2020-10-26 08:31:10 +00:00
|
|
|
package eu.faircode.email;
|
|
|
|
|
|
|
|
/*
|
|
|
|
This file is part of FairEmail.
|
|
|
|
|
|
|
|
FairEmail is free software: you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
FairEmail is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with FairEmail. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
2024-01-01 07:50:49 +00:00
|
|
|
Copyright 2018-2024 by Marcel Bokhorst (M66B)
|
2020-10-26 08:31:10 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
import android.accounts.Account;
|
|
|
|
import android.accounts.AccountManager;
|
|
|
|
import android.accounts.AuthenticatorException;
|
|
|
|
import android.accounts.OperationCanceledException;
|
|
|
|
import android.content.Context;
|
2022-08-12 10:12:17 +00:00
|
|
|
import android.content.SharedPreferences;
|
2020-10-26 08:31:10 +00:00
|
|
|
|
|
|
|
import androidx.annotation.NonNull;
|
2022-08-12 10:12:17 +00:00
|
|
|
import androidx.preference.PreferenceManager;
|
2020-10-26 08:31:10 +00:00
|
|
|
|
|
|
|
import org.json.JSONException;
|
|
|
|
import org.json.JSONObject;
|
|
|
|
|
|
|
|
import java.io.IOException;
|
|
|
|
import java.util.Date;
|
2022-08-17 08:13:05 +00:00
|
|
|
import java.util.HashMap;
|
|
|
|
import java.util.Map;
|
2020-10-26 08:31:10 +00:00
|
|
|
import java.util.Objects;
|
|
|
|
|
|
|
|
public class GmailState {
|
|
|
|
private String token;
|
|
|
|
private long acquired;
|
|
|
|
|
|
|
|
static final String TYPE_GOOGLE = "com.google";
|
2022-07-20 16:44:50 +00:00
|
|
|
private static final long TOKEN_LIFETIME = 60 * 60 * 1000L; // milliseconds
|
2020-10-26 08:31:10 +00:00
|
|
|
|
|
|
|
private GmailState(String token, long acquired) {
|
|
|
|
this.token = token;
|
|
|
|
this.acquired = acquired;
|
|
|
|
}
|
|
|
|
|
|
|
|
@NonNull
|
|
|
|
String getAccessToken() throws AuthenticatorException {
|
|
|
|
if (token == null)
|
|
|
|
throw new AuthenticatorException("no token");
|
|
|
|
return token;
|
|
|
|
}
|
|
|
|
|
2020-10-27 08:01:33 +00:00
|
|
|
Long getAccessTokenExpirationTime() {
|
|
|
|
if (token == null || acquired == 0)
|
|
|
|
return null;
|
|
|
|
else
|
|
|
|
return acquired + TOKEN_LIFETIME;
|
|
|
|
}
|
|
|
|
|
2022-07-20 18:34:05 +00:00
|
|
|
void refresh(@NonNull Context context, String id, @NonNull String user, boolean forceRefresh)
|
2021-07-17 11:33:25 +00:00
|
|
|
throws AuthenticatorException, OperationCanceledException, IOException {
|
2022-07-20 08:19:58 +00:00
|
|
|
long now = new Date().getTime();
|
2021-07-17 11:33:25 +00:00
|
|
|
Long expiration = getAccessTokenExpirationTime();
|
2022-07-20 18:34:05 +00:00
|
|
|
boolean needsRefresh = (expiration != null && expiration < now);
|
2022-08-17 08:13:05 +00:00
|
|
|
boolean neededRefresh = needsRefresh;
|
2022-07-20 08:19:58 +00:00
|
|
|
|
2022-07-20 18:34:05 +00:00
|
|
|
if (!needsRefresh && forceRefresh &&
|
|
|
|
expiration != null &&
|
|
|
|
expiration - ServiceAuthenticator.MIN_FORCE_REFRESH_INTERVAL < now)
|
|
|
|
needsRefresh = true;
|
|
|
|
|
2022-08-17 08:13:05 +00:00
|
|
|
Map<String, String> crumb = new HashMap<>();
|
|
|
|
crumb.put("id", id);
|
|
|
|
crumb.put("force", Boolean.toString(forceRefresh));
|
|
|
|
crumb.put("need", Boolean.toString(needsRefresh));
|
|
|
|
crumb.put("needed", Boolean.toString(neededRefresh));
|
2022-08-17 12:58:26 +00:00
|
|
|
crumb.put("token", Boolean.toString(token != null));
|
2022-08-19 08:33:51 +00:00
|
|
|
crumb.put("expiration", expiration == null ? "n/a" : ((expiration - now) / 1000L) + " s");
|
2022-08-17 08:13:05 +00:00
|
|
|
Log.breadcrumb("Token refresh", crumb);
|
2022-07-20 18:34:05 +00:00
|
|
|
|
2022-10-20 19:43:40 +00:00
|
|
|
EntityLog.log(context, EntityLog.Type.General, "Token refresh user=" + id + ":" + user +
|
2022-08-17 08:13:05 +00:00
|
|
|
" force=" + forceRefresh +
|
2022-07-20 18:34:05 +00:00
|
|
|
" need=" + needsRefresh +
|
2022-08-17 08:13:05 +00:00
|
|
|
" needed=" + neededRefresh +
|
|
|
|
" expiration=" + (expiration == null ? null : new Date(expiration)));
|
|
|
|
try {
|
|
|
|
if (needsRefresh && token != null) {
|
|
|
|
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(context);
|
|
|
|
String key = "token." + id + "." + user;
|
|
|
|
long last_refresh = prefs.getLong(key, 0);
|
|
|
|
long ago = now - last_refresh;
|
2022-08-19 08:33:51 +00:00
|
|
|
if (ago < ServiceAuthenticator.MIN_REFRESH_INTERVAL) {
|
|
|
|
crumb.put("ago", (ago / 1000L) + " s");
|
|
|
|
Log.breadcrumb("Blocked token refresh", crumb);
|
|
|
|
EntityLog.log(context, "Blocked token refresh id=" + id +
|
2022-08-17 08:13:05 +00:00
|
|
|
" force=" + forceRefresh +
|
|
|
|
" ago=" + (ago / 1000L) + " s" +
|
|
|
|
" exp=" + (expiration == null ? -1 : (expiration - now) / 1000L) + " s");
|
2022-08-19 08:33:51 +00:00
|
|
|
} else
|
2022-08-17 08:13:05 +00:00
|
|
|
try {
|
2022-10-20 19:43:40 +00:00
|
|
|
EntityLog.log(context, EntityLog.Type.General, "Invalidating token user=" + id + ":" + user);
|
2022-08-17 08:13:05 +00:00
|
|
|
AccountManager am = AccountManager.get(context);
|
|
|
|
am.invalidateAuthToken(TYPE_GOOGLE, token);
|
|
|
|
} catch (Throwable ex) {
|
|
|
|
Log.e(ex);
|
|
|
|
} finally {
|
|
|
|
prefs.edit().putLong(key, now).apply();
|
|
|
|
}
|
2020-10-26 08:31:10 +00:00
|
|
|
}
|
|
|
|
|
2022-08-17 08:13:05 +00:00
|
|
|
Account account = getAccount(context, user.replace("recent:", ""));
|
|
|
|
if (account == null)
|
|
|
|
throw new AuthenticatorException("Account not found for " + id + ":" + user);
|
|
|
|
|
2022-10-20 19:43:40 +00:00
|
|
|
EntityLog.log(context, EntityLog.Type.General, "Getting token user=" + id + ":" + user);
|
2022-08-17 08:13:05 +00:00
|
|
|
AccountManager am = AccountManager.get(context);
|
|
|
|
String newToken = am.blockingGetAuthToken(
|
|
|
|
account,
|
|
|
|
ServiceAuthenticator.getAuthTokenType(TYPE_GOOGLE),
|
|
|
|
true);
|
|
|
|
|
|
|
|
crumb.put("acquired", Boolean.toString(newToken != null));
|
|
|
|
if (newToken != null)
|
|
|
|
crumb.put("refreshed", Boolean.toString(!newToken.equals(token)));
|
|
|
|
Log.breadcrumb("Token get", crumb);
|
|
|
|
|
|
|
|
if (newToken != null && !newToken.equals(token)) {
|
|
|
|
token = newToken;
|
|
|
|
acquired = new Date().getTime();
|
2022-08-17 12:58:26 +00:00
|
|
|
} else if (needsRefresh) {
|
2022-10-20 19:43:40 +00:00
|
|
|
EntityLog.log(context, EntityLog.Type.General, "Token refresh failed user=" + id + ":" + user);
|
2022-08-28 06:36:52 +00:00
|
|
|
if (!BuildConfig.PLAY_STORE_RELEASE)
|
|
|
|
Log.e("Token refresh failed id=" + id);
|
2022-08-17 12:58:26 +00:00
|
|
|
}
|
2022-08-17 08:13:05 +00:00
|
|
|
|
|
|
|
if (token == null)
|
|
|
|
throw new AuthenticatorException("Got no token id=" + id);
|
|
|
|
} catch (Throwable ex) {
|
|
|
|
Log.e(ex);
|
|
|
|
throw ex;
|
|
|
|
}
|
2020-10-26 08:31:10 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static Account getAccount(Context context, String user) {
|
|
|
|
AccountManager am = AccountManager.get(context);
|
2022-01-13 12:56:03 +00:00
|
|
|
if (am == null)
|
|
|
|
return null;
|
2020-10-26 08:31:10 +00:00
|
|
|
Account[] accounts = am.getAccountsByType(TYPE_GOOGLE);
|
|
|
|
for (Account account : accounts)
|
|
|
|
if (Objects.equals(account.name, user))
|
|
|
|
return account;
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
public String jsonSerializeString() {
|
|
|
|
try {
|
|
|
|
JSONObject jobject = new JSONObject();
|
|
|
|
jobject.put("token", token);
|
|
|
|
jobject.put("acquired", acquired);
|
|
|
|
return jobject.toString();
|
|
|
|
} catch (JSONException ex) {
|
|
|
|
Log.e(ex);
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static GmailState jsonDeserialize(@NonNull String password) {
|
|
|
|
try {
|
|
|
|
JSONObject jobject = new JSONObject(password);
|
|
|
|
String token = jobject.getString("token");
|
|
|
|
long acquired = jobject.getLong("acquired");
|
|
|
|
return new GmailState(token, acquired);
|
|
|
|
} catch (JSONException ex) {
|
2024-01-13 16:36:07 +00:00
|
|
|
Log.i(ex);
|
2020-10-26 08:31:10 +00:00
|
|
|
return new GmailState(password, new Date().getTime());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|