Add deviceAuthToken to subscription requests

Author: jinliu9508

Examples/OneSignalDemo/app/src/main/java/com/onesignal/sdktest/application/MainApplication.java

@@ -145,7 +145,7 @@ public void onUserStateChange(@NonNull UserChangedState state) {
             @Override
             public void onUserJwtInvalidated(@NonNull UserJwtInvalidatedEvent event) {
                 // !!! For manual testing only
-                String jwt = "SecondJWT";
+                String jwt = "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiIwMTM5YmQ2Zi00NTFmLTQzOGMtODg4Ni00ZTBmMGZlM2EwODUiLCJleHAiOjE3MjczNjkyMjIsImlkZW50aXR5Ijp7ImV4dGVybmFsX2lkIjoiamluIn0sInN1YnNjcmlwdGlvbnMiOlt7InR5cGUiOiJFbWFpbCIsInRva2VuIjoidGVzdEBkb21haW4uY29tIn0seyJ0eXBlIjoiU01TIiwidG9rZW4iOiIrMTIzNDU2NzgifSx7InR5cGUiOiJBbmRyb2lkUHVzaCIsImlkIjoiMTIzZTQ1NjctZTg5Yi0xMmQzLWE0NTYtNDI2NjE0MTc0MDAwIn1dfQ.6XF7wRF4lLOvKr5Gd3MHv9j7U151hcBjmqSyk6nI6JVYUgt6q0YRp2j1aSJcg8VmaejzP1DouN1DpWUT_JTRXA";
                 OneSignal.updateUserJwt(event.getExternalId(), jwt);
                 Log.v(Tag.LOG_TAG, "onUserJwtInvalidated fired with ID:" + event.getExternalId());
             }

OneSignalSDK/onesignal/core/src/main/java/com/onesignal/core/internal/http/impl/HttpClient.kt

@@ -90,7 +90,10 @@ internal class HttpClient(
         // If privacy consent is required but not yet given, any non-GET request should be blocked.
         if (method != null && _configModelStore.model.consentRequired == true && _configModelStore.model.consentGiven != true) {
             Logging.warn(
-                "$method `$url` was called before the user provided privacy consent. Your application is set to require the user's privacy consent before the OneSignal SDK can be initialized. Please ensure the user has provided consent before calling this method. You can check the latest OneSignal consent status by calling OneSignal.privacyConsent",
+                "$method `$url` was called before the user provided privacy consent. " +
+                    "Your application is set to require the user's privacy consent before the OneSignal SDK can be initialized. " +
+                    "Please ensure the user has provided consent before calling this method. You can check the latest OneSignal " +
+                    "consent status by calling OneSignal.privacyConsent",
             )
             return HttpResponse(0, null, null)
         }
@@ -147,8 +150,14 @@ internal class HttpClient(
                     con.readTimeout = timeout
                     con.setRequestProperty("SDK-Version", "onesignal/android/" + OneSignalUtils.SDK_VERSION)
 
-                    if (headers != null && !headers.jwt.isNullOrEmpty()) {
-                        con.setRequestProperty("Authorization", "Bearer ${headers.jwt}")
+                    val jwt = headers?.jwt
+                    if (!jwt.isNullOrEmpty()) {
+                        con.setRequestProperty("Authorization", "Bearer $jwt")
+                    }
+
+                    val deviceAuthPushToken = headers?.deviceAuthPushToken
+                    if (_configModelStore.model.useIdentityVerification && !deviceAuthPushToken.isNullOrEmpty()) {
+                        con.setRequestProperty("Device-Auth-Push-Token", "Basic $deviceAuthPushToken")
                     }
 
                     if (OneSignalWrapper.sdkType != null && OneSignalWrapper.sdkVersion != null) {

OneSignalSDK/onesignal/core/src/main/java/com/onesignal/user/internal/backend/IUserBackendService.kt

@@ -25,6 +25,7 @@ interface IUserBackendService {
         subscriptions: List<SubscriptionObject>,
         properties: Map<String, String>,
         jwt: String? = null,
+        deviceAuthPushToken: String? = null,
     ): CreateUserResponse
     // TODO: Change to send only the push subscription, optimally
 

OneSignalSDK/onesignal/core/src/main/java/com/onesignal/user/internal/backend/impl/IdentityBackendService.kt

@@ -4,6 +4,7 @@ import com.onesignal.common.exceptions.BackendException
 import com.onesignal.common.putMap
 import com.onesignal.common.toMap
 import com.onesignal.core.internal.http.IHttpClient
+import com.onesignal.core.internal.http.impl.OptionalHeaders
 import com.onesignal.user.internal.backend.IIdentityBackendService
 import org.json.JSONObject
 
@@ -21,7 +22,12 @@ internal class IdentityBackendService(
             JSONObject()
                 .put("identity", JSONObject().putMap(identities))
 
-        val response = _httpClient.patch("apps/$appId/users/by/$aliasLabel/$aliasValue/identity", requestJSONObject, jwt)
+        val response =
+            _httpClient.patch(
+                "apps/$appId/users/by/$aliasLabel/$aliasValue/identity",
+                requestJSONObject,
+                OptionalHeaders(jwt = jwt),
+            )
 
         if (!response.isSuccess) {
             throw BackendException(response.statusCode, response.payload, response.retryAfterSeconds)
@@ -39,7 +45,11 @@ internal class IdentityBackendService(
         aliasLabelToDelete: String,
         jwt: String?,
     ) {
-        val response = _httpClient.delete("apps/$appId/users/by/$aliasLabel/$aliasValue/identity/$aliasLabelToDelete", jwt)
+        val response =
+            _httpClient.delete(
+                "apps/$appId/users/by/$aliasLabel/$aliasValue/identity/$aliasLabelToDelete",
+                OptionalHeaders(jwt = jwt),
+            )
 
         if (!response.isSuccess) {
             throw BackendException(response.statusCode, response.payload, response.retryAfterSeconds)

OneSignalSDK/onesignal/core/src/main/java/com/onesignal/user/internal/backend/impl/UserBackendService.kt

@@ -23,6 +23,7 @@ internal class UserBackendService(
         subscriptions: List<SubscriptionObject>,
         properties: Map<String, String>,
         jwt: String?,
+        deviceAuthPushToken: String?,
     ): CreateUserResponse {
         val requestJSON = JSONObject()
 
@@ -41,7 +42,12 @@ internal class UserBackendService(
 
         requestJSON.put("refresh_device_metadata", true)
 
-        val response = _httpClient.post("apps/$appId/users", requestJSON, OptionalHeaders(jwt = jwt))
+        val response =
+            _httpClient.post(
+                "apps/$appId/users",
+                requestJSON,
+                OptionalHeaders(jwt = jwt, deviceAuthPushToken = deviceAuthPushToken),
+            )
 
         if (!response.isSuccess) {
             throw BackendException(response.statusCode, response.payload, response.retryAfterSeconds)
@@ -71,7 +77,7 @@ internal class UserBackendService(
             jsonObject.put("deltas", JSONConverter.convertToJSON(propertyiesDelta))
         }
 
-        val response = _httpClient.patch("apps/$appId/users/by/$aliasLabel/$aliasValue", jsonObject, jwt)
+        val response = _httpClient.patch("apps/$appId/users/by/$aliasLabel/$aliasValue", jsonObject, OptionalHeaders(jwt = jwt))
 
         if (!response.isSuccess) {
             throw BackendException(response.statusCode, response.payload, response.retryAfterSeconds)
@@ -95,7 +101,7 @@ internal class UserBackendService(
         aliasValue: String,
         jwt: String?,
     ): CreateUserResponse {
-        val response = _httpClient.get("apps/$appId/users/by/$aliasLabel/$aliasValue", jwt)
+        val response = _httpClient.get("apps/$appId/users/by/$aliasLabel/$aliasValue", OptionalHeaders(jwt = jwt))
 
         if (!response.isSuccess) {
             throw BackendException(response.statusCode, response.payload, response.retryAfterSeconds)

OneSignalSDK/onesignal/core/src/main/java/com/onesignal/user/internal/operations/impl/executors/LoginUserOperationExecutor.kt

@@ -171,7 +171,18 @@ internal class LoginUserOperationExecutor(
 
         try {
             val subscriptionList = subscriptions.toList()
-            val response = _userBackend.createUser(createUserOperation.appId, identities, subscriptionList.map { it.second }, properties)
+            val pushSubscription = subscriptions.values.find { it.type == SubscriptionObjectType.ANDROID_PUSH }
+            val response =
+                _userBackend.createUser(
+                    createUserOperation.appId,
+                    identities,
+                    subscriptionList.map {
+                        it.second
+                    },
+                    properties,
+                    _identityModelStore.model.jwtToken,
+                    pushSubscription?.token,
+                )
             val idTranslations = mutableMapOf<String, String>()
             // Add the "local-to-backend" ID translation to the IdentifierTranslator for any operations that were
             // *not* executed but still reference the locally-generated IDs.