From a892999aed23bff8ce03106ed65f037b1c0c1b51 Mon Sep 17 00:00:00 2001 From: Benoit Marty Date: Wed, 4 Sep 2019 17:31:27 +0200 Subject: [PATCH] Privacy: Allow password reset when no IS (#3261) --- CHANGES.rst | 1 + .../im/vector/activity/LoginActivity.java | 159 +++++++++++------- vector/src/main/res/values/strings.xml | 1 + 3 files changed, 99 insertions(+), 62 deletions(-) diff --git a/CHANGES.rst b/CHANGES.rst index 584f48bb8d..ae4dae8dbf 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -13,6 +13,7 @@ Features: - Privacy: Use wellknown to discover the IS of a HS (#3283) - Privacy: Remove the bind true flag from 3PID adds in settings (#3254) - Privacy: Remove the ability to set an IS at login/registration (#3264) + - Privacy: Allow password reset when no IS (#3261) Improvements: - diff --git a/vector/src/main/java/im/vector/activity/LoginActivity.java b/vector/src/main/java/im/vector/activity/LoginActivity.java index 46b454a6cf..6085a6ce2f 100644 --- a/vector/src/main/java/im/vector/activity/LoginActivity.java +++ b/vector/src/main/java/im/vector/activity/LoginActivity.java @@ -987,7 +987,7 @@ private void onHomeServerUrlUpdateStep2(boolean checkFlowOnUpdate) { private void checkIdentityServerUrlField() { mIdentityServerTextTil.setVisibility(View.GONE); - if (mMode == MODE_ACCOUNT_CREATION) { + if (mMode == MODE_ACCOUNT_CREATION || mMode == MODE_FORGOT_PASSWORD) { new LoginRestClient(getHsConfig()) .doesServerRequireIdentityServerParam(new ApiCallback() { @Override @@ -1250,25 +1250,60 @@ void onForgotPasswordClick() { //Log.d(LOG_TAG, "onForgotPasswordClick for email " + email); Log.d(LOG_TAG, "onForgotPasswordClick"); + enableLoadingScreen(true); + Uri identityServerUri = hsConfig.getIdentityServerUri(); - if (identityServerUri == null) { - Toast.makeText(this, R.string.identity_server_not_defined, Toast.LENGTH_LONG).show(); + if (identityServerUri == null || identityServerUri.toString().isEmpty()) { + // Check if the HS require an identity server + new LoginRestClient(getHsConfig()) + .doesServerRequireIdentityServerParam(new ApiCallback() { + @Override + public void onNetworkError(Exception e) { + enableLoadingScreen(false); + Toast.makeText(LoginActivity.this, e.getLocalizedMessage(), Toast.LENGTH_LONG).show(); + } + + @Override + public void onMatrixError(MatrixError e) { + enableLoadingScreen(false); + Toast.makeText(LoginActivity.this, e.getLocalizedMessage(), Toast.LENGTH_LONG).show(); + } + + @Override + public void onUnexpectedError(Exception e) { + enableLoadingScreen(false); + Toast.makeText(LoginActivity.this, e.getLocalizedMessage(), Toast.LENGTH_LONG).show(); + } + + @Override + public void onSuccess(Boolean info) { + if (info) { + enableLoadingScreen(false); + Toast.makeText(LoginActivity.this, R.string.identity_server_not_defined_for_password_reset, Toast.LENGTH_LONG).show(); + } else { + doForgetPasswordRequest(hsConfig, email, null); + } + } + }); } else { - enableLoadingScreen(true); + doForgetPasswordRequest(hsConfig, email, identityServerUri.getHost()); + } + } - ProfileRestClient pRest = new ProfileRestClient(hsConfig); + private void doForgetPasswordRequest(HomeServerConnectionConfig hsConfig, String email, @Nullable String identityServerHost) { + ProfileRestClient pRest = new ProfileRestClient(hsConfig); - pRest.forgetPassword(email, new ApiCallback() { - @Override - public void onSuccess(ThreePid thirdPid) { - if (mMode == MODE_FORGOT_PASSWORD) { - Log.d(LOG_TAG, "onForgotPasswordClick : requestEmailValidationToken succeeds"); + pRest.forgetPassword(email, new ApiCallback() { + @Override + public void onSuccess(ThreePid thirdPid) { + if (mMode == MODE_FORGOT_PASSWORD) { + Log.d(LOG_TAG, "onForgotPasswordClick : requestEmailValidationToken succeeds"); - enableLoadingScreen(false); + enableLoadingScreen(false); - // refresh the messages - hideMainLayoutAndToast(getString(R.string.auth_reset_password_email_validation_message, email)); - mButtonsView.setVisibility(View.VISIBLE); + // refresh the messages + hideMainLayoutAndToast(getString(R.string.auth_reset_password_email_validation_message, email)); + mButtonsView.setVisibility(View.VISIBLE); mMode = MODE_FORGOT_PASSWORD_WAITING_VALIDATION; refreshDisplay(true); @@ -1279,65 +1314,65 @@ public void onSuccess(ThreePid thirdPid) { mForgotPid.sid = thirdPid.getSid(); } } + } - /** - * Display a toast to warn that the operation failed - * - * @param errorMessage the error message. - */ - private void onError(final String errorMessage) { - Log.e(LOG_TAG, "onForgotPasswordClick : requestEmailValidationToken fails with error " + errorMessage); + /** + * Display a toast to warn that the operation failed + * + * @param errorMessage the error message. + */ + private void onError(final String errorMessage) { + Log.e(LOG_TAG, "onForgotPasswordClick : requestEmailValidationToken fails with error " + errorMessage); - if (mMode == MODE_FORGOT_PASSWORD) { - enableLoadingScreen(false); - Toast.makeText(LoginActivity.this, errorMessage, Toast.LENGTH_LONG).show(); - } + if (mMode == MODE_FORGOT_PASSWORD) { + enableLoadingScreen(false); + Toast.makeText(LoginActivity.this, errorMessage, Toast.LENGTH_LONG).show(); } + } - @Override - public void onNetworkError(final Exception e) { - if (mMode == MODE_FORGOT_PASSWORD) { - UnrecognizedCertificateException unrecCertEx = CertUtil.getCertificateException(e); - if (unrecCertEx != null) { - final Fingerprint fingerprint = unrecCertEx.getFingerprint(); - - UnrecognizedCertHandler.show(hsConfig, fingerprint, false, new UnrecognizedCertHandler.Callback() { - @Override - public void onAccept() { - onForgotPasswordClick(); - } + @Override + public void onNetworkError(final Exception e) { + if (mMode == MODE_FORGOT_PASSWORD) { + UnrecognizedCertificateException unrecCertEx = CertUtil.getCertificateException(e); + if (unrecCertEx != null) { + final Fingerprint fingerprint = unrecCertEx.getFingerprint(); + + UnrecognizedCertHandler.show(hsConfig, fingerprint, false, new UnrecognizedCertHandler.Callback() { + @Override + public void onAccept() { + onForgotPasswordClick(); + } - @Override - public void onIgnore() { - onError(e.getLocalizedMessage()); - } + @Override + public void onIgnore() { + onError(e.getLocalizedMessage()); + } - @Override - public void onReject() { - onError(e.getLocalizedMessage()); - } - }); - } else { - onError(e.getLocalizedMessage()); - } + @Override + public void onReject() { + onError(e.getLocalizedMessage()); + } + }); + } else { + onError(e.getLocalizedMessage()); } } + } - @Override - public void onUnexpectedError(Exception e) { - onError(e.getLocalizedMessage()); - } + @Override + public void onUnexpectedError(Exception e) { + onError(e.getLocalizedMessage()); + } - @Override - public void onMatrixError(MatrixError e) { - if (TextUtils.equals(MatrixError.THREEPID_NOT_FOUND, e.errcode)) { - onError(getString(R.string.account_email_not_found_error)); - } else { - onError(e.getLocalizedMessage()); - } + @Override + public void onMatrixError(MatrixError e) { + if (TextUtils.equals(MatrixError.THREEPID_NOT_FOUND, e.errcode)) { + onError(getString(R.string.account_email_not_found_error)); + } else { + onError(e.getLocalizedMessage()); } - }); - } + } + }); } /** diff --git a/vector/src/main/res/values/strings.xml b/vector/src/main/res/values/strings.xml index c61012a1df..3f6f8cac91 100755 --- a/vector/src/main/res/values/strings.xml +++ b/vector/src/main/res/values/strings.xml @@ -1480,6 +1480,7 @@ Why choose Riot.im? You are not using any Identity Server + No identity server is configured, it is required to reset your password. "Previous versions of Riot had a security bug which could give your Identity Server (%1$s) access to your account. If you trust %2$s, you can ignore this; otherwise please logout and login again.\n\nRead more details here:\nhttps://medium.com/@RiotChat/36b4792ea0d6"