From 59ce730a5398e209758a960db901c3b0bc16ca61 Mon Sep 17 00:00:00 2001 From: Manmohan Gupta Date: Wed, 17 Jun 2026 18:44:50 +0530 Subject: [PATCH] UIC-948 : Added the consumer file with the rules for client facing obfustication --- universal_components/consumer-rules.pro | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/universal_components/consumer-rules.pro b/universal_components/consumer-rules.pro index e69de29..c1a4012 100644 --- a/universal_components/consumer-rules.pro +++ b/universal_components/consumer-rules.pro @@ -0,0 +1,24 @@ +# --- Auth0 SDK Gson models --------------------------------------------------- +# The Auth0 Android SDK deserializes its API responses (Factor, +# AuthenticationMethod and its sealed subclasses) with Gson via reflection. +# R8 cannot see those reflective accesses, so without keep rules it strips the +# fields/classes and Gson fails — surfacing as "a0.sdk.internal_error.unknown". +# Gson also needs Signature (generic types like List) and the +# @SerializedName annotations to map JSON keys correctly. +-keepattributes Signature +-keep class com.auth0.android.result.** { *; } +-keepclassmembers class com.auth0.android.result.** { *; } +# Polymorphic deserializer referenced via @JsonAdapter must be kept by name. +-keep class com.auth0.android.result.AuthenticationMethod$Deserializer { *; } +-keepclassmembers class * { + @com.google.gson.annotations.SerializedName ; +} + +# --- Public enums passed across the API boundary ----------------------------- +# AuthenticatorType is used as a kotlinx.serialization-backed Compose Navigation +# argument, which resolves the enum by its fully qualified name at runtime — so +# the class name must not be obfuscated. +-keep public enum com.auth0.universalcomponents.domain.model.AuthenticatorType { + **[] $VALUES; + public *; +} \ No newline at end of file