@W-21933885: [MSDK Android] App Attestation Implementation (Add Dependency Injection To OAuth2 And IDPAuthCodeHelper For Testing)

- Add dependency injection for SalesforceSDKManager to OAuth2.getAuthorizationUrl() and getBrandedLoginPath()
- Create backward-compatible overloads that default to SalesforceSDKManager.getInstance()
- Update IDPAuthCodeHelper.getAuthorizationPathForSP() to accept and pass injected SDKManager
- Fix IDPAuthCodeHelperTest to properly mock the 11-parameter OAuth2.getAuthorizationUrl() method signature
- Add OAuth2.TIMESTAMP_FORMAT access before mockkStatic() to force class initialization
- Update OAuth2Test to test new overloaded methods with SalesforceSDKManager parameter

All IDPAuthCodeHelperTest tests now pass (10/10, 100% success rate).

Author: JohnsonEricAtSalesforce

libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/OAuth2.java

@@ -289,7 +289,8 @@ public static URI getAuthorizationUrl(
                 null,
                 displayType,
                 codeChallenge,
-                addlParams
+                addlParams,
+                SalesforceSDKManager.getInstance()
         );
     }
 
@@ -326,12 +327,63 @@ public static URI getAuthorizationUrl(
             String displayType,
             String codeChallenge,
             Map<String, String> addlParams) {
+        return getAuthorizationUrl(
+                useWebServerAuthentication,
+                useHybridAuthentication,
+                loginServer,
+                clientId,
+                callbackUrl,
+                scopes,
+                loginHint,
+                displayType,
+                codeChallenge,
+                addlParams,
+                SalesforceSDKManager.getInstance()
+        );
+    }
+
+    /**
+     * Builds the URL to the authorization web page for this login server.
+     * You need not provide the 'refresh_token' scope, as it is provided automatically.
+     *
+     * @param useWebServerAuthentication True to use web server flow, False to use user agent flow
+     * @param useHybridAuthentication    True to use "hybrid" flow
+     * @param loginServer                Base protocol and server to use (e.g. https://login.salesforce.com).
+     * @param clientId                   OAuth client ID.
+     * @param callbackUrl                OAuth callback URL or redirect URL.
+     * @param scopes                     A list of OAuth scopes to request (e.g. {"visualforce", "api"}). If null,
+     *                                   the default OAuth scope is provided.
+     * @param loginHint                  When applicable, the Salesforce Welcome Login hint
+     * @param displayType                OAuth display type. If null, the default of 'touch' is used.
+     * @param codeChallenge              Code challenge to use when using web server flow
+     * @param addlParams                 Any additional parameters that may be
+     *                                   added to the request. When using
+     *                                   Salesforce Mobile App Attestation, the
+     *                                   "attestation" parameter should be added
+     *                                   to this map.
+     * @param sdkManager                 The SalesforceSDKManager instance to use. This parameter is
+     *                                   intended for testing purposes only.
+     * @return A URL to start the OAuth flow in a web browser/view.
+     * @see <a href="https://help.salesforce.com/apex/HTViewHelpDoc?language=en&id=remoteaccess_oauth_scopes.htm">RemoteAccess OAuth Scopes</a>
+     */
+    public static URI getAuthorizationUrl(
+            boolean useWebServerAuthentication,
+            boolean useHybridAuthentication,
+            URI loginServer,
+            String clientId,
+            String callbackUrl,
+            String[] scopes,
+            String loginHint,
+            String displayType,
+            String codeChallenge,
+            Map<String, String> addlParams,
+            SalesforceSDKManager sdkManager) {
         final StringBuilder sb = new StringBuilder(loginServer.toString());
 
         final String responseType = useWebServerAuthentication
                 ? CODE
                 : useHybridAuthentication ? HYBRID_TOKEN : TOKEN;
-        sb.append(OAUTH_AUTH_PATH).append(getBrandedLoginPath());
+        sb.append(OAUTH_AUTH_PATH).append(getBrandedLoginPath(sdkManager));
         sb.append(OAUTH_DISPLAY_PARAM).append(displayType == null ? TOUCH : displayType);
         sb.append(AND).append(RESPONSE_TYPE).append(EQUAL).append(responseType);
         sb.append(AND).append(CLIENT_ID).append(EQUAL).append(Uri.encode(clientId));
@@ -342,7 +394,7 @@ public static URI getAuthorizationUrl(
             sb.append(AND).append(LOGIN_HINT).append(EQUAL).append(Uri.encode(loginHint));
         }
         sb.append(AND).append(REDIRECT_URI).append(EQUAL).append(callbackUrl);
-        sb.append(AND).append(DEVICE_ID).append(EQUAL).append(SalesforceSDKManager.getInstance().getDeviceId());
+        sb.append(AND).append(DEVICE_ID).append(EQUAL).append(sdkManager.getDeviceId());
         if (useWebServerAuthentication) {
             sb.append(AND).append(CODE_CHALLENGE).append(EQUAL).append(Uri.encode(codeChallenge));
         }
@@ -355,8 +407,8 @@ public static URI getAuthorizationUrl(
         return URI.create(sb.toString());
     }
 
-    private static String getBrandedLoginPath() {
-        String brandedLoginPath = SalesforceSDKManager.getInstance().getLoginBrand();
+    private static String getBrandedLoginPath(SalesforceSDKManager sdkManager) {
+        String brandedLoginPath = sdkManager.getLoginBrand();
         if (brandedLoginPath == null || brandedLoginPath.trim().isEmpty()) {
             brandedLoginPath = EMPTY_STRING;
         } else {

libs/SalesforceSDK/src/com/salesforce/androidsdk/auth/idp/IDPAuthCodeHelper.kt

@@ -105,13 +105,18 @@ internal class IDPAuthCodeHelper @VisibleForTesting internal constructor(
 
     /**
      * Compute relative path of authorization url for SP
+     * @param salesforceSDKManager The Salesforce SDK manager instance. This
+     * parameter is intended for testing purposes only. Defaults to the
+     * singleton instance for production use
      * @return authorization relative path
      */
     @VisibleForTesting
-    internal suspend fun getAuthorizationPathForSP(): String? {
+    internal suspend fun getAuthorizationPathForSP(
+        salesforceSDKManager: SalesforceSDKManager = SalesforceSDKManager.getInstance()
+    ): String? {
         SalesforceSDKLogger.d(TAG, "Getting authorization url")
-        val context = SalesforceSDKManager.getInstance().appContext
-        val useHybridAuthentication = SalesforceSDKManager.getInstance().useHybridAuthentication
+        val context = salesforceSDKManager.appContext
+        val useHybridAuthentication = salesforceSDKManager.useHybridAuthentication
 
         // Add Salesforce Mobile App Attestation parameter to authorization URL if applicable.
         val additionalParams = appAttestationClient?.run {
@@ -127,9 +132,11 @@ internal class IDPAuthCodeHelper @VisibleForTesting internal constructor(
             spConfig.oauthClientId,
             spConfig.oauthCallbackUrl,
             spConfig.oauthScopes,
+            null, // Login Hint
             context.getString(R.string.oauth_display_type),
             codeChallenge,
-            additionalParams
+            additionalParams,
+            salesforceSDKManager
         )
 
         return authorizationUri?.let {