| Age | Commit message (Collapse) | Author |
|---|
|
|
|
They have been relocated to the corresponding classes.
|
|
|
|
I send session_id cookie in the request for 1/cert, getting it from
LeapHttpClient directly.
|
|
|
|
We no longer use BundleExtras named as the action ProviderAPI is
intended to perform, but we standardise this name
(ProviderAPI.PARAMETERS), and use setAction to pass that action string.
|
|
|
|
|
|
LeapHttpClient can fetch the main CA certificate downloaded from the
provider and add it to its in-memory keystore, without saving the
certificate in a file.
This is a very important feature, I think it can be cherry picked (it has
little modifications, and very localized).
It's very important because authentication does not work without this
bug fix in the latest branches, because I removed the code that saved
the certificate in a file but didn't test the authentication part.
|
|
Feature #3023 first solution.
I don't like to tell anything to the user when s/he wants to exit
pressing the back button. I assume s/he is saying: "Wanna go out!!"
I've implemented the behaviour written in UI Rev II.
If a user selects a new provider when coming back from Switch Provider,
the previous provider is forgotten and we assume s/he wants to change of
provider but he is not sure to which. That means that previous provider
configuration will be removed (that means there is no provider selected
and Dashboard will not be launched before a new provider is selected).
|
|
It only contains the "About LEAP" option.
If the user clicks again that option while the About fragment is up, no
new fragment is added and pressing 1 time the back button drives him/her
to the ConfigurationWizard activity.
|
|
If the user decides not to choose any provider, the app quits. I'll
create another branch to handle this exit properly, warning the user
with an AlertDialog as suggested in #3023.
|
|
Once in the provider detail fragment, if the user presses the back
button, provider.json is removed from sharedpreferences (so that
Dashboard does not start as if the user had selected the canceled
provider) and ConfigurationWizard gets the focus.
|
|
Domain, name and description come from provider.json
Next step: code buttons to login or to use anonymously.
|
|
I've also removed a lot of finishes when things go wrong (so that it should be returning to the previous activity/fragment).
|
|
|
|
|
|
I've decided not to include any lib, but to copy the SRPParameters class
to our codebase and Util.trim method to ConfigHelper.
|
|
Some more constants added to ConfigHelper.
This solves #2908.
|
|
This resolves the first step from issue #2908.
Next step: Put user message strings into an appropiate place.
|
|
There was a problem on the assets file "bitmask.url". It had an error in
the eip-service url.
We should use this file only for main url, and proceed as if it were a
new provider but with a preseeded main url.
|
|
We were using it to save certificate and provider.json files from chosen
provider, so that exporting them was easily done.
We don't need that files, because if we wanted to export that files we
would be able to recover them easily and updated.
This fixes #2783
|
|
boolean, JSONObject)
|
|
I download the anon certificate only if allow_anonymous is true, and
before launching Dashboard.
I store it in SharedPreferences, with "cert" key, as a JSON object.
|
|
I've upper cased ConfigHelper constants.
I've created a new method in ConfigHelper, to send requests to a server,
that it's used when sending A and M1.
|
|
Allow registration is present in provider.json.
Provider.json is downloaded from both preseeded and custom providers.
Authentication success or fail is notified correctly to the user.
|
|
It is stored in SharedPrefs, with ConfigHelper.cert_key (="cert") key.
|
|
The problem was that I needed to append the api_version to the api_uri.
I was doing well in tests because I hardcoded the api urls, but in
production code I was getting from provider.json only api_url and not
api_version.
|
|
request a log in without certificates problems.
I've removed the addition of the certificate when downloaded
eip-service.json, because I already do that in LeapHttpClient.
Solves issue 2367: https://leap.se/code/issues/2367
|
|
entered, so that if in the future the client tries to log in or
whatever, it can use the certificate downloaded when added.
Log in dialog works ok, showing a toast when authentication fails (by
this time, I have not managed to get a correct login due to
dev.bitmask.net problems).
dev.bitmask.net works perfectly, via adding it as a new provider
(MeanderingCode, this is for you ;) ).
All GET requests are done by default Android URL class, which means that
certificates trusted by Android are also trusted by us. If there are
problems when logging in due to certificates, the app is able to use
only the certificate associated to the provider in the moment it was
selected as the chosen provider.
|
|
|
|
I need to implement bypass for dev.bitmask.net, because bitmask.net is
down.
|
|
|
|
New provider dialog works OK.
|
|
Conflicts:
src/se/leap/leapclient/ConfigHelper.java
src/se/leap/leapclient/ConfigurationWizard.java
src/se/leap/leapclient/ProviderAPI.java
|
|
Next step: understand why SHA-256 digest from NG_1024 is not equals to
the one leap_web is calculating.
|
|
|
|
used the provider alias, but a predefined (I forgot removing quotes from
argument) string.
|
|
|
|
problems assuming user wanted to trust it since s/he entered by
him/herself the URL.
Next step: refactor a bit, to make code more beautiful.
|
|
can download eip-service.json and ca.crt without having the latter as a
predefined trusted certificate. It does not ask anything about trusting
the new certificate as far as selecting a custom provider means that the
user trusts that url.
Next step: make provider.json also downloadable from https address using
ca.cert not trusted.
|
|
custom provider is selected.
Tested using https://bitmask.net as url for custom provider.
|
|
Cleaned some code, pending the M2 one (testing with M1).
|
|
M1 is not OK, because errors (with null description, awkward) are
received from posting M1 to the server instead of M2.
Next step: purge user database from leap_webapp and start testing again.
|
|
Refactored downloadJsonFiles in ProviderAPI, new method from block in
the intent identification.
|
|
Next step: get cookies understood, how do I get server's sent
parameters?
|
|
Next steps:
Implement async communication with the server to receive salt, send A
and receive B.
|
|
ProviderListFragment, and then the user can choose it.
|
|
the website, just as bitmask.net/provider.json), and writes it to a file
in ~/leap_android.
Next steps: parse that file and download eip-service and cert.
|
|
|
