From af4af4e581729a8852f474ff1c056d7e0261f2b8 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Sun, 2 Jul 2017 15:53:30 +0300
Subject: [PATCH 01/33] added support for progressive authentication with rop

---
 .../appid/MainActivity.java                   |  2 +-
 .../ibm/bluemix/appid/android/api/AppID.java  | 21 ++++++-
 .../AuthorizationManager.java                 |  4 +-
 .../internal/loginwidget/LoginWidgetImpl.java |  2 +-
 .../internal/tokenmanager/TokenManager.java   |  7 ++-
 .../bluemix/appid/android/api/AppID_Test.java | 62 +++++++++++++++----
 .../AuthorizationManager_Test.java            |  9 +--
 .../tokenmanager/TokenManager_Test.java       | 12 ++--
 8 files changed, 90 insertions(+), 29 deletions(-)

diff --git a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
index 4b9fc94..9212211 100644
--- a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
+++ b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
@@ -164,7 +164,7 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
                     identifiedAccessToken = accessToken;
                     extractAndDisplayDataFromIdentityToken(identityToken);
                 }
-            });
+            }, anonymousAccessToken != null ? anonymousAccessToken.getRaw() : null);
         }
     }
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
index 8f74678..526b9f3 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
@@ -16,9 +16,11 @@
 import android.content.Context;
 import android.support.annotation.NonNull;
 
+import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
 import com.ibm.bluemix.appid.android.api.userattributes.UserAttributeManager;
 import com.ibm.bluemix.appid.android.internal.OAuthManager;
 import com.ibm.bluemix.appid.android.internal.loginwidget.LoginWidgetImpl;
+import com.ibm.bluemix.appid.android.internal.tokens.AccessTokenImpl;
 import com.ibm.bluemix.appid.android.internal.userattributesmanager.UserAttributeManagerImpl;
 
 import org.jetbrains.annotations.NotNull;
@@ -149,7 +151,24 @@ public void loginAnonymously(@NotNull Context context,  String accessToken, bool
 	 * @param tokenResponseListener the token response listener
 	 */
 	public void obtainTokensWithROP(@NotNull Context context, @NotNull String username, @NotNull String password, @NotNull TokenResponseListener tokenResponseListener) {
-		oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, tokenResponseListener);
+        AccessToken accessToken = oAuthManager.getTokenManager().getLatestAccessToken();
+        oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, accessToken, tokenResponseListener);
+	}
+    /**
+     * Obtain token using Resource owner Password (RoP).
+     *
+     * @param username the resource owner username
+     * @param password the resource owner password
+     * @param tokenResponseListener the token response listener
+     * @param accessTokenString previous access token of some anonymous user
+     */
+	public void obtainTokensWithROP(@NotNull Context context, @NotNull String username, @NotNull String password, @NotNull TokenResponseListener tokenResponseListener, String accessTokenString) {
+        if(accessTokenString == null) {
+			obtainTokensWithROP(context, username, password, tokenResponseListener);
+		} else {
+            AccessTokenImpl accessToken = new AccessTokenImpl(accessTokenString);
+            oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, accessToken, tokenResponseListener);
+		}
 	}
 
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index 9d34ac4..b582e68 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -180,7 +180,7 @@ public void setAppIDRequestFactory(AppIDRequestFactory appIDRequestFactory) {
 		this.appIDRequestFactory = appIDRequestFactory;
 	}
 
-	public void obtainTokensWithROP(final Context context, final String username, final String password, final TokenResponseListener tokenResponseListener) {
+	public void obtainTokensWithROP(final Context context, final String username, final String password, final AccessToken accessToken, final TokenResponseListener tokenResponseListener) {
 		registrationManager.ensureRegistered(context, new RegistrationListener() {
 			@Override
 			public void onRegistrationFailure (RegistrationStatus error) {
@@ -190,7 +190,7 @@ public void onRegistrationFailure (RegistrationStatus error) {
 
 			@Override
 			public void onRegistrationSuccess () {
-				oAuthManager.getTokenManager().obtainTokens(username, password, tokenResponseListener);
+				oAuthManager.getTokenManager().obtainTokens(username, password, accessToken, tokenResponseListener);
 			}
 		});
 	}
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
index 9dff770..fac7dac 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
@@ -32,7 +32,7 @@ public LoginWidgetImpl(@NonNull OAuthManager oAuthManager){
 
 
 	public void launch(@NonNull Activity activity, @NonNull AuthorizationListener authorizationListener, String accessTokenString) {
-		if(accessTokenString == null){
+		if(accessTokenString == null) {
 			launch(activity, authorizationListener);
 			return;
 		}
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
index cae0793..7dbd597 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
@@ -57,6 +57,7 @@ public class TokenManager {
     private final static String USERNAME = "username";
     private final static String PASSWORD = "password";
     private final static String GRANT_TYPE_PASSWORD = "password";
+	private final static String APPID_ACCESS_TOKEN = "appid_access_token";
     private final static String ERROR_DESCRIPTION= "error_description";
     private final static String ERROR_CODE= "error";
     private final static String INVALID_GRANT= "invalid_grant";
@@ -126,14 +127,16 @@ public void onSuccess (Response response) {
 		});
 	}
 
-	public void obtainTokens (String username, String password, final TokenResponseListener listener) {
+	public void obtainTokens (String username, String password, AccessToken accessToken, final TokenResponseListener listener) {
 		logger.debug("obtainTokens - with resource owner password");
 
 		HashMap<String, String> formParams = new HashMap<>();
         formParams.put(USERNAME, username);
         formParams.put(PASSWORD, password);
         formParams.put(GRANT_TYPE, GRANT_TYPE_PASSWORD);
-
+		if (accessToken != null) {
+			formParams.put(APPID_ACCESS_TOKEN, accessToken.getRaw());
+		}
 		retrieveTokens(formParams, listener);
 	}
 
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/api/AppID_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/api/AppID_Test.java
index dcb38a0..add3349 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/api/AppID_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/api/AppID_Test.java
@@ -20,6 +20,7 @@
 import com.ibm.bluemix.appid.android.internal.registrationmanager.RegistrationStatus;
 import com.ibm.bluemix.appid.android.internal.userattributesmanager.UserAttributeManagerImpl;
 import com.ibm.bluemix.appid.android.testing.helpers.ClassHelper;
+import com.ibm.bluemix.appid.android.testing.helpers.Consts;
 import com.ibm.mobilefirstplatform.appid_clientsdk_android.BuildConfig;
 
 import org.assertj.core.api.ThrowableAssert;
@@ -130,22 +131,59 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
 
 	@Test
 	public void test03_loginUsingRoP(){
-        this.appId.initialize(RuntimeEnvironment.application, testTenantId, testRegion);
+		this.appId.initialize(RuntimeEnvironment.application, testTenantId, testRegion);
 
-        TokenResponseListener listener = new TokenResponseListener() {
-            @Override
-            public void onAuthorizationFailure(AuthorizationException exception) {
-                assertThat(exception.getMessage().equals(RegistrationStatus.FAILED_TO_REGISTER.getDescription()));
-            }
+		TokenResponseListener listener = new TokenResponseListener() {
+			@Override
+			public void onAuthorizationFailure(AuthorizationException exception) {
+				assertThat(exception.getMessage().equals(RegistrationStatus.FAILED_TO_REGISTER.getDescription()));
+			}
 
-            @Override
-            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
-                assert(false);
-            }
-        };
+			@Override
+			public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+				assert(false);
+			}
+		};
+
+		appId.obtainTokensWithROP(RuntimeEnvironment.application, "testUsername", "testPassword", listener);
+	}
+
+	@Test
+	public void test04_loginUsingRoPWithNullAccessToken(){
+		this.appId.initialize(RuntimeEnvironment.application, testTenantId, testRegion);
 
-        appId.obtainTokensWithROP(RuntimeEnvironment.application, "testUsername", "testPassword", listener);
+		TokenResponseListener listener = new TokenResponseListener() {
+			@Override
+			public void onAuthorizationFailure(AuthorizationException exception) {
+				assertThat(exception.getMessage().equals(RegistrationStatus.FAILED_TO_REGISTER.getDescription()));
+			}
+
+			@Override
+			public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+				assert(false);
+			}
+		};
+
+		appId.obtainTokensWithROP(RuntimeEnvironment.application, "testUsername", "testPassword", listener, null);
+	}
+
+	@Test
+	public void test05_loginUsingRoPWithAccessToken(){
+		this.appId.initialize(RuntimeEnvironment.application, testTenantId, testRegion);
+
+		TokenResponseListener listener = new TokenResponseListener() {
+			@Override
+			public void onAuthorizationFailure(AuthorizationException exception) {
+				assertThat(exception.getMessage().equals(RegistrationStatus.FAILED_TO_REGISTER.getDescription()));
+			}
+
+			@Override
+			public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+				assert(false);
+			}
+		};
 
+		appId.obtainTokensWithROP(RuntimeEnvironment.application, "testUsername", "testPassword", listener, Consts.ACCESS_TOKEN);
 	}
 }
 
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index 789b4d9..aa7979e 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -88,6 +88,7 @@ public class AuthorizationManager_Test {
     private String username = "testUser";
     private String password = "testPassword";
     private String testError = "Some Error";
+    private AccessToken passedAccessToken = new AccessTokenImpl(Consts.ACCESS_TOKEN);
     private static final AccessToken expectedAccessToken = new AccessTokenImpl(Consts.ACCESS_TOKEN);
     private static final IdentityToken expectedIdToken = new IdentityTokenImpl(Consts.ID_TOKEN);
 
@@ -128,12 +129,12 @@ public void before() {
                      @Override
                      public Void answer(InvocationOnMock invocation) {
                          Object[] args = invocation.getArguments();
-                         TokenResponseListener tokenListener = (TokenResponseListener) args[2];
+                         TokenResponseListener tokenListener = (TokenResponseListener) args[3];
                          tokenListener.onAuthorizationSuccess(expectedAccessToken, expectedIdToken);
                          return null;
                      }
                  }
-        ).when(tokenManagerMock).obtainTokens(eq(username), eq(password), any(TokenResponseListener.class));
+        ).when(tokenManagerMock).obtainTokens(eq(username), eq(password), eq(passedAccessToken), any(TokenResponseListener.class));
 
         doAnswer(new Answer<Void>() {
                      @Override
@@ -163,7 +164,7 @@ public Void answer(InvocationOnMock invocation) {
         }).when(registrationManager).ensureRegistered(eq(mockContext), any(RegistrationListener.class));
 
 
-        authManager.obtainTokensWithROP(mockContext, username, password, new TokenResponseListener() {
+        authManager.obtainTokensWithROP(mockContext, username, password, passedAccessToken, new TokenResponseListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
                 assertEquals(exception.getMessage(), RegistrationStatus.NOT_REGISTRED.getDescription());
@@ -188,7 +189,7 @@ public Void answer(InvocationOnMock invocation) {
                  }
         ).when(registrationManager).ensureRegistered(eq(mockContext), any(RegistrationListener.class));
 
-        authManager.obtainTokensWithROP(mockContext, username, password, new TokenResponseListener() {
+        authManager.obtainTokensWithROP(mockContext, username, password, passedAccessToken, new TokenResponseListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
                 fail("should get to onAuthorizationSuccess");
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
index f664a44..794d88a 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
@@ -160,7 +160,7 @@ public Object answer(InvocationOnMock invocation) throws Throwable {
             }
         }).when(stubRequest).send(any(Map.class), any(ResponseListener.class));
 
-        spyTokenManager.obtainTokens(username, password, new TokenResponseListener() {
+        spyTokenManager.obtainTokens(username, password, new AccessTokenImpl(Consts.ACCESS_TOKEN), new TokenResponseListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
                 fail("should get to onAuthorizationSuccess");
@@ -210,7 +210,7 @@ public Object answer(InvocationOnMock invocation) throws Throwable {
             }
         }).when(stubRequest).send(any(Map.class), any(ResponseListener.class));
 
-        spyTokenManager.obtainTokens(username, password, new TokenResponseListener() {
+        spyTokenManager.obtainTokens(username, password, null, new TokenResponseListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
                 assertEquals(exception.getMessage(), "Failed to retrieve tokens: " + testDescription);
@@ -224,7 +224,7 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
         });
         //test the exception parsing
         testReponse = null;
-        spyTokenManager.obtainTokens(username, password, new TokenResponseListener() {
+        spyTokenManager.obtainTokens(username, password, null, new TokenResponseListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
                 assertEquals(exception.getMessage(), "Failed to retrieve tokens" );
@@ -252,7 +252,7 @@ public Object answer(InvocationOnMock invocation) throws Throwable {
             }
         }).when(stubRequest).send(any(Map.class), any(ResponseListener.class));
 
-        spyTokenManager.obtainTokens(username, password, new TokenResponseListener() {
+        spyTokenManager.obtainTokens(username, password, null, new TokenResponseListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
                 assertEquals(exception.getMessage(), "Failed to parse server response");
@@ -287,7 +287,7 @@ public Map<String, List<String>> getHeaders() {
                 return null;
             }
         };
-        spyTokenManager.obtainTokens(username, password, new TokenResponseListener() {
+        spyTokenManager.obtainTokens(username, password, null, new TokenResponseListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
                 assertEquals(exception.getMessage(), "Failed to parse access_token");
@@ -323,7 +323,7 @@ public Map<String, List<String>> getHeaders() {
             }
         };
 
-        spyTokenManager.obtainTokens(username, password, new TokenResponseListener() {
+        spyTokenManager.obtainTokens(username, password, null, new TokenResponseListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
                 assertEquals(exception.getMessage(), "Failed to parse id_token");

From e3dd78bf197ef7902c88b73b59a8eca85ab4a29d Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Mon, 3 Jul 2017 14:33:14 +0300
Subject: [PATCH 02/33] small fix

---
 .../main/java/com/ibm/bluemix/appid/android/api/AppID.java  | 5 ++++-
 .../appid/android/api/AppIDAuthorizationManager_Test.java   | 6 +++---
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
index 526b9f3..3673f5c 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
@@ -152,7 +152,10 @@ public void loginAnonymously(@NotNull Context context,  String accessToken, bool
 	 */
 	public void obtainTokensWithROP(@NotNull Context context, @NotNull String username, @NotNull String password, @NotNull TokenResponseListener tokenResponseListener) {
         AccessToken accessToken = oAuthManager.getTokenManager().getLatestAccessToken();
-        oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, accessToken, tokenResponseListener);
+		if (accessToken != null && accessToken.isAnonymous()) {
+			oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, accessToken, tokenResponseListener);
+		}
+		oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, null, tokenResponseListener);
 	}
     /**
      * Obtain token using Resource owner Password (RoP).
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager_Test.java
index f3bb71e..e1e7a05 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager_Test.java
@@ -214,7 +214,7 @@ public void onSuccess(Response response) {
 			public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
 				fail("should get to onSuccess");
 			}
-		}, null);
+		});
 	}
 
 	@Test
@@ -240,7 +240,7 @@ public void onSuccess(Response response) {
 			public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
 				assertEquals(t.getMessage(), "test exception");
 			}
-		}, null);
+		});
 	}
 
 	@Test
@@ -266,7 +266,7 @@ public void onSuccess(Response response) {
 			public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
 				assertEquals(t.getMessage(), "Authorization canceled");
 			}
-		}, null);
+		});
 	}
 
 }

From f80d3d6d76e8c63a21744369f1c6c4cb98e7eb23 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Tue, 4 Jul 2017 08:12:31 +0300
Subject: [PATCH 03/33] passing access token as string

---
 .../main/java/com/ibm/bluemix/appid/android/api/AppID.java  | 5 ++---
 .../internal/authorizationmanager/AuthorizationManager.java | 4 ++--
 .../appid/android/internal/tokenmanager/TokenManager.java   | 6 +++---
 .../authorizationmanager/AuthorizationManager_Test.java     | 2 +-
 .../android/internal/tokenmanager/TokenManager_Test.java    | 2 +-
 5 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
index 3673f5c..561de9c 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
@@ -153,7 +153,7 @@ public void loginAnonymously(@NotNull Context context,  String accessToken, bool
 	public void obtainTokensWithROP(@NotNull Context context, @NotNull String username, @NotNull String password, @NotNull TokenResponseListener tokenResponseListener) {
         AccessToken accessToken = oAuthManager.getTokenManager().getLatestAccessToken();
 		if (accessToken != null && accessToken.isAnonymous()) {
-			oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, accessToken, tokenResponseListener);
+			oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, accessToken.getRaw(), tokenResponseListener);
 		}
 		oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, null, tokenResponseListener);
 	}
@@ -169,8 +169,7 @@ public void obtainTokensWithROP(@NotNull Context context, @NotNull String userna
         if(accessTokenString == null) {
 			obtainTokensWithROP(context, username, password, tokenResponseListener);
 		} else {
-            AccessTokenImpl accessToken = new AccessTokenImpl(accessTokenString);
-            oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, accessToken, tokenResponseListener);
+            oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, accessTokenString, tokenResponseListener);
 		}
 	}
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index b582e68..8546fc4 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -180,7 +180,7 @@ public void setAppIDRequestFactory(AppIDRequestFactory appIDRequestFactory) {
 		this.appIDRequestFactory = appIDRequestFactory;
 	}
 
-	public void obtainTokensWithROP(final Context context, final String username, final String password, final AccessToken accessToken, final TokenResponseListener tokenResponseListener) {
+	public void obtainTokensWithROP(final Context context, final String username, final String password, final String accessTokenString, final TokenResponseListener tokenResponseListener) {
 		registrationManager.ensureRegistered(context, new RegistrationListener() {
 			@Override
 			public void onRegistrationFailure (RegistrationStatus error) {
@@ -190,7 +190,7 @@ public void onRegistrationFailure (RegistrationStatus error) {
 
 			@Override
 			public void onRegistrationSuccess () {
-				oAuthManager.getTokenManager().obtainTokens(username, password, accessToken, tokenResponseListener);
+				oAuthManager.getTokenManager().obtainTokens(username, password, accessTokenString, tokenResponseListener);
 			}
 		});
 	}
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
index 7dbd597..bf16f00 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
@@ -127,15 +127,15 @@ public void onSuccess (Response response) {
 		});
 	}
 
-	public void obtainTokens (String username, String password, AccessToken accessToken, final TokenResponseListener listener) {
+	public void obtainTokens (String username, String password, String accessTokenString, final TokenResponseListener listener) {
 		logger.debug("obtainTokens - with resource owner password");
 
 		HashMap<String, String> formParams = new HashMap<>();
         formParams.put(USERNAME, username);
         formParams.put(PASSWORD, password);
         formParams.put(GRANT_TYPE, GRANT_TYPE_PASSWORD);
-		if (accessToken != null) {
-			formParams.put(APPID_ACCESS_TOKEN, accessToken.getRaw());
+		if (accessTokenString != null) {
+			formParams.put(APPID_ACCESS_TOKEN, accessTokenString);
 		}
 		retrieveTokens(formParams, listener);
 	}
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index aa7979e..84db22b 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -88,7 +88,7 @@ public class AuthorizationManager_Test {
     private String username = "testUser";
     private String password = "testPassword";
     private String testError = "Some Error";
-    private AccessToken passedAccessToken = new AccessTokenImpl(Consts.ACCESS_TOKEN);
+    private String passedAccessToken = Consts.ACCESS_TOKEN;
     private static final AccessToken expectedAccessToken = new AccessTokenImpl(Consts.ACCESS_TOKEN);
     private static final IdentityToken expectedIdToken = new IdentityTokenImpl(Consts.ID_TOKEN);
 
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
index 794d88a..bc0d2f2 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
@@ -160,7 +160,7 @@ public Object answer(InvocationOnMock invocation) throws Throwable {
             }
         }).when(stubRequest).send(any(Map.class), any(ResponseListener.class));
 
-        spyTokenManager.obtainTokens(username, password, new AccessTokenImpl(Consts.ACCESS_TOKEN), new TokenResponseListener() {
+        spyTokenManager.obtainTokens(username, password, Consts.ACCESS_TOKEN, new TokenResponseListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
                 fail("should get to onAuthorizationSuccess");

From 45c9be7951d2136ab220714e20176892b2cf7ba9 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Wed, 5 Jul 2017 11:47:53 +0300
Subject: [PATCH 04/33] fix some labeling in ReadMe

---
 README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index a8a428d..6ca8dff 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@ Android SDK for the Bluemix App ID service
 
 [![Bluemix powered][img-bluemix-powered]][url-bluemix]
 [![Travis][img-travis-master]][url-travis-master]
-[![Coveralls][img-coveralls-master]][url-coveralls-master]
+[![Coverage Status][img-coveralls-master]][url-coveralls-master]
 [![Codacy][img-codacy]][url-codacy]
 [![Release](https://jitpack.io/v/ibm-cloud-security/appid-clientsdk-android.svg)](https://jitpack.io/#ibm-cloud-security/appid-clientsdk-android)
 [![License][img-license]][url-bintray]
@@ -218,8 +218,8 @@ This package contains code licensed under the Apache License, Version 2.0 (the "
 [img-travis-master]: https://travis-ci.org/ibm-cloud-security/appid-clientsdk-android.svg
 [url-travis-master]: https://travis-ci.org/ibm-cloud-security/appid-clientsdk-android
 
-[img-coveralls-master]: https://coveralls.io/repos/github/ibm-cloud-security/appid-clientsdk-android/badge.svg
-[url-coveralls-master]: https://coveralls.io/github/ibm-cloud-security/appid-clientsdk-android
+[img-coveralls-master]: https://coveralls.io/repos/github/ibm-cloud-security/appid-clientsdk-android/badge.svg?branch=master
+[url-coveralls-master]: https://coveralls.io/github/ibm-cloud-security/appid-clientsdk-android?branch=master
 
-[img-codacy]: https://api.codacy.com/project/badge/Grade/d41f8f069dd343769fcbdb55089561fc?branch=master
+[img-codacy]: https://api.codacy.com/project/badge/Grade/d41f8f069dd343769fcbdb55089561fc
 [url-codacy]: https://www.codacy.com/app/ibm-cloud-security/appid-clientsdk-android

From 3cbdca81e4d4a72de6d18c30ec948643285e2757 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Mon, 10 Jul 2017 00:28:35 +0300
Subject: [PATCH 05/33] added API for opening sign up screen

---
 .../appid/MainActivity.java                   | 33 ++++++++
 app/src/main/res/layout/activity_main.xml     | 16 +++-
 .../ibm/bluemix/appid/android/api/AppID.java  |  3 +-
 .../appid/android/api/LoginWidget.java        |  6 ++
 .../AuthorizationManager.java                 | 51 +++++++-----
 .../internal/loginwidget/LoginWidgetImpl.java |  8 ++
 .../AuthorizationManager_Test.java            | 81 ++++++++++++++++++-
 .../loginwidget/LoginWidgetImpl_Test.java     | 33 ++++++++
 8 files changed, 209 insertions(+), 22 deletions(-)

diff --git a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
index 9212211..4118e00 100644
--- a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
+++ b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
@@ -127,6 +127,37 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
         }, anonymousAccessToken != null ? anonymousAccessToken.getRaw() : null);
     }
 
+    public void onSignUpClick(View v) {
+        logger.debug("onSignUpClick");
+        showProgress();
+        LoginWidget loginWidget = appId.getLoginWidget();
+        loginWidget.launchSignUp(this, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                logger.info("onAuthorizationFailure: " + exception.getMessage());
+                showResponse(exception.getMessage());
+                hideProgress();
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                logger.info("onAuthorizationCanceled");
+                hideProgress();
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                logger.info("onAuthorizationSuccess");
+                logger.info("access_token: " + accessToken.getRaw());
+                logger.info("id_token: " + identityToken.getRaw());
+                logger.info("access_token isExpired: " + accessToken.isExpired());
+                logger.info("id_token isExpired: " + identityToken.isExpired());
+                identifiedAccessToken = accessToken;
+                extractAndDisplayDataFromIdentityToken(identityToken);
+            }
+        });
+    }
+
     public void onGetTokenUsingRoP(View v) {
         logger.debug("onGetTokenUsingRoP");
         showResponse("");
@@ -349,6 +380,7 @@ public void run() {
                 findViewById(R.id.loginButton).setEnabled(false);
                 findViewById(R.id.ropButton).setEnabled(false);
                 findViewById(R.id.protectedRequestButton).setEnabled(false);
+                findViewById(R.id.signUpButton).setEnabled(false);
                 findViewById(R.id.deleteAttribute).setEnabled(false);
                 findViewById(R.id.anonloginButton).setEnabled(false);
                 findViewById(R.id.getAllAttributes).setEnabled(false);
@@ -369,6 +401,7 @@ public void run() {
                 findViewById(R.id.loginButton).setEnabled(true);
                 findViewById(R.id.ropButton).setEnabled(true);
                 findViewById(R.id.protectedRequestButton).setEnabled(true);
+                findViewById(R.id.signUpButton).setEnabled(true);
                 findViewById(R.id.deleteAttribute).setEnabled(true);
                 findViewById(R.id.anonloginButton).setEnabled(true);
                 findViewById(R.id.getAllAttributes).setEnabled(true);
diff --git a/app/src/main/res/layout/activity_main.xml b/app/src/main/res/layout/activity_main.xml
index 984e70a..2acf963 100644
--- a/app/src/main/res/layout/activity_main.xml
+++ b/app/src/main/res/layout/activity_main.xml
@@ -53,7 +53,18 @@
                 android:layout_below="@+id/profilePic"
                 android:layout_weight="1"
                 android:onClick="onAnonLoginClick"
-                android:text="Use Anonymously"
+                android:text="use anonymously"
+                android:textSize="12sp" />
+
+            <Button
+                android:id="@+id/signUpButton"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:layout_alignParentStart="true"
+                android:layout_below="@+id/profilePic"
+                android:layout_weight="1"
+                android:onClick="onSignUpClick"
+                android:text="launch sign up only"
                 android:textSize="12sp" />
 
             <Button
@@ -79,7 +90,8 @@
                 android:layout_below="@+id/name"
                 android:layout_weight="1"
                 android:onClick="onLoginClick"
-                android:text="Launch Login widget" />
+                android:text="Launch Login widget"
+                android:textSize="14sp" />
 
             <Button
                 android:id="@+id/protectedRequestButton"
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
index 561de9c..27b7742 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
@@ -143,6 +143,7 @@ public void loginAnonymously(@NotNull Context context, String accessToken, @NotN
 	public void loginAnonymously(@NotNull Context context,  String accessToken, boolean allowCreateNewAnonymousUser, @NotNull AuthorizationListener authorizationListener){
 		oAuthManager.getAuthorizationManager().loginAnonymously(context, accessToken, allowCreateNewAnonymousUser, authorizationListener);
 	}
+
 	/**
 	 * Obtain token using Resource owner Password (RoP).
 	 *
@@ -157,6 +158,7 @@ public void obtainTokensWithROP(@NotNull Context context, @NotNull String userna
 		}
 		oAuthManager.getAuthorizationManager().obtainTokensWithROP(context, username, password, null, tokenResponseListener);
 	}
+
     /**
      * Obtain token using Resource owner Password (RoP).
      *
@@ -173,5 +175,4 @@ public void obtainTokensWithROP(@NotNull Context context, @NotNull String userna
 		}
 	}
 
-
 }
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
index 202c6da..87ede00 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
@@ -25,5 +25,11 @@ public interface LoginWidget {
 	 */
 	void launch (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener, String accessTokenString);
 	void launch (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener);
+    /**
+     * Lunch only the sign up user interface
+     * @param activity Parent activity
+     * @param authorizationListener
+     */
+    void launchSignUp (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener);
 }
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index 8546fc4..247a175 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -48,6 +48,7 @@ public class AuthorizationManager {
 	private final static String CLIENT_ID = "client_id";
 	private final static String RESPONSE_TYPE = "response_type";
 	private final static String RESPONSE_TYPE_CODE = "code";
+	private final static String RESPONSE_TYPE_SIGN_UP = "sign_up";
 
 	private final static String SCOPE = "scope";
 	private final static String SCOPE_OPENID = "openid";
@@ -73,15 +74,15 @@ public AuthorizationManager (final OAuthManager oAuthManager, final Context ctx)
 		AuthorizationUIManager.bindCustomTabsService(ctx, serverUrl);
 	}
 
-    /**
+	/**
      * @return The Authorization endpoint url.
      */
-	private String getAuthorizationUrl(String idpName, AccessToken accessToken) {
+	private String getAuthorizationUrl(String idpName, AccessToken accessToken, String responseType) {
 		String clientId = registrationManager.getRegistrationDataString(RegistrationManager.CLIENT_ID);
 		String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
 
 		Uri.Builder builder = Uri.parse(serverUrl).buildUpon()
-				.appendQueryParameter(RESPONSE_TYPE, RESPONSE_TYPE_CODE)
+				.appendQueryParameter(RESPONSE_TYPE, responseType)
 				.appendQueryParameter(CLIENT_ID, clientId)
 				.appendQueryParameter(REDIRECT_URI, redirectUri)
 				.appendQueryParameter(SCOPE, SCOPE_OPENID);
@@ -106,23 +107,37 @@ public void launchAuthorizationUI (final Activity activity, final AuthorizationL
      * launch the authorization url in the chrome tab after successful registration.
      */
 	public void launchAuthorizationUI (final Activity activity, final AccessToken accessToken, final AuthorizationListener authorizationListener){
-		registrationManager.ensureRegistered(activity, new RegistrationListener() {
-			@Override
-			public void onRegistrationFailure (RegistrationStatus error) {
-				logger.error(error.getDescription());
-				authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
-			}
+        String authorizationUrl = getAuthorizationUrl(null, accessToken, RESPONSE_TYPE_CODE);
+        launchAuthorizationURL(activity, authorizationUrl, authorizationListener);
+	}
 
-			@Override
-			public void onRegistrationSuccess () {
-				String authorizationUrl = getAuthorizationUrl(null, accessToken);
-				String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
-				AuthorizationUIManager auim = new AuthorizationUIManager(oAuthManager, authorizationListener, authorizationUrl, redirectUri);
-				auim.launch(activity);
-			}
-		});
+	/**
+	 * @param activity the activity to launch the chrome tab on to.
+	 * @param authorizationListener the authorization listener of the client.
+	 * launch the authorization url with response_type=sign_up in the chrome tab after successful registration.
+	 */
+	public void launchSignUpAuthorizationUI (final Activity activity, final AuthorizationListener authorizationListener){
+        String signUpAuthorizationUrl = getAuthorizationUrl(null, null, RESPONSE_TYPE_SIGN_UP);
+        launchAuthorizationURL(activity, signUpAuthorizationUrl, authorizationListener);
 	}
 
+	void launchAuthorizationURL(final Activity activity, final String authorizationUrl, final AuthorizationListener authorizationListener) {
+        registrationManager.ensureRegistered(activity, new RegistrationListener() {
+            @Override
+            public void onRegistrationFailure (RegistrationStatus error) {
+                logger.error(error.getDescription());
+                authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
+            }
+
+            @Override
+            public void onRegistrationSuccess () {
+                String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
+                AuthorizationUIManager auim = new AuthorizationUIManager(oAuthManager, authorizationListener, authorizationUrl, redirectUri);
+                auim.launch(activity);
+            }
+        });
+    }
+
 	private void continueAnonymousLogin (String accessTokenString, boolean allowCreateNewAnonymousUser, final AuthorizationListener listener){
 		AccessToken accessToken;
 		if (accessTokenString == null){
@@ -136,7 +151,7 @@ private void continueAnonymousLogin (String accessTokenString, boolean allowCrea
 			return;
 		}
 
-		String authorizationUrl = getAuthorizationUrl(AccessTokenImpl.IDP_ANONYMOUS, accessToken);
+		String authorizationUrl = getAuthorizationUrl(AccessTokenImpl.IDP_ANONYMOUS, accessToken, RESPONSE_TYPE_CODE);
 
 		AppIDRequest request = appIDRequestFactory.createRequest(authorizationUrl, AppIDRequest.GET);
 		request.send(new ResponseListener(){
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
index fac7dac..795a64e 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
@@ -50,5 +50,13 @@ public void launch (@NonNull final Activity activity, @NonNull final Authorizati
 				oAuthManager.getTokenManager().getLatestAccessToken(),
 				authorizationListener);
 	}
+
+	/**
+	 * @param activity
+     * @param authorizationListener
+	 */
+	public void launchSignUp (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener) {
+        oAuthManager.getAuthorizationManager().launchSignUpAuthorizationUI(activity, authorizationListener);
+	}
 }
 
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index 84db22b..0213af4 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -41,10 +41,13 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.junit.runners.MethodSorters;
+import org.mockito.Matchers;
 import org.mockito.Mock;
+import org.mockito.Mockito;
 import org.mockito.MockitoAnnotations;
 import org.mockito.invocation.InvocationOnMock;
 import org.mockito.stubbing.Answer;
+import org.powermock.api.mockito.PowerMockito;
 import org.robolectric.RobolectricTestRunner;
 import org.robolectric.annotation.Config;
 
@@ -58,8 +61,13 @@
 import static org.mockito.Matchers.any;
 import static org.mockito.Matchers.anyString;
 import static org.mockito.Matchers.eq;
+import static org.mockito.Mockito.spy;
+import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 import static org.powermock.api.mockito.PowerMockito.doAnswer;
+import static org.powermock.api.mockito.PowerMockito.mock;
+import static org.powermock.api.mockito.PowerMockito.verifyNew;
+import static org.powermock.api.mockito.PowerMockito.whenNew;
 
 @RunWith (RobolectricTestRunner.class)
 @FixMethodOrder(MethodSorters.NAME_ASCENDING)
@@ -148,6 +156,7 @@ public Void answer(InvocationOnMock invocation) {
         ).when(tokenManagerMock).obtainTokens(anyString(), any(AuthorizationListener.class));
 
         authManager = new AuthorizationManager(oAuthManagerMock, mockContext);
+        appidMock.overrideOAuthServerHost = null;
     }
 
     @Test
@@ -353,6 +362,7 @@ public void onAuthorizationCanceled() {
     @Test
     public void launchAuthorizationUI_success(){
 
+        final AuthorizationManager spyAuthManager = Mockito.spy(authManager);
         doAnswer(new Answer<Void>() {
                      public Void answer(InvocationOnMock invocation) {
                          Object[] args = invocation.getArguments();
@@ -364,10 +374,79 @@ public Void answer(InvocationOnMock invocation) {
         ).when(registrationManager).ensureRegistered(eq(mockActivity), any(RegistrationListener.class));
 
         when(mockActivity.getApplicationContext()).thenReturn(mockContext);
-        authManager.launchAuthorizationUI(mockActivity, new AuthorizationListener() {
+        spyAuthManager.launchAuthorizationUI(mockActivity, new AuthorizationListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
+                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/authorization?response_type=code&client_id=null&redirect_uri=null&scope=openid";
                 assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
+                verify(spyAuthManager).launchAuthorizationURL(eq(mockActivity), eq(expectedAuthUrl), any(AuthorizationListener.class));
+
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
+
+    @Test
+    public void launchSignUpAuthorizationUI_failure(){
+        Activity activity = new Activity();
+        doAnswer(new Answer<Void>() {
+                     public Void answer(InvocationOnMock invocation) {
+                         Object[] args = invocation.getArguments();
+                         RegistrationListener regListener = (RegistrationListener) args[1];
+                         regListener.onRegistrationFailure(RegistrationStatus.NOT_REGISTRED);
+                         return null;
+                     }
+                 }
+        ).when(registrationManager).ensureRegistered(eq(activity), any(RegistrationListener.class));
+
+        authManager.launchSignUpAuthorizationUI(activity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                assertEquals(exception.getMessage(), RegistrationStatus.NOT_REGISTRED.getDescription());
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
+
+    @Test
+    public void launchSigUpAuthorizationUI_success() throws Exception{
+
+        final AuthorizationManager spyAuthManager =  Mockito.spy(authManager);
+        doAnswer(new Answer<Void>() {
+                     public Void answer(InvocationOnMock invocation) {
+                         Object[] args = invocation.getArguments();
+                         RegistrationListener regListener = (RegistrationListener) args[1];
+                         regListener.onRegistrationSuccess();
+                         return null;
+                     }
+                 }
+        ).when(registrationManager).ensureRegistered(eq(mockActivity), any(RegistrationListener.class));
+
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchSignUpAuthorizationUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/authorization?response_type=sign_up&client_id=null&redirect_uri=null&scope=openid";
+                assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
+                verify(spyAuthManager).launchAuthorizationURL(eq(mockActivity), eq(expectedAuthUrl), any(AuthorizationListener.class));
             }
 
             @Override
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
index 44a2021..f4d685e 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
@@ -129,4 +129,37 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
             }
         }, expectedAccessToken.getRaw());
     }
+
+    @Test
+    public void launchSignUp_test(){
+
+        doAnswer(new Answer() {
+            @Override
+            public Object answer(InvocationOnMock invocation) throws Throwable {
+                Object[] args = invocation.getArguments();
+                AccessToken accessToken = expectedAccessToken;
+                AuthorizationListener authorizationListener = (AuthorizationListener) args[1];
+                authorizationListener.onAuthorizationSuccess(accessToken, null);
+                return null;
+            }
+        }).when(mockAuthManager).launchSignUpAuthorizationUI(any(Activity.class), any(AuthorizationListener.class));
+
+
+        loginWidget.launchSignUp(Mockito.mock(Activity.class), new AuthorizationListener() {
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationSuccess");
+            }
+
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                fail("should get to onAuthorizationSuccess");
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                assertEquals(accessToken, expectedAccessToken);
+            }
+        });
+    }
 }

From 8fbc4889772852369ad41fe6e06622356c28b43a Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Mon, 10 Jul 2017 11:38:52 +0300
Subject: [PATCH 06/33] fix some codify issues

---
 .../authorizationmanager/AuthorizationManager.java       | 4 +++-
 .../authorizationmanager/AuthorizationManager_Test.java  | 9 ++-------
 2 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index 247a175..e6755cf 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -16,6 +16,7 @@
 import android.app.Activity;
 import android.content.Context;
 import android.net.Uri;
+import android.support.annotation.VisibleForTesting;
 
 import com.ibm.bluemix.appid.android.api.AppID;
 import com.ibm.bluemix.appid.android.api.AuthorizationException;
@@ -121,7 +122,8 @@ public void launchSignUpAuthorizationUI (final Activity activity, final Authoriz
         launchAuthorizationURL(activity, signUpAuthorizationUrl, authorizationListener);
 	}
 
-	void launchAuthorizationURL(final Activity activity, final String authorizationUrl, final AuthorizationListener authorizationListener) {
+	@VisibleForTesting
+    void launchAuthorizationURL(final Activity activity, final String authorizationUrl, final AuthorizationListener authorizationListener) {
         registrationManager.ensureRegistered(activity, new RegistrationListener() {
             @Override
             public void onRegistrationFailure (RegistrationStatus error) {
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index 0213af4..7c31251 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -41,13 +41,11 @@
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.junit.runners.MethodSorters;
-import org.mockito.Matchers;
 import org.mockito.Mock;
 import org.mockito.Mockito;
 import org.mockito.MockitoAnnotations;
 import org.mockito.invocation.InvocationOnMock;
 import org.mockito.stubbing.Answer;
-import org.powermock.api.mockito.PowerMockito;
 import org.robolectric.RobolectricTestRunner;
 import org.robolectric.annotation.Config;
 
@@ -65,9 +63,6 @@
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 import static org.powermock.api.mockito.PowerMockito.doAnswer;
-import static org.powermock.api.mockito.PowerMockito.mock;
-import static org.powermock.api.mockito.PowerMockito.verifyNew;
-import static org.powermock.api.mockito.PowerMockito.whenNew;
 
 @RunWith (RobolectricTestRunner.class)
 @FixMethodOrder(MethodSorters.NAME_ASCENDING)
@@ -362,7 +357,7 @@ public void onAuthorizationCanceled() {
     @Test
     public void launchAuthorizationUI_success(){
 
-        final AuthorizationManager spyAuthManager = Mockito.spy(authManager);
+        final AuthorizationManager spyAuthManager = spy(authManager);
         doAnswer(new Answer<Void>() {
                      public Void answer(InvocationOnMock invocation) {
                          Object[] args = invocation.getArguments();
@@ -429,7 +424,7 @@ public void onAuthorizationCanceled() {
     @Test
     public void launchSigUpAuthorizationUI_success() throws Exception{
 
-        final AuthorizationManager spyAuthManager =  Mockito.spy(authManager);
+        final AuthorizationManager spyAuthManager =  spy(authManager);
         doAnswer(new Answer<Void>() {
                      public Void answer(InvocationOnMock invocation) {
                          Object[] args = invocation.getArguments();

From d1a843b3017c6eff0cd8493cc1fd7f2bc9da25a1 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Mon, 10 Jul 2017 11:53:25 +0300
Subject: [PATCH 07/33] fix codify issue

---
 .../internal/authorizationmanager/AuthorizationManager_Test.java | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index 7c31251..a0dfdb3 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -42,7 +42,6 @@
 import org.junit.runner.RunWith;
 import org.junit.runners.MethodSorters;
 import org.mockito.Mock;
-import org.mockito.Mockito;
 import org.mockito.MockitoAnnotations;
 import org.mockito.invocation.InvocationOnMock;
 import org.mockito.stubbing.Answer;

From bf3aea024bf66b8a96dc25499b920cce36b444ec Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Mon, 10 Jul 2017 14:39:51 +0300
Subject: [PATCH 08/33] fix bug when no client id

---
 .../AuthorizationManager.java                 | 53 ++++++++++++-------
 .../AuthorizationManager_Test.java            |  4 +-
 2 files changed, 35 insertions(+), 22 deletions(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index e6755cf..48594ef 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -108,8 +108,21 @@ public void launchAuthorizationUI (final Activity activity, final AuthorizationL
      * launch the authorization url in the chrome tab after successful registration.
      */
 	public void launchAuthorizationUI (final Activity activity, final AccessToken accessToken, final AuthorizationListener authorizationListener){
-        String authorizationUrl = getAuthorizationUrl(null, accessToken, RESPONSE_TYPE_CODE);
-        launchAuthorizationURL(activity, authorizationUrl, authorizationListener);
+		registrationManager.ensureRegistered(activity, new RegistrationListener() {
+			@Override
+			public void onRegistrationFailure (RegistrationStatus error) {
+				logger.error(error.getDescription());
+				authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
+			}
+
+			@Override
+			public void onRegistrationSuccess () {
+				String authorizationUrl = getAuthorizationUrl(null, accessToken, RESPONSE_TYPE_CODE);
+				String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
+				AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, authorizationUrl, redirectUri);
+				auim.launch(activity);
+			}
+		});
 	}
 
 	/**
@@ -118,27 +131,27 @@ public void launchAuthorizationUI (final Activity activity, final AccessToken ac
 	 * launch the authorization url with response_type=sign_up in the chrome tab after successful registration.
 	 */
 	public void launchSignUpAuthorizationUI (final Activity activity, final AuthorizationListener authorizationListener){
-        String signUpAuthorizationUrl = getAuthorizationUrl(null, null, RESPONSE_TYPE_SIGN_UP);
-        launchAuthorizationURL(activity, signUpAuthorizationUrl, authorizationListener);
+		registrationManager.ensureRegistered(activity, new RegistrationListener() {
+			@Override
+			public void onRegistrationFailure (RegistrationStatus error) {
+				logger.error(error.getDescription());
+				authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
+			}
+
+			@Override
+			public void onRegistrationSuccess () {
+				String signUpAuthorizationUrl = getAuthorizationUrl(null, null, RESPONSE_TYPE_SIGN_UP);
+				String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
+				AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, signUpAuthorizationUrl, redirectUri);
+				auim.launch(activity);
+			}
+		});
 	}
 
 	@VisibleForTesting
-    void launchAuthorizationURL(final Activity activity, final String authorizationUrl, final AuthorizationListener authorizationListener) {
-        registrationManager.ensureRegistered(activity, new RegistrationListener() {
-            @Override
-            public void onRegistrationFailure (RegistrationStatus error) {
-                logger.error(error.getDescription());
-                authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
-            }
-
-            @Override
-            public void onRegistrationSuccess () {
-                String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
-                AuthorizationUIManager auim = new AuthorizationUIManager(oAuthManager, authorizationListener, authorizationUrl, redirectUri);
-                auim.launch(activity);
-            }
-        });
-    }
+	AuthorizationUIManager createAuthorizationUIManager(OAuthManager oAuthManager, AuthorizationListener authorizationListener, String authUrl, String redirectUri) {
+		return new AuthorizationUIManager(oAuthManager, authorizationListener, authUrl, redirectUri);
+	}
 
 	private void continueAnonymousLogin (String accessTokenString, boolean allowCreateNewAnonymousUser, final AuthorizationListener listener){
 		AccessToken accessToken;
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index a0dfdb3..86fa3b9 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -373,7 +373,7 @@ public Void answer(InvocationOnMock invocation) {
             public void onAuthorizationFailure(AuthorizationException exception) {
                 String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/authorization?response_type=code&client_id=null&redirect_uri=null&scope=openid";
                 assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
-                verify(spyAuthManager).launchAuthorizationURL(eq(mockActivity), eq(expectedAuthUrl), any(AuthorizationListener.class));
+                verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
 
             }
 
@@ -440,7 +440,7 @@ public Void answer(InvocationOnMock invocation) {
             public void onAuthorizationFailure(AuthorizationException exception) {
                 String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/authorization?response_type=sign_up&client_id=null&redirect_uri=null&scope=openid";
                 assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
-                verify(spyAuthManager).launchAuthorizationURL(eq(mockActivity), eq(expectedAuthUrl), any(AuthorizationListener.class));
+                verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
             }
 
             @Override

From e5bb1ad6a12ef286d47090360b4c04b2aa721e56 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Thu, 13 Jul 2017 17:29:59 +0300
Subject: [PATCH 09/33] added API for launching the change password UI

---
 .../appid/MainActivity.java                   | 39 ++++++++++++-
 app/src/main/res/layout/activity_main.xml     | 58 ++++++++++++++-----
 .../appid/android/api/LoginWidget.java        |  8 ++-
 .../AuthorizationManager.java                 | 46 ++++++++++++++-
 .../AuthorizationUIManager.java               |  2 +-
 .../internal/loginwidget/LoginWidgetImpl.java |  8 +++
 6 files changed, 140 insertions(+), 21 deletions(-)

diff --git a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
index 4118e00..dcfa201 100644
--- a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
+++ b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
@@ -134,20 +134,51 @@ public void onSignUpClick(View v) {
         loginWidget.launchSignUp(this, new AuthorizationListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
-                logger.info("onAuthorizationFailure: " + exception.getMessage());
+                logger.info("sign up: onAuthorizationFailure: " + exception.getMessage());
                 showResponse(exception.getMessage());
                 hideProgress();
             }
 
             @Override
             public void onAuthorizationCanceled() {
-                logger.info("onAuthorizationCanceled");
+                logger.info("sign up: onAuthorizationCanceled");
                 hideProgress();
             }
 
             @Override
             public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
-                logger.info("onAuthorizationSuccess");
+                logger.info("sign up: onAuthorizationSuccess");
+                logger.info("access_token: " + accessToken.getRaw());
+                logger.info("id_token: " + identityToken.getRaw());
+                logger.info("access_token isExpired: " + accessToken.isExpired());
+                logger.info("id_token isExpired: " + identityToken.isExpired());
+                identifiedAccessToken = accessToken;
+                extractAndDisplayDataFromIdentityToken(identityToken);
+            }
+        });
+    }
+
+    public void onChangePasswordClick(View v) {
+        logger.debug("onChangePasswordClick");
+        showProgress();
+        LoginWidget loginWidget = appId.getLoginWidget();
+        loginWidget.launchChangePassword(this, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                logger.info("Change Password: onAuthorizationFailure: " + exception.getMessage());
+                showResponse(exception.getMessage());
+                hideProgress();
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                logger.info("Change Password: onAuthorizationCanceled");
+                hideProgress();
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                logger.info("Change Password: onAuthorizationSuccess");
                 logger.info("access_token: " + accessToken.getRaw());
                 logger.info("id_token: " + identityToken.getRaw());
                 logger.info("access_token isExpired: " + accessToken.isExpired());
@@ -389,6 +420,7 @@ public void run() {
                 findViewById(R.id.putAttribute).setEnabled(false);
                 findViewById(R.id.editAttrName).setEnabled(false);
                 findViewById(R.id.editAttrValue).setEnabled(false);
+                findViewById(R.id.changePasswordButton).setEnabled(false);
             }
         });
     }
@@ -410,6 +442,7 @@ public void run() {
                 findViewById(R.id.putAttribute).setEnabled(true);
                 findViewById(R.id.editAttrName).setEnabled(true);
                 findViewById(R.id.editAttrValue).setEnabled(true);
+                findViewById(R.id.changePasswordButton).setEnabled(true);
             }
         });
     }
diff --git a/app/src/main/res/layout/activity_main.xml b/app/src/main/res/layout/activity_main.xml
index 2acf963..2a3ef7f 100644
--- a/app/src/main/res/layout/activity_main.xml
+++ b/app/src/main/res/layout/activity_main.xml
@@ -24,7 +24,7 @@
 
         <RelativeLayout
             android:layout_width="match_parent"
-            android:layout_height="48dp"
+            android:layout_height="52dp"
             android:layout_alignParentStart="true">
 
             <Button
@@ -41,20 +41,8 @@
 
         <LinearLayout
             android:layout_width="match_parent"
-            android:layout_height="82dp"
-            android:orientation="horizontal"
-            android:layout_weight="0.05">
-
-            <Button
-                android:id="@+id/anonloginButton"
-                android:layout_width="match_parent"
-                android:layout_height="wrap_content"
-                android:layout_alignParentStart="true"
-                android:layout_below="@+id/profilePic"
-                android:layout_weight="1"
-                android:onClick="onAnonLoginClick"
-                android:text="use anonymously"
-                android:textSize="12sp" />
+            android:layout_height="wrap_content"
+            android:orientation="horizontal">
 
             <Button
                 android:id="@+id/signUpButton"
@@ -106,6 +94,46 @@
                 android:textSize="12sp" />
         </LinearLayout>
 
+        <LinearLayout
+            android:layout_width="match_parent"
+            android:layout_height="54dp"
+            android:orientation="horizontal">
+
+            <Button
+                android:id="@+id/anonloginButton"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:layout_alignParentStart="true"
+                android:layout_below="@+id/profilePic"
+                android:layout_weight="1"
+                android:onClick="onAnonLoginClick"
+                android:text="use anonymously"
+                android:textAllCaps="false"
+                android:textSize="12sp" />
+
+            <Button
+                android:id="@+id/signUpButton"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:layout_alignParentStart="true"
+                android:layout_below="@+id/profilePic"
+                android:layout_weight="1"
+                android:onClick="onSignUpClick"
+                android:text="launch sign up only"
+                android:textSize="12sp" />
+
+            <Button
+                android:id="@+id/changePasswordButton"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:layout_alignParentStart="true"
+                android:layout_below="@+id/orText"
+                android:layout_weight="1"
+                android:onClick="onChangePasswordClick"
+                android:text="change password"
+                android:textSize="12sp" />
+        </LinearLayout>
+
         <RelativeLayout
             android:layout_width="match_parent"
             android:layout_height="88dp"
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
index 87ede00..a6b3064 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
@@ -26,10 +26,16 @@ public interface LoginWidget {
 	void launch (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener, String accessTokenString);
 	void launch (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener);
     /**
-     * Lunch only the sign up user interface
+     * Launch only the sign up user interface
      * @param activity Parent activity
      * @param authorizationListener
      */
     void launchSignUp (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener);
+	/**
+	 * Launch the change password user interface
+	 * @param activity Parent activity
+	 * @param authorizationListener
+	 */
+	void launchChangePassword (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener);
 }
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index 48594ef..baccf66 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -23,6 +23,7 @@
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
 import com.ibm.bluemix.appid.android.api.TokenResponseListener;
 import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
+import com.ibm.bluemix.appid.android.api.tokens.IdentityToken;
 import com.ibm.bluemix.appid.android.internal.OAuthManager;
 import com.ibm.bluemix.appid.android.internal.config.Config;
 import com.ibm.bluemix.appid.android.internal.network.AppIDRequest;
@@ -35,10 +36,12 @@
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener;
 import com.ibm.mobilefirstplatform.clientsdk.android.logger.api.Logger;
 
+import org.json.JSONException;
 import org.json.JSONObject;
 
 public class AuthorizationManager {
-	private static final String OAUTH_AUTHORIZATION_PATH = "/authorization";
+	private final static String OAUTH_AUTHORIZATION_PATH = "/authorization";
+    private final static String CHANGE_PASSWORD_PATH = "/cloud_directory/change_password";
 
 	private final AppID appId;
 	private final OAuthManager oAuthManager;
@@ -50,6 +53,7 @@ public class AuthorizationManager {
 	private final static String RESPONSE_TYPE = "response_type";
 	private final static String RESPONSE_TYPE_CODE = "code";
 	private final static String RESPONSE_TYPE_SIGN_UP = "sign_up";
+    private final static String USER_ID = "user_id";
 
 	private final static String SCOPE = "scope";
 	private final static String SCOPE_OPENID = "openid";
@@ -57,6 +61,7 @@ public class AuthorizationManager {
 	private final static String REDIRECT_URI = "redirect_uri";
 	private final static String IDP = "idp";
 	private final static String APPID_ACCESS_TOKEN = "appid_access_token";
+    private final static String ID = "id";
 
 	private String serverUrl;
 
@@ -97,6 +102,20 @@ private String getAuthorizationUrl(String idpName, AccessToken accessToken, Stri
 		return builder.build().toString();
 	}
 
+    /**
+     * @return the change password endpoint url.
+     */
+    private String getChangePasswordUrl(String userId, String redirectUri) {
+        String changePasswordEndpoint = Config.getOAuthServerUrl(this.appId) + CHANGE_PASSWORD_PATH;
+        String clientId = registrationManager.getRegistrationDataString(RegistrationManager.CLIENT_ID);
+        Uri.Builder builder = Uri.parse(changePasswordEndpoint).buildUpon()
+                .appendQueryParameter(USER_ID, userId)
+                .appendQueryParameter(CLIENT_ID, clientId)
+                .appendQueryParameter(REDIRECT_URI, redirectUri);
+
+        return  builder.build().toString();
+    }
+
 	public void launchAuthorizationUI (final Activity activity, final AuthorizationListener authorizationListener){
 		launchAuthorizationUI(activity, null, authorizationListener);
 	}
@@ -148,6 +167,31 @@ public void onRegistrationSuccess () {
 		});
 	}
 
+	/**
+	 * @param activity the activity to launch the chrome tab on to.
+	 * @param authorizationListener the authorization listener of the client.
+	 * launch the change password UI in chrome tab only if the client logged-in otherwise return an error.
+	 */
+	public void launchChangePasswordUI (final Activity activity, final AuthorizationListener authorizationListener){
+        IdentityToken currentIdToken = this.oAuthManager.getTokenManager().getLatestIdentityToken();
+        if (currentIdToken == null) {
+            authorizationListener.onAuthorizationFailure(new AuthorizationException("Please login first."));
+        } else {
+            String userId;
+            try {
+                userId = currentIdToken.getIdentities().getJSONObject(0).getString(ID);
+                String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
+                String changePasswordUrl = getChangePasswordUrl(userId, redirectUri);
+                AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, changePasswordUrl, redirectUri);
+                auim.launch(activity);
+
+            } catch (JSONException e) {
+                e.printStackTrace();
+                authorizationListener.onAuthorizationFailure(new AuthorizationException(e.getMessage()));
+            }
+        }
+	}
+
 	@VisibleForTesting
 	AuthorizationUIManager createAuthorizationUIManager(OAuthManager oAuthManager, AuthorizationListener authorizationListener, String authUrl, String redirectUri) {
 		return new AuthorizationUIManager(oAuthManager, authorizationListener, authUrl, redirectUri);
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationUIManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationUIManager.java
index db08061..7d25d4b 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationUIManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationUIManager.java
@@ -83,7 +83,7 @@ public void launch(final Activity activity) {
         AuthorizationFlowContextStore.push(authFlowContextGuid, ctx);
 
         // If we cant find a package name, it means there's no browser that supports
-        // Chrome Custom Tabs installed. So, we fallback to the WebView
+        // Chrome Custom Tabs installed.
         // (There might be a browser other than Chrome that support Chrome tabs)
 
         if (getPackageNameToUse(context) == null || !isChromeTabSupported) {
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
index 795a64e..ce31d31 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
@@ -58,5 +58,13 @@ public void launch (@NonNull final Activity activity, @NonNull final Authorizati
 	public void launchSignUp (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener) {
         oAuthManager.getAuthorizationManager().launchSignUpAuthorizationUI(activity, authorizationListener);
 	}
+
+	/**
+	 * @param activity
+	 * @param authorizationListener
+	 */
+	public void launchChangePassword (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener) {
+		oAuthManager.getAuthorizationManager().launchChangePasswordUI(activity, authorizationListener);
+	}
 }
 

From 200354bb7d02402cea2e4505397dd41ed2ad980c Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Tue, 18 Jul 2017 17:56:34 +0300
Subject: [PATCH 10/33] small fixes

---
 app/src/main/res/layout/activity_main.xml     |  12 -
 .../AuthorizationManager.java                 | 375 +++++++++---------
 2 files changed, 188 insertions(+), 199 deletions(-)

diff --git a/app/src/main/res/layout/activity_main.xml b/app/src/main/res/layout/activity_main.xml
index 2a3ef7f..8d3c5bb 100644
--- a/app/src/main/res/layout/activity_main.xml
+++ b/app/src/main/res/layout/activity_main.xml
@@ -108,18 +108,6 @@
                 android:layout_weight="1"
                 android:onClick="onAnonLoginClick"
                 android:text="use anonymously"
-                android:textAllCaps="false"
-                android:textSize="12sp" />
-
-            <Button
-                android:id="@+id/signUpButton"
-                android:layout_width="match_parent"
-                android:layout_height="wrap_content"
-                android:layout_alignParentStart="true"
-                android:layout_below="@+id/profilePic"
-                android:layout_weight="1"
-                android:onClick="onSignUpClick"
-                android:text="launch sign up only"
                 android:textSize="12sp" />
 
             <Button
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index baccf66..9504d6c 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -40,67 +40,69 @@
 import org.json.JSONObject;
 
 public class AuthorizationManager {
-	private final static String OAUTH_AUTHORIZATION_PATH = "/authorization";
+    private final static String OAUTH_AUTHORIZATION_PATH = "/authorization";
     private final static String CHANGE_PASSWORD_PATH = "/cloud_directory/change_password";
 
-	private final AppID appId;
-	private final OAuthManager oAuthManager;
-	private final RegistrationManager registrationManager;
+    private final AppID appId;
+    private final OAuthManager oAuthManager;
+    private final RegistrationManager registrationManager;
 
-	private AppIDRequestFactory appIDRequestFactory = new AppIDRequestFactory();
+    private AppIDRequestFactory appIDRequestFactory = new AppIDRequestFactory();
 
-	private final static String CLIENT_ID = "client_id";
-	private final static String RESPONSE_TYPE = "response_type";
-	private final static String RESPONSE_TYPE_CODE = "code";
-	private final static String RESPONSE_TYPE_SIGN_UP = "sign_up";
+    private final static String CLIENT_ID = "client_id";
+    private final static String RESPONSE_TYPE = "response_type";
+    private final static String RESPONSE_TYPE_CODE = "code";
+    private final static String RESPONSE_TYPE_SIGN_UP = "sign_up";
     private final static String USER_ID = "user_id";
 
-	private final static String SCOPE = "scope";
-	private final static String SCOPE_OPENID = "openid";
+    private final static String SCOPE = "scope";
+    private final static String SCOPE_OPENID = "openid";
 
-	private final static String REDIRECT_URI = "redirect_uri";
-	private final static String IDP = "idp";
-	private final static String APPID_ACCESS_TOKEN = "appid_access_token";
+    private final static String REDIRECT_URI = "redirect_uri";
+    private final static String IDP = "idp";
+    private final static String APPID_ACCESS_TOKEN = "appid_access_token";
     private final static String ID = "id";
+    private final static String PROVIDER = "provider";
+    private final static String CLOUD_DIRECTORY_IDP = "cloud_directory";
 
-	private String serverUrl;
+    private String serverUrl;
 
-	private final static Logger logger = Logger.getLogger(Logger.INTERNAL_PREFIX + AuthorizationManager.class.getName());
+    private final static Logger logger = Logger.getLogger(Logger.INTERNAL_PREFIX + AuthorizationManager.class.getName());
 
     /**
      * @param oAuthManager
-     * @param ctx the Context that will be bind to the custom chrome tab.
-     * The AuthorizationManager constructor.
+     * @param ctx          the Context that will be bind to the custom chrome tab.
+     *                     The AuthorizationManager constructor.
      */
-	public AuthorizationManager (final OAuthManager oAuthManager, final Context ctx) {
-		this.oAuthManager = oAuthManager;
-		this.appId = oAuthManager.getAppId();
-		this.registrationManager = oAuthManager.getRegistrationManager();
-		this.serverUrl = Config.getOAuthServerUrl(this.appId) + OAUTH_AUTHORIZATION_PATH;
-		AuthorizationUIManager.bindCustomTabsService(ctx, serverUrl);
-	}
-
-	/**
+    public AuthorizationManager(final OAuthManager oAuthManager, final Context ctx) {
+        this.oAuthManager = oAuthManager;
+        this.appId = oAuthManager.getAppId();
+        this.registrationManager = oAuthManager.getRegistrationManager();
+        this.serverUrl = Config.getOAuthServerUrl(this.appId) + OAUTH_AUTHORIZATION_PATH;
+        AuthorizationUIManager.bindCustomTabsService(ctx, serverUrl);
+    }
+
+    /**
      * @return The Authorization endpoint url.
      */
-	private String getAuthorizationUrl(String idpName, AccessToken accessToken, String responseType) {
-		String clientId = registrationManager.getRegistrationDataString(RegistrationManager.CLIENT_ID);
-		String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
-
-		Uri.Builder builder = Uri.parse(serverUrl).buildUpon()
-				.appendQueryParameter(RESPONSE_TYPE, responseType)
-				.appendQueryParameter(CLIENT_ID, clientId)
-				.appendQueryParameter(REDIRECT_URI, redirectUri)
-				.appendQueryParameter(SCOPE, SCOPE_OPENID);
-
-		if (idpName != null){
-			builder.appendQueryParameter(IDP, idpName);
-		}
-		if (accessToken != null){
-			builder.appendQueryParameter(APPID_ACCESS_TOKEN, accessToken.getRaw());
-		}
-		return builder.build().toString();
-	}
+    private String getAuthorizationUrl(String idpName, AccessToken accessToken, String responseType) {
+        String clientId = registrationManager.getRegistrationDataString(RegistrationManager.CLIENT_ID);
+        String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
+
+        Uri.Builder builder = Uri.parse(serverUrl).buildUpon()
+                .appendQueryParameter(RESPONSE_TYPE, responseType)
+                .appendQueryParameter(CLIENT_ID, clientId)
+                .appendQueryParameter(REDIRECT_URI, redirectUri)
+                .appendQueryParameter(SCOPE, SCOPE_OPENID);
+
+        if (idpName != null) {
+            builder.appendQueryParameter(IDP, idpName);
+        }
+        if (accessToken != null) {
+            builder.appendQueryParameter(APPID_ACCESS_TOKEN, accessToken.getRaw());
+        }
+        return builder.build().toString();
+    }
 
     /**
      * @return the change password endpoint url.
@@ -113,162 +115,161 @@ private String getChangePasswordUrl(String userId, String redirectUri) {
                 .appendQueryParameter(CLIENT_ID, clientId)
                 .appendQueryParameter(REDIRECT_URI, redirectUri);
 
-        return  builder.build().toString();
+        return builder.build().toString();
     }
 
-	public void launchAuthorizationUI (final Activity activity, final AuthorizationListener authorizationListener){
-		launchAuthorizationUI(activity, null, authorizationListener);
-	}
+    public void launchAuthorizationUI(final Activity activity, final AuthorizationListener authorizationListener) {
+        launchAuthorizationUI(activity, null, authorizationListener);
+    }
 
     /**
-     * @param activity the activity to launch the chrome tab on to.
-     * @param accessToken if not null, this access token will be added to the request.
+     * @param activity              the activity to launch the chrome tab on to.
+     * @param accessToken           if not null, this access token will be added to the request.
      * @param authorizationListener the authorization listener of the client.
-     * launch the authorization url in the chrome tab after successful registration.
+     *                              launch the authorization url in the chrome tab after successful registration.
      */
-	public void launchAuthorizationUI (final Activity activity, final AccessToken accessToken, final AuthorizationListener authorizationListener){
-		registrationManager.ensureRegistered(activity, new RegistrationListener() {
-			@Override
-			public void onRegistrationFailure (RegistrationStatus error) {
-				logger.error(error.getDescription());
-				authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
-			}
-
-			@Override
-			public void onRegistrationSuccess () {
-				String authorizationUrl = getAuthorizationUrl(null, accessToken, RESPONSE_TYPE_CODE);
-				String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
-				AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, authorizationUrl, redirectUri);
-				auim.launch(activity);
-			}
-		});
-	}
-
-	/**
-	 * @param activity the activity to launch the chrome tab on to.
-	 * @param authorizationListener the authorization listener of the client.
-	 * launch the authorization url with response_type=sign_up in the chrome tab after successful registration.
-	 */
-	public void launchSignUpAuthorizationUI (final Activity activity, final AuthorizationListener authorizationListener){
-		registrationManager.ensureRegistered(activity, new RegistrationListener() {
-			@Override
-			public void onRegistrationFailure (RegistrationStatus error) {
-				logger.error(error.getDescription());
-				authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
-			}
-
-			@Override
-			public void onRegistrationSuccess () {
-				String signUpAuthorizationUrl = getAuthorizationUrl(null, null, RESPONSE_TYPE_SIGN_UP);
-				String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
-				AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, signUpAuthorizationUrl, redirectUri);
-				auim.launch(activity);
-			}
-		});
-	}
-
-	/**
-	 * @param activity the activity to launch the chrome tab on to.
-	 * @param authorizationListener the authorization listener of the client.
-	 * launch the change password UI in chrome tab only if the client logged-in otherwise return an error.
-	 */
-	public void launchChangePasswordUI (final Activity activity, final AuthorizationListener authorizationListener){
-        IdentityToken currentIdToken = this.oAuthManager.getTokenManager().getLatestIdentityToken();
-        if (currentIdToken == null) {
-            authorizationListener.onAuthorizationFailure(new AuthorizationException("Please login first."));
-        } else {
-            String userId;
-            try {
-                userId = currentIdToken.getIdentities().getJSONObject(0).getString(ID);
+    public void launchAuthorizationUI(final Activity activity, final AccessToken accessToken, final AuthorizationListener authorizationListener) {
+        registrationManager.ensureRegistered(activity, new RegistrationListener() {
+            @Override
+            public void onRegistrationFailure(RegistrationStatus error) {
+                logger.error(error.getDescription());
+                authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
+            }
+
+            @Override
+            public void onRegistrationSuccess() {
+                String authorizationUrl = getAuthorizationUrl(null, accessToken, RESPONSE_TYPE_CODE);
+                String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
+                AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, authorizationUrl, redirectUri);
+                auim.launch(activity);
+            }
+        });
+    }
+
+    /**
+     * @param activity              the activity to launch the chrome tab on to.
+     * @param authorizationListener the authorization listener of the client.
+     *                              launch the authorization url with response_type=sign_up in the chrome tab after successful registration.
+     */
+    public void launchSignUpAuthorizationUI(final Activity activity, final AuthorizationListener authorizationListener) {
+        registrationManager.ensureRegistered(activity, new RegistrationListener() {
+            @Override
+            public void onRegistrationFailure(RegistrationStatus error) {
+                logger.error(error.getDescription());
+                authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
+            }
+
+            @Override
+            public void onRegistrationSuccess() {
+                String signUpAuthorizationUrl = getAuthorizationUrl(null, null, RESPONSE_TYPE_SIGN_UP);
+                String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
+                AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, signUpAuthorizationUrl, redirectUri);
+                auim.launch(activity);
+            }
+        });
+    }
+
+    /**
+     * @param activity              the activity to launch the chrome tab on to.
+     * @param authorizationListener the authorization listener of the client.
+     *                              launch the change password UI in chrome tab only if the client logged-in otherwise return an error.
+     */
+    public void launchChangePasswordUI(final Activity activity, final AuthorizationListener authorizationListener) {
+        try {
+            IdentityToken currentIdToken = this.oAuthManager.getTokenManager().getLatestIdentityToken();
+            if (currentIdToken == null) {
+                authorizationListener.onAuthorizationFailure(new AuthorizationException("No identity token found."));
+            } else if (!CLOUD_DIRECTORY_IDP.equals(currentIdToken.getIdentities().getJSONObject(0).getString(PROVIDER))) {
+                authorizationListener.onAuthorizationFailure(new AuthorizationException("The identity token was not retrieved using cloud directory idp."));
+            } else {
+                String userId = currentIdToken.getIdentities().getJSONObject(0).getString(ID);
                 String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
                 String changePasswordUrl = getChangePasswordUrl(userId, redirectUri);
                 AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, changePasswordUrl, redirectUri);
                 auim.launch(activity);
-
-            } catch (JSONException e) {
-                e.printStackTrace();
-                authorizationListener.onAuthorizationFailure(new AuthorizationException(e.getMessage()));
             }
+        } catch (JSONException e) {
+            e.printStackTrace();
+            authorizationListener.onAuthorizationFailure(new AuthorizationException(e.getMessage()));
+        }
+    }
+
+    @VisibleForTesting
+    AuthorizationUIManager createAuthorizationUIManager(OAuthManager oAuthManager, AuthorizationListener authorizationListener, String authUrl, String redirectUri) {
+        return new AuthorizationUIManager(oAuthManager, authorizationListener, authUrl, redirectUri);
+    }
+
+    private void continueAnonymousLogin(String accessTokenString, boolean allowCreateNewAnonymousUser, final AuthorizationListener listener) {
+        AccessToken accessToken;
+        if (accessTokenString == null) {
+            accessToken = oAuthManager.getTokenManager().getLatestAccessToken();
+        } else {
+            accessToken = new AccessTokenImpl(accessTokenString);
+        }
+
+        if (accessToken == null && !allowCreateNewAnonymousUser) {
+            listener.onAuthorizationFailure(new AuthorizationException("Not allowed to create new anonymous users"));
+            return;
         }
-	}
-
-	@VisibleForTesting
-	AuthorizationUIManager createAuthorizationUIManager(OAuthManager oAuthManager, AuthorizationListener authorizationListener, String authUrl, String redirectUri) {
-		return new AuthorizationUIManager(oAuthManager, authorizationListener, authUrl, redirectUri);
-	}
-
-	private void continueAnonymousLogin (String accessTokenString, boolean allowCreateNewAnonymousUser, final AuthorizationListener listener){
-		AccessToken accessToken;
-		if (accessTokenString == null){
-			accessToken = oAuthManager.getTokenManager().getLatestAccessToken();
-		} else {
-			accessToken = new AccessTokenImpl(accessTokenString);
-		}
-
-		if (accessToken == null && !allowCreateNewAnonymousUser){
-			listener.onAuthorizationFailure(new AuthorizationException("Not allowed to create new anonymous users"));
-			return;
-		}
-
-		String authorizationUrl = getAuthorizationUrl(AccessTokenImpl.IDP_ANONYMOUS, accessToken, RESPONSE_TYPE_CODE);
-
-		AppIDRequest request = appIDRequestFactory.createRequest(authorizationUrl, AppIDRequest.GET);
-		request.send(new ResponseListener(){
-						 @Override
-						 public void onSuccess(Response response) {
-							 logger.debug("loginAnonymously.Response in onSuccess:" + response.getResponseText());
-							 String location = response.getHeaders().get("Location").toString();
-							 String locationUrl = location.substring(1,location.length()-1); // removing []
-							 String code = Uri.parse(locationUrl).getQueryParameter("code");
-							 oAuthManager.getTokenManager().obtainTokens(code, listener);
-						 }
-
-						 @Override
-						 public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
-							 String message = (response == null) ? "" : response.getResponseText();
-							 logger.debug("loginAnonymously.Response in onFailure:" + message, t);
-							 message = (t != null) ? t.getLocalizedMessage() : "Authorization request failed.";
-							 message = (extendedInfo != null) ? message + extendedInfo.toString() : message;
-							 listener.onAuthorizationFailure(new AuthorizationException(message));
-						 }
-					 }
-		);
-	}
-
-	public void loginAnonymously(final Context context, final String accessTokenString, final boolean allowCreateNewAnonymousUser, final AuthorizationListener authorizationListener){
-		registrationManager.ensureRegistered(context, new RegistrationListener() {
-			@Override
-			public void onRegistrationFailure (RegistrationStatus error) {
-				logger.error(error.getDescription());
+
+        String authorizationUrl = getAuthorizationUrl(AccessTokenImpl.IDP_ANONYMOUS, accessToken, RESPONSE_TYPE_CODE);
+
+        AppIDRequest request = appIDRequestFactory.createRequest(authorizationUrl, AppIDRequest.GET);
+        request.send(new ResponseListener() {
+                         @Override
+                         public void onSuccess(Response response) {
+                             logger.debug("loginAnonymously.Response in onSuccess:" + response.getResponseText());
+                             String location = response.getHeaders().get("Location").toString();
+                             String locationUrl = location.substring(1, location.length() - 1); // removing []
+                             String code = Uri.parse(locationUrl).getQueryParameter("code");
+                             oAuthManager.getTokenManager().obtainTokens(code, listener);
+                         }
+
+                         @Override
+                         public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
+                             String message = (response == null) ? "" : response.getResponseText();
+                             logger.debug("loginAnonymously.Response in onFailure:" + message, t);
+                             message = (t != null) ? t.getLocalizedMessage() : "Authorization request failed.";
+                             message = (extendedInfo != null) ? message + extendedInfo.toString() : message;
+                             listener.onAuthorizationFailure(new AuthorizationException(message));
+                         }
+                     }
+        );
+    }
+
+    public void loginAnonymously(final Context context, final String accessTokenString, final boolean allowCreateNewAnonymousUser, final AuthorizationListener authorizationListener) {
+        registrationManager.ensureRegistered(context, new RegistrationListener() {
+            @Override
+            public void onRegistrationFailure(RegistrationStatus error) {
+                logger.error(error.getDescription());
                 authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
-			}
-
-			@Override
-			public void onRegistrationSuccess () {
-				continueAnonymousLogin(accessTokenString, allowCreateNewAnonymousUser, authorizationListener);
-			}
-		});
-	}
-
-	public void setAppIDRequestFactory(AppIDRequestFactory appIDRequestFactory) {
-		this.appIDRequestFactory = appIDRequestFactory;
-	}
-
-	public void obtainTokensWithROP(final Context context, final String username, final String password, final String accessTokenString, final TokenResponseListener tokenResponseListener) {
-		registrationManager.ensureRegistered(context, new RegistrationListener() {
-			@Override
-			public void onRegistrationFailure (RegistrationStatus error) {
-				logger.error(error.getDescription());
-				tokenResponseListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
-			}
-
-			@Override
-			public void onRegistrationSuccess () {
-				oAuthManager.getTokenManager().obtainTokens(username, password, accessTokenString, tokenResponseListener);
-			}
-		});
-	}
+            }
+
+            @Override
+            public void onRegistrationSuccess() {
+                continueAnonymousLogin(accessTokenString, allowCreateNewAnonymousUser, authorizationListener);
+            }
+        });
+    }
+
+    public void setAppIDRequestFactory(AppIDRequestFactory appIDRequestFactory) {
+        this.appIDRequestFactory = appIDRequestFactory;
+    }
 
+    public void obtainTokensWithROP(final Context context, final String username, final String password, final String accessTokenString, final TokenResponseListener tokenResponseListener) {
+        registrationManager.ensureRegistered(context, new RegistrationListener() {
+            @Override
+            public void onRegistrationFailure(RegistrationStatus error) {
+                logger.error(error.getDescription());
+                tokenResponseListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
+            }
+
+            @Override
+            public void onRegistrationSuccess() {
+                oAuthManager.getTokenManager().obtainTokens(username, password, accessTokenString, tokenResponseListener);
+            }
+        });
+    }
 
 
 }

From 18cb44a1de08b8355e4bc6b2692d11c4a1f0bb40 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Wed, 19 Jul 2017 16:47:27 +0300
Subject: [PATCH 11/33] added unit tests for change password

---
 .../AuthorizationManager_Test.java            | 112 ++++++++++++++++++
 .../loginwidget/LoginWidgetImpl_Test.java     |  33 ++++++
 2 files changed, 145 insertions(+)

diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index 86fa3b9..df0e0a1 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -36,6 +36,8 @@
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.Response;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener;
 
+import org.json.JSONArray;
+import org.json.JSONObject;
 import org.junit.Before;
 import org.junit.FixMethodOrder;
 import org.junit.Test;
@@ -86,6 +88,8 @@ public class AuthorizationManager_Test {
     private AppIDRequest mockRequest;
     @Mock
     private Activity mockActivity;
+    @Mock
+    private IdentityToken mockIdToken;
     private AuthorizationManager authManager;
     private String username = "testUser";
     private String password = "testPassword";
@@ -454,4 +458,112 @@ public void onAuthorizationCanceled() {
             }
         });
     }
+
+    @Test
+    public void launchChangePasswordUI_noIdToken() throws Exception {
+
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchChangePasswordUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                assertEquals(exception.getMessage(), "No identity token found.");
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
+
+    @Test
+    public void launchChangePasswordUI_IdTokenNotRetrievedWithCD() throws Exception {
+        when(oAuthManagerMock.getTokenManager()).thenReturn(tokenManagerMock);
+        when(tokenManagerMock.getLatestIdentityToken()).thenReturn(expectedIdToken);
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchChangePasswordUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                assertEquals(exception.getMessage(), "The identity token was not retrieved using cloud directory idp.");
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
+
+    @Test
+    public void launchChangePasswordUI_success() throws Exception {
+        when(oAuthManagerMock.getTokenManager()).thenReturn(tokenManagerMock);
+        when(tokenManagerMock.getLatestIdentityToken()).thenReturn(mockIdToken);
+        JSONArray identitiesArray = new JSONArray();
+        JSONObject providerObject = new JSONObject();
+        providerObject.put("provider", "cloud_directory");
+        providerObject.put("id", "1234");
+        identitiesArray.put(providerObject);
+        when(mockIdToken.getIdentities()).thenReturn(identitiesArray);
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchChangePasswordUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_password?user_id=1234&client_id=null&redirect_uri=null";
+                assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
+                verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
+
+    @Test
+    public void launchChangePasswordUI_JSONException() throws Exception {
+        when(oAuthManagerMock.getTokenManager()).thenReturn(tokenManagerMock);
+        when(tokenManagerMock.getLatestIdentityToken()).thenReturn(mockIdToken);
+        JSONArray identitiesArray = new JSONArray();
+        JSONObject providerObject = new JSONObject();
+        providerObject.put("provider", "cloud_directory");
+        identitiesArray.put(providerObject);
+        when(mockIdToken.getIdentities()).thenReturn(identitiesArray);
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchChangePasswordUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                assertEquals(exception.getMessage(), "No value for id");
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
 }
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
index f4d685e..327102f 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
@@ -162,4 +162,37 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
             }
         });
     }
+
+    @Test
+    public void launchChangePassword_test(){
+
+        doAnswer(new Answer() {
+            @Override
+            public Object answer(InvocationOnMock invocation) throws Throwable {
+                Object[] args = invocation.getArguments();
+                AccessToken accessToken = expectedAccessToken;
+                AuthorizationListener authorizationListener = (AuthorizationListener) args[1];
+                authorizationListener.onAuthorizationSuccess(accessToken, null);
+                return null;
+            }
+        }).when(mockAuthManager).launchSignUpAuthorizationUI(any(Activity.class), any(AuthorizationListener.class));
+
+
+        loginWidget.launchChangePassword(Mockito.mock(Activity.class), new AuthorizationListener() {
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationSuccess");
+            }
+
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                fail("should get to onAuthorizationSuccess");
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                assertEquals(accessToken, expectedAccessToken);
+            }
+        });
+    }
 }

From 5821b3da1010a1e31af9ff1ce28b92191ad2566f Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Wed, 19 Jul 2017 16:55:03 +0300
Subject: [PATCH 12/33] small fix to test app

---
 .../java/com/ibm/mobilefirstplatform/appid/MainActivity.java     | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
index dcfa201..613aaed 100644
--- a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
+++ b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
@@ -160,6 +160,7 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
 
     public void onChangePasswordClick(View v) {
         logger.debug("onChangePasswordClick");
+        showResponse("");
         showProgress();
         LoginWidget loginWidget = appId.getLoginWidget();
         loginWidget.launchChangePassword(this, new AuthorizationListener() {

From 84abe5cb4ed487873505f129aa556a037cc33c55 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Wed, 30 Aug 2017 16:07:02 +0300
Subject: [PATCH 13/33] added change details API

---
 .../appid/MainActivity.java                   | 34 +++++++++
 app/src/main/res/layout/activity_main.xml     | 11 +++
 lib/build.gradle                              |  2 +-
 .../appid/android/api/LoginWidget.java        |  6 ++
 .../AuthorizationManager.java                 | 74 ++++++++++++++++++-
 .../internal/loginwidget/LoginWidgetImpl.java |  8 ++
 6 files changed, 130 insertions(+), 5 deletions(-)

diff --git a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
index 613aaed..8060e1b 100644
--- a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
+++ b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
@@ -190,6 +190,38 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
         });
     }
 
+    public void onChangeDetailsClick(View v) {
+        logger.debug("onChangeDetailsClick");
+        showResponse("");
+        showProgress();
+        LoginWidget loginWidget = appId.getLoginWidget();
+        loginWidget.launchChangeDetails(this, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                logger.info("Change Details: onAuthorizationFailure: " + exception.getMessage());
+                showResponse(exception.getMessage());
+                hideProgress();
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                logger.info("Change Details: onAuthorizationCanceled");
+                hideProgress();
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                logger.info("Change Details: onAuthorizationSuccess");
+                logger.info("access_token: " + accessToken.getRaw());
+                logger.info("id_token: " + identityToken.getRaw());
+                logger.info("access_token isExpired: " + accessToken.isExpired());
+                logger.info("id_token isExpired: " + identityToken.isExpired());
+                identifiedAccessToken = accessToken;
+                extractAndDisplayDataFromIdentityToken(identityToken);
+            }
+        });
+    }
+
     public void onGetTokenUsingRoP(View v) {
         logger.debug("onGetTokenUsingRoP");
         showResponse("");
@@ -422,6 +454,7 @@ public void run() {
                 findViewById(R.id.editAttrName).setEnabled(false);
                 findViewById(R.id.editAttrValue).setEnabled(false);
                 findViewById(R.id.changePasswordButton).setEnabled(false);
+                findViewById(R.id.changeDetailsButton).setEnabled(false);
             }
         });
     }
@@ -444,6 +477,7 @@ public void run() {
                 findViewById(R.id.editAttrName).setEnabled(true);
                 findViewById(R.id.editAttrValue).setEnabled(true);
                 findViewById(R.id.changePasswordButton).setEnabled(true);
+                findViewById(R.id.changeDetailsButton).setEnabled(true);
             }
         });
     }
diff --git a/app/src/main/res/layout/activity_main.xml b/app/src/main/res/layout/activity_main.xml
index 8d3c5bb..7e3bde0 100644
--- a/app/src/main/res/layout/activity_main.xml
+++ b/app/src/main/res/layout/activity_main.xml
@@ -120,6 +120,17 @@
                 android:onClick="onChangePasswordClick"
                 android:text="change password"
                 android:textSize="12sp" />
+
+            <Button
+                android:id="@+id/changeDetailsButton"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:layout_alignParentStart="true"
+                android:layout_below="@+id/orText"
+                android:layout_weight="1"
+                android:onClick="onChangeDetailsClick"
+                android:text="change details"
+                android:textSize="13sp" />
         </LinearLayout>
 
         <RelativeLayout
diff --git a/lib/build.gradle b/lib/build.gradle
index 9dfa58c..768dd5f 100644
--- a/lib/build.gradle
+++ b/lib/build.gradle
@@ -54,5 +54,5 @@ dependencies {
     testCompile 'org.robolectric:shadows-httpclient:3.2.2'
     testCompile 'org.assertj:assertj-core:3.6.2'
     testCompile 'org.powermock:powermock-api-mockito:1.6.6'
-    compile 'org.apache.directory.studio:org.apache.commons.io:2.4'
+    testCompile 'commons-io:commons-io:2.4'
 }
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
index a6b3064..36344bd 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
@@ -37,5 +37,11 @@ public interface LoginWidget {
 	 * @param authorizationListener
 	 */
 	void launchChangePassword (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener);
+	/**
+	 * Launch the change details user interface
+	 * @param activity Parent activity
+	 * @param authorizationListener
+	 */
+	void launchChangeDetails (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener);
 }
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index 9504d6c..2e6ba72 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -32,6 +32,7 @@
 import com.ibm.bluemix.appid.android.internal.registrationmanager.RegistrationManager;
 import com.ibm.bluemix.appid.android.internal.registrationmanager.RegistrationStatus;
 import com.ibm.bluemix.appid.android.internal.tokens.AccessTokenImpl;
+import com.ibm.mobilefirstplatform.clientsdk.android.core.api.Request;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.Response;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener;
 import com.ibm.mobilefirstplatform.clientsdk.android.logger.api.Logger;
@@ -42,6 +43,8 @@
 public class AuthorizationManager {
     private final static String OAUTH_AUTHORIZATION_PATH = "/authorization";
     private final static String CHANGE_PASSWORD_PATH = "/cloud_directory/change_password";
+    private final static String CHANGE_DETAILS_PATH = "/cloud_directory/change_details";
+    private final static String GENERATE_CODE_PATH = "/cloud_directory/generate_code";
 
     private final AppID appId;
     private final OAuthManager oAuthManager;
@@ -64,6 +67,7 @@ public class AuthorizationManager {
     private final static String ID = "id";
     private final static String PROVIDER = "provider";
     private final static String CLOUD_DIRECTORY_IDP = "cloud_directory";
+    private final static String CODE = "code";
 
     private String serverUrl;
 
@@ -109,12 +113,27 @@ private String getAuthorizationUrl(String idpName, AccessToken accessToken, Stri
      */
     private String getChangePasswordUrl(String userId, String redirectUri) {
         String changePasswordEndpoint = Config.getOAuthServerUrl(this.appId) + CHANGE_PASSWORD_PATH;
+        return buildUrl(changePasswordEndpoint, userId, redirectUri, null);
+    }
+    /**
+     * @return the change details endpoint url.
+     */
+    private String getChangeDetailsUrl(String redirectUri, String code) {
+        String changeDetailsEndpoint = Config.getOAuthServerUrl(this.appId) + CHANGE_DETAILS_PATH;
+        return buildUrl(changeDetailsEndpoint, null, redirectUri, code);
+    }
+
+    private String buildUrl(String endpointUrl, String userId, String redirectUri, String code) {
         String clientId = registrationManager.getRegistrationDataString(RegistrationManager.CLIENT_ID);
-        Uri.Builder builder = Uri.parse(changePasswordEndpoint).buildUpon()
-                .appendQueryParameter(USER_ID, userId)
+        Uri.Builder builder = Uri.parse(endpointUrl).buildUpon()
                 .appendQueryParameter(CLIENT_ID, clientId)
                 .appendQueryParameter(REDIRECT_URI, redirectUri);
-
+        if (null != code) {
+            builder.appendQueryParameter(CODE, code);
+        }
+        if (null != userId) {
+            builder.appendQueryParameter(USER_ID, userId);
+        }
         return builder.build().toString();
     }
 
@@ -172,7 +191,7 @@ public void onRegistrationSuccess() {
     /**
      * @param activity              the activity to launch the chrome tab on to.
      * @param authorizationListener the authorization listener of the client.
-     *                              launch the change password UI in chrome tab only if the client logged-in otherwise return an error.
+     *                              Launch the change password UI in chrome tab only if the client logged-in otherwise return an error.
      */
     public void launchChangePasswordUI(final Activity activity, final AuthorizationListener authorizationListener) {
         try {
@@ -194,6 +213,53 @@ public void launchChangePasswordUI(final Activity activity, final AuthorizationL
         }
     }
 
+    /**
+     * @param activity              the activity to launch the chrome tab on to.
+     * @param authorizationListener the authorization listener of the client.
+     *                              Launch the change details UI in chrome tab only if the client logged-in otherwise return an error.
+     */
+    public void launchChangeDetailsUI(final Activity activity, final AuthorizationListener authorizationListener) {
+        try {
+            final IdentityToken currentIdToken = this.oAuthManager.getTokenManager().getLatestIdentityToken();
+            if (currentIdToken == null) {
+                authorizationListener.onAuthorizationFailure(new AuthorizationException("No identity token found."));
+            } else if (!CLOUD_DIRECTORY_IDP.equals(currentIdToken.getIdentities().getJSONObject(0).getString(PROVIDER))) {
+                authorizationListener.onAuthorizationFailure(new AuthorizationException("The identity token was not retrieved using cloud directory idp."));
+            } else {
+                String generateCodeURL = Config.getOAuthServerUrl(this.appId) + GENERATE_CODE_PATH;
+                Request r = new Request(generateCodeURL, Request.GET);
+                r.send(activity.getApplicationContext(), new ResponseListener() {
+                    @Override
+                    public void onSuccess(Response response) {
+                        logger.info("Code request success");
+                        String code = response.getResponseText();
+                        String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
+                        String changeDetailsUrl = getChangeDetailsUrl(redirectUri, code);
+                        AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, changeDetailsUrl, redirectUri);
+                        auim.launch(activity);
+                    }
+
+                    @Override
+                    public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
+                        String errorMsg = "Code request failure ";
+                        if (response != null) {
+                            errorMsg += ",response: " + response.toString();
+                        } else if (extendedInfo != null) {
+                            errorMsg += " ,extendedInfo: " + extendedInfo.toString();
+                        } else if (t != null) {
+                            errorMsg += " ,exception: " + t.getMessage();
+                        }
+                        logger.error(errorMsg);
+                        authorizationListener.onAuthorizationFailure(new AuthorizationException(errorMsg));
+                    }
+                });
+            }
+        } catch (JSONException e) {
+            e.printStackTrace();
+            authorizationListener.onAuthorizationFailure(new AuthorizationException(e.getMessage()));
+        }
+    }
+
     @VisibleForTesting
     AuthorizationUIManager createAuthorizationUIManager(OAuthManager oAuthManager, AuthorizationListener authorizationListener, String authUrl, String redirectUri) {
         return new AuthorizationUIManager(oAuthManager, authorizationListener, authUrl, redirectUri);
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
index ce31d31..2dbcb5f 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
@@ -66,5 +66,13 @@ public void launchSignUp (@NonNull final Activity activity, @NonNull final Autho
 	public void launchChangePassword (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener) {
 		oAuthManager.getAuthorizationManager().launchChangePasswordUI(activity, authorizationListener);
 	}
+
+	/**
+	 * @param activity
+	 * @param authorizationListener
+	 */
+	public void launchChangeDetails (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener) {
+		oAuthManager.getAuthorizationManager().launchChangeDetailsUI(activity, authorizationListener);
+	}
 }
 

From b24ae2c76b3044b8c0a606692f96be7ffb0d3a94 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Thu, 31 Aug 2017 16:07:59 +0300
Subject: [PATCH 14/33] added unit test for change details flow

---
 .../AuthorizationManager.java                 |   5 +-
 .../AuthorizationManager_Test.java            | 286 +++++++++++++++++-
 .../loginwidget/LoginWidgetImpl_Test.java     |  35 ++-
 3 files changed, 320 insertions(+), 6 deletions(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index 2e6ba72..b94609d 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -32,7 +32,6 @@
 import com.ibm.bluemix.appid.android.internal.registrationmanager.RegistrationManager;
 import com.ibm.bluemix.appid.android.internal.registrationmanager.RegistrationStatus;
 import com.ibm.bluemix.appid.android.internal.tokens.AccessTokenImpl;
-import com.ibm.mobilefirstplatform.clientsdk.android.core.api.Request;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.Response;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener;
 import com.ibm.mobilefirstplatform.clientsdk.android.logger.api.Logger;
@@ -227,8 +226,8 @@ public void launchChangeDetailsUI(final Activity activity, final AuthorizationLi
                 authorizationListener.onAuthorizationFailure(new AuthorizationException("The identity token was not retrieved using cloud directory idp."));
             } else {
                 String generateCodeURL = Config.getOAuthServerUrl(this.appId) + GENERATE_CODE_PATH;
-                Request r = new Request(generateCodeURL, Request.GET);
-                r.send(activity.getApplicationContext(), new ResponseListener() {
+                AppIDRequest request = appIDRequestFactory.createRequest(generateCodeURL, AppIDRequest.GET);
+                request.send(new ResponseListener() {
                     @Override
                     public void onSuccess(Response response) {
                         logger.info("Code request success");
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index df0e0a1..3de1da4 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -94,10 +94,10 @@ public class AuthorizationManager_Test {
     private String username = "testUser";
     private String password = "testPassword";
     private String testError = "Some Error";
+    private String code = "1234";
     private String passedAccessToken = Consts.ACCESS_TOKEN;
     private static final AccessToken expectedAccessToken = new AccessTokenImpl(Consts.ACCESS_TOKEN);
     private static final IdentityToken expectedIdToken = new IdentityTokenImpl(Consts.ID_TOKEN);
-
     private Response testResponse = new Response() {
         @Override
         public int getStatus() {
@@ -122,6 +122,30 @@ public Map<String, List<String>> getHeaders() {
         }
     };
 
+    private Response testGoodResponse = new Response() {
+        @Override
+        public int getStatus() {
+            return 200;
+        }
+
+        @Override
+        public String getResponseText() {
+            return code;
+        }
+
+        @Override
+        public byte[] getResponseBytes() {
+            return new byte[0];
+        }
+
+        @Override
+        public Map<String, List<String>> getHeaders() {
+            Map<String, List<String>> map =  new HashMap<String, List<String>>();
+            map.put("Location", new LinkedList<String>());
+            return map;
+        }
+    };
+
     @Before
     public void before() {
         MockitoAnnotations.initMocks(this);
@@ -521,7 +545,7 @@ public void launchChangePasswordUI_success() throws Exception {
         spyAuthManager.launchChangePasswordUI(mockActivity, new AuthorizationListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
-                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_password?user_id=1234&client_id=null&redirect_uri=null";
+                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_password?client_id=null&redirect_uri=null&user_id=1234";
                 assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
                 verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
             }
@@ -566,4 +590,262 @@ public void onAuthorizationCanceled() {
             }
         });
     }
+
+    @Test
+    public void launchChangeDetailsUI_noIdToken() throws Exception {
+
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchChangeDetailsUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                assertEquals(exception.getMessage(), "No identity token found.");
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
+
+    @Test
+    public void launchChangeDetailsUI_IdTokenNotRetrievedWithCD() throws Exception {
+        when(oAuthManagerMock.getTokenManager()).thenReturn(tokenManagerMock);
+        when(tokenManagerMock.getLatestIdentityToken()).thenReturn(expectedIdToken);
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchChangeDetailsUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                assertEquals(exception.getMessage(), "The identity token was not retrieved using cloud directory idp.");
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
+
+    @Test
+    public void launchChangeDetailsUI_success() throws Exception {
+        when(oAuthManagerMock.getTokenManager()).thenReturn(tokenManagerMock);
+        when(tokenManagerMock.getLatestIdentityToken()).thenReturn(mockIdToken);
+        authManager.setAppIDRequestFactory(appIDRequestFactoryMock);
+        when(appIDRequestFactoryMock.createRequest(anyString(), anyString())).thenReturn(mockRequest);
+        doAnswer(new Answer<Void>() {
+                     public Void answer(InvocationOnMock invocation) {
+                         Object[] args = invocation.getArguments();
+                         ResponseListener responseListener = (ResponseListener) args[0];
+                         responseListener.onSuccess(testGoodResponse);
+                         return null;
+                     }
+                 }
+        ).when(mockRequest).send(any(ResponseListener.class));
+        JSONArray identitiesArray = new JSONArray();
+        JSONObject providerObject = new JSONObject();
+        providerObject.put("provider", "cloud_directory");
+        providerObject.put("id", "1234");
+        identitiesArray.put(providerObject);
+        when(mockIdToken.getIdentities()).thenReturn(identitiesArray);
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchChangeDetailsUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_details?client_id=null&redirect_uri=null&code=1234";
+                assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
+                verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
+
+    @Test
+    public void launchChangeDetailsUI_JSONException() throws Exception {
+        when(oAuthManagerMock.getTokenManager()).thenReturn(tokenManagerMock);
+        when(tokenManagerMock.getLatestIdentityToken()).thenReturn(mockIdToken);
+        authManager.setAppIDRequestFactory(appIDRequestFactoryMock);
+        when(appIDRequestFactoryMock.createRequest(anyString(), anyString())).thenReturn(mockRequest);
+        doAnswer(new Answer<Void>() {
+                     public Void answer(InvocationOnMock invocation) {
+                         Object[] args = invocation.getArguments();
+                         ResponseListener responseListener = (ResponseListener) args[0];
+                         responseListener.onSuccess(testGoodResponse);
+                         return null;
+                     }
+                 }
+        ).when(mockRequest).send(any(ResponseListener.class));
+        JSONArray identitiesArray = new JSONArray();
+        JSONObject providerObject = new JSONObject();
+        identitiesArray.put(providerObject);
+        when(mockIdToken.getIdentities()).thenReturn(identitiesArray);
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchChangeDetailsUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                assertEquals(exception.getMessage(), "No value for provider");
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
+
+    @Test
+    public void launchChangeDetailsUI_failure_in_request_with_response() throws Exception {
+        when(oAuthManagerMock.getTokenManager()).thenReturn(tokenManagerMock);
+        when(tokenManagerMock.getLatestIdentityToken()).thenReturn(mockIdToken);
+        authManager.setAppIDRequestFactory(appIDRequestFactoryMock);
+        when(appIDRequestFactoryMock.createRequest(anyString(), anyString())).thenReturn(mockRequest);
+        doAnswer(new Answer<Void>() {
+                     public Void answer(InvocationOnMock invocation) {
+                         Object[] args = invocation.getArguments();
+                         ResponseListener responseListener = (ResponseListener) args[0];
+                         responseListener.onFailure(testResponse, null, null);
+                         return null;
+                     }
+                 }
+        ).when(mockRequest).send(any(ResponseListener.class));
+        JSONArray identitiesArray = new JSONArray();
+        JSONObject providerObject = new JSONObject();
+        providerObject.put("provider", "cloud_directory");
+        providerObject.put("id", "1234");
+        identitiesArray.put(providerObject);
+        when(mockIdToken.getIdentities()).thenReturn(identitiesArray);
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchChangeDetailsUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                String expectedError = "Code request failure ,response: " + testResponse.toString();
+                assertEquals(exception.getMessage(), expectedError);
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
+
+    @Test
+    public void launchChangeDetailsUI_failure_in_request_with_json() throws Exception {
+        final JSONObject expectedInfo = new JSONObject();
+        expectedInfo.put("error", "some error");
+        when(oAuthManagerMock.getTokenManager()).thenReturn(tokenManagerMock);
+        when(tokenManagerMock.getLatestIdentityToken()).thenReturn(mockIdToken);
+        authManager.setAppIDRequestFactory(appIDRequestFactoryMock);
+        when(appIDRequestFactoryMock.createRequest(anyString(), anyString())).thenReturn(mockRequest);
+        doAnswer(new Answer<Void>() {
+                     public Void answer(InvocationOnMock invocation) {
+                         Object[] args = invocation.getArguments();
+                         ResponseListener responseListener = (ResponseListener) args[0];
+                         responseListener.onFailure(null, null, expectedInfo);
+                         return null;
+                     }
+                 }
+        ).when(mockRequest).send(any(ResponseListener.class));
+        JSONArray identitiesArray = new JSONArray();
+        JSONObject providerObject = new JSONObject();
+        providerObject.put("provider", "cloud_directory");
+        providerObject.put("id", "1234");
+        identitiesArray.put(providerObject);
+        when(mockIdToken.getIdentities()).thenReturn(identitiesArray);
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchChangeDetailsUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                String expectedError = "Code request failure  ,extendedInfo: " + expectedInfo.toString();
+                assertEquals(exception.getMessage(), expectedError);
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
+
+    @Test
+    public void launchChangeDetailsUI_failure_in_request_with_exception() throws Exception {
+        final Throwable expectedException = new Throwable("some exception");
+        when(oAuthManagerMock.getTokenManager()).thenReturn(tokenManagerMock);
+        when(tokenManagerMock.getLatestIdentityToken()).thenReturn(mockIdToken);
+        authManager.setAppIDRequestFactory(appIDRequestFactoryMock);
+        when(appIDRequestFactoryMock.createRequest(anyString(), anyString())).thenReturn(mockRequest);
+        doAnswer(new Answer<Void>() {
+                     public Void answer(InvocationOnMock invocation) {
+                         Object[] args = invocation.getArguments();
+                         ResponseListener responseListener = (ResponseListener) args[0];
+                         responseListener.onFailure(null, expectedException, null);
+                         return null;
+                     }
+                 }
+        ).when(mockRequest).send(any(ResponseListener.class));
+        JSONArray identitiesArray = new JSONArray();
+        JSONObject providerObject = new JSONObject();
+        providerObject.put("provider", "cloud_directory");
+        providerObject.put("id", "1234");
+        identitiesArray.put(providerObject);
+        when(mockIdToken.getIdentities()).thenReturn(identitiesArray);
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchChangeDetailsUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                String expectedError = "Code request failure  ,exception: " + expectedException.getMessage();
+                assertEquals(exception.getMessage(), expectedError);
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
 }
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
index 327102f..3e7227c 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
@@ -175,7 +175,7 @@ public Object answer(InvocationOnMock invocation) throws Throwable {
                 authorizationListener.onAuthorizationSuccess(accessToken, null);
                 return null;
             }
-        }).when(mockAuthManager).launchSignUpAuthorizationUI(any(Activity.class), any(AuthorizationListener.class));
+        }).when(mockAuthManager).launchChangePasswordUI(any(Activity.class), any(AuthorizationListener.class));
 
 
         loginWidget.launchChangePassword(Mockito.mock(Activity.class), new AuthorizationListener() {
@@ -195,4 +195,37 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
             }
         });
     }
+
+    @Test
+    public void launchChangeDetails_test(){
+
+        doAnswer(new Answer() {
+            @Override
+            public Object answer(InvocationOnMock invocation) throws Throwable {
+                Object[] args = invocation.getArguments();
+                AccessToken accessToken = expectedAccessToken;
+                AuthorizationListener authorizationListener = (AuthorizationListener) args[1];
+                authorizationListener.onAuthorizationSuccess(accessToken, null);
+                return null;
+            }
+        }).when(mockAuthManager).launchChangeDetailsUI(any(Activity.class), any(AuthorizationListener.class));
+
+
+        loginWidget.launchChangeDetails(Mockito.mock(Activity.class), new AuthorizationListener() {
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationSuccess");
+            }
+
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                fail("should get to onAuthorizationSuccess");
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                assertEquals(accessToken, expectedAccessToken);
+            }
+        });
+    }
 }

From 7b4b7765fe9e2b952f335b821684b505eb4086ad Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Thu, 31 Aug 2017 16:34:34 +0300
Subject: [PATCH 15/33] added send with access and id token added to request
 with AppIDRequest

---
 .../authorizationmanager/AuthorizationManager.java  |  2 +-
 .../android/internal/network/AppIDRequest.java      | 13 +++++++++++--
 .../AuthorizationManager_Test.java                  | 10 +++++-----
 3 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index b94609d..4ce464a 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -251,7 +251,7 @@ public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
                         logger.error(errorMsg);
                         authorizationListener.onAuthorizationFailure(new AuthorizationException(errorMsg));
                     }
-                });
+                }, this.oAuthManager.getTokenManager().getLatestAccessToken(), this.oAuthManager.getTokenManager().getLatestIdentityToken());
             }
         } catch (JSONException e) {
             e.printStackTrace();
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest.java
index 3bf6c7a..4018e86 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest.java
@@ -14,6 +14,7 @@
 package com.ibm.bluemix.appid.android.internal.network;
 
 import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
+import com.ibm.bluemix.appid.android.api.tokens.IdentityToken;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.internal.BaseRequest;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.internal.TLSEnabledSSLSocketFactory;
@@ -56,6 +57,14 @@ public AppIDRequest (String url, String method) {
 		httpClient.setFollowRedirects(false);
 	}
 
+	public void send(final ResponseListener listener, final AccessToken accessToken, final IdentityToken identityToken) {
+        if (accessToken != null && identityToken != null) {
+            removeHeaders("Authorization");
+            addHeader("Authorization", "Bearer " + accessToken.getRaw() + " " + identityToken.getRaw());
+        }
+        send(listener);
+	}
+
 	public void send(final ResponseListener listener, final RequestBody requestBody, final AccessToken accessToken) {
 
 		if (accessToken != null) {
@@ -63,9 +72,9 @@ public void send(final ResponseListener listener, final RequestBody requestBody,
 			addHeader("Authorization", "Bearer " + accessToken.getRaw());
 		}
 
-		if (requestBody != null){
+		if (requestBody != null) {
 			super.sendRequest(listener, requestBody);
-		}else{
+		} else {
 			send(listener);
 		}
 	}
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index 3de1da4..a000c6a 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -652,7 +652,7 @@ public Void answer(InvocationOnMock invocation) {
                          return null;
                      }
                  }
-        ).when(mockRequest).send(any(ResponseListener.class));
+        ).when(mockRequest).send(any(ResponseListener.class), any(AccessToken.class), any(IdentityToken.class));
         JSONArray identitiesArray = new JSONArray();
         JSONObject providerObject = new JSONObject();
         providerObject.put("provider", "cloud_directory");
@@ -695,7 +695,7 @@ public Void answer(InvocationOnMock invocation) {
                          return null;
                      }
                  }
-        ).when(mockRequest).send(any(ResponseListener.class));
+        ).when(mockRequest).send(any(ResponseListener.class), any(AccessToken.class), any(IdentityToken.class));
         JSONArray identitiesArray = new JSONArray();
         JSONObject providerObject = new JSONObject();
         identitiesArray.put(providerObject);
@@ -734,7 +734,7 @@ public Void answer(InvocationOnMock invocation) {
                          return null;
                      }
                  }
-        ).when(mockRequest).send(any(ResponseListener.class));
+        ).when(mockRequest).send(any(ResponseListener.class), any(AccessToken.class), any(IdentityToken.class));
         JSONArray identitiesArray = new JSONArray();
         JSONObject providerObject = new JSONObject();
         providerObject.put("provider", "cloud_directory");
@@ -778,7 +778,7 @@ public Void answer(InvocationOnMock invocation) {
                          return null;
                      }
                  }
-        ).when(mockRequest).send(any(ResponseListener.class));
+        ).when(mockRequest).send(any(ResponseListener.class), any(AccessToken.class), any(IdentityToken.class));
         JSONArray identitiesArray = new JSONArray();
         JSONObject providerObject = new JSONObject();
         providerObject.put("provider", "cloud_directory");
@@ -821,7 +821,7 @@ public Void answer(InvocationOnMock invocation) {
                          return null;
                      }
                  }
-        ).when(mockRequest).send(any(ResponseListener.class));
+        ).when(mockRequest).send(any(ResponseListener.class), any(AccessToken.class), any(IdentityToken.class));
         JSONArray identitiesArray = new JSONArray();
         JSONObject providerObject = new JSONObject();
         providerObject.put("provider", "cloud_directory");

From 186a075acafa7467acf911a9c9152151a3c634f5 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Sun, 12 Nov 2017 15:56:17 +0200
Subject: [PATCH 16/33] return error directly to user

---
 .../appid/android/internal/tokenmanager/TokenManager.java       | 2 +-
 .../appid/android/internal/tokenmanager/TokenManager_Test.java  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
index bf16f00..9bd7dca 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
@@ -109,7 +109,7 @@ public void onFailure (Response response, Throwable t, JSONObject extendedInfo)
                         JSONObject responseJSON = new JSONObject(response.getResponseText());
                         if (INVALID_GRANT.equals(responseJSON.getString(ERROR_CODE))) {
                             errorDescription = responseJSON.getString(ERROR_DESCRIPTION);
-                            listener.onAuthorizationFailure(new AuthorizationException("Failed to retrieve tokens: " + errorDescription));
+                            listener.onAuthorizationFailure(new AuthorizationException(errorDescription));
                             return;
                         }
                     }
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
index bc0d2f2..49c41c1 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
@@ -213,7 +213,7 @@ public Object answer(InvocationOnMock invocation) throws Throwable {
         spyTokenManager.obtainTokens(username, password, null, new TokenResponseListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
-                assertEquals(exception.getMessage(), "Failed to retrieve tokens: " + testDescription);
+                assertEquals(exception.getMessage(),  testDescription);
             }
 
             @Override

From 3b4d0342d687530ce25a1065a9f3f0e8399eb73c Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Thu, 16 Nov 2017 16:34:38 +0200
Subject: [PATCH 17/33] added forgotPassword API and os version in client
 registration

---
 .../appid/MainActivity.java                   | 21 +++++++++
 app/src/main/res/layout/activity_main.xml     | 11 +++++
 .../api/AppIDAuthorizationManager.java        |  6 +++
 .../android/api/ForgotPasswordListener.java   | 18 ++++++++
 .../appid/android/api/LoginWidget.java        |  6 +++
 .../AuthorizationManager.java                 | 43 +++++++++++++++++--
 .../internal/loginwidget/LoginWidgetImpl.java |  9 ++++
 .../RegistrationManager.java                  |  2 +
 8 files changed, 112 insertions(+), 4 deletions(-)
 create mode 100644 lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java

diff --git a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
index 8060e1b..6451dfa 100644
--- a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
+++ b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
@@ -16,6 +16,7 @@
 import com.ibm.bluemix.appid.android.api.AppIDAuthorizationManager;
 import com.ibm.bluemix.appid.android.api.AuthorizationException;
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
+import com.ibm.bluemix.appid.android.api.ForgotPasswordListener;
 import com.ibm.bluemix.appid.android.api.LoginWidget;
 import com.ibm.bluemix.appid.android.api.TokenResponseListener;
 import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
@@ -158,6 +159,26 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
         });
     }
 
+    public void onForgotPasswordClick(View v) {
+        logger.debug("onForgotPasswordClick");
+        showProgress();
+        LoginWidget loginWidget = appId.getLoginWidget();
+        loginWidget.launchForgotPassword(this, new ForgotPasswordListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                logger.info("Forgot Password: onAuthorizationFailure: " + exception.getMessage());
+                showResponse(exception.getMessage());
+                hideProgress();
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                logger.info("Forgot Password: onAuthorizationCanceled");
+                hideProgress();
+            }
+        } );
+    }
+
     public void onChangePasswordClick(View v) {
         logger.debug("onChangePasswordClick");
         showResponse("");
diff --git a/app/src/main/res/layout/activity_main.xml b/app/src/main/res/layout/activity_main.xml
index 7e3bde0..0cb6456 100644
--- a/app/src/main/res/layout/activity_main.xml
+++ b/app/src/main/res/layout/activity_main.xml
@@ -99,6 +99,17 @@
             android:layout_height="54dp"
             android:orientation="horizontal">
 
+            <Button
+                android:id="@+id/forgotPassword"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:layout_alignParentStart="true"
+                android:layout_below="@+id/profilePic"
+                android:layout_weight="1"
+                android:onClick="onForgotPasswordClick"
+                android:text="forgot password"
+                android:textSize="12sp" />
+
             <Button
                 android:id="@+id/anonloginButton"
                 android:layout_width="match_parent"
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager.java
index f0137e7..7479494 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager.java
@@ -165,6 +165,12 @@ public AppIdentity getAppIdentity () {
 		return new BaseAppIdentity(map);
 	}
 
+	/**
+	 * log out
+	 * @param context
+	 * @param listener
+	 * currently just call to clearAuthorizationData()
+	 */
 	@Override
 	public void logout (Context context, ResponseListener listener) {
 		logger.debug("logout");
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java
new file mode 100644
index 0000000..12da7be
--- /dev/null
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java
@@ -0,0 +1,18 @@
+/*
+	Copyright 2017 IBM Corp.
+	Licensed under the Apache License, Version 2.0 (the "License");
+	you may not use this file except in compliance with the License.
+	You may obtain a copy of the License at
+	http://www.apache.org/licenses/LICENSE-2.0
+	Unless required by applicable law or agreed to in writing, software
+	distributed under the License is distributed on an "AS IS" BASIS,
+	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+	See the License for the specific language governing permissions and
+	limitations under the License.
+*/
+package com.ibm.bluemix.appid.android.api;
+
+public interface ForgotPasswordListener {
+    void onAuthorizationFailure(AuthorizationException exception);
+    void onAuthorizationCanceled();
+}
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
index 36344bd..4cb69c3 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
@@ -43,5 +43,11 @@ public interface LoginWidget {
 	 * @param authorizationListener
 	 */
 	void launchChangeDetails (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener);
+	/**
+	 * Launch the forgot password user interface
+	 * @param activity Parent activity
+	 * @param forgotPasswordListener
+	 */
+	void launchForgotPassword (@NonNull final Activity activity, @NonNull final ForgotPasswordListener forgotPasswordListener);
 }
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index 4ce464a..461cc00 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -21,6 +21,7 @@
 import com.ibm.bluemix.appid.android.api.AppID;
 import com.ibm.bluemix.appid.android.api.AuthorizationException;
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
+import com.ibm.bluemix.appid.android.api.ForgotPasswordListener;
 import com.ibm.bluemix.appid.android.api.TokenResponseListener;
 import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
 import com.ibm.bluemix.appid.android.api.tokens.IdentityToken;
@@ -44,6 +45,7 @@ public class AuthorizationManager {
     private final static String CHANGE_PASSWORD_PATH = "/cloud_directory/change_password";
     private final static String CHANGE_DETAILS_PATH = "/cloud_directory/change_details";
     private final static String GENERATE_CODE_PATH = "/cloud_directory/generate_code";
+    private final static String FORGOT_PASSWORD_PATH = "/cloud_directory/forgot_password";
 
     private final AppID appId;
     private final OAuthManager oAuthManager;
@@ -121,12 +123,22 @@ private String getChangeDetailsUrl(String redirectUri, String code) {
         String changeDetailsEndpoint = Config.getOAuthServerUrl(this.appId) + CHANGE_DETAILS_PATH;
         return buildUrl(changeDetailsEndpoint, null, redirectUri, code);
     }
-
+    /**
+     * @return the forgot password endpoint url.
+     */
+    private String getForgotPasswordUrl() {
+        String forgotPasswordEndpoint = Config.getOAuthServerUrl(this.appId) + FORGOT_PASSWORD_PATH;
+        return buildUrl(forgotPasswordEndpoint, null, null, null);
+    }
     private String buildUrl(String endpointUrl, String userId, String redirectUri, String code) {
         String clientId = registrationManager.getRegistrationDataString(RegistrationManager.CLIENT_ID);
-        Uri.Builder builder = Uri.parse(endpointUrl).buildUpon()
-                .appendQueryParameter(CLIENT_ID, clientId)
-                .appendQueryParameter(REDIRECT_URI, redirectUri);
+        Uri.Builder builder = Uri.parse(endpointUrl).buildUpon();
+        if (null != clientId) {
+            builder.appendQueryParameter(CLIENT_ID, clientId);
+        }
+        if (null != redirectUri) {
+            builder.appendQueryParameter(REDIRECT_URI, redirectUri);
+        }
         if (null != code) {
             builder.appendQueryParameter(CODE, code);
         }
@@ -259,6 +271,29 @@ public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
         }
     }
 
+    public void launchForgotPassword(final Activity activity, final ForgotPasswordListener forgotPasswordListener) {
+        AuthorizationListener authorizationListener = new AuthorizationListener() {
+            @Override
+            public void onAuthorizationCanceled() {
+                forgotPasswordListener.onAuthorizationCanceled();
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                //This is empty since in the end of forgot password flow we don't get tokens
+            }
+
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                forgotPasswordListener.onAuthorizationFailure(exception);
+            }
+        };
+        String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
+        String forgotPasswordUrl = getForgotPasswordUrl();
+        AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, forgotPasswordUrl, redirectUri);
+        auim.launch(activity);
+    }
+
     @VisibleForTesting
     AuthorizationUIManager createAuthorizationUIManager(OAuthManager oAuthManager, AuthorizationListener authorizationListener, String authUrl, String redirectUri) {
         return new AuthorizationUIManager(oAuthManager, authorizationListener, authUrl, redirectUri);
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
index 2dbcb5f..6622034 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
@@ -17,6 +17,7 @@
 import android.support.annotation.NonNull;
 
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
+import com.ibm.bluemix.appid.android.api.ForgotPasswordListener;
 import com.ibm.bluemix.appid.android.api.LoginWidget;
 import com.ibm.bluemix.appid.android.internal.OAuthManager;
 import com.ibm.bluemix.appid.android.internal.tokens.AccessTokenImpl;
@@ -74,5 +75,13 @@ public void launchChangePassword (@NonNull final Activity activity, @NonNull fin
 	public void launchChangeDetails (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener) {
 		oAuthManager.getAuthorizationManager().launchChangeDetailsUI(activity, authorizationListener);
 	}
+
+	/**
+	 * @param activity
+	 * @param forgotPasswordListener
+	 */
+	public void launchForgotPassword (@NonNull final Activity activity, @NonNull final ForgotPasswordListener forgotPasswordListener) {
+		oAuthManager.getAuthorizationManager().launchForgotPassword(activity, forgotPasswordListener);
+	}
 }
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/registrationmanager/RegistrationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/registrationmanager/RegistrationManager.java
index 45b884d..e30c760 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/registrationmanager/RegistrationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/registrationmanager/RegistrationManager.java
@@ -55,6 +55,7 @@ public class RegistrationManager {
 	public static final String DEVICE_ID = "device_id";
 	public static final String DEVICE_MODEL = "device_model";
 	public static final String DEVICE_OS = "device_os";
+	public static final String DEVICE_OS_VERSION = "device_os_version";
 	public static final String CLIENT_TYPE = "client_type";
 	public static final String REDIRECT_URIS = "redirect_uris";
 
@@ -179,6 +180,7 @@ private JSONObject createRegistrationParams(Context context) throws Exception {
         params.put(DEVICE_ID, deviceData.getId());
         params.put(DEVICE_MODEL, deviceData.getModel());
         params.put(DEVICE_OS, "android");
+		params.put(DEVICE_OS_VERSION, deviceData.getOSVersion());
         params.put(CLIENT_TYPE, "mobileapp");
         params.put("jwks", jwks);
 		logger.debug("OAuth client registration parameters");

From 9189714c3e67c03dc3cd5ea60485ca665707472b Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Thu, 16 Nov 2017 20:50:02 +0200
Subject: [PATCH 18/33] fix test and add

---
 .../AuthorizationManager.java                 | 42 ++++++++++++-------
 .../internal/loginwidget/LoginWidgetImpl.java |  2 +-
 .../AuthorizationManager_Test.java            | 35 +++++++++++++++-
 .../loginwidget/LoginWidgetImpl_Test.java     | 27 ++++++++++++
 .../UserAttributeManagerImpl_Test.java        | 30 -------------
 5 files changed, 88 insertions(+), 48 deletions(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index 461cc00..00dc4ec 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -271,27 +271,39 @@ public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
         }
     }
 
-    public void launchForgotPassword(final Activity activity, final ForgotPasswordListener forgotPasswordListener) {
-        AuthorizationListener authorizationListener = new AuthorizationListener() {
+    public void launchForgotPasswordUI(final Activity activity, final ForgotPasswordListener forgotPasswordListener) {
+        registrationManager.ensureRegistered(activity, new RegistrationListener() {
             @Override
-            public void onAuthorizationCanceled() {
-                forgotPasswordListener.onAuthorizationCanceled();
+            public void onRegistrationFailure(RegistrationStatus error) {
+                logger.error(error.getDescription());
+                forgotPasswordListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
             }
 
             @Override
-            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
-                //This is empty since in the end of forgot password flow we don't get tokens
-            }
+            public void onRegistrationSuccess() {
+                AuthorizationListener authorizationListener = new AuthorizationListener() {
+                    @Override
+                    public void onAuthorizationCanceled() {
+                        forgotPasswordListener.onAuthorizationCanceled();
+                    }
 
-            @Override
-            public void onAuthorizationFailure(AuthorizationException exception) {
-                forgotPasswordListener.onAuthorizationFailure(exception);
+                    @Override
+                    public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                        //This should not get called since in the end of forgot password flow we don't get tokens
+                        forgotPasswordListener.onAuthorizationFailure(new AuthorizationException("Forgot password flow must not invoked onAuthorizationSuccess"));
+                    }
+
+                    @Override
+                    public void onAuthorizationFailure(AuthorizationException exception) {
+                        forgotPasswordListener.onAuthorizationFailure(exception);
+                    }
+                };
+                String forgotPasswordUrl = getForgotPasswordUrl();
+                AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, forgotPasswordUrl, null);
+                auim.launch(activity);
             }
-        };
-        String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
-        String forgotPasswordUrl = getForgotPasswordUrl();
-        AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, forgotPasswordUrl, redirectUri);
-        auim.launch(activity);
+        });
+
     }
 
     @VisibleForTesting
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
index 6622034..e912e2b 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
@@ -81,7 +81,7 @@ public void launchChangeDetails (@NonNull final Activity activity, @NonNull fina
 	 * @param forgotPasswordListener
 	 */
 	public void launchForgotPassword (@NonNull final Activity activity, @NonNull final ForgotPasswordListener forgotPasswordListener) {
-		oAuthManager.getAuthorizationManager().launchForgotPassword(activity, forgotPasswordListener);
+		oAuthManager.getAuthorizationManager().launchForgotPasswordUI(activity, forgotPasswordListener);
 	}
 }
 
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index a000c6a..6ad600d 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -19,6 +19,7 @@
 import com.ibm.bluemix.appid.android.api.AppID;
 import com.ibm.bluemix.appid.android.api.AuthorizationException;
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
+import com.ibm.bluemix.appid.android.api.ForgotPasswordListener;
 import com.ibm.bluemix.appid.android.api.TokenResponseListener;
 import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
 import com.ibm.bluemix.appid.android.api.tokens.IdentityToken;
@@ -545,7 +546,7 @@ public void launchChangePasswordUI_success() throws Exception {
         spyAuthManager.launchChangePasswordUI(mockActivity, new AuthorizationListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
-                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_password?client_id=null&redirect_uri=null&user_id=1234";
+                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_password?user_id=1234";
                 assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
                 verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
             }
@@ -664,7 +665,7 @@ public Void answer(InvocationOnMock invocation) {
         spyAuthManager.launchChangeDetailsUI(mockActivity, new AuthorizationListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
-                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_details?client_id=null&redirect_uri=null&code=1234";
+                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_details?code=1234";
                 assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
                 verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
             }
@@ -848,4 +849,34 @@ public void onAuthorizationCanceled() {
             }
         });
     }
+
+    @Test
+    public void launchForgotPasswordUI_failure() throws Exception {
+
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        doAnswer(new Answer<Void>() {
+                     public Void answer(InvocationOnMock invocation) {
+                         Object[] args = invocation.getArguments();
+                         RegistrationListener regListener = (RegistrationListener) args[1];
+                         regListener.onRegistrationSuccess();
+                         return null;
+                     }
+                 }
+        ).when(registrationManager).ensureRegistered(eq(mockActivity), any(RegistrationListener.class));
+
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchForgotPasswordUI(mockActivity, new ForgotPasswordListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/forgot_password";
+                assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
+                verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
 }
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
index 3e7227c..5a399a0 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
@@ -16,6 +16,7 @@
 
 import com.ibm.bluemix.appid.android.api.AuthorizationException;
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
+import com.ibm.bluemix.appid.android.api.ForgotPasswordListener;
 import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
 import com.ibm.bluemix.appid.android.api.tokens.IdentityToken;
 import com.ibm.bluemix.appid.android.internal.OAuthManager;
@@ -228,4 +229,30 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
             }
         });
     }
+
+    @Test
+    public void launchForgotPassword_test(){
+
+        doAnswer(new Answer() {
+            @Override
+            public Object answer(InvocationOnMock invocation) throws Throwable {
+                Object[] args = invocation.getArguments();
+                ForgotPasswordListener forgotPasswordListener = (ForgotPasswordListener) args[1];
+                forgotPasswordListener.onAuthorizationCanceled();
+                return null;
+            }
+        }).when(mockAuthManager).launchForgotPasswordUI(any(Activity.class), any(ForgotPasswordListener.class));
+
+
+        loginWidget.launchForgotPassword(Mockito.mock(Activity.class), new ForgotPasswordListener() {
+            @Override
+            public void onAuthorizationCanceled() {
+            }
+
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                fail("should get to onAuthorizationCanceled");
+            }
+        });
+    }
 }
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java
index ecaf5ef..a7795b2 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java
@@ -465,16 +465,6 @@ public void onFailure(UserAttributesException e) {
     @Test
     public void setAttribute_no_token_supply() {
 
-        doAnswer(new Answer() {
-            @Override
-            public Object answer(InvocationOnMock invocation) throws Throwable {
-                Object[] args = invocation.getArguments();
-                ResponseListener responseListener = (ResponseListener) args[0];
-                responseListener.onFailure(null, null, null);
-                return null;
-            }
-        }).when(stubRequest).send(any(ResponseListener.class), any(RequestBody.class), eq(expectedAccessToken));
-
         final Response testReponse = new Response() {
             @Override
             public int getStatus() {
@@ -539,16 +529,6 @@ public void onFailure(UserAttributesException e) {
     @Test
     public void getAttribute_no_token_supply() {
 
-        doAnswer(new Answer() {
-            @Override
-            public Object answer(InvocationOnMock invocation) throws Throwable {
-                Object[] args = invocation.getArguments();
-                ResponseListener responseListener = (ResponseListener) args[0];
-                responseListener.onFailure(null, null, null);
-                return null;
-            }
-        }).when(stubRequest).send(any(ResponseListener.class), any(RequestBody.class), eq(expectedAccessToken));
-
         final Response testReponse = new Response() {
             @Override
             public int getStatus() {
@@ -612,16 +592,6 @@ public void onFailure(UserAttributesException e) {
     @Test
     public void deleteAttribute_no_token_supply() {
 
-        doAnswer(new Answer() {
-            @Override
-            public Object answer(InvocationOnMock invocation) throws Throwable {
-                Object[] args = invocation.getArguments();
-                ResponseListener responseListener = (ResponseListener) args[0];
-                responseListener.onFailure(null, null, null);
-                return null;
-            }
-        }).when(stubRequest).send(any(ResponseListener.class), any(RequestBody.class), eq(expectedAccessToken));
-
         final Response testReponse = new Response() {
             @Override
             public int getStatus() {

From fe803567660c61b17d7bd3760d9ce79775e82f39 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Thu, 16 Nov 2017 21:07:09 +0200
Subject: [PATCH 19/33] renaming

---
 .../com/ibm/mobilefirstplatform/appid/MainActivity.java   | 8 ++++----
 .../bluemix/appid/android/api/ForgotPasswordListener.java | 4 ++--
 .../authorizationmanager/AuthorizationManager.java        | 8 ++++----
 .../authorizationmanager/AuthorizationManager_Test.java   | 4 ++--
 .../internal/loginwidget/LoginWidgetImpl_Test.java        | 7 ++++---
 5 files changed, 16 insertions(+), 15 deletions(-)

diff --git a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
index 6451dfa..af7e8b2 100644
--- a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
+++ b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
@@ -165,15 +165,15 @@ public void onForgotPasswordClick(View v) {
         LoginWidget loginWidget = appId.getLoginWidget();
         loginWidget.launchForgotPassword(this, new ForgotPasswordListener() {
             @Override
-            public void onAuthorizationFailure(AuthorizationException exception) {
-                logger.info("Forgot Password: onAuthorizationFailure: " + exception.getMessage());
+            public void onFailure(AuthorizationException exception) {
+                logger.info("Forgot Password: onFailure: " + exception.getMessage());
                 showResponse(exception.getMessage());
                 hideProgress();
             }
 
             @Override
-            public void onAuthorizationCanceled() {
-                logger.info("Forgot Password: onAuthorizationCanceled");
+            public void onFinish() {
+                logger.info("Forgot Password: onFinish");
                 hideProgress();
             }
         } );
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java
index 12da7be..50b05a6 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java
@@ -13,6 +13,6 @@
 package com.ibm.bluemix.appid.android.api;
 
 public interface ForgotPasswordListener {
-    void onAuthorizationFailure(AuthorizationException exception);
-    void onAuthorizationCanceled();
+    void onFailure(AuthorizationException exception);
+    void onFinish();
 }
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index 00dc4ec..8001d64 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -276,7 +276,7 @@ public void launchForgotPasswordUI(final Activity activity, final ForgotPassword
             @Override
             public void onRegistrationFailure(RegistrationStatus error) {
                 logger.error(error.getDescription());
-                forgotPasswordListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
+                forgotPasswordListener.onFailure(new AuthorizationException(error.getDescription()));
             }
 
             @Override
@@ -284,18 +284,18 @@ public void onRegistrationSuccess() {
                 AuthorizationListener authorizationListener = new AuthorizationListener() {
                     @Override
                     public void onAuthorizationCanceled() {
-                        forgotPasswordListener.onAuthorizationCanceled();
+                        forgotPasswordListener.onFinish();
                     }
 
                     @Override
                     public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
                         //This should not get called since in the end of forgot password flow we don't get tokens
-                        forgotPasswordListener.onAuthorizationFailure(new AuthorizationException("Forgot password flow must not invoked onAuthorizationSuccess"));
+                        forgotPasswordListener.onFailure(new AuthorizationException("Forgot password flow must not invoked onAuthorizationSuccess"));
                     }
 
                     @Override
                     public void onAuthorizationFailure(AuthorizationException exception) {
-                        forgotPasswordListener.onAuthorizationFailure(exception);
+                        forgotPasswordListener.onFailure(exception);
                     }
                 };
                 String forgotPasswordUrl = getForgotPasswordUrl();
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index 6ad600d..7322b6b 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -867,14 +867,14 @@ public Void answer(InvocationOnMock invocation) {
         when(mockActivity.getApplicationContext()).thenReturn(mockContext);
         spyAuthManager.launchForgotPasswordUI(mockActivity, new ForgotPasswordListener() {
             @Override
-            public void onAuthorizationFailure(AuthorizationException exception) {
+            public void onFailure(AuthorizationException exception) {
                 String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/forgot_password";
                 assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
                 verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
             }
 
             @Override
-            public void onAuthorizationCanceled() {
+            public void onFinish() {
                 fail("should get to onAuthorizationFailure");
             }
         });
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
index 5a399a0..8c25312 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
@@ -238,7 +238,7 @@ public void launchForgotPassword_test(){
             public Object answer(InvocationOnMock invocation) throws Throwable {
                 Object[] args = invocation.getArguments();
                 ForgotPasswordListener forgotPasswordListener = (ForgotPasswordListener) args[1];
-                forgotPasswordListener.onAuthorizationCanceled();
+                forgotPasswordListener.onFinish();
                 return null;
             }
         }).when(mockAuthManager).launchForgotPasswordUI(any(Activity.class), any(ForgotPasswordListener.class));
@@ -246,11 +246,12 @@ public Object answer(InvocationOnMock invocation) throws Throwable {
 
         loginWidget.launchForgotPassword(Mockito.mock(Activity.class), new ForgotPasswordListener() {
             @Override
-            public void onAuthorizationCanceled() {
+            public void onFinish() {
+                assert(true);
             }
 
             @Override
-            public void onAuthorizationFailure(AuthorizationException exception) {
+            public void onFailure(AuthorizationException exception) {
                 fail("should get to onAuthorizationCanceled");
             }
         });

From 64dd4c0b5b913277611d88add901dc6fdec99d13 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Wed, 22 Nov 2017 15:27:46 +0200
Subject: [PATCH 20/33] finish forgot password support

---
 .../appid/MainActivity.java                   | 58 +++++++++++++------
 .../appid/android/api/LoginWidget.java        |  4 +-
 .../AuthorizationManager.java                 | 30 +++-------
 .../ChromeTabActivity.java                    |  9 +++
 .../internal/loginwidget/LoginWidgetImpl.java |  6 +-
 .../AuthorizationManager_Test.java            | 11 +++-
 .../loginwidget/LoginWidgetImpl_Test.java     | 18 ++++--
 7 files changed, 80 insertions(+), 56 deletions(-)

diff --git a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
index af7e8b2..cbca033 100644
--- a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
+++ b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
@@ -16,7 +16,6 @@
 import com.ibm.bluemix.appid.android.api.AppIDAuthorizationManager;
 import com.ibm.bluemix.appid.android.api.AuthorizationException;
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
-import com.ibm.bluemix.appid.android.api.ForgotPasswordListener;
 import com.ibm.bluemix.appid.android.api.LoginWidget;
 import com.ibm.bluemix.appid.android.api.TokenResponseListener;
 import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
@@ -118,12 +117,18 @@ public void onAuthorizationCanceled() {
             @Override
             public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
                 logger.info("onAuthorizationSuccess");
-                logger.info("access_token: " + accessToken.getRaw());
-                logger.info("id_token: " + identityToken.getRaw());
-                logger.info("access_token isExpired: " + accessToken.isExpired());
-                logger.info("id_token isExpired: " + identityToken.isExpired());
-                identifiedAccessToken = accessToken;
-                extractAndDisplayDataFromIdentityToken(identityToken);
+                if (accessToken != null && identityToken != null) {
+                    logger.info("access_token: " + accessToken.getRaw());
+                    logger.info("id_token: " + identityToken.getRaw());
+                    logger.info("access_token isExpired: " + accessToken.isExpired());
+                    logger.info("id_token isExpired: " + identityToken.isExpired());
+                    identifiedAccessToken = accessToken;
+                    extractAndDisplayDataFromIdentityToken(identityToken);
+                } else {
+                    //in case we are in strict mode
+                    hideProgress();
+                }
+
             }
         }, anonymousAccessToken != null ? anonymousAccessToken.getRaw() : null);
     }
@@ -149,12 +154,19 @@ public void onAuthorizationCanceled() {
             @Override
             public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
                 logger.info("sign up: onAuthorizationSuccess");
-                logger.info("access_token: " + accessToken.getRaw());
-                logger.info("id_token: " + identityToken.getRaw());
-                logger.info("access_token isExpired: " + accessToken.isExpired());
-                logger.info("id_token isExpired: " + identityToken.isExpired());
-                identifiedAccessToken = accessToken;
-                extractAndDisplayDataFromIdentityToken(identityToken);
+                if (accessToken != null && identityToken != null) {
+                    logger.info("access_token: " + accessToken.getRaw());
+                    logger.info("id_token: " + identityToken.getRaw());
+                    logger.info("access_token isExpired: " + accessToken.isExpired());
+                    logger.info("id_token isExpired: " + identityToken.isExpired());
+                    identifiedAccessToken = accessToken;
+                    extractAndDisplayDataFromIdentityToken(identityToken);
+                } else {
+                    //in case we are in strict mode
+                    hideProgress();
+                }
+
+
             }
         });
     }
@@ -163,20 +175,26 @@ public void onForgotPasswordClick(View v) {
         logger.debug("onForgotPasswordClick");
         showProgress();
         LoginWidget loginWidget = appId.getLoginWidget();
-        loginWidget.launchForgotPassword(this, new ForgotPasswordListener() {
+        loginWidget.launchForgotPassword(this, new AuthorizationListener() {
             @Override
-            public void onFailure(AuthorizationException exception) {
-                logger.info("Forgot Password: onFailure: " + exception.getMessage());
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                logger.info("Forgot Password: onAuthorizationFailure: " + exception.getMessage());
                 showResponse(exception.getMessage());
                 hideProgress();
             }
 
             @Override
-            public void onFinish() {
-                logger.info("Forgot Password: onFinish");
+            public void onAuthorizationCanceled() {
+                logger.info("Forgot Password: onAuthorizationCanceled");
+                hideProgress();
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                logger.info("Forgot Password:  onAuthorizationSuccess");
                 hideProgress();
             }
-        } );
+        });
     }
 
     public void onChangePasswordClick(View v) {
@@ -476,6 +494,7 @@ public void run() {
                 findViewById(R.id.editAttrValue).setEnabled(false);
                 findViewById(R.id.changePasswordButton).setEnabled(false);
                 findViewById(R.id.changeDetailsButton).setEnabled(false);
+                findViewById(R.id.forgotPassword).setEnabled(false);
             }
         });
     }
@@ -499,6 +518,7 @@ public void run() {
                 findViewById(R.id.editAttrValue).setEnabled(true);
                 findViewById(R.id.changePasswordButton).setEnabled(true);
                 findViewById(R.id.changeDetailsButton).setEnabled(true);
+                findViewById(R.id.forgotPassword).setEnabled(true);
             }
         });
     }
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
index 4cb69c3..ce17acf 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
@@ -46,8 +46,8 @@ public interface LoginWidget {
 	/**
 	 * Launch the forgot password user interface
 	 * @param activity Parent activity
-	 * @param forgotPasswordListener
+	 * @param authorizationListener
 	 */
-	void launchForgotPassword (@NonNull final Activity activity, @NonNull final ForgotPasswordListener forgotPasswordListener);
+	void launchForgotPassword (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener);
 }
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index 8001d64..c7489a5 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -126,9 +126,9 @@ private String getChangeDetailsUrl(String redirectUri, String code) {
     /**
      * @return the forgot password endpoint url.
      */
-    private String getForgotPasswordUrl() {
+    private String getForgotPasswordUrl(String redirectUri) {
         String forgotPasswordEndpoint = Config.getOAuthServerUrl(this.appId) + FORGOT_PASSWORD_PATH;
-        return buildUrl(forgotPasswordEndpoint, null, null, null);
+        return buildUrl(forgotPasswordEndpoint, null, redirectUri, null);
     }
     private String buildUrl(String endpointUrl, String userId, String redirectUri, String code) {
         String clientId = registrationManager.getRegistrationDataString(RegistrationManager.CLIENT_ID);
@@ -271,35 +271,19 @@ public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
         }
     }
 
-    public void launchForgotPasswordUI(final Activity activity, final ForgotPasswordListener forgotPasswordListener) {
+    public void launchForgotPasswordUI(final Activity activity, final AuthorizationListener authorizationListener) {
         registrationManager.ensureRegistered(activity, new RegistrationListener() {
             @Override
             public void onRegistrationFailure(RegistrationStatus error) {
                 logger.error(error.getDescription());
-                forgotPasswordListener.onFailure(new AuthorizationException(error.getDescription()));
+                authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
             }
 
             @Override
             public void onRegistrationSuccess() {
-                AuthorizationListener authorizationListener = new AuthorizationListener() {
-                    @Override
-                    public void onAuthorizationCanceled() {
-                        forgotPasswordListener.onFinish();
-                    }
-
-                    @Override
-                    public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
-                        //This should not get called since in the end of forgot password flow we don't get tokens
-                        forgotPasswordListener.onFailure(new AuthorizationException("Forgot password flow must not invoked onAuthorizationSuccess"));
-                    }
-
-                    @Override
-                    public void onAuthorizationFailure(AuthorizationException exception) {
-                        forgotPasswordListener.onFailure(exception);
-                    }
-                };
-                String forgotPasswordUrl = getForgotPasswordUrl();
-                AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, forgotPasswordUrl, null);
+                String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
+                String forgotPasswordUrl = getForgotPasswordUrl(redirectUri);
+                AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, forgotPasswordUrl, redirectUri);
                 auim.launch(activity);
             }
         });
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
index 5c93ee8..197caac 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
@@ -98,6 +98,7 @@ private void onBroadcastReceived(Intent intent) {
         String url = uri.toString();
         String code = uri.getQueryParameter("code");
         String error = uri.getQueryParameter("error");
+        String flow = uri.getQueryParameter("flow");
 
         logger.info("onBroadcastReceived: " + url);
 
@@ -121,6 +122,14 @@ private void onBroadcastReceived(Intent intent) {
                 authorizationListener.onAuthorizationFailure(new AuthorizationException("Failed to obtain access and identity tokens"));
                 startActivity(clearTopActivityIntent);
             }
+        } else if (url.startsWith(redirectUrl) && flow != null) {
+            logger.debug("onBroadcastReceived: end of flow: " + flow);
+            authorizationListener.onAuthorizationSuccess(null, null);
+            startActivity(clearTopActivityIntent);
+        } else {
+            logger.debug("onBroadcastReceived: no match case");
+            authorizationListener.onAuthorizationFailure(new AuthorizationException("Bad callback uri"));
+            startActivity(clearTopActivityIntent);
         }
     }
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
index e912e2b..475bb07 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
@@ -78,10 +78,10 @@ public void launchChangeDetails (@NonNull final Activity activity, @NonNull fina
 
 	/**
 	 * @param activity
-	 * @param forgotPasswordListener
+	 * @param authorizationListener
 	 */
-	public void launchForgotPassword (@NonNull final Activity activity, @NonNull final ForgotPasswordListener forgotPasswordListener) {
-		oAuthManager.getAuthorizationManager().launchForgotPasswordUI(activity, forgotPasswordListener);
+	public void launchForgotPassword (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener) {
+		oAuthManager.getAuthorizationManager().launchForgotPasswordUI(activity, authorizationListener);
 	}
 }
 
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index 7322b6b..ef58451 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -865,16 +865,21 @@ public Void answer(InvocationOnMock invocation) {
         ).when(registrationManager).ensureRegistered(eq(mockActivity), any(RegistrationListener.class));
 
         when(mockActivity.getApplicationContext()).thenReturn(mockContext);
-        spyAuthManager.launchForgotPasswordUI(mockActivity, new ForgotPasswordListener() {
+        spyAuthManager.launchForgotPasswordUI(mockActivity, new AuthorizationListener() {
             @Override
-            public void onFailure(AuthorizationException exception) {
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
                 String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/forgot_password";
                 assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
                 verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
             }
 
             @Override
-            public void onFinish() {
+            public void onAuthorizationCanceled() {
                 fail("should get to onAuthorizationFailure");
             }
         });
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
index 8c25312..74a41ee 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
@@ -237,23 +237,29 @@ public void launchForgotPassword_test(){
             @Override
             public Object answer(InvocationOnMock invocation) throws Throwable {
                 Object[] args = invocation.getArguments();
-                ForgotPasswordListener forgotPasswordListener = (ForgotPasswordListener) args[1];
-                forgotPasswordListener.onFinish();
+                AuthorizationListener forgotPasswordListener = (AuthorizationListener) args[1];
+                forgotPasswordListener.onAuthorizationSuccess(null, null);
                 return null;
             }
-        }).when(mockAuthManager).launchForgotPasswordUI(any(Activity.class), any(ForgotPasswordListener.class));
+        }).when(mockAuthManager).launchForgotPasswordUI(any(Activity.class), any(AuthorizationListener.class));
 
 
-        loginWidget.launchForgotPassword(Mockito.mock(Activity.class), new ForgotPasswordListener() {
+        loginWidget.launchForgotPassword(Mockito.mock(Activity.class), new AuthorizationListener() {
             @Override
-            public void onFinish() {
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
                 assert(true);
             }
 
             @Override
-            public void onFailure(AuthorizationException exception) {
+            public void onAuthorizationFailure(AuthorizationException exception) {
                 fail("should get to onAuthorizationCanceled");
             }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationSuccess");
+            }
+
         });
     }
 }

From 04ed7c5e481c0528ff22cf421b7bdfbd510b3df0 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Wed, 22 Nov 2017 15:40:38 +0200
Subject: [PATCH 21/33] fix codify

---
 .../internal/authorizationmanager/AuthorizationManager.java      | 1 -
 .../appid/android/internal/loginwidget/LoginWidgetImpl.java      | 1 -
 .../internal/authorizationmanager/AuthorizationManager_Test.java | 1 -
 .../appid/android/internal/loginwidget/LoginWidgetImpl_Test.java | 1 -
 4 files changed, 4 deletions(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index c7489a5..426db1c 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -21,7 +21,6 @@
 import com.ibm.bluemix.appid.android.api.AppID;
 import com.ibm.bluemix.appid.android.api.AuthorizationException;
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
-import com.ibm.bluemix.appid.android.api.ForgotPasswordListener;
 import com.ibm.bluemix.appid.android.api.TokenResponseListener;
 import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
 import com.ibm.bluemix.appid.android.api.tokens.IdentityToken;
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
index 475bb07..dcaa306 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
@@ -17,7 +17,6 @@
 import android.support.annotation.NonNull;
 
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
-import com.ibm.bluemix.appid.android.api.ForgotPasswordListener;
 import com.ibm.bluemix.appid.android.api.LoginWidget;
 import com.ibm.bluemix.appid.android.internal.OAuthManager;
 import com.ibm.bluemix.appid.android.internal.tokens.AccessTokenImpl;
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index ef58451..517ee7d 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -19,7 +19,6 @@
 import com.ibm.bluemix.appid.android.api.AppID;
 import com.ibm.bluemix.appid.android.api.AuthorizationException;
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
-import com.ibm.bluemix.appid.android.api.ForgotPasswordListener;
 import com.ibm.bluemix.appid.android.api.TokenResponseListener;
 import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
 import com.ibm.bluemix.appid.android.api.tokens.IdentityToken;
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
index 74a41ee..756c544 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
@@ -16,7 +16,6 @@
 
 import com.ibm.bluemix.appid.android.api.AuthorizationException;
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
-import com.ibm.bluemix.appid.android.api.ForgotPasswordListener;
 import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
 import com.ibm.bluemix.appid.android.api.tokens.IdentityToken;
 import com.ibm.bluemix.appid.android.internal.OAuthManager;

From 3656850ca63e8d80cf39d5f6605e8adccfcde457 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Wed, 22 Nov 2017 17:47:18 +0200
Subject: [PATCH 22/33] added specific test for flow param

---
 .../internal/authorizationmanager/ChromeTabActivity.java     | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
index 197caac..e9ee384 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
@@ -38,6 +38,9 @@ public class ChromeTabActivity extends Activity {
     private static final String INTENT_ALREADY_USED = "com.ibm.bluemix.appid.android.INTENT_ALREADY_USED";
     private String postAuthorizationIntent = ".POST_AUTHORIZATION_INTENT";
 
+    private static String FORGOT_PASSWORD = "forgot_password";
+    private static String SIGN_UP = "sign_up";
+
     private BroadcastReceiver broadcastReceiver;
     private AuthorizationListener authorizationListener;
     private OAuthManager oAuthManager;
@@ -122,7 +125,7 @@ private void onBroadcastReceived(Intent intent) {
                 authorizationListener.onAuthorizationFailure(new AuthorizationException("Failed to obtain access and identity tokens"));
                 startActivity(clearTopActivityIntent);
             }
-        } else if (url.startsWith(redirectUrl) && flow != null) {
+        } else if (url.startsWith(redirectUrl) && (FORGOT_PASSWORD.equals(flow) || SIGN_UP.equals(flow))) {
             logger.debug("onBroadcastReceived: end of flow: " + flow);
             authorizationListener.onAuthorizationSuccess(null, null);
             startActivity(clearTopActivityIntent);

From ed7f58b497ed51541f659a06a8d2585cb75d4a8c Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Thu, 23 Nov 2017 17:02:18 +0200
Subject: [PATCH 23/33] update readme file

---
 README.md                                     | 143 +++++++++++++++---
 .../android/api/ForgotPasswordListener.java   |  18 ---
 2 files changed, 125 insertions(+), 36 deletions(-)
 delete mode 100644 lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java

diff --git a/README.md b/README.md
index 6ca8dff..077177f 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,5 @@
-# Bluemix App ID
-Android SDK for the Bluemix App ID service
+# IBM Cloud App ID
+Android SDK for the IBM Cloud App ID service
 
 [![Bluemix powered][img-bluemix-powered]][url-bluemix]
 [![Travis][img-travis-master]][url-travis-master]
@@ -78,25 +78,132 @@ loginWidget.launch(this, new AuthorizationListener() {
 ```
 **Note**: 
 
-The Login widget default configuration use Facebook and Google as authentication options.
+* The Login widget default configuration use Facebook and Google as authentication options.
 If you configure only one of them the login widget will NOT launch and the user will be redirect to the configured idp authentication screen.
+<!-- * In case of using Cloud Directory, and "Email verification" is configured to NOT allow users to sign-in without email verification, then the "onAuthorizationSuccess" of the "AuthorizationListener" will be invoked without tokens. -->
 <!--
-### Login using Resource Owner Password
-You can obtain access token and id token by supplying the end user's username and the end user's password.
-```java
-AppID.getInstance().obtainTokensWithROP(getApplicationContext(), username, password, 
-        new TokenResponseListener() {
-        @Override
-         public void onAuthorizationFailure (AuthorizationException exception) {
-            //Exception occurred
-         }
-                                                                                             
+ ###Cloud Directory APIs
+ Make sure to set Cloud Directory identity provider to ON in AppID dashboard, when using the following APIs.
+
+ ##### Login using Resource Owner Password
+ You can obtain access token and id token by supplying the end user's username and the end user's password.
+ ```java
+ AppID.getInstance().obtainTokensWithROP(getApplicationContext(), username, password, 
+         new TokenResponseListener() {
          @Override
-         public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
-           //User authenticated
-         }
-        });
-```
+          public void onAuthorizationFailure (AuthorizationException exception) {
+             //Exception occurred
+          }
+                                                                                              
+          @Override
+          public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
+            //User authenticated
+          }
+         });
+ ```
+ ##### Sign Up
+ Make sure to set "Allow users to sign up and reset their password" to ON,
+ in Cloud Directory settings that are in AppID dashboard.
+
+ Use LoginWidget class to start the sign up flow.
+ ```java
+ LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
+ loginWidget.launchSignUp(this, new AuthorizationListener() {
+			 @Override
+			 public void onAuthorizationFailure (AuthorizationException exception) {
+				 //Exception occurred
+			 }
+
+			 @Override
+			 public void onAuthorizationCanceled () {
+				 //Sign up canceled by the user
+			 }
+
+			 @Override
+			 public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
+				 if (accessToken != null && identityToken != null) {
+				     //User authenticated
+				 } else {
+				     //email verification is required
+				 }
+				 
+			 }
+		 });
+ ```
+  ##### Forgot Password
+  Make sure to set "Allow users to sign up and reset their password" and "Forgot password email" to ON,
+  in Cloud Directory settings that are in AppID dashboard.
+  
+ Use LoginWidget class to start the forgot password flow. 
+  ```java
+  LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
+  loginWidget.launchForgotPassword(this, new AuthorizationListener() {
+ 			 @Override
+ 			 public void onAuthorizationFailure (AuthorizationException exception) {
+ 				 //Exception occurred
+ 			 }
+  
+ 			 @Override
+ 			 public void onAuthorizationCanceled () {
+ 				 //forogt password canceled by the user
+ 			 }
+  
+ 			 @Override
+ 			 public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
+ 				 //forgot password finished, in this case accessToken and identityToken will be null.
+ 				 
+ 			 }
+ 		 });
+  ```
+  ##### Change Details
+  Make sure to set "Allow users to sign up and reset their password" to ON,
+  in Cloud Directory settings that are in AppID dashboard.
+  
+  Use LoginWidget class to start the change details flow.
+  This API can be used only when the user is logged in using Cloud Directory identity provider.
+   ```java
+   LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
+   loginWidget.launchChangeDetails(this, new AuthorizationListener() {
+  			 @Override
+  			 public void onAuthorizationFailure (AuthorizationException exception) {
+  				 //Exception occurred
+  			 }
+   
+  			 @Override
+  			 public void onAuthorizationCanceled () {
+  				 //changed details canceled by the user
+  			 }
+   
+  			 @Override
+  			 public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
+  				 //User authenticated, and fresh tokens received 
+  			 }
+  		 });
+   ```
+   ##### Change Password
+   Make sure to set "Allow users to sign up and reset their password" to ON,
+   in Cloud Directory settings that are in AppID dashboard.
+   
+   Use LoginWidget class to start the change password flow, this will 
+    ```java
+    LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
+    loginWidget.launchChangePassword(this, new AuthorizationListener() {
+   			 @Override
+   			 public void onAuthorizationFailure (AuthorizationException exception) {
+   				 //Exception occurred
+   			 }
+    
+   			 @Override
+   			 public void onAuthorizationCanceled () {
+   				 //change password canceled by the user
+   			 }
+    
+   			 @Override
+   			 public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
+   				   //User authenticated, and fresh tokens received 
+   			 }
+   		 });
+    ```
  -->
 ### Anonymous Login
 ```java
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java
deleted file mode 100644
index 50b05a6..0000000
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/ForgotPasswordListener.java
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
-	Copyright 2017 IBM Corp.
-	Licensed under the Apache License, Version 2.0 (the "License");
-	you may not use this file except in compliance with the License.
-	You may obtain a copy of the License at
-	http://www.apache.org/licenses/LICENSE-2.0
-	Unless required by applicable law or agreed to in writing, software
-	distributed under the License is distributed on an "AS IS" BASIS,
-	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-	See the License for the specific language governing permissions and
-	limitations under the License.
-*/
-package com.ibm.bluemix.appid.android.api;
-
-public interface ForgotPasswordListener {
-    void onFailure(AuthorizationException exception);
-    void onFinish();
-}

From 62cdd1e9ead80d10f0fac5f1113670834bd1c4f9 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Thu, 23 Nov 2017 17:31:45 +0200
Subject: [PATCH 24/33] return error directly to user (#53)

* return error directly to user

* added forgotPassword API and os version in client registration

* fix test and add

* renaming

* finish forgot password support

* fix codify

* added specific test for flow param

* update readme file
---
 README.md                                     | 143 +++++++++++++++---
 .../appid/MainActivity.java                   |  65 ++++++--
 app/src/main/res/layout/activity_main.xml     |  11 ++
 .../api/AppIDAuthorizationManager.java        |   6 +
 .../appid/android/api/LoginWidget.java        |   6 +
 .../AuthorizationManager.java                 |  38 ++++-
 .../ChromeTabActivity.java                    |  12 ++
 .../internal/loginwidget/LoginWidgetImpl.java |   8 +
 .../RegistrationManager.java                  |   2 +
 .../internal/tokenmanager/TokenManager.java   |   2 +-
 .../AuthorizationManager_Test.java            |  39 ++++-
 .../loginwidget/LoginWidgetImpl_Test.java     |  33 ++++
 .../tokenmanager/TokenManager_Test.java       |   2 +-
 .../UserAttributeManagerImpl_Test.java        |  30 ----
 14 files changed, 329 insertions(+), 68 deletions(-)

diff --git a/README.md b/README.md
index 6ca8dff..077177f 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,5 @@
-# Bluemix App ID
-Android SDK for the Bluemix App ID service
+# IBM Cloud App ID
+Android SDK for the IBM Cloud App ID service
 
 [![Bluemix powered][img-bluemix-powered]][url-bluemix]
 [![Travis][img-travis-master]][url-travis-master]
@@ -78,25 +78,132 @@ loginWidget.launch(this, new AuthorizationListener() {
 ```
 **Note**: 
 
-The Login widget default configuration use Facebook and Google as authentication options.
+* The Login widget default configuration use Facebook and Google as authentication options.
 If you configure only one of them the login widget will NOT launch and the user will be redirect to the configured idp authentication screen.
+<!-- * In case of using Cloud Directory, and "Email verification" is configured to NOT allow users to sign-in without email verification, then the "onAuthorizationSuccess" of the "AuthorizationListener" will be invoked without tokens. -->
 <!--
-### Login using Resource Owner Password
-You can obtain access token and id token by supplying the end user's username and the end user's password.
-```java
-AppID.getInstance().obtainTokensWithROP(getApplicationContext(), username, password, 
-        new TokenResponseListener() {
-        @Override
-         public void onAuthorizationFailure (AuthorizationException exception) {
-            //Exception occurred
-         }
-                                                                                             
+ ###Cloud Directory APIs
+ Make sure to set Cloud Directory identity provider to ON in AppID dashboard, when using the following APIs.
+
+ ##### Login using Resource Owner Password
+ You can obtain access token and id token by supplying the end user's username and the end user's password.
+ ```java
+ AppID.getInstance().obtainTokensWithROP(getApplicationContext(), username, password, 
+         new TokenResponseListener() {
          @Override
-         public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
-           //User authenticated
-         }
-        });
-```
+          public void onAuthorizationFailure (AuthorizationException exception) {
+             //Exception occurred
+          }
+                                                                                              
+          @Override
+          public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
+            //User authenticated
+          }
+         });
+ ```
+ ##### Sign Up
+ Make sure to set "Allow users to sign up and reset their password" to ON,
+ in Cloud Directory settings that are in AppID dashboard.
+
+ Use LoginWidget class to start the sign up flow.
+ ```java
+ LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
+ loginWidget.launchSignUp(this, new AuthorizationListener() {
+			 @Override
+			 public void onAuthorizationFailure (AuthorizationException exception) {
+				 //Exception occurred
+			 }
+
+			 @Override
+			 public void onAuthorizationCanceled () {
+				 //Sign up canceled by the user
+			 }
+
+			 @Override
+			 public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
+				 if (accessToken != null && identityToken != null) {
+				     //User authenticated
+				 } else {
+				     //email verification is required
+				 }
+				 
+			 }
+		 });
+ ```
+  ##### Forgot Password
+  Make sure to set "Allow users to sign up and reset their password" and "Forgot password email" to ON,
+  in Cloud Directory settings that are in AppID dashboard.
+  
+ Use LoginWidget class to start the forgot password flow. 
+  ```java
+  LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
+  loginWidget.launchForgotPassword(this, new AuthorizationListener() {
+ 			 @Override
+ 			 public void onAuthorizationFailure (AuthorizationException exception) {
+ 				 //Exception occurred
+ 			 }
+  
+ 			 @Override
+ 			 public void onAuthorizationCanceled () {
+ 				 //forogt password canceled by the user
+ 			 }
+  
+ 			 @Override
+ 			 public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
+ 				 //forgot password finished, in this case accessToken and identityToken will be null.
+ 				 
+ 			 }
+ 		 });
+  ```
+  ##### Change Details
+  Make sure to set "Allow users to sign up and reset their password" to ON,
+  in Cloud Directory settings that are in AppID dashboard.
+  
+  Use LoginWidget class to start the change details flow.
+  This API can be used only when the user is logged in using Cloud Directory identity provider.
+   ```java
+   LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
+   loginWidget.launchChangeDetails(this, new AuthorizationListener() {
+  			 @Override
+  			 public void onAuthorizationFailure (AuthorizationException exception) {
+  				 //Exception occurred
+  			 }
+   
+  			 @Override
+  			 public void onAuthorizationCanceled () {
+  				 //changed details canceled by the user
+  			 }
+   
+  			 @Override
+  			 public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
+  				 //User authenticated, and fresh tokens received 
+  			 }
+  		 });
+   ```
+   ##### Change Password
+   Make sure to set "Allow users to sign up and reset their password" to ON,
+   in Cloud Directory settings that are in AppID dashboard.
+   
+   Use LoginWidget class to start the change password flow, this will 
+    ```java
+    LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
+    loginWidget.launchChangePassword(this, new AuthorizationListener() {
+   			 @Override
+   			 public void onAuthorizationFailure (AuthorizationException exception) {
+   				 //Exception occurred
+   			 }
+    
+   			 @Override
+   			 public void onAuthorizationCanceled () {
+   				 //change password canceled by the user
+   			 }
+    
+   			 @Override
+   			 public void onAuthorizationSuccess (AccessToken accessToken, IdentityToken identityToken) {
+   				   //User authenticated, and fresh tokens received 
+   			 }
+   		 });
+    ```
  -->
 ### Anonymous Login
 ```java
diff --git a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
index 8060e1b..cbca033 100644
--- a/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
+++ b/app/src/main/java/com/ibm/mobilefirstplatform/appid/MainActivity.java
@@ -117,12 +117,18 @@ public void onAuthorizationCanceled() {
             @Override
             public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
                 logger.info("onAuthorizationSuccess");
-                logger.info("access_token: " + accessToken.getRaw());
-                logger.info("id_token: " + identityToken.getRaw());
-                logger.info("access_token isExpired: " + accessToken.isExpired());
-                logger.info("id_token isExpired: " + identityToken.isExpired());
-                identifiedAccessToken = accessToken;
-                extractAndDisplayDataFromIdentityToken(identityToken);
+                if (accessToken != null && identityToken != null) {
+                    logger.info("access_token: " + accessToken.getRaw());
+                    logger.info("id_token: " + identityToken.getRaw());
+                    logger.info("access_token isExpired: " + accessToken.isExpired());
+                    logger.info("id_token isExpired: " + identityToken.isExpired());
+                    identifiedAccessToken = accessToken;
+                    extractAndDisplayDataFromIdentityToken(identityToken);
+                } else {
+                    //in case we are in strict mode
+                    hideProgress();
+                }
+
             }
         }, anonymousAccessToken != null ? anonymousAccessToken.getRaw() : null);
     }
@@ -148,12 +154,45 @@ public void onAuthorizationCanceled() {
             @Override
             public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
                 logger.info("sign up: onAuthorizationSuccess");
-                logger.info("access_token: " + accessToken.getRaw());
-                logger.info("id_token: " + identityToken.getRaw());
-                logger.info("access_token isExpired: " + accessToken.isExpired());
-                logger.info("id_token isExpired: " + identityToken.isExpired());
-                identifiedAccessToken = accessToken;
-                extractAndDisplayDataFromIdentityToken(identityToken);
+                if (accessToken != null && identityToken != null) {
+                    logger.info("access_token: " + accessToken.getRaw());
+                    logger.info("id_token: " + identityToken.getRaw());
+                    logger.info("access_token isExpired: " + accessToken.isExpired());
+                    logger.info("id_token isExpired: " + identityToken.isExpired());
+                    identifiedAccessToken = accessToken;
+                    extractAndDisplayDataFromIdentityToken(identityToken);
+                } else {
+                    //in case we are in strict mode
+                    hideProgress();
+                }
+
+
+            }
+        });
+    }
+
+    public void onForgotPasswordClick(View v) {
+        logger.debug("onForgotPasswordClick");
+        showProgress();
+        LoginWidget loginWidget = appId.getLoginWidget();
+        loginWidget.launchForgotPassword(this, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                logger.info("Forgot Password: onAuthorizationFailure: " + exception.getMessage());
+                showResponse(exception.getMessage());
+                hideProgress();
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                logger.info("Forgot Password: onAuthorizationCanceled");
+                hideProgress();
+            }
+
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                logger.info("Forgot Password:  onAuthorizationSuccess");
+                hideProgress();
             }
         });
     }
@@ -455,6 +494,7 @@ public void run() {
                 findViewById(R.id.editAttrValue).setEnabled(false);
                 findViewById(R.id.changePasswordButton).setEnabled(false);
                 findViewById(R.id.changeDetailsButton).setEnabled(false);
+                findViewById(R.id.forgotPassword).setEnabled(false);
             }
         });
     }
@@ -478,6 +518,7 @@ public void run() {
                 findViewById(R.id.editAttrValue).setEnabled(true);
                 findViewById(R.id.changePasswordButton).setEnabled(true);
                 findViewById(R.id.changeDetailsButton).setEnabled(true);
+                findViewById(R.id.forgotPassword).setEnabled(true);
             }
         });
     }
diff --git a/app/src/main/res/layout/activity_main.xml b/app/src/main/res/layout/activity_main.xml
index 7e3bde0..0cb6456 100644
--- a/app/src/main/res/layout/activity_main.xml
+++ b/app/src/main/res/layout/activity_main.xml
@@ -99,6 +99,17 @@
             android:layout_height="54dp"
             android:orientation="horizontal">
 
+            <Button
+                android:id="@+id/forgotPassword"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:layout_alignParentStart="true"
+                android:layout_below="@+id/profilePic"
+                android:layout_weight="1"
+                android:onClick="onForgotPasswordClick"
+                android:text="forgot password"
+                android:textSize="12sp" />
+
             <Button
                 android:id="@+id/anonloginButton"
                 android:layout_width="match_parent"
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager.java
index f0137e7..7479494 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppIDAuthorizationManager.java
@@ -165,6 +165,12 @@ public AppIdentity getAppIdentity () {
 		return new BaseAppIdentity(map);
 	}
 
+	/**
+	 * log out
+	 * @param context
+	 * @param listener
+	 * currently just call to clearAuthorizationData()
+	 */
 	@Override
 	public void logout (Context context, ResponseListener listener) {
 		logger.debug("logout");
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
index 36344bd..ce17acf 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/LoginWidget.java
@@ -43,5 +43,11 @@ public interface LoginWidget {
 	 * @param authorizationListener
 	 */
 	void launchChangeDetails (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener);
+	/**
+	 * Launch the forgot password user interface
+	 * @param activity Parent activity
+	 * @param authorizationListener
+	 */
+	void launchForgotPassword (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener);
 }
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
index 4ce464a..426db1c 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager.java
@@ -44,6 +44,7 @@ public class AuthorizationManager {
     private final static String CHANGE_PASSWORD_PATH = "/cloud_directory/change_password";
     private final static String CHANGE_DETAILS_PATH = "/cloud_directory/change_details";
     private final static String GENERATE_CODE_PATH = "/cloud_directory/generate_code";
+    private final static String FORGOT_PASSWORD_PATH = "/cloud_directory/forgot_password";
 
     private final AppID appId;
     private final OAuthManager oAuthManager;
@@ -121,12 +122,22 @@ private String getChangeDetailsUrl(String redirectUri, String code) {
         String changeDetailsEndpoint = Config.getOAuthServerUrl(this.appId) + CHANGE_DETAILS_PATH;
         return buildUrl(changeDetailsEndpoint, null, redirectUri, code);
     }
-
+    /**
+     * @return the forgot password endpoint url.
+     */
+    private String getForgotPasswordUrl(String redirectUri) {
+        String forgotPasswordEndpoint = Config.getOAuthServerUrl(this.appId) + FORGOT_PASSWORD_PATH;
+        return buildUrl(forgotPasswordEndpoint, null, redirectUri, null);
+    }
     private String buildUrl(String endpointUrl, String userId, String redirectUri, String code) {
         String clientId = registrationManager.getRegistrationDataString(RegistrationManager.CLIENT_ID);
-        Uri.Builder builder = Uri.parse(endpointUrl).buildUpon()
-                .appendQueryParameter(CLIENT_ID, clientId)
-                .appendQueryParameter(REDIRECT_URI, redirectUri);
+        Uri.Builder builder = Uri.parse(endpointUrl).buildUpon();
+        if (null != clientId) {
+            builder.appendQueryParameter(CLIENT_ID, clientId);
+        }
+        if (null != redirectUri) {
+            builder.appendQueryParameter(REDIRECT_URI, redirectUri);
+        }
         if (null != code) {
             builder.appendQueryParameter(CODE, code);
         }
@@ -259,6 +270,25 @@ public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
         }
     }
 
+    public void launchForgotPasswordUI(final Activity activity, final AuthorizationListener authorizationListener) {
+        registrationManager.ensureRegistered(activity, new RegistrationListener() {
+            @Override
+            public void onRegistrationFailure(RegistrationStatus error) {
+                logger.error(error.getDescription());
+                authorizationListener.onAuthorizationFailure(new AuthorizationException(error.getDescription()));
+            }
+
+            @Override
+            public void onRegistrationSuccess() {
+                String redirectUri = registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
+                String forgotPasswordUrl = getForgotPasswordUrl(redirectUri);
+                AuthorizationUIManager auim = createAuthorizationUIManager(oAuthManager, authorizationListener, forgotPasswordUrl, redirectUri);
+                auim.launch(activity);
+            }
+        });
+
+    }
+
     @VisibleForTesting
     AuthorizationUIManager createAuthorizationUIManager(OAuthManager oAuthManager, AuthorizationListener authorizationListener, String authUrl, String redirectUri) {
         return new AuthorizationUIManager(oAuthManager, authorizationListener, authUrl, redirectUri);
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
index 5c93ee8..e9ee384 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
@@ -38,6 +38,9 @@ public class ChromeTabActivity extends Activity {
     private static final String INTENT_ALREADY_USED = "com.ibm.bluemix.appid.android.INTENT_ALREADY_USED";
     private String postAuthorizationIntent = ".POST_AUTHORIZATION_INTENT";
 
+    private static String FORGOT_PASSWORD = "forgot_password";
+    private static String SIGN_UP = "sign_up";
+
     private BroadcastReceiver broadcastReceiver;
     private AuthorizationListener authorizationListener;
     private OAuthManager oAuthManager;
@@ -98,6 +101,7 @@ private void onBroadcastReceived(Intent intent) {
         String url = uri.toString();
         String code = uri.getQueryParameter("code");
         String error = uri.getQueryParameter("error");
+        String flow = uri.getQueryParameter("flow");
 
         logger.info("onBroadcastReceived: " + url);
 
@@ -121,6 +125,14 @@ private void onBroadcastReceived(Intent intent) {
                 authorizationListener.onAuthorizationFailure(new AuthorizationException("Failed to obtain access and identity tokens"));
                 startActivity(clearTopActivityIntent);
             }
+        } else if (url.startsWith(redirectUrl) && (FORGOT_PASSWORD.equals(flow) || SIGN_UP.equals(flow))) {
+            logger.debug("onBroadcastReceived: end of flow: " + flow);
+            authorizationListener.onAuthorizationSuccess(null, null);
+            startActivity(clearTopActivityIntent);
+        } else {
+            logger.debug("onBroadcastReceived: no match case");
+            authorizationListener.onAuthorizationFailure(new AuthorizationException("Bad callback uri"));
+            startActivity(clearTopActivityIntent);
         }
     }
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
index 2dbcb5f..dcaa306 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl.java
@@ -74,5 +74,13 @@ public void launchChangePassword (@NonNull final Activity activity, @NonNull fin
 	public void launchChangeDetails (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener) {
 		oAuthManager.getAuthorizationManager().launchChangeDetailsUI(activity, authorizationListener);
 	}
+
+	/**
+	 * @param activity
+	 * @param authorizationListener
+	 */
+	public void launchForgotPassword (@NonNull final Activity activity, @NonNull final AuthorizationListener authorizationListener) {
+		oAuthManager.getAuthorizationManager().launchForgotPasswordUI(activity, authorizationListener);
+	}
 }
 
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/registrationmanager/RegistrationManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/registrationmanager/RegistrationManager.java
index 45b884d..e30c760 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/registrationmanager/RegistrationManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/registrationmanager/RegistrationManager.java
@@ -55,6 +55,7 @@ public class RegistrationManager {
 	public static final String DEVICE_ID = "device_id";
 	public static final String DEVICE_MODEL = "device_model";
 	public static final String DEVICE_OS = "device_os";
+	public static final String DEVICE_OS_VERSION = "device_os_version";
 	public static final String CLIENT_TYPE = "client_type";
 	public static final String REDIRECT_URIS = "redirect_uris";
 
@@ -179,6 +180,7 @@ private JSONObject createRegistrationParams(Context context) throws Exception {
         params.put(DEVICE_ID, deviceData.getId());
         params.put(DEVICE_MODEL, deviceData.getModel());
         params.put(DEVICE_OS, "android");
+		params.put(DEVICE_OS_VERSION, deviceData.getOSVersion());
         params.put(CLIENT_TYPE, "mobileapp");
         params.put("jwks", jwks);
 		logger.debug("OAuth client registration parameters");
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
index bf16f00..9bd7dca 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager.java
@@ -109,7 +109,7 @@ public void onFailure (Response response, Throwable t, JSONObject extendedInfo)
                         JSONObject responseJSON = new JSONObject(response.getResponseText());
                         if (INVALID_GRANT.equals(responseJSON.getString(ERROR_CODE))) {
                             errorDescription = responseJSON.getString(ERROR_DESCRIPTION);
-                            listener.onAuthorizationFailure(new AuthorizationException("Failed to retrieve tokens: " + errorDescription));
+                            listener.onAuthorizationFailure(new AuthorizationException(errorDescription));
                             return;
                         }
                     }
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index a000c6a..517ee7d 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -545,7 +545,7 @@ public void launchChangePasswordUI_success() throws Exception {
         spyAuthManager.launchChangePasswordUI(mockActivity, new AuthorizationListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
-                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_password?client_id=null&redirect_uri=null&user_id=1234";
+                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_password?user_id=1234";
                 assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
                 verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
             }
@@ -664,7 +664,7 @@ public Void answer(InvocationOnMock invocation) {
         spyAuthManager.launchChangeDetailsUI(mockActivity, new AuthorizationListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
-                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_details?client_id=null&redirect_uri=null&code=1234";
+                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/change_details?code=1234";
                 assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
                 verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
             }
@@ -848,4 +848,39 @@ public void onAuthorizationCanceled() {
             }
         });
     }
+
+    @Test
+    public void launchForgotPasswordUI_failure() throws Exception {
+
+        final AuthorizationManager spyAuthManager =  spy(authManager);
+        doAnswer(new Answer<Void>() {
+                     public Void answer(InvocationOnMock invocation) {
+                         Object[] args = invocation.getArguments();
+                         RegistrationListener regListener = (RegistrationListener) args[1];
+                         regListener.onRegistrationSuccess();
+                         return null;
+                     }
+                 }
+        ).when(registrationManager).ensureRegistered(eq(mockActivity), any(RegistrationListener.class));
+
+        when(mockActivity.getApplicationContext()).thenReturn(mockContext);
+        spyAuthManager.launchForgotPasswordUI(mockActivity, new AuthorizationListener() {
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                fail("should get to onAuthorizationFailure");
+            }
+
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                String expectedAuthUrl = "https://appid-oauth.stubPrefix/oauth/v3/null/cloud_directory/forgot_password";
+                assertEquals(exception.getMessage(), "Could NOT find installed browser that support Chrome tabs on the device.");
+                verify(spyAuthManager).createAuthorizationUIManager(any(OAuthManager.class), any(AuthorizationListener.class), eq(expectedAuthUrl), anyString());
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationFailure");
+            }
+        });
+    }
 }
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
index 3e7227c..756c544 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/loginwidget/LoginWidgetImpl_Test.java
@@ -228,4 +228,37 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
             }
         });
     }
+
+    @Test
+    public void launchForgotPassword_test(){
+
+        doAnswer(new Answer() {
+            @Override
+            public Object answer(InvocationOnMock invocation) throws Throwable {
+                Object[] args = invocation.getArguments();
+                AuthorizationListener forgotPasswordListener = (AuthorizationListener) args[1];
+                forgotPasswordListener.onAuthorizationSuccess(null, null);
+                return null;
+            }
+        }).when(mockAuthManager).launchForgotPasswordUI(any(Activity.class), any(AuthorizationListener.class));
+
+
+        loginWidget.launchForgotPassword(Mockito.mock(Activity.class), new AuthorizationListener() {
+            @Override
+            public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identityToken) {
+                assert(true);
+            }
+
+            @Override
+            public void onAuthorizationFailure(AuthorizationException exception) {
+                fail("should get to onAuthorizationCanceled");
+            }
+
+            @Override
+            public void onAuthorizationCanceled() {
+                fail("should get to onAuthorizationSuccess");
+            }
+
+        });
+    }
 }
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
index bc0d2f2..49c41c1 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
@@ -213,7 +213,7 @@ public Object answer(InvocationOnMock invocation) throws Throwable {
         spyTokenManager.obtainTokens(username, password, null, new TokenResponseListener() {
             @Override
             public void onAuthorizationFailure(AuthorizationException exception) {
-                assertEquals(exception.getMessage(), "Failed to retrieve tokens: " + testDescription);
+                assertEquals(exception.getMessage(),  testDescription);
             }
 
             @Override
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java
index ecaf5ef..a7795b2 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java
@@ -465,16 +465,6 @@ public void onFailure(UserAttributesException e) {
     @Test
     public void setAttribute_no_token_supply() {
 
-        doAnswer(new Answer() {
-            @Override
-            public Object answer(InvocationOnMock invocation) throws Throwable {
-                Object[] args = invocation.getArguments();
-                ResponseListener responseListener = (ResponseListener) args[0];
-                responseListener.onFailure(null, null, null);
-                return null;
-            }
-        }).when(stubRequest).send(any(ResponseListener.class), any(RequestBody.class), eq(expectedAccessToken));
-
         final Response testReponse = new Response() {
             @Override
             public int getStatus() {
@@ -539,16 +529,6 @@ public void onFailure(UserAttributesException e) {
     @Test
     public void getAttribute_no_token_supply() {
 
-        doAnswer(new Answer() {
-            @Override
-            public Object answer(InvocationOnMock invocation) throws Throwable {
-                Object[] args = invocation.getArguments();
-                ResponseListener responseListener = (ResponseListener) args[0];
-                responseListener.onFailure(null, null, null);
-                return null;
-            }
-        }).when(stubRequest).send(any(ResponseListener.class), any(RequestBody.class), eq(expectedAccessToken));
-
         final Response testReponse = new Response() {
             @Override
             public int getStatus() {
@@ -612,16 +592,6 @@ public void onFailure(UserAttributesException e) {
     @Test
     public void deleteAttribute_no_token_supply() {
 
-        doAnswer(new Answer() {
-            @Override
-            public Object answer(InvocationOnMock invocation) throws Throwable {
-                Object[] args = invocation.getArguments();
-                ResponseListener responseListener = (ResponseListener) args[0];
-                responseListener.onFailure(null, null, null);
-                return null;
-            }
-        }).when(stubRequest).send(any(ResponseListener.class), any(RequestBody.class), eq(expectedAccessToken));
-
         final Response testReponse = new Response() {
             @Override
             public int getStatus() {

From f6371c32de9510aa432afadce7201337678e00d1 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Thu, 23 Nov 2017 18:04:54 +0200
Subject: [PATCH 25/33] update readme file

---
 README.md | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 077177f..67bba6e 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,7 @@ API 25 or above, Java 8.x, Android SDK tools 25.2.5 or above, Android SDK Platfo
 2. Add the dependency for the App ID client SDK:
     ```gradle
     dependencies {
-		    compile 'com.github.ibm-cloud-security:appid-clientsdk-android:1.+'
+		    compile 'com.github.ibm-cloud-security:appid-clientsdk-android:2.+'
 	    }
     ```
     
@@ -80,8 +80,8 @@ loginWidget.launch(this, new AuthorizationListener() {
 
 * The Login widget default configuration use Facebook and Google as authentication options.
 If you configure only one of them the login widget will NOT launch and the user will be redirect to the configured idp authentication screen.
-<!-- * In case of using Cloud Directory, and "Email verification" is configured to NOT allow users to sign-in without email verification, then the "onAuthorizationSuccess" of the "AuthorizationListener" will be invoked without tokens. -->
-<!--
+ * In case of using Cloud Directory, and "Email verification" is configured to NOT allow users to sign-in without email verification, then the "onAuthorizationSuccess" of the "AuthorizationListener" will be invoked without tokens.
+
  ###Cloud Directory APIs
  Make sure to set Cloud Directory identity provider to ON in AppID dashboard, when using the following APIs.
 
@@ -184,7 +184,8 @@ If you configure only one of them the login widget will NOT launch and the user
    Make sure to set "Allow users to sign up and reset their password" to ON,
    in Cloud Directory settings that are in AppID dashboard.
    
-   Use LoginWidget class to start the change password flow, this will 
+   Use LoginWidget class to start the change password flow.
+   This API can be used only when the user is logged in using Cloud Directory identity provider.
     ```java
     LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
     loginWidget.launchChangePassword(this, new AuthorizationListener() {
@@ -204,7 +205,7 @@ If you configure only one of them the login widget will NOT launch and the user
    			 }
    		 });
     ```
- -->
+ 
 ### Anonymous Login
 ```java
 AppID.getInstance().loginAnonymously(getApplicationContext(), new AuthorizationListener() {

From 2d473ccce34ff3793f82daf70c024d38215e65ca Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Mon, 27 Nov 2017 11:10:43 +0200
Subject: [PATCH 26/33] Update README.md (#55)

---
 README.md | 29 ++++++++++++++++-------------
 1 file changed, 16 insertions(+), 13 deletions(-)

diff --git a/README.md b/README.md
index 077177f..1aa684f 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,7 @@ API 25 or above, Java 8.x, Android SDK tools 25.2.5 or above, Android SDK Platfo
 2. Add the dependency for the App ID client SDK:
     ```gradle
     dependencies {
-		    compile 'com.github.ibm-cloud-security:appid-clientsdk-android:1.+'
+		    compile 'com.github.ibm-cloud-security:appid-clientsdk-android:2.+'
 	    }
     ```
     
@@ -80,12 +80,13 @@ loginWidget.launch(this, new AuthorizationListener() {
 
 * The Login widget default configuration use Facebook and Google as authentication options.
 If you configure only one of them the login widget will NOT launch and the user will be redirect to the configured idp authentication screen.
-<!-- * In case of using Cloud Directory, and "Email verification" is configured to NOT allow users to sign-in without email verification, then the "onAuthorizationSuccess" of the "AuthorizationListener" will be invoked without tokens. -->
-<!--
- ###Cloud Directory APIs
+ * In case of using Cloud Directory, and "Email verification" is configured to NOT allow users to sign-in without email verification, then the "onAuthorizationSuccess" of the "AuthorizationListener" will be invoked without tokens.
+
+ ### Cloud Directory APIs
+ 
  Make sure to set Cloud Directory identity provider to ON in AppID dashboard, when using the following APIs.
 
- ##### Login using Resource Owner Password
+ #### Login using Resource Owner Password
  You can obtain access token and id token by supplying the end user's username and the end user's password.
  ```java
  AppID.getInstance().obtainTokensWithROP(getApplicationContext(), username, password, 
@@ -101,7 +102,7 @@ If you configure only one of them the login widget will NOT launch and the user
           }
          });
  ```
- ##### Sign Up
+ #### Sign Up
  Make sure to set "Allow users to sign up and reset their password" to ON,
  in Cloud Directory settings that are in AppID dashboard.
 
@@ -130,7 +131,7 @@ If you configure only one of them the login widget will NOT launch and the user
 			 }
 		 });
  ```
-  ##### Forgot Password
+  #### Forgot Password
   Make sure to set "Allow users to sign up and reset their password" and "Forgot password email" to ON,
   in Cloud Directory settings that are in AppID dashboard.
   
@@ -155,7 +156,7 @@ If you configure only one of them the login widget will NOT launch and the user
  			 }
  		 });
   ```
-  ##### Change Details
+  #### Change Details
   Make sure to set "Allow users to sign up and reset their password" to ON,
   in Cloud Directory settings that are in AppID dashboard.
   
@@ -180,12 +181,14 @@ If you configure only one of them the login widget will NOT launch and the user
   			 }
   		 });
    ```
-   ##### Change Password
+   #### Change Password
    Make sure to set "Allow users to sign up and reset their password" to ON,
    in Cloud Directory settings that are in AppID dashboard.
    
-   Use LoginWidget class to start the change password flow, this will 
-    ```java
+   Use LoginWidget class to start the change password flow.
+   This API can be used only when the user is logged in using Cloud Directory identity provider.
+   
+   ```java
     LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
     loginWidget.launchChangePassword(this, new AuthorizationListener() {
    			 @Override
@@ -203,8 +206,8 @@ If you configure only one of them the login widget will NOT launch and the user
    				   //User authenticated, and fresh tokens received 
    			 }
    		 });
-    ```
- -->
+   ```
+ 
 ### Anonymous Login
 ```java
 AppID.getInstance().loginAnonymously(getApplicationContext(), new AuthorizationListener() {

From bbf3a2cf57c000555b8f8f0d82d90d9723330ca4 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Tue, 28 Nov 2017 21:58:46 +0200
Subject: [PATCH 27/33] Added okHttp3 support

---
 lib/build.gradle                              |   8 +-
 .../internal/network/AppIDRequest.java        |  38 +++-
 .../UserAttributeManagerImpl.java             |   7 +-
 .../AuthorizationManager_Test.java            |  41 ++++
 .../internal/network/AppIDRequest_Test.java   |  22 ++
 .../tokenmanager/TokenManager_Test.java       | 122 +++++++++++
 .../UserAttributeManagerImpl_Test.java        | 203 +++++++++++++++++-
 7 files changed, 429 insertions(+), 12 deletions(-)

diff --git a/lib/build.gradle b/lib/build.gradle
index 768dd5f..16ba53c 100644
--- a/lib/build.gradle
+++ b/lib/build.gradle
@@ -45,7 +45,13 @@ android {
 
 dependencies {
     compile fileTree(include: ['*.jar', '*.aar'], dir: 'libs')
-    compile 'com.ibm.mobilefirstplatform.clientsdk.android:core:2.2.7'
+
+    compile 'com.android.support:multidex:1.0.0'
+    compile 'com.squareup.okhttp3:okhttp:3.9.0'
+    compile 'com.squareup.okhttp3:okhttp-urlconnection:3.9.0'
+    compile 'com.ibm.mobilefirstplatform.clientsdk.android:analyticsapi:[1.0.0,)'
+    compile 'com.ibm.mobilefirstplatform.clientsdk.android:core:3.1.0@aar'
+
     compile 'com.android.support:appcompat-v7:25.1.0'
     compile 'com.android.support:customtabs:25.1.0'
     compile 'org.jetbrains:annotations-java5:15.0'
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest.java
index 4018e86..2f67992 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest.java
@@ -18,29 +18,55 @@
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.internal.BaseRequest;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.internal.TLSEnabledSSLSocketFactory;
-import com.squareup.okhttp.OkHttpClient;
-import com.squareup.okhttp.RequestBody;
+import com.ibm.mobilefirstplatform.clientsdk.android.logger.api.Logger;
+
+import okhttp3.RequestBody;
+import okhttp3.OkHttpClient;
 
 import org.json.JSONObject;
 
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
 import java.util.Map;
 
 import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.X509TrustManager;
+import javax.net.ssl.TrustManager;
 
 public class AppIDRequest extends BaseRequest {
-	private static OkHttpClient httpClient = new OkHttpClient();
+	private static Logger logger = Logger.getLogger(Logger.INTERNAL_PREFIX + BaseRequest.class.getSimpleName());
+	private static  OkHttpClient.Builder httpClient = new OkHttpClient.Builder();
 
 	static {
 		SSLSocketFactory tlsEnabledSSLSocketFactory;
 		try {
+			final TrustManager[] trustAllCerts = new TrustManager[]{
+					new X509TrustManager() {
+						@Override
+						public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
+							logger.info("AppIDRequest checkClientTrusted method : " + authType);
+						}
+
+						@Override
+						public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
+							logger.info("AppIDRequest checkServerTrusted method : " + authType);
+						}
+
+						@Override
+						public java.security.cert.X509Certificate[] getAcceptedIssuers() {
+							return new java.security.cert.X509Certificate[]{};
+						}
+					}
+			};
 			tlsEnabledSSLSocketFactory = new TLSEnabledSSLSocketFactory();
-			httpClient.setSslSocketFactory(tlsEnabledSSLSocketFactory);
+			httpClient.sslSocketFactory(tlsEnabledSSLSocketFactory, (X509TrustManager) trustAllCerts[0]);
 		} catch (KeyManagementException e) {
 			e.printStackTrace();
 		} catch (NoSuchAlgorithmException e) {
 			e.printStackTrace();
+		} catch (RuntimeException e) {
+			logger.error("AppIDRequest RuntimeException : " + e.getLocalizedMessage());
 		}
 	}
 
@@ -54,7 +80,7 @@ public AppIDRequest (String url, String method) {
 		super(url, method);
 
 		// we want to handle redirects in-place
-		httpClient.setFollowRedirects(false);
+		httpClient.followSslRedirects(false);
 	}
 
 	public void send(final ResponseListener listener, final AccessToken accessToken, final IdentityToken identityToken) {
@@ -73,7 +99,7 @@ public void send(final ResponseListener listener, final RequestBody requestBody,
 		}
 
 		if (requestBody != null) {
-			super.sendRequest(listener, requestBody);
+			super.sendRequest(null, listener, requestBody);
 		} else {
 			send(listener);
 		}
diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl.java
index 7927084..d889a28 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl.java
@@ -26,8 +26,8 @@
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.Response;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener;
 import com.ibm.mobilefirstplatform.clientsdk.android.logger.api.Logger;
-import com.squareup.okhttp.MediaType;
-import com.squareup.okhttp.RequestBody;
+import okhttp3.MediaType;
+import okhttp3.RequestBody;
 
 import org.json.JSONException;
 import org.json.JSONObject;
@@ -141,8 +141,7 @@ public void onFailure(Response response, Throwable t, JSONObject extendedInfo) {
 			}
 		};
 
-		RequestBody requestBody =
-				(value == null || value.length() == 0) ? null : createRequestBody(value);
+		RequestBody requestBody = (value == null || value.length() == 0) ? null : createRequestBody(value);
 
 		req.send (resListener, requestBody, accessToken);
 	}
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
index 517ee7d..b1b108d 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/AuthorizationManager_Test.java
@@ -50,6 +50,7 @@
 import org.robolectric.RobolectricTestRunner;
 import org.robolectric.annotation.Config;
 
+import java.io.InputStream;
 import java.util.HashMap;
 import java.util.LinkedList;
 import java.util.List;
@@ -99,6 +100,11 @@ public class AuthorizationManager_Test {
     private static final AccessToken expectedAccessToken = new AccessTokenImpl(Consts.ACCESS_TOKEN);
     private static final IdentityToken expectedIdToken = new IdentityTokenImpl(Consts.ID_TOKEN);
     private Response testResponse = new Response() {
+        @Override
+        public String getRequestURL() {
+            return null;
+        }
+
         @Override
         public int getStatus() {
             return 0;
@@ -109,11 +115,26 @@ public String getResponseText() {
             return testError;
         }
 
+        @Override
+        public JSONObject getResponseJSON() {
+            return null;
+        }
+
         @Override
         public byte[] getResponseBytes() {
             return new byte[0];
         }
 
+        @Override
+        public InputStream getResponseByteStream() {
+            return null;
+        }
+
+        @Override
+        public long getContentLength() {
+            return 0;
+        }
+
         @Override
         public Map<String, List<String>> getHeaders() {
             Map<String, List<String>> map =  new HashMap<String, List<String>>();
@@ -123,6 +144,11 @@ public Map<String, List<String>> getHeaders() {
     };
 
     private Response testGoodResponse = new Response() {
+        @Override
+        public String getRequestURL() {
+            return null;
+        }
+
         @Override
         public int getStatus() {
             return 200;
@@ -133,11 +159,26 @@ public String getResponseText() {
             return code;
         }
 
+        @Override
+        public JSONObject getResponseJSON() {
+            return null;
+        }
+
         @Override
         public byte[] getResponseBytes() {
             return new byte[0];
         }
 
+        @Override
+        public InputStream getResponseByteStream() {
+            return null;
+        }
+
+        @Override
+        public long getContentLength() {
+            return 0;
+        }
+
         @Override
         public Map<String, List<String>> getHeaders() {
             Map<String, List<String>> map =  new HashMap<String, List<String>>();
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest_Test.java
index e2fe9ee..22b6cfb 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/network/AppIDRequest_Test.java
@@ -27,6 +27,8 @@
 import org.mockito.invocation.InvocationOnMock;
 import org.mockito.stubbing.Answer;
 import org.robolectric.RobolectricTestRunner;
+
+import java.io.InputStream;
 import java.util.List;
 import java.util.Map;
 
@@ -77,6 +79,11 @@ public Object answer(InvocationOnMock invocation) throws Throwable {
 
 
         final Response testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -87,11 +94,26 @@ public String getResponseText() {
                 return null;
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
index 49c41c1..cc772f9 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/tokenmanager/TokenManager_Test.java
@@ -29,6 +29,7 @@
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.Response;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener;
 
+import org.json.JSONObject;
 import org.junit.Before;
 import org.junit.FixMethodOrder;
 import org.junit.Test;
@@ -42,6 +43,7 @@
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.robolectric.RobolectricTestRunner;
 
+import java.io.InputStream;
 import java.math.BigInteger;
 import java.security.Signature;
 import java.security.interfaces.RSAPrivateKey;
@@ -128,6 +130,11 @@ public BigInteger getModulus() {
     public void obtainTokensRop_success() {
 
         testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -139,11 +146,26 @@ public String getResponseText() {
                         "\"id_token\":" + expectedIdToken.getRaw() + "}";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -179,6 +201,11 @@ public void obtainTokensRop_failure() {
 
         final String testDescription = "test description error123";
         testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 400;
@@ -189,11 +216,26 @@ public String getResponseText() {
                 return "{\"error\": \"invalid_grant\" , \"error_description\": \"" + testDescription + "\" }";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -266,6 +308,11 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
         });
         //bad access token
         testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -277,11 +324,26 @@ public String getResponseText() {
                         "\"id_token\":" + expectedIdToken.getRaw() + "}";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -301,6 +363,11 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
         });
         //bad id token
         testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -312,11 +379,26 @@ public String getResponseText() {
                         "\"id_token\":" + "\"bad Id token\"" + "}";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -343,6 +425,11 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
     public void obtainTokens_Authorization_Code_success() {
 
         testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -354,11 +441,26 @@ public String getResponseText() {
                         "\"id_token\":" + expectedIdToken.getRaw() + "}";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -398,6 +500,11 @@ public void onAuthorizationSuccess(AccessToken accessToken, IdentityToken identi
     public void obtainTokens_Authorization_Code_failure() {
 
         testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -409,11 +516,26 @@ public String getResponseText() {
                         "\"id_token\":" + expectedIdToken.getRaw() + "}";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
diff --git a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java
index a7795b2..2feb12f 100644
--- a/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java
+++ b/lib/src/test/java/com/ibm/bluemix/appid/android/internal/userattributesmanager/UserAttributeManagerImpl_Test.java
@@ -25,7 +25,7 @@
 import com.ibm.bluemix.appid.android.testing.helpers.Consts;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.Response;
 import com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener;
-import com.squareup.okhttp.RequestBody;
+import okhttp3.RequestBody;
 
 import org.json.JSONException;
 import org.json.JSONObject;
@@ -41,6 +41,7 @@
 import org.mockito.stubbing.Answer;
 import org.robolectric.RobolectricTestRunner;
 
+import java.io.InputStream;
 import java.util.List;
 import java.util.Map;
 
@@ -88,6 +89,11 @@ public void before(){
     public void getAllAttributes_happy_flow() {
 
         final Response testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -98,11 +104,26 @@ public String getResponseText() {
                 return "{\"age\": 30, \"email\":\"test@ibm.com\"}";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -143,6 +164,11 @@ public void onFailure(UserAttributesException e) {
     public void getAllAttributes_happy_flow_null_response_text() {
 
         final Response testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -153,11 +179,26 @@ public String getResponseText() {
                 return null;
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -192,6 +233,11 @@ public void onFailure(UserAttributesException e) {
     public void getAllAttributes_happy_flow_empty_response_text() {
 
         final Response testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -202,11 +248,26 @@ public String getResponseText() {
                 return "";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -241,6 +302,11 @@ public void onFailure(UserAttributesException e) {
     public void getAllAttributes_request_failure_json_format() {
 
         final Response testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -251,11 +317,26 @@ public String getResponseText() {
                 return "56";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -316,6 +397,11 @@ public void onFailure(UserAttributesException e) {
     @Test
     public void getAllAttributes_request_failure_401() {
         final Response testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 401;
@@ -326,11 +412,26 @@ public String getResponseText() {
                 return null;
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -363,6 +464,11 @@ public void onFailure(UserAttributesException e) {
     @Test
     public void getAllAttributes_request_failure_404() {
         final Response testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 404;
@@ -373,11 +479,26 @@ public String getResponseText() {
                 return null;
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -411,6 +532,11 @@ public void onFailure(UserAttributesException e) {
     public void getAllAttributes_happy_flow_no_token_supply() {
 
         final Response testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -421,11 +547,26 @@ public String getResponseText() {
                 return "{\"age\": 30, \"email\":\"test@ibm.com\"}";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -466,6 +607,11 @@ public void onFailure(UserAttributesException e) {
     public void setAttribute_no_token_supply() {
 
         final Response testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -476,11 +622,26 @@ public String getResponseText() {
                 return "{\"name\": \"testName\", \"value\":\"testValue\"}";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -530,6 +691,11 @@ public void onFailure(UserAttributesException e) {
     public void getAttribute_no_token_supply() {
 
         final Response testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -540,11 +706,26 @@ public String getResponseText() {
                 return "{\"name\": \"testName\", \"value\":\"testValue\"}";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;
@@ -593,6 +774,11 @@ public void onFailure(UserAttributesException e) {
     public void deleteAttribute_no_token_supply() {
 
         final Response testReponse = new Response() {
+            @Override
+            public String getRequestURL() {
+                return null;
+            }
+
             @Override
             public int getStatus() {
                 return 200;
@@ -603,11 +789,26 @@ public String getResponseText() {
                 return "{\"name\": \"testName\", \"value\":\"testValue\"}";
             }
 
+            @Override
+            public JSONObject getResponseJSON() {
+                return null;
+            }
+
             @Override
             public byte[] getResponseBytes() {
                 return new byte[0];
             }
 
+            @Override
+            public InputStream getResponseByteStream() {
+                return null;
+            }
+
+            @Override
+            public long getContentLength() {
+                return 0;
+            }
+
             @Override
             public Map<String, List<String>> getHeaders() {
                 return null;

From a5d488f77c232601e6f6b207e69470b988b6cb67 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Fri, 1 Dec 2017 11:15:46 +0200
Subject: [PATCH 28/33] update readme

---
 README.md | 67 +++++++++++++++++++++++++------------------------------
 1 file changed, 30 insertions(+), 37 deletions(-)

diff --git a/README.md b/README.md
index 1aa684f..c4a107e 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,4 @@
-# IBM Cloud App ID
-Android SDK for the IBM Cloud App ID service
+# IBM Cloud App ID Android SDK
 
 [![Bluemix powered][img-bluemix-powered]][url-bluemix]
 [![Travis][img-travis-master]][url-travis-master]
@@ -13,11 +12,14 @@ Android SDK for the IBM Cloud App ID service
 [![GithubForks][img-github-forks]][url-github-forks]
 
 ## Requirements
-API 25 or above, Java 8.x, Android SDK tools 25.2.5 or above, Android SDK Platform Tools 25.0.3 or above, Android Build Tools version 25.0.2
+* API 25 or above
+* Java 8.x
+* Android SDK tools 25.2.5 or above
+* Android SDK Platform Tools 25.0.3 or above
+* Android Build Tools version 25.0.2
 
 ## Installing the SDK:
-1.  Add the JitPack repository to your build file, 
-     Add it in your root build.gradle at the end of repositories:
+1.  Add the JitPack repository to the your root `build.gradle` file at the end of the repository.
 
     ```gradle
 	    allprojects {
@@ -43,9 +45,7 @@ API 25 or above, Java 8.x, Android SDK tools 25.2.5 or above, Android SDK Platfo
     }
     ```
 
-## Using the SDK:
-
-### Initializing the App ID client SDK
+## Initializing the App ID client SDK
 
 Initialize the client SDK by passing the context, tenantId and region parameters to the initialize method. A common, though not mandatory, place to put the initialization code is in the onCreate method of the main activity in your Android application.
 ```java
@@ -54,8 +54,8 @@ AppID.getInstance().initialize(getApplicationContext(), <tenantId>, AppID.REGION
 * Replace "tenantId" with the App ID service tenantId.
 * Replace the AppID.REGION_UK with your App ID region (AppID.REGION_US_SOUTH, AppID.REGION_SYDNEY).
 
-### Using Login Widget
-Use LoginWidget class to start the authorization flow.   
+## Using the Login Widget
+Use the LoginWidget class to start the authorization flow.   
 
 ```java
 LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
@@ -78,15 +78,15 @@ loginWidget.launch(this, new AuthorizationListener() {
 ```
 **Note**: 
 
-* The Login widget default configuration use Facebook and Google as authentication options.
-If you configure only one of them the login widget will NOT launch and the user will be redirect to the configured idp authentication screen.
- * In case of using Cloud Directory, and "Email verification" is configured to NOT allow users to sign-in without email verification, then the "onAuthorizationSuccess" of the "AuthorizationListener" will be invoked without tokens.
+* The default configuration use Facebook and Google as authentication options. If you configure only one of them the login widget will *not* launch and the user will be redirected to the configured identity provider authentication screen.
+* When using Cloud Directory, and "Email verification" is configured to *not* allow users to sign-in without email verification, then the "onAuthorizationSuccess" of the "AuthorizationListener" will be invoked without tokens.
+
+## Managing Cloud Directory with the Android SDK
+{: #managing-android} 
 
- ### Cloud Directory APIs
- 
  Make sure to set Cloud Directory identity provider to ON in AppID dashboard, when using the following APIs.
 
- #### Login using Resource Owner Password
+ ### Login using Resource Owner Password
  You can obtain access token and id token by supplying the end user's username and the end user's password.
  ```java
  AppID.getInstance().obtainTokensWithROP(getApplicationContext(), username, password, 
@@ -102,11 +102,10 @@ If you configure only one of them the login widget will NOT launch and the user
           }
          });
  ```
- #### Sign Up
- Make sure to set "Allow users to sign up and reset their password" to ON,
- in Cloud Directory settings that are in AppID dashboard.
+ ### Sign Up
+Make sure to set **Allow users to sign up and reset their password** to **ON**, in the settings for Cloud Directory.
+Use the LoginWidget class to start the sign up flow.
 
- Use LoginWidget class to start the sign up flow.
  ```java
  LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
  loginWidget.launchSignUp(this, new AuthorizationListener() {
@@ -131,9 +130,8 @@ If you configure only one of them the login widget will NOT launch and the user
 			 }
 		 });
  ```
-  #### Forgot Password
-  Make sure to set "Allow users to sign up and reset their password" and "Forgot password email" to ON,
-  in Cloud Directory settings that are in AppID dashboard.
+  ### Forgot Password
+  Make sure to set **Allow users to sign up and reset their password** and **Forgot password email** to **ON**, in the settings for Cloud Directory
   
  Use LoginWidget class to start the forgot password flow. 
   ```java
@@ -156,12 +154,9 @@ If you configure only one of them the login widget will NOT launch and the user
  			 }
  		 });
   ```
-  #### Change Details
-  Make sure to set "Allow users to sign up and reset their password" to ON,
-  in Cloud Directory settings that are in AppID dashboard.
+  ### Change Details
+  Make sure to set **Allow users to sign up and reset their password** to **ON**, in Cloud Directory settings that are in AppID dashboard. Use LoginWidget class to start the change details flow. This API can be used only when the user is logged in using Cloud Directory identity provider.
   
-  Use LoginWidget class to start the change details flow.
-  This API can be used only when the user is logged in using Cloud Directory identity provider.
    ```java
    LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
    loginWidget.launchChangeDetails(this, new AuthorizationListener() {
@@ -181,12 +176,10 @@ If you configure only one of them the login widget will NOT launch and the user
   			 }
   		 });
    ```
-   #### Change Password
-   Make sure to set "Allow users to sign up and reset their password" to ON,
-   in Cloud Directory settings that are in AppID dashboard.
+   ### Change Password
+   Make sure to set **Allow users to sign up and reset their password** to **ON**, in the settings for Cloud Directory.
    
-   Use LoginWidget class to start the change password flow.
-   This API can be used only when the user is logged in using Cloud Directory identity provider.
+   Use LoginWidget class to start the change password flow. This API can be used only when the user logged in by using Cloud Directory as their identity provider.
    
    ```java
     LoginWidget loginWidget = AppID.getInstance().getLoginWidget();
@@ -208,7 +201,7 @@ If you configure only one of them the login widget will NOT launch and the user
    		 });
    ```
  
-### Anonymous Login
+## Anonymous Login
 ```java
 AppID.getInstance().loginAnonymously(getApplicationContext(), new AuthorizationListener() {
 			@Override
@@ -228,7 +221,7 @@ AppID.getInstance().loginAnonymously(getApplicationContext(), new AuthorizationL
 		});
 ```
 
-### User profile attributes
+## User profile attributes
 ```java
 AppID appId = AppID.getInstance();
 String name = "name";
@@ -282,7 +275,7 @@ appId.getUserAttributeManager().deleteAttribute(name, new UserAttributeResponseL
 		});
 ```
 
-### Invoking protected resources
+## Invoking protected resources
 ```java
 BMSClient bmsClient = BMSClient.getInstance();
 bmsClient.initialize(getApplicationContext(), AppID.REGION_UK);
@@ -309,7 +302,7 @@ public void onFailure (Response response, Throwable t, JSONObject extendedInfo)
 });
 ```
 
-### License
+## License
 This package contains code licensed under the Apache License, Version 2.0 (the "License"). You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 and may also view the License in the LICENSE file within this package.
 
 [img-bluemix-powered]: https://img.shields.io/badge/bluemix-powered-blue.svg

From 398c097f684359887794227e3352821c8155a8a3 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Fri, 1 Dec 2017 12:01:53 +0200
Subject: [PATCH 29/33] testc

---
 .../android/internal/authorizationmanager/ChromeTabActivity.java | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
index e9ee384..8a059f6 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/internal/authorizationmanager/ChromeTabActivity.java
@@ -24,7 +24,6 @@
 import android.support.customtabs.CustomTabsIntent;
 import android.support.v4.content.LocalBroadcastManager;
 
-
 import com.ibm.bluemix.appid.android.api.AuthorizationException;
 import com.ibm.bluemix.appid.android.api.AuthorizationListener;
 import com.ibm.bluemix.appid.android.internal.OAuthManager;

From 569354247485fb3fb60714618e3efe6020447ead Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Sun, 3 Dec 2017 10:33:34 +0200
Subject: [PATCH 30/33] remove unused import

---
 lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java | 1 -
 1 file changed, 1 deletion(-)

diff --git a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
index 27b7742..3ec3bef 100644
--- a/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
+++ b/lib/src/main/java/com/ibm/bluemix/appid/android/api/AppID.java
@@ -20,7 +20,6 @@
 import com.ibm.bluemix.appid.android.api.userattributes.UserAttributeManager;
 import com.ibm.bluemix.appid.android.internal.OAuthManager;
 import com.ibm.bluemix.appid.android.internal.loginwidget.LoginWidgetImpl;
-import com.ibm.bluemix.appid.android.internal.tokens.AccessTokenImpl;
 import com.ibm.bluemix.appid.android.internal.userattributesmanager.UserAttributeManagerImpl;
 
 import org.jetbrains.annotations.NotNull;

From adc088d4209d8a533dd2f2843b65f3042968f658 Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Sun, 3 Dec 2017 11:16:03 +0200
Subject: [PATCH 31/33] small update to readme

---
 README.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/README.md b/README.md
index c4a107e..4a48105 100644
--- a/README.md
+++ b/README.md
@@ -82,7 +82,6 @@ loginWidget.launch(this, new AuthorizationListener() {
 * When using Cloud Directory, and "Email verification" is configured to *not* allow users to sign-in without email verification, then the "onAuthorizationSuccess" of the "AuthorizationListener" will be invoked without tokens.
 
 ## Managing Cloud Directory with the Android SDK
-{: #managing-android} 
 
  Make sure to set Cloud Directory identity provider to ON in AppID dashboard, when using the following APIs.
 

From 635147c89f346d4cc77f341835883e0a308ccc5c Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Sun, 3 Dec 2017 11:37:17 +0200
Subject: [PATCH 32/33] update codacy url

---
 README.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 4a48105..421c8bd 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
 [![Bluemix powered][img-bluemix-powered]][url-bluemix]
 [![Travis][img-travis-master]][url-travis-master]
 [![Coverage Status][img-coveralls-master]][url-coveralls-master]
-[![Codacy][img-codacy]][url-codacy]
+[![Codacy Badge][img-codacy]][url-codacy]
 [![Release](https://jitpack.io/v/ibm-cloud-security/appid-clientsdk-android.svg)](https://jitpack.io/#ibm-cloud-security/appid-clientsdk-android)
 [![License][img-license]][url-bintray]
 
@@ -82,6 +82,7 @@ loginWidget.launch(this, new AuthorizationListener() {
 * When using Cloud Directory, and "Email verification" is configured to *not* allow users to sign-in without email verification, then the "onAuthorizationSuccess" of the "AuthorizationListener" will be invoked without tokens.
 
 ## Managing Cloud Directory with the Android SDK
+{: #managing-android} 
 
  Make sure to set Cloud Directory identity provider to ON in AppID dashboard, when using the following APIs.
 
@@ -323,5 +324,5 @@ This package contains code licensed under the Apache License, Version 2.0 (the "
 [img-coveralls-master]: https://coveralls.io/repos/github/ibm-cloud-security/appid-clientsdk-android/badge.svg?branch=master
 [url-coveralls-master]: https://coveralls.io/github/ibm-cloud-security/appid-clientsdk-android?branch=master
 
-[img-codacy]: https://api.codacy.com/project/badge/Grade/d41f8f069dd343769fcbdb55089561fc
-[url-codacy]: https://www.codacy.com/app/ibm-cloud-security/appid-clientsdk-android
+[img-codacy]: https://api.codacy.com/project/badge/Grade/be6f5f4cdae446909279d014bc650b1b
+[url-codacy]: https://www.codacy.com/app/rotembr/appid-clientsdk-android?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=ibm-cloud-security/appid-clientsdk-android&amp;utm_campaign=Badge_Grad

From d3a40308913cb34f47dde7d2cde1705166fc89fe Mon Sep 17 00:00:00 2001
From: rotembr <rotembr@il.ibm.com>
Date: Tue, 12 Dec 2017 11:10:04 +0200
Subject: [PATCH 33/33] change core dependency to not be a jar

---
 lib/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/build.gradle b/lib/build.gradle
index 16ba53c..0d9b622 100644
--- a/lib/build.gradle
+++ b/lib/build.gradle
@@ -50,7 +50,7 @@ dependencies {
     compile 'com.squareup.okhttp3:okhttp:3.9.0'
     compile 'com.squareup.okhttp3:okhttp-urlconnection:3.9.0'
     compile 'com.ibm.mobilefirstplatform.clientsdk.android:analyticsapi:[1.0.0,)'
-    compile 'com.ibm.mobilefirstplatform.clientsdk.android:core:3.1.0@aar'
+    compile 'com.ibm.mobilefirstplatform.clientsdk.android:core:3.1.3'
 
     compile 'com.android.support:appcompat-v7:25.1.0'
     compile 'com.android.support:customtabs:25.1.0'