From b770e11365077b4a9294c346628bc36a83546eb7 Mon Sep 17 00:00:00 2001 From: M66B Date: Tue, 25 Aug 2020 09:23:23 +0200 Subject: [PATCH] Use OAuth unique name as username --- .../java/eu/faircode/email/FragmentOAuth.java | 71 +++++++++---------- 1 file changed, 33 insertions(+), 38 deletions(-) diff --git a/app/src/main/java/eu/faircode/email/FragmentOAuth.java b/app/src/main/java/eu/faircode/email/FragmentOAuth.java index f2e886afb8..a6da3d85e8 100644 --- a/app/src/main/java/eu/faircode/email/FragmentOAuth.java +++ b/app/src/main/java/eu/faircode/email/FragmentOAuth.java @@ -404,12 +404,34 @@ public class FragmentOAuth extends FragmentBase { String aprotocol = (provider.imap.starttls ? "imap" : "imaps"); int aencryption = (provider.imap.starttls ? EmailService.ENCRYPTION_STARTTLS : EmailService.ENCRYPTION_SSL); + String username = address; + if (accessToken != null) { + // https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens String[] segments = accessToken.split("\\."); if (segments.length > 1) try { String payload = new String(Base64.decode(segments[1], Base64.DEFAULT)); EntityLog.log(context, "token payload=" + payload); + JSONObject jpayload = new JSONObject(payload); + if (jpayload.has("unique_name")) { + String unique_name = jpayload.getString("unique_name"); + if (!TextUtils.isEmpty(unique_name) && !unique_name.equals(address)) { + try (EmailService iservice = new EmailService( + context, aprotocol, null, aencryption, false, + EmailService.PURPOSE_CHECK, true)) { + iservice.connect( + provider.imap.host, provider.imap.port, + EmailService.AUTH_TYPE_OAUTH, provider.id, + unique_name, state, + null, null); + username = unique_name; + Log.i("token unique_name=" + unique_name); + } catch (Throwable ex) { + Log.w(ex); + } + } + } } catch (Throwable ex) { Log.w(ex); } @@ -423,57 +445,27 @@ public class FragmentOAuth extends FragmentBase { // https://jwt.ms/ String payload = new String(Base64.decode(segments[1], Base64.DEFAULT)); EntityLog.log(context, "jwt payload=" + payload); - JSONObject jpayload = new JSONObject(payload); - if (jpayload.has("email")) { - String email = jpayload.getString("email"); - if (!TextUtils.isEmpty(email) && !email.equals(address)) { - try (EmailService iservice = new EmailService( - context, aprotocol, null, aencryption, false, - EmailService.PURPOSE_CHECK, true)) { - iservice.connect( - provider.imap.host, provider.imap.port, - EmailService.AUTH_TYPE_OAUTH, provider.id, - email, state, - null, null); - address = email; - Log.i("jwt email=" + email); - } catch (Throwable ex) { - Log.w(ex); - } - } - } } catch (Throwable ex) { Log.e(ex); } } - String primaryEmail; List> identities = new ArrayList<>(); - if (askAccount) { - primaryEmail = address; + if (askAccount) identities.add(new Pair<>(address, personal)); - } else + else throw new IllegalArgumentException("Unknown provider=" + id); - if (TextUtils.isEmpty(primaryEmail) || identities.size() == 0) - throw new IllegalArgumentException("Primary email address not found"); - - if (!Helper.EMAIL_ADDRESS.matcher(primaryEmail).matches()) - throw new IllegalArgumentException(context.getString(R.string.title_email_invalid, primaryEmail)); - ConnectivityManager cm = (ConnectivityManager) context.getSystemService(Context.CONNECTIVITY_SERVICE); NetworkInfo ani = (cm == null ? null : cm.getActiveNetworkInfo()); if (ani == null || !ani.isConnected()) throw new IllegalArgumentException(context.getString(R.string.title_no_internet)); - Log.i("OAuth email=" + primaryEmail); + Log.i("OAuth username=" + username); for (Pair identity : identities) Log.i("OAuth identity=" + identity.first + "/" + identity.second); - int at = primaryEmail.indexOf('@'); - String username = primaryEmail.substring(0, at); - List folders; Log.i("OAuth checking IMAP provider=" + provider.id); @@ -483,7 +475,7 @@ public class FragmentOAuth extends FragmentBase { iservice.connect( provider.imap.host, provider.imap.port, EmailService.AUTH_TYPE_OAUTH, provider.id, - primaryEmail, state, + username, state, null, null); folders = iservice.getFolders(); @@ -500,7 +492,7 @@ public class FragmentOAuth extends FragmentBase { iservice.connect( provider.smtp.host, provider.smtp.port, EmailService.AUTH_TYPE_OAUTH, provider.id, - primaryEmail, state, + username, state, null, null); max_size = iservice.getMaxSize(); } @@ -521,10 +513,13 @@ public class FragmentOAuth extends FragmentBase { account.port = provider.imap.port; account.auth_type = EmailService.AUTH_TYPE_OAUTH; account.provider = provider.id; - account.user = primaryEmail; + account.user = username; account.password = state; - account.name = provider.name + "/" + username; + int at = address.indexOf('@'); + String user = address.substring(0, at); + + account.name = provider.name + "/" + user; account.synchronize = true; account.primary = (primary == null); @@ -574,7 +569,7 @@ public class FragmentOAuth extends FragmentBase { ident.port = provider.smtp.port; ident.auth_type = EmailService.AUTH_TYPE_OAUTH; ident.provider = provider.id; - ident.user = primaryEmail; + ident.user = username; ident.password = state; ident.synchronize = true; ident.primary = ident.user.equals(ident.email);