1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/mobile/android/base/fxa/login/Married.java Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,119 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +package org.mozilla.gecko.fxa.login;
1.9 +
1.10 +import java.io.IOException;
1.11 +import java.io.UnsupportedEncodingException;
1.12 +import java.security.GeneralSecurityException;
1.13 +import java.security.InvalidKeyException;
1.14 +import java.security.NoSuchAlgorithmException;
1.15 +import java.util.ArrayList;
1.16 +import java.util.Collections;
1.17 +import java.util.HashMap;
1.18 +
1.19 +import org.json.simple.parser.ParseException;
1.20 +import org.mozilla.gecko.background.fxa.FxAccountUtils;
1.21 +import org.mozilla.gecko.browserid.BrowserIDKeyPair;
1.22 +import org.mozilla.gecko.browserid.JSONWebTokenUtils;
1.23 +import org.mozilla.gecko.fxa.FxAccountConstants;
1.24 +import org.mozilla.gecko.fxa.login.FxAccountLoginStateMachine.ExecuteDelegate;
1.25 +import org.mozilla.gecko.fxa.login.FxAccountLoginTransition.LogMessage;
1.26 +import org.mozilla.gecko.sync.ExtendedJSONObject;
1.27 +import org.mozilla.gecko.sync.NonObjectJSONException;
1.28 +import org.mozilla.gecko.sync.Utils;
1.29 +import org.mozilla.gecko.sync.crypto.KeyBundle;
1.30 +
1.31 +public class Married extends TokensAndKeysState {
1.32 + private static final String LOG_TAG = Married.class.getSimpleName();
1.33 +
1.34 + protected final String certificate;
1.35 + protected final String clientState;
1.36 +
1.37 + public Married(String email, String uid, byte[] sessionToken, byte[] kA, byte[] kB, BrowserIDKeyPair keyPair, String certificate) {
1.38 + super(StateLabel.Married, email, uid, sessionToken, kA, kB, keyPair);
1.39 + Utils.throwIfNull(certificate);
1.40 + this.certificate = certificate;
1.41 + try {
1.42 + this.clientState = FxAccountUtils.computeClientState(kB);
1.43 + } catch (NoSuchAlgorithmException e) {
1.44 + // This should never occur.
1.45 + throw new IllegalStateException("Unable to compute client state from kB.");
1.46 + }
1.47 + }
1.48 +
1.49 + @Override
1.50 + public ExtendedJSONObject toJSONObject() {
1.51 + ExtendedJSONObject o = super.toJSONObject();
1.52 + // Fields are non-null by constructor.
1.53 + o.put("certificate", certificate);
1.54 + return o;
1.55 + }
1.56 +
1.57 + @Override
1.58 + public void execute(final ExecuteDelegate delegate) {
1.59 + delegate.handleTransition(new LogMessage("staying married"), this);
1.60 + }
1.61 +
1.62 + public String generateAssertion(String audience, String issuer) throws NonObjectJSONException, IOException, ParseException, GeneralSecurityException {
1.63 + // We generate assertions with no iat and an exp after 2050 to avoid
1.64 + // invalid-timestamp errors from the token server.
1.65 + final long expiresAt = JSONWebTokenUtils.DEFAULT_FUTURE_EXPIRES_AT_IN_MILLISECONDS;
1.66 + String assertion = JSONWebTokenUtils.createAssertion(keyPair.getPrivate(), certificate, audience, issuer, null, expiresAt);
1.67 + if (!FxAccountConstants.LOG_PERSONAL_INFORMATION) {
1.68 + return assertion;
1.69 + }
1.70 +
1.71 + try {
1.72 + FxAccountConstants.pii(LOG_TAG, "Generated assertion: " + assertion);
1.73 + ExtendedJSONObject a = JSONWebTokenUtils.parseAssertion(assertion);
1.74 + if (a != null) {
1.75 + FxAccountConstants.pii(LOG_TAG, "aHeader : " + a.getObject("header"));
1.76 + FxAccountConstants.pii(LOG_TAG, "aPayload : " + a.getObject("payload"));
1.77 + FxAccountConstants.pii(LOG_TAG, "aSignature: " + a.getString("signature"));
1.78 + String certificate = a.getString("certificate");
1.79 + if (certificate != null) {
1.80 + ExtendedJSONObject c = JSONWebTokenUtils.parseCertificate(certificate);
1.81 + FxAccountConstants.pii(LOG_TAG, "cHeader : " + c.getObject("header"));
1.82 + FxAccountConstants.pii(LOG_TAG, "cPayload : " + c.getObject("payload"));
1.83 + FxAccountConstants.pii(LOG_TAG, "cSignature: " + c.getString("signature"));
1.84 + // Print the relevant timestamps in sorted order with labels.
1.85 + HashMap<Long, String> map = new HashMap<Long, String>();
1.86 + map.put(a.getObject("payload").getLong("iat"), "aiat");
1.87 + map.put(a.getObject("payload").getLong("exp"), "aexp");
1.88 + map.put(c.getObject("payload").getLong("iat"), "ciat");
1.89 + map.put(c.getObject("payload").getLong("exp"), "cexp");
1.90 + ArrayList<Long> values = new ArrayList<Long>(map.keySet());
1.91 + Collections.sort(values);
1.92 + for (Long value : values) {
1.93 + FxAccountConstants.pii(LOG_TAG, map.get(value) + ": " + value);
1.94 + }
1.95 + } else {
1.96 + FxAccountConstants.pii(LOG_TAG, "Could not parse certificate!");
1.97 + }
1.98 + } else {
1.99 + FxAccountConstants.pii(LOG_TAG, "Could not parse assertion!");
1.100 + }
1.101 + } catch (Exception e) {
1.102 + FxAccountConstants.pii(LOG_TAG, "Got exception dumping assertion debug info.");
1.103 + }
1.104 + return assertion;
1.105 + }
1.106 +
1.107 + public KeyBundle getSyncKeyBundle() throws InvalidKeyException, NoSuchAlgorithmException, UnsupportedEncodingException {
1.108 + // TODO Document this choice for deriving from kB.
1.109 + return FxAccountUtils.generateSyncKeyBundle(kB);
1.110 + }
1.111 +
1.112 + public String getClientState() {
1.113 + if (FxAccountConstants.LOG_PERSONAL_INFORMATION) {
1.114 + FxAccountConstants.pii(LOG_TAG, "Client state: " + this.clientState);
1.115 + }
1.116 + return this.clientState;
1.117 + }
1.118 +
1.119 + public State makeCohabitingState() {
1.120 + return new Cohabiting(email, uid, sessionToken, kA, kB, keyPair);
1.121 + }
1.122 +}
