Update consumer-proguard.pro to fix web views (appmattus#131)

Restores WebView functionality on API 25.

Also added a WebView to the sample app to aid with testing.

Author: mattmook

.github/workflows/main.yml

@@ -48,7 +48,7 @@ jobs:
                 uses: github/codeql-action/upload-sarif@v3
                 with:
                     sarif_file: snyk.sarif
-            -   uses: actions/upload-artifact@v3
+            -   uses: actions/upload-artifact@v4
                 with:
                     name: snyk.sarif
                     path: snyk.sarif
@@ -72,7 +72,7 @@ jobs:
 
             -   name: Upload reports
                 if: failure()
-                uses: actions/upload-artifact@master
+                uses: actions/upload-artifact@v4
                 with:
                     name: test-results
                     path: '**/build/reports/**'

README.md

@@ -3,6 +3,7 @@
 [![CI status](https://github.com/appmattus/certificatetransparency/actions/workflows/main.yml/badge.svg)](https://github.com/appmattus/certificatetransparency/actions)
 [![codecov](https://codecov.io/gh/appmattus/certificatetransparency/branch/main/graph/badge.svg)](https://codecov.io/gh/appmattus/certificatetransparency)
 [![Maven Central](https://img.shields.io/maven-central/v/com.appmattus.certificatetransparency/certificatetransparency)](https://central.sonatype.com/search?q=com.appmattus.certificatetransparency)
+[![Snyk](https://snyk.io/test/github/appmattus/certificatetransparency/badge.svg)](https://security.snyk.io/package/maven/com.appmattus.certificatetransparency%3Acertificatetransparency)
 
 To protect our apps from man-in-the-middle attacks one of the first things that
 usually springs to mind is certificate pinning. However, the issues of
@@ -24,6 +25,9 @@ We are open about the security of our library and provide a threat model in the
 [OWASP Threat Dragon](https://threatdragon.org). If you feel there is something
 we have missed please reach out so we can keep this up to date.
 
+The source code and dependencies are continuously scanned with
+[Snyk](https://snyk.io).
+
 ## Getting started
 
 [![Maven Central](https://img.shields.io/maven-central/v/com.appmattus.certificatetransparency/certificatetransparency)](https://central.sonatype.com/search?q=com.appmattus.certificatetransparency)

certificatetransparency-android/consumer-proguard-rules.pro

@@ -88,8 +88,8 @@
 -keep class com.appmattus.certificatetransparency.chaincleaner.* { *; }
 
 # CertificateTransparencyTrustManager contains methods called through reflection
--keep class com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManager { *; }
-
+-keep class com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManagerBasic { *; }
+-keep class com.appmattus.certificatetransparency.internal.verifier.CertificateTransparencyTrustManagerExtended { *; }
 
 # Specifically for ProGuard (not needed for R8)
 -dontwarn module-info

sampleapp/src/main/AndroidManifest.xml

@@ -7,6 +7,8 @@
     <application
         android:name=".SampleApplication"
         android:allowBackup="false"
+        android:dataExtractionRules="@xml/data_extraction_rules"
+        android:fullBackupContent="false"
         android:icon="@mipmap/ic_launcher"
         android:label="@string/app_name"
         android:networkSecurityConfig="@xml/network_security_config"

sampleapp/src/main/java/com/appmattus/certificatetransparency/sampleapp/ExampleScreen.kt

@@ -1,5 +1,5 @@
 /*
- * Copyright 2021-2023 Appmattus Limited
+ * Copyright 2021-2025 Appmattus Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -216,7 +216,7 @@ private fun LazyListScope.sampleCodeSection(state: State?) {
 }
 
 @Composable
-fun IncludeHostDialog(showIncludeHostDialog: MutableState<Boolean>, onInclude: (String) -> Unit) {
+private fun IncludeHostDialog(showIncludeHostDialog: MutableState<Boolean>, onInclude: (String) -> Unit) {
     if (showIncludeHostDialog.value) {
         val text = remember { mutableStateOf("") }
 
@@ -251,7 +251,7 @@ fun IncludeHostDialog(showIncludeHostDialog: MutableState<Boolean>, onInclude: (
 }
 
 @Composable
-fun ExcludeHostDialog(showExcludeHostDialog: MutableState<Boolean>, onExclude: (String) -> Unit) {
+private fun ExcludeHostDialog(showExcludeHostDialog: MutableState<Boolean>, onExclude: (String) -> Unit) {
     if (showExcludeHostDialog.value) {
         val text = remember { mutableStateOf("") }
 
@@ -286,7 +286,7 @@ fun ExcludeHostDialog(showExcludeHostDialog: MutableState<Boolean>, onExclude: (
 }
 
 @Composable
-fun TestConnectionDialog(showConnectionDialog: MutableState<Boolean>, onConnect: (String) -> Unit) {
+private fun TestConnectionDialog(showConnectionDialog: MutableState<Boolean>, onConnect: (String) -> Unit) {
     if (showConnectionDialog.value) {
         val text = remember { mutableStateOf("") }
 

sampleapp/src/main/java/com/appmattus/certificatetransparency/sampleapp/MainActivity.kt

@@ -1,5 +1,5 @@
 /*
- * Copyright 2021 Appmattus Limited
+ * Copyright 2021-2025 Appmattus Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -29,6 +29,7 @@ import com.appmattus.certificatetransparency.sampleapp.examples.okhttp.OkHttpJav
 import com.appmattus.certificatetransparency.sampleapp.examples.okhttp.OkHttpKotlinExampleViewModel
 import com.appmattus.certificatetransparency.sampleapp.examples.trustmanager.TrustManagerJavaExampleViewModel
 import com.appmattus.certificatetransparency.sampleapp.examples.trustmanager.TrustManagerKotlinExampleViewModel
+import com.appmattus.certificatetransparency.sampleapp.examples.trustmanager.WebViewExampleViewModel
 import com.appmattus.certificatetransparency.sampleapp.examples.volley.VolleyJavaExampleViewModel
 import com.appmattus.certificatetransparency.sampleapp.examples.volley.VolleyKotlinExampleViewModel
 
@@ -66,6 +67,9 @@ class MainActivity : AppCompatActivity() {
                 composable("trustmanager/java") {
                     ExampleScreen(viewModel = viewModel<TrustManagerJavaExampleViewModel>())
                 }
+                composable("webview/kotlin") {
+                    WebViewScreen(viewModel = viewModel<WebViewExampleViewModel>())
+                }
             }
         }
     }

sampleapp/src/main/java/com/appmattus/certificatetransparency/sampleapp/MainScreen.kt

@@ -1,5 +1,5 @@
 /*
- * Copyright 2021-2023 Appmattus Limited
+ * Copyright 2021-2025 Appmattus Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,8 +17,11 @@
 package com.appmattus.certificatetransparency.sampleapp
 
 import android.net.Uri
+import androidx.compose.foundation.layout.WindowInsets
 import androidx.compose.foundation.layout.fillMaxHeight
 import androidx.compose.foundation.layout.padding
+import androidx.compose.foundation.layout.safeContent
+import androidx.compose.foundation.layout.windowInsetsPadding
 import androidx.compose.foundation.lazy.LazyColumn
 import androidx.compose.material.Scaffold
 import androidx.compose.material.rememberScaffoldState
@@ -42,6 +45,7 @@ fun MainScreen(navController: NavController) {
         LazyColumn(
             modifier = Modifier
                 .padding(padding)
+                .windowInsetsPadding(WindowInsets.safeContent)
                 .padding(vertical = 8.dp)
                 .fillMaxHeight()
         ) {
@@ -92,6 +96,16 @@ fun MainScreen(navController: NavController) {
                     modifier = Modifier.padding(horizontal = 16.dp, vertical = 8.dp)
                 )
             }
+            item {
+                ExampleCardItem(
+                    scaffoldState = scaffoldState,
+                    title = stringResource(R.string.webview),
+                    moreInfoUri = null,
+                    onKotlinClick = { navController.navigate("webview/kotlin") },
+                    onJavaClick = null,
+                    modifier = Modifier.padding(horizontal = 16.dp, vertical = 8.dp)
+                )
+            }
 
             item {
                 AppmattusLogo(modifier = Modifier.padding(horizontal = 16.dp, vertical = 8.dp))

sampleapp/src/main/java/com/appmattus/certificatetransparency/sampleapp/WebViewScreen.kt

@@ -0,0 +1,107 @@
+/*
+ * Copyright 2025 Appmattus Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.appmattus.certificatetransparency.sampleapp
+
+import android.view.ViewGroup
+import android.webkit.WebView
+import androidx.compose.foundation.layout.Spacer
+import androidx.compose.foundation.layout.WindowInsets
+import androidx.compose.foundation.layout.fillMaxHeight
+import androidx.compose.foundation.layout.height
+import androidx.compose.foundation.layout.padding
+import androidx.compose.foundation.layout.safeContent
+import androidx.compose.foundation.layout.windowInsetsPadding
+import androidx.compose.foundation.lazy.LazyColumn
+import androidx.compose.material.Scaffold
+import androidx.compose.material.Snackbar
+import androidx.compose.material.SnackbarHost
+import androidx.compose.material.SnackbarResult
+import androidx.compose.material.Text
+import androidx.compose.material.rememberScaffoldState
+import androidx.compose.runtime.Composable
+import androidx.compose.runtime.rememberCoroutineScope
+import androidx.compose.ui.Modifier
+import androidx.compose.ui.res.colorResource
+import androidx.compose.ui.unit.dp
+import androidx.compose.ui.viewinterop.AndroidView
+import com.appmattus.certificatetransparency.sampleapp.examples.State
+import com.appmattus.certificatetransparency.sampleapp.examples.trustmanager.WebViewExampleViewModel
+import com.appmattus.certificatetransparency.sampleapp.item.text.HeaderTextItem
+import kotlinx.coroutines.launch
+import org.orbitmvi.orbit.compose.collectAsState
+
+@Composable
+@Suppress("LongMethod")
+fun WebViewScreen(viewModel: WebViewExampleViewModel) {
+    val state = viewModel.collectAsState().value
+
+    val scaffoldState = rememberScaffoldState()
+    val scope = rememberCoroutineScope()
+
+    state.message?.let {
+        scope.launch {
+            val color = if (it is State.Message.Success) R.color.colorSuccess else R.color.colorFailure
+
+            val result = scaffoldState.snackbarHostState.showSnackbar(it.text, color.toString())
+            if (result == SnackbarResult.Dismissed) {
+                viewModel.dismissMessage()
+            }
+        }
+    }
+
+    Scaffold(
+        scaffoldState = scaffoldState,
+        snackbarHost = { snackbarHostState ->
+            SnackbarHost(snackbarHostState) {
+                Snackbar(backgroundColor = colorResource(it.actionLabel!!.toInt()), modifier = Modifier.padding(8.dp)) {
+                    Text(
+                        it.message
+                    )
+                }
+            }
+        }
+    ) { padding ->
+        LazyColumn(
+            modifier = Modifier
+                .padding(padding)
+                .windowInsetsPadding(WindowInsets.safeContent)
+                .fillMaxHeight()
+        ) {
+            item { Spacer(modifier = Modifier.height(8.dp)) }
+
+            item {
+                HeaderTextItem(
+                    title = viewModel.title,
+                    modifier = Modifier.padding(horizontal = 16.dp, vertical = 8.dp)
+                )
+            }
+
+            item {
+                AndroidView(factory = {
+                    WebView(it).apply {
+                        layoutParams = ViewGroup.LayoutParams(
+                            ViewGroup.LayoutParams.MATCH_PARENT,
+                            ViewGroup.LayoutParams.MATCH_PARENT
+                        )
+                    }
+                }, update = {
+                    it.loadUrl("https://example.com/")
+                })
+            }
+        }
+    }
+}

sampleapp/src/main/java/com/appmattus/certificatetransparency/sampleapp/examples/trustmanager/WebViewExampleViewModel.kt

@@ -0,0 +1,82 @@
+/*
+ * Copyright 2025 Appmattus Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.appmattus.certificatetransparency.sampleapp.examples.trustmanager
+
+import android.app.Application
+import android.util.Log
+import androidx.lifecycle.AndroidViewModel
+import androidx.lifecycle.viewModelScope
+import com.appmattus.certificatetransparency.CTLogger
+import com.appmattus.certificatetransparency.VerificationResult
+import com.appmattus.certificatetransparency.cache.AndroidDiskCache
+import com.appmattus.certificatetransparency.installCertificateTransparencyProvider
+import com.appmattus.certificatetransparency.removeCertificateTransparencyProvider
+import com.appmattus.certificatetransparency.sampleapp.R
+import com.appmattus.certificatetransparency.sampleapp.examples.State
+import org.orbitmvi.orbit.Container
+import org.orbitmvi.orbit.ContainerHost
+import org.orbitmvi.orbit.container
+
+class WebViewExampleViewModel(application: Application) : AndroidViewModel(application), ContainerHost<State, Unit> {
+
+    val title: String
+        get() = getApplication<Application>().getString(R.string.webview_example)
+
+    override val container: Container<State, Unit> = viewModelScope.container(State()) {
+        intent {
+            installCertificateTransparencyProvider {
+                failOnError = true
+                logger = defaultLogger
+                diskCache = AndroidDiskCache(getApplication())
+            }
+        }
+    }
+
+    override fun onCleared() {
+        super.onCleared()
+        removeCertificateTransparencyProvider()
+    }
+
+    fun dismissMessage() = intent {
+        reduce {
+            state.copy(message = null)
+        }
+    }
+
+    fun setFailOnError(failOnError: Boolean) = intent {
+        reduce {
+            state.copy(failOnError = failOnError)
+        }
+    }
+
+    private val defaultLogger = object : CTLogger {
+        override fun log(host: String, result: VerificationResult) {
+            intent {
+                val message = when (result) {
+                    is VerificationResult.Success -> State.Message.Success(result.toString())
+                    is VerificationResult.Failure -> State.Message.Failure(result.toString())
+                }
+
+                Log.d("CT", "$host -> $result")
+
+                reduce {
+                    state.copy(message = message)
+                }
+            }
+        }
+    }
+}