diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 6e519ba518bdcad01dc2f989d607a388654c6120..2b951e1721f1addfae8af4eb17d47eeb25880e00 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -15,7 +15,6 @@ stages: before_script: - echo email.key=$PEPPER >> local.properties - echo MURENA_CLIENT_ID=$MURENA_CLIENT_ID >> local.properties - - echo MURENA_CLIENT_SECRET=$MURENA_CLIENT_SECRET >> local.properties - echo MURENA_REDIRECT_URI=$MURENA_REDIRECT_URI >> local.properties - echo MURENA_LOGOUT_REDIRECT_URI=$MURENA_LOGOUT_REDIRECT_URI >> local.properties - echo MURENA_BASE_URL=$MURENA_BASE_URL >> local.properties diff --git a/app/build.gradle b/app/build.gradle index 0904d4364eacd09f6c8c0367d6eb9880d005981a..3ef3fa5a1bc4bbdeda4ecc5752382344de6d9b1a 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -113,7 +113,6 @@ android { defaultConfig { buildConfigField "String", "MURENA_CLIENT_ID", "\"${retrieveKey("MURENA_CLIENT_ID")}\"" - buildConfigField "String", "MURENA_CLIENT_SECRET", "\"${retrieveKey("MURENA_CLIENT_SECRET")}\"" buildConfigField "String", "MURENA_REDIRECT_URI", "\"${retrieveKey("MURENA_REDIRECT_URI")}\"" buildConfigField "String", "MURENA_LOGOUT_REDIRECT_URI", "\"${retrieveKey("MURENA_LOGOUT_REDIRECT_URI")}\"" buildConfigField "String", "MURENA_BASE_URL", "\"${retrieveKey("MURENA_BASE_URL")}\"" diff --git a/app/src/main/kotlin/at/bitfire/davdroid/authorization/IdentityProvider.kt b/app/src/main/kotlin/at/bitfire/davdroid/authorization/IdentityProvider.kt index c7cdbf441ea4fa42e66ad27a567187019f1c48f7..02e8437946b2b9d60abed5d87197e535ce459acc 100644 --- a/app/src/main/kotlin/at/bitfire/davdroid/authorization/IdentityProvider.kt +++ b/app/src/main/kotlin/at/bitfire/davdroid/authorization/IdentityProvider.kt @@ -42,7 +42,7 @@ enum class IdentityProvider( authEndpoint = null, tokenEndpoint = null, clientId = BuildConfig.MURENA_CLIENT_ID, - clientSecret = BuildConfig.MURENA_CLIENT_SECRET, + clientSecret = null, redirectUri = BuildConfig.MURENA_REDIRECT_URI + ":/redirect", logoutRedirectUri = BuildConfig.MURENA_LOGOUT_REDIRECT_URI + ":/redirect", scope = "openid profile email offline_access", diff --git a/app/src/main/kotlin/at/bitfire/davdroid/network/HttpClient.kt b/app/src/main/kotlin/at/bitfire/davdroid/network/HttpClient.kt index b5fff9d5f4d9fb22c97e836c11e0bd55dbab44c1..d61ba172aaa8769b9f91b9414e5f20795a12bc7b 100644 --- a/app/src/main/kotlin/at/bitfire/davdroid/network/HttpClient.kt +++ b/app/src/main/kotlin/at/bitfire/davdroid/network/HttpClient.kt @@ -89,8 +89,12 @@ class HttpClient private constructor( } override fun close() { - authService?.dispose() - okHttpClient.cache?.close() + try { + okHttpClient.cache?.close() + authService?.dispose() + } catch (e: Exception) { + Logger.log.log(Level.INFO, "failed to clear resource on close httpClient", e) + } } diff --git a/app/src/main/kotlin/at/bitfire/davdroid/syncadapter/DefaultAccountAuthenticatorService.kt b/app/src/main/kotlin/at/bitfire/davdroid/syncadapter/DefaultAccountAuthenticatorService.kt index da635b072b8bed3064dbdc3864a779fbbe13d8fd..16adca03594c599a969c3e46ec26cd7ab4df36f9 100644 --- a/app/src/main/kotlin/at/bitfire/davdroid/syncadapter/DefaultAccountAuthenticatorService.kt +++ b/app/src/main/kotlin/at/bitfire/davdroid/syncadapter/DefaultAccountAuthenticatorService.kt @@ -232,7 +232,11 @@ abstract class DefaultAccountAuthenticatorService : Service(), OnAccountsUpdateL result.putString(AccountManager.KEY_AUTHTOKEN, authState.accessToken) response?.onResult(result) - authorizationService.dispose() + try { + authorizationService.dispose() + } catch (e: Exception) { + Logger.log.log(Level.INFO, "failed to dispose oidc authorizationService", e) + } } val result = Bundle() diff --git a/app/src/main/kotlin/at/bitfire/davdroid/syncadapter/SyncManager.kt b/app/src/main/kotlin/at/bitfire/davdroid/syncadapter/SyncManager.kt index eb36c64150b60b7474b7012d4cfbffce1fff6e64..ae3b479bb536e8fb19ad9d56f7d7aa04cee9baa8 100644 --- a/app/src/main/kotlin/at/bitfire/davdroid/syncadapter/SyncManager.kt +++ b/app/src/main/kotlin/at/bitfire/davdroid/syncadapter/SyncManager.kt @@ -211,7 +211,11 @@ abstract class SyncManager, out CollectionType: L performSync(DEFAULT_RETRY_AFTER, DEFAULT_SECOND_RETRY_AFTER, DEFAULT_MAX_RETRY_TIME) } - authorizationService.dispose() + try { + authorizationService.dispose() + } catch (e: Exception) { + Logger.log.log(Level.INFO, "failed to dispose oidc authorizationService", e) + } } } diff --git a/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/DetectConfigurationFragment.kt b/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/DetectConfigurationFragment.kt index 92114462c591cc8ef88f598159f127d8a15182a7..be7d2750ebfd1a313d2f533a49030241b5e9de35 100644 --- a/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/DetectConfigurationFragment.kt +++ b/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/DetectConfigurationFragment.kt @@ -10,7 +10,6 @@ import android.os.Bundle import android.view.LayoutInflater import android.view.View import android.view.ViewGroup -import androidx.core.content.ContextCompat import androidx.fragment.app.DialogFragment import androidx.fragment.app.Fragment import androidx.fragment.app.activityViewModels @@ -18,14 +17,13 @@ import androidx.fragment.app.viewModels import androidx.lifecycle.AndroidViewModel import androidx.lifecycle.LiveData import androidx.lifecycle.MutableLiveData -import at.bitfire.davdroid.Constants +import at.bitfire.davdroid.ECloudAccountHelper import at.bitfire.davdroid.R import at.bitfire.davdroid.db.Credentials import at.bitfire.davdroid.log.Logger import at.bitfire.davdroid.servicedetection.DavResourceFinder import at.bitfire.davdroid.ui.DebugInfoActivity import com.google.android.material.dialog.MaterialAlertDialogBuilder -import at.bitfire.davdroid.ECloudAccountHelper import java.lang.ref.WeakReference import java.net.URI import java.util.logging.Level @@ -47,7 +45,7 @@ class DetectConfigurationFragment: Fragment() { return } - val blockOnUnauthorizedException = (accountType == getString(R.string.eelo_account_type)) && !EeloAuthenticatorModel.enableOpenIdSupport + val blockOnUnauthorizedException = (accountType == getString(R.string.eelo_account_type)) && !EeloAuthenticatorModel.ENABLE_OIDC_SUPPORT val baseURI = loginModel.baseURI ?: return diff --git a/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/EeloAuthenticatorFragment.kt b/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/EeloAuthenticatorFragment.kt index 77b0252c74c3991a0685e53b924bf7db4da990a0..47bbafcf0a99699cb6dd64f25363688010eca628 100644 --- a/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/EeloAuthenticatorFragment.kt +++ b/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/EeloAuthenticatorFragment.kt @@ -79,7 +79,7 @@ class EeloAuthenticatorFragment : Fragment() { passwordEditText = v.root.findViewById(R.id.urlpwd_password) passwordHolder = v.root.findViewById(R.id.password_holder) - passwordHolder.isVisible = !EeloAuthenticatorModel.enableOpenIdSupport + passwordHolder.isVisible = !EeloAuthenticatorModel.ENABLE_OIDC_SUPPORT serverToggleButton.setOnClickListener { expandCollapse() } @@ -87,7 +87,7 @@ class EeloAuthenticatorFragment : Fragment() { val tfaButton = v.root.findViewById(R.id.twofa_info_button) tfaButton.setOnClickListener { show2FAInfoDialog() } - tfaButton.isVisible = !EeloAuthenticatorModel.enableOpenIdSupport + tfaButton.isVisible = !EeloAuthenticatorModel.ENABLE_OIDC_SUPPORT userIdEditText.doOnTextChanged { text, _, _, _ -> val domain = computeDomain(text) @@ -205,7 +205,7 @@ class EeloAuthenticatorFragment : Fragment() { private fun login() { handleNoNetworkAvailable() - val handleOpenIdAuth = EeloAuthenticatorModel.enableOpenIdSupport && !toggleButtonState + val handleOpenIdAuth = EeloAuthenticatorModel.ENABLE_OIDC_SUPPORT && !toggleButtonState val userId = userIdEditText.text.toString() val password = passwordEditText.text.toString() @@ -306,7 +306,7 @@ class EeloAuthenticatorFragment : Fragment() { serverUrlEditText.isEnabled = false toggleButtonState = false - if(!EeloAuthenticatorModel.enableOpenIdSupport) { + if(!EeloAuthenticatorModel.ENABLE_OIDC_SUPPORT) { return } diff --git a/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/EeloAuthenticatorModel.kt b/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/EeloAuthenticatorModel.kt index c65296df1a15c71d505ded1a55fa11ec712ec70f..9b05b2e607c7b685007da8fa8d3b8e480db0fa75 100644 --- a/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/EeloAuthenticatorModel.kt +++ b/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/EeloAuthenticatorModel.kt @@ -27,7 +27,7 @@ class EeloAuthenticatorModel(application: Application) : AndroidViewModel(applic companion object { // as https://gitlab.e.foundation/e/backlog/-/issues/6287 is blocked, the openId implementation is not ready yet. // But we want to push the changes so later we won't face any conflict. So we are disabling the openId feature for now. - const val enableOpenIdSupport = false + const val ENABLE_OIDC_SUPPORT = true } private var initialized = false diff --git a/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/GoogleLoginFragment.kt b/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/GoogleLoginFragment.kt index 6ef6e097182ba92726b5ec4a011675ce909c0478..21c91f48856e1ac3b3f92c63008b572288584f31 100644 --- a/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/GoogleLoginFragment.kt +++ b/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/GoogleLoginFragment.kt @@ -209,7 +209,11 @@ class GoogleLoginFragment(private val defaultEmail: String? = null): Fragment() } override fun onCleared() { - authService.dispose() + try { + authService.dispose() + } catch (e: Exception) { + Logger.log.log(Level.INFO, "failed to dispose oidc authorizationService", e) + } } } diff --git a/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/OpenIdAuthenticationViewModel.kt b/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/OpenIdAuthenticationViewModel.kt index 175872dc535f3ca318c76db71bfc31a20cc6ccd3..f777a8d805919302b1940b0e8164318cbfa33988 100644 --- a/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/OpenIdAuthenticationViewModel.kt +++ b/app/src/main/kotlin/at/bitfire/davdroid/ui/setup/OpenIdAuthenticationViewModel.kt @@ -62,8 +62,13 @@ class OpenIdAuthenticationViewModel(application: Application) : AndroidViewModel } override fun onCleared() { - authorizationService.dispose() super.onCleared() + try { + authorizationService.dispose() + } catch (e: Exception) { + Logger.log.log(Level.INFO, "failed to dispose oidc authorizationService", e) + } + } fun getAuthState(): AuthState { diff --git a/app/src/main/kotlin/at/bitfire/davdroid/ui/signout/OpenIdEndSessionActivity.kt b/app/src/main/kotlin/at/bitfire/davdroid/ui/signout/OpenIdEndSessionActivity.kt index 631e4b8f75200e1bb1bec926f08d20d32bc70e00..5001315b45ea2301eda19a1f7cfa39f6f6207e73 100644 --- a/app/src/main/kotlin/at/bitfire/davdroid/ui/signout/OpenIdEndSessionActivity.kt +++ b/app/src/main/kotlin/at/bitfire/davdroid/ui/signout/OpenIdEndSessionActivity.kt @@ -20,11 +20,13 @@ import android.accounts.AccountManager import android.app.Activity import android.os.Bundle import at.bitfire.davdroid.authorization.IdentityProvider +import at.bitfire.davdroid.log.Logger import at.bitfire.davdroid.settings.AccountSettings import net.openid.appauth.AuthState import net.openid.appauth.AuthorizationService import net.openid.appauth.AuthorizationServiceConfiguration import net.openid.appauth.EndSessionRequest +import java.util.logging.Level class OpenIdEndSessionActivity : Activity() { @@ -79,7 +81,12 @@ class OpenIdEndSessionActivity : Activity() { } override fun onDestroy() { - authorizationService?.dispose() super.onDestroy() + + try { + authorizationService?.dispose() + } catch (e: Exception) { + Logger.log.log(Level.INFO, "failed to dispose oidc authorizationService", e) + } } }