diff options
Diffstat (limited to 'app/src/debug')
11 files changed, 0 insertions, 1873 deletions
diff --git a/app/src/debug/AndroidManifest.xml b/app/src/debug/AndroidManifest.xml deleted file mode 100644 index 523a7ec5..00000000 --- a/app/src/debug/AndroidManifest.xml +++ /dev/null @@ -1,28 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<!-- - Copyright (C) 2011 The Android Open Source Project - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. ---> - -<manifest xmlns:android="http://schemas.android.com/apk/res/android" - package="se.leap.bitmaskclient"> - - <!-- if you want to run test, this permissions are needed. Gradle will get rid of them once we implement it. --> - <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" /> - <uses-permission android:name="android.permission.CHANGE_NETWORK_STATE"/> - <uses-permission android:name="android.permission.WRITE_SECURE_SETTINGS"/> - <uses-permission android:name="android.permission.ACCESS_WIFI_STATE" /> - <uses-permission android:name="android.permission.CHANGE_WIFI_STATE" /> - -</manifest> diff --git a/app/src/debug/assets/urls/cdev.bitmask.net.url b/app/src/debug/assets/urls/cdev.bitmask.net.url deleted file mode 100644 index 4ceca5ee..00000000 --- a/app/src/debug/assets/urls/cdev.bitmask.net.url +++ /dev/null @@ -1,3 +0,0 @@ -{ - "main_url" : "https://cdev.bitmask.net/" -}
\ No newline at end of file diff --git a/app/src/debug/assets/urls/dev.bitmask.net.url b/app/src/debug/assets/urls/dev.bitmask.net.url deleted file mode 100644 index a1e53f69..00000000 --- a/app/src/debug/assets/urls/dev.bitmask.net.url +++ /dev/null @@ -1,3 +0,0 @@ -{
- "main_url" : "https://dev.bitmask.net/"
-}
\ No newline at end of file diff --git a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java deleted file mode 100644 index 2505d37b..00000000 --- a/app/src/debug/java/se/leap/bitmaskclient/ConfigurationWizard.java +++ /dev/null @@ -1,463 +0,0 @@ -/** - * Copyright (c) 2013 LEAP Encryption Access Project and contributors - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ -package se.leap.bitmaskclient; - -import android.app.*; -import android.content.*; -import android.os.*; -import android.view.*; -import android.widget.*; - -import com.pedrogomez.renderers.*; - -import java.net.*; -import java.util.*; - -import butterknife.*; - -import org.jetbrains.annotations.*; -import org.json.*; - -import javax.inject.*; - -import se.leap.bitmaskclient.DownloadFailedDialog.DownloadFailedDialogInterface; -import se.leap.bitmaskclient.NewProviderDialog.NewProviderDialogInterface; -import se.leap.bitmaskclient.ProviderAPIResultReceiver.Receiver; -import se.leap.bitmaskclient.ProviderDetailFragment.ProviderDetailFragmentInterface; -import se.leap.bitmaskclient.ProviderListContent.ProviderItem; -import se.leap.bitmaskclient.eip.*; -import se.leap.bitmaskclient.userstatus.SessionDialog; - -/** - * Activity that builds and shows the list of known available providers. - * <p/> - * It also allows the user to enter custom providers with a button. - * - * @author parmegv - */ -public class ConfigurationWizard extends Activity - implements NewProviderDialogInterface, ProviderDetailFragmentInterface, DownloadFailedDialogInterface, Receiver { - - @InjectView(R.id.progressbar_configuration_wizard) - ProgressBar mProgressBar; - @InjectView(R.id.progressbar_description) - TextView progressbar_description; - - @InjectView(R.id.provider_list) - ListView provider_list_view; - @Inject - ProviderListAdapter adapter; - - private ProviderManager provider_manager; - private Intent mConfigState = new Intent(); - private Provider selected_provider; - - final public static String TAG = ConfigurationWizard.class.getSimpleName(); - - final protected static String PROVIDER_SET = "PROVIDER SET"; - final protected static String SERVICES_RETRIEVED = "SERVICES RETRIEVED"; - - final private static String PROGRESSBAR_TEXT = TAG + "PROGRESSBAR_TEXT"; - final private static String PROGRESSBAR_NUMBER = TAG + "PROGRESSBAR_NUMBER"; - - public ProviderAPIResultReceiver providerAPI_result_receiver; - private ProviderAPIBroadcastReceiver_Update providerAPI_broadcast_receiver_update; - - private static SharedPreferences preferences; - FragmentManagerEnhanced fragment_manager; - private static boolean setting_up_provider = false; - private String progressbar_text = ""; - private String provider_name = ""; - private int progress = -1; - - private void initProviderList() { - List<Renderer<Provider>> prototypes = new ArrayList<>(); - prototypes.add(new ProviderRenderer(this)); - ProviderRendererBuilder providerRendererBuilder = new ProviderRendererBuilder(prototypes); - adapter = new ProviderListAdapter(getLayoutInflater(), providerRendererBuilder, provider_manager); - provider_list_view.setAdapter(adapter); - } - - @Override - protected void onSaveInstanceState(@NotNull Bundle outState) { - if (mProgressBar != null) - outState.putInt(PROGRESSBAR_NUMBER, mProgressBar.getProgress()); - if (progressbar_description != null) - outState.putString(PROGRESSBAR_TEXT, progressbar_description.getText().toString()); - outState.putParcelable(Provider.KEY, selected_provider); - super.onSaveInstanceState(outState); - } - - @Override - protected void onCreate(Bundle savedInstanceState) { - super.onCreate(savedInstanceState); - preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); - fragment_manager = new FragmentManagerEnhanced(getFragmentManager()); - provider_manager = ProviderManager.getInstance(getAssets(), getExternalFilesDir(null)); - - setUpInitialUI(); - - initProviderList(); - - if (savedInstanceState != null) - restoreState(savedInstanceState); - setUpProviderAPIResultReceiver(); - } - - private void restoreState(Bundle savedInstanceState) { - progressbar_text = savedInstanceState.getString(PROGRESSBAR_TEXT, ""); - provider_name = savedInstanceState.getString(Provider.NAME, ""); - selected_provider = savedInstanceState.getParcelable(Provider.KEY); - progress = savedInstanceState.getInt(PROGRESSBAR_NUMBER, -1); - - if (fragment_manager.findFragmentByTag(ProviderDetailFragment.TAG) == null && setting_up_provider) { - onItemSelectedUi(); - if (progress > 0) - mProgressBar.setProgress(progress); - } - - } - - @Override - protected void onPostResume() { - super.onPostResume(); - if (!progressbar_text.isEmpty() && !provider_name.isEmpty() && progress != -1) { - progressbar_description.setText(progressbar_text); - mProgressBar.setProgress(progress); - - progressbar_text = ""; - provider_name = ""; - progress = -1; - } - } - - private void setUpInitialUI() { - setContentView(R.layout.configuration_wizard_activity); - ButterKnife.inject(this); - - hideProgressBar(); - } - - private void hideProgressBar() { - mProgressBar.setVisibility(ProgressBar.INVISIBLE); - progressbar_description.setVisibility(TextView.INVISIBLE); - } - - @Override - protected void onDestroy() { - super.onDestroy(); - if (providerAPI_broadcast_receiver_update != null) - unregisterReceiver(providerAPI_broadcast_receiver_update); - } - - private void setUpProviderAPIResultReceiver() { - providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler(), this); - providerAPI_broadcast_receiver_update = new ProviderAPIBroadcastReceiver_Update(); - - IntentFilter update_intent_filter = new IntentFilter(ProviderAPI.UPDATE_PROGRESSBAR); - update_intent_filter.addCategory(Intent.CATEGORY_DEFAULT); - registerReceiver(providerAPI_broadcast_receiver_update, update_intent_filter); - } - - @Override - public void onReceiveResult(int resultCode, Bundle resultData) { - if (resultCode == ProviderAPI.PROVIDER_OK) { - mConfigState.setAction(PROVIDER_SET); - - try { - String provider_json_string = preferences.getString(Provider.KEY, ""); - if (!provider_json_string.isEmpty()) - selected_provider.define(new JSONObject(provider_json_string)); - } catch (JSONException e) { - e.printStackTrace(); - } - - if (preferences.getBoolean(Constants.ALLOWED_ANON, false)) { - mConfigState.putExtra(SERVICES_RETRIEVED, true); - - downloadVpnCertificate(); - } else { - mProgressBar.incrementProgressBy(1); - hideProgressBar(); - - showProviderDetails(); - } - } else if (resultCode == ProviderAPI.PROVIDER_NOK) { - hideProgressBar(); - preferences.edit().remove(Provider.KEY).apply(); - setting_up_provider = false; - - String reason_to_fail = resultData.getString(ProviderAPI.ERRORS); - showDownloadFailedDialog(reason_to_fail); - } else if (resultCode == ProviderAPI.CORRECTLY_DOWNLOADED_CERTIFICATE) { - mProgressBar.incrementProgressBy(1); - hideProgressBar(); - - showProviderDetails(); - } else if (resultCode == ProviderAPI.INCORRECTLY_DOWNLOADED_CERTIFICATE) { - hideProgressBar(); - cancelSettingUpProvider(); - Toast.makeText(getApplicationContext(), R.string.provider_problem, Toast.LENGTH_LONG).show(); - } else if (resultCode == AboutActivity.VIEWED) { - // Do nothing, right now - // I need this for CW to wait for the About activity to end before going back to Dashboard. - } - } - - @OnItemClick(R.id.provider_list) - void onItemSelected(int position) { - //TODO Code 2 pane view - selected_provider = adapter.getItem(position); - onItemSelectedLogic(); - onItemSelectedUi(); - } - - private void onItemSelectedLogic() { - boolean danger_on = preferences.getBoolean(ProviderItem.DANGER_ON, true); - setUpProvider(danger_on); - } - - private void onItemSelectedUi() { - startProgressBar(); - adapter.hideAllBut(adapter.indexOf(selected_provider)); - } - - @Override - public void onBackPressed() { - if (setting_up_provider) { - stopSettingUpProvider(); - } else { - askDashboardToQuitApp(); - super.onBackPressed(); - } - } - - private void stopSettingUpProvider() { - ProviderAPI.stop(); - mProgressBar.setVisibility(ProgressBar.GONE); - mProgressBar.setProgress(0); - progressbar_description.setVisibility(TextView.GONE); - - cancelSettingUpProvider(); - } - - public void cancelSettingUpProvider() { - adapter.showAllProviders(); - setting_up_provider = false; - preferences.edit().remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).commit(); - } - - private void askDashboardToQuitApp() { - Intent ask_quit = new Intent(); - ask_quit.putExtra(Dashboard.ACTION_QUIT, Dashboard.ACTION_QUIT); - setResult(RESULT_CANCELED, ask_quit); - } - - private void startProgressBar() { - mProgressBar.setVisibility(ProgressBar.VISIBLE); - progressbar_description.setVisibility(TextView.VISIBLE); - mProgressBar.setProgress(0); - mProgressBar.setMax(3); - - int measured_height = listItemHeight(); - mProgressBar.setTranslationY(measured_height); - progressbar_description.setTranslationY(measured_height + mProgressBar.getHeight()); - } - - private int listItemHeight() { - View listItem = adapter.getView(0, null, provider_list_view); - listItem.setLayoutParams(new RelativeLayout.LayoutParams( - RelativeLayout.LayoutParams.WRAP_CONTENT, - RelativeLayout.LayoutParams.WRAP_CONTENT)); - WindowManager wm = (WindowManager) getApplicationContext() - .getSystemService(Context.WINDOW_SERVICE); - Display display = wm.getDefaultDisplay(); - int screenWidth = display.getWidth(); // deprecated - - int listViewWidth = screenWidth - 10 - 10; - int widthSpec = View.MeasureSpec.makeMeasureSpec(listViewWidth, - View.MeasureSpec.AT_MOST); - listItem.measure(widthSpec, 0); - - return listItem.getMeasuredHeight(); - } - - /** - * Asks ProviderAPI to download an anonymous (anon) VPN certificate. - */ - private void downloadVpnCertificate() { - Intent provider_API_command = new Intent(this, ProviderAPI.class); - - provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE); - provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); - startService(provider_API_command); - } - - /** - * Open the new provider dialog - */ - public void addAndSelectNewProvider() { - FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(NewProviderDialog.TAG); - new NewProviderDialog().show(fragment_transaction, NewProviderDialog.TAG); - } - - /** - * Open the new provider dialog with data - */ - public void addAndSelectNewProvider(String main_url, boolean danger_on) { - FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(NewProviderDialog.TAG); - - DialogFragment newFragment = new NewProviderDialog(); - Bundle data = new Bundle(); - data.putString(Provider.MAIN_URL, main_url); - data.putBoolean(ProviderItem.DANGER_ON, danger_on); - newFragment.setArguments(data); - newFragment.show(fragment_transaction, NewProviderDialog.TAG); - } - - /** - * Once selected a provider, this fragment offers the user to log in, - * use it anonymously (if possible) - * or cancel his/her election pressing the back button. - * - * @param reason_to_fail - */ - public void showDownloadFailedDialog(String reason_to_fail) { - FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(DownloadFailedDialog.TAG); - - DialogFragment newFragment = DownloadFailedDialog.newInstance(reason_to_fail); - newFragment.show(fragment_transaction, DownloadFailedDialog.TAG); - } - - /** - * Once selected a provider, this fragment offers the user to log in, - * use it anonymously (if possible) - * or cancel his/her election pressing the back button. - */ - private void showProviderDetails() { - if (setting_up_provider) { - FragmentTransaction fragment_transaction = fragment_manager.removePreviousFragment(ProviderDetailFragment.TAG); - - DialogFragment newFragment = ProviderDetailFragment.newInstance(); - newFragment.show(fragment_transaction, ProviderDetailFragment.TAG); - setting_up_provider = false; - } - } - - public void showAndSelectProvider(String provider_main_url, boolean danger_on) { - try { - selected_provider = new Provider(new URL((provider_main_url))); - adapter.add(selected_provider); - adapter.saveProviders(); - autoSelectProvider(selected_provider, danger_on); - } catch (MalformedURLException e) { - e.printStackTrace(); - } - } - - private void autoSelectProvider(Provider provider, boolean danger_on) { - preferences.edit().putBoolean(ProviderItem.DANGER_ON, danger_on).apply(); - selected_provider = provider; - onItemSelectedLogic(); - onItemSelectedUi(); - } - - /** - * Asks ProviderAPI to download a new provider.json file - * - * @param danger_on tells if HTTPS client should bypass certificate errors - */ - public void setUpProvider(boolean danger_on) { - Intent provider_API_command = new Intent(this, ProviderAPI.class); - Bundle parameters = new Bundle(); - parameters.putString(Provider.MAIN_URL, selected_provider.mainUrl().getUrl().toString()); - parameters.putBoolean(ProviderItem.DANGER_ON, danger_on); - parameters.putString(Provider.CA_CERT_FINGERPRINT, selected_provider.certificatePin()); - - provider_API_command.setAction(ProviderAPI.SET_UP_PROVIDER); - provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); - provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); - - startService(provider_API_command); - setting_up_provider = true; - } - - public void retrySetUpProvider() { - cancelSettingUpProvider(); - if (!ProviderAPI.caCertDownloaded()) { - addAndSelectNewProvider(ProviderAPI.lastProviderMainUrl(), ProviderAPI.lastDangerOn()); - } else { - Intent provider_API_command = new Intent(this, ProviderAPI.class); - - provider_API_command.setAction(ProviderAPI.SET_UP_PROVIDER); - provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver); - - startService(provider_API_command); - } - } - - @Override - public boolean onCreateOptionsMenu(Menu menu) { - getMenuInflater().inflate(R.menu.configuration_wizard_activity, menu); - return true; - } - - @Override - public boolean onOptionsItemSelected(MenuItem item) { - switch (item.getItemId()) { - case R.id.about_leap: - startActivityForResult(new Intent(this, AboutActivity.class), 0); - return true; - case R.id.new_provider: - addAndSelectNewProvider(); - return true; - default: - return super.onOptionsItemSelected(item); - } - } - - public void showAllProviders() { - adapter.showAllProviders(); - } - - @Override - public void login() { - Intent ask_login = new Intent(); - ask_login.putExtra(SessionDialog.TAG, SessionDialog.TAG); - ask_login.putExtra(Provider.KEY, selected_provider); - setResult(RESULT_OK, ask_login); - setting_up_provider = false; - finish(); - } - - @Override - public void use_anonymously() { - Intent pass_provider = new Intent(); - pass_provider.putExtra(Provider.KEY, selected_provider); - setResult(RESULT_OK, pass_provider); - setting_up_provider = false; - finish(); - } - - public class ProviderAPIBroadcastReceiver_Update extends BroadcastReceiver { - @Override - public void onReceive(Context context, Intent intent) { - int update = intent.getIntExtra(ProviderAPI.CURRENT_PROGRESS, 0); - mProgressBar.setProgress(update); - } - } -} diff --git a/app/src/debug/java/se/leap/bitmaskclient/NewProviderDialog.java b/app/src/debug/java/se/leap/bitmaskclient/NewProviderDialog.java deleted file mode 100644 index c1426708..00000000 --- a/app/src/debug/java/se/leap/bitmaskclient/NewProviderDialog.java +++ /dev/null @@ -1,117 +0,0 @@ -/** - * Copyright (c) 2013 LEAP Encryption Access Project and contributers - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ -package se.leap.bitmaskclient; - -import butterknife.*; -import se.leap.bitmaskclient.ProviderListContent.ProviderItem; - -import android.app.*; -import android.content.*; -import android.os.*; -import android.view.*; -import android.widget.*; - -/** - * Implements the new custom provider dialog. - * - * @author parmegv - */ -public class NewProviderDialog extends DialogFragment { - - final public static String TAG = "newProviderDialog"; - - @InjectView(R.id.new_provider_url) - EditText url_input_field; - @InjectView(R.id.danger_checkbox) - CheckBox danger_checkbox; - - public interface NewProviderDialogInterface { - public void showAndSelectProvider(String url_provider, boolean danger_on); - } - - NewProviderDialogInterface interface_with_ConfigurationWizard; - - @Override - public void onAttach(Activity activity) { - super.onAttach(activity); - try { - interface_with_ConfigurationWizard = (NewProviderDialogInterface) activity; - } catch (ClassCastException e) { - throw new ClassCastException(activity.toString() - + " must implement NoticeDialogListener"); - } - } - - @Override - public Dialog onCreateDialog(Bundle savedInstanceState) { - AlertDialog.Builder builder = new AlertDialog.Builder(getActivity()); - LayoutInflater inflater = getActivity().getLayoutInflater(); - View view = inflater.inflate(R.layout.new_provider_dialog, null); - ButterKnife.inject(this, view); - Bundle arguments = getArguments(); - if (arguments != null) { - url_input_field.setText(arguments.getString(Provider.MAIN_URL, "")); - danger_checkbox.setActivated(arguments.getBoolean(ProviderItem.DANGER_ON, false)); - } - - builder.setView(view) - .setMessage(R.string.introduce_new_provider) - .setPositiveButton(R.string.save, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - saveProvider(); - } - }) - .setNegativeButton(R.string.cancel, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - dialog.cancel(); - } - }); - // Create the AlertDialog object and return it - return builder.create(); - } - - private void saveProvider() { - String entered_url = url_input_field.getText().toString().trim(); - if (!entered_url.startsWith("https://")) { - if (entered_url.startsWith("http://")) { - entered_url = entered_url.substring("http://".length()); - } - entered_url = "https://".concat(entered_url); - } - boolean danger_on = danger_checkbox.isChecked(); - if (validURL(entered_url)) { - interface_with_ConfigurationWizard.showAndSelectProvider(entered_url, danger_on); - Toast.makeText(getActivity().getApplicationContext(), R.string.valid_url_entered, Toast.LENGTH_LONG).show(); - } else { - url_input_field.setText(""); - danger_checkbox.setChecked(false); - Toast.makeText(getActivity().getApplicationContext(), R.string.not_valid_url_entered, Toast.LENGTH_LONG).show(); - ; - } - } - - /** - * Checks if the entered url is valid or not. - * - * @param entered_url - * @return true if it's not empty nor contains only the protocol. - */ - boolean validURL(String entered_url) { - //return !entered_url.isEmpty() && entered_url.matches("http[s]?://.+") && !entered_url.replaceFirst("http[s]?://", "").isEmpty(); - return android.util.Patterns.WEB_URL.matcher(entered_url).matches(); - } -} diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java deleted file mode 100644 index 2d7e13fe..00000000 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderAPI.java +++ /dev/null @@ -1,1012 +0,0 @@ -/** - * Copyright (c) 2013 LEAP Encryption Access Project and contributers - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ -package se.leap.bitmaskclient; - -import android.app.*; -import android.content.*; -import android.content.res.*; -import android.os.*; -import android.util.*; - -import org.apache.http.client.*; -import org.json.*; -import org.thoughtcrime.ssl.pinning.util.*; - -import java.io.*; -import java.math.*; -import java.net.*; -import java.security.*; -import java.security.cert.*; -import java.security.interfaces.*; -import java.util.*; - -import javax.net.ssl.*; - -import se.leap.bitmaskclient.ProviderListContent.*; -import se.leap.bitmaskclient.eip.*; -import se.leap.bitmaskclient.userstatus.SessionDialog; -import se.leap.bitmaskclient.userstatus.User; -import se.leap.bitmaskclient.userstatus.UserStatus; - -/** - * Implements HTTP api methods used to manage communications with the provider server. - * <p/> - * It's an IntentService because it downloads data from the Internet, so it operates in the background. - * - * @author parmegv - * @author MeanderingCode - */ -public class ProviderAPI extends IntentService { - - final public static String - TAG = ProviderAPI.class.getSimpleName(), - SET_UP_PROVIDER = "setUpProvider", - DOWNLOAD_NEW_PROVIDER_DOTJSON = "downloadNewProviderDotJSON", - SIGN_UP = "srpRegister", - LOG_IN = "srpAuth", - LOG_OUT = "logOut", - DOWNLOAD_CERTIFICATE = "downloadUserAuthedCertificate", - PARAMETERS = "parameters", - RESULT_KEY = "result", - RECEIVER_KEY = "receiver", - ERRORS = "errors", - UPDATE_PROGRESSBAR = "update_progressbar", - CURRENT_PROGRESS = "current_progress", - DOWNLOAD_EIP_SERVICE = TAG + ".DOWNLOAD_EIP_SERVICE"; - - final public static int - SUCCESSFUL_LOGIN = 3, - FAILED_LOGIN = 4, - SUCCESSFUL_SIGNUP = 5, - FAILED_SIGNUP = 6, - SUCCESSFUL_LOGOUT = 7, - LOGOUT_FAILED = 8, - CORRECTLY_DOWNLOADED_CERTIFICATE = 9, - INCORRECTLY_DOWNLOADED_CERTIFICATE = 10, - PROVIDER_OK = 11, - PROVIDER_NOK = 12, - CORRECTLY_DOWNLOADED_EIP_SERVICE = 13, - INCORRECTLY_DOWNLOADED_EIP_SERVICE = 14; - - private static boolean - CA_CERT_DOWNLOADED = false, - PROVIDER_JSON_DOWNLOADED = false, - EIP_SERVICE_JSON_DOWNLOADED = false; - - private static String last_provider_main_url; - private static boolean last_danger_on = false; - private static boolean go_ahead = true; - private static SharedPreferences preferences; - private static String provider_api_url; - private static String provider_ca_cert_fingerprint; - private Resources resources; - - public static void stop() { - go_ahead = false; - } - - public ProviderAPI() { - super(TAG); - } - - @Override - public void onCreate() { - super.onCreate(); - - - preferences = getSharedPreferences(Dashboard.SHARED_PREFERENCES, MODE_PRIVATE); - resources = getResources(); - CookieHandler.setDefault(new CookieManager(null, CookiePolicy.ACCEPT_ORIGINAL_SERVER)); - } - - public static String lastProviderMainUrl() { - return last_provider_main_url; - } - - public static boolean lastDangerOn() { - return last_danger_on; - } - - private String formatErrorMessage(final int toast_string_id) { - return "{ \"" + ERRORS + "\" : \"" + getResources().getString(toast_string_id) + "\" }"; - } - - @Override - protected void onHandleIntent(Intent command) { - final ResultReceiver receiver = command.getParcelableExtra(RECEIVER_KEY); - String action = command.getAction(); - Bundle parameters = command.getBundleExtra(PARAMETERS); - if (provider_api_url == null && preferences.contains(Provider.KEY)) { - try { - JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "no provider")); - provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION); - go_ahead = true; - } catch (JSONException e) { - go_ahead = false; - } - } - - if (action.equalsIgnoreCase(SET_UP_PROVIDER)) { - Bundle result = setUpProvider(parameters); - if (result.getBoolean(RESULT_KEY)) { - receiver.send(PROVIDER_OK, result); - } else { - receiver.send(PROVIDER_NOK, result); - } - } else if (action.equalsIgnoreCase(SIGN_UP)) { - UserStatus.updateStatus(UserStatus.SessionStatus.SIGNING_UP, resources); - Bundle result = tryToRegister(parameters); - if (result.getBoolean(RESULT_KEY)) { - receiver.send(SUCCESSFUL_SIGNUP, result); - } else { - receiver.send(FAILED_SIGNUP, result); - } - } else if (action.equalsIgnoreCase(LOG_IN)) { - UserStatus.updateStatus(UserStatus.SessionStatus.LOGGING_IN, resources); - Bundle result = tryToAuthenticate(parameters); - if (result.getBoolean(RESULT_KEY)) { - receiver.send(SUCCESSFUL_LOGIN, result); - UserStatus.updateStatus(UserStatus.SessionStatus.LOGGED_IN, resources); - } else { - receiver.send(FAILED_LOGIN, result); - UserStatus.updateStatus(UserStatus.SessionStatus.NOT_LOGGED_IN, resources); - } - } else if (action.equalsIgnoreCase(LOG_OUT)) { - UserStatus.updateStatus(UserStatus.SessionStatus.LOGGING_OUT, resources); - if (logOut()) { - receiver.send(SUCCESSFUL_LOGOUT, Bundle.EMPTY); - android.util.Log.d(TAG, "Logged out, notifying user status"); - UserStatus.updateStatus(UserStatus.SessionStatus.LOGGED_OUT, resources); - } else { - receiver.send(LOGOUT_FAILED, Bundle.EMPTY); - UserStatus.updateStatus(UserStatus.SessionStatus.DIDNT_LOG_OUT, resources); - } - } else if (action.equalsIgnoreCase(DOWNLOAD_CERTIFICATE)) { - if (updateVpnCertificate()) { - receiver.send(CORRECTLY_DOWNLOADED_CERTIFICATE, Bundle.EMPTY); - } else { - receiver.send(INCORRECTLY_DOWNLOADED_CERTIFICATE, Bundle.EMPTY); - } - } else if (action.equalsIgnoreCase(DOWNLOAD_EIP_SERVICE)) { - Bundle result = getAndSetEipServiceJson(); - if (result.getBoolean(RESULT_KEY)) { - receiver.send(CORRECTLY_DOWNLOADED_EIP_SERVICE, result); - } else { - receiver.send(INCORRECTLY_DOWNLOADED_EIP_SERVICE, result); - } - } - } - - private Bundle tryToRegister(Bundle task) { - Bundle result = new Bundle(); - int progress = 0; - - String username = User.userName(); - String password = task.getString(SessionDialog.PASSWORD); - - if (validUserLoginData(username, password)) { - result = register(username, password); - broadcastProgress(progress++); - } else { - if (!wellFormedPassword(password)) { - result.putBoolean(RESULT_KEY, false); - result.putString(SessionDialog.USERNAME, username); - result.putBoolean(SessionDialog.ERRORS.PASSWORD_INVALID_LENGTH.toString(), true); - } - if (!validUsername(username)) { - result.putBoolean(RESULT_KEY, false); - result.putBoolean(SessionDialog.ERRORS.USERNAME_MISSING.toString(), true); - } - } - - return result; - } - - private Bundle register(String username, String password) { - LeapSRPSession client = new LeapSRPSession(username, password); - byte[] salt = client.calculateNewSalt(); - - BigInteger password_verifier = client.calculateV(username, password, salt); - - JSONObject api_result = sendNewUserDataToSRPServer(provider_api_url, username, new BigInteger(1, salt).toString(16), password_verifier.toString(16)); - - Bundle result = new Bundle(); - if (api_result.has(ERRORS)) - result = authFailedNotification(api_result, username); - else { - result.putString(SessionDialog.USERNAME, username); - result.putString(SessionDialog.PASSWORD, password); - result.putBoolean(RESULT_KEY, true); - } - - return result; - } - - /** - * Starts the authentication process using SRP protocol. - * - * @param task containing: username, password and api url. - * @return a bundle with a boolean value mapped to a key named RESULT_KEY, and which is true if authentication was successful. - */ - private Bundle tryToAuthenticate(Bundle task) { - Bundle result = new Bundle(); - int progress = 0; - - String username = User.userName(); - String password = task.getString(SessionDialog.PASSWORD); - if (validUserLoginData(username, password)) { - result = authenticate(username, password); - broadcastProgress(progress++); - } else { - if (!wellFormedPassword(password)) { - result.putBoolean(RESULT_KEY, false); - result.putString(SessionDialog.USERNAME, username); - result.putBoolean(SessionDialog.ERRORS.PASSWORD_INVALID_LENGTH.toString(), true); - } - if (!validUsername(username)) { - result.putBoolean(RESULT_KEY, false); - result.putBoolean(SessionDialog.ERRORS.USERNAME_MISSING.toString(), true); - } - } - - return result; - } - - - private Bundle authenticate(String username, String password) { - Bundle result = new Bundle(); - - LeapSRPSession client = new LeapSRPSession(username, password); - byte[] A = client.exponential(); - - JSONObject step_result = sendAToSRPServer(provider_api_url, username, new BigInteger(1, A).toString(16)); - try { - String salt = step_result.getString(LeapSRPSession.SALT); - byte[] Bbytes = new BigInteger(step_result.getString("B"), 16).toByteArray(); - byte[] M1 = client.response(new BigInteger(salt, 16).toByteArray(), Bbytes); - if (M1 != null) { - step_result = sendM1ToSRPServer(provider_api_url, username, M1); - setTokenIfAvailable(step_result); - byte[] M2 = new BigInteger(step_result.getString(LeapSRPSession.M2), 16).toByteArray(); - if (client.verify(M2)) { - result.putBoolean(RESULT_KEY, true); - } else { - authFailedNotification(step_result, username); - } - } else { - result.putBoolean(RESULT_KEY, false); - result.putString(SessionDialog.USERNAME, username); - result.putString(getResources().getString(R.string.user_message), getResources().getString(R.string.error_srp_math_error_user_message)); - } - } catch (JSONException e) { - result = authFailedNotification(step_result, username); - e.printStackTrace(); - } - - return result; - } - - private boolean setTokenIfAvailable(JSONObject authentication_step_result) { - try { - LeapSRPSession.setToken(authentication_step_result.getString(LeapSRPSession.TOKEN)); - CookieHandler.setDefault(null); // we don't need cookies anymore - } catch (JSONException e) { // - return false; - } - return true; - } - - private Bundle authFailedNotification(JSONObject result, String username) { - Bundle user_notification_bundle = new Bundle(); - try { - JSONObject error_message = result.getJSONObject(ERRORS); - String error_type = error_message.keys().next().toString(); - String message = error_message.get(error_type).toString(); - user_notification_bundle.putString(getResources().getString(R.string.user_message), message); - } catch (JSONException e) { - } - - if (!username.isEmpty()) - user_notification_bundle.putString(SessionDialog.USERNAME, username); - user_notification_bundle.putBoolean(RESULT_KEY, false); - - return user_notification_bundle; - } - - /** - * Sets up an intent with the progress value passed as a parameter - * and sends it as a broadcast. - * - * @param progress - */ - private void broadcastProgress(int progress) { - Intent intentUpdate = new Intent(); - intentUpdate.setAction(UPDATE_PROGRESSBAR); - intentUpdate.addCategory(Intent.CATEGORY_DEFAULT); - intentUpdate.putExtra(CURRENT_PROGRESS, progress); - sendBroadcast(intentUpdate); - } - - /** - * Validates parameters entered by the user to log in - * - * @param username - * @param password - * @return true if both parameters are present and the entered password length is greater or equal to eight (8). - */ - private boolean validUserLoginData(String username, String password) { - return validUsername(username) && wellFormedPassword(password); - } - - private boolean validUsername(String username) { - return username != null && !username.isEmpty(); - } - - /** - * Validates a password - * - * @param password - * @return true if the entered password length is greater or equal to eight (8). - */ - private boolean wellFormedPassword(String password) { - return password != null && password.length() >= 8; - } - - /** - * Sends an HTTP POST request to the authentication server with the SRP Parameter A. - * - * @param server_url - * @param username - * @param clientA First SRP parameter sent - * @return response from authentication server - */ - private JSONObject sendAToSRPServer(String server_url, String username, String clientA) { - Map<String, String> parameters = new HashMap<String, String>(); - parameters.put("login", username); - parameters.put("A", clientA); - return sendToServer(server_url + "/sessions.json", "POST", parameters); - } - - /** - * Sends an HTTP PUT request to the authentication server with the SRP Parameter M1 (or simply M). - * - * @param server_url - * @param username - * @param m1 Second SRP parameter sent - * @return response from authentication server - */ - private JSONObject sendM1ToSRPServer(String server_url, String username, byte[] m1) { - Map<String, String> parameters = new HashMap<String, String>(); - parameters.put("client_auth", new BigInteger(1, ConfigHelper.trim(m1)).toString(16)); - - return sendToServer(server_url + "/sessions/" + username + ".json", "PUT", parameters); - } - - /** - * Sends an HTTP POST request to the api server to register a new user. - * - * @param server_url - * @param username - * @param salt - * @param password_verifier - * @return response from authentication server - */ - private JSONObject sendNewUserDataToSRPServer(String server_url, String username, String salt, String password_verifier) { - Map<String, String> parameters = new HashMap<String, String>(); - parameters.put("user[login]", username); - parameters.put("user[password_salt]", salt); - parameters.put("user[password_verifier]", password_verifier); - return sendToServer(server_url + "/users.json", "POST", parameters); - } - - /** - * Executes an HTTP request expecting a JSON response. - * - * @param url - * @param request_method - * @param parameters - * @return response from authentication server - */ - private JSONObject sendToServer(String url, String request_method, Map<String, String> parameters) { - JSONObject json_response; - HttpsURLConnection urlConnection = null; - try { - InputStream is = null; - urlConnection = (HttpsURLConnection) new URL(url).openConnection(); - urlConnection.setRequestMethod(request_method); - String locale = Locale.getDefault().getLanguage() + Locale.getDefault().getCountry(); - urlConnection.setRequestProperty("Accept-Language", locale); - urlConnection.setChunkedStreamingMode(0); - urlConnection.setSSLSocketFactory(getProviderSSLSocketFactory()); - - DataOutputStream writer = new DataOutputStream(urlConnection.getOutputStream()); - writer.writeBytes(formatHttpParameters(parameters)); - writer.close(); - - is = urlConnection.getInputStream(); - String plain_response = new Scanner(is).useDelimiter("\\A").next(); - json_response = new JSONObject(plain_response); - } catch (ClientProtocolException e) { - json_response = getErrorMessage(urlConnection); - e.printStackTrace(); - } catch (IOException e) { - json_response = getErrorMessage(urlConnection); - e.printStackTrace(); - } catch (JSONException e) { - json_response = getErrorMessage(urlConnection); - e.printStackTrace(); - } catch (NoSuchAlgorithmException e) { - json_response = getErrorMessage(urlConnection); - e.printStackTrace(); - } catch (KeyManagementException e) { - json_response = getErrorMessage(urlConnection); - e.printStackTrace(); - } catch (KeyStoreException e) { - json_response = getErrorMessage(urlConnection); - e.printStackTrace(); - } catch (CertificateException e) { - json_response = getErrorMessage(urlConnection); - e.printStackTrace(); - } - - return json_response; - } - - private JSONObject getErrorMessage(HttpsURLConnection urlConnection) { - JSONObject error_message = new JSONObject(); - if (urlConnection != null) { - InputStream error_stream = urlConnection.getErrorStream(); - if (error_stream != null) { - String error_response = new Scanner(error_stream).useDelimiter("\\A").next(); - try { - error_message = new JSONObject(error_response); - } catch (JSONException e) { - e.printStackTrace(); - } - urlConnection.disconnect(); - } - } - return error_message; - } - - private String formatHttpParameters(Map<String, String> parameters) throws UnsupportedEncodingException { - StringBuilder result = new StringBuilder(); - boolean first = true; - - Iterator<String> parameter_iterator = parameters.keySet().iterator(); - while (parameter_iterator.hasNext()) { - if (first) - first = false; - else - result.append("&&"); - - String key = parameter_iterator.next(); - String value = parameters.get(key); - - result.append(URLEncoder.encode(key, "UTF-8")); - result.append("="); - result.append(URLEncoder.encode(value, "UTF-8")); - } - - return result.toString(); - } - - - /** - * Downloads a provider.json from a given URL, adding a new provider using the given name. - * - * @param task containing a boolean meaning if the provider is custom or not, another boolean meaning if the user completely trusts this provider, the provider name and its provider.json url. - * @return a bundle with a boolean value mapped to a key named RESULT_KEY, and which is true if the update was successful. - */ - private Bundle setUpProvider(Bundle task) { - int progress = 0; - Bundle current_download = new Bundle(); - - if (task != null) { - last_danger_on = task.containsKey(ProviderItem.DANGER_ON) && task.getBoolean(ProviderItem.DANGER_ON); - last_provider_main_url = task.containsKey(Provider.MAIN_URL) ? - task.getString(Provider.MAIN_URL) : - ""; - provider_ca_cert_fingerprint = task.containsKey(Provider.CA_CERT_FINGERPRINT) ? - task.getString(Provider.CA_CERT_FINGERPRINT) : - ""; - CA_CERT_DOWNLOADED = PROVIDER_JSON_DOWNLOADED = EIP_SERVICE_JSON_DOWNLOADED = false; - go_ahead = true; - } - - if (!PROVIDER_JSON_DOWNLOADED) - current_download = getAndSetProviderJson(last_provider_main_url, last_danger_on, provider_ca_cert_fingerprint); - if (PROVIDER_JSON_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) { - broadcastProgress(progress++); - PROVIDER_JSON_DOWNLOADED = true; - current_download = downloadCACert(last_danger_on); - - if (CA_CERT_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) { - broadcastProgress(progress++); - CA_CERT_DOWNLOADED = true; - current_download = getAndSetEipServiceJson(); - if (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY)) { - broadcastProgress(progress++); - EIP_SERVICE_JSON_DOWNLOADED = true; - } - } - } - - return current_download; - } - - private Bundle downloadCACert(boolean danger_on) { - Bundle result = new Bundle(); - try { - JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); - String ca_cert_url = provider_json.getString(Provider.CA_CERT_URI); - String cert_string = downloadWithCommercialCA(ca_cert_url, danger_on); - - if (validCertificate(cert_string) && go_ahead) { - preferences.edit().putString(Provider.CA_CERT, cert_string).commit(); - result.putBoolean(RESULT_KEY, true); - } else { - String reason_to_fail = pickErrorMessage(cert_string); - result.putString(ERRORS, reason_to_fail); - result.putBoolean(RESULT_KEY, false); - } - } catch (JSONException e) { - String reason_to_fail = formatErrorMessage(R.string.malformed_url); - result.putString(ERRORS, reason_to_fail); - result.putBoolean(RESULT_KEY, false); - } - - return result; - } - - public static boolean caCertDownloaded() { - return CA_CERT_DOWNLOADED; - } - - private boolean validCertificate(String cert_string) { - boolean result = false; - if (!ConfigHelper.checkErroneousDownload(cert_string)) { - X509Certificate certificate = ConfigHelper.parseX509CertificateFromString(cert_string); - try { - if (certificate != null) { - JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); - String fingerprint = provider_json.getString(Provider.CA_CERT_FINGERPRINT); - String encoding = fingerprint.split(":")[0]; - String expected_fingerprint = fingerprint.split(":")[1]; - String real_fingerprint = base64toHex(Base64.encodeToString( - MessageDigest.getInstance(encoding).digest(certificate.getEncoded()), - Base64.DEFAULT)); - - result = real_fingerprint.trim().equalsIgnoreCase(expected_fingerprint.trim()); - } else - result = false; - } catch (JSONException e) { - result = false; - } catch (NoSuchAlgorithmException e) { - result = false; - } catch (CertificateEncodingException e) { - result = false; - } - } - - return result; - } - - private String base64toHex(String base64_input) { - byte[] byteArray = Base64.decode(base64_input, Base64.DEFAULT); - int readBytes = byteArray.length; - StringBuffer hexData = new StringBuffer(); - int onebyte; - for (int i = 0; i < readBytes; i++) { - onebyte = ((0x000000ff & byteArray[i]) | 0xffffff00); - hexData.append(Integer.toHexString(onebyte).substring(6)); - } - return hexData.toString(); - } - - private Bundle getAndSetProviderJson(String provider_main_url, boolean danger_on, String provider_ca_cert_fingerprint) { - Bundle result = new Bundle(); - - if (go_ahead) { - String provider_dot_json_string; - if(provider_ca_cert_fingerprint.isEmpty()) - provider_dot_json_string = downloadWithCommercialCA(provider_main_url + "/provider.json", danger_on); - else - provider_dot_json_string = downloadWithCommercialCA(provider_main_url + "/provider.json", danger_on, provider_ca_cert_fingerprint); - - try { - JSONObject provider_json = new JSONObject(provider_dot_json_string); - provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION); - String name = provider_json.getString(Provider.NAME); - //TODO setProviderName(name); - - preferences.edit().putString(Provider.KEY, provider_json.toString()).commit(); - preferences.edit().putBoolean(Constants.ALLOWED_ANON, provider_json.getJSONObject(Provider.SERVICE).getBoolean(Constants.ALLOWED_ANON)).commit(); - preferences.edit().putBoolean(Constants.ALLOWED_REGISTERED, provider_json.getJSONObject(Provider.SERVICE).getBoolean(Constants.ALLOWED_REGISTERED)).commit(); - - result.putBoolean(RESULT_KEY, true); - } catch (JSONException e) { - //TODO Error message should be contained in that provider_dot_json_string - String reason_to_fail = pickErrorMessage(provider_dot_json_string); - result.putString(ERRORS, reason_to_fail); - result.putBoolean(RESULT_KEY, false); - } - } - return result; - } - - private Bundle getAndSetEipServiceJson() { - Bundle result = new Bundle(); - String eip_service_json_string = ""; - if (go_ahead) { - try { - JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); - String eip_service_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.SERVICE_API_PATH; - eip_service_json_string = downloadWithProviderCA(eip_service_url, true); - JSONObject eip_service_json = new JSONObject(eip_service_json_string); - eip_service_json.getInt(Provider.API_RETURN_SERIAL); - - preferences.edit().putString(Constants.KEY, eip_service_json.toString()).commit(); - - result.putBoolean(RESULT_KEY, true); - } catch (JSONException e) { - String reason_to_fail = pickErrorMessage(eip_service_json_string); - result.putString(ERRORS, reason_to_fail); - result.putBoolean(RESULT_KEY, false); - } - } - return result; - } - - /** - * Interprets the error message as a JSON object and extract the "errors" keyword pair. - * If the error message is not a JSON object, then it is returned untouched. - * - * @param string_json_error_message - * @return final error message - */ - private String pickErrorMessage(String string_json_error_message) { - String error_message = ""; - try { - JSONObject json_error_message = new JSONObject(string_json_error_message); - error_message = json_error_message.getString(ERRORS); - } catch (JSONException e) { - // TODO Auto-generated catch block - error_message = string_json_error_message; - } - - return error_message; - } - - private String downloadWithCommercialCA(String url_string, boolean danger_on, String ca_cert_fingerprint) { - String result = ""; - - int seconds_of_timeout = 2; - String[] pins = new String[] {ca_cert_fingerprint}; - try { - URL url = new URL(url_string); - HttpsURLConnection connection = PinningHelper.getPinnedHttpsURLConnection(getApplicationContext(), pins, url); - connection.setConnectTimeout(seconds_of_timeout * 1000); - if (!LeapSRPSession.getToken().isEmpty()) - connection.addRequestProperty(LeapSRPSession.AUTHORIZATION_HEADER, "Token token = " + LeapSRPSession.getToken()); - result = new Scanner(connection.getInputStream()).useDelimiter("\\A").next(); - } catch (IOException e) { - if(e instanceof SSLHandshakeException) { - result = danger_on ? downloadWithoutCA(url_string) : - formatErrorMessage(R.string.error_security_pinnedcertificate); - } else - result = formatErrorMessage(R.string.error_io_exception_user_message); - } - - return result; - } - - /** - * Tries to download the contents of the provided url using commercially validated CA certificate from chosen provider. - * <p/> - * If danger_on flag is true, SSL exceptions will be managed by futher methods that will try to use some bypass methods. - * - * @param string_url - * @param danger_on if the user completely trusts this provider - * @return - */ - private String downloadWithCommercialCA(String string_url, boolean danger_on) { - - String json_file_content = ""; - - URL provider_url = null; - int seconds_of_timeout = 2; - try { - provider_url = new URL(string_url); - URLConnection url_connection = provider_url.openConnection(); - - url_connection.setConnectTimeout(seconds_of_timeout * 1000); - if (!LeapSRPSession.getToken().isEmpty()) - url_connection.addRequestProperty(LeapSRPSession.AUTHORIZATION_HEADER, "Token token = " + LeapSRPSession.getToken()); - json_file_content = new Scanner(url_connection.getInputStream()).useDelimiter("\\A").next(); - } catch (MalformedURLException e) { - json_file_content = formatErrorMessage(R.string.malformed_url); - } catch (SocketTimeoutException e) { - json_file_content = formatErrorMessage(R.string.server_unreachable_message); - } catch (SSLHandshakeException e) { - if (provider_url != null) { - json_file_content = downloadWithProviderCA(string_url, danger_on); - } else { - json_file_content = formatErrorMessage(R.string.certificate_error); - } - } catch (ConnectException e) { - json_file_content = formatErrorMessage(R.string.service_is_down_error); - } catch (FileNotFoundException e) { - json_file_content = formatErrorMessage(R.string.malformed_url); - } catch (Exception e) { - if (provider_url != null && danger_on) { - json_file_content = downloadWithProviderCA(string_url, danger_on); - } - } - - return json_file_content; - } - - /** - * Tries to download the contents of the provided url using not commercially validated CA certificate from chosen provider. - * - * @param url_string as a string - * @param danger_on true to download CA certificate in case it has not been downloaded. - * @return an empty string if it fails, the url content if not. - */ - private String downloadWithProviderCA(String url_string, boolean danger_on) { - String json_file_content = ""; - - try { - URL url = new URL(url_string); - // Tell the URLConnection to use a SocketFactory from our SSLContext - HttpsURLConnection urlConnection = - (HttpsURLConnection) url.openConnection(); - urlConnection.setSSLSocketFactory(getProviderSSLSocketFactory()); - if (!LeapSRPSession.getToken().isEmpty()) - urlConnection.addRequestProperty(LeapSRPSession.AUTHORIZATION_HEADER, "Token token=" + LeapSRPSession.getToken()); - json_file_content = new Scanner(urlConnection.getInputStream()).useDelimiter("\\A").next(); - } catch (CertificateException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (UnknownHostException e) { - e.printStackTrace(); - json_file_content = formatErrorMessage(R.string.server_unreachable_message); - } catch (IOException e) { - // The downloaded certificate doesn't validate our https connection. - if (danger_on) { - json_file_content = downloadWithoutCA(url_string); - } else { - json_file_content = formatErrorMessage(R.string.certificate_error); - } - } catch (KeyStoreException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (NoSuchAlgorithmException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (KeyManagementException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (NoSuchElementException e) { - e.printStackTrace(); - json_file_content = formatErrorMessage(R.string.server_unreachable_message); - } - return json_file_content; - } - - private javax.net.ssl.SSLSocketFactory getProviderSSLSocketFactory() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, KeyManagementException { - String provider_cert_string = preferences.getString(Provider.CA_CERT, ""); - - java.security.cert.Certificate provider_certificate = ConfigHelper.parseX509CertificateFromString(provider_cert_string); - - // Create a KeyStore containing our trusted CAs - String keyStoreType = KeyStore.getDefaultType(); - KeyStore keyStore = KeyStore.getInstance(keyStoreType); - keyStore.load(null, null); - keyStore.setCertificateEntry("provider_ca_certificate", provider_certificate); - - // Create a TrustManager that trusts the CAs in our KeyStore - String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm(); - TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm); - tmf.init(keyStore); - - // Create an SSLContext that uses our TrustManager - SSLContext context = SSLContext.getInstance("TLS"); - context.init(null, tmf.getTrustManagers(), null); - - return context.getSocketFactory(); - } - - /** - * Downloads the string that's in the url with any certificate. - */ - private String downloadWithoutCA(String url_string) { - String string = ""; - try { - - HostnameVerifier hostnameVerifier = new HostnameVerifier() { - @Override - public boolean verify(String hostname, SSLSession session) { - return true; - } - }; - - class DefaultTrustManager implements X509TrustManager { - - @Override - public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { - } - - @Override - public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { - } - - @Override - public X509Certificate[] getAcceptedIssuers() { - return null; - } - } - - SSLContext context = SSLContext.getInstance("TLS"); - context.init(new KeyManager[0], new TrustManager[]{new DefaultTrustManager()}, new SecureRandom()); - - URL url = new URL(url_string); - HttpsURLConnection urlConnection = (HttpsURLConnection) url.openConnection(); - urlConnection.setSSLSocketFactory(context.getSocketFactory()); - urlConnection.setHostnameVerifier(hostnameVerifier); - string = new Scanner(urlConnection.getInputStream()).useDelimiter("\\A").next(); - System.out.println("String ignoring certificate = " + string); - } catch (FileNotFoundException e) { - e.printStackTrace(); - string = formatErrorMessage(R.string.malformed_url); - } catch (IOException e) { - // The downloaded certificate doesn't validate our https connection. - e.printStackTrace(); - string = formatErrorMessage(R.string.certificate_error); - } catch (NoSuchAlgorithmException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (KeyManagementException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - return string; - } - - /** - * Logs out from the api url retrieved from the task. - * - * @return true if there were no exceptions - */ - private boolean logOut() { - String delete_url = provider_api_url + "/logout"; - - HttpsURLConnection urlConnection = null; - int responseCode = 0; - int progress = 0; - try { - - urlConnection = (HttpsURLConnection) new URL(delete_url).openConnection(); - urlConnection.setRequestMethod("DELETE"); - urlConnection.setSSLSocketFactory(getProviderSSLSocketFactory()); - - responseCode = urlConnection.getResponseCode(); - broadcastProgress(progress++); - LeapSRPSession.setToken(""); - } catch (ClientProtocolException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return false; - } catch (IndexOutOfBoundsException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return false; - } catch (IOException e) { - // TODO Auto-generated catch block - try { - if (urlConnection != null) { - responseCode = urlConnection.getResponseCode(); - if (responseCode == 401) { - broadcastProgress(progress++); - LeapSRPSession.setToken(""); - return true; - } - } - } catch (IOException e1) { - e1.printStackTrace(); - } - - e.printStackTrace(); - return false; - } catch (KeyManagementException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (KeyStoreException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (NoSuchAlgorithmException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } catch (CertificateException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - } - return true; - } - - /** - * Downloads a new OpenVPN certificate, attaching authenticated cookie for authenticated certificate. - * - * @return true if certificate was downloaded correctly, false if provider.json or danger_on flag are not present in SharedPreferences, or if the certificate url could not be parsed as a URI, or if there was an SSL error. - */ - private boolean updateVpnCertificate() { - try { - JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, "")); - - String provider_main_url = provider_json.getString(Provider.API_URL); - URL new_cert_string_url = new URL(provider_main_url + "/" + provider_json.getString(Provider.API_VERSION) + "/" + Constants.CERTIFICATE); - - boolean danger_on = preferences.getBoolean(ProviderItem.DANGER_ON, false); - - - String cert_string = downloadWithProviderCA(new_cert_string_url.toString(), danger_on); - - if (cert_string.isEmpty() || ConfigHelper.checkErroneousDownload(cert_string)) - return false; - else - return loadCertificate(cert_string); - } catch (JSONException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return false; - } catch (MalformedURLException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return false; - } - } - - private boolean loadCertificate(String cert_string) { - try { - // API returns concatenated cert & key. Split them for OpenVPN options - String certificateString = null, keyString = null; - String[] certAndKey = cert_string.split("(?<=-\n)"); - for (int i = 0; i < certAndKey.length - 1; i++) { - if (certAndKey[i].contains("KEY")) { - keyString = certAndKey[i++] + certAndKey[i]; - } else if (certAndKey[i].contains("CERTIFICATE")) { - certificateString = certAndKey[i++] + certAndKey[i]; - } - } - RSAPrivateKey keyCert = ConfigHelper.parseRsaKeyFromString(keyString); - keyString = Base64.encodeToString(keyCert.getEncoded(), Base64.DEFAULT); - preferences.edit().putString(Constants.PRIVATE_KEY, "-----BEGIN RSA PRIVATE KEY-----\n" + keyString + "-----END RSA PRIVATE KEY-----").commit(); - - X509Certificate certCert = ConfigHelper.parseX509CertificateFromString(certificateString); - certificateString = Base64.encodeToString(certCert.getEncoded(), Base64.DEFAULT); - - preferences.edit().putString(Constants.CERTIFICATE, "-----BEGIN CERTIFICATE-----\n" + certificateString + "-----END CERTIFICATE-----").commit(); - - return true; - } catch (CertificateException e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return false; - } - } -} diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderDetailFragment.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderDetailFragment.java deleted file mode 100644 index bd21f91e..00000000 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderDetailFragment.java +++ /dev/null @@ -1,111 +0,0 @@ -package se.leap.bitmaskclient;
-
-import org.json.*;
-
-import se.leap.bitmaskclient.eip.*;
-import se.leap.bitmaskclient.ProviderListContent.ProviderItem;
-
-import android.app.*;
-import android.content.*;
-import android.os.*;
-import android.view.*;
-import android.widget.*;
-
-public class ProviderDetailFragment extends DialogFragment {
-
- final public static String TAG = "providerDetailFragment";
-
- @Override
- public Dialog onCreateDialog(Bundle savedInstanceState) {
- AlertDialog.Builder builder = new AlertDialog.Builder(getActivity());
- try {
-
- LayoutInflater inflater = getActivity().getLayoutInflater();
- View provider_detail_view = inflater.inflate(R.layout.provider_detail_fragment, null);
-
- JSONObject provider_json = new JSONObject(getActivity().getSharedPreferences(Dashboard.SHARED_PREFERENCES, getActivity().MODE_PRIVATE).getString(Provider.KEY, ""));
-
- final TextView domain = (TextView) provider_detail_view.findViewById(R.id.provider_detail_domain);
- domain.setText(provider_json.getString(Provider.DOMAIN));
- final TextView name = (TextView) provider_detail_view.findViewById(R.id.provider_detail_name);
- name.setText(provider_json.getJSONObject(Provider.NAME).getString("en"));
- final TextView description = (TextView) provider_detail_view.findViewById(R.id.provider_detail_description);
- description.setText(provider_json.getJSONObject(Provider.DESCRIPTION).getString("en"));
-
- builder.setView(provider_detail_view);
- builder.setTitle(R.string.provider_details_fragment_title);
-
- if (anon_allowed(provider_json)) {
- builder.setPositiveButton(R.string.use_anonymously_button, new DialogInterface.OnClickListener() {
- public void onClick(DialogInterface dialog, int id) {
- interface_with_configuration_wizard.use_anonymously();
- }
- });
- }
-
- if (registration_allowed(provider_json)) {
- builder.setNegativeButton(R.string.signup_or_login_button, new DialogInterface.OnClickListener() {
- public void onClick(DialogInterface dialog, int id) {
- interface_with_configuration_wizard.login();
- }
- });
- }
-
- return builder.create();
- } catch (JSONException e) {
- return null;
- }
- }
-
- private boolean anon_allowed(JSONObject provider_json) {
- try {
- JSONObject service_description = provider_json.getJSONObject(Provider.SERVICE);
- return service_description.has(Constants.ALLOWED_ANON) && service_description.getBoolean(Constants.ALLOWED_ANON);
- } catch (JSONException e) {
- return false;
- }
- }
-
- private boolean registration_allowed(JSONObject provider_json) {
- try {
- JSONObject service_description = provider_json.getJSONObject(Provider.SERVICE);
- return service_description.has(Provider.ALLOW_REGISTRATION) && service_description.getBoolean(Provider.ALLOW_REGISTRATION);
- } catch (JSONException e) {
- return false;
- }
- }
-
- @Override
- public void onCancel(DialogInterface dialog) {
- super.onCancel(dialog);
- SharedPreferences.Editor editor = getActivity().getSharedPreferences(Dashboard.SHARED_PREFERENCES, Activity.MODE_PRIVATE).edit();
- editor.remove(Provider.KEY).remove(ProviderItem.DANGER_ON).remove(Constants.ALLOWED_ANON).remove(Constants.KEY).commit();
- interface_with_configuration_wizard.showAllProviders();
- }
-
- public static DialogFragment newInstance() {
- ProviderDetailFragment provider_detail_fragment = new ProviderDetailFragment();
- return provider_detail_fragment;
- }
-
- @Override
- public void onAttach(Activity activity) {
- super.onAttach(activity);
- try {
- interface_with_configuration_wizard = (ProviderDetailFragmentInterface) activity;
- } catch (ClassCastException e) {
- throw new ClassCastException(activity.toString()
- + " must implement LogInDialogListener");
- }
- }
-
- public interface ProviderDetailFragmentInterface {
- public void login();
-
- public void use_anonymously();
-
- public void showAllProviders();
- }
-
- ProviderDetailFragmentInterface interface_with_configuration_wizard;
-}
diff --git a/app/src/debug/java/se/leap/bitmaskclient/ProviderListContent.java b/app/src/debug/java/se/leap/bitmaskclient/ProviderListContent.java deleted file mode 100644 index 0a05e839..00000000 --- a/app/src/debug/java/se/leap/bitmaskclient/ProviderListContent.java +++ /dev/null @@ -1,82 +0,0 @@ -/**
- * Copyright (c) 2013 LEAP Encryption Access Project and contributers
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-package se.leap.bitmaskclient;
-
-import java.util.*;
-import java.net.*;
-
-/**
- * Models the provider list shown in the ConfigurationWizard.
- *
- * @author parmegv
- */
-public class ProviderListContent {
-
- public static List<ProviderItem> ITEMS = new ArrayList<ProviderItem>();
-
- public static Map<String, ProviderItem> ITEM_MAP = new HashMap<String, ProviderItem>();
-
- /**
- * Adds a new provider item to the end of the items map, and to the items list.
- *
- * @param item
- */
- public static void addItem(ProviderItem item) {
- ITEMS.add(item);
- ITEM_MAP.put(String.valueOf(ITEMS.size()), item);
- }
-
- public static void removeItem(ProviderItem item) {
- ITEMS.remove(item);
- ITEM_MAP.remove(item);
- }
-
- /**
- * A provider item.
- */
- public static class ProviderItem {
- final public static String CUSTOM = "custom";
- final public static String DANGER_ON = "danger_on";
- private String provider_main_url;
- private String name;
-
- /**
- * @param name of the provider
- * @param provider_main_url used to download provider.json file of the provider
- */
- public ProviderItem(String name, String provider_main_url) {
- this.name = name;
- this.provider_main_url = provider_main_url;
- }
-
- public String name() {
- return name;
- }
-
- public String providerMainUrl() {
- return provider_main_url;
- }
-
- public String domain() {
- try {
- return new URL(provider_main_url).getHost();
- } catch (MalformedURLException e) {
- return provider_main_url.replaceFirst("http[s]?://", "").replaceFirst("/.*", "");
- }
- }
- }
-}
diff --git a/app/src/debug/res/layout-xlarge/new_provider_dialog.xml b/app/src/debug/res/layout-xlarge/new_provider_dialog.xml deleted file mode 100644 index fc7d84ab..00000000 --- a/app/src/debug/res/layout-xlarge/new_provider_dialog.xml +++ /dev/null @@ -1,26 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:orientation="vertical" - android:textSize="24sp" > - - <EditText - android:id="@+id/new_provider_url" - android:inputType="textUri" - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:layout_marginTop="16dp" - android:layout_marginLeft="4dp" - android:layout_marginRight="4dp" - android:textSize="24sp" - android:hint="@string/new_provider_uri" /> - - <CheckBox - android:id="@+id/danger_checkbox" - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:textSize="24sp" - android:text="@string/danger_checkbox" /> - -</LinearLayout>
\ No newline at end of file diff --git a/app/src/debug/res/layout/new_provider_dialog.xml b/app/src/debug/res/layout/new_provider_dialog.xml deleted file mode 100644 index 19b8f442..00000000 --- a/app/src/debug/res/layout/new_provider_dialog.xml +++ /dev/null @@ -1,24 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:orientation="vertical" > - - <EditText - android:id="@+id/new_provider_url" - android:inputType="textUri" - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:layout_marginTop="16dp" - android:layout_marginLeft="4dp" - android:layout_marginRight="4dp" - android:layout_marginBottom="4dp" - android:hint="@string/new_provider_uri" /> - - <CheckBox - android:id="@+id/danger_checkbox" - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:text="@string/danger_checkbox" /> - -</LinearLayout>
\ No newline at end of file diff --git a/app/src/debug/res/values/strings.xml b/app/src/debug/res/values/strings.xml deleted file mode 100644 index 3e568115..00000000 --- a/app/src/debug/res/values/strings.xml +++ /dev/null @@ -1,4 +0,0 @@ -<?xml version="1.0" encoding="utf-8"?> -<resources> - <string name="danger_checkbox">Skip security check</string> -</resources> |