feat: Self signed ssl support.

Reviewed-on: https://gitea.amine-louveau.fr/Louvorg/ReaderForSelfoss-multiplatform/pulls/141
2023-09-17 18:28:47 +00:00 · 2023-09-17 18:28:47 +00:00 · c458871569
commit c458871569
parent 172362b533 056825aa0c
24 changed files with 98 additions and 33 deletions
--- a/androidApp/src/main/java/bou/amine/apps/readerforselfossv2/android/LoginActivity.kt
+++ b/androidApp/src/main/java/bou/amine/apps/readerforselfossv2/android/LoginActivity.kt
@ -139,9 +139,12 @@ class LoginActivity : AppCompatActivity(), DIAware {

        showProgress(true)

+        appSettingsService.updateSelfSigned(binding.selfSigned.isChecked)
+
        repository.refreshLoginInformation(url, login, password)

        CoroutineScope(Dispatchers.Main).launch {
+            repository.updateApiInformation()
            val result = repository.login()
            if (result) {
                val (errorFetching, displaySelfossOnly) = repository.shouldBeSelfossInstance()
--- a/androidApp/src/main/res/layout/activity_login.xml
+++ b/androidApp/src/main/res/layout/activity_login.xml
@ -51,6 +51,13 @@
                android:maxLines="1"
                android:minHeight="48dp" />

+            <com.google.android.material.switchmaterial.SwitchMaterial
+                android:id="@+id/selfSigned"
+                android:layout_width="match_parent"
+                android:layout_height="wrap_content"
+                android:text="@string/disable_ssl"
+                android:textAlignment="viewStart" />
+
            <com.google.android.material.switchmaterial.SwitchMaterial
                android:id="@+id/withLogin"
                android:layout_width="match_parent"
--- a/androidApp/src/main/res/values-ca-rES/strings.xml
+++ b/androidApp/src/main/res/values-ca-rES/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-de-rDE/strings.xml
+++ b/androidApp/src/main/res/values-de-rDE/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-es-rES/strings.xml
+++ b/androidApp/src/main/res/values-es-rES/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-fa-rIR/strings.xml
+++ b/androidApp/src/main/res/values-fa-rIR/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-fr-rFR/strings.xml
+++ b/androidApp/src/main/res/values-fr-rFR/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-gl-rES/strings.xml
+++ b/androidApp/src/main/res/values-gl-rES/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-in-rID/strings.xml
+++ b/androidApp/src/main/res/values-in-rID/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-it-rIT/strings.xml
+++ b/androidApp/src/main/res/values-it-rIT/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-ko-rKR/strings.xml
+++ b/androidApp/src/main/res/values-ko-rKR/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-night/strings.xml
+++ b/androidApp/src/main/res/values-night/strings.xml
@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<resources>
-    <string name="gdpr_dialog_title">The app does not share any personal data about you.</string>
-    <string name="gdpr_dialog_message"><![CDATA[Crash reports sending is now enabled. It can be disabled from the settings page. Keep in mind that crash reports are essential for the app development.]]></string>
-    <string name="crash_toast_text">A crash occured. Sending the details to the developper.</string>
-    <string name="pref_switch_disable_acra">"Disable automatic bug reporting. "</string>
-    <string name="menu_home_filter">Filters</string>
-    <string name="application_selfoss_only">This app only works with a Selfoss instance, and no other RSS feed.</string>
-    <string name="menu_home_sources">Sources</string>
-    <string name="update_source">Update source</string>
-</resources>
--- a/androidApp/src/main/res/values-nl-rNL/strings.xml
+++ b/androidApp/src/main/res/values-nl-rNL/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-pt-rBR/strings.xml
+++ b/androidApp/src/main/res/values-pt-rBR/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-pt-rPT/strings.xml
+++ b/androidApp/src/main/res/values-pt-rPT/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-si-rLK/strings.xml
+++ b/androidApp/src/main/res/values-si-rLK/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-tr-rTR/strings.xml
+++ b/androidApp/src/main/res/values-tr-rTR/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-zh-rCN/strings.xml
+++ b/androidApp/src/main/res/values-zh-rCN/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">更新源</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values-zh-rTW/strings.xml
+++ b/androidApp/src/main/res/values-zh-rTW/strings.xml
@ -130,4 +130,5 @@
    <string name="update_source">Update source</string>
    <string name="confirm_disconnect_title">Disconnect ?</string>
    <string name="confirm_disconnect_description">You will be disconnected from your selfoss instance.</string>
+    <string name="disable_ssl">Disable SSL</string>
 </resources>
--- a/androidApp/src/main/res/values/strings.xml
+++ b/androidApp/src/main/res/values/strings.xml
@ -6,6 +6,7 @@
    <string name="error_invalid_password">"Password not long enough"</string>
    <string name="error_field_required">"Field required"</string>
    <string name="prompt_url">"Url"</string>
+    <string name="disable_ssl">"Disable SSL"</string>
    <string name="withLoginSwitch">"Login required ?"</string>
    <string name="login_url_problem">"Oops. You may need to add a \"/\" at the end of the url."</string>
    <string name="prompt_login">"Username"</string>
--- a/shared/build.gradle.kts
+++ b/shared/build.gradle.kts
@ -35,6 +35,7 @@ kotlin {
                implementation("io.ktor:ktor-client-logging:2.1.1")
                implementation("org.jetbrains.kotlinx:kotlinx-coroutines-core:1.6.0")
                implementation("io.ktor:ktor-client-auth:2.1.1")
+                implementation("io.ktor:ktor-client-cio:2.1.1")
                implementation("org.jsoup:jsoup:1.14.3")

                //Dependency Injection
--- a/shared/src/androidMain/kotlin/bou/amine/apps/readerforselfossv2/rest/NetworkSSL.kt
+++ b/shared/src/androidMain/kotlin/bou/amine/apps/readerforselfossv2/rest/NetworkSSL.kt
@ -0,0 +1,17 @@
+package bou.amine.apps.readerforselfossv2.rest
+
+import io.ktor.client.engine.cio.CIOEngineConfig
+import java.security.cert.X509Certificate
+import javax.net.ssl.X509TrustManager
+
+class NaiveTrustManager : X509TrustManager {
+    override fun checkClientTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
+
+    override fun checkServerTrusted(chain: Array<out X509Certificate>?, authType: String?) {}
+
+    override fun getAcceptedIssuers(): Array<out X509Certificate> = arrayOf()
+}
+
+actual fun setupInsecureHTTPEngine(config: CIOEngineConfig) {
+    config.https.trustManager = NaiveTrustManager()
+}
--- a/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
+++ b/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/rest/SelfossApi.kt
@ -5,31 +5,46 @@ import bou.amine.apps.readerforselfossv2.model.StatusAndData
 import bou.amine.apps.readerforselfossv2.model.SuccessResponse
 import bou.amine.apps.readerforselfossv2.service.AppSettingsService
 import io.github.aakira.napier.Napier
-import io.ktor.client.*
-import io.ktor.client.plugins.*
-import io.ktor.client.plugins.auth.providers.*
-import io.ktor.client.plugins.cache.*
-import io.ktor.client.plugins.contentnegotiation.*
-import io.ktor.client.plugins.cookies.*
-import io.ktor.client.plugins.logging.*
-import io.ktor.client.request.*
-import io.ktor.client.statement.*
-import io.ktor.http.*
-import io.ktor.serialization.kotlinx.json.*
-import io.ktor.util.*
-import io.ktor.utils.io.charsets.*
-import io.ktor.utils.io.core.*
+import io.ktor.client.HttpClient
+import io.ktor.client.engine.cio.CIO
+import io.ktor.client.engine.cio.CIOEngineConfig
+import io.ktor.client.plugins.HttpRequestRetry
+import io.ktor.client.plugins.HttpTimeout
+import io.ktor.client.plugins.auth.providers.BasicAuthCredentials
+import io.ktor.client.plugins.cache.HttpCache
+import io.ktor.client.plugins.contentnegotiation.ContentNegotiation
+import io.ktor.client.plugins.cookies.HttpCookies
+import io.ktor.client.plugins.logging.LogLevel
+import io.ktor.client.plugins.logging.Logger
+import io.ktor.client.plugins.logging.Logging
+import io.ktor.client.request.get
+import io.ktor.client.request.headers
+import io.ktor.client.request.parameter
+import io.ktor.client.statement.HttpResponse
+import io.ktor.http.HttpHeaders
+import io.ktor.http.HttpStatusCode
+import io.ktor.http.Parameters
+import io.ktor.serialization.kotlinx.json.json
+import io.ktor.util.encodeBase64
+import io.ktor.utils.io.charsets.Charsets
+import io.ktor.utils.io.core.toByteArray
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.launch
 import kotlinx.serialization.json.Json

+expect fun setupInsecureHTTPEngine(config: CIOEngineConfig)
+
 class SelfossApi(private val appSettingsService: AppSettingsService) {

    var client = createHttpClient()
-
-    private fun createHttpClient(): HttpClient {
-        val client = HttpClient {
+    fun createHttpClient() =
+        HttpClient(CIO) {
+            if (appSettingsService.getSelfSigned()) {
+                engine {
+                    setupInsecureHTTPEngine(this)
+                }
+            }
            install(ContentNegotiation) {
                install(HttpCache)
                json(Json {
@ -60,7 +75,7 @@ class SelfossApi(private val appSettingsService: AppSettingsService) {
                    Napier.i("Will modify", tag = "HttpSend")
                    CoroutineScope(Dispatchers.Main).launch {
                        Napier.i("Will login", tag = "HttpSend")
-                        this@SelfossApi.login()
+                        login()
                        Napier.i("Did login", tag = "HttpSend")
                    }
                }
@ -68,10 +83,6 @@ class SelfossApi(private val appSettingsService: AppSettingsService) {
            expectSuccess = false
        }

-
-        return client
-    }
-
    fun url(path: String) =
        "${appSettingsService.getBaseUrl()}$path"

--- a/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/service/AppSettingsService.kt
+++ b/shared/src/commonMain/kotlin/bou/amine/apps/readerforselfossv2/service/AppSettingsService.kt
@ -8,6 +8,7 @@ class AppSettingsService(acraSenderServiceProcess: Boolean = false) {
    // Api related
    private var _apiVersion: Int = -1
    private var _publicAccess: Boolean? = null
+    private var _selfSigned: Boolean? = null
    private var _baseUrl: String = ""
    private var _userName: String = ""
    private var _basicUserName: String = ""
@ -77,6 +78,22 @@ class AppSettingsService(acraSenderServiceProcess: Boolean = false) {
        _publicAccess = settings.getBoolean(API_PUBLIC_ACCESS, false)
    }

+    fun getSelfSigned(): Boolean {
+        if (_selfSigned == null) {
+            refreshSelfSigned()
+        }
+        return _selfSigned!!
+    }
+
+    fun updateSelfSigned(selfSigned: Boolean) {
+        settings.putBoolean(API_SELF_SIGNED, selfSigned)
+        refreshSelfSigned()
+    }
+
+    private fun refreshSelfSigned() {
+        _selfSigned = settings.getBoolean(API_SELF_SIGNED, false)
+    }
+
    fun getBaseUrl(): String {
        if (_baseUrl.isEmpty()) {
            refreshBaseUrl()
@ -383,6 +400,7 @@ class AppSettingsService(acraSenderServiceProcess: Boolean = false) {
        refreshBaseUrl()
        refreshApiVersion()
        refreshPublicAccess()
+        refreshSelfSigned()
    }

    fun refreshUserSettings() {
@ -468,6 +486,8 @@ class AppSettingsService(acraSenderServiceProcess: Boolean = false) {

        const val API_PUBLIC_ACCESS = "apiPublicAccess"

+        const val API_SELF_SIGNED = "apiSelfSigned"
+
        const val API_ITEMS_NUMBER = "prefer_api_items_number"

        const val API_TIMEOUT = "api_timeout"