Force validation or rotation of FIDs (#5812)

Force validation or rotation of FIDs. This also cleans up the tests a
bit more, and isolated Crashlytics integration tests from Sessions
tests.

Author: mrober

firebase-crashlytics/CHANGELOG.md

@@ -35,13 +35,14 @@ import org.junit.runner.RunWith
 class CrashlyticsTests {
   @Before
   fun setUp() {
+    @Suppress("DEPRECATION")
     Firebase.initialize(
       ApplicationProvider.getApplicationContext(),
       FirebaseOptions.Builder()
         .setApplicationId(APP_ID)
         .setApiKey(API_KEY)
         .setProjectId(PROJECT_ID)
-        .build()
+        .build(),
     )
   }
 
@@ -57,7 +58,7 @@ class CrashlyticsTests {
 
   @Test
   fun libraryRegistrationAtRuntime() {
-    val publisher = Firebase.app.get(UserAgentPublisher::class.java)
+    Firebase.app.get(UserAgentPublisher::class.java)
   }
 
   companion object {

firebase-crashlytics/ktx/src/androidTest/kotlin/com/google/firebase/crashlytics/ktx/CrashlyticsTests.kt

@@ -1,10 +1,10 @@
-<manifest xmlns:android="http://schemas.android.com/apk/res/android">
-
-    <application>
-
-        <meta-data android:name="io.fabric.ApiKey"
-                   android:value="a000000000000000000000000000000000000000"/>
-
-    </application>
-
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+  xmlns:tools="http://schemas.android.com/tools">
+
+  <application>
+    <service
+      android:enabled="false"
+      android:name="com.google.firebase.sessions.SessionLifecycleService"
+      tools:replace="android:enabled" />
+  </application>
 </manifest>

firebase-crashlytics/src/androidTest/AndroidManifest.xml

@@ -40,7 +40,7 @@ class CrashlyticsTests {
         .setApplicationId(APP_ID)
         .setApiKey(API_KEY)
         .setProjectId(PROJECT_ID)
-        .build()
+        .build(),
     )
   }
 
@@ -56,7 +56,7 @@ class CrashlyticsTests {
 
   @Test
   fun libraryRegistrationAtRuntime() {
-    val publisher = Firebase.app.get(UserAgentPublisher::class.java)
+    Firebase.app.get(UserAgentPublisher::class.java)
   }
 
   companion object {

firebase-crashlytics/src/androidTest/java/com/google/firebase/crashlytics/CrashlyticsTests.kt

@@ -497,7 +497,7 @@ public void onReportSend_successfulReportsAreDeleted() {
     when(reportSender.enqueueReport(mockReport1, false)).thenReturn(successfulTask);
     when(reportSender.enqueueReport(mockReport2, false)).thenReturn(failedTask);
 
-    when(idManager.fetchTrueFid()).thenReturn("fid");
+    when(idManager.fetchTrueFid()).thenReturn(new FirebaseInstallationId("fid", "authToken"));
     reportingCoordinator.sendReports(Runnable::run);
 
     verify(reportSender).enqueueReport(mockReport1, false);
@@ -548,6 +548,7 @@ private static CrashlyticsReport mockReport(String sessionId) {
     when(mockSession.getIdentifier()).thenReturn(sessionId);
     when(mockReport.getSession()).thenReturn(mockSession);
     when(mockReport.withFirebaseInstallationId(anyString())).thenReturn(mockReport);
+    when(mockReport.withFirebaseAuthenticationToken(anyString())).thenReturn(mockReport);
     return mockReport;
   }
 

firebase-crashlytics/src/androidTest/java/com/google/firebase/crashlytics/internal/common/SessionReportingCoordinatorTest.java

@@ -837,6 +837,8 @@ private static CrashlyticsReport.Builder makeIncompleteReport() {
         .setGmpAppId("gmpAppId")
         .setPlatform(1)
         .setInstallationUuid("installationId")
+        .setFirebaseInstallationId("firebaseInstallationId")
+        .setFirebaseAuthenticationToken("firebaseAuthenticationToken")
         .setBuildVersion("1")
         .setDisplayVersion("1.0.0");
   }

firebase-crashlytics/src/androidTest/java/com/google/firebase/crashlytics/internal/persistence/CrashlyticsReportPersistenceTest.java

@@ -35,13 +35,14 @@ import org.junit.runner.RunWith
 class CrashlyticsTests {
   @Before
   fun setUp() {
+    @Suppress("DEPRECATION")
     Firebase.initialize(
       ApplicationProvider.getApplicationContext(),
       FirebaseOptions.Builder()
         .setApplicationId(APP_ID)
         .setApiKey(API_KEY)
         .setProjectId(PROJECT_ID)
-        .build()
+        .build(),
     )
   }
 
@@ -57,7 +58,7 @@ class CrashlyticsTests {
 
   @Test
   fun libraryRegistrationAtRuntime() {
-    val publisher = Firebase.app.get(UserAgentPublisher::class.java)
+    Firebase.app.get(UserAgentPublisher::class.java)
   }
 
   companion object {

firebase-crashlytics/src/androidTest/java/com/google/firebase/crashlytics/ktx/CrashlyticsTests.kt

@@ -172,6 +172,7 @@ private CrashlyticsReport.Builder buildReportData() {
         .setGmpAppId(appData.googleAppId)
         .setInstallationUuid(idManager.getInstallIds().getCrashlyticsInstallId())
         .setFirebaseInstallationId(idManager.getInstallIds().getFirebaseInstallationId())
+        .setFirebaseAuthenticationToken(idManager.getInstallIds().getFirebaseAuthenticationToken())
         .setBuildVersion(appData.versionCode)
         .setDisplayVersion(appData.versionName)
         .setPlatform(REPORT_ANDROID_PLATFORM);

firebase-crashlytics/src/main/java/com/google/firebase/crashlytics/internal/common/CrashlyticsReportDataCapture.java

@@ -0,0 +1,24 @@
+/*
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.google.firebase.crashlytics.internal.common
+
+/**
+ * Simple data class to contain the true Firebase installation id and Firebase authentication token.
+ *
+ * <p>This is not the Crashlytics installation id.
+ */
+data class FirebaseInstallationId(val fid: String?, val authToken: String?)

firebase-crashlytics/src/main/java/com/google/firebase/crashlytics/internal/common/FirebaseInstallationId.kt

@@ -14,16 +14,16 @@
 
 package com.google.firebase.crashlytics.internal.common;
 
+import static com.google.firebase.crashlytics.internal.common.Utils.awaitEvenIfOnMainThread;
+
 import android.content.Context;
 import android.content.SharedPreferences;
 import android.os.Build;
 import androidx.annotation.NonNull;
-import androidx.annotation.Nullable;
-import androidx.annotation.VisibleForTesting;
-import com.google.android.gms.tasks.Task;
 import com.google.firebase.crashlytics.internal.Logger;
 import com.google.firebase.installations.FirebaseInstallationsApi;
 import java.util.Locale;
+import java.util.Objects;
 import java.util.UUID;
 import java.util.regex.Pattern;
 
@@ -48,7 +48,7 @@ public class IdManager implements InstallIdProvider {
   private final String appIdentifier;
 
   // The FirebaseInstallationsApi encapsulates a Firebase-wide install id
-  private final FirebaseInstallationsApi firebaseInstallationsApi;
+  private final FirebaseInstallationsApi firebaseInstallations;
 
   private final DataCollectionArbiter dataCollectionArbiter;
 
@@ -65,7 +65,7 @@ public class IdManager implements InstallIdProvider {
   public IdManager(
       Context appContext,
       String appIdentifier,
-      FirebaseInstallationsApi firebaseInstallationsApi,
+      FirebaseInstallationsApi firebaseInstallations,
       DataCollectionArbiter dataCollectionArbiter) {
     if (appContext == null) {
       throw new IllegalArgumentException("appContext must not be null");
@@ -75,18 +75,16 @@ public IdManager(
     }
     this.appContext = appContext;
     this.appIdentifier = appIdentifier;
-    this.firebaseInstallationsApi = firebaseInstallationsApi;
+    this.firebaseInstallations = firebaseInstallations;
     this.dataCollectionArbiter = dataCollectionArbiter;
 
     installerPackageNameProvider = new InstallerPackageNameProvider();
   }
 
-  /**
-   * Apply consistent formatting and stripping of special characters. Null input is allowed, will
-   * return null.
-   */
-  private static String formatId(String id) {
-    return (id == null) ? null : ID_PATTERN.matcher(id).replaceAll("").toLowerCase(Locale.US);
+  /** Apply consistent formatting and stripping of special characters. */
+  @NonNull
+  private static String formatId(@NonNull String id) {
+    return ID_PATTERN.matcher(id).replaceAll("").toLowerCase(Locale.US);
   }
 
   /**
@@ -115,21 +113,23 @@ public synchronized InstallIds getInstallIds() {
     // We only look at the FID if Crashlytics data collection is enabled, since querying it can
     // result in a network call that registers the FID with Firebase.
     if (dataCollectionArbiter.isAutomaticDataCollectionEnabled()) {
-      String trueFid = fetchTrueFid();
+      FirebaseInstallationId trueFid = fetchTrueFid();
       Logger.getLogger().v("Fetched Firebase Installation ID: " + trueFid);
 
-      if (trueFid == null) {
+      if (trueFid.getFid() == null) {
         // This shouldn't happen often. We will assume the cached FID is valid, if it exists.
         // Otherwise, the safest thing to do is to create a synthetic ID instead
-        trueFid = (cachedFid == null ? createSyntheticFid() : cachedFid);
+        trueFid =
+            new FirebaseInstallationId(cachedFid == null ? createSyntheticFid() : cachedFid, null);
       }
 
-      if (trueFid.equals(cachedFid)) {
+      if (Objects.equals(trueFid.getFid(), cachedFid)) {
         // the current FID is the same as the cached FID, so we keep the cached Crashlytics ID
         installIds = InstallIds.create(readCachedCrashlyticsInstallId(prefs), trueFid);
       } else {
         // the current FID has changed, so we generate a new Crashlytics ID
-        installIds = InstallIds.create(createAndCacheCrashlyticsInstallId(trueFid, prefs), trueFid);
+        installIds =
+            InstallIds.create(createAndCacheCrashlyticsInstallId(trueFid.getFid(), prefs), trueFid);
       }
     } else { // data collection is NOT enabled; we can't use the FID
       if (isSyntheticFid(cachedFid)) {
@@ -171,19 +171,29 @@ private String readCachedCrashlyticsInstallId(SharedPreferences prefs) {
     return prefs.getString(PREFKEY_INSTALLATION_UUID, null);
   }
 
-  /** Makes a blocking call to query FID. If the call fails, logs a warning and returns null. */
-  @Nullable
-  @VisibleForTesting(otherwise = VisibleForTesting.PACKAGE_PRIVATE)
-  public String fetchTrueFid() {
-    Task<String> currentFidTask = firebaseInstallationsApi.getId();
-    String currentFid = null;
+  /**
+   * Makes a blocking call to query the Firebase installation id and Firebase authentication token.
+   *
+   * <p>If either call fails for any reason, logs a warning and sets a null value for that field.
+   */
+  @NonNull
+  public FirebaseInstallationId fetchTrueFid() {
+    String fid = null;
+    String authToken = null;
 
+    // Fetch the auth token first, so the fid will be validated.
     try {
-      currentFid = Utils.awaitEvenIfOnMainThread(currentFidTask);
-    } catch (Exception e) {
-      Logger.getLogger().w("Failed to retrieve Firebase Installation ID.", e);
+      authToken = awaitEvenIfOnMainThread(firebaseInstallations.getToken(false)).getToken();
+    } catch (Exception ex) {
+      Logger.getLogger().w("Error getting Firebase authentication token.", ex);
     }
-    return currentFid;
+    try {
+      fid = awaitEvenIfOnMainThread(firebaseInstallations.getId());
+    } catch (Exception ex) {
+      Logger.getLogger().w("Error getting Firebase installation id.", ex);
+    }
+
+    return new FirebaseInstallationId(fid, authToken);
   }
 
   @NonNull