From b889b9cda749ad4337ca32a0455595d5cfc65f04 Mon Sep 17 00:00:00 2001 From: Henrik Lepson Date: Tue, 14 Dec 2021 22:46:35 +0200 Subject: [PATCH 1/4] fixed testapp compatibility issue --- .../mobileauthapp/HomeFragment.kt | 24 +++++++++++--- .../mobileauthapp/ResultFragment.kt | 14 +++++--- TestMobileApp/app/build.gradle | 1 + .../app/src/main/AndroidManifest.xml | 2 +- .../com/example/testmobileapp/MainActivity.kt | 32 +++++++++++-------- TestMobileApp/build.gradle | 3 +- 6 files changed, 51 insertions(+), 25 deletions(-) diff --git a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/HomeFragment.kt b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/HomeFragment.kt index 2d9e396..9ac5889 100644 --- a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/HomeFragment.kt +++ b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/HomeFragment.kt @@ -4,7 +4,6 @@ import android.content.BroadcastReceiver import android.content.Context import android.content.Intent import android.content.IntentFilter -import android.net.ConnectivityManager import android.nfc.NfcAdapter import android.nfc.TagLostException import android.nfc.tech.IsoDep @@ -14,7 +13,6 @@ import android.view.LayoutInflater import android.view.View import android.view.ViewGroup import android.widget.TextView -import androidx.appcompat.app.AlertDialog import androidx.appcompat.app.AppCompatActivity import androidx.fragment.app.Fragment import androidx.fragment.app.activityViewModels @@ -106,10 +104,28 @@ class HomeFragment : Fragment() { try { if (mobile) { // We use !! to get extras because we want an exception to be thrown when something is missing. - intentParams.setChallenge(requireActivity().intent.getStringExtra("challenge")!!) + //intentParams.setChallenge(requireActivity().intent.getStringExtra("challenge")!!) intentParams.setAuthUrl(requireActivity().intent.getStringExtra("authUrl")!!) intentParams.setOrigin(requireActivity().intent.getStringExtra("originUrl")!!) - goToTheNextFragment(mobile) + val challengeUrl = requireActivity().intent.getStringExtra("challenge")!! + val headers = requireActivity().intent.getStringExtra("headers")!! + val map: HashMap = HashMap() + map.put("sessionId", headers) + intentParams.setHeaders(map) + Ion.getDefault(activity).conscryptMiddleware.enable(false) + Ion.with(activity) + .load(challengeUrl) + .setHeader("sessionId", headers) + .asJsonObject() + .setCallback { _, result -> + try { + val challenge = result.asJsonObject["nonce"].toString().replace("\"", "") + intentParams.setChallenge(challenge) + goToTheNextFragment(mobile) + } catch (e: Exception) { + Log.i("GETrequest", e.toString()) + } + } } else { //Website /* var challenge = requireActivity().intent.data!!.getQueryParameter("challenge")!! diff --git a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/ResultFragment.kt b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/ResultFragment.kt index 1df15db..cce59bb 100644 --- a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/ResultFragment.kt +++ b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/ResultFragment.kt @@ -50,14 +50,14 @@ class ResultFragment : Fragment() { */ private fun createResponse( success: Boolean = true, - result: String = "noResult", - token: String = "noToken" + idCode: String = "noCode", + name: String = "noName" ) { val responseCode = if (success) AppCompatActivity.RESULT_OK else AppCompatActivity.RESULT_CANCELED val resultIntent = Intent() - resultIntent.putExtra("result", result) - resultIntent.putExtra("token", token) + resultIntent.putExtra("idCode", idCode) + resultIntent.putExtra("name", name) requireActivity().setResult(responseCode, resultIntent) requireActivity().finish() } @@ -90,7 +90,11 @@ class ResultFragment : Fragment() { } } else { if (args.mobile) { - createResponse(true, result.toString(), paramsModel.token) + Log.i("myResultTag", result.toString()) + val userData = result.asJsonObject["userData"] + val idCode = userData.asJsonObject["idCode"].asString + val name = userData.asJsonObject["name"].asString + createResponse(true, idCode, name) } else { requireActivity().finishAndRemoveTask() } diff --git a/TestMobileApp/app/build.gradle b/TestMobileApp/app/build.gradle index 4645a41..06491a6 100644 --- a/TestMobileApp/app/build.gradle +++ b/TestMobileApp/app/build.gradle @@ -43,4 +43,5 @@ dependencies { testImplementation 'junit:junit:4.+' androidTestImplementation 'androidx.test.ext:junit:1.1.3' androidTestImplementation 'androidx.test.espresso:espresso-core:3.4.0' + implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version" } \ No newline at end of file diff --git a/TestMobileApp/app/src/main/AndroidManifest.xml b/TestMobileApp/app/src/main/AndroidManifest.xml index 2fe204c..8d63319 100644 --- a/TestMobileApp/app/src/main/AndroidManifest.xml +++ b/TestMobileApp/app/src/main/AndroidManifest.xml @@ -1,7 +1,7 @@ - + if (response.resultCode == Activity.RESULT_OK) { binding.loginTextView.text = getString(R.string.auth_success) // Logs are used to show what information can be retrieved from the mobileauthapp. - Log.i("getResult", response.data?.getStringExtra("token").toString()) - Log.i("getResult", response.data?.getStringExtra("result").toString()) + Log.i("getResult", response.data?.getStringExtra("idCode").toString()) + Log.i("getResult", response.data?.getStringExtra("name").toString()) var user = "" try { - val resultObject = JSONObject(response.data?.getStringExtra("result").toString()) - user = resultObject.getString("principal") + user = response.data?.getStringExtra("name").toString() } catch (e: Exception) { - Log.i("getResult", "unable to retrieve name from principal") + Log.i("getResult", "unable to retrieve name") } showResult(user) } @@ -55,20 +53,24 @@ class MainActivity : AppCompatActivity() { showLogin() - binding.loginOptionNfcButton.setOnClickListener { getData() } + binding.loginOptionNfcButton.setOnClickListener { + //getData() + launchAuth() + } } /** * Method that creates an intent to launch the MobileAuthApp */ - private fun launchAuth(challenge: String = "challenge", originUrl: String = "baseUrl", authUrl: String = "authUrl") { + private fun launchAuth() { val launchIntent = Intent() launchIntent.setClassName("com.tarkvaraprojekt.mobileauthapp", "com.tarkvaraprojekt.mobileauthapp.MainActivity") launchIntent.putExtra("action", "auth") - launchIntent.putExtra("challenge", challenge) - launchIntent.putExtra("originUrl", originUrl) - launchIntent.putExtra("authUrl", authUrl) + launchIntent.putExtra("challenge", CHALLENGE_URL) + launchIntent.putExtra("originUrl", BASE_URL) + launchIntent.putExtra("authUrl", AUTH_URL) + launchIntent.putExtra("headers","${(0..100000).random()}") launchIntent.putExtra("mobile", true) authLauncher.launch(launchIntent) } @@ -77,6 +79,7 @@ class MainActivity : AppCompatActivity() { * Method for retrieving data from an endpoint. * Ion library is used as it is very convenient for making simple GET requests. */ + /* private fun getData() { // Enter the server endpoint address to here val url = "$BASE_URL/auth/challenge" @@ -95,6 +98,7 @@ class MainActivity : AppCompatActivity() { } } } + */ private fun showLogin() { binding.loginOptions.visibility = View.VISIBLE diff --git a/TestMobileApp/build.gradle b/TestMobileApp/build.gradle index 59a783a..846d643 100644 --- a/TestMobileApp/build.gradle +++ b/TestMobileApp/build.gradle @@ -1,5 +1,6 @@ // Top-level build file where you can add configuration options common to all sub-projects/modules. buildscript { + ext.kotlin_version = '1.4.10' repositories { google() mavenCentral() @@ -7,7 +8,7 @@ buildscript { dependencies { classpath "com.android.tools.build:gradle:7.0.2" classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:1.5.20" - + classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version" // NOTE: Do not place your application dependencies here; they belong // in the individual module build.gradle files } From 32336ffb2b95fbf2afd4abc51ff970f0540c5655 Mon Sep 17 00:00:00 2001 From: Henrik Lepson Date: Mon, 17 Jan 2022 17:13:40 +0200 Subject: [PATCH 2/4] small changes to the return data to the test mobile app --- .../tarkvaraprojekt/mobileauthapp/ResultFragment.kt | 10 +++++++--- .../java/com/example/testmobileapp/MainActivity.kt | 3 ++- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/ResultFragment.kt b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/ResultFragment.kt index cce59bb..a6a771a 100644 --- a/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/ResultFragment.kt +++ b/MobileAuthApp/app/src/main/java/com/tarkvaraprojekt/mobileauthapp/ResultFragment.kt @@ -47,17 +47,20 @@ class ResultFragment : Fragment() { /** * Only used when the MobileAuthApp was launched by an app. Not for website use. + * Not really the safest way of doing things, but sufficient for POC purposes. */ private fun createResponse( success: Boolean = true, idCode: String = "noCode", - name: String = "noName" + name: String = "noName", + authority: String = "noAuthority" ) { val responseCode = if (success) AppCompatActivity.RESULT_OK else AppCompatActivity.RESULT_CANCELED val resultIntent = Intent() resultIntent.putExtra("idCode", idCode) resultIntent.putExtra("name", name) + resultIntent.putExtra("authority", authority) requireActivity().setResult(responseCode, resultIntent) requireActivity().finish() } @@ -82,6 +85,7 @@ class ResultFragment : Fragment() { .setJsonObjectBody(json) .asJsonObject() .setCallback { e, result -> + Log.i("resultTag", result.toString()) if (result == null) { if (args.mobile) { createResponse(false) @@ -90,11 +94,11 @@ class ResultFragment : Fragment() { } } else { if (args.mobile) { - Log.i("myResultTag", result.toString()) val userData = result.asJsonObject["userData"] val idCode = userData.asJsonObject["idCode"].asString val name = userData.asJsonObject["name"].asString - createResponse(true, idCode, name) + val authority = result.asJsonObject["roles"].asJsonArray[0].asJsonObject["authority"].asString + createResponse(true, idCode, name, authority) } else { requireActivity().finishAndRemoveTask() } diff --git a/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt b/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt index f1feea2..d03a26a 100644 --- a/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt +++ b/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt @@ -14,7 +14,7 @@ import org.json.JSONObject /** * Base url where the requests should be made. Add yours here. It must use https. */ -private const val BASE_URL = "https://e871-2001-7d0-88a4-b880-d085-ba91-1799-76e7.ngrok.io" +private const val BASE_URL = "https://a0fe-2001-7d0-88ab-b880-7571-cba0-5db2-11b7.ngrok.io" private const val AUTH_URL = "$BASE_URL/auth/login" private const val CHALLENGE_URL = "$BASE_URL/auth/challenge" @@ -38,6 +38,7 @@ class MainActivity : AppCompatActivity() { // Logs are used to show what information can be retrieved from the mobileauthapp. Log.i("getResult", response.data?.getStringExtra("idCode").toString()) Log.i("getResult", response.data?.getStringExtra("name").toString()) + Log.i("getResult", response.data?.getStringExtra("authority").toString()) var user = "" try { user = response.data?.getStringExtra("name").toString() From 866c3c24a736d5df0307ffece29fcc9f6e8cf932 Mon Sep 17 00:00:00 2001 From: Henrik Lepson Date: Mon, 17 Jan 2022 17:15:45 +0200 Subject: [PATCH 3/4] deleted unused code --- .../com/example/testmobileapp/MainActivity.kt | 28 +------------------ 1 file changed, 1 insertion(+), 27 deletions(-) diff --git a/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt b/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt index d03a26a..8ff8e15 100644 --- a/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt +++ b/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt @@ -19,7 +19,7 @@ private const val AUTH_URL = "$BASE_URL/auth/login" private const val CHALLENGE_URL = "$BASE_URL/auth/challenge" /** - * Test mobile app to demonstrate how other applications can use MobileAuthApp. + * Test mobile app to demonstrate how other applications could potentially use MobileAuthApp. * Single purpose app that launches the MobileAuthApp and gets the response back (JWT). */ class MainActivity : AppCompatActivity() { @@ -55,7 +55,6 @@ class MainActivity : AppCompatActivity() { showLogin() binding.loginOptionNfcButton.setOnClickListener { - //getData() launchAuth() } @@ -76,31 +75,6 @@ class MainActivity : AppCompatActivity() { authLauncher.launch(launchIntent) } - /** - * Method for retrieving data from an endpoint. - * Ion library is used as it is very convenient for making simple GET requests. - */ - /* - private fun getData() { - // Enter the server endpoint address to here - val url = "$BASE_URL/auth/challenge" - Ion.getDefault(this).conscryptMiddleware.enable(false) - Ion.with(applicationContext) - .load(url) - .asJsonObject() - .setCallback { _, result -> - try { - // Get data from the result and call launchAuth method - val challenge = result.asJsonObject["nonce"].toString().replace("\"", "") - Log.v("Challenge", challenge) - launchAuth(challenge, BASE_URL, "/auth/authentication") - } catch (e: Exception) { - Log.i("GETrequest", "was unsuccessful") - } - } - } - */ - private fun showLogin() { binding.loginOptions.visibility = View.VISIBLE } From b95115af4f5735351422e1e3e17cfb21bd8e9c7f Mon Sep 17 00:00:00 2001 From: Henrik Lepson Date: Mon, 17 Jan 2022 17:16:56 +0200 Subject: [PATCH 4/4] added comment --- .../app/src/main/java/com/example/testmobileapp/MainActivity.kt | 1 + 1 file changed, 1 insertion(+) diff --git a/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt b/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt index 8ff8e15..c4b197a 100644 --- a/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt +++ b/TestMobileApp/app/src/main/java/com/example/testmobileapp/MainActivity.kt @@ -21,6 +21,7 @@ private const val CHALLENGE_URL = "$BASE_URL/auth/challenge" /** * Test mobile app to demonstrate how other applications could potentially use MobileAuthApp. * Single purpose app that launches the MobileAuthApp and gets the response back (JWT). + * Only for demo purposes. */ class MainActivity : AppCompatActivity() {