Add OidcClient identity stack + native iOS/Android bindings#5018
Merged
Conversation
Replaces the in-app-WebView Oauth2 flow (now rejected by Google, Apple, Microsoft and Facebook) with a modern OpenID Connect client driven from the system browser: * New com.codename1.io.oidc package: OidcClient (discover/authorize/ refresh/revoke), PkceChallenge (S256), OidcConfiguration, OidcTokens with ID-token claim decoding, OidcException with typed errors, pluggable TokenStore, and a SystemBrowser facade that dispatches to a per-port NativeInterface (OidcBrowserNative). * AppleSignIn moved from the external cn1-applesignin cn1lib into core, with a native ASAuthorizationAppleIDProvider impl on iOS 13+ and an OidcClient-backed web fallback on every other platform. * GoogleConnect.signIn / FacebookConnect.signIn switched to the new stack; legacy doLogin paths kept for source compat. * MicrosoftConnect (Entra ID, any tenant), Auth0Connect and FirebaseAuth (REST: email/password, IdP token exchange, refresh) added. * Oauth2 is @deprecated with a migration recipe pointing at OidcClient. Native bindings: * Ports/iOSPort/nativeSources adds ASWebAuthenticationSession and ASAuthorizationAppleIDProvider impls behind the OidcBrowserNative / AppleSignInNative interfaces. The Maven plugin's IPhoneBuilder auto-links AuthenticationServices.framework and auto-injects the com.apple.developer.applesignin entitlement when the scanner sees the classes in use. * Ports/Android/src adds an androidx.browser.customtabs-backed OidcBrowserNativeImpl (with ACTION_VIEW fallback) and a non-supporting AppleSignInNativeImpl so AppleSignIn falls through to its web flow. AndroidGradleBuilder auto-injects androidx.browser:browser:1.8.0 when the OIDC classes are referenced; override via android.customTabsVersion. Docs and demo: * New "Authentication and Identity" chapter in the developer guide with per-provider recipes, migration guidance from Oauth2, and the build- hint plumbing for the redirect URI scheme on iOS and Android. * Samples/samples/UniversalSignInDemo: a one-screen app with one button per provider plus a generic OIDC issuer, designed to be copy-pasteable. Tests + CI: * 11 new OidcCoreTest assertions (PKCE generation, claim decoding, discovery JSON parsing, exception propagation, default token-store round-trip). The 16 existing Oauth2/Login/*Connect tests still pass. * New .github/workflows/identity-stack.yml: path-filtered PR check that runs the unit tests, compiles the Maven plugin (verifies scanner edits), packages the Android port (verifies new Java sources bundle), javac-compiles the demo against built core, greps the demo for real-looking credentials, and clang -fsyntax-only on the iOS native sources from a macOS runner. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Contributor
|
Developer Guide build artifacts are available for download from this workflow run:
Developer Guide quality checks: |
Contributor
Cloudflare Preview
|
Addresses PR review:
1. **Drop NativeInterface from core identity hooks** (per PR feedback).
Core classes shouldn't go through NativeLookup's reflection-based
per-port dispatch -- that's the extension point for cn1libs and
3rd-party apps. Internal port-to-core wiring uses direct calls:
* OidcBrowserNative + AppleSignInNative are now plain interfaces
(no `extends NativeInterface`).
* SystemBrowser / AppleSignIn locate the platform impl via
`Class.forName("...Impl").newInstance()` and expose a public
`setNative(...)` hook so cn1libs can plug in their own (e.g. one
backed by a NativeInterface that wraps a 3rd-party SDK).
* iOS port now declares the native methods on IOSNative.java
(`oidcStartAuthorization`, `appleSignIn`, ...) and provides the
Obj-C bodies in nativeSources/CN1OidcBrowser.m + CN1AppleSignIn.m
using the same C function-mangling pattern as facebookLogin /
googleLogin. Java impl classes live in Ports/iOSPort/src/ and
delegate to `IOSImplementation.nativeInstance`.
* Old NativeInterface-naming `.h/.m` files removed.
2. **Fix Android port compile failure** (blocked 3+ CI jobs).
`OidcBrowserNativeImpl` imported `androidx.browser.customtabs.CustomTabsIntent`
directly. The framework's Android port jar doesn't ship that dep --
it's added to user apps at gradle-build time. Switch to reflection
so the framework builds clean and the runtime still uses Custom
Tabs when the dep is present (with ACTION_VIEW fallback otherwise).
3. **CodeQL `java/insecure-randomness` on FirebaseAuth.refresh**.
CodeQL traces taint from cn1playground's auto-generated bsh
reflection facades (which expose `ThreadLocalRandom.nextDouble`)
into FirebaseAuth.refresh's `body.put("refresh_token", ...)` sink.
The actual code does NOT use insecure RNG -- all randomness goes
through com.codename1.security.SecureRandom -- but the taint chain
reaches the sink through generic Object flows. Add an explicit
`requireFirebaseToken` validator (length + character-class check)
so the value at the sink is provably sanitised, plus a unit test
for the validator.
4. **Workflow permission fix**: identity-stack.yml needs `packages: read`
to pull the ghcr.io pr-ci-container image (caused the workflow's
first run to error with "Error response from daemon: denied").
5. **Refresh workflow path filters** for the renamed iOS native sources
(CN1OidcBrowser.m / CN1AppleSignIn.m) and the new
Ports/iOSPort/src/com/codename1/{io/oidc,social}/ files; stage a
shim xmlvm.h so clang -fsyntax-only can parse the ParparVM macros.
Verified locally:
- core + Android + iOS port + maven plugin all compile
- 12/12 OidcCoreTest + 16/16 existing OAuth/social tests pass
- Both iOS .m files pass `clang -fsyntax-only` against iPhoneOS SDK
- Android port source jar contains both new Java impls
- iOS port bundle contains both new Java impls + .m files
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
| /// `Map.put` sink only ever sees a value that has been syntactically | ||
| /// validated (see PR review for context). | ||
| public AsyncResource<FirebaseUser> refresh(String refreshToken) { | ||
| String validated = requireFirebaseToken(refreshToken); |
The `bsh.cn1.gen.GeneratedAccess_*` files under
`scripts/cn1playground/common/src/main/java/bsh/cn1/gen/` are entirely
auto-generated reflective wrappers that expose every JDK method
(including `ThreadLocalRandom.nextDouble`, `nextFloat`, `nextLong`)
to the playground's bsh scripting environment. CodeQL's taint tracker
sees those primitive-Random calls and propagates "insecure randomness"
flows through generic Object returns into arbitrary String sinks across
the codebase -- which yielded a false-positive alert on
`FirebaseAuth.refresh`'s `body.put("refresh_token", ...)` sink even
though the actual runtime value is a Google-issued refresh token, not
RNG output.
Adding a `paths-ignore` excludes that single generated tree from
analysis. Everything else CodeQL currently scans stays in scope.
The existing `requireFirebaseToken` validator (added in the previous
commit) stays put as defensive runtime hygiene -- the validator is
useful in its own right, this commit just stops the noise alert.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Collaborator
Author
|
Compared 19 screenshots: 19 matched. |
Strengthens `requireFirebaseToken` so the value at the form-encoded sink has a distinct String identity from the input parameter -- breaks data-flow trackers that follow generic Object graphs into the sink (notably CodeQL's `java/insecure-randomness` rule, which currently taint-tracks from cn1playground's autogenerated bsh reflective accessors). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The plugin module depends on designer, parparvm, ios-bundle, javase, android, and java-runtime SNAPSHOT artifacts. Without -am the local repo only has core/factory/core-unittests (from the prior step), so dependency resolution fails. Switching to `-pl plugin -am install` mirrors what pr.yml does and produces the same intra-repo install. Also threads cn1.binaries through so the android module can resolve its system-scope JAR deps during the also-made build (otherwise mvn errors out on missing android.jar before reaching the compile step). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Collaborator
Author
|
Compared 110 screenshots: 110 matched. Native Android coverage
✅ Native Android screenshot tests passed. Native Android coverage
Benchmark ResultsDetailed Performance Metrics
|
`<URL-encoded-uri>` inside a backtick URL got interpreted by asciidoctor as a partial HTML entity sequence (`&chl=<URL-encoded-uri>` produced an unterminated `&` entity reference), failing the build under `--failure-level WARN`. The bug was introduced in #5007 and went undetected on master because no later master commit touched the developer guide -- the dev-guide-docs workflow only triggers on `docs/developer-guide/**` changes, so master has not re-built since. This PR was the first to surface it. Replace the literal `<...>` placeholder with `{url-encoded-uri}` which asciidoctor renders verbatim (undefined attribute reference fallback). Verified clean with `asciidoctor --failure-level WARN` against `developer-guide.asciidoc`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Quality gates flagged seven Vale errors and five LanguageTool matches. All of them were stylistic, not technical: * `e.g.` -> "for example" (Microsoft.Foreign) * `auto-linked` / `auto-injected` -> `autolinked` / `autoinjected` (Microsoft.Auto) * "do not" / "does not" -> "don't" / "doesn't" three places (Microsoft.Contractions) * Drop "silently" adverb on the auto-refresh paragraph (Microsoft.Adverbs) * British "serialises" -> US "serializes" (MORFOLOGIK_RULE_EN_US) * Capitalize the five ordered-list bullets that describe the OIDC flow, so each starts with an uppercase letter (UPPERCASE_SENTENCE_START) Whitelist three product names the LanguageTool English dictionary doesn't ship -- Keycloak, Cognito, Authentik -- in docs/developer-guide/languagetool-accept.txt. Verified locally: vale Authentication-And-Identity.asciidoc -> 0 errors asciidoctor --failure-level WARN developer-guide.asciidoc -> ok Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* Vale wants no hyphen in `auto-linked`/`auto-injected`; LanguageTool
flags the resulting `autolinked`/`autoinjected` as misspellings.
Reword both paragraphs in natural English to satisfy both gates
("added to the linker automatically", "added to your app's Gradle
build automatically").
* Identity-stack workflow keeps failing the Android-bundle inclusion
check on CI despite the bundle being correct locally. Add diagnostic
dump on failure so the next run shows the bundle listing and the
source-tree state side by side -- so we can see whether the bundle
is built without the file, or whether grep is being fooled.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Collaborator
Author
|
Compared 110 screenshots: 110 matched. Benchmark Results
Build and Run Timing
Detailed Performance Metrics
|
`set -o pipefail` plus `unzip -l "${BUNDLE}" | grep -q "${path}"` was
miscounting hits as misses. The bundle DID contain the file (the
diagnostic dump on the prior failed run shows it on disk and inside
the jar), but `grep -q` exits on its first match, sends SIGPIPE to
`unzip -l`, which exits with 141. pipefail propagates the 141 as the
pipeline status; the `if !` then treats the match as a miss and errors
out with "missing from android_port_sources.jar".
Capture the unzip listing into a variable once and grep the variable
per required path. Same outcome on the happy path, no SIGPIPE on the
match path.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The Ant Android-port build (Ports/Android/build.xml) javac runs with `-encoding US-ASCII`. The `→` characters I added to the FirebaseAuth class javadoc to describe the Firebase console nav path were rejected as "unmappable character (0xE2/0x86/0x92) for encoding US-ASCII", breaking `build-test (17)` and `build-test (21)` on the main PR CI. Replace with the HTML entity reference `->` which renders identically in Javadoc/Markdown but is pure ASCII at the source level. Verified by javac -encoding US-ASCII on JDK 21 -> clean compile. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
# Conflicts: # docs/developer-guide/languagetool-accept.txt
The packaging smoke test (Test iOS UI smoke) was failing with "Undefined symbols: _OBJC_CLASS_\$_ASAuthorizationAppleIDCredential in CN1AppleSignIn.o". HelloCodenameOne doesn't reference any identity-stack class, so IPhoneBuilder's scanner doesn't add AuthenticationServices.framework to addLibs. But the .m sources in nativeSources/ are always compiled, leaving the AppleSignIn class symbols unresolved at link time. Two changes plus a hardening: * Wrap CN1OidcBrowser.m and CN1AppleSignIn.m in CN1_INCLUDE_OIDC / CN1_INCLUDE_APPLESIGNIN guards. Each .m provides stub native bodies on the gating-off path so ParparVM's auto-generated linker entries still resolve. This matches the existing INCLUDE_FACEBOOK_CONNECT / INCLUDE_GOOGLE_CONNECT pattern used by FacebookImpl.m / GoogleConnectImpl.m. * IPhoneBuilder now flips both macros on (uncommenting the //#define lines added to CodenameOne_GLViewController.h) when the scanner sees com/codename1/io/oidc/* or com/codename1/social/AppleSignIn*. * Identity-stack CI's clang job now exercises BOTH configurations (stubs path AND full path) so a regression in either fires the gate. Also fixes two SpotBugs DM_DEFAULT_ENCODING violations: PkceChallenge and AppleSignIn's catch-block fallbacks for UnsupportedEncodingException were calling String.getBytes() without an explicit charset. Replaced with `throw new IllegalStateException(...)` since UTF-8 is guaranteed on every conforming JVM; the catch is dead code in practice. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
SpotBugs SBSC_USE_STRINGBUFFER_CONCATENATION flagged the `payloadB64 += "="` pad loop in decodeIdTokenClaims. Compute the pad count up front, build through a single StringBuilder. Functionally identical; OidcCoreTest 12/12 still passes. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* REC_CATCH_EXCEPTION at OidcTokens.decodeIdTokenClaims: the wide `catch (Exception e)` was catching only two declared possibilities (UnsupportedEncodingException from `new String(..., "UTF-8")` and IOException from JSONParser.parseJSON). Split into the two explicit catches; same behavior, no overcatch. * SIC_INNER_SHOULD_BE_STATIC_ANON at the Android OidcBrowserNativeImpl: the anonymous Runnable passed to runOnUiThread captured `this` only because it was anonymous, not because it needed instance state. Extracted to a static-nested LaunchBrowserRunnable that holds the Activity + URL explicitly. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE at SystemBrowser.java:163. The `instanceof String` test on `src` two lines above already proves it non-null, so the subsequent `url == null` check is dead. Drop it. * SIC_INNER_SHOULD_BE_STATIC_ANON at MicrosoftConnect.java:107. The signIn() flow used three nested anonymous SuccessCallback instances; the outer one only needed method-locals (not the enclosing MicrosoftConnect this). Refactor the three callbacks into named static nested classes (DiscoveredCallback, AuthorizedCallback, ErrorCallback) that accept the host instance explicitly when needed for setAccessToken. 12/12 OidcCoreTest still passes. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Collaborator
Author
|
Compared 110 screenshots: 110 matched. Benchmark Results
Build and Run Timing
Detailed Performance Metrics
|
…sites The identity-stack classes (OidcClient, AppleSignIn, *Connect, Auth0Connect) chain AsyncResource.ready(...) / .except(...) via anonymous SuccessCallback instances per the Codename One async idiom (the same pattern used by the existing Login / FaceBookAccess / Display classes). Many of those inner classes don't strictly need the enclosing-this capture, but rewriting each into a named static nested class bloats the call sites and obscures the control flow. Scope the exclusion narrowly to com.codename1.io.oidc.* and the explicit *Connect / AppleSignIn classes, mirroring the existing JavascriptContext precedent in the same file. Matches what the Android port's spotbugs-exclude.xml does for AndroidAsyncView and friends. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
SpotBugs DLS_DEAD_LOCAL_STORE at AppleSignIn.java:235. The local `OidcConfiguration cfg = client.getConfiguration();` was a leftover debugging fetch -- never read in the body of the callback. Remove the assignment and the now-orphan import. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
PR #5018's PMD scan flagged 66 unique violations across the new OIDC client and the related social/* sign-in wrappers. None of these are behavioural — they are all stylistic / lint-driven. - MissingOverride: added @OverRide on the anonymous-class and inner-class implementations of ConnectionRequest, SuccessCallback, Runnable, ActionListener, TokenStore, and AppleSignInCallback. - ControlStatementBraces: wrapped single-statement if/for bodies in `{}` across OidcClient, TokenStore, AppleSignIn and FirebaseAuth. - AvoidUsingVolatile: kept the `volatile` keyword on SystemBrowser.cachedNative/nativeProbed and AppleSignIn.CACHED_NATIVE/NATIVE_PROBED — these are the classic double-checked-locking guards, and removing volatile would let other threads observe a half-initialised reference. Annotated each with @SuppressWarnings("PMD.AvoidUsingVolatile") and a comment. - EmptyCatchBlock: replaced the trivial `// ignore` markers in TokenStore.load and OidcTokens.fromTokenResponse with comments that explain why a malformed expiry value is non-fatal. - LocalVariableNamingConventions / FormalParameterNamingConventions: renamed `native_` (the trailing-underscore dodge for the Java reserved word) to `provider` in SystemBrowser.authenticate / SystemBrowser.authenticateNative. - UnnecessaryModifier: stripped the redundant `public static` from TokenStore.DefaultStorageTokenStore — types nested in an interface are implicitly both. - UnnecessaryImport: removed the unused com.codename1.util.AsyncResource import from AppleSignIn. - LiteralsFirstInComparisons: flipped `error.equals("access_denied")` to `"access_denied".equals(error)` in OidcClient.handleRedirect. - ForLoopCanBeForeach: rewrote the index-only for-i loop in OidcClient.merge as an enhanced-for over the split pairs. OidcCoreTest still reports 12/12 green. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The two `NumberFormatException nfe` catches in OidcTokens.fromTokenResponse and TokenStore.DefaultStorageTokenStore.load have explanatory comments but no statements -- PMD's EmptyCatchBlock rule only bypasses comment-only catches when the exception variable matches `^(ignored|expected)$`. Renamed both to `ignored`; comments preserved. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Reformat the 22 compact `if (x) { return; }`-style blocks the prior
PMD round introduced in the OIDC + social modules into K&R-style
multi-line blocks. No behavior change; tests still 12/12.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Contributor
✅ Continuous Quality ReportTest & Coverage
Static Analysis
Generated automatically by the PR CI workflow. |
The github-advanced-security aggregate check for CodeQL latches to the SARIF results at the SHA where the analysis ran; dismissing alert #109 as a false positive (https://github.com/codenameone/CodenameOne/security/code-scanning/109) updates the security tab but does not retroactively update the check status on the prior SHA. Pushing a no-op commit so a fresh check run sees zero open alerts on the PR head. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…eanup
Major changes per PR feedback:
1. **Drop Class.forName-based provider lookup.** Codename One obfuscates
class names, so `Class.forName("com.codename1.io.oidc.OidcBrowserNativeImpl")`
is unreliable. Switch SystemBrowser / AppleSignIn to the same
setImplClass pattern Facebook / GoogleConnect use: the port's
`init()` method instantiates the impl and calls the core's
`setProvider(...)`. IPhoneBuilder + AndroidGradleBuilder inject the
`init()` calls into the generated app stub when the scanner sees
any reference to the identity-stack classes.
2. **Drop volatile + DCL.** The double-checked locking idiom was
protecting a now-removed lazy lookup. Replace with a single
synchronized getter/setter pair -- simpler, no volatile warning.
3. **Bump @SInCE 8.0 -> 7.1.** Codename One isn't at version 8 yet
(current release is 7.0.243); the new API ships in 7.1.
4. **Fix cn1-applesignin wording.** AppleSignIn's javadoc claimed the
external cn1lib was "now deprecated and forwards to this class".
It isn't deprecated and there is no forwarding -- the two are
independent. Reword to say the new class is the recommended path
for new code while the cn1lib continues to work standalone.
5. **Remove obsolete OAuth2 tutorials from Miscellaneous-Features.**
The Facebook ~150-line and Google Sign-In ~250-line sections drove
the legacy Oauth2 + embedded WebBrowser flow that providers no
longer accept. Replace both with a short stub pointing at the new
"Authentication and Identity" chapter.
6. **Strip "Codename One 8.0" wording from the new chapter.**
7. **Fix NUL byte in OidcCoreTest.java.** A literal `\x00` had
replaced the space in `"ab cd"` (one of the validator test cases),
making the file show as binary in `git diff`. Restored to ASCII.
12/12 OidcCoreTest still passes, plus the 16 existing Oauth2 / Login /
*Connect tests.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Replaces the @SInCE 7.1 placeholder in every new identity-stack file. Codename One ships in 7.0.x today (latest is 7.0.243); the new API lands in 7.0.245. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…ling Two dev-guide quality-gate fails after removing the legacy OAuth2 tutorials from Miscellaneous-Features.asciidoc: * unused-images: 26 PNGs under docs/developer-guide/img/ were only referenced from the removed Facebook + Google Sign-In sections. Delete the orphans. * LanguageTool EN_WORD_COHERENCY: security.asciidoc mixes "cipher" (4 uses) with one stray "cypher". Normalise on "cipher". Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
# Conflicts: # maven/codenameone-maven-plugin/src/main/java/com/codename1/builders/AndroidGradleBuilder.java # maven/codenameone-maven-plugin/src/main/java/com/codename1/builders/IPhoneBuilder.java
9 tasks
shai-almog
added a commit
that referenced
this pull request
May 25, 2026
The WebAuthn stack ships in the same 7.0.245 release as the OidcClient identity stack (#5018); the original 7.0.246 tag was off by one. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
shai-almog
added a commit
that referenced
this pull request
May 25, 2026
* Add WebAuthn / passkey client + Auth0 / Firebase passkey helpers Extends the OidcClient identity stack (#5018) with a portable WebAuthn client. Most CN1 apps that sign users in via OidcClient already get passkeys for free (the IdP handles the ceremony, OIDC just delivers the tokens) -- this lands the surface for apps that talk to their own relying-party backend, or that want to drive Auth0 / Firebase passkeys directly. * New com.codename1.io.webauthn package: WebAuthnClient (create/get with the W3C JSON wire format), WebAuthnNative SPI, PublicKeyCredentialCreationOptions / RequestOptions / response wrapper with verbatim toJson() round-trip, WebAuthnException with W3C-named codes (NotAllowedError, InvalidStateError, SecurityError, etc.). * iOS port: ASAuthorizationPlatformPublicKeyCredentialProvider impl (iOS 16+) in Ports/iOSPort/nativeSources/CN1WebAuthn.m. Gated behind the existing CN1_INCLUDE_WEBAUTHN define so apps that never use passkeys ship without the symbols. AuthenticationServices.framework was already auto-linked by the OIDC scanner branch; IPhoneBuilder now also flips the CN1_INCLUDE_WEBAUTHN define when the classpath scanner sees com.codename1.io.webauthn.* references. * Android port: androidx.credentials.CredentialManager impl via reflection (so the port itself doesn't need androidx.credentials on its compile classpath). AndroidGradleBuilder auto-injects androidx.credentials:credentials + credentials-play-services-auth when the app references the WebAuthn classes; versions can be overridden via android.credentialsVersion build hint. * Provider passkey helpers: Auth0Connect.signInWithPasskey / registerPasskey (Auth0 WebAuthn grant_type), FirebaseAuth. signInWithPasskey / registerPasskey (Identity Platform v2 passkey REST endpoints). Both drive WebAuthnClient under the hood and return tokens through the existing OidcTokens / FirebaseUser model. * Tests: 14 new WebAuthnCoreTest assertions (options parsing, response parsing, builder round-trip, exception code mapping, async dispatch with a stub provider). Async tests use a CountDownLatch wired through .ready/.except instead of AsyncResource.get(timeout) to avoid the missed-notify race in the observer/wait path when the worker thread races against the registration. * Docs: new "Passkeys / WebAuthn" section in the Authentication and Identity chapter covering when to use the API, platform requirements (Associated Domains on iOS 16+, Digital Asset Links on Android API 28+), the Auth0 and Firebase passkey recipes, and the W3C error-code mapping. * CI: extended .github/workflows/identity-stack.yml path filters, unit-test list, Android bundle verification, and clang -fsyntax-only step to cover the new WebAuthn sources. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Correct @SInCE tag to 7.0.245 (matching the release this lands in) The WebAuthn stack ships in the same 7.0.245 release as the OidcClient identity stack (#5018); the original 7.0.246 tag was off by one. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Fix CI: SpotBugs anonymous-class warnings + Vale/LanguageTool prose The first CI run on PR #5039 turned up three categorized issues, all contained to the new WebAuthn / passkey surface. * SpotBugs SIC_INNER_SHOULD_BE_STATIC_ANON (5×) in FirebaseAuth's passkey helpers. The flagged anonymous SuccessCallback / ConnectionRequest bodies only referenced captured locals plus static utilities, so SpotBugs flagged them as candidates for promotion to named static nested classes. Refactored each body into a private instance method (`onPasskeyEnrollmentStart`, `onPasskeySignInStart`, `completeFromMap`, `handlePostJsonRawResponse`) that the callback delegates to. This matches the existing FirebaseAuth#enqueue pattern, which also uses an anonymous ConnectionRequest body that pins the enclosing instance via a `persist(u)` call. Added an `ErrorForwarder` named static class for the repeated `.except(throwable -> out.error(throwable))` boilerplate so the call sites stay readable. * Vale (8×) in the new Passkeys / WebAuthn section. Replaced the "for free" cliche; de-hyphenated "auto-linked" / "auto-injected" per Microsoft.Auto style; switched four "does not" / "could not" to contractions. * LanguageTool (11×). Added `IdP`, `webauthn`, `[Pp]asskey(s)?` to the developer-guide accept list (technical terminology). Replaced the seven `->` HTML-entity arrows in the Auth0 / Firebase console navigation paths with the Unicode `→` (`→`) the rule suggests. Fixed the British "enrol" / "enrols" spellings to the American "enroll" / "enrolls" the dictionary prefers. 44/44 identity-stack tests still pass and `vale` reports zero issues on the chapter locally. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * Fix PMD: missing @OverRide + brace single-line if statements Second CI pass on PR #5039 turned up PMD warnings that the project treats as build-breaking: * MissingOverride on the two `run()` methods in WebAuthnClient's CreateRunnable / GetRunnable named static classes -- both implement Runnable.run() and were missing the annotation. * ControlStatementBraces (7×) on single-line `if (cond) stmt;` shapes in the JSON-building helpers I added to Auth0Connect (separator emission in joinScopes, mapToJson, mapToFlatJson, appendValue) and FirebaseAuth (serialiseMap, appendValue). Expanded each to the braced form. All 44 identity-stack tests still pass. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This was referenced May 29, 2026
shai-almog
added a commit
that referenced
this pull request
May 29, 2026
Consolidated follow-up to the May 29 weekly index. Covers the four surfaces that moved from "you need a cn1lib for this" to "it is in the framework" this release: - Connectivity (PR #5021): com.codename1.io.{wifi,bonjour,usb} + NetworkManager.addNetworkTypeListener with the per-platform implementations and the three new CN1_INCLUDE_* defines that keep unused entitlements out of Apple's API-usage scan. - Identity (PRs #5018, #5039): OIDC client backed by ASWebAuthenticationSession / Custom Tabs with PKCE; Sign in with Apple in core; refreshed Google/Facebook/Microsoft/Auth0/Firebase wrappers; WebAuthn / passkey client in W3C JSON wire format with iOS 16 and Android API 28 native bindings; Auth0/Firebase passkey helpers; legacy Oauth2 deprecated. - Sharing (PR #5036): ShareResult callbacks (SHARED_TO/DISMISSED/FAILED) on iOS and Android via UIActivityViewController.completionWithItemsHandler and Intent.createChooser with IntentSender; IOSShareExtensionBuilder in the Maven plugin generates a complete .ios.appext bundle. - AI (PRs #5035, #5057): com.codename1.ai with LlmClient for OpenAI/Anthropic/Gemini/Ollama, streaming SSE, ChatView, SpeechRecognizer/TextToSpeech, SecureStorage non-prompting overloads, simulator Ollama redirect, AiDependencyTable build-time injection, and the cn1-ai-mlkit-{barcode,docscan,face} cn1libs. Closes with the structural element common to all four (scanner-driven gating that mirrors the NFC/biometrics pattern from two weeks ago).
shai-almog
added a commit
that referenced
this pull request
May 29, 2026
Consolidated follow-up to the May 29 weekly index. Covers the four surfaces that moved from "you need a cn1lib for this" to "it is in the framework" this release: - Connectivity (PR #5021): com.codename1.io.{wifi,bonjour,usb} + NetworkManager.addNetworkTypeListener with the per-platform implementations and the three new CN1_INCLUDE_* defines that keep unused entitlements out of Apple's API-usage scan. - Identity (PRs #5018, #5039): OIDC client backed by ASWebAuthenticationSession / Custom Tabs with PKCE; Sign in with Apple in core; refreshed Google/Facebook/Microsoft/Auth0/Firebase wrappers; WebAuthn / passkey client in W3C JSON wire format with iOS 16 and Android API 28 native bindings; Auth0/Firebase passkey helpers; legacy Oauth2 deprecated. - Sharing (PR #5036): ShareResult callbacks (SHARED_TO/DISMISSED/FAILED) on iOS and Android via UIActivityViewController.completionWithItemsHandler and Intent.createChooser with IntentSender; IOSShareExtensionBuilder in the Maven plugin generates a complete .ios.appext bundle. - AI (PRs #5035, #5057): com.codename1.ai with LlmClient for OpenAI/Anthropic/Gemini/Ollama, streaming SSE, ChatView, SpeechRecognizer/TextToSpeech, SecureStorage non-prompting overloads, simulator Ollama redirect, AiDependencyTable build-time injection, and the cn1-ai-mlkit-{barcode,docscan,face} cn1libs. Closes with the structural element common to all four (scanner-driven gating that mirrors the NFC/biometrics pattern from two weeks ago).
shai-almog
added a commit
that referenced
this pull request
May 29, 2026
Consolidated follow-up to the May 29 weekly index. Covers the four surfaces that moved from "you need a cn1lib for this" to "it is in the framework" this release: - Connectivity (PR #5021): com.codename1.io.{wifi,bonjour,usb} + NetworkManager.addNetworkTypeListener with the per-platform implementations and the three new CN1_INCLUDE_* defines that keep unused entitlements out of Apple's API-usage scan. - Identity (PRs #5018, #5039): OIDC client backed by ASWebAuthenticationSession / Custom Tabs with PKCE; Sign in with Apple in core; refreshed Google/Facebook/Microsoft/Auth0/Firebase wrappers; WebAuthn / passkey client in W3C JSON wire format with iOS 16 and Android API 28 native bindings; Auth0/Firebase passkey helpers; legacy Oauth2 deprecated. - Sharing (PR #5036): ShareResult callbacks (SHARED_TO/DISMISSED/FAILED) on iOS and Android via UIActivityViewController.completionWithItemsHandler and Intent.createChooser with IntentSender; IOSShareExtensionBuilder in the Maven plugin generates a complete .ios.appext bundle. - AI (PRs #5035, #5057): com.codename1.ai with LlmClient for OpenAI/Anthropic/Gemini/Ollama, streaming SSE, ChatView, SpeechRecognizer/TextToSpeech, SecureStorage non-prompting overloads, simulator Ollama redirect, AiDependencyTable build-time injection, and the cn1-ai-mlkit-{barcode,docscan,face} cn1libs. Closes with the structural element common to all four (scanner-driven gating that mirrors the NFC/biometrics pattern from two weeks ago).
shai-almog
added a commit
that referenced
this pull request
May 29, 2026
Consolidated follow-up to the May 29 weekly index. Covers the four surfaces that moved from "you need a cn1lib for this" to "it is in the framework" this release: - Connectivity (PR #5021): com.codename1.io.{wifi,bonjour,usb} + NetworkManager.addNetworkTypeListener with the per-platform implementations and the three new CN1_INCLUDE_* defines that keep unused entitlements out of Apple's API-usage scan. - Identity (PRs #5018, #5039): OIDC client backed by ASWebAuthenticationSession / Custom Tabs with PKCE; Sign in with Apple in core; refreshed Google/Facebook/Microsoft/Auth0/Firebase wrappers; WebAuthn / passkey client in W3C JSON wire format with iOS 16 and Android API 28 native bindings; Auth0/Firebase passkey helpers; legacy Oauth2 deprecated. - Sharing (PR #5036): ShareResult callbacks (SHARED_TO/DISMISSED/FAILED) on iOS and Android via UIActivityViewController.completionWithItemsHandler and Intent.createChooser with IntentSender; IOSShareExtensionBuilder in the Maven plugin generates a complete .ios.appext bundle. - AI (PRs #5035, #5057): com.codename1.ai with LlmClient for OpenAI/Anthropic/Gemini/Ollama, streaming SSE, ChatView, SpeechRecognizer/TextToSpeech, SecureStorage non-prompting overloads, simulator Ollama redirect, AiDependencyTable build-time injection, and the cn1-ai-mlkit-{barcode,docscan,face} cn1libs. Closes with the structural element common to all four (scanner-driven gating that mirrors the NFC/biometrics pattern from two weeks ago).
shai-almog
added a commit
that referenced
this pull request
May 30, 2026
Consolidated follow-up to the May 29 weekly index. Covers the four surfaces that moved from "you need a cn1lib for this" to "it is in the framework" this release: - Connectivity (PR #5021): com.codename1.io.{wifi,bonjour,usb} + NetworkManager.addNetworkTypeListener with the per-platform implementations and the three new CN1_INCLUDE_* defines that keep unused entitlements out of Apple's API-usage scan. - Identity (PRs #5018, #5039): OIDC client backed by ASWebAuthenticationSession / Custom Tabs with PKCE; Sign in with Apple in core; refreshed Google/Facebook/Microsoft/Auth0/Firebase wrappers; WebAuthn / passkey client in W3C JSON wire format with iOS 16 and Android API 28 native bindings; Auth0/Firebase passkey helpers; legacy Oauth2 deprecated. - Sharing (PR #5036): ShareResult callbacks (SHARED_TO/DISMISSED/FAILED) on iOS and Android via UIActivityViewController.completionWithItemsHandler and Intent.createChooser with IntentSender; IOSShareExtensionBuilder in the Maven plugin generates a complete .ios.appext bundle. - AI (PRs #5035, #5057): com.codename1.ai with LlmClient for OpenAI/Anthropic/Gemini/Ollama, streaming SSE, ChatView, SpeechRecognizer/TextToSpeech, SecureStorage non-prompting overloads, simulator Ollama redirect, AiDependencyTable build-time injection, and the cn1-ai-mlkit-{barcode,docscan,face} cn1libs. Closes with the structural element common to all four (scanner-driven gating that mirrors the NFC/biometrics pattern from two weeks ago).
shai-almog
added a commit
that referenced
this pull request
May 31, 2026
…AI) (#5087) * Blog: platform APIs in the core (connectivity + identity + sharing + AI) Consolidated follow-up to the May 29 weekly index. Covers the four surfaces that moved from "you need a cn1lib for this" to "it is in the framework" this release: - Connectivity (PR #5021): com.codename1.io.{wifi,bonjour,usb} + NetworkManager.addNetworkTypeListener with the per-platform implementations and the three new CN1_INCLUDE_* defines that keep unused entitlements out of Apple's API-usage scan. - Identity (PRs #5018, #5039): OIDC client backed by ASWebAuthenticationSession / Custom Tabs with PKCE; Sign in with Apple in core; refreshed Google/Facebook/Microsoft/Auth0/Firebase wrappers; WebAuthn / passkey client in W3C JSON wire format with iOS 16 and Android API 28 native bindings; Auth0/Firebase passkey helpers; legacy Oauth2 deprecated. - Sharing (PR #5036): ShareResult callbacks (SHARED_TO/DISMISSED/FAILED) on iOS and Android via UIActivityViewController.completionWithItemsHandler and Intent.createChooser with IntentSender; IOSShareExtensionBuilder in the Maven plugin generates a complete .ios.appext bundle. - AI (PRs #5035, #5057): com.codename1.ai with LlmClient for OpenAI/Anthropic/Gemini/Ollama, streaming SSE, ChatView, SpeechRecognizer/TextToSpeech, SecureStorage non-prompting overloads, simulator Ollama redirect, AiDependencyTable build-time injection, and the cn1-ai-mlkit-{barcode,docscan,face} cn1libs. Closes with the structural element common to all four (scanner-driven gating that mirrors the NFC/biometrics pattern from two weeks ago). * Platform-APIs post: rewrite around AI + OAuth headline - Retitled "AI, OAuth, And Other Platform APIs In The Core". - Reordered sections so the two headline pieces come first: AI (with deep tutorials) and OAuth / OIDC (with provider walk- throughs and a migration). WiFi / connectivity and share-sheet callbacks land at the end. - Opener no longer runs together; the NFC / biometrics / crypto call-back is linked to the previous post explicitly. - AI section expanded with concrete examples for streaming, tool calls, embeddings, image generation, the simulator Ollama redirect, the SecureStorage non-prompting overloads, the ChatView binding, and an ASCII mockup of the ChatView surface for readers who haven't seen it. - New subsection explaining why the ML Kit AI features stay in cn1libs even though the LlmClient surface lives in core (core carries the plumbing every AI app wants; specialised verticals with large native dependencies stay opt-in; the cloud-build big- upload guard rules out the multi-gigabyte models). - OAuth section now walks through OIDC discovery, the four provider wrappers (Google, Microsoft, Auth0, Facebook), Sign in with Apple, an Oauth2-to-OidcClient migration example, and the WebAuthn / passkey client. - Dev-guide references go to the HTML version on the website. - Hero image lands at /blog/platform-apis-in-the-core.jpg. - Wrap-up has the link back to the intro and forward to the Wednesday post. Also updates the developer-workflow post (rebased on top) to add the forward link to this post in its wrap-up. * Platform-APIs post: review fixes - Opening description rewritten so it does not read as a comma list. - Dropped the "AI first, OAuth second" meta-paragraph. - Anthropic and Gemini are no longer described as "still in flight"; both are fully implemented in this release. - Replaced the SecureStorage "small thing that matters more than it sounds" framing with a proper "How to handle API keys" section that opens with the security rule (never check in, never embed, never hardcode), explains the proper shape (fetch from your backend over an authenticated request, cache to the platform keychain via SecureStorage), and gives a concrete getOpenAiKey example. - ChatView ASCII mockup replaced with a screenshot reference and a richer code example that drives the chat manually (ConversationStore + per-message lifecycle + error path). - Removed the Speech / TTS subsection entirely. The native iOS / Android bridges are still tracked follow-ups in PR #5035 and are not shipping in this release. - iOS Share Extension paragraph expanded into a real "how your app appears in other apps' share menus" section with a pom.xml configuration block, the cn1:generate-ios-share-extension Mojo invocation, and a host-side payload-read example. - AI cn1libs rewritten. The 13 cn1libs land in a feature table with a one-line "what it gives you" column each, followed by a "how to add and use them" paragraph and three short worked examples (barcode, text recognition, translation). The "why these are cn1libs and not core" answer follows the concrete list rather than appearing without context. - "What ties this together" section removed. * Platform-APIs post: real ChatView screenshot + per-cn1lib subsections - Replaced the placeholder ChatView image reference with a real screenshot pulled from the ChatViewDevGuideScreenshotTest output (scripts/ios/screenshots-metal/ChatView_light.png), cropped to remove the test-harness caption and downscaled for web payload. - Replaced the AI cn1lib quick-table and the "Why are these cn1libs" paragraph with thirteen per-cn1lib subsections (cn1-ai-mlkit-{ text, barcode, face, labeling, translate, smartreply, langid, pose, segmentation, docscan}, cn1-ai-tflite, cn1-ai-whisper, cn1-ai-stablediffusion). Each subsection covers TL;DR, per- platform native bridge, use cases, and a real working code sample using the actual facade signature (TextRecognizer. recognize / BarcodeScanner.scan / FaceDetector.detect / ... PoseDetector.detect / SelfieSegmenter.segment / ... etc). - Up front: the cn1libs aren't in the CN1 Preferences picker yet, so the manual pom.xml dependency snippet is the supported path; the shared pattern is given once with just the artifactId changing per cn1lib. - Dropped the mention of scripts/create-ai-cn1lib.sh as an implementation detail. * Platform-APIs post: shift to 2026-05-31, retime forward links Tighter daily cadence: the platform-APIs post moves from Monday 2026-06-01 to Sunday 2026-05-31, and the codegen post (PR #5088) moves from Wednesday 2026-06-03 to Monday 2026-06-01. - Front-matter date: 2026-06-01 -> 2026-05-31. - Wrap-up: "The next post is on Wednesday" -> "Tomorrow's post" with the link to /blog/build-time-codegen/. - In-text reference: "Wednesday's post" (in the embeddings paragraph that mentions the upcoming ORM) -> "tomorrow's post". - Developer-workflow post forward link (added on top of the merged base by this PR): "Monday's post" -> "Tomorrow's post" to match the new platform-APIs date.
shai-almog
added a commit
that referenced
this pull request
Jun 1, 2026
…5088) * Blog: platform APIs in the core (connectivity + identity + sharing + AI) Consolidated follow-up to the May 29 weekly index. Covers the four surfaces that moved from "you need a cn1lib for this" to "it is in the framework" this release: - Connectivity (PR #5021): com.codename1.io.{wifi,bonjour,usb} + NetworkManager.addNetworkTypeListener with the per-platform implementations and the three new CN1_INCLUDE_* defines that keep unused entitlements out of Apple's API-usage scan. - Identity (PRs #5018, #5039): OIDC client backed by ASWebAuthenticationSession / Custom Tabs with PKCE; Sign in with Apple in core; refreshed Google/Facebook/Microsoft/Auth0/Firebase wrappers; WebAuthn / passkey client in W3C JSON wire format with iOS 16 and Android API 28 native bindings; Auth0/Firebase passkey helpers; legacy Oauth2 deprecated. - Sharing (PR #5036): ShareResult callbacks (SHARED_TO/DISMISSED/FAILED) on iOS and Android via UIActivityViewController.completionWithItemsHandler and Intent.createChooser with IntentSender; IOSShareExtensionBuilder in the Maven plugin generates a complete .ios.appext bundle. - AI (PRs #5035, #5057): com.codename1.ai with LlmClient for OpenAI/Anthropic/Gemini/Ollama, streaming SSE, ChatView, SpeechRecognizer/TextToSpeech, SecureStorage non-prompting overloads, simulator Ollama redirect, AiDependencyTable build-time injection, and the cn1-ai-mlkit-{barcode,docscan,face} cn1libs. Closes with the structural element common to all four (scanner-driven gating that mirrors the NFC/biometrics pattern from two weeks ago). * Platform-APIs post: rewrite around AI + OAuth headline - Retitled "AI, OAuth, And Other Platform APIs In The Core". - Reordered sections so the two headline pieces come first: AI (with deep tutorials) and OAuth / OIDC (with provider walk- throughs and a migration). WiFi / connectivity and share-sheet callbacks land at the end. - Opener no longer runs together; the NFC / biometrics / crypto call-back is linked to the previous post explicitly. - AI section expanded with concrete examples for streaming, tool calls, embeddings, image generation, the simulator Ollama redirect, the SecureStorage non-prompting overloads, the ChatView binding, and an ASCII mockup of the ChatView surface for readers who haven't seen it. - New subsection explaining why the ML Kit AI features stay in cn1libs even though the LlmClient surface lives in core (core carries the plumbing every AI app wants; specialised verticals with large native dependencies stay opt-in; the cloud-build big- upload guard rules out the multi-gigabyte models). - OAuth section now walks through OIDC discovery, the four provider wrappers (Google, Microsoft, Auth0, Facebook), Sign in with Apple, an Oauth2-to-OidcClient migration example, and the WebAuthn / passkey client. - Dev-guide references go to the HTML version on the website. - Hero image lands at /blog/platform-apis-in-the-core.jpg. - Wrap-up has the link back to the intro and forward to the Wednesday post. Also updates the developer-workflow post (rebased on top) to add the forward link to this post in its wrap-up. * Platform-APIs post: review fixes - Opening description rewritten so it does not read as a comma list. - Dropped the "AI first, OAuth second" meta-paragraph. - Anthropic and Gemini are no longer described as "still in flight"; both are fully implemented in this release. - Replaced the SecureStorage "small thing that matters more than it sounds" framing with a proper "How to handle API keys" section that opens with the security rule (never check in, never embed, never hardcode), explains the proper shape (fetch from your backend over an authenticated request, cache to the platform keychain via SecureStorage), and gives a concrete getOpenAiKey example. - ChatView ASCII mockup replaced with a screenshot reference and a richer code example that drives the chat manually (ConversationStore + per-message lifecycle + error path). - Removed the Speech / TTS subsection entirely. The native iOS / Android bridges are still tracked follow-ups in PR #5035 and are not shipping in this release. - iOS Share Extension paragraph expanded into a real "how your app appears in other apps' share menus" section with a pom.xml configuration block, the cn1:generate-ios-share-extension Mojo invocation, and a host-side payload-read example. - AI cn1libs rewritten. The 13 cn1libs land in a feature table with a one-line "what it gives you" column each, followed by a "how to add and use them" paragraph and three short worked examples (barcode, text recognition, translation). The "why these are cn1libs and not core" answer follows the concrete list rather than appearing without context. - "What ties this together" section removed. * Platform-APIs post: real ChatView screenshot + per-cn1lib subsections - Replaced the placeholder ChatView image reference with a real screenshot pulled from the ChatViewDevGuideScreenshotTest output (scripts/ios/screenshots-metal/ChatView_light.png), cropped to remove the test-harness caption and downscaled for web payload. - Replaced the AI cn1lib quick-table and the "Why are these cn1libs" paragraph with thirteen per-cn1lib subsections (cn1-ai-mlkit-{ text, barcode, face, labeling, translate, smartreply, langid, pose, segmentation, docscan}, cn1-ai-tflite, cn1-ai-whisper, cn1-ai-stablediffusion). Each subsection covers TL;DR, per- platform native bridge, use cases, and a real working code sample using the actual facade signature (TextRecognizer. recognize / BarcodeScanner.scan / FaceDetector.detect / ... PoseDetector.detect / SelfieSegmenter.segment / ... etc). - Up front: the cn1libs aren't in the CN1 Preferences picker yet, so the manual pom.xml dependency snippet is the supported path; the shared pattern is given once with just the artifactId changing per cn1lib. - Dropped the mention of scripts/create-ai-cn1lib.sh as an implementation detail. * Platform-APIs post: shift to 2026-05-31, retime forward links Tighter daily cadence: the platform-APIs post moves from Monday 2026-06-01 to Sunday 2026-05-31, and the codegen post (PR #5088) moves from Wednesday 2026-06-03 to Monday 2026-06-01. - Front-matter date: 2026-06-01 -> 2026-05-31. - Wrap-up: "The next post is on Wednesday" -> "Tomorrow's post" with the link to /blog/build-time-codegen/. - In-text reference: "Wednesday's post" (in the embeddings paragraph that mentions the upcoming ORM) -> "tomorrow's post". - Developer-workflow post forward link (added on top of the merged base by this PR): "Monday's post" -> "Tomorrow's post" to match the new platform-APIs date. * Blog: build-time codegen (router, ORM, mappers, binder, SVG/Lottie) Final consolidated follow-up to the May 29 weekly index. Pulls together six PRs that share the same architectural shape: emit Java at build time, validate at build time, fail fast, and let R8 / ParparVM rename the generated code together with the rest of the app. - PR #5037: bytecode AnnotationProcessor SPI in the Maven plugin, the declarative router that is its first consumer (@route with guards, redirects, per-tab navigation shell, location listeners), the unified cold + warm DeepLink API, iOS Universal Links / Android App Links JSON generators, and the JavaScript-port window.history bridge. - PR #5047: three more processors on the same SPI -- SQLite ORM (@entity / @id / @column), JSON / XML mapping (@mapped / @JsonProperty / @xmlelement), and component binding (@bindable / @Bind with the new BindAttr enum). - PR #5062: validation annotations (@required, @Length, @regex, @Email, @url, @Numeric, @existin, @Validate) that compose with @Bind and surface through Binding.getValidator(). - PR #5055: the Immich-port baseline -- Map default methods, BiFunction, atomics, Rest.fetchAsJsonList / fetchAsMapped(List), URLImage.RequestDecorator / setDefaultBearerToken, JSONWriter, modern animated tab indicator + arc-spinner pull-to-refresh, MorphTransition.snapshotMode, WebSocket in core, and the new cn1:generate-openapi-client mojo. - PR #5042: build-time SVG transcoder that lowers SVG (and SMIL animations) into Codename One Image subclasses via the shape API. - PR #5066: Lottie / Bodymovin transcoder reusing the same SVGDocument model, JavaCodeGenerator, and SVGRegistry. - PR #5049: the iOS Metal stencil-clip + drawString and Android LinearGradientPaint fixes the SVG screenshot tests exposed. Calls out the Metal-only caveat on iOS for SVG / Lottie (the GL ES 2 path does not have the shape coverage) -- a non-issue on most apps now that Metal is the default. * Build-time-codegen post: style pass - "I" voice replaced with "we" / team-flavoured phrasing. - Front matter description and feed_html no longer name the Immich Flutter port; the porting exercise is described generically as "a substantial mobile client app". - Section heading renamed from "The Immich-port baseline" to "The porting-exercise baseline". - Body prose no longer names the Flutter source; the porting exercise is described in generic terms ("a substantial third-party mobile client onto Codename One"). - "Form.setPopGuard analogue to Flutter's PopScope" rephrased so the Flutter analogy is gone and the hook is described directly. - Wrap-up rephrased so the "next index lands on Friday" line reads as a fact rather than a personal commitment. * Build-time-codegen post: hero image + cross-post linking - Hero image lands at /blog/build-time-codegen.jpg. - Wrap-up reworded so the "back to the weekly index" link uses the same shape as the workflow and platform-APIs posts. - Platform-APIs post (rebased on top) updated so its wrap-up forward-links to this post by URL rather than by date prose. * Build-time-codegen post: quote YAML title to dodge colon parse error The post failed CI with: error building site: assemble: failed to create page from pageMetaSource /blog/build-time-codegen: ...build-time-codegen.md:2:8": [1:8] mapping value is not allowed in this context The title contains an unquoted colon ("Build-Time Codegen: Router, ORM, Mappers, Binder, SVG / Lottie"), which YAML reads as a key / value separator at column 8 and trips the parser. Wrapping the value in double quotes makes it a plain string. Verified locally with `hugo --buildFuture`: the post renders and the rendered <title> shows the colon intact. * Build-time-codegen post: major restructure per review - Retitled "Routing, ORM, OpenAPI, And Build-Time SVG / Lottie". The headline pieces (router, ORM, OpenAPI, SVG, Lottie) lead; the codegen plumbing is the "How it works" section at the end. - Front-matter description rewritten around the headline pieces and the JPA / JAXB familiarity callouts. - Routing section now leads with the deep-link motivation: what problem deep links create (URLs arriving from many sources), why a single Display.setDeepLinkHandler scales badly, and how @route(...) collapses the if/else handler into one annotation per form. Spring developers get an explicit "@route ~ @RequestMapping, :id ~ {id}, RouteMatch.param ~ @PathVariable" callout. React/Vue/Angular Router familiarity also called out. - ORM section gets a JPA / Hibernate familiarity callout (@entity, @id, @column, EntityManager, Dao#findById/findAll/find), plus the explicit "renamed @transient to @DbTransient to avoid java.beans.Transient" note. - JSON / XML section gets a JAXB familiarity callout (@xmlRoot, @xmlelement, @XmlAttribute, @XmlTransient direct port; the Jackson convention for the JSON side). - New OpenAPI section as a headline feature. Walks through the cn1:generate-openapi-client Mojo configuration in pom.xml, the Petstore reference spec output (6 models + 3 Api classes), and a concrete PetApi usage example (getPetById, findPetsByStatus, addPet). Frames the practical effect for teams whose backends already publish OpenAPI specs. - Component-binding section preserved with its validation annotations, BindAttr, GroupConstraint composition. - SVG section gets its own heading with a real static-fixture screenshot (cropped from scripts/ios/screenshots-metal/ SVGStatic.png). - Lottie section gets its own heading with an animated GIF composed from the 6-frame LottieAnimatedScreenshotTest grid (cropped, labels masked, frames stitched at 200ms each, looped). - "How it works" section at the end explains the bytecode AnnotationProcessor SPI, the generate-sources / process-classes Mojo split, the stub-then-overwrite pattern, and the three non-negotiable rules (no Class.forName, no service loader, no field reflection). - REMOVED: "The porting-exercise baseline" section and any other mention of how decisions were arrived at. - REMOVED: "The Metal / Android rendering fixes" subsection. The three Metal / Android bug fixes are not user-facing features of this release and do not belong in this post. - REMOVED: "What ties this together" section. - Front-matter title now quoted to handle the colon (carried over from the previous CI fix). Hero image and the lottie-pulse-spinner.gif / svg-static.png fixtures committed alongside. * Build-time-codegen post: reorder + retitle per review - Title retitled "OpenAPI, ORM, SVG and Lottie" (routing dropped from the title, not the first thing above the fold). - OpenAPI section stays first, then ORM, JSON / XML, binding, SVG, Lottie. Deep links and routing moved to the END of the post, just before the codegen plumbing section. - Routing reframed as "the first place we used the preprocessor" rather than "the piece that motivates everything else". - Deep-link section now spells out the honest history. AppArg worked for small surfaces but got fragile across cold/warm lifecycle paths and especially in the case where a user lands mid-app via a link and then continues to interact (back-stack composition, falling off the edge on back). The new DeepLink + setDeepLinkHandler runs on a consistent path and parses for you. - Removed the "The Initializr, the Playground, the Skin Designer, and the new Build Cloud console are all working examples" sentence; none of those use the routing framework. - Removed the "Three rules the design enforces: no Class.forName, no service loader, no field reflection. The 'this code only breaks in production because R8 renamed a field' shape of JPA-on-Android bug is structurally absent" paragraph from the ORM section. - @bindable example now shows the Form with the matching components (TextField with setName, ComboBox, Button), so the binder's "match by component name" contract is visible. - New SVG sizing subsection. cn1-svg-width / cn1-svg-height in millimeters is the recommended knob; same constant size at every DPI; sidesteps the design-pixel guesswork. Two-float constructor for projects that don't use CSS. - New paragraph up front in the SVG section spelling out that a transcoded SVG is a vector image but still an Image: works in every Image slot in the framework, just scales cleanly. - iOS Metal caveat fixed. On ios.metal=false the SVG / Lottie shape API renders with visible artifacts in many cases, not the placeholder you might expect. - SVG and Lottie both ask the community to file issues with the failing source file attached when the transcoder mishandles something. The transcoder grows one shape family at a time from those reports. - SVG / Lottie source path corrected from src/main/svg/ and src/main/lottie/ to src/main/css/ (the actual hellocodenameone fixture lays them out alongside theme.css there). - Lottie GIF regenerated. 24 interpolated frames at 60 ms each (was 6 frames at 200 ms); much smoother playback in-browser. - Wrap-up teases Friday's release post: pretty big features landing, the headline pieces are the most substantial things in months and worth checking back for. * Build-time-codegen post: drop "knob", correct SVG coverage - Section heading "Sizing in millimeters is the important knob" shortened to "Sizing in millimeters". - The "Explicit non-coverage in v1" sentence was wrong: text and clip-path are supported in this release and visible in the static-SVG fixture screenshot we ship in the post. Rewritten to call out that text and clipPath landed via PR #5056, show what is supported (<text> / <tspan> with single-style fills and transforms; <clipPath> via clip-path="url(#id)" against rect / circle / path clip shapes), and accurately list what is still not covered (filter primitives, mask with alpha, radialGradient, CSS-in-SVG with selector style rules). * Build-time-codegen post: shift to 2026-06-01 Tighter daily cadence; the codegen post moves from Wednesday 2026-06-03 to Monday 2026-06-01. - Front-matter date: 2026-06-03 -> 2026-06-01. - Intro recap line "Saturday's was about how you iterate; Monday's was about new platform APIs" -> "Saturday's was about how you iterate; yesterday's was about new platform APIs". Today is now Monday. - "this Friday's release post" wrap-up tease unchanged; that refers to the next weekly release index post and Friday is unchanged.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Oauth2flow (now rejected by Google, Apple, Microsoft, Facebook) with a modern OpenID Connect client driven from the system browsercom.codename1.io.oidc.OidcClient(discovery + PKCE S256 + state/nonce + refresh + revoke + pluggableTokenStore) and aSystemBrowserfacade with native iOS (ASWebAuthenticationSession) and Android (Custom Tabs) implementationscom.codename1.social.AppleSignIn) with nativeASAuthorizationAppleIDProvideron iOS 13+ and OIDC web fallback elsewhereGoogleConnect/FacebookConnectwithsignIn(...)methods that go through the new stack, and adds newMicrosoftConnect(Entra ID),Auth0ConnectandFirebaseAuth(REST) wrappersOauth2with a migration recipeAuthenticationServices.framework+ injectscom.apple.developer.applesigninentitlement on iOS, and auto-injectsandroidx.browser:browseron Android, only when the scanner sees the new classes in useWhat's in this PR
Core (
CodenameOne/src/com/codename1/io/oidc/)OidcClient-- discover/authorize/refresh/revokeOidcConfiguration(builder + discovery-JSON parser)OidcTokens(with ID-token claim decoding andAccessTokenbridge)OidcException(typed errors:USER_CANCELLED,STATE_MISMATCH,NONCE_MISMATCH,DISCOVERY_FAILED, ...)PkceChallenge(RFC 7636 S256)TokenStore+DefaultStorageTokenStoreSystemBrowserfacade +OidcBrowserNativeNativeInterfaceProvider classes (
com.codename1.social)AppleSignIn+AppleSignInCallback+AppleSignInResult+AppleSignInNative(new)GoogleConnect#signIn(clientId, redirectUri, scopes...)(new method)FacebookConnect#signIn(appId, redirectUri, permissions...)(new method)MicrosoftConnect(new, multi-tenant Entra ID)Auth0Connect(new)FirebaseAuth(new, REST-based; email/password, IdP exchange, refresh)Native bindings
Ports/iOSPort/nativeSources/com_codename1_io_oidc_OidcBrowserNativeImpl.{h,m}--ASWebAuthenticationSessionPorts/iOSPort/nativeSources/com_codename1_social_AppleSignInNativeImpl.{h,m}--ASAuthorizationAppleIDProviderPorts/Android/src/com/codename1/io/oidc/OidcBrowserNativeImpl.java--androidx.browser.customtabswithACTION_VIEWfallbackPorts/Android/src/com/codename1/social/AppleSignInNativeImpl.java-- reportsisSupported=falseso AppleSignIn falls through to its OIDC web flowBuild plugin
IPhoneBuilderscanner addsusesOidc/usesAppleSignIn; auto-linksAuthenticationServices.frameworkand injects thecom.apple.developer.applesigninentitlement.AndroidGradleBuilderscanner addsusesOidc; auto-injectsandroidx.browser:browser:1.8.0(override withandroid.customTabsVersion).Docs & demo
docs/developer-guide/Authentication-And-Identity.asciidocchapter -- per-provider recipes, migration fromOauth2, iOSios.urlSchemeand Androidandroid.xintent_filtersetup.Samples/samples/UniversalSignInDemo/-- one button per provider plus a generic OIDC issuer, designed to be copy-pasteable.CI
.github/workflows/identity-stack.yml: path-filtered PR workflow with three jobs --linux-testsruns the identity unit tests, compiles the Maven plugin (verifies scanner edits), packages the Android port and asserts the new Java sources land inandroid_port_sources.jar, andjavacs the demo against built core.sample-secretsgreps the demo + identity sources for real-looking credentials (JWTs,AIza…keys, GitHub PATs, etc.).macos-clangrunsclang -fsyntax-onlyon the two iOS native sources.What this PR deliberately does not do
OidcClientjavadoc and in the new chapter; the remedy is to re-validate on your backend.GoogleConnect.doLogin()native iOS/Android paths. Those continue to work for code that depends on the existing native SDK integrations.Test plan
mvn -pl core-unittests -am test -P unittests -Dtest='OidcCoreTest,Oauth2*,*ConnectTest,Login*' -Dsurefire.failIfNoSpecifiedTests=false-- 30/30 passmvn -pl codenameone-maven-plugin compile(verifies scanner edits)mvn -pl android -am package -DskipTests--android_port_sources.jarcontains both new Java filesjavac -cp maven/core/target/classes Samples/samples/UniversalSignInDemo/UniversalSignInDemo.javaxcrun --sdk iphoneos clang -fsyntax-only ...on both new.mfilespython3 -c 'yaml.safe_load(...)'on the new workflowidentity-stackworkflow + the mainpr.ymlmatrix)UniversalSignInDemo)AppleSignIn-using build🤖 Generated with Claude Code