1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/mobile/android/base/background/fxa/FxAccountClient20.java Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,229 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +package org.mozilla.gecko.background.fxa;
1.9 +
1.10 +import java.net.URI;
1.11 +import java.util.concurrent.Executor;
1.12 +
1.13 +import org.json.simple.JSONObject;
1.14 +import org.mozilla.gecko.background.common.log.Logger;
1.15 +import org.mozilla.gecko.background.fxa.FxAccountClientException.FxAccountClientRemoteException;
1.16 +import org.mozilla.gecko.fxa.FxAccountConstants;
1.17 +import org.mozilla.gecko.sync.ExtendedJSONObject;
1.18 +import org.mozilla.gecko.sync.Utils;
1.19 +import org.mozilla.gecko.sync.net.BaseResource;
1.20 +
1.21 +import ch.boye.httpclientandroidlib.HttpResponse;
1.22 +
1.23 +public class FxAccountClient20 extends FxAccountClient10 implements FxAccountClient {
1.24 + protected static final String[] LOGIN_RESPONSE_REQUIRED_STRING_FIELDS = new String[] { JSON_KEY_UID, JSON_KEY_SESSIONTOKEN };
1.25 + protected static final String[] LOGIN_RESPONSE_REQUIRED_STRING_FIELDS_KEYS = new String[] { JSON_KEY_UID, JSON_KEY_SESSIONTOKEN, JSON_KEY_KEYFETCHTOKEN, };
1.26 + protected static final String[] LOGIN_RESPONSE_REQUIRED_BOOLEAN_FIELDS = new String[] { JSON_KEY_VERIFIED };
1.27 +
1.28 + public FxAccountClient20(String serverURI, Executor executor) {
1.29 + super(serverURI, executor);
1.30 + }
1.31 +
1.32 + /**
1.33 + * Thin container for login response.
1.34 + * <p>
1.35 + * The <code>remoteEmail</code> field is the email address as normalized by the
1.36 + * server, and is <b>not necessarily</b> the email address delivered to the
1.37 + * <code>login</code> or <code>create</code> call.
1.38 + */
1.39 + public static class LoginResponse {
1.40 + public final String remoteEmail;
1.41 + public final String uid;
1.42 + public final byte[] sessionToken;
1.43 + public final boolean verified;
1.44 + public final byte[] keyFetchToken;
1.45 +
1.46 + public LoginResponse(String remoteEmail, String uid, boolean verified, byte[] sessionToken, byte[] keyFetchToken) {
1.47 + this.remoteEmail = remoteEmail;
1.48 + this.uid = uid;
1.49 + this.verified = verified;
1.50 + this.sessionToken = sessionToken;
1.51 + this.keyFetchToken = keyFetchToken;
1.52 + }
1.53 + }
1.54 +
1.55 + // Public for testing only; prefer login and loginAndGetKeys (without boolean parameter).
1.56 + public void login(final byte[] emailUTF8, final byte[] quickStretchedPW, final boolean getKeys,
1.57 + final RequestDelegate<LoginResponse> delegate) {
1.58 + BaseResource resource;
1.59 + JSONObject body;
1.60 + final String path = getKeys ? "account/login?keys=true" : "account/login";
1.61 + try {
1.62 + resource = new BaseResource(new URI(serverURI + path));
1.63 + body = new FxAccount20LoginDelegate(emailUTF8, quickStretchedPW).getCreateBody();
1.64 + } catch (Exception e) {
1.65 + invokeHandleError(delegate, e);
1.66 + return;
1.67 + }
1.68 +
1.69 + resource.delegate = new ResourceDelegate<LoginResponse>(resource, delegate) {
1.70 + @Override
1.71 + public void handleSuccess(int status, HttpResponse response, ExtendedJSONObject body) {
1.72 + try {
1.73 + final String[] requiredStringFields = getKeys ? LOGIN_RESPONSE_REQUIRED_STRING_FIELDS_KEYS : LOGIN_RESPONSE_REQUIRED_STRING_FIELDS;
1.74 + body.throwIfFieldsMissingOrMisTyped(requiredStringFields, String.class);
1.75 +
1.76 + final String[] requiredBooleanFields = LOGIN_RESPONSE_REQUIRED_BOOLEAN_FIELDS;
1.77 + body.throwIfFieldsMissingOrMisTyped(requiredBooleanFields, Boolean.class);
1.78 +
1.79 + String uid = body.getString(JSON_KEY_UID);
1.80 + boolean verified = body.getBoolean(JSON_KEY_VERIFIED);
1.81 + byte[] sessionToken = Utils.hex2Byte(body.getString(JSON_KEY_SESSIONTOKEN));
1.82 + byte[] keyFetchToken = null;
1.83 + if (getKeys) {
1.84 + keyFetchToken = Utils.hex2Byte(body.getString(JSON_KEY_KEYFETCHTOKEN));
1.85 + }
1.86 + LoginResponse loginResponse = new LoginResponse(new String(emailUTF8, "UTF-8"), uid, verified, sessionToken, keyFetchToken);
1.87 +
1.88 + delegate.handleSuccess(loginResponse);
1.89 + return;
1.90 + } catch (Exception e) {
1.91 + delegate.handleError(e);
1.92 + return;
1.93 + }
1.94 + }
1.95 + };
1.96 +
1.97 + post(resource, body, delegate);
1.98 + }
1.99 +
1.100 + public void createAccount(final byte[] emailUTF8, final byte[] quickStretchedPW, final boolean getKeys, final boolean preVerified,
1.101 + final RequestDelegate<LoginResponse> delegate) {
1.102 + BaseResource resource;
1.103 + JSONObject body;
1.104 + final String path = getKeys ? "account/create?keys=true" : "account/create";
1.105 + try {
1.106 + resource = new BaseResource(new URI(serverURI + path));
1.107 + body = new FxAccount20CreateDelegate(emailUTF8, quickStretchedPW, preVerified).getCreateBody();
1.108 + } catch (Exception e) {
1.109 + invokeHandleError(delegate, e);
1.110 + return;
1.111 + }
1.112 +
1.113 + // This is very similar to login, except verified is not required.
1.114 + resource.delegate = new ResourceDelegate<LoginResponse>(resource, delegate) {
1.115 + @Override
1.116 + public void handleSuccess(int status, HttpResponse response, ExtendedJSONObject body) {
1.117 + try {
1.118 + final String[] requiredStringFields = getKeys ? LOGIN_RESPONSE_REQUIRED_STRING_FIELDS_KEYS : LOGIN_RESPONSE_REQUIRED_STRING_FIELDS;
1.119 + body.throwIfFieldsMissingOrMisTyped(requiredStringFields, String.class);
1.120 +
1.121 + String uid = body.getString(JSON_KEY_UID);
1.122 + boolean verified = false; // In production, we're definitely not verified immediately upon creation.
1.123 + Boolean tempVerified = body.getBoolean(JSON_KEY_VERIFIED);
1.124 + if (tempVerified != null) {
1.125 + verified = tempVerified.booleanValue();
1.126 + }
1.127 + byte[] sessionToken = Utils.hex2Byte(body.getString(JSON_KEY_SESSIONTOKEN));
1.128 + byte[] keyFetchToken = null;
1.129 + if (getKeys) {
1.130 + keyFetchToken = Utils.hex2Byte(body.getString(JSON_KEY_KEYFETCHTOKEN));
1.131 + }
1.132 + LoginResponse loginResponse = new LoginResponse(new String(emailUTF8, "UTF-8"), uid, verified, sessionToken, keyFetchToken);
1.133 +
1.134 + delegate.handleSuccess(loginResponse);
1.135 + return;
1.136 + } catch (Exception e) {
1.137 + delegate.handleError(e);
1.138 + return;
1.139 + }
1.140 + }
1.141 + };
1.142 +
1.143 + post(resource, body, delegate);
1.144 + }
1.145 +
1.146 + @Override
1.147 + public void createAccountAndGetKeys(byte[] emailUTF8, PasswordStretcher passwordStretcher, RequestDelegate<LoginResponse> delegate) {
1.148 + try {
1.149 + byte[] quickStretchedPW = passwordStretcher.getQuickStretchedPW(emailUTF8);
1.150 + createAccount(emailUTF8, quickStretchedPW, true, false, delegate);
1.151 + } catch (Exception e) {
1.152 + invokeHandleError(delegate, e);
1.153 + return;
1.154 + }
1.155 + }
1.156 +
1.157 + @Override
1.158 + public void loginAndGetKeys(byte[] emailUTF8, PasswordStretcher passwordStretcher, RequestDelegate<LoginResponse> delegate) {
1.159 + login(emailUTF8, passwordStretcher, true, delegate);
1.160 + }
1.161 +
1.162 + /**
1.163 + * We want users to be able to enter their email address case-insensitively.
1.164 + * We stretch the password locally using the email address as a salt, to make
1.165 + * dictionary attacks more expensive. This means that a client with a
1.166 + * case-differing email address is unable to produce the correct
1.167 + * authorization, even though it knows the password. In this case, the server
1.168 + * returns the email that the account was created with, so that the client can
1.169 + * re-stretch the password locally with the correct email salt. This version
1.170 + * of <code>login</code> retries at most one time with a server provided email
1.171 + * address.
1.172 + * <p>
1.173 + * Be aware that consumers will not see the initial error response from the
1.174 + * server providing an alternate email (if there is one).
1.175 + *
1.176 + * @param emailUTF8
1.177 + * user entered email address.
1.178 + * @param stretcher
1.179 + * delegate to stretch and re-stretch password.
1.180 + * @param getKeys
1.181 + * true if a <code>keyFetchToken</code> should be returned (in
1.182 + * addition to the standard <code>sessionToken</code>).
1.183 + * @param delegate
1.184 + * to invoke callbacks.
1.185 + */
1.186 + public void login(final byte[] emailUTF8, final PasswordStretcher stretcher, final boolean getKeys,
1.187 + final RequestDelegate<LoginResponse> delegate) {
1.188 + byte[] quickStretchedPW;
1.189 + try {
1.190 + FxAccountConstants.pii(LOG_TAG, "Trying user provided email: '" + new String(emailUTF8, "UTF-8") + "'" );
1.191 + quickStretchedPW = stretcher.getQuickStretchedPW(emailUTF8);
1.192 + } catch (Exception e) {
1.193 + delegate.handleError(e);
1.194 + return;
1.195 + }
1.196 +
1.197 + this.login(emailUTF8, quickStretchedPW, getKeys, new RequestDelegate<LoginResponse>() {
1.198 + @Override
1.199 + public void handleSuccess(LoginResponse result) {
1.200 + delegate.handleSuccess(result);
1.201 + }
1.202 +
1.203 + @Override
1.204 + public void handleError(Exception e) {
1.205 + delegate.handleError(e);
1.206 + }
1.207 +
1.208 + @Override
1.209 + public void handleFailure(FxAccountClientRemoteException e) {
1.210 + String alternateEmail = e.body.getString(JSON_KEY_EMAIL);
1.211 + if (!e.isBadEmailCase() || alternateEmail == null) {
1.212 + delegate.handleFailure(e);
1.213 + return;
1.214 + };
1.215 +
1.216 + Logger.info(LOG_TAG, "Server returned alternate email; retrying login with provided email.");
1.217 + FxAccountConstants.pii(LOG_TAG, "Trying server provided email: '" + alternateEmail + "'" );
1.218 +
1.219 + try {
1.220 + // Nota bene: this is not recursive, since we call the fixed password
1.221 + // signature here, which invokes a non-retrying version.
1.222 + byte[] alternateEmailUTF8 = alternateEmail.getBytes("UTF-8");
1.223 + byte[] alternateQuickStretchedPW = stretcher.getQuickStretchedPW(alternateEmailUTF8);
1.224 + login(alternateEmailUTF8, alternateQuickStretchedPW, getKeys, delegate);
1.225 + } catch (Exception innerException) {
1.226 + delegate.handleError(innerException);
1.227 + return;
1.228 + }
1.229 + }
1.230 + });
1.231 + }
1.232 +}
