userName else "User"
+                            Log.d(TAG, "Loading HTML with userName: '$displayName'")
+                            val personalizedHtml = htmlContent.replace("Welcome, Nimit", "Welcome, $displayName")
+                            loadDataWithBaseURL(
+                                "file:///android_asset/",
+                                personalizedHtml,
+                                "text/html",
+                                "UTF-8",
+                                null
+                            )
+                        }
                     } catch (e: Exception) {
-                        Log.e(TAG, "Error loading HTML: ${e.message}", e)
-                        loadUrl("file:///android_asset/index.html")
+                        Log.e(TAG, "Error loading content: ${e.message}", e)
+                        loadUrl(DEFAULT_URL)
                     }
                 }.also { webView = it }
             },
             update = { view ->
                 webView = view
-                // Reload with updated userName when it changes
-                if (userName.isNotBlank()) {
+                
+                // Handle external URL when it changes
+                if (!initialUrlLoaded && urlToLoad != null && 
+                    (urlToLoad!!.startsWith("http://") || urlToLoad!!.startsWith("https://"))) {
+                    Log.d(TAG, "Loading external URL in update: $urlToLoad")
+                    view.loadUrl(urlToLoad!!)
+                    initialUrlLoaded = true
+                } else if (userName.isNotBlank() && urlToLoad == null) {
+                    // Reload with updated userName when it changes (only for default HTML)
                     try {
                         val htmlContent = context.assets.open("index.html").bufferedReader().use { it.readText() }
                         val personalizedHtml = htmlContent.replace("Welcome, Nimit", "Welcome, $userName")
@@ -561,6 +581,13 @@ fun WebViewScreen() {
         )
     }
     
+    // LaunchedEffect to handle external URL changes
+    LaunchedEffect(externalUrl) {
+        if (externalUrl != null && !initialUrlLoaded) {
+            urlToLoad = externalUrl
+        }
+    }
+    
     // Warning Dialogs
     if (showCameraWarning) {
         CameraAccessWarningDialog(
@@ -634,14 +661,14 @@ fun WebViewScreen() {
     
     if (showExternalAppWarning) {
         ExternalAppWarningDialog(
-            url = externalUrl,
+            url = externalUrlDialog,
             onDismiss = { 
                 showExternalAppWarning = false
             },
             onProceed = {
                 showExternalAppWarning = false
                 // User chose to proceed - load the external URL
-                webView?.loadUrl(externalUrl)
+                webView?.loadUrl(externalUrlDialog)
                 Log.w(TAG, "User proceeded to external URL: $externalUrl")
             },
             onCancel = {
