From ddba20593b8e1d59dc12001107d5247368b089e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Parm=C3=A9nides=20GV?= Date: Wed, 31 Jul 2013 11:28:36 +0200 Subject: Commented all manual cookie management. I send session_id cookie in the request for 1/cert, getting it from LeapHttpClient directly. --- src/se/leap/leapclient/ConfigHelper.java | 2 +- src/se/leap/leapclient/Dashboard.java | 10 +++++----- src/se/leap/leapclient/ProviderAPI.java | 32 +++++++++++++++++++++----------- 3 files changed, 27 insertions(+), 17 deletions(-) (limited to 'src') diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java index fd7e527f..c88348f1 100644 --- a/src/se/leap/leapclient/ConfigHelper.java +++ b/src/se/leap/leapclient/ConfigHelper.java @@ -79,7 +79,7 @@ public class ConfigHelper { ANON_CERTIFICATE = "anon_certificate", AUTHED_CERTIFICATE = "authed_certificate", SALT_KEY = "salt", - SESSION_ID_COOKIE_KEY = "session_id_cookie_key", + SESSION_ID_COOKIE_KEY = "_session_id", SESSION_ID_KEY = "session_id", PREFERENCES_KEY = "LEAPPreferences", USER_DIRECTORY = "leap_android", diff --git a/src/se/leap/leapclient/Dashboard.java b/src/se/leap/leapclient/Dashboard.java index bb4331d5..2f1418e8 100644 --- a/src/se/leap/leapclient/Dashboard.java +++ b/src/se/leap/leapclient/Dashboard.java @@ -291,7 +291,7 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf * Asks ProviderAPI to download an authenticated OpenVPN certificate. * @param session_id cookie for the server to allow us to download the certificate. */ - private void downloadAuthedUserCertificate(Cookie session_id) { + private void downloadAuthedUserCertificate(/*Cookie session_id*/) { providerAPI_result_receiver = new ProviderAPIResultReceiver(new Handler()); providerAPI_result_receiver.setReceiver(this); @@ -299,8 +299,8 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf Bundle parameters = new Bundle(); parameters.putString(ConfigHelper.TYPE_OF_CERTIFICATE, ConfigHelper.AUTHED_CERTIFICATE); - parameters.putString(ConfigHelper.SESSION_ID_COOKIE_KEY, session_id.getName()); - parameters.putString(ConfigHelper.SESSION_ID_KEY, session_id.getValue()); + /*parameters.putString(ConfigHelper.SESSION_ID_COOKIE_KEY, session_id.getName()); + parameters.putString(ConfigHelper.SESSION_ID_KEY, session_id.getValue());*/ provider_API_command.setAction(ProviderAPI.DOWNLOAD_CERTIFICATE); provider_API_command.putExtra(ProviderAPI.PARAMETERS, parameters); @@ -318,8 +318,8 @@ public class Dashboard extends Activity implements LogInDialog.LogInDialogInterf authed = true; invalidateOptionsMenu(); - Cookie session_id = new BasicClientCookie(session_id_cookie_key, session_id_string); - downloadAuthedUserCertificate(session_id); + //Cookie session_id = new BasicClientCookie(session_id_cookie_key, session_id_string); + downloadAuthedUserCertificate(/*session_id*/); } else if(resultCode == ConfigHelper.SRP_AUTHENTICATION_FAILED) { mProgressDialog.dismiss(); logInDialog(getCurrentFocus(), resultData); diff --git a/src/se/leap/leapclient/ProviderAPI.java b/src/se/leap/leapclient/ProviderAPI.java index db374b49..a81cc788 100644 --- a/src/se/leap/leapclient/ProviderAPI.java +++ b/src/se/leap/leapclient/ProviderAPI.java @@ -36,6 +36,7 @@ import java.security.SecureRandom; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.security.interfaces.RSAPrivateKey; +import java.util.List; import java.util.Scanner; import javax.net.ssl.HostnameVerifier; @@ -220,8 +221,8 @@ public class ProviderAPI extends IntentService { JSONObject session_idAndM2 = sendM1ToSRPServer(authentication_server, username, M1); if(session_idAndM2.has("M2") && client.verify((byte[])session_idAndM2.get("M2"))) { session_id_bundle.putBoolean(ConfigHelper.RESULT_KEY, true); - session_id_bundle.putString(ConfigHelper.SESSION_ID_KEY, session_idAndM2.getString(ConfigHelper.SESSION_ID_KEY)); - session_id_bundle.putString(ConfigHelper.SESSION_ID_COOKIE_KEY, session_idAndM2.getString(ConfigHelper.SESSION_ID_COOKIE_KEY)); + //session_id_bundle.putString(ConfigHelper.SESSION_ID_KEY, session_idAndM2.getString(ConfigHelper.SESSION_ID_KEY)); + //session_id_bundle.putString(ConfigHelper.SESSION_ID_COOKIE_KEY, session_idAndM2.getString(ConfigHelper.SESSION_ID_COOKIE_KEY)); } else { session_id_bundle.putBoolean(ConfigHelper.RESULT_KEY, false); session_id_bundle.putString(getResources().getString(R.string.user_message), getResources().getString(R.string.error_bad_user_password_user_message)); @@ -299,9 +300,9 @@ public class ProviderAPI extends IntentService { JSONObject session_idAndM2 = new JSONObject(); if(json_response.length() > 0) { byte[] M2_not_trimmed = new BigInteger(json_response.getString(ConfigHelper.M2_KEY), 16).toByteArray(); - Cookie session_id_cookie = LeapHttpClient.getInstance(getApplicationContext()).getCookieStore().getCookies().get(0); + /*Cookie session_id_cookie = LeapHttpClient.getInstance(getApplicationContext()).getCookieStore().getCookies().get(0); session_idAndM2.put(ConfigHelper.SESSION_ID_COOKIE_KEY, session_id_cookie.getName()); - session_idAndM2.put(ConfigHelper.SESSION_ID_KEY, session_id_cookie.getValue()); + session_idAndM2.put(ConfigHelper.SESSION_ID_KEY, session_id_cookie.getValue());*/ session_idAndM2.put(ConfigHelper.M2_KEY, ConfigHelper.trim(M2_not_trimmed)); } return session_idAndM2; @@ -317,10 +318,10 @@ public class ProviderAPI extends IntentService { */ private JSONObject sendToServer(HttpUriRequest request) throws ClientProtocolException, IOException, JSONException { DefaultHttpClient client = LeapHttpClient.getInstance(getApplicationContext()); - HttpContext localContext = new BasicHttpContext(); - localContext.setAttribute(ClientContext.COOKIE_STORE, client.getCookieStore()); + /*HttpContext localContext = new BasicHttpContext(); + localContext.setAttribute(ClientContext.COOKIE_STORE, client.getCookieStore());*/ - HttpResponse getResponse = client.execute(request, localContext); + HttpResponse getResponse = client.execute(request/*, localContext*/); HttpEntity responseEntity = getResponse.getEntity(); String plain_response = new Scanner(responseEntity.getContent()).useDelimiter("\\A").next(); JSONObject json_response = new JSONObject(plain_response); @@ -609,12 +610,21 @@ public class ProviderAPI extends IntentService { URL provider_main_url = new URL(provider_json.getString(ConfigHelper.API_URL_KEY)); String new_cert_string_url = provider_main_url.toString() + "/" + provider_json.getString(ConfigHelper.API_VERSION_KEY) + "/" + ConfigHelper.CERT_KEY; + Cookie cookie = null; if(type_of_certificate.equalsIgnoreCase(ConfigHelper.AUTHED_CERTIFICATE)) { - HttpCookie session_id_cookie = new HttpCookie(task.getString(ConfigHelper.SESSION_ID_COOKIE_KEY), task.getString(ConfigHelper.SESSION_ID_KEY)); + List list_cookies = LeapHttpClient.getInstance(getApplicationContext()).getCookieStore().getCookies(); + for(Cookie aux_cookie : list_cookies) { + if(aux_cookie.getName().equalsIgnoreCase(ConfigHelper.SESSION_ID_COOKIE_KEY)) { + cookie = aux_cookie; + break; + } + } + //HttpCookie session_id_cookie = new HttpCookie(task.getString(ConfigHelper.SESSION_ID_COOKIE_KEY), task.getString(ConfigHelper.SESSION_ID_KEY)); + /*HttpCookie session_id_cookie = new HttpCookie(cookie.getName(), cookie.getValue()); CookieManager cookieManager = new CookieManager(); cookieManager.getCookieStore().add(provider_main_url.toURI(), session_id_cookie); - CookieHandler.setDefault(cookieManager); + CookieHandler.setDefault(cookieManager);*/ } boolean danger_on = ConfigHelper.getBoolFromSharedPref(ConfigHelper.DANGER_ON); @@ -657,10 +667,10 @@ public class ProviderAPI extends IntentService { // TODO Auto-generated catch block e.printStackTrace(); return false; - } catch (URISyntaxException e) { + } /*catch (URISyntaxException e) { // TODO Auto-generated catch block e.printStackTrace(); return false; - } + }*/ } } -- cgit v1.2.3