summaryrefslogtreecommitdiff
path: root/app/src/production/java
diff options
context:
space:
mode:
Diffstat (limited to 'app/src/production/java')
-rw-r--r--app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java162
-rw-r--r--app/src/production/java/se/leap/bitmaskclient/ProviderListActivity.java36
2 files changed, 68 insertions, 130 deletions
diff --git a/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java b/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java
index a30c9615..ac58d005 100644
--- a/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java
+++ b/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java
@@ -33,13 +33,10 @@ import okhttp3.OkHttpClient;
import se.leap.bitmaskclient.eip.EIP;
import static android.text.TextUtils.isEmpty;
-import static se.leap.bitmaskclient.Constants.PROVIDER_ALLOWED_REGISTERED;
-import static se.leap.bitmaskclient.Constants.PROVIDER_ALLOW_ANONYMOUS;
-import static se.leap.bitmaskclient.Constants.PROVIDER_KEY;
+import static se.leap.bitmaskclient.Constants.BROADCAST_RESULT_KEY;
import static se.leap.bitmaskclient.Constants.PROVIDER_VPN_CERTIFICATE;
import static se.leap.bitmaskclient.DownloadFailedDialog.DOWNLOAD_ERRORS.ERROR_CERTIFICATE_PINNING;
import static se.leap.bitmaskclient.ProviderAPI.ERRORS;
-import static se.leap.bitmaskclient.ProviderAPI.RESULT_KEY;
import static se.leap.bitmaskclient.R.string.malformed_url;
import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_cert;
@@ -66,45 +63,23 @@ public class ProviderApiManager extends ProviderApiManagerBase {
* Downloads a provider.json from a given URL, adding a new provider using the given name.
*
* @param task containing a boolean meaning if the provider is custom or not, another boolean meaning if the user completely trusts this provider, the provider name and its provider.json url.
- * @return a bundle with a boolean value mapped to a key named RESULT_KEY, and which is true if the update was successful.
+ * @return a bundle with a boolean value mapped to a key named BROADCAST_RESULT_KEY, and which is true if the update was successful.
*/
@Override
- protected Bundle setUpProvider(Bundle task) {
+ protected Bundle setUpProvider(Provider provider, Bundle task) {
int progress = 0;
Bundle currentDownload = new Bundle();
if (task != null) {
- //FIXME: this should be refactored in order to avoid static variables all over here
- lastProviderMainUrl = task.containsKey(Provider.MAIN_URL) ?
- task.getString(Provider.MAIN_URL) :
- "";
-
- if (isEmpty(lastProviderMainUrl)) {
- currentDownload.putBoolean(RESULT_KEY, false);
+ String mainUrlString = provider.getMainUrlString();
+ if (isEmpty(mainUrlString)) {
+ currentDownload.putBoolean(BROADCAST_RESULT_KEY, false);
setErrorResult(currentDownload, malformed_url, null);
return currentDownload;
}
- //TODO: remove that
- providerCaCertFingerprint = task.containsKey(Provider.CA_CERT_FINGERPRINT) ?
- task.getString(Provider.CA_CERT_FINGERPRINT) :
- "";
- providerCaCert = task.containsKey(Provider.CA_CERT) ?
- task.getString(Provider.CA_CERT) :
- "";
-
- try {
- providerDefinition = task.containsKey(Provider.KEY) ?
- new JSONObject(task.getString(Provider.KEY)) :
- new JSONObject();
- } catch (JSONException e) {
- e.printStackTrace();
- providerDefinition = new JSONObject();
- }
- providerApiUrl = getApiUrlWithVersion(providerDefinition);
-
- checkPersistedProviderUpdates();
- currentDownload = validateProviderDetails();
+ getPersistedProviderUpdates(provider);
+ currentDownload = validateProviderDetails(provider);
//provider details invalid
if (currentDownload.containsKey(ERRORS)) {
@@ -112,29 +87,26 @@ public class ProviderApiManager extends ProviderApiManagerBase {
}
//no provider certificate available
- if (currentDownload.containsKey(RESULT_KEY) && !currentDownload.getBoolean(RESULT_KEY)) {
- resetProviderDetails();
+ if (currentDownload.containsKey(BROADCAST_RESULT_KEY) && !currentDownload.getBoolean(BROADCAST_RESULT_KEY)) {
+ resetProviderDetails(provider);
}
- EIP_SERVICE_JSON_DOWNLOADED = false;
go_ahead = true;
}
- if (!PROVIDER_JSON_DOWNLOADED)
- currentDownload = getAndSetProviderJson(lastProviderMainUrl, providerCaCert, providerDefinition);
- if (PROVIDER_JSON_DOWNLOADED || (currentDownload.containsKey(RESULT_KEY) && currentDownload.getBoolean(RESULT_KEY))) {
+ if (!provider.hasDefinition()) {
+ currentDownload = getAndSetProviderJson(provider);
+ }
+ if (provider.hasDefinition() || (currentDownload.containsKey(BROADCAST_RESULT_KEY) && currentDownload.getBoolean(BROADCAST_RESULT_KEY))) {
broadcastProgress(++progress);
- PROVIDER_JSON_DOWNLOADED = true;
- if (!CA_CERT_DOWNLOADED)
- currentDownload = downloadCACert();
- if (CA_CERT_DOWNLOADED || (currentDownload.containsKey(RESULT_KEY) && currentDownload.getBoolean(RESULT_KEY))) {
+ if (!provider.hasCaCert())
+ currentDownload = downloadCACert(provider);
+ if (provider.hasCaCert() || (currentDownload.containsKey(BROADCAST_RESULT_KEY) && currentDownload.getBoolean(BROADCAST_RESULT_KEY))) {
broadcastProgress(++progress);
- CA_CERT_DOWNLOADED = true;
- currentDownload = getAndSetEipServiceJson();
- if (currentDownload.containsKey(RESULT_KEY) && currentDownload.getBoolean(RESULT_KEY)) {
+ currentDownload = getAndSetEipServiceJson(provider);
+ if (currentDownload.containsKey(BROADCAST_RESULT_KEY) && currentDownload.getBoolean(BROADCAST_RESULT_KEY)) {
broadcastProgress(++progress);
- EIP_SERVICE_JSON_DOWNLOADED = true;
}
}
}
@@ -143,13 +115,16 @@ public class ProviderApiManager extends ProviderApiManagerBase {
}
- private Bundle getAndSetProviderJson(String providerMainUrl, String caCert, JSONObject providerDefinition) {
+ private Bundle getAndSetProviderJson(Provider provider) {
Bundle result = new Bundle();
+ String caCert = provider.getCaCert();
+ JSONObject providerDefinition = provider.getDefinition();
+
if (go_ahead) {
String providerDotJsonString;
if(providerDefinition.length() == 0 || caCert.isEmpty())
- providerDotJsonString = downloadWithCommercialCA(providerMainUrl + "/provider.json");
+ providerDotJsonString = downloadWithCommercialCA(provider);
else {
providerDotJsonString = downloadFromApiUrlWithProviderCA("/provider.json", caCert, providerDefinition);
}
@@ -161,20 +136,13 @@ public class ProviderApiManager extends ProviderApiManagerBase {
try {
JSONObject providerJson = new JSONObject(providerDotJsonString);
- String providerDomain = getDomainFromMainURL(lastProviderMainUrl);
- providerApiUrl = getApiUrlWithVersion(providerJson);
- //String name = providerJson.getString(Provider.NAME);
- //TODO setProviderName(name);
-
- preferences.edit().putString(Provider.KEY, providerJson.toString()).
- putBoolean(PROVIDER_ALLOW_ANONYMOUS, providerJson.getJSONObject(Provider.SERVICE).getBoolean(PROVIDER_ALLOW_ANONYMOUS)).
- putBoolean(PROVIDER_ALLOWED_REGISTERED, providerJson.getJSONObject(Provider.SERVICE).getBoolean(PROVIDER_ALLOWED_REGISTERED)).
- putString(Provider.KEY + "." + providerDomain, providerJson.toString()).commit();
- result.putBoolean(RESULT_KEY, true);
+ provider.define(providerJson);
+
+ result.putBoolean(BROADCAST_RESULT_KEY, true);
} catch (JSONException e) {
String reason_to_fail = pickErrorMessage(providerDotJsonString);
result.putString(ERRORS, reason_to_fail);
- result.putBoolean(RESULT_KEY, false);
+ result.putBoolean(BROADCAST_RESULT_KEY, false);
}
}
return result;
@@ -182,27 +150,27 @@ public class ProviderApiManager extends ProviderApiManagerBase {
/**
* Downloads the eip-service.json from a given URL, and saves eip service capabilities including the offered gateways
- * @return a bundle with a boolean value mapped to a key named RESULT_KEY, and which is true if the download was successful.
+ * @return a bundle with a boolean value mapped to a key named BROADCAST_RESULT_KEY, and which is true if the download was successful.
*/
@Override
- protected Bundle getAndSetEipServiceJson() {
+ protected Bundle getAndSetEipServiceJson(Provider provider) {
Bundle result = new Bundle();
- String eip_service_json_string = "";
+ String eipServiceJsonString = "";
if (go_ahead) {
try {
- JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, ""));
- String eip_service_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.SERVICE_API_PATH;
- eip_service_json_string = downloadWithProviderCA(eip_service_url);
- JSONObject eip_service_json = new JSONObject(eip_service_json_string);
- eip_service_json.getInt(Provider.API_RETURN_SERIAL);
+ JSONObject provider_json = provider.getDefinition();
+ String eipServiceUrl = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.SERVICE_API_PATH;
+ eipServiceJsonString = downloadWithProviderCA(provider.getCaCert(), eipServiceUrl);
+ JSONObject eipServiceJson = new JSONObject(eipServiceJsonString);
+ eipServiceJson.getInt(Provider.API_RETURN_SERIAL);
- preferences.edit().putString(PROVIDER_KEY, eip_service_json.toString()).commit();
+ provider.setEipServiceJson(eipServiceJson);
- result.putBoolean(RESULT_KEY, true);
+ result.putBoolean(BROADCAST_RESULT_KEY, true);
} catch (NullPointerException | JSONException e) {
- String reason_to_fail = pickErrorMessage(eip_service_json_string);
+ String reason_to_fail = pickErrorMessage(eipServiceJsonString);
result.putString(ERRORS, reason_to_fail);
- result.putBoolean(RESULT_KEY, false);
+ result.putBoolean(BROADCAST_RESULT_KEY, false);
}
}
return result;
@@ -214,14 +182,13 @@ public class ProviderApiManager extends ProviderApiManagerBase {
* @return true if certificate was downloaded correctly, false if provider.json is not present in SharedPreferences, or if the certificate url could not be parsed as a URI, or if there was an SSL error.
*/
@Override
- protected boolean updateVpnCertificate() {
+ protected boolean updateVpnCertificate(Provider provider) {
try {
- JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, ""));
-
- String provider_main_url = provider_json.getString(Provider.API_URL);
- URL new_cert_string_url = new URL(provider_main_url + "/" + provider_json.getString(Provider.API_VERSION) + "/" + PROVIDER_VPN_CERTIFICATE);
+ JSONObject providerJson = provider.getDefinition();
+ String provider_main_url = providerJson.getString(Provider.API_URL);
+ URL newCertStringUrl = new URL(provider_main_url + "/" + providerJson.getString(Provider.API_VERSION) + "/" + PROVIDER_VPN_CERTIFICATE);
- String cert_string = downloadWithProviderCA(new_cert_string_url.toString());
+ String cert_string = downloadWithProviderCA(provider.getCaCert(), newCertStringUrl.toString());
if (ConfigHelper.checkErroneousDownload(cert_string))
return false;
@@ -238,23 +205,17 @@ public class ProviderApiManager extends ProviderApiManagerBase {
}
}
- private Bundle downloadCACert() {
+ private Bundle downloadCACert(Provider provider) {
Bundle result = new Bundle();
- try {
- JSONObject providerJson = new JSONObject(preferences.getString(Provider.KEY, ""));
- String caCertUrl = providerJson.getString(Provider.CA_CERT_URI);
- String providerDomain = getDomainFromMainURL(lastProviderMainUrl);
- String cert_string = downloadWithCommercialCA(caCertUrl);
-
- if (validCertificate(cert_string) && go_ahead) {
- preferences.edit().putString(Provider.CA_CERT, cert_string).commit();
- preferences.edit().putString(Provider.CA_CERT + "." + providerDomain, cert_string).commit();
- result.putBoolean(RESULT_KEY, true);
- } else {
- setErrorResult(result, warning_corrupted_provider_cert, ERROR_CERTIFICATE_PINNING.toString());
- }
- } catch (JSONException e) {
- setErrorResult(result, malformed_url, null);
+ String providerDomain = getDomainFromMainURL(provider.getMainUrlString());
+ String certString = downloadWithCommercialCA(provider);
+
+ if (validCertificate(provider, certString) && go_ahead) {
+ provider.setCaCert(certString);
+ preferences.edit().putString(Provider.CA_CERT + "." + providerDomain, certString).apply();
+ result.putBoolean(BROADCAST_RESULT_KEY, true);
+ } else {
+ setErrorResult(result, warning_corrupted_provider_cert, ERROR_CERTIFICATE_PINNING.toString());
}
return result;
@@ -263,10 +224,9 @@ public class ProviderApiManager extends ProviderApiManagerBase {
/**
* Tries to download the contents of the provided url using commercially validated CA certificate from chosen provider.
*
- * @param string_url
- * @return
*/
- private String downloadWithCommercialCA(String string_url) {
+ private String downloadWithCommercialCA(Provider provider) {
+ String stringUrl = provider.getMainUrlString() + "/provider.json";
String responseString;
JSONObject errorJson = new JSONObject();
@@ -277,14 +237,14 @@ public class ProviderApiManager extends ProviderApiManagerBase {
List<Pair<String, String>> headerArgs = getAuthorizationHeader();
- responseString = sendGetStringToServer(string_url, headerArgs, okHttpClient);
+ responseString = sendGetStringToServer(stringUrl, headerArgs, okHttpClient);
if (responseString != null && responseString.contains(ERRORS)) {
try {
// try to download with provider CA on certificate error
JSONObject responseErrorJson = new JSONObject(responseString);
if (responseErrorJson.getString(ERRORS).equals(resources.getString(R.string.certificate_error))) {
- responseString = downloadWithProviderCA(string_url);
+ responseString = downloadWithProviderCA(provider.getCaCert(), stringUrl);
}
} catch (JSONException e) {
e.printStackTrace();
@@ -324,11 +284,11 @@ public class ProviderApiManager extends ProviderApiManagerBase {
* @param urlString as a string
* @return an empty string if it fails, the url content if not.
*/
- private String downloadWithProviderCA(String urlString) {
+ private String downloadWithProviderCA(String caCert, String urlString) {
JSONObject initError = new JSONObject();
String responseString;
- OkHttpClient okHttpClient = clientGenerator.initSelfSignedCAHttpClient(initError);
+ OkHttpClient okHttpClient = clientGenerator.initSelfSignedCAHttpClient(caCert, initError);
if (okHttpClient == null) {
return initError.toString();
}
diff --git a/app/src/production/java/se/leap/bitmaskclient/ProviderListActivity.java b/app/src/production/java/se/leap/bitmaskclient/ProviderListActivity.java
index 8c008024..921b42e1 100644
--- a/app/src/production/java/se/leap/bitmaskclient/ProviderListActivity.java
+++ b/app/src/production/java/se/leap/bitmaskclient/ProviderListActivity.java
@@ -22,6 +22,8 @@ import android.os.Bundle;
import java.net.MalformedURLException;
import java.net.URL;
+import static se.leap.bitmaskclient.ProviderAPI.SET_UP_PROVIDER;
+
/**
* Activity that builds and shows the list of known available providers.
* <p/>
@@ -61,43 +63,19 @@ public class ProviderListActivity extends ProviderListBaseActivity {
*/
public void setUpProvider() {
mConfigState.setAction(SETTING_UP_PROVIDER);
- Intent providerApiCommand = new Intent(this, ProviderAPI.class);
- Bundle parameters = new Bundle();
- parameters.putString(Provider.MAIN_URL, provider.getMainUrl().toString());
- if (provider.hasCertificatePin()){
- parameters.putString(Provider.CA_CERT_FINGERPRINT, provider.certificatePin());
- }
- if (provider.hasCaCert()) {
- parameters.putString(Provider.CA_CERT, provider.getCaCert());
- }
- if (provider.hasDefinition()) {
- parameters.putString(Provider.KEY, provider.getDefinition().toString());
- }
-
- providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
- providerApiCommand.putExtra(ProviderAPI.PARAMETERS, parameters);
-
- startService(providerApiCommand);
+ ProviderAPICommand.execute(this, SET_UP_PROVIDER, provider);
}
@Override
- public void retrySetUpProvider() {
+ public void retrySetUpProvider(Provider provider) {
cancelSettingUpProvider();
- if (!ProviderAPI.caCertDownloaded()) {
- addAndSelectNewProvider(ProviderAPI.lastProviderMainUrl());
+ if (!provider.hasCaCert()) {
+ addAndSelectNewProvider(provider.getMainUrlString());
} else {
showProgressBar();
adapter.hideAllBut(adapter.indexOf(provider));
-
- Intent providerApiCommand = new Intent(this, ProviderAPI.class);
- providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER);
- providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, providerAPIResultReceiver);
- Bundle parameters = new Bundle();
- parameters.putString(Provider.MAIN_URL, provider.getMainUrl().toString());
- providerApiCommand.putExtra(ProviderAPI.PARAMETERS, parameters);
-
- startService(providerApiCommand);
+ ProviderAPICommand.execute(this, SET_UP_PROVIDER, provider);
}
}