Skip to content

Commit

Permalink
Merge pull request #8 from klaxit/feature/lint-with-detekt
Browse files Browse the repository at this point in the history
Add detekt as kotlin linter, adjust code and fix some typos
  • Loading branch information
ben-j69 authored Nov 30, 2020
2 parents 5f42e29 + 12c8c78 commit 24913ec
Show file tree
Hide file tree
Showing 8 changed files with 794 additions and 94 deletions.
10 changes: 10 additions & 0 deletions .editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
root = true

[*]
charset = utf-8
end_of_line = lf
indent_size = 4
indent_style = space
insert_final_newline = false
max_line_length = 120
tab_width = 4
1 change: 1 addition & 0 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ dist: trusty
jdk: oraclejdk8

script:
- ./gradlew detekt
- ./gradlew test --info --build-cache

before_cache:
Expand Down
19 changes: 11 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ It uses a combination of obfuscation techniques to do so :
- secret is obfuscated using the reversible XOR operator so it never appears in plain sight,
- obfuscated secret is stored in a NDK binary as an hexadecimal array, so it is really hard to spot / put together from a disassembly,
- the obfuscating string is not persisted in the binary to force runtime evaluation (ie : prevent the compiler from disclosing the secret by optimizing the de-obfuscation logic),
- optionnaly, anyone can provide it's own encoding / decoding algorithm when using the plugin to add an additional security layer.
- optionally, anyone can provide its own encoding / decoding algorithm when using the plugin to add an additional security layer.

This plugin is **used in production** at [Klaxit - Covoiturage quotidien](https://play.google.com/store/apps/details?id=com.wayzup.wayzupapp). Our engineering team at Klaxit will provide its best effort to maintain this project.

Expand Down Expand Up @@ -55,7 +55,7 @@ For more details about the installation check the [plugin's page](https://plugin

Obfuscate and hide your key in your project :
```shell
gradle hideSecret -Pkey=yourKeyToObfuscate [-PkeyName=YourSecretKeyName] [-Ppackage=com.your.package]
./gradlew hideSecret -Pkey=yourKeyToObfuscate [-PkeyName=YourSecretKeyName] [-Ppackage=com.your.package]
```
The parameter `keyName` is optional, by default the key name is randomly generated.
The parameter `package` is optional, by default the `applicationId` of your project will be used.
Expand Down Expand Up @@ -94,7 +94,7 @@ As an example, we will use a [rot13 algorithm](https://en.wikipedia.org/wiki/ROT
After a rot13 encoding your key `yourKeyToObfuscate` becomes `lbheXrlGbBoshfpngr`.
Add it in your app :
```shell
gradle hideSecret -Pkey=lbheXrlGbBoshfpngr -PkeyName=YourSecretKeyName
./gradlew hideSecret -Pkey=lbheXrlGbBoshfpngr -PkeyName=YourSecretKeyName
```

Then in `secrets.cpp` you need to add your own decoding code in `customDecode` method:
Expand Down Expand Up @@ -126,24 +126,27 @@ Secrets().getYourSecretKeyName(packageName)
### Copy files
Copy required files to your project :
```shell
gradle copyCpp
gradle copyKotlin [-Ppackage=your.package.name]
./gradlew copyCpp
./gradlew copyKotlin [-Ppackage=your.package.name]
```

### Obfuscate
Create an obfuscated key and display it :
```shell
gradle obfuscate -Pkey=yourKeyToObfuscate [-Ppackage=com.your.package]
./gradlew obfuscate -Pkey=yourKeyToObfuscate [-Ppackage=com.your.package]
```
This command can be useful if you modify your app's package name based on `buildTypes` configuration. With this command you can get the obfuscated key for a different package name and manually integrate it in another function in `secrets.cpp`.

## Development

Pull Requests are very welcome!

To get started, checkout the code and run `gradle build` to create the `.jar` file in `/build/libs/`.
To get started, checkout the code and run `./gradlew build` to create the `.jar` file in `/build/libs/`.

Please make sure that you have tested your code carefully before opening a PR, and make sure as well that you have no style issues.
Before opening a PR :
- make sure that you have tested your code carefully
- `/gradlew test` must succeed
- `/gradlew detekt` must succeed to avoid any style issue

## Authors

Expand Down
5 changes: 3 additions & 2 deletions build.gradle.kts
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
plugins {
id("com.gradle.plugin-publish") version "0.12.0"
id("io.gitlab.arturbosch.detekt") version "1.14.2"
`java-gradle-plugin`
`kotlin-dsl`
`maven-publish`
Expand All @@ -17,8 +18,8 @@ repositories {
dependencies {
implementation("com.android.tools.build:gradle:4.0.0")

testImplementation("io.kotlintest:kotlintest-runner-junit5:3.1.10")
testImplementation("junit:junit:4.13")
testImplementation("io.kotlintest:kotlintest-runner-junit5:3.1.11")
testImplementation("junit:junit:4.13.1")
}

configure<JavaPluginConvention> {
Expand Down
Loading

0 comments on commit 24913ec

Please sign in to comment.