android: prompt for my.yubico.com link association#2190
Open
thomasbuilds wants to merge 1 commit into
Open
Conversation
thomasbuilds
force-pushed
the
android-domain-association-prompt
branch
from
1b1a643 to
daa0a72
Compare
Member
|
Thanks for the contribution, @thomasbuilds! I like the idea a lot. I'm on other tasks right now so review may take a while, but I'll get to it as soon as I can. |
Member
|
Please run |
Author
|
ubuntu apt repos have been down for nearly 1 week so I can't even install the package!! |
thomasbuilds
force-pushed
the
android-domain-association-prompt
branch
from
6930dc5 to
daa0a72
Compare
Member
|
No problem! When I start working with the PR I will make sure the precommit passes. Thanks for trying! |
On Android 16 (API 36), NFC taps on a YubiKey no longer broadcast NDEF_DISCOVERED but launch https://my.yubico.com via ACTION_VIEW. Without an association between the app and that domain, the tap falls through to a browser and the launch action silently does nothing. Use DomainVerificationManager to detect the association state and show a dialog that deep-links to the system 'Open by default' settings page when the domain is not associated. Two entry points: - When the user picks a launch action in NFC tap settings. - At startup, once per app build, when a launch action is already configured. The prompted build is tracked in SharedPreferences so the dialog is not shown on every launch. The status check accounts for the app-level isLinkHandlingAllowed flag in addition to per-host state, so users who disabled 'Open supported links' globally see the prompt even when my.yubico.com is technically verified or selected in hostToStateMap. The prompt is suppressed below API 36: NDEF_DISCOVERED is still delivered on Android 12-15, so the domain association state is irrelevant there. Fixes Yubico#2189
thomasbuilds
force-pushed
the
android-domain-association-prompt
branch
from
daa0a72 to
3278343
Compare
Author
|
I ran the pre-commit |
Author
|
Can you verify that also on regular Android phones the deep link isn't enabled automatically when installing app on playstore? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Attemps to fix #2189
Background
On Android 16 (API 36), NFC taps on a YubiKey no longer fire
NDEF_DISCOVERED. The tag's NDEF record is treated as a regularhttps://my.yubico.com/...URL and dispatched viaACTION_VIEW. The app's manifest already declares anautoVerifyintent filter for that host, but unless my.yubico.com is associated with the app (via Digital Asset Links auto-verification, or the user enabling it under Settings → Apps → Yubico Authenticator → Open by default),ACTION_VIEWfalls through to a browser and the launch-on-tap setting silently does nothing.Android 12–15 are unaffected:
NDEF_DISCOVEREDis still delivered there regardless of domain verification state.Approach
Use
DomainVerificationManager(API 31+) to query whethermy.yubico.comis associated with the app, and show a dialog with a direct link to the system "Open by default" settings page when it isn't.The status check covers both conditions that allow
ACTION_VIEWto be routed to the app:hostToStateMap[my.yubico.com]must beDOMAIN_STATE_VERIFIEDorDOMAIN_STATE_SELECTED.userState.isLinkHandlingAllowedmust be true — if the user disabled "Open supported links" globally for the app,ACTION_VIEWwon't be routed here even when the host is individually verified or selected.If either condition fails the prompt is shown.
Note on "one tap" UX: Android has no public API to programmatically grant per-domain link approval.
Settings.ACTION_APP_OPEN_BY_DEFAULT_SETTINGSis the deepest available deep link — it lands directly on the per-app "Open by default" page where the user can enable "Open supported links" and verifymy.yubico.comin two taps rather than navigating through system settings manually.The prompt is shown at two points:
NfcTapAction.launch/NfcTapAction.launchAndCopy) in NFC settings.SharedPreferences), when a launch action is already configured. Users are reminded after install/update but not on every launch.Changes
Kotlin / Android
DomainVerificationHelper— guards on API 36, checksisLinkHandlingAllowedbeforehostToStateMap, swallows runtime exceptions to behave gracefully on quirky OEM builds.MainActivity.AppMethodChannelexposesgetDomainVerificationStatusandopenDomainVerificationSettingson the existingapp.methodschannel.Dart / Flutter
DomainVerificationStatusenum + channel bindings.promptDomainAssociation()(settings change) andmaybePromptDomainAssociationOnStartup()(startup). Uses the sharedBasicDialogwidget.launchorlaunchAndCopy.Localization
s_link_my_yubicoandp_link_my_yubico_desc. Reuses existings_open_settings. check_strings.py passes.Compatibility
minSdk = 24,compileSdk = 37. The prompt is entirely suppressed below API 36 (STATUS_UNSUPPORTED).DomainVerificationManagercalls are guarded on API 31 as required by the SDK, but the outer API-36 gate makes them unreachable on older releases.NDEF_DISCOVEREDintent filter andAliasNdefActivityare unchanged — Android ≤15 behavior is unaffected.