feat(auth): Add fork session use case

auth/data/src/main/kotlin/me/proton/core/auth/data/api/AuthenticationApi.kt

@@ -20,6 +20,7 @@ package me.proton.core.auth.data.api
 
 import me.proton.core.auth.data.api.request.EmailValidationRequest
 import me.proton.core.auth.data.api.request.AuthInfoRequest
+import me.proton.core.auth.data.api.request.ForkSessionRequest
 import me.proton.core.auth.data.api.request.LoginLessRequest
 import me.proton.core.auth.data.api.request.LoginRequest
 import me.proton.core.auth.data.api.request.LoginSsoRequest
@@ -28,6 +29,7 @@ import me.proton.core.auth.data.api.request.RefreshSessionRequest
 import me.proton.core.auth.data.api.request.RequestSessionRequest
 import me.proton.core.auth.data.api.request.SecondFactorRequest
 import me.proton.core.auth.data.api.response.AuthInfoResponse
+import me.proton.core.auth.data.api.response.ForkSessionResponse
 import me.proton.core.auth.data.api.response.LoginResponse
 import me.proton.core.auth.data.api.response.ModulusResponse
 import me.proton.core.auth.data.api.response.ScopesResponse
@@ -79,4 +81,7 @@ interface AuthenticationApi : BaseRetrofitApi {
 
     @POST("core/v4/validate/phone")
     suspend fun validatePhone(@Body request: PhoneValidationRequest): GenericResponse
+
+    @POST("auth/v4/sessions/forks")
+    suspend fun forkSession(@Body request: ForkSessionRequest): ForkSessionResponse
 }

auth/data/src/main/kotlin/me/proton/core/auth/data/api/request/ForkSessionRequest.kt

@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2024 Proton Technologies AG
+ * This file is part of Proton AG and ProtonCore.
+ *
+ * ProtonCore is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ProtonCore is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ProtonCore.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package me.proton.core.auth.data.api.request
+
+import kotlinx.serialization.SerialName
+import kotlinx.serialization.Serializable
+
+@Serializable
+data class ForkSessionRequest(
+    @SerialName("Payload")
+    val payload: String,
+    @SerialName("ChildClientID")
+    val childClientId: String,
+    @SerialName("Independent")
+    val independent: Long,
+    @SerialName("UserCode")
+    val userCode: String? = null,
+)

auth/data/src/main/kotlin/me/proton/core/auth/data/api/response/ForkSessionResponse.kt

@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2024 Proton Technologies AG
+ * This file is part of Proton AG and ProtonCore.
+ *
+ * ProtonCore is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ProtonCore is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ProtonCore.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package me.proton.core.auth.data.api.response
+
+import kotlinx.serialization.SerialName
+import kotlinx.serialization.Serializable
+
+@Serializable
+data class ForkSessionResponse(
+    @SerialName("Code")
+    val code: Long,
+    @SerialName("Selector")
+    val selector: String,
+)

auth/data/src/main/kotlin/me/proton/core/auth/data/repository/AuthRepositoryImpl.kt

@@ -28,6 +28,7 @@ import me.proton.core.auth.fido.domain.ext.toJson
 import me.proton.core.auth.data.api.request.AuthInfoRequest
 import me.proton.core.auth.data.api.request.EmailValidationRequest
 import me.proton.core.auth.data.api.request.Fido2Request
+import me.proton.core.auth.data.api.request.ForkSessionRequest
 import me.proton.core.auth.data.api.request.LoginLessRequest
 import me.proton.core.auth.data.api.request.LoginRequest
 import me.proton.core.auth.data.api.request.LoginSsoRequest
@@ -194,6 +195,19 @@ class AuthRepositoryImpl(
             validatePhone(request).isSuccess()
         }.valueOrThrow
     }
+
+    override suspend fun forkSession(
+        sessionId: SessionId,
+        payload: String,
+        childClientId: String,
+        independent: Long,
+        userCode: String?
+    ): String =
+        provider.get<AuthenticationApi>(sessionId).invoke {
+            forkSession(
+                request = ForkSessionRequest(payload, childClientId, independent, userCode),
+            )
+        }.valueOrThrow.selector
 }
 
 private fun ByteArray.toBase64(): String = Base64.encodeToString(this, Base64.NO_WRAP)

auth/domain/src/main/kotlin/me/proton/core/auth/domain/repository/AuthRepository.kt

@@ -121,4 +121,15 @@ interface AuthRepository {
      * Validate recovery phone.
      */
     suspend fun validatePhone(phone: String): Boolean
+
+    /**
+     * Fork a session and return a selector.
+     */
+    suspend fun forkSession(
+        sessionId: SessionId,
+        payload: String,
+        childClientId: String,
+        independent: Long,
+        userCode: String? = null,
+    ): String
 }

auth/domain/src/main/kotlin/me/proton/core/auth/domain/usecase/ForkSession.kt

@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2024 Proton Technologies AG
+ * This file is part of Proton AG and ProtonCore.
+ *
+ * ProtonCore is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ProtonCore is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ProtonCore.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package me.proton.core.auth.domain.usecase
+
+import me.proton.core.auth.domain.repository.AuthRepository
+import me.proton.core.domain.entity.UserId
+import me.proton.core.network.domain.session.SessionProvider
+import me.proton.core.util.kotlin.toInt
+import javax.inject.Inject
+
+typealias Selector = String
+
+class ForkSession @Inject constructor(
+    private val authRepository: AuthRepository,
+    private val sessionProvider: SessionProvider,
+) {
+
+    suspend operator fun invoke(
+        userId: UserId,
+        payload: String,
+        childClientId: String,
+        independent: Boolean,
+        userCode: String? = null,
+    ): Selector {
+        val sessionId = sessionProvider.getSessionId(userId)
+        check(sessionId != null) { "Session id not found (${userId.id})" }
+        return authRepository.forkSession(
+            sessionId = sessionId,
+            payload = payload,
+            childClientId = childClientId,
+            independent = independent.toInt().toLong(),
+            userCode = userCode,
+        )
+    }
+}

auth/domain/src/test/kotlin/me/proton/core/auth/domain/usecase/ForkSessionTest.kt

@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 2024 Proton Technologies AG
+ * This file is part of Proton AG and ProtonCore.
+ *
+ * ProtonCore is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * ProtonCore is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ProtonCore.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+package me.proton.core.auth.domain.usecase
+
+import io.mockk.coEvery
+import io.mockk.coVerify
+import io.mockk.mockk
+import kotlinx.coroutines.test.runTest
+import me.proton.core.auth.domain.repository.AuthRepository
+import me.proton.core.domain.entity.UserId
+import me.proton.core.network.domain.session.SessionId
+import me.proton.core.network.domain.session.SessionProvider
+import me.proton.core.test.kotlin.assertEquals
+import org.junit.Before
+import org.junit.Test
+
+class ForkSessionTest {
+    private val userId = UserId("user-id")
+    private lateinit var authRepository: AuthRepository
+    private lateinit var sessionProvider: SessionProvider
+    private lateinit var tested: ForkSession
+
+    @Before
+    fun setUp() {
+        authRepository = mockk()
+        sessionProvider = mockk()
+        tested = ForkSession(authRepository, sessionProvider)
+    }
+
+    @Test
+    fun `happy path`() = runTest {
+        // GIVEN
+        coEvery { sessionProvider.getSessionId(userId) } returns sessionId
+        coEvery { authRepository.forkSession(any(), any(), any(), any(), null) } returns SELECTOR
+
+        // WHEN
+        val selector = tested(
+            userId = userId,
+            payload = PAYLOAD,
+            childClientId = CHILD_CLIENT_ID,
+            independent = false,
+        )
+
+        // THEN
+        coVerify {
+            sessionProvider.getSessionId(userId)
+            authRepository.forkSession(
+                sessionId = sessionId,
+                payload = PAYLOAD,
+                childClientId = CHILD_CLIENT_ID,
+                independent = 0L,
+            )
+        }
+        assertEquals(SELECTOR, selector) { "$SELECTOR should be returned" }
+    }
+
+    @Test(expected = IllegalStateException::class)
+    fun `unauthenticated user cannot fork a session`() = runTest {
+        // GIVEN
+        coEvery { sessionProvider.getSessionId(userId) } returns null
+        coEvery { authRepository.forkSession(any(), any(), any(), any(), null) } returns SELECTOR
+
+        // WHEN
+        tested(
+            userId = userId,
+            payload = PAYLOAD,
+            childClientId = CHILD_CLIENT_ID,
+            independent = false,
+        )
+    }
+
+    private val sessionId: SessionId get() = SessionId("session-id-${userId.id}")
+
+    companion object {
+        private const val CHILD_CLIENT_ID = "child-client-id"
+        private const val PAYLOAD = "payload"
+        private const val SELECTOR = "selector"
+    }
+}