From caadb236f39b4b6139a697eec57aa2796595422f Mon Sep 17 00:00:00 2001 From: cyBerta Date: Tue, 21 May 2019 11:54:20 +0200 Subject: * show error dialog if provider is misconfigured and has not allowed registration nor anonymous usage * always download provider.json, Use preseeded provider.json only to check if the client can connect with preseeded certificate. Keeps the provider.json updated if provider changes it's config * Tests for both cases --- app/src/custom/assets/riseup.net.json | 2 +- .../se/leap/bitmaskclient/ProviderApiManager.java | 9 ++- .../main/java/se/leap/bitmaskclient/Provider.java | 8 -- .../leap/bitmaskclient/ProviderApiManagerBase.java | 4 +- .../bitmaskclient/ProviderSetupBaseActivity.java | 1 - .../bitmaskclient/ProviderSetupFailedDialog.java | 40 ++++------ app/src/normal/assets/riseup.net.json | 2 +- .../se/leap/bitmaskclient/ProviderApiManager.java | 12 ++- .../testutils/TestSetupHelper.java | 2 - .../bitmaskclient/eip/ProviderApiManagerTest.java | 51 ++++++++++++- .../BackendMockResponses/BackendMockProvider.java | 4 + .../MisconfiguredProviderBackendResponse.java | 89 ++++++++++++++++++++++ .../leap/bitmaskclient/testutils/MockHelper.java | 2 + .../testutils/matchers/BundleMatcher.java | 20 ++--- app/src/test/resources/error_messages.json | 27 +++---- .../test/resources/riseup_net_invalid_config.json | 37 +++++++++ .../test/resources/riseup_net_outdated_config.json | 37 +++++++++ 17 files changed, 271 insertions(+), 76 deletions(-) create mode 100644 app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/MisconfiguredProviderBackendResponse.java create mode 100644 app/src/test/resources/riseup_net_invalid_config.json create mode 100644 app/src/test/resources/riseup_net_outdated_config.json (limited to 'app/src') diff --git a/app/src/custom/assets/riseup.net.json b/app/src/custom/assets/riseup.net.json index 82290ecd..fd8830a5 100644 --- a/app/src/custom/assets/riseup.net.json +++ b/app/src/custom/assets/riseup.net.json @@ -20,7 +20,7 @@ "allow_free": true, "allow_limited_bandwidth": false, "allow_paid": false, - "allow_registration": true, + "allow_registration": false, "allow_unlimited_bandwidth": true, "bandwidth_limit": 102400, "default_service_level": 1, diff --git a/app/src/insecure/java/se/leap/bitmaskclient/ProviderApiManager.java b/app/src/insecure/java/se/leap/bitmaskclient/ProviderApiManager.java index e3fb549f..3325d82b 100644 --- a/app/src/insecure/java/se/leap/bitmaskclient/ProviderApiManager.java +++ b/app/src/insecure/java/se/leap/bitmaskclient/ProviderApiManager.java @@ -52,13 +52,14 @@ import static android.text.TextUtils.isEmpty; import static se.leap.bitmaskclient.Constants.BROADCAST_RESULT_KEY; import static se.leap.bitmaskclient.Constants.PROVIDER_KEY; import static se.leap.bitmaskclient.Constants.PROVIDER_VPN_CERTIFICATE; +import static se.leap.bitmaskclient.ProviderAPI.ERRORS; import static se.leap.bitmaskclient.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CERTIFICATE_PINNING; import static se.leap.bitmaskclient.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CORRUPTED_PROVIDER_JSON; -import static se.leap.bitmaskclient.ProviderAPI.ERRORS; import static se.leap.bitmaskclient.R.string.certificate_error; import static se.leap.bitmaskclient.R.string.downloading_vpn_certificate_failed; import static se.leap.bitmaskclient.R.string.error_io_exception_user_message; import static se.leap.bitmaskclient.R.string.malformed_url; +import static se.leap.bitmaskclient.R.string.setup_error_text; import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_cert; import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_details; @@ -115,14 +116,16 @@ public class ProviderApiManager extends ProviderApiManagerBase { resetProviderDetails(provider); } - if (!provider.hasDefinition()) - currentDownload = getAndSetProviderJson(provider, lastDangerOn); + currentDownload = getAndSetProviderJson(provider, lastDangerOn); if (provider.hasDefinition() || (currentDownload.containsKey(BROADCAST_RESULT_KEY) && currentDownload.getBoolean(BROADCAST_RESULT_KEY))) { if (!provider.hasCaCert()) currentDownload = downloadCACert(provider, lastDangerOn); if (provider.hasCaCert() || (currentDownload.containsKey(BROADCAST_RESULT_KEY) && currentDownload.getBoolean(BROADCAST_RESULT_KEY))) { currentDownload = getAndSetEipServiceJson(provider); } + if (provider.hasEIP() && !provider.allowsRegistered() && !provider.allowsAnonymous()) { + setErrorResult(currentDownload, setup_error_text, null); + } } currentDownload.putParcelable(PROVIDER_KEY, provider); return currentDownload; diff --git a/app/src/main/java/se/leap/bitmaskclient/Provider.java b/app/src/main/java/se/leap/bitmaskclient/Provider.java index 5e5a3a62..c81f5739 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Provider.java +++ b/app/src/main/java/se/leap/bitmaskclient/Provider.java @@ -230,14 +230,6 @@ public final class Provider implements Parcelable { && !getEipServiceJson().has(ERRORS); } - public boolean allowsRegistration() { - try { - return definition.getJSONObject(Provider.SERVICE).getBoolean(Provider.ALLOW_REGISTRATION); - } catch (JSONException e) { - return false; - } - } - @Override public int describeContents() { return 0; diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java b/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java index 5cf27854..15c7457e 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderApiManagerBase.java @@ -595,7 +595,7 @@ public abstract class ProviderApiManagerBase { private boolean canConnect(String caCert, JSONObject providerDefinition, Bundle result) { JSONObject errorJson = new JSONObject(); - String baseUrl = getApiUrl(providerDefinition); + String providerUrl = getApiUrl(providerDefinition) + "/provider.json"; OkHttpClient okHttpClient = clientGenerator.initSelfSignedCAHttpClient(caCert, errorJson); if (okHttpClient == null) { @@ -605,7 +605,7 @@ public abstract class ProviderApiManagerBase { try { - return ProviderApiConnector.canConnect(okHttpClient, baseUrl); + return ProviderApiConnector.canConnect(okHttpClient, providerUrl); } catch (UnknownHostException | SocketTimeoutException e) { setErrorResult(result, server_unreachable_message, null); diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderSetupBaseActivity.java b/app/src/main/java/se/leap/bitmaskclient/ProviderSetupBaseActivity.java index 2aa7de2a..3b8df0a8 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderSetupBaseActivity.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderSetupBaseActivity.java @@ -20,7 +20,6 @@ import android.content.Intent; import android.content.IntentFilter; import android.os.Bundle; import android.os.Handler; -import android.os.PersistableBundle; import android.support.annotation.Nullable; import android.support.v4.app.DialogFragment; import android.support.v4.app.FragmentTransaction; diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderSetupFailedDialog.java b/app/src/main/java/se/leap/bitmaskclient/ProviderSetupFailedDialog.java index 71b67df1..e2f3e173 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderSetupFailedDialog.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderSetupFailedDialog.java @@ -48,6 +48,9 @@ public class ProviderSetupFailedDialog extends DialogFragment { private Provider provider; + /** + * Represent error types that need different error handling actions + */ public enum DOWNLOAD_ERRORS { DEFAULT, ERROR_CORRUPTED_PROVIDER_JSON, @@ -103,42 +106,25 @@ public class ProviderSetupFailedDialog extends DialogFragment { public Dialog onCreateDialog(Bundle savedInstanceState) { AlertDialog.Builder builder = new AlertDialog.Builder(getActivity()); builder.setMessage(reasonToFail) - .setNegativeButton(R.string.cancel, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - interfaceWithConfigurationWizard.cancelSettingUpProvider(); - } - }); + .setNegativeButton(R.string.cancel, (dialog, id) + -> interfaceWithConfigurationWizard.cancelSettingUpProvider()); switch (downloadError) { case ERROR_CORRUPTED_PROVIDER_JSON: - builder.setPositiveButton(R.string.update_provider_details, new DialogInterface.OnClickListener() { - @Override - public void onClick(DialogInterface dialog, int which) { - interfaceWithConfigurationWizard.updateProviderDetails(); - } - }); + builder.setPositiveButton(R.string.update_provider_details, (dialog, which) + -> interfaceWithConfigurationWizard.updateProviderDetails()); break; case ERROR_CERTIFICATE_PINNING: case ERROR_INVALID_CERTIFICATE: - builder.setPositiveButton(R.string.update_certificate, new DialogInterface.OnClickListener() { - @Override - public void onClick(DialogInterface dialog, int which) { - interfaceWithConfigurationWizard.updateProviderDetails(); - } - }); + builder.setPositiveButton(R.string.update_certificate, (dialog, which) + -> interfaceWithConfigurationWizard.updateProviderDetails()); break; case ERROR_NEW_URL_NO_VPN_PROVIDER: - builder.setPositiveButton(R.string.retry, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - interfaceWithConfigurationWizard.addAndSelectNewProvider(provider.getMainUrlString()); - } - }); + builder.setPositiveButton(R.string.retry, (dialog, id) + -> interfaceWithConfigurationWizard.addAndSelectNewProvider(provider.getMainUrlString())); break; default: - builder.setPositiveButton(R.string.retry, new DialogInterface.OnClickListener() { - public void onClick(DialogInterface dialog, int id) { - interfaceWithConfigurationWizard.retrySetUpProvider(provider); - } - }); + builder.setPositiveButton(R.string.retry, (dialog, id) + -> interfaceWithConfigurationWizard.retrySetUpProvider(provider)); break; } diff --git a/app/src/normal/assets/riseup.net.json b/app/src/normal/assets/riseup.net.json index 82290ecd..fd8830a5 100644 --- a/app/src/normal/assets/riseup.net.json +++ b/app/src/normal/assets/riseup.net.json @@ -20,7 +20,7 @@ "allow_free": true, "allow_limited_bandwidth": false, "allow_paid": false, - "allow_registration": true, + "allow_registration": false, "allow_unlimited_bandwidth": true, "bandwidth_limit": 102400, "default_service_level": 1, diff --git a/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java b/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java index cdbe5f60..1372fc43 100644 --- a/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java +++ b/app/src/production/java/se/leap/bitmaskclient/ProviderApiManager.java @@ -43,6 +43,7 @@ import static se.leap.bitmaskclient.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ER import static se.leap.bitmaskclient.R.string.downloading_vpn_certificate_failed; import static se.leap.bitmaskclient.R.string.error_io_exception_user_message; import static se.leap.bitmaskclient.R.string.malformed_url; +import static se.leap.bitmaskclient.R.string.setup_error_text; import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_cert; import static se.leap.bitmaskclient.R.string.warning_corrupted_provider_details; @@ -95,15 +96,18 @@ public class ProviderApiManager extends ProviderApiManagerBase { resetProviderDetails(provider); } - if (!provider.hasDefinition()) { - currentDownload = getAndSetProviderJson(provider); - } + currentDownload = getAndSetProviderJson(provider); if (provider.hasDefinition() || (currentDownload.containsKey(BROADCAST_RESULT_KEY) && currentDownload.getBoolean(BROADCAST_RESULT_KEY))) { - if (!provider.hasCaCert()) + if (!provider.hasCaCert()) { currentDownload = downloadCACert(provider); + } if (provider.hasCaCert() || (currentDownload.containsKey(BROADCAST_RESULT_KEY) && currentDownload.getBoolean(BROADCAST_RESULT_KEY))) { currentDownload = getAndSetEipServiceJson(provider); } + + if (provider.hasEIP() && !provider.allowsRegistered() && !provider.allowsAnonymous()) { + setErrorResult(currentDownload, setup_error_text, null); + } } return currentDownload; diff --git a/app/src/sharedTest/java/se.leap.bitmaskclient/testutils/TestSetupHelper.java b/app/src/sharedTest/java/se.leap.bitmaskclient/testutils/TestSetupHelper.java index a9584238..8835b75d 100644 --- a/app/src/sharedTest/java/se.leap.bitmaskclient/testutils/TestSetupHelper.java +++ b/app/src/sharedTest/java/se.leap.bitmaskclient/testutils/TestSetupHelper.java @@ -17,8 +17,6 @@ package se.leap.bitmaskclient.testutils; -import junit.framework.Test; - import org.json.JSONException; import java.io.BufferedReader; diff --git a/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java b/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java index 7283968b..3070fc0b 100644 --- a/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java +++ b/app/src/test/java/se/leap/bitmaskclient/eip/ProviderApiManagerTest.java @@ -38,14 +38,13 @@ import java.io.IOException; import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateEncodingException; -import se.leap.bitmaskclient.testutils.MockHelper; -import se.leap.bitmaskclient.utils.ConfigHelper; import se.leap.bitmaskclient.Provider; import se.leap.bitmaskclient.ProviderAPI; import se.leap.bitmaskclient.ProviderApiConnector; import se.leap.bitmaskclient.ProviderApiManager; import se.leap.bitmaskclient.ProviderApiManagerBase; import se.leap.bitmaskclient.testutils.MockSharedPreferences; +import se.leap.bitmaskclient.utils.ConfigHelper; import se.leap.bitmaskclient.utils.PreferenceHelper; import static se.leap.bitmaskclient.Constants.BROADCAST_RESULT_KEY; @@ -53,6 +52,7 @@ import static se.leap.bitmaskclient.Constants.PROVIDER_KEY; import static se.leap.bitmaskclient.ProviderAPI.ERRORS; import static se.leap.bitmaskclient.ProviderAPI.PROVIDER_NOK; import static se.leap.bitmaskclient.ProviderAPI.PROVIDER_OK; +import static se.leap.bitmaskclient.testutils.BackendMockResponses.BackendMockProvider.TestBackendErrorCase.ERROR_CASE_MICONFIGURED_PROVIDER; import static se.leap.bitmaskclient.testutils.BackendMockResponses.BackendMockProvider.TestBackendErrorCase.ERROR_CASE_UPDATED_CERTIFICATE; import static se.leap.bitmaskclient.testutils.BackendMockResponses.BackendMockProvider.TestBackendErrorCase.NO_ERROR; import static se.leap.bitmaskclient.testutils.MockHelper.mockBundle; @@ -356,4 +356,51 @@ public class ProviderApiManagerTest { providerApiManager.handleIntent(providerApiCommand); } + + @Test + public void test_handleIntentSetupProvider_preseededProviderAndCA_failedConfiguration() throws IOException, CertificateEncodingException, NoSuchAlgorithmException, JSONException { + + Provider provider = getConfiguredProvider(); + + mockFingerprintForCertificate(" a5244308a1374709a9afce95e3ae47c1b44bc2398c0a70ccbf8b3a8a97f29494"); + mockProviderApiConnector(ERROR_CASE_MICONFIGURED_PROVIDER); + providerApiManager = new ProviderApiManager(mockPreferences, mockResources, mockClientGenerator(), new TestProviderApiServiceCallback()); + + Bundle expectedResult = mockBundle(); + expectedResult.putBoolean(BROADCAST_RESULT_KEY, false); + expectedResult.putString(ERRORS, "{\"errors\":\"There was an error configuring Bitmask with your chosen provider.\"}"); + expectedResult.putParcelable(PROVIDER_KEY, provider); + + + Intent providerApiCommand = mockIntent(); + + providerApiCommand.putExtra(PROVIDER_KEY, provider); + providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER); + providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_NOK, expectedResult)); + + providerApiManager.handleIntent(providerApiCommand); + } + + @Test + public void test_handleIntentSetupProvider_outdatedPreseededProviderAndCA_successfulConfiguration() throws IOException, CertificateEncodingException, NoSuchAlgorithmException, JSONException { + + Provider provider = getProvider(null, null, "riseup_net_outdated_config.json"); + + mockFingerprintForCertificate(" a5244308a1374709a9afce95e3ae47c1b44bc2398c0a70ccbf8b3a8a97f29494"); + mockProviderApiConnector(NO_ERROR); + providerApiManager = new ProviderApiManager(mockPreferences, mockResources, mockClientGenerator(), new TestProviderApiServiceCallback()); + + Bundle expectedResult = mockBundle(); + expectedResult.putBoolean(BROADCAST_RESULT_KEY, true); + expectedResult.putParcelable(PROVIDER_KEY, provider); + + + Intent providerApiCommand = mockIntent(); + + providerApiCommand.putExtra(PROVIDER_KEY, provider); + providerApiCommand.setAction(ProviderAPI.SET_UP_PROVIDER); + providerApiCommand.putExtra(ProviderAPI.RECEIVER_KEY, mockResultReceiver(PROVIDER_OK, expectedResult)); + + providerApiManager.handleIntent(providerApiCommand); + } } diff --git a/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/BackendMockProvider.java b/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/BackendMockProvider.java index 9069661f..307b61fc 100644 --- a/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/BackendMockProvider.java +++ b/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/BackendMockProvider.java @@ -30,6 +30,7 @@ public class BackendMockProvider { public enum TestBackendErrorCase { NO_ERROR, ERROR_CASE_UPDATED_CERTIFICATE, + ERROR_CASE_MICONFIGURED_PROVIDER, ERROR_NO_RESPONSE_BODY, // => NullPointerException ERROR_DNS_RESOLUTION_ERROR, // => UnkownHostException ERROR_SOCKET_TIMEOUT, // => SocketTimeoutException @@ -55,6 +56,9 @@ public class BackendMockProvider { case ERROR_CASE_UPDATED_CERTIFICATE: new UpdatedCertificateBackendResponse(); break; + case ERROR_CASE_MICONFIGURED_PROVIDER: + new MisconfiguredProviderBackendResponse(); + break; case ERROR_NO_RESPONSE_BODY: break; case ERROR_DNS_RESOLUTION_ERROR: diff --git a/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/MisconfiguredProviderBackendResponse.java b/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/MisconfiguredProviderBackendResponse.java new file mode 100644 index 00000000..4600e879 --- /dev/null +++ b/app/src/test/java/se/leap/bitmaskclient/testutils/BackendMockResponses/MisconfiguredProviderBackendResponse.java @@ -0,0 +1,89 @@ +/** + * Copyright (c) 2018 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +package se.leap.bitmaskclient.testutils.BackendMockResponses; + +import org.mockito.invocation.InvocationOnMock; +import org.mockito.stubbing.Answer; + +import java.io.IOException; + +import static se.leap.bitmaskclient.testutils.TestSetupHelper.getInputAsString; + +/** + * Created by cyberta on 10.01.18. + */ + +public class MisconfiguredProviderBackendResponse extends BaseBackendResponse { + public MisconfiguredProviderBackendResponse() throws IOException { + super(); + } + + @Override + public Answer getAnswerForRequestStringFromServer() { + return new Answer() { + @Override + public String answer(InvocationOnMock invocation) throws Throwable { + String url = (String) invocation.getArguments()[0]; + String requestMethod = (String) invocation.getArguments()[1]; + String jsonPayload = (String) invocation.getArguments()[2]; + + if (url.contains("/provider.json")) { + //download provider json + return getInputAsString(getClass().getClassLoader().getResourceAsStream("riseup_net_invalid_config.json")); + } else if (url.contains("/ca.crt")) { + //download provider ca cert + return getInputAsString(getClass().getClassLoader().getResourceAsStream("riseup.net.pem")); + } else if (url.contains("config/eip-service.json")) { + // download provider service json containing gateways, locations and openvpn settings + return getInputAsString(getClass().getClassLoader().getResourceAsStream("riseup.service.json")); + } else if (url.contains("/users.json")) { + //create new user + //TODO: implement me + } else if (url.contains("/sessions.json")) { + //srp auth: sendAToSRPServer + //TODO: implement me + } else if (url.contains("/sessions/parmegvtest10.json")){ + //srp auth: sendM1ToSRPServer + //TODO: implement me + } + + return null; + } + }; + } + + @Override + public Answer getAnswerForCanConnect() { + return new Answer() { + @Override + public Boolean answer(InvocationOnMock invocation) throws Throwable { + return true; + } + }; + } + + @Override + public Answer getAnswerForDelete() { + return new Answer() { + @Override + public Boolean answer(InvocationOnMock invocation) throws Throwable { + return true; + } + }; + } + +} diff --git a/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java b/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java index d68296a8..c765ab1b 100644 --- a/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java +++ b/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java @@ -451,6 +451,8 @@ public class MockHelper { thenReturn(errorMessages.getString("warning_corrupted_provider_cert")); when(mockedResources.getString(R.string.warning_expired_provider_cert)). thenReturn(errorMessages.getString("warning_expired_provider_cert")); + when(mockedResources.getString(R.string.setup_error_text)). + thenReturn(errorMessages.getString("setup_error_text")); return mockedResources; } } diff --git a/app/src/test/java/se/leap/bitmaskclient/testutils/matchers/BundleMatcher.java b/app/src/test/java/se/leap/bitmaskclient/testutils/matchers/BundleMatcher.java index d2d2a102..49a44038 100644 --- a/app/src/test/java/se/leap/bitmaskclient/testutils/matchers/BundleMatcher.java +++ b/app/src/test/java/se/leap/bitmaskclient/testutils/matchers/BundleMatcher.java @@ -73,7 +73,7 @@ public class BundleMatcher extends BaseMatcher { if (unfoundExpectedInteger.get(key) == null) { description.appendText("\n unfound Integer in actual Bundle: ").appendValue(iterator.next()); } else { - description.appendText("\n expected Integer for key " + key).appendValue(expectedIntegers.get(key)). + description.appendText("\n expected Integer for key " + key + ": ").appendValue(expectedIntegers.get(key)). appendText("\n found Integer was: ").appendValue(unfoundExpectedInteger.get(key)); } } @@ -85,7 +85,7 @@ public class BundleMatcher extends BaseMatcher { if (unfoundExpectedBoolean.get(key) == null) { description.appendText("\n unfound Boolean in actual Bundle: ").appendValue(iterator.next()); } else { - description.appendText("\n expected Boolean for key " + key).appendValue(expectedBooleans.get(key)). + description.appendText("\n expected Boolean for key " + key + ": ").appendValue(expectedBooleans.get(key)). appendText("\n found Boolean was: ").appendValue(unfoundExpectedBoolean.get(key)); } } @@ -97,7 +97,7 @@ public class BundleMatcher extends BaseMatcher { if (unfoundExpectedString.get(key) == null) { description.appendText("\n unfound String in actual Bundle: ").appendValue(iterator.next()); } else { - description.appendText("\n expected String for key " + key).appendValue(expectedStrings.get(key)). + description.appendText("\n expected String for key " + key + ": ").appendValue(expectedStrings.get(key)). appendText("\n found String was: ").appendValue(unfoundExpectedString.get(key)); } } @@ -109,7 +109,7 @@ public class BundleMatcher extends BaseMatcher { if (unfoundExpectedParcelable.get(key) == null) { description.appendText("\n unfound Parcelable in actual Bundle: ").appendValue(iterator.next()); } else { - description.appendText("\n expected Parcelable or key " + key).appendValue(expectedParcelables.get(key)). + description.appendText("\n expected Parcelable or key " + key + ": ").appendValue(expectedParcelables.get(key)). appendText("\n found Parcelable was: ").appendValue(unfoundExpectedParcelable.get(key)); } } @@ -139,8 +139,7 @@ public class BundleMatcher extends BaseMatcher { Set booleanKeys = expectedBooleans.keySet(); for (String key : booleanKeys) { Object valueObject = actualBundle.get(key); - if (valueObject == null || - !(valueObject instanceof Boolean) || + if (!(valueObject instanceof Boolean) || valueObject != expectedBooleans.get(key)) { unfoundExpectedBoolean.put(key, (Boolean) valueObject); return false; @@ -153,8 +152,7 @@ public class BundleMatcher extends BaseMatcher { Set stringKeys = expectedStrings.keySet(); for (String key : stringKeys) { Object valueObject = actualBundle.get(key); - if (valueObject == null || - !(valueObject instanceof String) || + if (!(valueObject instanceof String) || !valueObject.equals(expectedStrings.get(key))) { unfoundExpectedString.put(key, (String) valueObject); return false; @@ -167,8 +165,7 @@ public class BundleMatcher extends BaseMatcher { Set stringKeys = expectedIntegers.keySet(); for (String key : stringKeys) { Object valueObject = actualBundle.get(key); - if (valueObject == null || - !(valueObject instanceof Integer) || + if (!(valueObject instanceof Integer) || ((Integer) valueObject).compareTo(expectedIntegers.get(key)) != 0) { unfoundExpectedInteger.put(key, (Integer) valueObject); return false; @@ -181,8 +178,7 @@ public class BundleMatcher extends BaseMatcher { Set stringKeys = expectedParcelables.keySet(); for (String key : stringKeys) { Object valueObject = actualBundle.get(key); - if (valueObject == null || - !(valueObject instanceof Parcelable) || + if (!(valueObject instanceof Parcelable) || !valueObject.equals(expectedParcelables.get(key))) { unfoundExpectedParcelable.put(key, (Parcelable) valueObject); return false; diff --git a/app/src/test/resources/error_messages.json b/app/src/test/resources/error_messages.json index 4d72b074..8430d9e0 100644 --- a/app/src/test/resources/error_messages.json +++ b/app/src/test/resources/error_messages.json @@ -1,16 +1,17 @@ { "server_unreachable_message": "Server is unreachable, please try again.", -"error.security.pinnedcertificate": "Security error, update the app or choose another provider.", -"malformed_url": "It doesn't seem to be a Bitmask provider.", -"certificate_error": "This is not a trusted Bitmask provider.", -"error_srp_math_error_user_message": "Try again: server math error.", -"error_bad_user_password_user_message": "Incorrect username or password.", -"error_not_valid_password_user_message": "It should have at least 8 characters.", -"error_client_http_user_message": "Try again: Client HTTP error", -"error_io_exception_user_message": "Try again: I/O error", -"error_json_exception_user_message": "Try again: Bad response from the server", -"error_no_such_algorithm_exception_user_message": "Encryption algorithm not found. Please update your OS!", -"warning_corrupted_provider_details": "Stored provider details are corrupted. You can either update Bitmask (recommended) or update the provider details using a commercial CA certificate.", -"warning_corrupted_provider_cert": "Stored provider certificate is invalid. You can either update Bitmask (recommended) or update the provider certificate using a commercial CA certificate.", -"warning_expired_provider_cert": "Stored provider certificate is expired. You can either update Bitmask (recommended) or update the provider certificate using a commercial CA certificate." + "error.security.pinnedcertificate": "Security error, update the app or choose another provider.", + "malformed_url": "It doesn't seem to be a Bitmask provider.", + "certificate_error": "This is not a trusted Bitmask provider.", + "error_srp_math_error_user_message": "Try again: server math error.", + "error_bad_user_password_user_message": "Incorrect username or password.", + "error_not_valid_password_user_message": "It should have at least 8 characters.", + "error_client_http_user_message": "Try again: Client HTTP error", + "error_io_exception_user_message": "Try again: I/O error", + "error_json_exception_user_message": "Try again: Bad response from the server", + "error_no_such_algorithm_exception_user_message": "Encryption algorithm not found. Please update your OS!", + "warning_corrupted_provider_details": "Stored provider details are corrupted. You can either update Bitmask (recommended) or update the provider details using a commercial CA certificate.", + "warning_corrupted_provider_cert": "Stored provider certificate is invalid. You can either update Bitmask (recommended) or update the provider certificate using a commercial CA certificate.", + "warning_expired_provider_cert": "Stored provider certificate is expired. You can either update Bitmask (recommended) or update the provider certificate using a commercial CA certificate.", + "setup_error_text": "There was an error configuring Bitmask with your chosen provider." } \ No newline at end of file diff --git a/app/src/test/resources/riseup_net_invalid_config.json b/app/src/test/resources/riseup_net_invalid_config.json new file mode 100644 index 00000000..b91b4d51 --- /dev/null +++ b/app/src/test/resources/riseup_net_invalid_config.json @@ -0,0 +1,37 @@ +{ + "api_uri": "https://api.black.riseup.net:443", + "api_version": "1", + "ca_cert_fingerprint": "SHA256: a5244308a1374709a9afce95e3ae47c1b44bc2398c0a70ccbf8b3a8a97f29494", + "ca_cert_uri": "https://black.riseup.net/ca.crt", + "default_language": "en", + "description": { + "en": "Riseup is a non-profit collective in Seattle that provides online communication tools for people and groups working toward liberatory social change." + }, + "domain": "riseup.net", + "enrollment_policy": "open", + "languages": [ + "en" + ], + "name": { + "en": "Riseup Networks" + }, + "service": { + "allow_anonymous": false, + "allow_free": true, + "allow_limited_bandwidth": false, + "allow_paid": false, + "allow_registration": false, + "allow_unlimited_bandwidth": true, + "bandwidth_limit": 102400, + "default_service_level": 1, + "levels": { + "1": { + "description": "Please donate.", + "name": "free" + } + } + }, + "services": [ + "openvpn" + ] +} \ No newline at end of file diff --git a/app/src/test/resources/riseup_net_outdated_config.json b/app/src/test/resources/riseup_net_outdated_config.json new file mode 100644 index 00000000..82290ecd --- /dev/null +++ b/app/src/test/resources/riseup_net_outdated_config.json @@ -0,0 +1,37 @@ +{ + "api_uri": "https://api.black.riseup.net:443", + "api_version": "1", + "ca_cert_fingerprint": "SHA256: a5244308a1374709a9afce95e3ae47c1b44bc2398c0a70ccbf8b3a8a97f29494", + "ca_cert_uri": "https://black.riseup.net/ca.crt", + "default_language": "en", + "description": { + "en": "Riseup is a non-profit collective in Seattle that provides online communication tools for people and groups working toward liberatory social change." + }, + "domain": "riseup.net", + "enrollment_policy": "open", + "languages": [ + "en" + ], + "name": { + "en": "Riseup Networks" + }, + "service": { + "allow_anonymous": true, + "allow_free": true, + "allow_limited_bandwidth": false, + "allow_paid": false, + "allow_registration": true, + "allow_unlimited_bandwidth": true, + "bandwidth_limit": 102400, + "default_service_level": 1, + "levels": { + "1": { + "description": "Please donate.", + "name": "free" + } + } + }, + "services": [ + "openvpn" + ] +} \ No newline at end of file -- cgit v1.2.3