peter/micropub-android
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove the verification step from the auth flow, as it's not needed

Browse Source 
The verification step is part of section 5 of the Indieauth spec, which
deals with identification and not authorization. Micropub clients don't
need it, and don't have to implement it.
This commit is contained in:
Peter Stuifzand 2018-04-23 20:38:17 +02:00
parent 86ffb8939b
commit 872a409046
7 changed files with 17 additions and 276 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
app/src/main/java/eu/stuifzand/micropub/auth/AccountsActivity.java
View File

@ -1,15 +0,0 @@
package eu.stuifzand.micropub.auth;
import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import eu.stuifzand.micropub.R;
public class AccountsActivity extends AppCompatActivity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_account);
}
}

46
app/src/main/java/eu/stuifzand/micropub/auth/AuthenticatedActivity.java
View File

@ -1,46 +0,0 @@
package eu.stuifzand.micropub.auth;
import android.content.Intent;
import android.os.Bundle;
import android.support.v7.app.AppCompatActivity;
import android.support.v7.widget.Toolbar;
import android.widget.TextView;
import eu.stuifzand.micropub.R;
import okhttp3.HttpUrl;
public class AuthenticatedActivity extends AppCompatActivity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_authenticated);
Toolbar toolbar = (Toolbar) findViewById(R.id.toolbar);
setSupportActionBar(toolbar);
Intent intent = getIntent();
String urlString = intent.getStringExtra("url");
String endpoint = intent.getStringExtra("authorization_endpoint");
String me = intent.getStringExtra(WebsigninTask.ME);
TextView textResult = findViewById(R.id.textResult);
HttpUrl url = HttpUrl.parse(urlString);
String code = url.queryParameter("code");
String state = url.queryParameter("state");
// new VerifyAuthenticationTask(this).execute(endpoint, me, code);
// FloatingActionButton fab = (FloatingActionButton) findViewById(R.id.fab);
// fab.setOnClickListener(new View.OnClickListener() {
// @Override
// public void onClick(View view) {
// Snackbar.make(view, "Replace with your own action", Snackbar.LENGTH_LONG)
// .setAction("Action", null).show();
// }
// });
// getSupportActionBar().setDisplayHomeAsUpEnabled(true);
}
}

27
app/src/main/java/eu/stuifzand/micropub/auth/AuthenticationActivity.java
View File

@ -88,17 +88,24 @@ public class AuthenticationActivity extends AccountAuthenticatorActivity {
Log.i("micropub", intent.toString()); Log.i("micropub", intent.toString());
Uri uri = intent.getData(); Uri uri = intent.getData();
String code = uri.getQueryParameter("code"); String code = uri.getQueryParameter("code");
String state = uri.getQueryParameter("state"); //String state = uri.getQueryParameter("state"); // @TODO: check/use state
Bundle response = bundle; Bundle response = bundle;
new VerifyAuthenticationTask(
response.getParcelable(AccountManager.KEY_ACCOUNT_AUTHENTICATOR_RESPONSE), String me = response.getString(WebsigninTask.ME);
AuthenticationActivity.this
).execute( Bundle bundle = new Bundle();
response.getString("authorization_endpoint"), bundle.putString(AccountManager.KEY_ACCOUNT_TYPE, "Indieauth");
response.getString(WebsigninTask.ME), bundle.putString(AccountManager.KEY_ACCOUNT_NAME, me);
code bundle.putString(AuthenticationActivity.PARAM_USER_PASS, code);
);
return; Intent loginIntent = new Intent();
loginIntent.putExtras(bundle);
finishLogin(loginIntent);
AccountAuthenticatorResponse r = response.getParcelable(AccountManager.KEY_ACCOUNT_AUTHENTICATOR_RESPONSE);
if (r != null) {
r.onResult(bundle);
}
} }
} }

139
app/src/main/java/eu/stuifzand/micropub/auth/VerifyAuthenticationTask.java
View File

@ -1,139 +0,0 @@
package eu.stuifzand.micropub.auth;
import android.accounts.AccountAuthenticatorResponse;
import android.accounts.AccountManager;
import android.content.Intent;
import android.os.AsyncTask;
import android.os.Bundle;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParseException;
import com.google.gson.JsonParser;
import java.io.IOException;
import java.util.concurrent.TimeUnit;
import okhttp3.Call;
import okhttp3.FormBody;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;
import okhttp3.logging.HttpLoggingInterceptor;
public class VerifyAuthenticationTask extends AsyncTask<String, Void, VerifyAuthenticationTask.AuthenticationResult> {
private final AccountAuthenticatorResponse response;
private final AuthenticationActivity activity;
public class AuthenticationResult {
private boolean success;
private String errorMessage;
public String me;
public String code;
public AuthenticationResult(String errorMessage) {
this.success = false;
this.errorMessage = errorMessage;
}
public AuthenticationResult(String me, String code) {
this.success = true;
this.me = me;
this.code = code;
}
public boolean isSuccessful() {
return this.success;
}
public String getErrorMessage() {
return errorMessage;
}
}
public VerifyAuthenticationTask(AccountAuthenticatorResponse response, AuthenticationActivity activity) {
this.response = response;
this.activity = activity;
}
@Override
protected AuthenticationResult doInBackground(String[] args) {
String endpoint = args[0];
String me = args[1];
String code = args[2];
RequestBody formBody = new FormBody.Builder()
.add("code", code)
.add("redirect_uri", "wrimini://oauth")
.add("client_id", "https://stuifzand.eu/micropub")
.build();
Request request = new Request.Builder()
.addHeader("Accept", "application/json")
.url(endpoint)
.method("POST", formBody)
.build();
HttpLoggingInterceptor logging = new HttpLoggingInterceptor();
logging.setLevel(HttpLoggingInterceptor.Level.BODY);
OkHttpClient client = new OkHttpClient.Builder()
.addInterceptor(logging)
.connectTimeout(30, TimeUnit.SECONDS)
.readTimeout(30, TimeUnit.SECONDS)
.writeTimeout(30, TimeUnit.SECONDS)
.build();
Call call = client.newCall(request);
Response response = null;
try {
response = call.execute();
if (!response.isSuccessful()) {
return new AuthenticationResult("Unsuccessful response from authorization_endpoint: HTTP status code is " + String.valueOf(response.code()));
}
ResponseBody body = response.body();
if (response.header("Content-Type").contains("application/json")) {
JsonParser parser = new JsonParser();
try {
JsonElement jsonElement = parser.parse(body.string());
JsonObject element = jsonElement.getAsJsonObject();
JsonElement meElement = element.get("me");
if (meElement == null) {
return new AuthenticationResult("Missing element \"me\" in authorization_endpoint response");
}
String resultMe = meElement.getAsString();
return new AuthenticationResult(resultMe, code);
} catch (JsonParseException e) {
return new AuthenticationResult("Could not parse json response from authorization_endpoint");
}
}
return new AuthenticationResult("Unsupported content type of authorization_endpoint response: " + response.header("Content-Type"));
} catch (IOException e) {
return new AuthenticationResult("Could not get the response from the endpoint");
} finally {
if (response != null) {
response.close();
}
}
}
protected void onPostExecute(AuthenticationResult message) {
if (message.isSuccessful()) {
Bundle bundle = new Bundle();
bundle.putString(AccountManager.KEY_ACCOUNT_NAME, message.me);
bundle.putString(AccountManager.KEY_ACCOUNT_TYPE, "Indieauth");
bundle.putString(AuthenticationActivity.PARAM_USER_PASS, message.code);
Intent intent = new Intent();
intent.putExtras(bundle);
this.activity.finishLogin(intent);
this.response.onResult(bundle);
} else {
this.response.onError(AccountManager.ERROR_CODE_BAD_AUTHENTICATION, "Could not verify authorization: " + message.getErrorMessage());
}
}
}

9
app/src/main/res/layout/activity_account.xml
View File

@ -1,9 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<android.support.constraint.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:app="http://schemas.android.com/apk/res-auto"
xmlns:tools="http://schemas.android.com/tools"
android:layout_width="match_parent"
android:layout_height="match_parent"
tools:context=".auth.AccountsActivity">
</android.support.constraint.ConstraintLayout>

33
app/src/main/res/layout/activity_authenticated.xml
View File

@ -1,33 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<android.support.design.widget.CoordinatorLayout xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:app="http://schemas.android.com/apk/res-auto"
xmlns:tools="http://schemas.android.com/tools"
android:layout_width="match_parent"
android:layout_height="match_parent"
tools:context="eu.stuifzand.micropub.auth.AuthenticatedActivity">
<android.support.design.widget.AppBarLayout
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:theme="@style/AppTheme.AppBarOverlay">
<android.support.v7.widget.Toolbar
android:id="@+id/toolbar"
android:layout_width="match_parent"
android:layout_height="?attr/actionBarSize"
android:background="?attr/colorPrimary"
app:popupTheme="@style/AppTheme.PopupOverlay" />
</android.support.design.widget.AppBarLayout>
<include layout="@layout/content_authenticated" />
<android.support.design.widget.FloatingActionButton
android:id="@+id/fab"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_gravity="bottom|end"
android:layout_margin="@dimen/fab_margin"
app:srcCompat="@android:drawable/ic_dialog_email" />
</android.support.design.widget.CoordinatorLayout>

24
app/src/main/res/layout/content_authenticated.xml
View File

@ -1,24 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<android.support.constraint.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:app="http://schemas.android.com/apk/res-auto"
xmlns:tools="http://schemas.android.com/tools"
android:layout_width="match_parent"
android:layout_height="match_parent"
app:layout_behavior="@string/appbar_scrolling_view_behavior"
tools:context="eu.stuifzand.micropub.auth.AuthenticatedActivity"
tools:showIn="@layout/activity_authenticated">
<TextView
android:id="@+id/textResult"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_marginBottom="8dp"
android:layout_marginEnd="8dp"
android:layout_marginStart="8dp"
android:layout_marginTop="8dp"
android:text="TextView"
app:layout_constraintBottom_toBottomOf="parent"
app:layout_constraintEnd_toEndOf="parent"
app:layout_constraintStart_toStartOf="parent"
app:layout_constraintTop_toTopOf="parent" />
</android.support.constraint.ConstraintLayout>