diff --git a/libs/SalesforceAnalytics/src/com/salesforce/androidsdk/analytics/logger/LogRedactor.kt b/libs/SalesforceAnalytics/src/com/salesforce/androidsdk/analytics/logger/LogRedactor.kt index 2247bd41cf..7c2a22016a 100644 --- a/libs/SalesforceAnalytics/src/com/salesforce/androidsdk/analytics/logger/LogRedactor.kt +++ b/libs/SalesforceAnalytics/src/com/salesforce/androidsdk/analytics/logger/LogRedactor.kt @@ -28,11 +28,12 @@ package com.salesforce.androidsdk.analytics.logger private const val VISIBLE_CHARS = 4 +// TODO: Remove beacon_child_consumer_secret from pattern once server version 264 has rolled out everywhere. private val SENSITIVE_JSON_PATTERN = Regex( pattern = """("(?:access_token|refresh_token|id_token|csrf_token|sid""" + """|lightning_sid|visualforce_sid|content_sid|parent_sid""" + """|cookie-sid_Client|cookie-clientSrc""" + - """|beacon_child_consumer_secret)"\s*:\s*")([^"]+)(")""", + """|auto_installed_app_org_consumer_secret|beacon_child_consumer_secret)"\s*:\s*")([^"]+)(")""", option = RegexOption.IGNORE_CASE, ) diff --git a/libs/SalesforceSDK/src/com/salesforce/androidsdk/accounts/UserAccount.java b/libs/SalesforceSDK/src/com/salesforce/androidsdk/accounts/UserAccount.java index aadad63d11..84e1240a92 100644 --- a/libs/SalesforceSDK/src/com/salesforce/androidsdk/accounts/UserAccount.java +++ b/libs/SalesforceSDK/src/com/salesforce/androidsdk/accounts/UserAccount.java @@ -97,8 +97,8 @@ public class UserAccount { public static final String CLIENT_ID = "clientId"; public static final String PARENT_SID = "parentSid"; public static final String TOKEN_FORMAT = "tokenFormat"; - public static final String BEACON_CHILD_CONSUMER_KEY = "beacon_child_consumer_key"; - public static final String BEACON_CHILD_CONSUMER_SECRET = "beacon_child_consumer_secret"; + public static final String BEACON_CHILD_CONSUMER_KEY = "auto_installed_app_org_consumer_key"; + public static final String BEACON_CHILD_CONSUMER_SECRET = "auto_installed_app_org_consumer_secret"; public static final String SCOPE = "scope"; private static final String TAG = "UserAccount"; diff --git a/libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/AuthenticatorService.java b/libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/AuthenticatorService.java index 45b32d1ad2..08b112f93c 100644 --- a/libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/AuthenticatorService.java +++ b/libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/AuthenticatorService.java @@ -89,8 +89,8 @@ public class AuthenticatorService extends Service { public static final String KEY_SID_COOKIE_NAME = "sidCookieName"; public static final String KEY_PARENT_SID = "parentSid"; public static final String KEY_TOKEN_FORMAT = "tokenFormat"; - public static final String KEY_BEACON_CHILD_CONSUMER_KEY = "beacon_child_consumer_key"; - public static final String KEY_BEACON_CHILD_CONSUMER_SECRET = "beacon_child_consumer_secret"; + public static final String KEY_BEACON_CHILD_CONSUMER_KEY = "auto_installed_app_org_consumer_key"; + public static final String KEY_BEACON_CHILD_CONSUMER_SECRET = "auto_installed_app_org_consumer_secret"; public static final String KEY_SCOPE = "scope"; private static final String TAG = "AuthenticatorService"; diff --git a/libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/OAuth2.java b/libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/OAuth2.java index d815d33588..d37288e240 100644 --- a/libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/OAuth2.java +++ b/libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/OAuth2.java @@ -213,8 +213,11 @@ public class OAuth2 { private static final String SID_COOKIE_NAME = "sidCookieName"; private static final String PARENT_SID = "parent_sid"; private static final String TOKEN_FORMAT = "token_format"; - private static final String BEACON_CHILD_CONSUMER_SECRET = "beacon_child_consumer_secret"; - private static final String BEACON_CHILD_CONSUMER_KEY = "beacon_child_consumer_key"; + private static final String BEACON_CHILD_CONSUMER_SECRET = "auto_installed_app_org_consumer_secret"; + private static final String BEACON_CHILD_CONSUMER_KEY = "auto_installed_app_org_consumer_key"; + // TODO: Remove legacy fallback constants once server version 264 has rolled out everywhere. + private static final String LEGACY_BEACON_CHILD_CONSUMER_SECRET = "beacon_child_consumer_secret"; + private static final String LEGACY_BEACON_CHILD_CONSUMER_KEY = "beacon_child_consumer_key"; public static final DateFormat TIMESTAMP_FORMAT; static { @@ -1000,11 +1003,16 @@ public TokenEndpointResponse(Response response, List additionalOauthKeys tokenFormat = parsedResponse.optString(TOKEN_FORMAT); // Beacon child fields expected when using a beacon app and web server flow + // TODO: Remove LEGACY_BEACON_CHILD_CONSUMER_* fallback once server version 264 has rolled out everywhere. if (parsedResponse.has(BEACON_CHILD_CONSUMER_KEY)) { beaconChildConsumerKey = parsedResponse.getString(BEACON_CHILD_CONSUMER_KEY); + } else if (parsedResponse.has(LEGACY_BEACON_CHILD_CONSUMER_KEY)) { + beaconChildConsumerKey = parsedResponse.getString(LEGACY_BEACON_CHILD_CONSUMER_KEY); } if (parsedResponse.has(BEACON_CHILD_CONSUMER_SECRET)) { beaconChildConsumerSecret = parsedResponse.getString(BEACON_CHILD_CONSUMER_SECRET); + } else if (parsedResponse.has(LEGACY_BEACON_CHILD_CONSUMER_SECRET)) { + beaconChildConsumerSecret = parsedResponse.getString(LEGACY_BEACON_CHILD_CONSUMER_SECRET); } scope = parsedResponse.optString(SCOPE); diff --git a/libs/test/SalesforceAnalyticsTest/src/com/salesforce/androidsdk/analytics/logger/SalesforceLoggerTest.java b/libs/test/SalesforceAnalyticsTest/src/com/salesforce/androidsdk/analytics/logger/SalesforceLoggerTest.java index ddaab84002..7aa7e9306c 100644 --- a/libs/test/SalesforceAnalyticsTest/src/com/salesforce/androidsdk/analytics/logger/SalesforceLoggerTest.java +++ b/libs/test/SalesforceAnalyticsTest/src/com/salesforce/androidsdk/analytics/logger/SalesforceLoggerTest.java @@ -236,8 +236,20 @@ public void testRedactParentSid() { Assert.assertEquals("parent_sid should be redacted", expected, SalesforceLogger.redact(input)); } + /** + * Test that auto_installed_app_org_consumer_secret is redacted in JSON. + */ + @Test + public void testRedactAutoInstalledAppOrgConsumerSecret() { + final String value = randomString(11); + final String input = "{\"auto_installed_app_org_consumer_secret\":\"" + value + "\"}"; + final String expected = "{\"auto_installed_app_org_consumer_secret\":\"" + expectedMask(value) + "\"}"; + Assert.assertEquals("auto_installed_app_org_consumer_secret should be redacted", expected, SalesforceLogger.redact(input)); + } + /** * Test that beacon_child_consumer_secret is redacted in JSON. + * TODO: Remove once server version 264 has rolled out everywhere. */ @Test public void testRedactBeaconChildConsumerSecret() { diff --git a/libs/test/SalesforceSDKTest/src/com/salesforce/androidsdk/accounts/UserAccountTest.java b/libs/test/SalesforceSDKTest/src/com/salesforce/androidsdk/accounts/UserAccountTest.java index 3a05d7933d..e868804cd8 100644 --- a/libs/test/SalesforceSDKTest/src/com/salesforce/androidsdk/accounts/UserAccountTest.java +++ b/libs/test/SalesforceSDKTest/src/com/salesforce/androidsdk/accounts/UserAccountTest.java @@ -655,8 +655,8 @@ private OAuth2.TokenEndpointResponse createTokenEndpointResponseLikeUserAgentFlo private OAuth2.TokenEndpointResponse createTokenEndpointResponseLikeWebServerFlow() { Map params = createTokenEndpointParams(); - params.put("beacon_child_consumer_key", TEST_BEACON_CHILD_CONSUMER_KEY); - params.put("beacon_child_consumer_secret", TEST_BEACON_CHILD_CONSUMER_SECRET); + params.put("auto_installed_app_org_consumer_key", TEST_BEACON_CHILD_CONSUMER_KEY); + params.put("auto_installed_app_org_consumer_secret", TEST_BEACON_CHILD_CONSUMER_SECRET); JSONObject responseJson = new JSONObject(params); MediaType mediaType = MediaType.parse("application/json"); ResponseBody responseBody = ResponseBody.create(responseJson.toString(), mediaType);