8827 - discussion

* validate urls before changing anything in Provider.define() * save private key and vpn cert after login/signup
author: Fup Duck <fupduck@sacknagel.com> 2018-02-11 13:25:24 +0100
committer: Fup Duck <fupduck@sacknagel.com> 2018-02-11 13:28:43 +0100
commit: ca82cdf77ee4d30b820a1f936315c6c5be78359d (patch)
tree: 90f031e4b2603a8254d178317942e808adba6099 /app/src/production/java/se/leap
parent: df4bf064a8c9310ed887d80bf6cd6328d1363f49 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java b/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java
index 839c5a5d..5317118b 100644
--- a/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java
+++ b/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java
@@ -36,9 +36,11 @@ import static android.text.TextUtils.isEmpty;
 import static se.leap.bitmaskclient.Constants.BROADCAST_RESULT_KEY;
 import static se.leap.bitmaskclient.Constants.PROVIDER_VPN_CERTIFICATE;
 import static se.leap.bitmaskclient.DownloadFailedDialog.DOWNLOAD_ERRORS.ERROR_CERTIFICATE_PINNING;
+import static se.leap.bitmaskclient.DownloadFailedDialog.DOWNLOAD_ERRORS.ERROR_CORRUPTED_PROVIDER_JSON;
 import static se.leap.bitmaskclient.ProviderAPI.ERRORS;
 import static se.leap.bitmaskclient.R.string.malformed_url;
 import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_cert;
+import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_details;
 
 /**
  * Implements the logic of the provider api http requests. The methods of this class need to be called from
@@ -124,9 +126,12 @@ public class ProviderApiManager extends ProviderApiManagerBase {
 
         try {
             JSONObject providerJson = new JSONObject(providerDotJsonString);
-            provider.define(providerJson);
+            if (provider.define(providerJson)) {
+                result.putBoolean(BROADCAST_RESULT_KEY, true);
+            } else {
+                return setErrorResult(result, warning_corrupted_provider_details, ERROR_CORRUPTED_PROVIDER_JSON.toString());
+            }
 
-            result.putBoolean(BROADCAST_RESULT_KEY, true);
         } catch (JSONException e) {
             String reason_to_fail = pickErrorMessage(providerDotJsonString);
             result.putString(ERRORS, reason_to_fail);
author	Fup Duck <fupduck@sacknagel.com>	2018-02-11 13:25:24 +0100
committer	Fup Duck <fupduck@sacknagel.com>	2018-02-11 13:28:43 +0100
commit	ca82cdf77ee4d30b820a1f936315c6c5be78359d (patch)
tree	90f031e4b2603a8254d178317942e808adba6099 /app/src/production/java/se/leap
parent	df4bf064a8c9310ed887d80bf6cd6328d1363f49 (diff)