[taler-taler-android] 01/04: [cashier] check authentication credentials

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-taler-android] 01/04: [cashier] check authentication credentials

From:	gnunet
Subject:	[taler-taler-android] 01/04: [cashier] check authentication credentials against auth endpoint
Date:	Tue, 01 Sep 2020 16:29:04 +0200

This is an automated email from the git hooks/post-receive script.

torsten-grote pushed a commit to branch master
in repository taler-android.

commit a0b0ee2b13b72d1ec6a489150c717c8bfa863158
Author: Torsten Grote <t@grobox.de>
AuthorDate: Tue Sep 1 09:49:05 2020 -0300

    [cashier] check authentication credentials against auth endpoint
    
    before accepting config
    
    This was an unannounced change at the server which removed auth from the
    /config endpoint.
---
 .../src/main/java/net/taler/cashier/Response.kt    |  2 +-
 .../java/net/taler/cashier/config/ConfigManager.kt | 37 +++++++++++++++-------
 2 files changed, 26 insertions(+), 13 deletions(-)

diff --git a/cashier/src/main/java/net/taler/cashier/Response.kt 
b/cashier/src/main/java/net/taler/cashier/Response.kt
index 0ad39d0..c5b1c32 100644
--- a/cashier/src/main/java/net/taler/cashier/Response.kt
+++ b/cashier/src/main/java/net/taler/cashier/Response.kt
@@ -55,7 +55,7 @@ class Response<out T> private constructor(
         }
     }
 
-    private val isFailure: Boolean get() = value is Failure
+    val isFailure: Boolean get() = value is Failure
 
     suspend fun onSuccess(block: suspend (result: T) -> Unit): Response<T> {
         @Suppress("UNCHECKED_CAST")
diff --git a/cashier/src/main/java/net/taler/cashier/config/ConfigManager.kt 
b/cashier/src/main/java/net/taler/cashier/config/ConfigManager.kt
index a18073d..f83c7ba 100644
--- a/cashier/src/main/java/net/taler/cashier/config/ConfigManager.kt
+++ b/cashier/src/main/java/net/taler/cashier/config/ConfigManager.kt
@@ -24,7 +24,10 @@ import androidx.annotation.WorkerThread
 import androidx.lifecycle.LiveData
 import androidx.lifecycle.MutableLiveData
 import androidx.security.crypto.EncryptedSharedPreferences
+import 
androidx.security.crypto.EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV
+import 
androidx.security.crypto.EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
 import androidx.security.crypto.MasterKeys
+import androidx.security.crypto.MasterKeys.AES256_GCM_SPEC
 import io.ktor.client.HttpClient
 import io.ktor.client.request.get
 import io.ktor.client.request.header
@@ -56,11 +59,9 @@ class ConfigManager(
 
     val configDestination = 
ConfigFragmentDirections.actionGlobalConfigFragment()
 
-    private val masterKeyAlias = 
MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC)
+    private val masterKeyAlias = MasterKeys.getOrCreate(AES256_GCM_SPEC)
     private val prefs = EncryptedSharedPreferences.create(
-        PREF_NAME, masterKeyAlias, app,
-        EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
-        EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
+        PREF_NAME, masterKeyAlias, app, AES256_SIV, AES256_GCM
     )
 
     internal var config = Config(
@@ -111,17 +112,29 @@ class ConfigManager(
         }
     }
 
-    private suspend fun checkConfig(config: Config): Response<ConfigResponse> =
-        withContext(Dispatchers.IO) {
-            val url = "${config.bankUrl}/config"
-            Log.d(TAG, "Checking config: $url")
-            response {
-                httpClient.get(url) {
-                    // TODO why does that not fail already?
+    private suspend fun checkConfig(config: Config) = 
withContext(Dispatchers.IO) {
+        val url = "${config.bankUrl}/config"
+        Log.d(TAG, "Checking config: $url")
+        val configResponse = response {
+            httpClient.get(url) as ConfigResponse
+        }
+        if (configResponse.isFailure) {
+            configResponse
+        } else {
+            // we need to check an endpoint that requires authentication as 
well
+            // to see if the credentials are valid
+            val balanceResponse = response {
+                val authUrl = 
"${config.bankUrl}/accounts/${config.username}/balance"
+                Log.d(TAG, "Checking auth: $authUrl")
+                httpClient.get<Unit>(authUrl) {
                     header(Authorization, config.basicAuth)
-                } as ConfigResponse
+                }
             }
+            @Suppress("UNCHECKED_CAST")  // The type doesn't matter for 
failures
+            if (balanceResponse.isFailure) balanceResponse as 
Response<ConfigResponse>
+            else configResponse
         }
+    }
 
     @WorkerThread
     @SuppressLint("ApplySharedPref")

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-taler-android] branch master updated (e71c580 -> accae1d), gnunet, 2020/09/01
- [taler-taler-android] 04/04: [wallet] show fullfillment message on payment details screen, gnunet, 2020/09/01
- [taler-taler-android] 01/04: [cashier] check authentication credentials against auth endpoint, gnunet <=
- [taler-taler-android] 03/04: [wallet] support the new TalerErrorInfo error format, gnunet, 2020/09/01
- [taler-taler-android] 02/04: [wallet] don't crash on serialization errors from wallet-core, gnunet, 2020/09/01

Prev by Date: [taler-taler-android] 04/04: [wallet] show fullfillment message on payment details screen
Next by Date: [taler-taler-android] 03/04: [wallet] support the new TalerErrorInfo error format
Previous by thread: [taler-taler-android] 04/04: [wallet] show fullfillment message on payment details screen
Next by thread: [taler-taler-android] 03/04: [wallet] support the new TalerErrorInfo error format
Index(es):
- Date
- Thread