summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorParménides GV <parmegv@sdf.org>2013-11-07 16:24:58 +0100
committerParménides GV <parmegv@sdf.org>2013-11-19 19:29:59 +0100
commitf15ca67765fe3d9e129398d4ee3daa27cedfe00d (patch)
tree54529106a24ee2b94f005bad8c61e7820a648504
parentf52bc57e04f573e3a6ecda0d763f221b0eab5fb9 (diff)
Token based authentication implemented.
We use the session id cookie in the SRP process, and then reset the cookie store (forgetting about that cookie) and store the authentication token in a static variable inside LeapSRPSession.
-rw-r--r--src/se/leap/bitmaskclient/LeapSRPSession.java11
-rw-r--r--src/se/leap/bitmaskclient/ProviderAPI.java14
2 files changed, 22 insertions, 3 deletions
diff --git a/src/se/leap/bitmaskclient/LeapSRPSession.java b/src/se/leap/bitmaskclient/LeapSRPSession.java
index 14a8bff2..0849f777 100644
--- a/src/se/leap/bitmaskclient/LeapSRPSession.java
+++ b/src/se/leap/bitmaskclient/LeapSRPSession.java
@@ -35,9 +35,12 @@ import org.jboss.security.srp.SRPParameters;
*/
public class LeapSRPSession {
+ private static String token = "";
+
final public static String SALT = "salt";
final public static String M1 = "M1";
final public static String M2 = "M2";
+ final public static String TOKEN = "token";
private SRPParameters params;
private String username;
@@ -312,6 +315,14 @@ public class LeapSRPSession {
boolean valid = Arrays.equals(M2, myM2);
return valid;
}
+
+ protected static void setToken(String token) {
+ LeapSRPSession.token = token;
+ }
+
+ protected static String getToken() {
+ return token;
+ }
/**
* @return a new SHA-256 digest.
diff --git a/src/se/leap/bitmaskclient/ProviderAPI.java b/src/se/leap/bitmaskclient/ProviderAPI.java
index b23bdc7f..5c8b29ca 100644
--- a/src/se/leap/bitmaskclient/ProviderAPI.java
+++ b/src/se/leap/bitmaskclient/ProviderAPI.java
@@ -27,6 +27,7 @@ import java.net.CookieManager;
import java.net.CookiePolicy;
import java.net.MalformedURLException;
import java.net.SocketTimeoutException;
+import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
@@ -343,6 +344,9 @@ public class ProviderAPI extends IntentService {
session_idAndM2.put(ConfigHelper.SESSION_ID_COOKIE_KEY, session_id_cookie.getName());
session_idAndM2.put(ConfigHelper.SESSION_ID_KEY, session_id_cookie.getValue());*/
session_idAndM2.put(LeapSRPSession.M2, ConfigHelper.trim(M2_not_trimmed));
+ CookieHandler.setDefault(null); // we don't need cookies anymore
+ String token = json_response.getString(LeapSRPSession.TOKEN);
+ LeapSRPSession.setToken(token);
}
return session_idAndM2;
}
@@ -516,6 +520,8 @@ public class ProviderAPI extends IntentService {
provider_url = new URL(string_url);
URLConnection url_connection = provider_url.openConnection();
url_connection.setConnectTimeout(seconds_of_timeout*1000);
+ if(!LeapSRPSession.getToken().isEmpty())
+ url_connection.addRequestProperty(LeapSRPSession.TOKEN, LeapSRPSession.getToken());
json_file_content = new Scanner(url_connection.getInputStream()).useDelimiter("\\A").next();
} catch (MalformedURLException e) {
json_file_content = formatErrorMessage(R.string.malformed_url);
@@ -551,6 +557,8 @@ public class ProviderAPI extends IntentService {
HttpsURLConnection urlConnection =
(HttpsURLConnection)url.openConnection();
urlConnection.setSSLSocketFactory(getProviderSSLSocketFactory());
+ if(!LeapSRPSession.getToken().isEmpty())
+ urlConnection.addRequestProperty(LeapSRPSession.TOKEN, LeapSRPSession.getToken());
json_file_content = new Scanner(urlConnection.getInputStream()).useDelimiter("\\A").next();
} catch (CertificateException e) {
// TODO Auto-generated catch block
@@ -710,11 +718,11 @@ public class ProviderAPI extends IntentService {
try {
String type_of_certificate = task.getString(ConfigurationWizard.TYPE_OF_CERTIFICATE);
JSONObject provider_json = ConfigHelper.getJsonFromSharedPref(Provider.KEY);
- URL provider_main_url = new URL(provider_json.getString(Provider.API_URL));
- String new_cert_string_url = provider_main_url.toString() + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.CERTIFICATE;
+ String provider_main_url = provider_json.getString(Provider.API_URL);
+ URL new_cert_string_url = new URL(provider_main_url + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.CERTIFICATE);
boolean danger_on = ConfigHelper.getBoolFromSharedPref(ProviderItem.DANGER_ON);
- String cert_string = downloadWithProviderCA(new_cert_string_url, true);
+ String cert_string = downloadWithProviderCA(new_cert_string_url, danger_on);
if(!cert_string.isEmpty()) {
if(ConfigHelper.checkErroneousDownload(cert_string)) {
String reason_to_fail = provider_json.getString(ERRORS);