Startsida Utforska Hjälp
Registrera dig Logga in
bida
/
busky
9
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: 4d9fd09a3c
Grenar Taggar
busky
/
app
/
src
/
main
/
java
/
com
/
keylesspalace
/
tusky
/
LoginActivity.java

LoginActivity.java 15 KB
Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350 
  1. /* Copyright 2017 Andrew Dawson
    2. 

  2.  *
    3. 

  3.  * This file is a part of Tusky.
    4. 

  4.  *
    5. 

  5.  * This program is free software; you can redistribute it and/or modify it under the terms of the
    6. 

  6.  * GNU General Public License as published by the Free Software Foundation; either version 3 of the
    7. 

  7.  * License, or (at your option) any later version.
    8. 

  8.  *
    9. 

  9.  * Tusky is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even
    10. 

  10.  * the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
    11. 

  11.  * Public License for more details.
    12. 

  12.  *
    13. 

  13.  * You should have received a copy of the GNU General Public License along with Tusky; if not,
    14. 

  14.  * see <http://www.gnu.org/licenses>. */
    15. 

  15. 

  16. package com.keylesspalace.tusky;
    17. 

  17. 

  18. import android.app.AlertDialog;
    19. 

  19. import android.content.Context;
    20. 

  20. import android.content.DialogInterface;
    21. 

  21. import android.content.Intent;
    22. 

  22. import android.content.SharedPreferences;
    23. 

  23. import android.content.pm.PackageManager;
    24. 

  24. import android.net.Uri;
    25. 

  25. import android.os.Bundle;
    26. 

  26. import android.preference.PreferenceManager;
    27. 

  27. import android.support.v7.app.AppCompatActivity;
    28. 

  28. import android.text.method.LinkMovementMethod;
    29. 

  29. import android.view.View;
    30. 

  30. import android.widget.Button;
    31. 

  31. import android.widget.EditText;
    32. 

  32. import android.widget.TextView;
    33. 

  33. 

  34. import com.keylesspalace.tusky.entity.AccessToken;
    35. 

  35. import com.keylesspalace.tusky.entity.AppCredentials;
    36. 

  36. 

  37. import java.util.HashMap;
    38. 

  38. import java.util.Map;
    39. 

  39. 

  40. import butterknife.BindView;
    41. 

  41. import butterknife.ButterKnife;
    42. 

  42. import retrofit2.Call;
    43. 

  43. import retrofit2.Callback;
    44. 

  44. import retrofit2.Response;
    45. 

  45. import retrofit2.Retrofit;
    46. 

  46. import retrofit2.converter.gson.GsonConverterFactory;
    47. 

  47. 

  48. public class LoginActivity extends AppCompatActivity {
    49. 

  49.     private static final String TAG = "LoginActivity"; // logging tag
    50. 

  50.     private static String OAUTH_SCOPES = "read write follow";
    51. 

  51. 

  52.     private SharedPreferences preferences;
    53. 

  53. 

  54.     private String domain;
    55. 

  55.     private String clientId;
    56. 

  56.     private String clientSecret;
    57. 

  57. 

  58.     @BindView(R.id.edit_text_domain) EditText editText;
    59. 

  59.     @BindView(R.id.button_login) Button button;
    60. 

  60.     @BindView(R.id.whats_an_instance) TextView whatsAnInstance;
    61. 

  61. 

  62.     /**
    63. 

  63.      * Chain together the key-value pairs into a query string, for either appending to a URL or
    64. 

  64.      * as the content of an HTTP request.
    65. 

  65.      */
    66. 

  66.     private static String toQueryString(Map<String, String> parameters) {
    67. 

  67.         StringBuilder s = new StringBuilder();
    68. 

  68.         String between = "";
    69. 

  69.         for (Map.Entry<String, String> entry : parameters.entrySet()) {
    70. 

  70.             s.append(between);
    71. 

  71.             s.append(Uri.encode(entry.getKey()));
    72. 

  72.             s.append("=");
    73. 

  73.             s.append(Uri.encode(entry.getValue()));
    74. 

  74.             between = "&";
    75. 

  75.         }
    76. 

  76.         return s.toString();
    77. 

  77.     }
    78. 

  78. 

  79.     /** Make sure the user-entered text is just a fully-qualified domain name. */
    80. 

  80.     private static String validateDomain(String s) {
    81. 

  81.         // Strip any schemes out.
    82. 

  82.         s = s.replaceFirst("http://", "");
    83. 

  83.         s = s.replaceFirst("https://", "");
    84. 

  84.         // If a username was included (e.g. username@example.com), just take what's after the '@'.
    85. 

  85.         int at = s.indexOf('@');
    86. 

  86.         if (at != -1) {
    87. 

  87.             s = s.substring(at + 1);
    88. 

  88.         }
    89. 

  89.         return s.trim();
    90. 

  90.     }
    91. 

  91. 

  92.     private String getOauthRedirectUri() {
    93. 

  93.         String scheme = getString(R.string.oauth_scheme);
    94. 

  94.         String host = getString(R.string.oauth_redirect_host);
    95. 

  95.         return scheme + "://" + host + "/";
    96. 

  96.     }
    97. 

  97. 

  98.     private void redirectUserToAuthorizeAndLogin(EditText editText) {
    99. 

  99.         /* To authorize this app and log in it's necessary to redirect to the domain given,
    100. 

  100.          * activity_login there, and the server will redirect back to the app with its response. */
    101. 

  101.         String endpoint = MastodonAPI.ENDPOINT_AUTHORIZE;
    102. 

  102.         String redirectUri = getOauthRedirectUri();
    103. 

  103.         Map<String, String> parameters = new HashMap<>();
    104. 

  104.         parameters.put("client_id", clientId);
    105. 

  105.         parameters.put("redirect_uri", redirectUri);
    106. 

  106.         parameters.put("response_type", "code");
    107. 

  107.         parameters.put("scope", OAUTH_SCOPES);
    108. 

  108.         String url = "https://" + domain + endpoint + "?" + toQueryString(parameters);
    109. 

  109.         Intent viewIntent = new Intent(Intent.ACTION_VIEW, Uri.parse(url));
    110. 

  110.         if (viewIntent.resolveActivity(getPackageManager()) != null) {
    111. 

  111.             startActivity(viewIntent);
    112. 

  112.         } else {
    113. 

  113.             editText.setError(getString(R.string.error_no_web_browser_found));
    114. 

  114.         }
    115. 

  115.     }
    116. 

  116. 

  117.     private MastodonAPI getApiFor(String domain) {
    118. 

  118.         Retrofit retrofit = new Retrofit.Builder()
    119. 

  119.                 .baseUrl("https://" + domain)
    120. 

  120.                 .addConverterFactory(GsonConverterFactory.create())
    121. 

  121.                 .build();
    122. 

  122. 

  123.         return retrofit.create(MastodonAPI.class);
    124. 

  124.     }
    125. 

  125. 

  126.     /**
    127. 

  127.      * Obtain the oauth client credentials for this app. This is only necessary the first time the
    128. 

  128.      * app is run on a given server instance. So, after the first authentication, they are
    129. 

  129.      * saved in SharedPreferences and every subsequent run they are simply fetched from there.
    130. 

  130.      */
    131. 

  131.     private void onButtonClick(final EditText editText) {
    132. 

  132.         domain = validateDomain(editText.getText().toString());
    133. 

  133.         /* Attempt to get client credentials from SharedPreferences, and if not present
    134. 

  134.          * (such as in the case that the domain has never been accessed before)
    135. 

  135.          * authenticate with the server and store the received credentials to use next
    136. 

  136.          * time. */
    137. 

  137.         String prefClientId = preferences.getString(domain + "/client_id", null);
    138. 

  138.         String prefClientSecret = preferences.getString(domain + "/client_secret", null);
    139. 

  139. 

  140.         if (prefClientId != null && prefClientSecret != null) {
    141. 

  141.             clientId = prefClientId;
    142. 

  142.             clientSecret = prefClientSecret;
    143. 

  143.             redirectUserToAuthorizeAndLogin(editText);
    144. 

  144.         } else {
    145. 

  145.             Callback<AppCredentials> callback = new Callback<AppCredentials>() {
    146. 

  146.                 @Override
    147. 

  147.                 public void onResponse(Call<AppCredentials> call, Response<AppCredentials> response) {
    148. 

  148.                     if (!response.isSuccessful()) {
    149. 

  149.                         editText.setError(getString(R.string.error_failed_app_registration));
    150. 

  150.                         Log.e(TAG, "App authentication failed. " + response.message());
    151. 

  151.                         return;
    152. 

  152.                     }
    153. 

  153.                     AppCredentials credentials = response.body();
    154. 

  154.                     clientId = credentials.clientId;
    155. 

  155.                     clientSecret = credentials.clientSecret;
    156. 

  156.                     SharedPreferences.Editor editor = preferences.edit();
    157. 

  157.                     editor.putString(domain + "/client_id", clientId);
    158. 

  158.                     editor.putString(domain + "/client_secret", clientSecret);
    159. 

  159.                     editor.apply();
    160. 

  160.                     redirectUserToAuthorizeAndLogin(editText);
    161. 

  161.                 }
    162. 

  162. 

  163.                 @Override
    164. 

  164.                 public void onFailure(Call<AppCredentials> call, Throwable t) {
    165. 

  165.                     editText.setError(getString(R.string.error_failed_app_registration));
    166. 

  166.                     t.printStackTrace();
    167. 

  167.                 }
    168. 

  168.             };
    169. 

  169. 

  170.             try {
    171. 

  171.                 getApiFor(domain).authenticateApp(getString(R.string.app_name), getOauthRedirectUri(), OAUTH_SCOPES,
    172. 

  172.                         getString(R.string.app_website)).enqueue(callback);
    173. 

  173.             } catch (IllegalArgumentException e) {
    174. 

  174.                 editText.setError(getString(R.string.error_invalid_domain));
    175. 

  175.             }
    176. 

  176.         }
    177. 

  177.     }
    178. 

  178. 

  179.     @Override
    180. 

  180.     protected void onCreate(Bundle savedInstanceState) {
    181. 

  181.         super.onCreate(savedInstanceState);
    182. 

  182. 

  183.         if (PreferenceManager.getDefaultSharedPreferences(this).getBoolean("lightTheme", false)) {
    184. 

  184.             setTheme(R.style.AppTheme_Light);
    185. 

  185.         }
    186. 

  186. 

  187.         setContentView(R.layout.activity_login);
    188. 

  188.         ButterKnife.bind(this);
    189. 

  189. 

  190.         if (savedInstanceState != null) {
    191. 

  191.             domain = savedInstanceState.getString("domain");
    192. 

  192.             clientId = savedInstanceState.getString("clientId");
    193. 

  193.             clientSecret = savedInstanceState.getString("clientSecret");
    194. 

  194.         } else {
    195. 

  195.             domain = null;
    196. 

  196.             clientId = null;
    197. 

  197.             clientSecret = null;
    198. 

  198.         }
    199. 

  199. 

  200.         preferences = getSharedPreferences(
    201. 

  201.                 getString(R.string.preferences_file_key), Context.MODE_PRIVATE);
    202. 

  202. 

  203.         button.setOnClickListener(new View.OnClickListener() {
    204. 

  204.             @Override
    205. 

  205.             public void onClick(View v) {
    206. 

  206.                 onButtonClick(editText);
    207. 

  207.             }
    208. 

  208.         });
    209. 

  209. 

  210.         final Context context = this;
    211. 

  211. 

  212.         whatsAnInstance.setOnClickListener(new View.OnClickListener() {
    213. 

  213.             @Override
    214. 

  214.             public void onClick(View v) {
    215. 

  215.                 AlertDialog dialog = new AlertDialog.Builder(context)
    216. 

  216.                         .setMessage(R.string.dialog_whats_an_instance)
    217. 

  217.                         .setPositiveButton(R.string.action_close,
    218. 

  218.                                 new DialogInterface.OnClickListener() {
    219. 

  219.                                     @Override
    220. 

  220.                                     public void onClick(DialogInterface dialog, int which) {
    221. 

  221.                                         dialog.dismiss();
    222. 

  222.                                     }
    223. 

  223.                                 })
    224. 

  224.                         .show();
    225. 

  225.                 TextView textView = (TextView) dialog.findViewById(android.R.id.message);
    226. 

  226.                 textView.setMovementMethod(LinkMovementMethod.getInstance());
    227. 

  227.             }
    228. 

  228.         });
    229. 

  229. 

  230.         // Apply any updates needed.
    231. 

  231.         int versionCode = 1;
    232. 

  232.         try {
    233. 

  233.             versionCode = getPackageManager().getPackageInfo(getPackageName(), 0).versionCode;
    234. 

  234.         } catch (PackageManager.NameNotFoundException e) {
    235. 

  235.             Log.e(TAG, "The app version was not found. " + e.getMessage());
    236. 

  236.         }
    237. 

  237.         if (preferences.getInt("lastUpdate", 0) != versionCode) {
    238. 

  238.             SharedPreferences.Editor editor = preferences.edit();
    239. 

  239.             if (versionCode == 14) {
    240. 

  240.                 /* This version switches the order of scheme and host in the OAuth redirect URI.
    241. 

  241.                  * But to fix it requires forcing the app to re-authenticate with servers. So, clear
    242. 

  242.                  * out the stored client id/secret pairs. The only other things that are lost are
    243. 

  243.                  * "rememberedVisibility", "loggedInUsername", and "loggedInAccountId". */
    244. 

  244.                 editor.clear();
    245. 

  245.             }
    246. 

  246.             editor.putInt("lastUpdate", versionCode);
    247. 

  247.             editor.apply();
    248. 

  248.         }
    249. 

  249.     }
    250. 

  250. 

  251.     @Override
    252. 

  252.     protected void onSaveInstanceState(Bundle outState) {
    253. 

  253.         outState.putString("domain", domain);
    254. 

  254.         outState.putString("clientId", clientId);
    255. 

  255.         outState.putString("clientSecret", clientSecret);
    256. 

  256.         super.onSaveInstanceState(outState);
    257. 

  257.     }
    258. 

  258. 

  259.     private void onLoginSuccess(String accessToken) {
    260. 

  260.         SharedPreferences.Editor editor = preferences.edit();
    261. 

  261.         editor.putString("domain", domain);
    262. 

  262.         editor.putString("accessToken", accessToken);
    263. 

  263.         editor.commit();
    264. 

  264.         Intent intent = new Intent(this, MainActivity.class);
    265. 

  265.         startActivity(intent);
    266. 

  266.         finish();
    267. 

  267.     }
    268. 

  268. 

  269.     @Override
    270. 

  270.     protected void onStop() {
    271. 

  271.         super.onStop();
    272. 

  272.         if (domain != null) {
    273. 

  273.             SharedPreferences.Editor editor = preferences.edit();
    274. 

  274.             editor.putString("domain", domain);
    275. 

  275.             editor.putString("clientId", clientId);
    276. 

  276.             editor.putString("clientSecret", clientSecret);
    277. 

  277.             editor.apply();
    278. 

  278.         }
    279. 

  279.     }
    280. 

  280. 

  281.     @Override
    282. 

  282.     protected void onStart() {
    283. 

  283.         super.onStart();
    284. 

  284.         /* Check if we are resuming during authorization by seeing if the intent contains the
    285. 

  285.          * redirect that was given to the server. If so, its response is here! */
    286. 

  286.         Uri uri = getIntent().getData();
    287. 

  287.         String redirectUri = getOauthRedirectUri();
    288. 

  288. 

  289.         preferences = getSharedPreferences(
    290. 

  290.                 getString(R.string.preferences_file_key), Context.MODE_PRIVATE);
    291. 

  291. 

  292.         if (preferences.getString("accessToken", null) != null
    293. 

  293.                 && preferences.getString("domain", null) != null) {
    294. 

  294.             // We are already logged in, go to MainActivity
    295. 

  295.             Intent intent = new Intent(this, MainActivity.class);
    296. 

  296.             startActivity(intent);
    297. 

  297.             finish();
    298. 

  298.             return;
    299. 

  299.         }
    300. 

  300. 

  301.         if (uri != null && uri.toString().startsWith(redirectUri)) {
    302. 

  302.             // This should either have returned an authorization code or an error.
    303. 

  303.             String code = uri.getQueryParameter("code");
    304. 

  304.             String error = uri.getQueryParameter("error");
    305. 

  305. 

  306.             if (code != null) {
    307. 

  307.                 /* During the redirect roundtrip this Activity usually dies, which wipes out the
    308. 

  308.                  * instance variables, so they have to be recovered from where they were saved in
    309. 

  309.                  * SharedPreferences. */
    310. 

  310.                 domain = preferences.getString("domain", null);
    311. 

  311.                 clientId = preferences.getString("clientId", null);
    312. 

  312.                 clientSecret = preferences.getString("clientSecret", null);
    313. 

  313.                 /* Since authorization has succeeded, the final step to log in is to exchange
    314. 

  314.                  * the authorization code for an access token. */
    315. 

  315.                 Callback<AccessToken> callback = new Callback<AccessToken>() {
    316. 

  316.                     @Override
    317. 

  317.                     public void onResponse(Call<AccessToken> call, Response<AccessToken> response) {
    318. 

  318.                         if (response.isSuccessful()) {
    319. 

  319.                             onLoginSuccess(response.body().accessToken);
    320. 

  320.                         } else {
    321. 

  321.                             editText.setError(getString(R.string.error_retrieving_oauth_token));
    322. 

  322.                             Log.e(TAG, String.format("%s %s",
    323. 

  323.                                     getString(R.string.error_retrieving_oauth_token),
    324. 

  324.                                     response.message()));
    325. 

  325.                         }
    326. 

  326.                     }
    327. 

  327. 

  328.                     @Override
    329. 

  329.                     public void onFailure(Call<AccessToken> call, Throwable t) {
    330. 

  330.                         editText.setError(getString(R.string.error_retrieving_oauth_token));
    331. 

  331.                         Log.e(TAG, String.format("%s %s",
    332. 

  332.                                 getString(R.string.error_retrieving_oauth_token),
    333. 

  333.                                 t.getMessage()));
    334. 

  334.                     }
    335. 

  335.                 };
    336. 

  336. 

  337.                 getApiFor(domain).fetchOAuthToken(clientId, clientSecret, redirectUri, code,
    338. 

  338.                         "authorization_code").enqueue(callback);
    339. 

  339.             } else if (error != null) {
    340. 

  340.                 /* Authorization failed. Put the error response where the user can read it and they
    341. 

  341.                  * can try again. */
    342. 

  342.                 editText.setError(getString(R.string.error_authorization_denied));
    343. 

  343.                 Log.e(TAG, getString(R.string.error_authorization_denied) + error);
    344. 

  344.             } else {
    345. 

  345.                 // This case means a junk response was received somehow.
    346. 

  346.                 editText.setError(getString(R.string.error_authorization_unknown));
    347. 

  347.             }
    348. 

  348.         }
    349. 

  349.     }
    350. 

  350. }
    351.