Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include proguard consumer directives for R8 compatibility #72

Open
5 tasks done
spacemase opened this issue Aug 8, 2023 · 7 comments
Open
5 tasks done

Include proguard consumer directives for R8 compatibility #72

spacemase opened this issue Aug 8, 2023 · 7 comments
Labels
feature request A feature has been asked for or suggested by the community

Comments

@spacemase
Copy link

spacemase commented Aug 8, 2023
edited
Loading

Checklist

  • I have looked into the Readme and Examples, and have not found a suitable solution or answer.
  • I have looked into the API documentation and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

Developers using R8 have encountered minification issues with the use of GSON in JWTDecode.Android - #49

Describe the ideal solution

JWTDecode.Android can include proguard directives in a consumer configuration file, which will advertise the issue and solve it for most consumers of the library.

In a new consumer proguard config, include the GSON proguard rules for R8 compiled projects.

https://github.com/google/gson/blob/f72824e2e4d0b719331a040a945876145b7c5acc/examples/android-proguard-example/proguard.cfg#L28

Alternatives and current workarounds

Current workaround is for the consuming project to include the proguard directives for R8 compilers themselves, but that is only likely to happen after they discover the issue, research and locate the solution.

Additional context

Users will discover the issue via a crash report in their minified release builds similar to this:

--------- beginning of crash

2023-08-07 13:47:36.054 16347-17602/? E/AndroidRuntime: FATAL EXCEPTION: OkHttp Dispatcher
Process: foo_bar, PID: 16347
java.lang.RuntimeException: Missing type parameter.
at com.google.gson.reflect.TypeToken.(SourceFile:10)
at u6.c.(Unknown Source:0)
at com.auth0.android.jwt.JWT.(SourceFile:6)
at v6.i.c(SourceFile:3)
at v6.i$b.onSuccess(SourceFile:2)
at v6.o$a.onSuccess(SourceFile:2)
at w6.g.onResponse(SourceFile:7)
at com.squareup.okhttp.Call$b.execute(SourceFile:6)
at com.squareup.okhttp.internal.NamedRunnable.run(SourceFile:3)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
at java.lang.Thread.run(Thread.java:764)
@spacemase spacemase added the feature request A feature has been asked for or suggested by the community label Aug 8, 2023
@spacemase
Copy link
Author

I have a PR ready but lack permissions. :)

@poovamraj
Copy link
Contributor

@spacemase thanks for raising this. Can you explain what issue you face with respect to permissions? You should be able to work on a fork and create a PR. We can check it out and approve to run it.

@bilalhaidercc
Copy link

I'm also having issues with this, do we have an ETA when this will be merged into a release?

@poovamraj
Copy link
Contributor

@bilalhaidercc @spacemase seems to have a solution and it would be great to checkout his solution.

@poovamraj
Copy link
Contributor

@spacemase will you be creating the PR?

@bb441db
Copy link

bb441db commented Nov 13, 2023

For now the following works for me (Put the following in proguard-rules.pro, make sure to also put in consumer-rules.pro if you are in a multi-module setup)

# jwt decode
-keep class com.auth0.android.jwt.JWTPayload {
    <fields>;
}

# Prevent proguard from stripping interface information from TypeAdapter, TypeAdapterFactory,
# JsonSerializer, JsonDeserializer instances (so they can be used in @JsonAdapter)
-keep class * extends com.google.gson.TypeAdapter
-keep class * implements com.google.gson.TypeAdapterFactory
-keep class * implements com.google.gson.JsonSerializer
-keep class * implements com.google.gson.JsonDeserializer

# Prevent R8 from leaving Data object members always null
-keepclassmembers,allowobfuscation class * {
  @com.google.gson.annotations.SerializedName <fields>;
}

# Retain generic signatures of TypeToken and its subclasses with R8 version 3.0 and higher.
-keep,allowobfuscation,allowshrinking class com.google.gson.reflect.TypeToken
-keep,allowobfuscation,allowshrinking class * extends com.google.gson.reflect.TypeToken

From https://github.com/google/gson/blob/c2a0e4634a2100494159add78db2ee06f5eb9be6/examples/android-proguard-example/proguard.cfg#L14

Would be nice to support kotlinx serialization instead of GSON (cc #24)

@bb441db bb441db mentioned this issue Nov 14, 2023
Closed
2 tasks
@sgjesse
Copy link

sgjesse commented Dec 11, 2023

Please note that rules for gson should not go into the consumer rules for this library, as they have been added to gson (https://github.com/google/gson/blob/main/gson/src/main/resources/META-INF/proguard/gson.pro). The most recent changes have not been released yet, and I will follow up on that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request A feature has been asked for or suggested by the community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@sgjesse @spacemase @poovamraj @bb441db @bilalhaidercc