Skip to content
This repository has been archived by the owner on Apr 12, 2022. It is now read-only.

Commit

Permalink
Privacy: Allow password reset when no IS (#3261)
Browse files Browse the repository at this point in the history
  • Loading branch information
@bmarty @BillCarsonFr
bmarty authored and BillCarsonFr committed Sep 24, 2019
1 parent 7c699da commit 416c613
Show file tree
Hide file tree
Showing 3 changed files with 99 additions and 62 deletions.
1 change: 1 addition & 0 deletions CHANGES.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ Features:
- Privacy: Use wellknown to discover the IS of a HS (#3283)
- Privacy: Remove the bind true flag from 3PID adds in settings (#3254)
- Privacy: Remove the ability to set an IS at login/registration (#3264)
- Privacy: Allow password reset when no IS (#3261)

Improvements:
-
Expand Down
159 changes: 97 additions & 62 deletions vector/src/main/java/im/vector/activity/LoginActivity.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -987,7 +987,7 @@ private void onHomeServerUrlUpdateStep2(boolean checkFlowOnUpdate) {
private void checkIdentityServerUrlField() {
mIdentityServerTextTil.setVisibility(View.GONE);

if (mMode == MODE_ACCOUNT_CREATION) {
if (mMode == MODE_ACCOUNT_CREATION || mMode == MODE_FORGOT_PASSWORD) {
new LoginRestClient(getHsConfig())
.doesServerRequireIdentityServerParam(new ApiCallback<Boolean>() {
@Override
Expand Down Expand Up @@ -1250,25 +1250,60 @@ void onForgotPasswordClick() {
//Log.d(LOG_TAG, "onForgotPasswordClick for email " + email);
Log.d(LOG_TAG, "onForgotPasswordClick");

enableLoadingScreen(true);

Uri identityServerUri = hsConfig.getIdentityServerUri();
if (identityServerUri == null) {
Toast.makeText(this, R.string.identity_server_not_defined, Toast.LENGTH_LONG).show();
if (identityServerUri == null || identityServerUri.toString().isEmpty()) {
// Check if the HS require an identity server
new LoginRestClient(getHsConfig())
.doesServerRequireIdentityServerParam(new ApiCallback<Boolean>() {
@Override
public void onNetworkError(Exception e) {
enableLoadingScreen(false);
Toast.makeText(LoginActivity.this, e.getLocalizedMessage(), Toast.LENGTH_LONG).show();
}

@Override
public void onMatrixError(MatrixError e) {
enableLoadingScreen(false);
Toast.makeText(LoginActivity.this, e.getLocalizedMessage(), Toast.LENGTH_LONG).show();
}

@Override
public void onUnexpectedError(Exception e) {
enableLoadingScreen(false);
Toast.makeText(LoginActivity.this, e.getLocalizedMessage(), Toast.LENGTH_LONG).show();
}

@Override
public void onSuccess(Boolean info) {
if (info) {
enableLoadingScreen(false);
Toast.makeText(LoginActivity.this, R.string.identity_server_not_defined_for_password_reset, Toast.LENGTH_LONG).show();
} else {
doForgetPasswordRequest(hsConfig, email, null);
}
}
});
} else {
enableLoadingScreen(true);
doForgetPasswordRequest(hsConfig, email, identityServerUri.getHost());
}
}

ProfileRestClient pRest = new ProfileRestClient(hsConfig);
private void doForgetPasswordRequest(HomeServerConnectionConfig hsConfig, String email, @Nullable String identityServerHost) {
ProfileRestClient pRest = new ProfileRestClient(hsConfig);

pRest.forgetPassword(email, new ApiCallback<ThreePid>() {
@Override
public void onSuccess(ThreePid thirdPid) {
if (mMode == MODE_FORGOT_PASSWORD) {
Log.d(LOG_TAG, "onForgotPasswordClick : requestEmailValidationToken succeeds");
pRest.forgetPassword(email, new ApiCallback<ThreePid>() {
@Override
public void onSuccess(ThreePid thirdPid) {
if (mMode == MODE_FORGOT_PASSWORD) {
Log.d(LOG_TAG, "onForgotPasswordClick : requestEmailValidationToken succeeds");

enableLoadingScreen(false);
enableLoadingScreen(false);

// refresh the messages
hideMainLayoutAndToast(getString(R.string.auth_reset_password_email_validation_message, email));
mButtonsView.setVisibility(View.VISIBLE);
// refresh the messages
hideMainLayoutAndToast(getString(R.string.auth_reset_password_email_validation_message, email));
mButtonsView.setVisibility(View.VISIBLE);

mMode = MODE_FORGOT_PASSWORD_WAITING_VALIDATION;
refreshDisplay(true);
Expand All @@ -1279,65 +1314,65 @@ public void onSuccess(ThreePid thirdPid) {
mForgotPid.sid = thirdPid.getSid();
}
}
}

/**
* Display a toast to warn that the operation failed
*
* @param errorMessage the error message.
*/
private void onError(final String errorMessage) {
Log.e(LOG_TAG, "onForgotPasswordClick : requestEmailValidationToken fails with error " + errorMessage);
/**
* Display a toast to warn that the operation failed
*
* @param errorMessage the error message.
*/
private void onError(final String errorMessage) {
Log.e(LOG_TAG, "onForgotPasswordClick : requestEmailValidationToken fails with error " + errorMessage);

if (mMode == MODE_FORGOT_PASSWORD) {
enableLoadingScreen(false);
Toast.makeText(LoginActivity.this, errorMessage, Toast.LENGTH_LONG).show();
}
if (mMode == MODE_FORGOT_PASSWORD) {
enableLoadingScreen(false);
Toast.makeText(LoginActivity.this, errorMessage, Toast.LENGTH_LONG).show();
}
}

@Override
public void onNetworkError(final Exception e) {
if (mMode == MODE_FORGOT_PASSWORD) {
UnrecognizedCertificateException unrecCertEx = CertUtil.getCertificateException(e);
if (unrecCertEx != null) {
final Fingerprint fingerprint = unrecCertEx.getFingerprint();

UnrecognizedCertHandler.show(hsConfig, fingerprint, false, new UnrecognizedCertHandler.Callback() {
@Override
public void onAccept() {
onForgotPasswordClick();
}
@Override
public void onNetworkError(final Exception e) {
if (mMode == MODE_FORGOT_PASSWORD) {
UnrecognizedCertificateException unrecCertEx = CertUtil.getCertificateException(e);
if (unrecCertEx != null) {
final Fingerprint fingerprint = unrecCertEx.getFingerprint();

UnrecognizedCertHandler.show(hsConfig, fingerprint, false, new UnrecognizedCertHandler.Callback() {
@Override
public void onAccept() {
onForgotPasswordClick();
}

@Override
public void onIgnore() {
onError(e.getLocalizedMessage());
}
@Override
public void onIgnore() {
onError(e.getLocalizedMessage());
}

@Override
public void onReject() {
onError(e.getLocalizedMessage());
}
});
} else {
onError(e.getLocalizedMessage());
}
@Override
public void onReject() {
onError(e.getLocalizedMessage());
}
});
} else {
onError(e.getLocalizedMessage());
}
}
}

@Override
public void onUnexpectedError(Exception e) {
onError(e.getLocalizedMessage());
}
@Override
public void onUnexpectedError(Exception e) {
onError(e.getLocalizedMessage());
}

@Override
public void onMatrixError(MatrixError e) {
if (TextUtils.equals(MatrixError.THREEPID_NOT_FOUND, e.errcode)) {
onError(getString(R.string.account_email_not_found_error));
} else {
onError(e.getLocalizedMessage());
}
@Override
public void onMatrixError(MatrixError e) {
if (TextUtils.equals(MatrixError.THREEPID_NOT_FOUND, e.errcode)) {
onError(getString(R.string.account_email_not_found_error));
} else {
onError(e.getLocalizedMessage());
}
});
}
}
});
}

/**
Expand Down
1 change: 1 addition & 0 deletions vector/src/main/res/values/strings.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1474,6 +1474,7 @@ Why choose Riot.im?

<!-- Identity server -->
<string name="identity_server_not_defined">You are not using any Identity Server</string>
<string name="identity_server_not_defined_for_password_reset">No identity server is configured, it is required to reset your password.</string>

<string name="security_warning_identity_server">"Previous versions of Riot had a security bug which could give your Identity Server (%1$s) access to your account. If you trust %2$s, you can ignore this; otherwise please logout and login again.\n\nRead more details here:\nhttps://medium.com/@RiotChat/36b4792ea0d6"</string>

Expand Down

0 comments on commit 416c613

Please sign in to comment.