summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/src/insecure/java/se/leap/bitmaskclient/ConfigurationWizard.java19
-rw-r--r--app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java163
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/BaseConfigurationWizard.java16
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/Provider.java18
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/ProviderApiBase.java39
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/ProviderManager.java30
-rw-r--r--app/src/production/java/se/leap/bitmaskclient/ConfigurationWizard.java14
-rw-r--r--app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java42
8 files changed, 199 insertions, 142 deletions
diff --git a/app/src/insecure/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/insecure/java/se/leap/bitmaskclient/ConfigurationWizard.java
index df1a59ff..766b6c60 100644
--- a/app/src/insecure/java/se/leap/bitmaskclient/ConfigurationWizard.java
+++ b/app/src/insecure/java/se/leap/bitmaskclient/ConfigurationWizard.java
@@ -89,9 +89,17 @@ public class ConfigurationWizard extends BaseConfigurationWizard {
mConfigState.setAction(SETTING_UP_PROVIDER);
Intent provider_API_command = new Intent(this, ProviderAPI.class);
Bundle parameters = new Bundle();
- parameters.putString(Provider.MAIN_URL, selected_provider.mainUrl().getUrl().toString());
+ parameters.putString(Provider.MAIN_URL, selected_provider.getMainUrl().toString());
parameters.putBoolean(ProviderItem.DANGER_ON, danger_on);
- parameters.putString(Provider.CA_CERT_FINGERPRINT, selected_provider.certificatePin());
+ if (selected_provider.hasCertificatePin()){
+ parameters.putString(Provider.CA_CERT_FINGERPRINT, selected_provider.certificatePin());
+ }
+ if (selected_provider.hasCaCert()) {
+ parameters.putString(Provider.CA_CERT, selected_provider.getCaCert());
+ }
+ if (selected_provider.hasDefinition()) {
+ parameters.putString(Provider.KEY, selected_provider.getDefinition().toString());
+ }
provider_API_command.setAction(ProviderAPI.SET_UP_PROVIDER);
provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters);
@@ -103,15 +111,22 @@ public class ConfigurationWizard extends BaseConfigurationWizard {
/**
* Retrys setup of last used provider, allows bypassing ca certificate validation.
*/
+ @Override
public void retrySetUpProvider() {
cancelSettingUpProvider();
if (!ProviderAPI.caCertDownloaded()) {
addAndSelectNewProvider(ProviderAPI.lastProviderMainUrl(), ProviderAPI.lastDangerOn());
} else {
+ showProgressBar();
+ adapter.hideAllBut(adapter.indexOf(selected_provider));
+
Intent provider_API_command = new Intent(this, ProviderAPI.class);
provider_API_command.setAction(ProviderAPI.SET_UP_PROVIDER);
provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver);
+ Bundle parameters = new Bundle();
+ parameters.putString(Provider.MAIN_URL, selected_provider.getMainUrl().toString());
+ provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters);
startService(provider_API_command);
}
diff --git a/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java
index 7689c343..5cb06115 100644
--- a/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java
+++ b/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java
@@ -21,7 +21,6 @@ import android.util.Pair;
import org.json.JSONException;
import org.json.JSONObject;
-import org.thoughtcrime.ssl.pinning.util.PinningHelper;
import java.io.FileNotFoundException;
import java.io.IOException;
@@ -38,7 +37,6 @@ import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
@@ -48,7 +46,6 @@ import se.leap.bitmaskclient.ProviderListContent.ProviderItem;
import se.leap.bitmaskclient.eip.EIP;
import static se.leap.bitmaskclient.R.string.certificate_error;
-import static se.leap.bitmaskclient.R.string.error_io_exception_user_message;
import static se.leap.bitmaskclient.R.string.malformed_url;
/**
@@ -64,10 +61,10 @@ import static se.leap.bitmaskclient.R.string.malformed_url;
*/
public class ProviderAPI extends ProviderApiBase {
- private static boolean last_danger_on = true;
+ private static boolean lastDangerOn = true;
public static boolean lastDangerOn() {
- return last_danger_on;
+ return lastDangerOn;
}
/**
@@ -79,71 +76,99 @@ public class ProviderAPI extends ProviderApiBase {
@Override
protected Bundle setUpProvider(Bundle task) {
int progress = 0;
- Bundle current_download = new Bundle();
+ Bundle currentDownload = new Bundle();
if (task != null) {
- last_danger_on = task.containsKey(ProviderItem.DANGER_ON) && task.getBoolean(ProviderItem.DANGER_ON);
- last_provider_main_url = task.containsKey(Provider.MAIN_URL) ?
+ lastDangerOn = task.containsKey(ProviderItem.DANGER_ON) && task.getBoolean(ProviderItem.DANGER_ON);
+ lastProviderMainUrl = task.containsKey(Provider.MAIN_URL) ?
task.getString(Provider.MAIN_URL) :
"";
- provider_ca_cert_fingerprint = task.containsKey(Provider.CA_CERT_FINGERPRINT) ?
+ providerCaCertFingerprint = task.containsKey(Provider.CA_CERT_FINGERPRINT) ?
task.getString(Provider.CA_CERT_FINGERPRINT) :
"";
- CA_CERT_DOWNLOADED = PROVIDER_JSON_DOWNLOADED = EIP_SERVICE_JSON_DOWNLOADED = false;
+ providerCaCert = task.containsKey(Provider.CA_CERT) ?
+ task.getString(Provider.CA_CERT) :
+ "";
+
+ try {
+ providerDefinition = task.containsKey(Provider.KEY) ?
+ new JSONObject(task.getString(Provider.KEY)) :
+ new JSONObject();
+ } catch (JSONException e) {
+ e.printStackTrace();
+ providerDefinition = new JSONObject();
+ }
+ providerApiUrl = getApiUrlWithVersion(providerDefinition);
+
+ checkPersistedProviderUpdates();
+ currentDownload = validateProviderDetails();
+
+ //provider details invalid
+ if (currentDownload.containsKey(ERRORS)) {
+ return currentDownload;
+ }
+
+ //no provider certificate available
+ if (currentDownload.containsKey(RESULT_KEY) && !currentDownload.getBoolean(RESULT_KEY)) {
+ resetProviderDetails();
+ }
+
+ EIP_SERVICE_JSON_DOWNLOADED = false;
go_ahead = true;
}
if (!PROVIDER_JSON_DOWNLOADED)
- current_download = getAndSetProviderJson(last_provider_main_url, last_danger_on, provider_ca_cert_fingerprint);
- if (PROVIDER_JSON_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) {
+ currentDownload = getAndSetProviderJson(lastProviderMainUrl, lastDangerOn, providerCaCert, providerDefinition);
+ if (PROVIDER_JSON_DOWNLOADED || (currentDownload.containsKey(RESULT_KEY) && currentDownload.getBoolean(RESULT_KEY))) {
broadcastProgress(progress++);
PROVIDER_JSON_DOWNLOADED = true;
- current_download = downloadCACert(last_danger_on);
- if (CA_CERT_DOWNLOADED || (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY))) {
+ if (!CA_CERT_DOWNLOADED)
+ currentDownload = downloadCACert(lastDangerOn);
+ if (CA_CERT_DOWNLOADED || (currentDownload.containsKey(RESULT_KEY) && currentDownload.getBoolean(RESULT_KEY))) {
broadcastProgress(progress++);
CA_CERT_DOWNLOADED = true;
- current_download = getAndSetEipServiceJson();
- if (current_download.containsKey(RESULT_KEY) && current_download.getBoolean(RESULT_KEY)) {
+ currentDownload = getAndSetEipServiceJson();
+ if (currentDownload.containsKey(RESULT_KEY) && currentDownload.getBoolean(RESULT_KEY)) {
broadcastProgress(progress++);
EIP_SERVICE_JSON_DOWNLOADED = true;
}
}
}
- return current_download;
+ return currentDownload;
}
- private Bundle getAndSetProviderJson(String provider_main_url, boolean danger_on, String provider_ca_cert_fingerprint) {
+ private Bundle getAndSetProviderJson(String providerMainUrl, boolean dangerOn, String caCert, JSONObject providerDefinition) {
Bundle result = new Bundle();
if (go_ahead) {
- String provider_dot_json_string;
- if(provider_ca_cert_fingerprint.isEmpty())
- provider_dot_json_string = downloadWithCommercialCA(provider_main_url + "/provider.json", danger_on);
+ String providerDotJsonString;
+ if(providerDefinition.length() == 0 || caCert.isEmpty())
+ providerDotJsonString = downloadWithCommercialCA(providerMainUrl + "/provider.json", dangerOn);
else
- provider_dot_json_string = downloadWithCommercialCA(provider_main_url + "/provider.json", danger_on, provider_ca_cert_fingerprint);
+ providerDotJsonString = downloadFromApiUrlWithProviderCA("/provider.json", caCert, providerDefinition, dangerOn);
- if (!isValidJson(provider_dot_json_string)) {
+ if (!isValidJson(providerDotJsonString)) {
result.putString(ERRORS, getString(malformed_url));
result.putBoolean(RESULT_KEY, false);
return result;
}
try {
- JSONObject provider_json = new JSONObject(provider_dot_json_string);
- provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION);
- String name = provider_json.getString(Provider.NAME);
+ JSONObject providerJson = new JSONObject(providerDotJsonString);
+ String providerDomain = providerJson.getString(Provider.DOMAIN);
+ providerApiUrl = getApiUrlWithVersion(providerJson);
+ String name = providerJson.getString(Provider.NAME);
//TODO setProviderName(name);
- preferences.edit().putString(Provider.KEY, provider_json.toString()).commit();
- preferences.edit().putBoolean(Constants.PROVIDER_ALLOW_ANONYMOUS, provider_json.getJSONObject(Provider.SERVICE).getBoolean(Constants.PROVIDER_ALLOW_ANONYMOUS)).commit();
- preferences.edit().putBoolean(Constants.PROVIDER_ALLOWED_REGISTERED, provider_json.getJSONObject(Provider.SERVICE).getBoolean(Constants.PROVIDER_ALLOWED_REGISTERED)).commit();
-
+ preferences.edit().putString(Provider.KEY, providerJson.toString()).
+ putBoolean(Constants.PROVIDER_ALLOW_ANONYMOUS, providerJson.getJSONObject(Provider.SERVICE).getBoolean(Constants.PROVIDER_ALLOW_ANONYMOUS)).
+ putBoolean(Constants.PROVIDER_ALLOWED_REGISTERED, providerJson.getJSONObject(Provider.SERVICE).getBoolean(Constants.PROVIDER_ALLOWED_REGISTERED)).
+ putString(Provider.KEY + "." + providerDomain, providerJson.toString()).commit();
result.putBoolean(RESULT_KEY, true);
} catch (JSONException e) {
- //TODO Error message should be contained in that provider_dot_json_string
- String reason_to_fail = pickErrorMessage(provider_dot_json_string);
+ String reason_to_fail = pickErrorMessage(providerDotJsonString);
result.putString(ERRORS, reason_to_fail);
result.putBoolean(RESULT_KEY, false);
}
@@ -163,7 +188,7 @@ public class ProviderAPI extends ProviderApiBase {
try {
JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, ""));
String eip_service_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.SERVICE_API_PATH;
- eip_service_json_string = downloadWithProviderCA(eip_service_url, last_danger_on);
+ eip_service_json_string = downloadWithProviderCA(eip_service_url, lastDangerOn);
JSONObject eip_service_json = new JSONObject(eip_service_json_string);
eip_service_json.getInt(Provider.API_RETURN_SERIAL);
@@ -192,7 +217,7 @@ public class ProviderAPI extends ProviderApiBase {
String provider_main_url = provider_json.getString(Provider.API_URL);
URL new_cert_string_url = new URL(provider_main_url + "/" + provider_json.getString(Provider.API_VERSION) + "/" + Constants.PROVIDER_VPN_CERTIFICATE);
- String cert_string = downloadWithProviderCA(new_cert_string_url.toString(), last_danger_on);
+ String cert_string = downloadWithProviderCA(new_cert_string_url.toString(), lastDangerOn);
if (cert_string == null || cert_string.isEmpty() || ConfigHelper.checkErroneousDownload(cert_string))
return false;
@@ -210,18 +235,21 @@ public class ProviderAPI extends ProviderApiBase {
}
- private Bundle downloadCACert(boolean danger_on) {
+ private Bundle downloadCACert(boolean dangerOn) {
Bundle result = new Bundle();
try {
- JSONObject provider_json = new JSONObject(preferences.getString(Provider.KEY, ""));
- String ca_cert_url = provider_json.getString(Provider.CA_CERT_URI);
- String cert_string = downloadWithCommercialCA(ca_cert_url, danger_on);
+ JSONObject providerJson = new JSONObject(preferences.getString(Provider.KEY, ""));
+ String caCertUrl = providerJson.getString(Provider.CA_CERT_URI);
+ String providerDomain = providerJson.getString(Provider.DOMAIN);
+
+ String certString = downloadWithCommercialCA(caCertUrl, dangerOn);
- if (validCertificate(cert_string) && go_ahead) {
- preferences.edit().putString(Provider.CA_CERT, cert_string).commit();
+ if (validCertificate(certString) && go_ahead) {
+ preferences.edit().putString(Provider.CA_CERT, certString).commit();
+ preferences.edit().putString(Provider.CA_CERT + "." + providerDomain, certString).commit();
result.putBoolean(RESULT_KEY, true);
} else {
- String reason_to_fail = pickErrorMessage(cert_string);
+ String reason_to_fail = pickErrorMessage(certString);
result.putString(ERRORS, reason_to_fail);
result.putBoolean(RESULT_KEY, false);
}
@@ -234,29 +262,6 @@ public class ProviderAPI extends ProviderApiBase {
return result;
}
- //TODO: refactor with ticket #8773
- private String downloadWithCommercialCA(String urlString, boolean dangerOn, String caCertFingerprint) {
- String result = "";
- int seconds_of_timeout = 2;
- String[] pins = new String[] {caCertFingerprint};
- try {
- URL url = new URL(urlString);
- HttpsURLConnection connection = PinningHelper.getPinnedHttpsURLConnection(getApplicationContext(), pins, url);
- connection.setConnectTimeout(seconds_of_timeout * 1000);
- if (!LeapSRPSession.getToken().isEmpty())
- connection.addRequestProperty(LeapSRPSession.AUTHORIZATION_HEADER, "Token token=" + LeapSRPSession.getToken());
- result = new Scanner(connection.getInputStream()).useDelimiter("\\A").next();
- } catch (IOException e) {
- if(e instanceof SSLHandshakeException) {
- result = dangerOn ? downloadWithoutCA(urlString) :
- formatErrorMessage(R.string.error_security_pinnedcertificate);
- } else
- result = formatErrorMessage(error_io_exception_user_message);
- }
-
- return result;
- }
-
/**
* Tries to download the contents of the provided url using commercially validated CA certificate from chosen provider.
* <p/>
@@ -284,7 +289,35 @@ public class ProviderAPI extends ProviderApiBase {
// try to download with provider CA on certificate error
JSONObject responseErrorJson = new JSONObject(responseString);
if (danger_on && responseErrorJson.getString(ERRORS).equals(getString(R.string.certificate_error))) {
- responseString = downloadWithProviderCA(string_url, danger_on);
+ responseString = downloadWithoutCA(string_url);
+ }
+ } catch (JSONException e) {
+ e.printStackTrace();
+ }
+ }
+
+ return responseString;
+ }
+
+ private String downloadFromApiUrlWithProviderCA(String path, String caCert, JSONObject providerDefinition, boolean dangerOn) {
+ String responseString;
+ JSONObject errorJson = new JSONObject();
+ String baseUrl = getApiUrl(providerDefinition);
+ OkHttpClient okHttpClient = initSelfSignedCAHttpClient(errorJson, caCert);
+ if (okHttpClient == null) {
+ return errorJson.toString();
+ }
+
+ String urlString = baseUrl + path;
+ List<Pair<String, String>> headerArgs = getAuthorizationHeader();
+ responseString = sendGetStringToServer(urlString, headerArgs, okHttpClient);
+
+ if (responseString != null && responseString.contains(ERRORS)) {
+ try {
+ // try to download with provider CA on certificate error
+ JSONObject responseErrorJson = new JSONObject(responseString);
+ if (dangerOn && responseErrorJson.getString(ERRORS).equals(getString(R.string.certificate_error))) {
+ responseString = downloadWithCommercialCA(urlString, dangerOn);
}
} catch (JSONException e) {
e.printStackTrace();
diff --git a/app/src/main/java/se/leap/bitmaskclient/BaseConfigurationWizard.java b/app/src/main/java/se/leap/bitmaskclient/BaseConfigurationWizard.java
index 1d675499..2c169e3d 100644
--- a/app/src/main/java/se/leap/bitmaskclient/BaseConfigurationWizard.java
+++ b/app/src/main/java/se/leap/bitmaskclient/BaseConfigurationWizard.java
@@ -216,6 +216,8 @@ public abstract class BaseConfigurationWizard extends Activity
String provider_json_string = preferences.getString(Provider.KEY, "");
if (!provider_json_string.isEmpty())
selected_provider.define(new JSONObject(provider_json_string));
+ String caCert = preferences.getString(Provider.CA_CERT, "");
+ selected_provider.setCACert(caCert);
} catch (JSONException e) {
e.printStackTrace();
}
@@ -301,6 +303,20 @@ public abstract class BaseConfigurationWizard extends Activity
preferences.edit().remove(Provider.KEY).remove(Constants.PROVIDER_ALLOW_ANONYMOUS).remove(Constants.PROVIDER_KEY).apply();
}
+ @Override
+ public void updateProviderDetails() {
+ mConfigState.setAction(SETTING_UP_PROVIDER);
+ Intent provider_API_command = new Intent(this, ProviderAPI.class);
+
+ provider_API_command.setAction(ProviderAPI.UPDATE_PROVIDER_DETAILS);
+ provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver);
+ Bundle parameters = new Bundle();
+ parameters.putString(Provider.MAIN_URL, selected_provider.getMainUrl().toString());
+ provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters);
+
+ startService(provider_API_command);
+ }
+
private void askDashboardToQuitApp() {
Intent ask_quit = new Intent();
ask_quit.putExtra(Dashboard.ACTION_QUIT, Dashboard.ACTION_QUIT);
diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java
index 71a0e149..ae07bc25 100644
--- a/app/src/main/java/se/leap/bitmaskclient/Provider.java
+++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java
@@ -70,14 +70,18 @@ public final class Provider implements Parcelable {
this.mainUrl.setUrl(mainUrl);
}
- public Provider(URL mainUrl, String caCert, /*String certificatePin,*/ String definition) {
+ public Provider(URL mainUrl, String caCert, String definition) {
this.mainUrl.setUrl(mainUrl);
- this.caCert = caCert;
- try {
- this.definition = new JSONObject(definition);
- parseDefinition(this.definition);
- } catch (JSONException e) {
- e.printStackTrace();
+ if (caCert != null) {
+ this.caCert = caCert;
+ }
+ if (definition != null) {
+ try {
+ this.definition = new JSONObject(definition);
+ parseDefinition(this.definition);
+ } catch (JSONException | NullPointerException e) {
+ e.printStackTrace();
+ }
}
}
diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderApiBase.java b/app/src/main/java/se/leap/bitmaskclient/ProviderApiBase.java
index dfc48bee..0013d2c2 100644
--- a/app/src/main/java/se/leap/bitmaskclient/ProviderApiBase.java
+++ b/app/src/main/java/se/leap/bitmaskclient/ProviderApiBase.java
@@ -665,9 +665,6 @@ public abstract class ProviderApiBase extends IntentService {
try {
response = okHttpClient.newCall(request).execute();
- if (!response.isSuccessful()){
- return formatErrorMessage(error_json_exception_user_message);
- }
InputStream inputStream = response.body().byteStream();
Scanner scanner = new Scanner(inputStream).useDelimiter("\\A");
@@ -760,6 +757,42 @@ public abstract class ProviderApiBase extends IntentService {
return result;
}
+ protected void checkPersistedProviderUpdates() {
+ String providerDomain = getProviderDomain(providerDefinition);
+ if (hasUpdatedProviderDetails(providerDomain)) {
+ providerCaCert = getPersistedProviderCA(providerDomain);
+ providerDefinition = getPersistedProviderDefinition(providerDomain);
+ providerCaCertFingerprint = getPersistedCaCertFingerprint(providerDomain);
+ providerApiUrl = getApiUrlWithVersion(providerDefinition);
+ }
+ }
+
+ protected Bundle validateProviderDetails() {
+ Bundle result = validateCertificateForProvider(providerCaCert, providerDefinition, lastProviderMainUrl);
+
+ //invalid certificate or no certificate
+ if (result.containsKey(ERRORS) || (result.containsKey(RESULT_KEY) && !result.getBoolean(RESULT_KEY)) ) {
+ return result;
+ }
+
+ //valid certificate: skip download, save loaded provider CA cert and provider definition directly
+ try {
+ preferences.edit().putString(Provider.KEY, providerDefinition.toString()).
+ putBoolean(Constants.PROVIDER_ALLOW_ANONYMOUS, providerDefinition.getJSONObject(Provider.SERVICE).getBoolean(Constants.PROVIDER_ALLOW_ANONYMOUS)).
+ putBoolean(Constants.PROVIDER_ALLOWED_REGISTERED, providerDefinition.getJSONObject(Provider.SERVICE).getBoolean(Constants.PROVIDER_ALLOWED_REGISTERED)).
+ putString(Provider.CA_CERT, providerCaCert).commit();
+ CA_CERT_DOWNLOADED = true;
+ PROVIDER_JSON_DOWNLOADED = true;
+ result.putBoolean(RESULT_KEY, true);
+ } catch (JSONException e) {
+ e.printStackTrace();
+ result.putBoolean(RESULT_KEY, false);
+ result = setErrorResult(result, getString(R.string.warning_corrupted_provider_details), ERROR_CORRUPTED_PROVIDER_JSON.toString());
+ }
+
+ return result;
+ }
+
protected Bundle validateCertificateForProvider(String cert_string, JSONObject providerDefinition, String mainUrl) {
Bundle result = new Bundle();
result.putBoolean(RESULT_KEY, false);
diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java b/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java
index cf703631..92d5da9f 100644
--- a/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java
+++ b/app/src/main/java/se/leap/bitmaskclient/ProviderManager.java
@@ -58,19 +58,27 @@ public class ProviderManager implements AdapteeCollection<Provider> {
private Set<Provider> providersFromAssets(String directory, String[] relative_file_paths) {
Set<Provider> providers = new HashSet<Provider>();
- try {
- for (String file : relative_file_paths) {
- String provider = file.substring(0, file.length() - ".url".length());
- InputStream provider_file = assets_manager.open(directory + "/" + file);
- String mainUrl = extractMainUrlFromInputStream(provider_file);
- String certificate = ConfigHelper.loadInputStreamAsString(assets_manager.open(provider + ".pem"));
- String providerDefinition = ConfigHelper.loadInputStreamAsString(assets_manager.open(provider + ".json"));
- providers.add(new Provider(new URL(mainUrl), certificate, providerDefinition));
+ for (String file : relative_file_paths) {
+ String mainUrl = null;
+ String certificate = null;
+ String providerDefinition = null;
+ try {
+ String provider = file.substring(0, file.length() - ".url".length());
+ InputStream provider_file = assets_manager.open(directory + "/" + file);
+ mainUrl = extractMainUrlFromInputStream(provider_file);
+ certificate = ConfigHelper.loadInputStreamAsString(assets_manager.open(provider + ".pem"));
+ providerDefinition = ConfigHelper.loadInputStreamAsString(assets_manager.open(provider + ".json"));
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ try {
+ providers.add(new Provider(new URL(mainUrl), certificate, providerDefinition));
+ } catch (MalformedURLException e) {
+ e.printStackTrace();
+ }
}
- } catch (IOException e) {
- e.printStackTrace();
- }
+
return providers;
}
diff --git a/app/src/production/java/se/leap/bitmaskclient/ConfigurationWizard.java b/app/src/production/java/se/leap/bitmaskclient/ConfigurationWizard.java
index 363fa66c..3f05b0a2 100644
--- a/app/src/production/java/se/leap/bitmaskclient/ConfigurationWizard.java
+++ b/app/src/production/java/se/leap/bitmaskclient/ConfigurationWizard.java
@@ -102,18 +102,4 @@ public class ConfigurationWizard extends BaseConfigurationWizard {
}
}
- @Override
- public void updateProviderDetails() {
- mConfigState.setAction(SETTING_UP_PROVIDER);
- Intent provider_API_command = new Intent(this, ProviderAPI.class);
-
- provider_API_command.setAction(ProviderAPI.UPDATE_PROVIDER_DETAILS);
- provider_API_command.putExtra(ProviderAPI.RECEIVER_KEY, providerAPI_result_receiver);
- Bundle parameters = new Bundle();
- parameters.putString(Provider.MAIN_URL, selected_provider.getMainUrl().toString());
- provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters);
-
- startService(provider_API_command);
- }
-
}
diff --git a/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java
index b27c3dca..39651a43 100644
--- a/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java
+++ b/app/src/production/java/se/leap/bitmaskclient/ProviderAPI.java
@@ -62,6 +62,7 @@ public class ProviderAPI extends ProviderApiBase {
lastProviderMainUrl = task.containsKey(Provider.MAIN_URL) ?
task.getString(Provider.MAIN_URL) :
"";
+ //TODO: remove that
providerCaCertFingerprint = task.containsKey(Provider.CA_CERT_FINGERPRINT) ?
task.getString(Provider.CA_CERT_FINGERPRINT) :
"";
@@ -119,43 +120,6 @@ public class ProviderAPI extends ProviderApiBase {
}
- private Bundle validateProviderDetails() {
- Bundle result = validateCertificateForProvider(providerCaCert, providerDefinition, lastProviderMainUrl);
-
- //invalid certificate or no certificate
- if (result.containsKey(ERRORS) || (result.containsKey(RESULT_KEY) && !result.getBoolean(RESULT_KEY)) ) {
- return result;
- }
-
- //valid certificate: skip download, save loaded provider CA cert and provider definition directly
- try {
- preferences.edit().putString(Provider.KEY, providerDefinition.toString()).
- putBoolean(Constants.PROVIDER_ALLOW_ANONYMOUS, providerDefinition.getJSONObject(Provider.SERVICE).getBoolean(Constants.PROVIDER_ALLOW_ANONYMOUS)).
- putBoolean(Constants.PROVIDER_ALLOWED_REGISTERED, providerDefinition.getJSONObject(Provider.SERVICE).getBoolean(Constants.PROVIDER_ALLOWED_REGISTERED)).
- putString(Provider.CA_CERT, providerCaCert).commit();
- CA_CERT_DOWNLOADED = true;
- PROVIDER_JSON_DOWNLOADED = true;
- result.putBoolean(RESULT_KEY, true);
- } catch (JSONException e) {
- e.printStackTrace();
- result.putBoolean(RESULT_KEY, false);
- result = setErrorResult(result, getString(R.string.warning_corrupted_provider_details), ERROR_CORRUPTED_PROVIDER_JSON.toString());
- }
-
- return result;
- }
-
- private void checkPersistedProviderUpdates() {
- String providerDomain = getProviderDomain(providerDefinition);
- if (hasUpdatedProviderDetails(providerDomain)) {
- providerCaCert = getPersistedProviderCA(providerDomain);
- providerDefinition = getPersistedProviderDefinition(providerDomain);
- providerCaCertFingerprint = getPersistedCaCertFingerprint(providerDomain);
- providerApiUrl = getApiUrlWithVersion(providerDefinition);
- }
- }
-
-
private Bundle getAndSetProviderJson(String providerMainUrl, String caCert, JSONObject providerDefinition) {
Bundle result = new Bundle();
@@ -186,7 +150,6 @@ public class ProviderAPI extends ProviderApiBase {
putString(Provider.KEY + "." + providerDomain, providerJson.toString()).commit();
result.putBoolean(RESULT_KEY, true);
} catch (JSONException e) {
- //TODO Error message should be contained in that provider_dot_json_string
String reason_to_fail = pickErrorMessage(providerDotJsonString);
result.putString(ERRORS, reason_to_fail);
result.putBoolean(RESULT_KEY, false);
@@ -261,7 +224,6 @@ public class ProviderAPI extends ProviderApiBase {
String providerDomain = providerJson.getString(Provider.DOMAIN);
String cert_string = downloadWithCommercialCA(caCertUrl);
- result.putBoolean(RESULT_KEY, true);
if (validCertificate(cert_string) && go_ahead) {
preferences.edit().putString(Provider.CA_CERT, cert_string).commit();
@@ -321,7 +283,7 @@ public class ProviderAPI extends ProviderApiBase {
*
* @return an empty string if it fails, the response body if not.
*/
- protected String downloadFromApiUrlWithProviderCA(String path, String caCert, JSONObject providerDefinition) {
+ private String downloadFromApiUrlWithProviderCA(String path, String caCert, JSONObject providerDefinition) {
String responseString;
JSONObject errorJson = new JSONObject();
String baseUrl = getApiUrl(providerDefinition);