2 files changed, 22 insertions, 3 deletions

diff --git a/src/se/leap/bitmaskclient/LeapSRPSession.java b/src/se/leap/bitmaskclient/LeapSRPSession.java
index 14a8bff2..0849f777 100644
--- a/src/se/leap/bitmaskclient/LeapSRPSession.java
+++ b/src/se/leap/bitmaskclient/LeapSRPSession.java
@@ -35,9 +35,12 @@ import org.jboss.security.srp.SRPParameters;
  */
 public class LeapSRPSession {
 	
+	private static String token = "";
+	
 	final public static String SALT = "salt";
 	final public static String M1 = "M1";
 	final public static String M2 = "M2";
+	final public static String TOKEN = "token";
 
 	private SRPParameters params;
 	private String username;
@@ -312,6 +315,14 @@ public class LeapSRPSession {
 		boolean valid = Arrays.equals(M2, myM2);
 		return valid;
 	}
+	
+	protected static void setToken(String token) {
+		LeapSRPSession.token = token;
+	}
+	
+	protected static String getToken() {
+		return token;
+	}
 
 	/**
 	 * @return a new SHA-256 digest.
diff --git a/src/se/leap/bitmaskclient/ProviderAPI.java b/src/se/leap/bitmaskclient/ProviderAPI.java
index b23bdc7f..5c8b29ca 100644
--- a/src/se/leap/bitmaskclient/ProviderAPI.java
+++ b/src/se/leap/bitmaskclient/ProviderAPI.java
@@ -27,6 +27,7 @@ import java.net.CookieManager;
 import java.net.CookiePolicy;
 import java.net.MalformedURLException;
 import java.net.SocketTimeoutException;
+import java.net.URISyntaxException;
 import java.net.URL;
 import java.net.URLConnection;
 import java.net.URLEncoder;
@@ -343,6 +344,9 @@ public class ProviderAPI extends IntentService {
 			session_idAndM2.put(ConfigHelper.SESSION_ID_COOKIE_KEY, session_id_cookie.getName());
 			session_idAndM2.put(ConfigHelper.SESSION_ID_KEY, session_id_cookie.getValue());*/
 			session_idAndM2.put(LeapSRPSession.M2, ConfigHelper.trim(M2_not_trimmed));
+			CookieHandler.setDefault(null); // we don't need cookies anymore
+			String token = json_response.getString(LeapSRPSession.TOKEN);
+			LeapSRPSession.setToken(token);
 		}
 		return session_idAndM2;
 	}
@@ -516,6 +520,8 @@ public class ProviderAPI extends IntentService {
 			provider_url = new URL(string_url);
 			URLConnection url_connection = provider_url.openConnection();
 			url_connection.setConnectTimeout(seconds_of_timeout*1000);
+			if(!LeapSRPSession.getToken().isEmpty())
+				url_connection.addRequestProperty(LeapSRPSession.TOKEN, LeapSRPSession.getToken());
 			json_file_content = new Scanner(url_connection.getInputStream()).useDelimiter("\\A").next();
 		} catch (MalformedURLException e) {
 			json_file_content = formatErrorMessage(R.string.malformed_url);
@@ -551,6 +557,8 @@ public class ProviderAPI extends IntentService {
 			HttpsURLConnection urlConnection =
 					(HttpsURLConnection)url.openConnection();
 			urlConnection.setSSLSocketFactory(getProviderSSLSocketFactory());
+			if(!LeapSRPSession.getToken().isEmpty())
+				urlConnection.addRequestProperty(LeapSRPSession.TOKEN, LeapSRPSession.getToken());
 			json_file_content = new Scanner(urlConnection.getInputStream()).useDelimiter("\\A").next();
 		} catch (CertificateException e) {
 			// TODO Auto-generated catch block
@@ -710,11 +718,11 @@ public class ProviderAPI extends IntentService {
 		try {
 			String type_of_certificate = task.getString(ConfigurationWizard.TYPE_OF_CERTIFICATE);
 			JSONObject provider_json = ConfigHelper.getJsonFromSharedPref(Provider.KEY);
-			URL provider_main_url = new URL(provider_json.getString(Provider.API_URL));
-			String new_cert_string_url = provider_main_url.toString() + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.CERTIFICATE;
+			String provider_main_url = provider_json.getString(Provider.API_URL);
+			URL new_cert_string_url = new URL(provider_main_url + "/" + provider_json.getString(Provider.API_VERSION) + "/" + EIP.CERTIFICATE);
 
 			boolean danger_on = ConfigHelper.getBoolFromSharedPref(ProviderItem.DANGER_ON);
-			String cert_string = downloadWithProviderCA(new_cert_string_url, true);
+			String cert_string = downloadWithProviderCA(new_cert_string_url, danger_on);
 			if(!cert_string.isEmpty()) {
 				if(ConfigHelper.checkErroneousDownload(cert_string)) {
 					String reason_to_fail = provider_json.getString(ERRORS);