Closed melissaahn closed 10 months ago
Does proguard work for lite apps?
Can you create a separate section in the PR description for size increase, containing the details on
So that we can include the information in release notes as well. Thanks
Does proguard work for lite apps?
Most likely not, based on testing with generating our release test apps and one broker app with just the dependency added (no proguard rules to keep things, and no logic that used the dependency). But I also confirmed with passkey folks that it is expected for 1P lite apps to take in the passkey feature anyway, since passkeys are going to be pushed as a password alternative for both Entra and MSA.
Can you create a separate section in the PR description for size increase, containing the details on
- how much the size is going to increase,
- why we must take this size increase change (add brief detail and importance of the feature it is used for),
- is it possible to avoid the size increase for our consumers.
So that we can include the information in release notes as well. Thanks
Updated the description with a more detailed sections pertaining to the size increase and reasoning.
Summary
This PR adds the logic for CredManFidoManager, which makes use of a new dependency Credential Manager in order to get an assertion response from Google password manager and other passkey providers (such as Authenticator). It also enables the existing passkey logic that has been added over the past few months.
This is considered a major change due to Credential Manager enforcing a min Compile sdk level of 34, which is transitive to us and all of our consumers. This API is also contributing to a larger size increase, and the max dep size check limit has been updated accordingly (more information in the size increase section below). I have been in communication with broker apps, OneAuth, and 1P apps regarding these changes. This PR also contains some smaller updates to accommodate some observed bugs that need to be investigated further with the server side. Future PRs will (hopefully) include UI automated tests to test Credential Manager, but until then, I will conduct manual testing for the e2e passkey feature.
Size Increase
The Android Credential Manager API is going to contribute to a noticeable size increase in our libraries and consumers. After some initial generation of test apps and one of the broker apps with the dependency and associated passkey logic, the current estimated size increase in release apps will be around 300 - 550 KB.
The reason why we're including this new dependency is because it will provide passkey support to our 1P native apps currently using MSAL, OneAuth-MSAL, or relying on broker support. CredMan handles the interactions with the device authenticator as well as allows us to interact with 3P passkey providers (such as Microsoft Authenticator, in the near future). Upon GA, passkeys will widely be pushed as an alternative auth method to passwords, for both Entra ID and MSA users, across nearly all platforms.
We do not currently have suggestions to avoid this size increase for our consumers; release test builds with just the inclusion of the dependency itself (no logic utilizing it, and no proguard rules) resulted in a size increase very near to the range mentioned earlier. But more suggestions/ideas are certainly welcome.