From 15f27b712e69e7ebe3abc858732a6cb514aa8bab Mon Sep 17 00:00:00 2001 From: Armin Date: Sat, 18 May 2024 13:20:12 +0200 Subject: [PATCH] Add logout support --- .../cyface/synchronization/WiFiSurveyor.java | 4 +-- .../synchronization/AuthStateManager.kt | 35 ++++++++++++++++++- .../synchronization/CyfaceAuthenticator.kt | 2 +- .../CyfaceAuthenticatorService.kt | 1 - .../synchronization/CyfaceSyncService.kt | 5 ++- .../de/cyface/synchronization/OAuth2.kt | 26 ++++++++------ 6 files changed, 57 insertions(+), 16 deletions(-) diff --git a/synchronization/src/main/java/de/cyface/synchronization/WiFiSurveyor.java b/synchronization/src/main/java/de/cyface/synchronization/WiFiSurveyor.java index de48aa980..4088ff41b 100644 --- a/synchronization/src/main/java/de/cyface/synchronization/WiFiSurveyor.java +++ b/synchronization/src/main/java/de/cyface/synchronization/WiFiSurveyor.java @@ -374,8 +374,8 @@ public void makeAccountSyncable(@NonNull final Account account, boolean enabled) * @return The only Account existing */ public Account getAccount() { - final AccountManager accountManager = AccountManager.get(context.get()); - final Account[] cyfaceAccounts = accountManager.getAccountsByType(accountType); + final var accountManager = AccountManager.get(context.get()); + final var cyfaceAccounts = accountManager.getAccountsByType(accountType); if (cyfaceAccounts.length == 0) { throw new IllegalStateException("No cyface account exists."); } diff --git a/synchronization/src/main/kotlin/de/cyface/synchronization/AuthStateManager.kt b/synchronization/src/main/kotlin/de/cyface/synchronization/AuthStateManager.kt index 79dad5c27..036f76cfb 100644 --- a/synchronization/src/main/kotlin/de/cyface/synchronization/AuthStateManager.kt +++ b/synchronization/src/main/kotlin/de/cyface/synchronization/AuthStateManager.kt @@ -23,6 +23,7 @@ import net.openid.appauth.AuthorizationResponse import net.openid.appauth.RegistrationResponse import net.openid.appauth.TokenResponse import org.json.JSONException +import java.io.File import java.lang.ref.WeakReference import java.util.concurrent.atomic.AtomicReference import java.util.concurrent.locks.ReentrantLock @@ -32,7 +33,7 @@ import java.util.concurrent.locks.ReentrantLock * This stores the instance in a shared preferences file, and provides thread-safe access and * mutation. */ -class AuthStateManager private constructor(context: Context) { +class AuthStateManager private constructor(private val context: Context) { private val mPrefs: SharedPreferences private val mPrefsLock: ReentrantLock private val mCurrentAuthState: AtomicReference @@ -130,6 +131,38 @@ class AuthStateManager private constructor(context: Context) { } } + /** + * Removes the shared preferences file, as clearing the state did not work. + * + * This was added in [LEIP-233] to fix the bug where the shared preferences were not cleared + * and "credentials invalid" was shown after re-login during upload. + */ + /*@AnyThread + fun clearState() { + mPrefsLock.lock() + try { + val editor = mPrefs.edit() + editor.clear() // Clears all data in the SharedPreferences + check(editor.commit()) { "Failed to clear state from shared prefs" } + mCurrentAuthState.set(null) // Reset the current auth state reference + } finally { + mPrefsLock.unlock() + } + }*/ + @AnyThread + fun deletePreferencesFile() { + mPrefsLock.lock() + try { + val file = File(context.filesDir.parentFile, "shared_prefs/$STORE_NAME.xml") + if (file.exists()) { + file.delete() + } + mCurrentAuthState.set(null) + } finally { + mPrefsLock.unlock() + } + } + companion object { private val INSTANCE_REF = AtomicReference(WeakReference(null)) private const val TAG = "AuthStateManager" diff --git a/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceAuthenticator.kt b/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceAuthenticator.kt index 989a34ee6..6de87bac2 100644 --- a/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceAuthenticator.kt +++ b/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceAuthenticator.kt @@ -50,7 +50,7 @@ import kotlinx.coroutines.runBlocking class CyfaceAuthenticator(private val context: Context) : AbstractAccountAuthenticator(context), LoginActivityProvider { - private var auth: OAuth2 = OAuth2(context, settings) + var auth: OAuth2 = OAuth2(context, settings, "CyfaceAuthenticator") override fun editProperties( response: AccountAuthenticatorResponse, diff --git a/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceAuthenticatorService.kt b/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceAuthenticatorService.kt index 24248d9f3..7f12b7ce9 100644 --- a/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceAuthenticatorService.kt +++ b/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceAuthenticatorService.kt @@ -21,7 +21,6 @@ package de.cyface.synchronization import android.app.Service import android.content.Intent import android.os.IBinder -import android.util.Log /** * The Android service used to communicate with the Stub Authenticator. This has been implemented as described in diff --git a/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceSyncService.kt b/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceSyncService.kt index 50b485e8c..8924f7c60 100644 --- a/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceSyncService.kt +++ b/synchronization/src/main/kotlin/de/cyface/synchronization/CyfaceSyncService.kt @@ -19,7 +19,10 @@ package de.cyface.synchronization import android.app.Service +import android.content.ComponentName +import android.content.Context import android.content.Intent +import android.content.ServiceConnection import android.os.IBinder import de.cyface.uploader.DefaultUploader import de.cyface.utils.Validate @@ -46,7 +49,7 @@ class CyfaceSyncService : Service() { syncAdapter = SyncAdapter( applicationContext, true, - OAuth2(applicationContext, CyfaceAuthenticator.settings), + OAuth2(applicationContext, CyfaceAuthenticator.settings, "CyfaceSyncService"), DefaultUploader(collectorApi), ) } diff --git a/synchronization/src/main/kotlin/de/cyface/synchronization/OAuth2.kt b/synchronization/src/main/kotlin/de/cyface/synchronization/OAuth2.kt index 1acca884b..2bc391223 100644 --- a/synchronization/src/main/kotlin/de/cyface/synchronization/OAuth2.kt +++ b/synchronization/src/main/kotlin/de/cyface/synchronization/OAuth2.kt @@ -22,7 +22,6 @@ import android.accounts.Account import android.accounts.AccountManager import android.content.ContentResolver import android.content.Context -import android.content.Intent import android.os.Build import android.os.Bundle import android.util.Log @@ -38,7 +37,6 @@ import net.openid.appauth.AuthState import net.openid.appauth.AuthorizationException import net.openid.appauth.AuthorizationResponse import net.openid.appauth.AuthorizationService -import net.openid.appauth.AuthorizationServiceConfiguration import net.openid.appauth.ClientAuthentication import net.openid.appauth.EndSessionRequest import net.openid.appauth.TokenRequest @@ -57,7 +55,7 @@ import org.json.JSONObject * @param context The context to load settings and accounts from. * @param settings The settings which store the user preferences. */ -class OAuth2(context: Context, settings: SynchronizationSettings) : Auth { +class OAuth2(context: Context, settings: SynchronizationSettings, private val caller: String) : Auth { /** * The service used for authorization. @@ -84,6 +82,7 @@ class OAuth2(context: Context, settings: SynchronizationSettings) : Auth { //Handler().postDelayed({signOut()}, 2000) //return }*/ + Log.i(TAG, "OAuth2 init ($caller)") authService = AuthorizationService( context, AppAuthConfiguration.Builder() @@ -259,7 +258,7 @@ class OAuth2(context: Context, settings: SynchronizationSettings) : Auth { fun signOut() { // discard the authorization and token state, but retain the configuration and // dynamic client registration (if applicable), to save from retrieving them again. - val currentState: AuthState = stateManager.current + val currentState = stateManager.current if (currentState.authorizationServiceConfiguration != null) { // Replace the state with a fresh `AuthState` val clearedState = AuthState(currentState.authorizationServiceConfiguration!!) @@ -267,16 +266,23 @@ class OAuth2(context: Context, settings: SynchronizationSettings) : Auth { clearedState.update(currentState.lastRegistrationResponse) } stateManager.replace(clearedState) + // FIXME: completely delete AuthState.xml in sharedPreferences to fix credentials + // incorrect bug after logout and login during upload + stateManager.deletePreferencesFile()//clearState() + } else { + Log.w(TAG, "No authorization service configuration to sign out") } + + // Invalidate all tokens to ensure they are no longer used + authService.dispose() } - // Keep: login is currently just deactivated because it's buggy + // FIXME: Keep: login is currently just deactivated because it's buggy fun endSession(activity: FragmentActivity) { - val currentState: AuthState = stateManager.current - val config: AuthorizationServiceConfiguration = - currentState.authorizationServiceConfiguration!! + val currentState = stateManager.current + val config = currentState.authorizationServiceConfiguration!! if (config.endSessionEndpoint != null) { - val endSessionIntent: Intent = authService.getEndSessionRequestIntent( + val endSessionIntent = authService.getEndSessionRequestIntent( EndSessionRequest.Builder(config) .setIdTokenHint(currentState.idToken) .setPostLogoutRedirectUri(configuration.endSessionRedirectUri) @@ -310,4 +316,4 @@ class OAuth2(context: Context, settings: SynchronizationSettings) : Auth { .put("https_required", true) } } -} \ No newline at end of file +}