feat(onramp): add two-tier WebView postMessage timeout with auth-aware watchdog

Detects dead/unresponsive Coinbase OnRamp WebViews with a 30s initial
timeout after page load and 15s inter-event timeout. The watchdog pauses
during pending_payment_auth (user is authenticating with their bank) to
avoid false positives, and resumes on the next event.

Signed-off-by: Brandon McAnsh <git@bmcreations.dev>

Author: bmc08gt

apps/flipcash/core/src/main/res/values/strings.xml

@@ -568,6 +568,9 @@
     <string name="error_title_onrampInternal">Something Went Wrong</string>
     <string name="error_description_onrampInternal">Please try again. We appreciate your patience</string>
 
+    <string name="error_title_onrampTimeout">Payment Timed Out</string>
+    <string name="error_description_onrampTimeout">The payment session took too long to respond. Please try again.</string>
+
     <string name="error_title_onrampTransactionSendFailed">Something Went Wrong</string>
     <string name="error_description_onrampTransactionSendFailed">We are working with the Coinbase team to resolve the issue. Your card will be refunded in the meantime. Please try again later</string>
 

apps/flipcash/shared/onramp/coinbase/src/main/kotlin/com/flipcash/app/onramp/CoinbaseOnRampHandler.kt

@@ -133,7 +133,8 @@ private fun showOnRampFailure(resources: Resources, error: CoinbaseOnRampWebErro
         }
 
         is CoinbaseOnRampWebError.Internal,
-        is CoinbaseOnRampWebError.GooglePayButtonNotFound -> {
+        is CoinbaseOnRampWebError.GooglePayButtonNotFound,
+        is CoinbaseOnRampWebError.WebViewTimeout -> {
             BottomBarManager.showError(
                 title = resources.getString(R.string.error_title_onrampInternal),
                 message = resources.getString(R.string.error_description_onrampInternal),

apps/flipcash/shared/onramp/coinbase/src/main/kotlin/com/flipcash/app/onramp/CoinbaseOnRampWebview.kt

@@ -33,18 +33,20 @@ fun CoinbaseOnRampWebview(
     onPaymentFailure: (CoinbaseOnRampWebError) -> Unit,
     onCancel: () -> Unit,
 ) {
+    var cleanup: (() -> Unit)? = null
     ComposeWebView(
         modifier = Modifier
             .fillMaxSize()
             .alpha(0f),
         url = paymentLinkUrl,
         factoryExtension = {
-            configureForCoinbaseOnRamp(
+            cleanup = configureForCoinbaseOnRamp(
                 onPaymentSuccess = { onPaymentSuccess(orderId) },
                 onPaymentFailure = onPaymentFailure,
                 onCancel = onCancel,
             )
-        }
+        },
+        onRelease = { cleanup?.invoke() },
     )
 }
 
@@ -53,13 +55,61 @@ private fun WebView.configureForCoinbaseOnRamp(
     onPaymentSuccess: () -> Unit,
     onPaymentFailure: (CoinbaseOnRampWebError) -> Unit,
     onCancel: () -> Unit,
-) {
+): () -> Unit {
     val startMark = TimeSource.Monotonic.markNow()
     trace(tag = "CoinbaseOnRamp", message = "WebView configured")
 
     val autoClickTriggered = AtomicBoolean(false)
+    val terminalEventReceived = AtomicBoolean(false)
     var messageListenerInstalled = false
 
+    var initialTimeoutRunnable: Runnable? = null
+    var interEventTimeoutRunnable: Runnable? = null
+
+    fun cancelAllTimeouts() {
+        initialTimeoutRunnable?.let { removeCallbacks(it) }
+        interEventTimeoutRunnable?.let { removeCallbacks(it) }
+    }
+
+    val timeoutAction = Runnable {
+        if (terminalEventReceived.compareAndSet(false, true)) {
+            trace(tag = "CoinbaseOnRamp", message = "WebView timeout fired")
+            onPaymentFailure(CoinbaseOnRampWebError.WebViewTimeout())
+        }
+    }
+
+    fun scheduleInterEventTimeout() {
+        val runnable = Runnable { timeoutAction.run() }
+        interEventTimeoutRunnable = runnable
+        postDelayed(runnable, INTER_EVENT_TIMEOUT_MS)
+    }
+
+    val wrappedOnPaymentSuccess: () -> Unit = {
+        terminalEventReceived.set(true)
+        post { cancelAllTimeouts() }
+        onPaymentSuccess()
+    }
+
+    val wrappedOnPaymentFailure: (CoinbaseOnRampWebError) -> Unit = { error ->
+        terminalEventReceived.set(true)
+        post { cancelAllTimeouts() }
+        onPaymentFailure(error)
+    }
+
+    val wrappedOnCancel: () -> Unit = {
+        terminalEventReceived.set(true)
+        post { cancelAllTimeouts() }
+        onCancel()
+    }
+
+    val heartbeat: () -> Unit = {
+        post { cancelAllTimeouts(); scheduleInterEventTimeout() }
+    }
+
+    val pauseWatchdog: () -> Unit = {
+        post { cancelAllTimeouts() }
+    }
+
     settings.javaScriptEnabled = true
     settings.domStorageEnabled = true
     settings.javaScriptCanOpenWindowsAutomatically = true
@@ -68,9 +118,11 @@ private fun WebView.configureForCoinbaseOnRamp(
 
     val eventHandler = CoinbaseOnRampEventHandler(
         startMark = startMark,
-        onPaymentSuccess = onPaymentSuccess,
-        onPaymentFailure = onPaymentFailure,
-        onCancel = onCancel,
+        onPaymentSuccess = wrappedOnPaymentSuccess,
+        onPaymentFailure = wrappedOnPaymentFailure,
+        onCancel = wrappedOnCancel,
+        onHeartbeat = heartbeat,
+        onPauseWatchdog = pauseWatchdog,
         onAutoClickGPay = {
             if (autoClickTriggered.compareAndSet(false, true)) {
                 post {
@@ -100,6 +152,12 @@ private fun WebView.configureForCoinbaseOnRamp(
             )
             view?.evaluateJavascript(CoinbaseOnRampScripts.MESSAGE_BRIDGE, null)
 
+            // Start the initial timeout — if no postMessage event arrives within
+            // INITIAL_TIMEOUT_MS after page load, the WebView is considered dead.
+            val runnable = Runnable { timeoutAction.run() }
+            initialTimeoutRunnable = runnable
+            view?.postDelayed(runnable, INITIAL_TIMEOUT_MS)
+
             // Fallback: if load_success already fired before the bridge was installed,
             // trigger auto-click after a delay to give the bridge a chance first.
             view?.postDelayed({
@@ -116,7 +174,7 @@ private fun WebView.configureForCoinbaseOnRamp(
             error: WebResourceError?
         ) {
             if (request?.isForMainFrame == true) {
-                onPaymentFailure(CoinbaseOnRampWebError.GuestGooglePayError())
+                wrappedOnPaymentFailure(CoinbaseOnRampWebError.GuestGooglePayError())
             }
         }
     }
@@ -133,4 +191,9 @@ private fun WebView.configureForCoinbaseOnRamp(
         )
         CookieManager.getInstance().setAcceptThirdPartyCookies(this, true)
     }
-}
+
+    return { cancelAllTimeouts() }
+}
+
+private const val INITIAL_TIMEOUT_MS = 30_000L
+private const val INTER_EVENT_TIMEOUT_MS = 15_000L

apps/flipcash/shared/onramp/coinbase/src/main/kotlin/com/flipcash/app/onramp/internal/CoinbaseOnRampEventHandler.kt

@@ -135,12 +135,15 @@ internal class CoinbaseOnRampEventHandler(
     private val onPaymentFailure: (CoinbaseOnRampWebError) -> Unit,
     private val onCancel: () -> Unit,
     private val onAutoClickGPay: () -> Unit,
+    private val onHeartbeat: () -> Unit = {},
+    private val onPauseWatchdog: () -> Unit = {},
 ) {
     private var errorReported = false
     fun handleEvent(eventJson: String) {
         trace(tag = "CoinbaseOnRamp", message = eventJson)
         try {
             val obj = JSONObject(eventJson)
+            var pauseWatchdog = false
             when (val eventName = obj.optString("eventName")) {
                 "onramp_api.load_success" -> {
                     trace(
@@ -197,6 +200,13 @@ internal class CoinbaseOnRampEventHandler(
                 // cancel: no-op per spec — GPay button re-shows automatically
                 "onramp_api.cancel" -> onCancel()
 
+                // User is authenticating (bank login, 2FA, etc.) — pause the
+                // watchdog so the inter-event timeout doesn't false-fire while
+                // the user is interacting with the payment sheet.
+                "onramp_api.pending_payment_auth" -> {
+                    pauseWatchdog = true
+                }
+
                 "timing.gpay_button_clicked" -> {
                     trace(
                         tag = "CoinbaseOnRamp",
@@ -230,6 +240,12 @@ internal class CoinbaseOnRampEventHandler(
                     )
                 }
             }
+
+            if (pauseWatchdog) {
+                onPauseWatchdog()
+            } else {
+                onHeartbeat()
+            }
         } catch (e: Exception) {
             trace(tag = "CoinbaseOnRamp", message = "Error parsing event", error = e)
         }
@@ -248,6 +264,7 @@ sealed class CoinbaseOnRampWebError(val data: String? = null): Throwable() {
     class GuestGooglePayNotReady(data: String? = null) : CoinbaseOnRampWebError(data)
     class Internal(data: String? = null) : CoinbaseOnRampWebError(data), NotifiableError
     class GooglePayButtonNotFound(data: String? = null) : CoinbaseOnRampWebError(data), NotifiableError
+    class WebViewTimeout(data: String? = null) : CoinbaseOnRampWebError(data), NotifiableError
 
     companion object {
         fun fromErrorCode(errorCode: String, data: String? = null): CoinbaseOnRampWebError {

apps/flipcash/shared/onramp/coinbase/src/test/kotlin/com/flipcash/app/onramp/internal/CoinbaseOnRampEventHandlerTest.kt

@@ -6,6 +6,8 @@ import org.robolectric.RobolectricTestRunner
 import org.robolectric.annotation.Config
 import kotlin.test.assertEquals
 import kotlin.time.TimeSource
+import com.getcode.utils.NotifiableError
+import kotlin.test.assertFalse
 import kotlin.test.assertIs
 import kotlin.test.assertNotNull
 import kotlin.test.assertTrue
@@ -17,6 +19,8 @@ class CoinbaseOnRampEventHandlerTest {
     private var successCount = 0
     private var cancelCount = 0
     private var autoClickCount = 0
+    private var heartbeatCount = 0
+    private var pauseWatchdogCount = 0
     private var lastError: CoinbaseOnRampWebError? = null
 
     private val handler = CoinbaseOnRampEventHandler(
@@ -25,6 +29,8 @@ class CoinbaseOnRampEventHandlerTest {
         onPaymentFailure = { lastError = it },
         onCancel = { cancelCount++ },
         onAutoClickGPay = { autoClickCount++ },
+        onHeartbeat = { heartbeatCount++ },
+        onPauseWatchdog = { pauseWatchdogCount++ },
     )
 
     // --- Event routing ---
@@ -131,6 +137,50 @@ class CoinbaseOnRampEventHandlerTest {
         assertEquals(0, successCount)
         assertTrue(lastError == null)
     }
+
+    // --- Heartbeat / watchdog ---
+
+    @Test
+    fun heartbeatFiredForStandardEvents() {
+        val events = listOf(
+            """{"eventName":"onramp_api.load_success"}""",
+            """{"eventName":"onramp_api.polling_success"}""",
+            """{"eventName":"onramp_api.cancel"}""",
+            """{"eventName":"onramp_api.commit_success"}""",
+            """{"eventName":"onramp_api.payment_authorized"}""",
+            """{"eventName":"timing.gpay_button_clicked"}""",
+        )
+        events.forEachIndexed { index, event ->
+            handler.handleEvent(event)
+            assertEquals(index + 1, heartbeatCount, "heartbeat not fired for: $event")
+        }
+        assertEquals(0, pauseWatchdogCount)
+    }
+
+    @Test
+    fun pendingPaymentAuthPausesWatchdog() {
+        handler.handleEvent("""{"eventName":"onramp_api.pending_payment_auth"}""")
+        assertEquals(0, heartbeatCount)
+        assertEquals(1, pauseWatchdogCount)
+    }
+
+    @Test
+    fun heartbeatNotFiredOnMalformedJson() {
+        handler.handleEvent("not json")
+        assertEquals(0, heartbeatCount)
+        assertEquals(0, pauseWatchdogCount)
+    }
+
+    @Test
+    fun heartbeatResumesAfterPendingPaymentAuth() {
+        handler.handleEvent("""{"eventName":"onramp_api.pending_payment_auth"}""")
+        assertEquals(1, pauseWatchdogCount)
+        assertEquals(0, heartbeatCount)
+
+        handler.handleEvent("""{"eventName":"onramp_api.payment_authorized"}""")
+        assertEquals(1, heartbeatCount)
+        assertEquals(1, pauseWatchdogCount)
+    }
 }
 
 class CoinbaseOnRampWebErrorTest {
@@ -169,4 +219,11 @@ class CoinbaseOnRampWebErrorTest {
     fun fromErrorCodeCaseSensitive() {
         assertIs<CoinbaseOnRampWebError.Unknown>(CoinbaseOnRampWebError.fromErrorCode("error_code_internal"))
     }
+
+    @Test
+    fun webViewTimeoutImplementsNotifiableError() {
+        val error = CoinbaseOnRampWebError.WebViewTimeout()
+        assertIs<NotifiableError>(error)
+        assertIs<Throwable>(error)
+    }
 }

apps/flipcash/shared/web/src/main/kotlin/com/flipcash/app/web/ComposeWebView.kt

@@ -10,10 +10,12 @@ fun ComposeWebView(
     url: String,
     modifier: Modifier = Modifier,
     factoryExtension: WebView.() -> Unit = { },
+    onRelease: (WebView) -> Unit = { },
 ) {
     AndroidView(
         modifier = modifier,
         factory = { WebView(it).apply(factoryExtension) },
-        update = { it.loadUrl(url) }
+        update = { it.loadUrl(url) },
+        onRelease = onRelease,
     )
 }