use of com.nextcloud.talk.utils.ssl.MagicTrustManager in project talk-android by nextcloud.
the class MainActivity method showCertificateDialog.
public void showCertificateDialog(X509Certificate cert, MagicTrustManager magicTrustManager, @Nullable SslErrorHandler sslErrorHandler) {
DateFormat formatter = DateFormat.getDateInstance(DateFormat.LONG);
String validFrom = formatter.format(cert.getNotBefore());
String validUntil = formatter.format(cert.getNotAfter());
String issuedBy = cert.getIssuerDN().toString();
String issuedFor;
try {
if (cert.getSubjectAlternativeNames() != null) {
StringBuilder stringBuilder = new StringBuilder();
for (Object o : cert.getSubjectAlternativeNames()) {
List list = (List) o;
int type = (Integer) list.get(0);
if (type == 2) {
String name = (String) list.get(1);
stringBuilder.append("[").append(type).append("]").append(name).append(" ");
}
}
issuedFor = stringBuilder.toString();
} else {
issuedFor = cert.getSubjectDN().getName();
}
@SuppressLint("StringFormatMatches") String dialogText = String.format(getResources().getString(R.string.nc_certificate_dialog_text), issuedBy, issuedFor, validFrom, validUntil);
new LovelyStandardDialog(this).setTopColorRes(R.color.nc_darkRed).setNegativeButtonColorRes(R.color.nc_darkRed).setPositiveButtonColorRes(R.color.colorPrimaryDark).setIcon(R.drawable.ic_security_white_24dp).setTitle(R.string.nc_certificate_dialog_title).setMessage(dialogText).setPositiveButton(R.string.nc_yes, v -> {
magicTrustManager.addCertInTrustStore(cert);
if (sslErrorHandler != null) {
sslErrorHandler.proceed();
}
}).setNegativeButton(R.string.nc_no, view1 -> {
if (sslErrorHandler != null) {
sslErrorHandler.cancel();
}
}).show();
} catch (CertificateParsingException e) {
Log.d(TAG, "Failed to parse the certificate");
}
}
use of com.nextcloud.talk.utils.ssl.MagicTrustManager in project talk-android by nextcloud.
the class WebViewLoginController method onViewBound.
@Override
protected void onViewBound(@NonNull View view) {
super.onViewBound(view);
NextcloudTalkApplication.getSharedApplication().getComponentApplication().inject(this);
if (getActivity() != null) {
getActivity().setRequestedOrientation(ActivityInfo.SCREEN_ORIENTATION_PORTRAIT);
}
if (getActionBar() != null) {
getActionBar().hide();
}
assembledPrefix = getResources().getString(R.string.nc_talk_login_scheme) + PROTOCOL_SUFFIX + "login/";
webView.getSettings().setAllowFileAccess(false);
webView.getSettings().setAllowFileAccessFromFileURLs(false);
webView.getSettings().setJavaScriptEnabled(true);
webView.getSettings().setJavaScriptCanOpenWindowsAutomatically(false);
webView.getSettings().setDomStorageEnabled(true);
webView.getSettings().setUserAgentString(getWebLoginUserAgent());
webView.getSettings().setSaveFormData(false);
webView.getSettings().setSavePassword(false);
webView.getSettings().setRenderPriority(WebSettings.RenderPriority.HIGH);
webView.clearCache(true);
webView.clearFormData();
webView.clearHistory();
CookieSyncManager.createInstance(getActivity());
android.webkit.CookieManager.getInstance().removeAllCookies(null);
Map<String, String> headers = new HashMap<>();
headers.put("OCS-APIRequest", "true");
webView.setWebViewClient(new WebViewClient() {
private boolean basePageLoaded;
@Override
public boolean shouldOverrideUrlLoading(WebView view, String url) {
if (url.startsWith(assembledPrefix)) {
parseAndLoginFromWebView(url);
return true;
}
return false;
}
@Override
public void onPageFinished(WebView view, String url) {
loginStep++;
if (!basePageLoaded) {
if (progressBar != null) {
progressBar.setVisibility(View.GONE);
}
if (webView != null) {
webView.setVisibility(View.VISIBLE);
}
basePageLoaded = true;
}
if (!TextUtils.isEmpty(username) && !TextUtils.isEmpty(password)) {
if (loginStep == 1) {
webView.loadUrl("javascript: {document.getElementsByClassName('login')[0].click(); };");
} else if (!automatedLoginAttempted) {
automatedLoginAttempted = true;
webView.loadUrl("javascript: {" + "document.getElementById('user').value = '" + username + "';" + "document.getElementById('password').value = '" + password + "';" + "document.getElementById('submit').click(); };");
}
}
super.onPageFinished(view, url);
}
@Override
public void onReceivedClientCertRequest(WebView view, ClientCertRequest request) {
String host = null;
try {
URL url = new URL(webView.getUrl());
host = url.getHost();
} catch (MalformedURLException e) {
Log.d(TAG, "Failed to create url");
}
KeyChain.choosePrivateKeyAlias(getActivity(), alias -> {
try {
if (alias != null) {
PrivateKey privateKey = KeyChain.getPrivateKey(getActivity(), alias);
X509Certificate[] certificates = KeyChain.getCertificateChain(getActivity(), alias);
request.proceed(privateKey, certificates);
} else {
request.cancel();
}
} catch (KeyChainException e) {
Log.e(TAG, "Failed to get keys via keychain exception");
request.cancel();
} catch (InterruptedException e) {
Log.e(TAG, "Failed to get keys due to interruption");
request.cancel();
}
}, new String[] { "RSA" }, null, host, -1, null);
}
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
try {
SslCertificate sslCertificate = error.getCertificate();
Field f = sslCertificate.getClass().getDeclaredField("mX509Certificate");
f.setAccessible(true);
X509Certificate cert = (X509Certificate) f.get(sslCertificate);
if (cert == null) {
handler.cancel();
} else {
try {
magicTrustManager.checkServerTrusted(new X509Certificate[] { cert }, "generic");
handler.proceed();
} catch (CertificateException exception) {
eventBus.post(new CertificateEvent(cert, magicTrustManager, handler));
}
}
} catch (Exception exception) {
handler.cancel();
}
}
@Override
public void onReceivedError(WebView view, int errorCode, String description, String failingUrl) {
super.onReceivedError(view, errorCode, description, failingUrl);
}
});
webView.loadUrl(baseUrl + "/index.php/login/flow", headers);
}
Aggregations