catch more specific errors (#189)

### What changes are you making?

Replaces broad `catch (e: Exception)` blocks with specific exception types (`SerializationException`, `NoSuchElementException`, `SecurityException`) across the Android platform to avoid silently swallowing unexpected exceptions.

- `CheckoutBridge`: Catches `SerializationException` and `NoSuchElementException` separately, extracting the error notification logic into a shared `notifyDecodeFailure` helper.
- `CheckoutProtocol`: Narrows exception handling in `error`, `windowOpen`, and checkout notification decoders, and refactors `Client.process` to extract `decodeRequest` with a scoped `SerializationException` catch. Replaces `runCatching` with an explicit `try/catch` in `Typed.dispatch`.
- `EmbeddedCheckoutProtocol`: Replaces unsafe `jsonObject`, `jsonArray`, and `jsonPrimitive` extension property accesses (which throw `IllegalArgumentException`) with safe `as?` casts that throw `SerializationException` on invalid structure, ensuring malformed `ec.ready` params are handled as parse errors.
- `ExternalUriLauncher`: Narrows the fallback catch to `SecurityException` only.
- `CheckoutErrorDecoder` and `CheckoutCompletedEventDecoder`: Replace `catch (e: Exception)` with `SerializationException` (and `NoSuchElementException` where applicable).

A test is added to verify that an empty error payload body triggers `onCheckoutViewFailedWithError`, and two new tests confirm that non-object `ec.ready` params and a non-array `delegate` field both produce a parse error response. A new `ExternalUriLauncherTest` verifies that a `SecurityException` from `startActivity` results in a `Rejected` result.

### How to test

1. Run the Android unit test suite: `./gradlew :lib:test`
2. Verify the new tests pass:
   - `CheckoutBridgeTest` – `should call onCheckoutViewFailedWithError if error payload is empty`
   - `EmbeddedCheckoutProtocolTest` – `ec ready with non-object params sends parse error` and `ec ready with non-array delegate sends parse error`
   - `ExternalUriLauncherTest` – `launch rejects when startActivity throws security exception`
3. Confirm no regressions in existing checkout flow tests.

---

### Before you merge

> [!IMPORTANT]
>
> - [ ] I've added tests to support my implementation
> - [ ] I have read and agree with the [Contribution Guidelines](./CONTRIBUTING.md)
> - [ ] I have read and agree with the [Code of Conduct](./CODE_OF_CONDUCT.md)
> - [ ] I've updated the relevant platform README (`platforms/swift/README.md` and/or `platforms/android/README.md`)

---

<details>
<summary>Releasing a new Swift version?</summary>

- [ ] I have bumped the version in `ShopifyCheckoutKit.podspec`
- [ ] I have bumped the version in `platforms/swift/Sources/ShopifyCheckoutKit/ShopifyCheckoutKit.swift`
- [ ] I have updated `platforms/swift/CHANGELOG.md`
- [ ] I have updated the SwiftPM/CocoaPods version snippets in `platforms/swift/README.md` (major version only)

</details>

<details>
<summary>Releasing a new Android version?</summary>

- [ ] I have bumped the `versionName` in `platforms/android/lib/build.gradle`
- [ ] I have updated `platforms/android/CHANGELOG.md`
- [ ] I have updated the Gradle/Maven version snippets in `platforms/android/README.md`

</details>

> [!TIP]
> See the [Contributing documentation](./CONTRIBUTING.md) for the full release process per platform.

Author: kiftio

platforms/android/lib/src/main/java/com/shopify/checkoutkit/CheckoutProtocol.kt

@@ -5,16 +5,17 @@ import android.os.Looper
 import androidx.core.net.toUri
 import com.shopify.checkoutkit.ShopifyCheckoutKit.log
 import kotlinx.serialization.Serializable
+import kotlinx.serialization.SerializationException
 import kotlinx.serialization.json.Json
 import kotlinx.serialization.json.JsonElement
 import kotlinx.serialization.json.JsonNull
 import kotlinx.serialization.json.JsonObject
+import kotlinx.serialization.json.JsonPrimitive
 import kotlinx.serialization.json.buildJsonObject
 import kotlinx.serialization.json.contentOrNull
 import kotlinx.serialization.json.decodeFromJsonElement
 import kotlinx.serialization.json.encodeToJsonElement
 import kotlinx.serialization.json.jsonObject
-import kotlinx.serialization.json.jsonPrimitive
 import kotlinx.serialization.json.put
 import kotlinx.serialization.json.putJsonObject
 import java.util.concurrent.CountDownLatch
@@ -48,10 +49,10 @@ public object CheckoutProtocol {
     public val error: NotificationDescriptor<ErrorResponse> = NotificationDescriptor(
         method = "ec.error",
         decode = { params ->
-            params?.jsonObject?.get("error")?.let {
+            (params as? JsonObject)?.get("error")?.let {
                 try {
                     json.decodeFromJsonElement<ErrorResponse>(it)
-                } catch (e: Exception) {
+                } catch (e: SerializationException) {
                     log.d(BaseWebView.ECP_LOG_TAG, "Failed to decode ec.error params: $e  raw=$it")
                     null
                 }
@@ -65,7 +66,7 @@ public object CheckoutProtocol {
     public val windowOpen: DelegationDescriptor<WindowOpenRequest, WindowOpenResult> = DelegationDescriptor(
         method = "ec.window.open_request",
         decode = { params ->
-            params?.jsonObject?.get("url")?.jsonPrimitive?.contentOrNull
+            ((params as? JsonObject)?.get("url") as? JsonPrimitive)?.contentOrNull
                 ?.takeIf { it.isNotBlank() }
                 ?.let { runCatching { it.toUri() }.getOrNull() }
                 ?.let(::WindowOpenRequest)
@@ -77,10 +78,10 @@ public object CheckoutProtocol {
         NotificationDescriptor(
             method = method,
             decode = { params ->
-                params?.jsonObject?.get("checkout")?.let {
+                (params as? JsonObject)?.get("checkout")?.let {
                     try {
                         json.decodeFromJsonElement<Checkout>(it)
-                    } catch (e: Exception) {
+                    } catch (e: SerializationException) {
                         log.d(BaseWebView.ECP_LOG_TAG, "Failed to decode $method checkout payload: $e  raw=$it")
                         null
                     }
@@ -157,16 +158,19 @@ public object CheckoutProtocol {
         ): Client = Client(handlers, delegations + (descriptor.method to Delegation.Typed(descriptor, handler)))
 
         /** Called by [EmbeddedCheckoutProtocol] for every delegated EC message. */
-        override fun process(message: String): String? {
-            return try {
-                val request = json.decodeFromString<EcpRequest>(message)
-                delegations[request.method]?.let { return it.dispatch(request) }
-                dispatchNotification(request)
-                null
-            } catch (e: Exception) {
-                log.d(LOG_TAG, "Error processing ECP message in typed client: $e")
-                null
+        override fun process(message: String): String? =
+            decodeRequest(message)?.let { request ->
+                delegations[request.method]?.dispatch(request) ?: run {
+                    dispatchNotification(request)
+                    null
+                }
             }
+
+        private fun decodeRequest(message: String): EcpRequest? = try {
+            json.decodeFromString<EcpRequest>(message)
+        } catch (e: SerializationException) {
+            log.d(LOG_TAG, "Error processing ECP message in typed client: $e")
+            null
         }
 
         /**
@@ -206,7 +210,9 @@ public object CheckoutProtocol {
             private val handler: (P) -> R,
         ) : Delegation() {
             override fun dispatch(request: EcpRequest): String {
-                val payload = runCatching { descriptor.decode(request.params) }.getOrElse { e ->
+                val payload = try {
+                    descriptor.decode(request.params)
+                } catch (e: SerializationException) {
                     log.d(LOG_TAG, "Decode failed for ${request.method}: $e")
                     null
                 } ?: return jsonRpcError(

platforms/android/lib/src/main/java/com/shopify/checkoutkit/EmbeddedCheckoutProtocol.kt

@@ -4,15 +4,15 @@ import android.content.Context
 import android.webkit.JavascriptInterface
 import com.shopify.checkoutkit.ShopifyCheckoutKit.log
 import kotlinx.serialization.Serializable
+import kotlinx.serialization.SerializationException
 import kotlinx.serialization.json.Json
+import kotlinx.serialization.json.JsonArray
 import kotlinx.serialization.json.JsonElement
 import kotlinx.serialization.json.JsonObject
+import kotlinx.serialization.json.JsonPrimitive
 import kotlinx.serialization.json.add
 import kotlinx.serialization.json.buildJsonObject
 import kotlinx.serialization.json.contentOrNull
-import kotlinx.serialization.json.jsonArray
-import kotlinx.serialization.json.jsonObject
-import kotlinx.serialization.json.jsonPrimitive
 import kotlinx.serialization.json.put
 import kotlinx.serialization.json.putJsonArray
 import kotlinx.serialization.json.putJsonObject
@@ -53,16 +53,14 @@ internal class EmbeddedCheckoutProtocol(
                 request.method == METHOD_COMPLETE -> handleComplete(message)
                 else -> handleClientMessage(request.method, message)
             }
-        } catch (e: Exception) {
+        } catch (e: SerializationException) {
             log.d(LOG_TAG, "Failed to decode ECP message: $e  raw=$message")
             sendError(null, CODE_PARSE_ERROR, "Parse error")
         }
     }
 
     private fun handleReady(request: EcpRequest) {
-        val checkoutAcceptedDelegations = request.params?.jsonObject?.get("delegate")?.jsonArray
-            ?.mapNotNull { it.jsonPrimitive.contentOrNull }
-            ?: emptyList()
+        val checkoutAcceptedDelegations = checkoutAcceptedDelegations(request.params)
         val negotiatedDelegations = checkoutAcceptedDelegations.filter { it in KIT_SUPPORTED_DELEGATIONS }
         log.d(
             LOG_TAG,
@@ -74,6 +72,20 @@ internal class EmbeddedCheckoutProtocol(
         sendResult(request.id, ucpReadyResult(negotiatedDelegations))
     }
 
+    private fun checkoutAcceptedDelegations(params: JsonElement?): List<String> = when (params) {
+        null -> emptyList()
+        !is JsonObject -> throw SerializationException("$METHOD_READY params must be an object")
+        else -> params["delegate"]?.let(::delegationStrings) ?: emptyList()
+    }
+
+    private fun delegationStrings(delegate: JsonElement): List<String> {
+        val delegateArray = delegate as? JsonArray ?: throw SerializationException("$METHOD_READY delegate must be an array")
+        return delegateArray.mapNotNull(::delegationStringOrNull)
+    }
+
+    private fun delegationStringOrNull(delegate: JsonElement): String? =
+        (delegate as? JsonPrimitive)?.contentOrNull
+
     private fun ucpReadyResult(negotiatedDelegations: List<String>): String =
         decoder.encodeToString(
             JsonObject.serializer(),

platforms/android/lib/src/main/java/com/shopify/checkoutkit/ExternalUriLauncher.kt

@@ -26,7 +26,7 @@ internal object ExternalUriLauncher {
             Result.Launched
         } catch (e: ActivityNotFoundException) {
             Result.Rejected(reason = e.message ?: "No activity resolves $uri")
-        } catch (e: Exception) {
+        } catch (e: SecurityException) {
             Result.Rejected(reason = e.message)
         }
     }

platforms/android/lib/src/test/java/com/shopify/checkoutkit/EmbeddedCheckoutProtocolTest.kt

@@ -103,6 +103,18 @@ class EmbeddedCheckoutProtocolTest {
         assertThat(js).doesNotContain("payment.credential")
     }
 
+    @Test
+    fun `ec ready ignores null and non-string delegate values`() {
+        val js = captureEvaluatedJs {
+            ecp.postMessage(
+                """{"jsonrpc":"2.0","method":"ec.ready","id":"r2","params":{"delegate":["window.open",null,{}]}}"""
+            )
+        }
+        assertThat(js).contains("\"delegate\":[\"window.open\"]")
+        assertThat(js).contains("\"status\":\"success\"")
+        assertThat(js).doesNotContain("\"error\"")
+    }
+
     @Test
     fun `ec ready omits delegate field when no supported delegations requested`() {
         val js = captureEvaluatedJs {
@@ -449,6 +461,24 @@ class EmbeddedCheckoutProtocolTest {
         assertThat(js).contains("-32700")
     }
 
+    @Test
+    fun `ec ready with non-object params sends parse error`() {
+        val js = captureEvaluatedJs {
+            ecp.postMessage("""{"jsonrpc":"2.0","method":"ec.ready","id":"13","params":[]}""")
+        }
+        assertThat(js).contains("\"error\"")
+        assertThat(js).contains("-32700")
+    }
+
+    @Test
+    fun `ec ready with non-array delegate sends parse error`() {
+        val js = captureEvaluatedJs {
+            ecp.postMessage("""{"jsonrpc":"2.0","method":"ec.ready","id":"14","params":{"delegate":{}}}""")
+        }
+        assertThat(js).contains("\"error\"")
+        assertThat(js).contains("-32700")
+    }
+
     // endregion
 
     // region helpers

platforms/android/lib/src/test/java/com/shopify/checkoutkit/ExternalUriLauncherTest.kt

@@ -0,0 +1,49 @@
+/*
+ * MIT License
+ *
+ * Copyright 2023-present, Shopify Inc.
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+package com.shopify.checkoutkit
+
+import android.content.Context
+import android.content.Intent
+import android.net.Uri
+import org.assertj.core.api.Assertions.assertThat
+import org.junit.Test
+import org.junit.runner.RunWith
+import org.mockito.kotlin.any
+import org.mockito.kotlin.doThrow
+import org.mockito.kotlin.mock
+import org.mockito.kotlin.whenever
+import org.robolectric.RobolectricTestRunner
+
+@RunWith(RobolectricTestRunner::class)
+class ExternalUriLauncherTest {
+
+    @Test
+    fun `launch rejects when startActivity throws security exception`() {
+        val context = mock<Context>()
+        doThrow(SecurityException("blocked")).whenever(context).startActivity(any<Intent>())
+
+        val result = ExternalUriLauncher.launch(context, Uri.parse("https://example.com"))
+
+        assertThat(result).isEqualTo(ExternalUriLauncher.Result.Rejected(reason = "blocked"))
+    }
+}