prevent user from accidentally changing password after using magic create

This commit is contained in:
Daniel Gultsch 2016-04-26 23:23:48 +02:00
parent 59652ecaf2
commit 9c3e910dc4
7 changed files with 84 additions and 23 deletions

View file

@ -52,6 +52,7 @@ public class Account extends AbstractEntity {
public static final int OPTION_DISABLED = 1; public static final int OPTION_DISABLED = 1;
public static final int OPTION_REGISTER = 2; public static final int OPTION_REGISTER = 2;
public static final int OPTION_USECOMPRESSION = 3; public static final int OPTION_USECOMPRESSION = 3;
public static final int OPTION_MAGIC_CREATE = 4;
public final HashSet<Pair<String, String>> inProgressDiscoFetches = new HashSet<>(); public final HashSet<Pair<String, String>> inProgressDiscoFetches = new HashSet<>();
public boolean httpUploadAvailable(long filesize) { public boolean httpUploadAvailable(long filesize) {

View file

@ -1513,6 +1513,7 @@ public class XmppConnectionService extends Service implements OnPhoneContactsLoa
public void onIqPacketReceived(final Account account, final IqPacket packet) { public void onIqPacketReceived(final Account account, final IqPacket packet) {
if (packet.getType() == IqPacket.TYPE.RESULT) { if (packet.getType() == IqPacket.TYPE.RESULT) {
account.setPassword(newPassword); account.setPassword(newPassword);
account.setOption(Account.OPTION_MAGIC_CREATE, false);
databaseBackend.updateAccount(account); databaseBackend.updateAccount(account);
callback.onPasswordChangeSucceeded(); callback.onPasswordChangeSucceeded();
} else { } else {

View file

@ -1,9 +1,11 @@
package eu.siacs.conversations.ui; package eu.siacs.conversations.ui;
import android.content.Intent;
import android.os.Bundle; import android.os.Bundle;
import android.view.View; import android.view.View;
import android.widget.Button; import android.widget.Button;
import android.widget.EditText; import android.widget.EditText;
import android.widget.TextView;
import android.widget.Toast; import android.widget.Toast;
import eu.siacs.conversations.R; import eu.siacs.conversations.R;
@ -22,7 +24,7 @@ public class ChangePasswordActivity extends XmppActivity implements XmppConnecti
final String currentPassword = mCurrentPassword.getText().toString(); final String currentPassword = mCurrentPassword.getText().toString();
final String newPassword = mNewPassword.getText().toString(); final String newPassword = mNewPassword.getText().toString();
final String newPasswordConfirm = mNewPasswordConfirm.getText().toString(); final String newPasswordConfirm = mNewPasswordConfirm.getText().toString();
if (!currentPassword.equals(mAccount.getPassword())) { if (!mAccount.isOptionSet(Account.OPTION_MAGIC_CREATE) && !currentPassword.equals(mAccount.getPassword())) {
mCurrentPassword.requestFocus(); mCurrentPassword.requestFocus();
mCurrentPassword.setError(getString(R.string.account_status_unauthorized)); mCurrentPassword.setError(getString(R.string.account_status_unauthorized));
} else if (!newPassword.equals(newPasswordConfirm)) { } else if (!newPassword.equals(newPasswordConfirm)) {
@ -43,6 +45,7 @@ public class ChangePasswordActivity extends XmppActivity implements XmppConnecti
} }
} }
}; };
private TextView mCurrentPasswordLabel;
private EditText mCurrentPassword; private EditText mCurrentPassword;
private EditText mNewPassword; private EditText mNewPassword;
private EditText mNewPasswordConfirm; private EditText mNewPasswordConfirm;
@ -51,7 +54,13 @@ public class ChangePasswordActivity extends XmppActivity implements XmppConnecti
@Override @Override
void onBackendConnected() { void onBackendConnected() {
this.mAccount = extractAccount(getIntent()); this.mAccount = extractAccount(getIntent());
if (this.mAccount != null && this.mAccount.isOptionSet(Account.OPTION_MAGIC_CREATE)) {
this.mCurrentPasswordLabel.setVisibility(View.GONE);
this.mCurrentPassword.setVisibility(View.GONE);
} else {
this.mCurrentPasswordLabel.setVisibility(View.VISIBLE);
this.mCurrentPassword.setVisibility(View.VISIBLE);
}
} }
@Override @Override
@ -67,11 +76,20 @@ public class ChangePasswordActivity extends XmppActivity implements XmppConnecti
}); });
this.mChangePasswordButton = (Button) findViewById(R.id.right_button); this.mChangePasswordButton = (Button) findViewById(R.id.right_button);
this.mChangePasswordButton.setOnClickListener(this.mOnChangePasswordButtonClicked); this.mChangePasswordButton.setOnClickListener(this.mOnChangePasswordButtonClicked);
this.mCurrentPasswordLabel = (TextView) findViewById(R.id.current_password_label);
this.mCurrentPassword = (EditText) findViewById(R.id.current_password); this.mCurrentPassword = (EditText) findViewById(R.id.current_password);
this.mNewPassword = (EditText) findViewById(R.id.new_password); this.mNewPassword = (EditText) findViewById(R.id.new_password);
this.mNewPasswordConfirm = (EditText) findViewById(R.id.new_password_confirm); this.mNewPasswordConfirm = (EditText) findViewById(R.id.new_password_confirm);
} }
@Override
protected void onStart() {
super.onStart();
Intent intent = getIntent();
String password = intent != null ? intent.getStringExtra("password") : "";
this.mNewPassword.getEditableText().append(password);
}
@Override @Override
public void onPasswordChangeSucceeded() { public void onPasswordChangeSucceeded() {
runOnUiThread(new Runnable() { runOnUiThread(new Runnable() {

View file

@ -33,6 +33,8 @@ import android.widget.TableRow;
import android.widget.TextView; import android.widget.TextView;
import android.widget.Toast; import android.widget.Toast;
import android.util.Log;
import java.util.Arrays; import java.util.Arrays;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
@ -109,6 +111,13 @@ public class EditAccountActivity extends XmppActivity implements OnAccountUpdate
@Override @Override
public void onClick(final View v) { public void onClick(final View v) {
final String password = mPassword.getText().toString();
final String passwordConfirm = mPasswordConfirm.getText().toString();
if (!mInitMode && passwordChangedInMagicCreateMode()) {
gotoChangePassword(password);
return;
}
if (mInitMode && mAccount != null) { if (mInitMode && mAccount != null) {
mAccount.setOption(Account.OPTION_DISABLED, false); mAccount.setOption(Account.OPTION_DISABLED, false);
} }
@ -173,8 +182,6 @@ public class EditAccountActivity extends XmppActivity implements OnAccountUpdate
mAccountJid.requestFocus(); mAccountJid.requestFocus();
return; return;
} }
final String password = mPassword.getText().toString();
final String passwordConfirm = mPasswordConfirm.getText().toString();
if (registerNewAccount) { if (registerNewAccount) {
if (!password.equals(passwordConfirm)) { if (!password.equals(passwordConfirm)) {
mPasswordConfirm.setError(getString(R.string.passwords_do_not_match)); mPasswordConfirm.setError(getString(R.string.passwords_do_not_match));
@ -183,6 +190,9 @@ public class EditAccountActivity extends XmppActivity implements OnAccountUpdate
} }
} }
if (mAccount != null) { if (mAccount != null) {
if (mInitMode && mAccount.isOptionSet(Account.OPTION_MAGIC_CREATE)) {
mAccount.setOption(Account.OPTION_MAGIC_CREATE, mAccount.getPassword().contains(password));
}
mAccount.setJid(jid); mAccount.setJid(jid);
mAccount.setPort(numericPort); mAccount.setPort(numericPort);
mAccount.setHostname(hostname); mAccount.setHostname(hostname);
@ -330,7 +340,13 @@ public class EditAccountActivity extends XmppActivity implements OnAccountUpdate
} }
protected void updateSaveButton() { protected void updateSaveButton() {
if (accountInfoEdited() && !mInitMode) { boolean accountInfoEdited = accountInfoEdited();
if (!mInitMode && passwordChangedInMagicCreateMode()) {
this.mSaveButton.setText(R.string.change_password);
this.mSaveButton.setEnabled(true);
this.mSaveButton.setTextColor(getPrimaryTextColor());
} else if (accountInfoEdited && !mInitMode) {
this.mSaveButton.setText(R.string.save); this.mSaveButton.setText(R.string.save);
this.mSaveButton.setEnabled(true); this.mSaveButton.setEnabled(true);
this.mSaveButton.setTextColor(getPrimaryTextColor()); this.mSaveButton.setTextColor(getPrimaryTextColor());
@ -349,7 +365,7 @@ public class EditAccountActivity extends XmppActivity implements OnAccountUpdate
if (!mInitMode) { if (!mInitMode) {
if (mAccount != null && mAccount.isOnlineAndConnected()) { if (mAccount != null && mAccount.isOnlineAndConnected()) {
this.mSaveButton.setText(R.string.save); this.mSaveButton.setText(R.string.save);
if (!accountInfoEdited()) { if (!accountInfoEdited) {
this.mSaveButton.setEnabled(false); this.mSaveButton.setEnabled(false);
this.mSaveButton.setTextColor(getSecondaryTextColor()); this.mSaveButton.setTextColor(getSecondaryTextColor());
} }
@ -366,16 +382,28 @@ public class EditAccountActivity extends XmppActivity implements OnAccountUpdate
if (this.mAccount == null) { if (this.mAccount == null) {
return false; return false;
} }
return jidEdited() ||
!this.mAccount.getPassword().equals(this.mPassword.getText().toString()) ||
!this.mAccount.getHostname().equals(this.mHostname.getText().toString()) ||
!String.valueOf(this.mAccount.getPort()).equals(this.mPort.getText().toString());
}
protected boolean jidEdited() {
final String unmodified; final String unmodified;
if (Config.DOMAIN_LOCK != null) { if (Config.DOMAIN_LOCK != null) {
unmodified = this.mAccount.getJid().getLocalpart(); unmodified = this.mAccount.getJid().getLocalpart();
} else { } else {
unmodified = this.mAccount.getJid().toBareJid().toString(); unmodified = this.mAccount.getJid().toBareJid().toString();
} }
return !unmodified.equals(this.mAccountJid.getText().toString()) || return !unmodified.equals(this.mAccountJid.getText().toString());
!this.mAccount.getPassword().equals(this.mPassword.getText().toString()) || }
!this.mAccount.getHostname().equals(this.mHostname.getText().toString()) ||
!String.valueOf(this.mAccount.getPort()).equals(this.mPort.getText().toString()); protected boolean passwordChangedInMagicCreateMode() {
return mAccount != null
&& mAccount.isOptionSet(Account.OPTION_MAGIC_CREATE)
&& !this.mAccount.getPassword().equals(this.mPassword.getText().toString())
&& !this.jidEdited()
&& mAccount.isOnlineAndConnected();
} }
@Override @Override
@ -582,9 +610,7 @@ public class EditAccountActivity extends XmppActivity implements OnAccountUpdate
item.setChecked(!item.isChecked()); item.setChecked(!item.isChecked());
break; break;
case R.id.action_change_password_on_server: case R.id.action_change_password_on_server:
final Intent changePasswordIntent = new Intent(this, ChangePasswordActivity.class); gotoChangePassword(null);
changePasswordIntent.putExtra(EXTRA_ACCOUNT, mAccount.getJid().toString());
startActivity(changePasswordIntent);
break; break;
case R.id.action_mam_prefs: case R.id.action_mam_prefs:
editMamPrefs(); editMamPrefs();
@ -602,6 +628,15 @@ public class EditAccountActivity extends XmppActivity implements OnAccountUpdate
return super.onOptionsItemSelected(item); return super.onOptionsItemSelected(item);
} }
private void gotoChangePassword(String newPassword) {
final Intent changePasswordIntent = new Intent(this, ChangePasswordActivity.class);
changePasswordIntent.putExtra(EXTRA_ACCOUNT, mAccount.getJid().toString());
if (newPassword != null) {
changePasswordIntent.putExtra("password", newPassword);
}
startActivity(changePasswordIntent);
}
private void renewCertificate() { private void renewCertificate() {
KeyChain.choosePrivateKeyAlias(this, this, null, null, null, -1, null); KeyChain.choosePrivateKeyAlias(this, this, null, null, null, -1, null);
} }

View file

@ -8,6 +8,7 @@ import android.view.View;
import android.widget.Button; import android.widget.Button;
import android.widget.EditText; import android.widget.EditText;
import android.widget.TextView; import android.widget.TextView;
import android.widget.Toast;
import java.security.SecureRandom; import java.security.SecureRandom;
@ -60,12 +61,14 @@ public class MagicCreateActivity extends XmppActivity implements TextWatcher {
account = new Account(jid, createPassword()); account = new Account(jid, createPassword());
account.setOption(Account.OPTION_REGISTER, true); account.setOption(Account.OPTION_REGISTER, true);
account.setOption(Account.OPTION_DISABLED, true); account.setOption(Account.OPTION_DISABLED, true);
account.setOption(Account.OPTION_MAGIC_CREATE, true);
xmppConnectionService.createAccount(account); xmppConnectionService.createAccount(account);
} }
Intent intent = new Intent(MagicCreateActivity.this, EditAccountActivity.class); Intent intent = new Intent(MagicCreateActivity.this, EditAccountActivity.class);
intent.putExtra("jid", account.getJid().toBareJid().toString()); intent.putExtra("jid", account.getJid().toBareJid().toString());
intent.putExtra("init", true); intent.putExtra("init", true);
intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK | Intent.FLAG_ACTIVITY_CLEAR_TASK); intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK | Intent.FLAG_ACTIVITY_CLEAR_TASK);
Toast.makeText(MagicCreateActivity.this, R.string.secure_password_generated, Toast.LENGTH_SHORT).show();
startActivity(intent); startActivity(intent);
} catch (InvalidJidException e) { } catch (InvalidJidException e) {
mUsername.setError(getString(R.string.invalid_username)); mUsername.setError(getString(R.string.invalid_username));

View file

@ -2,23 +2,25 @@
<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android" <RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
android:layout_width="match_parent" android:layout_width="match_parent"
android:layout_height="match_parent" android:layout_height="match_parent"
android:background="@color/grey50"> android:background="@color/grey200">
<ScrollView <ScrollView
android:layout_width="fill_parent" android:layout_width="fill_parent"
android:layout_height="fill_parent" android:layout_height="fill_parent"
android:layout_above="@+id/button_bar"> android:layout_above="@+id/button_bar">
<LinearLayout <LinearLayout
android:layout_width="match_parent" android:layout_width="match_parent"
android:layout_height="match_parent" android:layout_height="wrap_content"
android:orientation="vertical"
android:layout_marginLeft="@dimen/activity_horizontal_margin" android:layout_marginLeft="@dimen/activity_horizontal_margin"
android:layout_marginRight="@dimen/activity_horizontal_margin" android:layout_marginRight="@dimen/activity_horizontal_margin"
android:layout_marginTop="@dimen/activity_vertical_margin" android:layout_marginTop="@dimen/activity_vertical_margin"
android:layout_marginBottom="@dimen/activity_vertical_margin"> android:layout_marginBottom="@dimen/activity_vertical_margin"
android:background="@drawable/infocard_border"
android:padding="@dimen/infocard_padding"
android:orientation="vertical">
<TextView <TextView
android:id="@+id/current_password_label"
android:layout_width="wrap_content" android:layout_width="wrap_content"
android:layout_height="wrap_content" android:layout_height="wrap_content"
android:text="@string/current_password" android:text="@string/current_password"

View file

@ -635,4 +635,5 @@
<string name="presence_away">Away</string> <string name="presence_away">Away</string>
<string name="presence_xa">Not Available</string> <string name="presence_xa">Not Available</string>
<string name="presence_dnd">Busy</string> <string name="presence_dnd">Busy</string>
<string name="secure_password_generated">A secure password has been generated</string>
</resources> </resources>