Age | Commit message (Collapse) | Author |
|
Added two auxiliar files: prepareTestProviderAPI.sh is updated in
feature/authGui_tests.
proguard-project.txt is completely commented, but I think it may be
suitable to version control.
|
|
I've decided not to include any lib, but to copy the SRPParameters class
to our codebase and Util.trim method to ConfigHelper.
|
|
Some more constants added to ConfigHelper.
This solves #2908.
|
|
This resolves the first step from issue #2908.
Next step: Put user message strings into an appropiate place.
|
|
It's working against cdev.bitmask.net and bitmask.net. Look at #2840 for
further explanation about self signed certificates.
I've also removed some file dependant configuration (when a provider was
custom, ConfigurationWizard still tried to read from file a
provider.json that now I store in memory via ProviderItem class).
|
|
I removed a library that was not directly used by my code, but for one
of the libraries that I needed.
|
|
There was a problem on the assets file "bitmask.url". It had an error in
the eip-service url.
We should use this file only for main url, and proceed as if it were a
new provider but with a preseeded main url.
|
|
I've also removed some unnecessary comments from LeapHttpClient.
|
|
We were using it to save certificate and provider.json files from chosen
provider, so that exporting them was easily done.
We don't need that files, because if we wanted to export that files we
would be able to recover them easily and updated.
This fixes #2783
|
|
Variables from LeapSRPSession were there because I used it while testing
srp calculations, comparing that strings with the ones from javascript.
Unused method from ProviderAPI was there because I foresee I'll have to
implement it in the future, but I've removed it since it's already in
the history.
This fixes #2781.
|
|
from provider.json.
This fixes bug #2780
|
|
This is the pull request #3 from GitHub.
|
|
ConfigHelper refactored methods returning nulls instead of empty objects
broke LeapHttpClient getInstance implementation, because it checked the
emptiness of the object and not if it was null.
|
|
|
|
readability
|
|
|
|
Also implements ConfigHelper.getJsonFromSharedPref(), now
|
|
|
|
|
|
|
|
return information
|
|
|
|
boolean, JSONObject)
|
|
The substitution I was doing let me to pass my tests localhost, but was
not valid for real use in Android emulator.
This was so because JSONObject getString method understood \/ simply as
/, while what I wanted was plain \/.
This commit makes #2368
|
|
The problem was the encoding of the bytes when calculating the password
hash. I supposed that it was UTF-8 (I already saw that encoding in the
html code from leap_web), but not, it was ISO-8859-1 (trial/error).
|
|
"https://" is automatically appended.
|
|
LeapSRPSession was doing bad SRP calculations when salt byte array
started with a 0. Now I trimmed that array before using it.
ProviderAPI was not timing out when a server didn't respond. Now, I use
a timeout of 1 second to stop waiting for a response.
|
|
Using two test with values from my localhost leap_web deployment, I've
achieved to login with passwords containing ! and $ without problems.
This should fix bug #2348.
|
|
|
|
Name is mandatory, if not provided android chooses "MainActivity" and
adb install command fails because "LEAP Android-debug.apk" does not
exist.
Target is not mandatory, but for future references (if anybody wants to
change the target, they can do it easier) I've added that flag to the
command.
|
|
|
|
I've entered a new script: compile.sh
I've also simlinked README.txt to README. In the future, if we want to
write another file in another format (MarkDown?), we will only have to
change the target of the README file.
|
|
I've also simlinked README.txt to README. In the future, if we want to
write another file in another format (MarkDown?), we will only have to
change the target of the README file.
|
|
If I execute AndroidRun, run.sh is not called but echoes are printed.
|
|
It just runs the emulator, installs leap_android and runs it. No
debugger session is returned.
|
|
I've found the way to detect if the emulator has finished booting, so
that I can install and start leap_android without problems.
I've moved the last sleep before the pid calculation, because sometimes
it wasn't calculated well (I think because I asked for it too soon).
|
|
This is the first commit of this branch. It contains the README file
with instructions for different user targets (Compiling, Running on the
emulator and Debugging from console), and the ant build.xml file.
debug.sh is an experimental script, because it uses "sleep" to
synchronize between Emulator and adb install and run. If you want to use
it, please look for that "sleep" lines and update their numbers
according to your experience.
|
|
I download the anon certificate only if allow_anonymous is true, and
before launching Dashboard.
I store it in SharedPreferences, with "cert" key, as a JSON object.
|
|
I've upper cased ConfigHelper constants.
I've created a new method in ConfigHelper, to send requests to a server,
that it's used when sending A and M1.
|
|
Allow registration is present in provider.json.
Provider.json is downloaded from both preseeded and custom providers.
Authentication success or fail is notified correctly to the user.
|
|
It is stored in SharedPrefs, with ConfigHelper.cert_key (="cert") key.
|
|
certificate.
Next step in this branch: detect what the selected provider support in
terms of authenticated/anon users, and show login/logout methods
consecuently.
|
|
The problem was that I needed to append the api_version to the api_uri.
I was doing well in tests because I hardcoded the api urls, but in
production code I was getting from provider.json only api_url and not
api_version.
|
|
request a log in without certificates problems.
I've removed the addition of the certificate when downloaded
eip-service.json, because I already do that in LeapHttpClient.
Solves issue 2367: https://leap.se/code/issues/2367
|
|
Refactored LeapSRPSession so that there is no need to send A twice.
|
|
entered, so that if in the future the client tries to log in or
whatever, it can use the certificate downloaded when added.
Log in dialog works ok, showing a toast when authentication fails (by
this time, I have not managed to get a correct login due to
dev.bitmask.net problems).
dev.bitmask.net works perfectly, via adding it as a new provider
(MeanderingCode, this is for you ;) ).
All GET requests are done by default Android URL class, which means that
certificates trusted by Android are also trusted by us. If there are
problems when logging in due to certificates, the app is able to use
only the certificate associated to the provider in the moment it was
selected as the chosen provider.
|
|
|
|
I need to implement bypass for dev.bitmask.net, because bitmask.net is
down.
|
|
|
|
- SRP algorithm improved (validate method uses trim, and some other
trims have been added).
- Refactored calculatePasswordHash, so that it receives a String instead
of a char array, and now it is capable of escaping "\" correctly.
- A 1000*2 successful logins, with a new test that performs 1000 trials
for 2 different username/password/server trios.
Next step: think about how the user is going to trigger the log in
fragment.
|