diff options
author | Parménides GV <parmegv@sdf.org> | 2013-11-07 16:24:58 +0100 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2013-11-19 19:29:59 +0100 |
commit | f15ca67765fe3d9e129398d4ee3daa27cedfe00d (patch) | |
tree | 54529106a24ee2b94f005bad8c61e7820a648504 /src/se | |
parent | f52bc57e04f573e3a6ecda0d763f221b0eab5fb9 (diff) |
Token based authentication implemented.
We use the session id cookie in the SRP process, and then reset the cookie store (forgetting about that cookie) and store the authentication token in a static variable inside LeapSRPSession.
Diffstat (limited to 'src/se')
-rw-r--r-- | src/se/leap/bitmaskclient/LeapSRPSession.java | 11 | ||||
-rw-r--r-- | src/se/leap/bitmaskclient/ProviderAPI.java | 14 |
2 files changed, 22 insertions, 3 deletions
diff --git a/src/se/leap/bitmaskclient/LeapSRPSession.java b/src/se/leap/bitmaskclient/LeapSRPSession.java index 14a8bff2..0849f777 100644 --- a/src/se/leap/bitmaskclient/LeapSRPSession.java +++ b/src/se/leap/bitmaskclient/LeapSRPSession.java @@ -35,9 +35,12 @@ import org.jboss.security.srp.SRPParameters; */ public class LeapSRPSession { + private static String token = ""; + final public static String SALT = "salt"; final public static String M1 = "M1"; final public static String M2 = "M2"; + final public static String TOKEN = "token"; private SRPParameters params; private String username; @@ -312,6 +315,14 @@ public class LeapSRPSession { boolean valid = Arrays.equals(M2, myM2); return valid; } + + protected static void setToken(String token) { + LeapSRPSession.token = token; + } + + protected static String getToken() { + return token; + } /** * @return a new SHA-256 digest. diff --git a/src/se/leap/bitmaskclient/ProviderAPI.java b/src/se/leap/bitmaskclient/ProviderAPI.java index b23bdc7f..5c8b29ca 100644 --- a/src/se/leap/bitmaskclient/ProviderAPI.java +++ b/src/se/leap/bitmaskclient/ProviderAPI.java @@ -27,6 +27,7 @@ import java.net.CookieManager; import java.net.CookiePolicy; import java.net.MalformedURLException; import java.net.SocketTimeoutException; +import java.net.URISyntaxException; import java.net.URL; import java.net.URLConnection; import java.net.URLEncoder; @@ -343,6 +344,9 @@ public class ProviderAPI extends IntentService { session_idAndM2.put(ConfigHelper.SESSION_ID_COOKIE_KEY, session_id_cookie.getName()); session_idAndM2.put(ConfigHelper.SESSION_ID_KEY, session_id_cookie.getValue());*/ session_idAndM2.put(LeapSRPSession.M2, ConfigHelper.trim(M2_not_trimmed)); + CookieHandler.setDefault(null); // we don't need cookies anymore + String token = json_response.getString(LeapSRPSession.TOKEN); + LeapSRPSession.setToken(token); } return session_idAndM2; } @@ -516,6 +520,8 @@ public class ProviderAPI extends IntentService { provider_url = new URL(string_url); URLConnection url_connection = provider_url.openConnection(); url_connection.setConnectTimeout(seconds_of_timeout*1000); + if(!LeapSRPSession.getToken().isEmpty()) + url_connection.addRequestProperty(LeapSRPSession.TOKEN, LeapSRPSession.getToken()); json_file_content = new Scanner(url_connection.getInputStream()).useDelimiter("\\A").next(); } catch (MalformedURLException e) { json_file_content = formatErrorMessage(R.string.malformed_url); @@ -551,6 +557,8 @@ public class ProviderAPI extends IntentService { HttpsURLConnection urlConnection = (HttpsURLConnection)url.openConnection(); urlConnection.setSSLSocketFactory(getProviderSSLSocketFactory()); + if(!LeapSRPSession.getToken().isEmpty()) + urlConnection.addRequestProperty(LeapSRPSession.TOKEN, LeapSRPSession.getToken()); json_file_content = new Scanner(urlConnection.getInputStream()).useDelimiter("\\A").next(); } catch (CertificateException e) { // TODO Auto-generated catch block @@ -710,11 +718,11 @@ public class ProviderAPI extends IntentService { try { String type_of_certificate = task.getString(ConfigurationWizard.TYPE_OF_CERTIFICATE); JSONObject provider_json = ConfigHelper.getJsonFromSharedPref(Provider.KEY); - URL provider_main_url = new URL(provider_json.getString(Provider.API_URL)); - String new_cert_string_url = provider_main_url.toString() + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.CERTIFICATE; + String provider_main_url = provider_json.getString(Provider.API_URL); + URL new_cert_string_url = new URL(provider_main_url + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.CERTIFICATE); boolean danger_on = ConfigHelper.getBoolFromSharedPref(ProviderItem.DANGER_ON); - String cert_string = downloadWithProviderCA(new_cert_string_url, true); + String cert_string = downloadWithProviderCA(new_cert_string_url, danger_on); if(!cert_string.isEmpty()) { if(ConfigHelper.checkErroneousDownload(cert_string)) { String reason_to_fail = provider_json.getString(ERRORS); |