From 3539bf8bea80cb9962e001c017cb65bc8d257107 Mon Sep 17 00:00:00 2001 From: am654971 Date: Thu, 17 Jun 2021 16:18:04 +0530 Subject: [PATCH 01/15] NPE check for Password and Account Name field --- .../mas/core/storage/sharedstorage/AccountManagerUtil.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java index 97de61665..25ab6250d 100644 --- a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java @@ -52,10 +52,10 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto //Attempt to retrieve the account Account[] accounts = mAccountManager.getAccountsByType(accountType); for (Account account : accounts) { - if (accountName.equals(account.name)) { + if (accountName != null &&accountName.equals(account.name)) { String password = mAccountManager.getPassword(account); String savedPassword = identifier.toString(); - if (password.equals(savedPassword)) { + if (password != null && password.equals(savedPassword)) { mAccount = account; }else { // - case migration from old AccountManagerStoreDataSource @@ -223,4 +223,4 @@ private String proxyKey(String key){ return retVal; } -} +} \ No newline at end of file From 5e4d89e5b8417520216c5037eaa785ef29d4e695 Mon Sep 17 00:00:00 2001 From: am654971 Date: Thu, 17 Jun 2021 16:30:17 +0530 Subject: [PATCH 02/15] Throwing NPE if Account Name and Password is null --- .../ca/mas/core/storage/sharedstorage/AccountManagerUtil.java | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java index 25ab6250d..d786c76aa 100644 --- a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java @@ -61,7 +61,10 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto // - case migration from old AccountManagerStoreDataSource mAccount = null; identifier = new SharedStorageIdentifier(); + new NullPointerException("Password is null"); } + } else { + new NullPointerException("Account Name does not exist"); } } From cc6e4183e01120af6b5d729535e9a7c654618c65 Mon Sep 17 00:00:00 2001 From: am654971 Date: Thu, 17 Jun 2021 21:13:28 +0530 Subject: [PATCH 03/15] Throw IllegalArgument Exception while Account is null --- .../ca/mas/core/storage/sharedstorage/AccountManagerUtil.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java index d786c76aa..07360e641 100644 --- a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java @@ -61,10 +61,9 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto // - case migration from old AccountManagerStoreDataSource mAccount = null; identifier = new SharedStorageIdentifier(); - new NullPointerException("Password is null"); } } else { - new NullPointerException("Account Name does not exist"); + throw new IllegalArgumentException("Invalid parameters, Account name cannot be null"); } } From 43d9ef5de81667e9f2eeca90ec29b43a7dabd3c3 Mon Sep 17 00:00:00 2001 From: am654971 Date: Mon, 28 Jun 2021 01:03:54 +0530 Subject: [PATCH 04/15] Added Logs to capture the exception inside the catch block --- .../storage/sharedstorage/AccountManagerUtil.java | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java index 07360e641..0280dc5fd 100644 --- a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java @@ -22,6 +22,7 @@ import java.util.HashSet; import java.util.List; import java.util.Set; +import java.util.logging.Logger; import static com.ca.mas.foundation.MAS.TAG; import static com.ca.mas.foundation.MAS.getContext; @@ -39,6 +40,7 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto // Gets the account type from the manifest String accountType = getAccountType(context); + StringBuilder sb = new StringBuilder("Account Details::Account type from Manifest "+accountType); if (accountType == null || accountType.isEmpty()) { throw new IllegalArgumentException(MASFoundationStrings.SHARED_STORAGE_NULL_ACCOUNT_TYPE); } @@ -51,6 +53,7 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto mAccountManager = AccountManager.get(MAS.getContext()); //Attempt to retrieve the account Account[] accounts = mAccountManager.getAccountsByType(accountType); + sb.append("No of accounts:: "+accounts.length); for (Account account : accounts) { if (accountName != null &&accountName.equals(account.name)) { String password = mAccountManager.getPassword(account); @@ -69,11 +72,16 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto //Create the account if it wasn't retrieved, if (mAccount == null) { + sb.append("Account Name:: "+accountName); + sb.append("Account Type:: "+accountName); mAccount = new Account(accountName, accountType); - mAccountManager.addAccountExplicitly(mAccount, identifier.toString(), null); + boolean accountCreated = mAccountManager.addAccountExplicitly(mAccount, identifier.toString(), null); + sb.append("Added account status "+accountCreated); } + sb.append("Getting account details after addition:: Name:: "+mAccount.name+ + " Type::" +mAccount.type+" hashcode:: "+mAccount.hashCode()); } catch (Exception e) { - throw new MASSharedStorageException(e.getMessage(), e); + throw new MASSharedStorageException(e.getMessage()+" "+sb, e); } } From fae84fe4e935d29725121f717eac4adc4b0f29f8 Mon Sep 17 00:00:00 2001 From: am654971 Date: Mon, 28 Jun 2021 15:22:59 +0530 Subject: [PATCH 05/15] Printing the account type --- .../ca/mas/core/storage/sharedstorage/AccountManagerUtil.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java index 0280dc5fd..e8c0b82a4 100644 --- a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java @@ -73,7 +73,7 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto //Create the account if it wasn't retrieved, if (mAccount == null) { sb.append("Account Name:: "+accountName); - sb.append("Account Type:: "+accountName); + sb.append("Account Type:: "+accountType); mAccount = new Account(accountName, accountType); boolean accountCreated = mAccountManager.addAccountExplicitly(mAccount, identifier.toString(), null); sb.append("Added account status "+accountCreated); From ff87134e4a3eb7d7533e644736e1233b379bc8f8 Mon Sep 17 00:00:00 2001 From: Raju Gurram Date: Mon, 28 Jun 2021 16:36:15 +0530 Subject: [PATCH 06/15] Fixing the null check --- .../sharedstorage/AccountManagerUtil.java | 28 +++++++++++-------- 1 file changed, 16 insertions(+), 12 deletions(-) mode change 100644 => 100755 mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java diff --git a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java old mode 100644 new mode 100755 index e8c0b82a4..f28a72751 --- a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java @@ -39,12 +39,17 @@ public class AccountManagerUtil implements StorageActions { public AccountManagerUtil(Context context, String accountName, boolean sharedStorage){ // Gets the account type from the manifest - String accountType = getAccountType(context); - StringBuilder sb = new StringBuilder("Account Details::Account type from Manifest "+accountType); + final String accountType = getAccountType(context); + final StringBuilder messageBuilder = new StringBuilder(); + if (accountType == null || accountType.isEmpty()) { throw new IllegalArgumentException(MASFoundationStrings.SHARED_STORAGE_NULL_ACCOUNT_TYPE); } + if (accountName == null) { + throw new IllegalArgumentException(MASFoundationStrings.SHARED_STORAGE_NULL_ACCOUNT_NAME); + } + shared = sharedStorage; try { @@ -53,9 +58,9 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto mAccountManager = AccountManager.get(MAS.getContext()); //Attempt to retrieve the account Account[] accounts = mAccountManager.getAccountsByType(accountType); - sb.append("No of accounts:: "+accounts.length); + messageBuilder.append(" existing accounts (" + accountType + ")=" + accounts.length); for (Account account : accounts) { - if (accountName != null &&accountName.equals(account.name)) { + if (accountName.equals(account.name)) { String password = mAccountManager.getPassword(account); String savedPassword = identifier.toString(); if (password != null && password.equals(savedPassword)) { @@ -65,23 +70,22 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto mAccount = null; identifier = new SharedStorageIdentifier(); } - } else { - throw new IllegalArgumentException("Invalid parameters, Account name cannot be null"); } } //Create the account if it wasn't retrieved, if (mAccount == null) { - sb.append("Account Name:: "+accountName); - sb.append("Account Type:: "+accountType); + messageBuilder.append(" attempt to create an account explicitly name=" + accountName + ", accountType=" + accountType); mAccount = new Account(accountName, accountType); boolean accountCreated = mAccountManager.addAccountExplicitly(mAccount, identifier.toString(), null); - sb.append("Added account status "+accountCreated); + messageBuilder.append("created account status=" + accountCreated); } - sb.append("Getting account details after addition:: Name:: "+mAccount.name+ - " Type::" +mAccount.type+" hashcode:: "+mAccount.hashCode()); + + Log.e(TAG, "Retrieved account details name="+mAccount.name+ + " type=" +mAccount.type+" hashcode=" + mAccount.hashCode()); } catch (Exception e) { - throw new MASSharedStorageException(e.getMessage()+" "+sb, e); + Log.e(TAG, "Failed to retrieve account, " + e.getMessage() + " - " + messageBuilder.toString()); + throw new MASSharedStorageException(e.getMessage() +" - " + messageBuilder.toString(), e); } } From e1dac1546cd2fe54f09bfb394a0a1ba295bbad33 Mon Sep 17 00:00:00 2001 From: am654971 Date: Mon, 28 Jun 2021 16:53:53 +0530 Subject: [PATCH 07/15] Printing the account name if it is not matching inside the loop --- .../ca/mas/core/storage/sharedstorage/AccountManagerUtil.java | 1 + 1 file changed, 1 insertion(+) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java index f28a72751..c3826df69 100755 --- a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java @@ -60,6 +60,7 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto Account[] accounts = mAccountManager.getAccountsByType(accountType); messageBuilder.append(" existing accounts (" + accountType + ")=" + accounts.length); for (Account account : accounts) { + messageBuilder.append(" trying account:" + account.name); if (accountName.equals(account.name)) { String password = mAccountManager.getPassword(account); String savedPassword = identifier.toString(); From 1f701160c3703446bbe504dcaa42aa13a8fec667 Mon Sep 17 00:00:00 2001 From: am654971 Date: Tue, 29 Jun 2021 14:53:52 +0530 Subject: [PATCH 08/15] printing the identifier in the logs --- .../ca/mas/core/storage/sharedstorage/AccountManagerUtil.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java index c3826df69..fc99f9083 100755 --- a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java @@ -69,6 +69,7 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto }else { // - case migration from old AccountManagerStoreDataSource mAccount = null; + messageBuilder.append(" password is null or password not equals to saved password:"); identifier = new SharedStorageIdentifier(); } } @@ -76,6 +77,7 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto //Create the account if it wasn't retrieved, if (mAccount == null) { + messageBuilder.append(" account identifier when mAccount is null:" +identifier); messageBuilder.append(" attempt to create an account explicitly name=" + accountName + ", accountType=" + accountType); mAccount = new Account(accountName, accountType); boolean accountCreated = mAccountManager.addAccountExplicitly(mAccount, identifier.toString(), null); From 37ea576661a531cc88a903d8344e07c6e1cd167f Mon Sep 17 00:00:00 2001 From: am654971 Date: Tue, 13 Jul 2021 18:04:01 +0530 Subject: [PATCH 09/15] Added Synchronized block --- .../sharedstorage/AccountManagerUtil.java | 37 +++++++++++-------- 1 file changed, 21 insertions(+), 16 deletions(-) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java index fc99f9083..f7c6fc574 100755 --- a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java @@ -61,27 +61,32 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto messageBuilder.append(" existing accounts (" + accountType + ")=" + accounts.length); for (Account account : accounts) { messageBuilder.append(" trying account:" + account.name); - if (accountName.equals(account.name)) { - String password = mAccountManager.getPassword(account); - String savedPassword = identifier.toString(); - if (password != null && password.equals(savedPassword)) { - mAccount = account; - }else { - // - case migration from old AccountManagerStoreDataSource - mAccount = null; - messageBuilder.append(" password is null or password not equals to saved password:"); - identifier = new SharedStorageIdentifier(); + synchronized (this) { + if (accountName.equals(account.name)) { + String password = mAccountManager.getPassword(account); + String savedPassword = identifier.toString(); + if (password != null && password.equals(savedPassword)) { + mAccount = account; + }else { + // - case migration from old AccountManagerStoreDataSource + mAccount = null; + messageBuilder.append(" password is null or password not equals to saved password:"); + identifier = new SharedStorageIdentifier(); + } } } + } //Create the account if it wasn't retrieved, - if (mAccount == null) { - messageBuilder.append(" account identifier when mAccount is null:" +identifier); - messageBuilder.append(" attempt to create an account explicitly name=" + accountName + ", accountType=" + accountType); - mAccount = new Account(accountName, accountType); - boolean accountCreated = mAccountManager.addAccountExplicitly(mAccount, identifier.toString(), null); - messageBuilder.append("created account status=" + accountCreated); + synchronized (this) { + if (mAccount == null) { + messageBuilder.append(" account identifier when mAccount is null:" +identifier); + messageBuilder.append(" attempt to create an account explicitly name=" + accountName + ", accountType=" + accountType); + mAccount = new Account(accountName, accountType); + boolean accountCreated = mAccountManager.addAccountExplicitly(mAccount, identifier.toString(), null); + messageBuilder.append("created account status=" + accountCreated); + } } Log.e(TAG, "Retrieved account details name="+mAccount.name+ From 13dd503527fcaa66d02eb692b3eff6f764c932fe Mon Sep 17 00:00:00 2001 From: am654971 Date: Tue, 13 Jul 2021 18:25:42 +0530 Subject: [PATCH 10/15] Made the changes regarding synchronized block --- .../sharedstorage/AccountManagerUtil.java | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java index f7c6fc574..834086e87 100755 --- a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java @@ -56,12 +56,13 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto SharedStorageIdentifier identifier = new SharedStorageIdentifier(); mAccountManager = AccountManager.get(MAS.getContext()); - //Attempt to retrieve the account - Account[] accounts = mAccountManager.getAccountsByType(accountType); - messageBuilder.append(" existing accounts (" + accountType + ")=" + accounts.length); - for (Account account : accounts) { - messageBuilder.append(" trying account:" + account.name); - synchronized (this) { + synchronized (mutex) { + //Attempt to retrieve the account + Account[] accounts = mAccountManager.getAccountsByType(accountType); + messageBuilder.append(" existing accounts (" + accountType + ")=" + accounts.length); + for (Account account : accounts) { + messageBuilder.append(" trying account:" + account.name); + if (accountName.equals(account.name)) { String password = mAccountManager.getPassword(account); String savedPassword = identifier.toString(); @@ -76,10 +77,7 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto } } - } - - //Create the account if it wasn't retrieved, - synchronized (this) { + //Create the account if it wasn't retrieved, if (mAccount == null) { messageBuilder.append(" account identifier when mAccount is null:" +identifier); messageBuilder.append(" attempt to create an account explicitly name=" + accountName + ", accountType=" + accountType); @@ -88,7 +86,6 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto messageBuilder.append("created account status=" + accountCreated); } } - Log.e(TAG, "Retrieved account details name="+mAccount.name+ " type=" +mAccount.type+" hashcode=" + mAccount.hashCode()); } catch (Exception e) { From b00677467e953ed01567ae48c6a035961873cd01 Mon Sep 17 00:00:00 2001 From: am654971 Date: Wed, 14 Jul 2021 14:54:18 +0530 Subject: [PATCH 11/15] Updated the synchronized block to include the key changes --- .../mas/core/storage/sharedstorage/AccountManagerUtil.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java index 834086e87..243f0d671 100755 --- a/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/storage/sharedstorage/AccountManagerUtil.java @@ -53,10 +53,11 @@ public AccountManagerUtil(Context context, String accountName, boolean sharedSto shared = sharedStorage; try { - SharedStorageIdentifier identifier = new SharedStorageIdentifier(); - - mAccountManager = AccountManager.get(MAS.getContext()); synchronized (mutex) { + SharedStorageIdentifier identifier = new SharedStorageIdentifier(); + + mAccountManager = AccountManager.get(MAS.getContext()); + //Attempt to retrieve the account Account[] accounts = mAccountManager.getAccountsByType(accountType); messageBuilder.append(" existing accounts (" + accountType + ")=" + accounts.length); From da6df5439a9a0aeeb6d29f877627975523251feb Mon Sep 17 00:00:00 2001 From: am654971 Date: Thu, 22 Jul 2021 10:49:09 +0530 Subject: [PATCH 12/15] Storing the Code Verifier using shared preference to make it persistent --- .../ca/mas/core/oauth/CodeVerifierCache.java | 27 ++++++++++--------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java b/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java index 93e3f17dc..fe707d935 100644 --- a/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java @@ -8,17 +8,18 @@ package com.ca.mas.core.oauth; +import com.ca.mas.core.storage.sharedstorage.SharedPreferencesUtil; + /** * Temporary cache to store code verifier */ public class CodeVerifierCache { private static CodeVerifierCache instance = new CodeVerifierCache(); - - private String state; - private String codeVerifier; + private SharedPreferencesUtil prefUtil = null; private CodeVerifierCache() { + prefUtil = new SharedPreferencesUtil("codeverifier"); } public static CodeVerifierCache getInstance() { @@ -26,26 +27,26 @@ public static CodeVerifierCache getInstance() { } public void store(String state, String codeVerifier) { - this.state = state; - this.codeVerifier = codeVerifier; + prefUtil.save("state", state); + prefUtil.save("code", codeVerifier); } public String take(String state) { - if (this.state == null && state != null - || this.state != null && !this.state.equals(state)) { + if (prefUtil.getString("state") == null && state != null + || prefUtil.getString("state")!= null && !prefUtil.getString("state").equals(state)) { throw new IllegalStateException("OAuth State Mismatch"); } - String cv = this.codeVerifier; - this.state = null; - this.codeVerifier = null; + String cv = prefUtil.getString("code"); + prefUtil.delete("state"); + prefUtil.delete("code"); return cv; } //Workaround for pre MAG 3.3, Defect reference DE256594 public String take() { - String cv = this.codeVerifier; - this.state = null; - this.codeVerifier = null; + String cv = prefUtil.getString("code"); + prefUtil.delete("state"); + prefUtil.delete("code"); return cv; } From 8d891b8289f6d55d1d2d0a7dbc0873f7d8c473eb Mon Sep 17 00:00:00 2001 From: am654971 Date: Fri, 23 Jul 2021 13:25:08 +0530 Subject: [PATCH 13/15] Adding the code verifier as state as key --- .../ca/mas/core/oauth/CodeVerifierCache.java | 36 ++++++++++--------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java b/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java index fe707d935..76414059d 100644 --- a/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java @@ -11,12 +11,13 @@ import com.ca.mas.core.storage.sharedstorage.SharedPreferencesUtil; /** - * Temporary cache to store code verifier + * Shared preference implementation to store code verifier */ public class CodeVerifierCache { private static CodeVerifierCache instance = new CodeVerifierCache(); private SharedPreferencesUtil prefUtil = null; + private String mState = "##default-state##"; private CodeVerifierCache() { prefUtil = new SharedPreferencesUtil("codeverifier"); @@ -27,28 +28,31 @@ public static CodeVerifierCache getInstance() { } public void store(String state, String codeVerifier) { - prefUtil.save("state", state); - prefUtil.save("code", codeVerifier); + prefUtil.save(mState, codeVerifier); + if (state != null) { + prefUtil.save(state, codeVerifier); + } } - public String take(String state) { - if (prefUtil.getString("state") == null && state != null - || prefUtil.getString("state")!= null && !prefUtil.getString("state").equals(state)) { + //Workaround for pre MAG 3.3, Defect reference DE256594 + public String take() { + String cv = prefUtil.getString(mState); + if (cv == null) { throw new IllegalStateException("OAuth State Mismatch"); } - String cv = prefUtil.getString("code"); - prefUtil.delete("state"); - prefUtil.delete("code"); + prefUtil.delete(mState); return cv; } - //Workaround for pre MAG 3.3, Defect reference DE256594 - public String take() { - String cv = prefUtil.getString("code"); - prefUtil.delete("state"); - prefUtil.delete("code"); + public String take(String state) { + if (state == null) { + return take(); + } + String cv = prefUtil.getString(state); + if (cv == null) { + throw new IllegalStateException("OAuth State Mismatch"); + } + prefUtil.delete(state); return cv; } - - } From 828171a9ec74011f7eb644614ccd40a116e96e6c Mon Sep 17 00:00:00 2001 From: am654971 Date: Fri, 23 Jul 2021 13:37:23 +0530 Subject: [PATCH 14/15] Made the state variable static final --- .../src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java b/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java index 76414059d..7867913eb 100644 --- a/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java @@ -17,7 +17,7 @@ public class CodeVerifierCache { private static CodeVerifierCache instance = new CodeVerifierCache(); private SharedPreferencesUtil prefUtil = null; - private String mState = "##default-state##"; + private static final String mState = "##default-state##"; private CodeVerifierCache() { prefUtil = new SharedPreferencesUtil("codeverifier"); From 4397ebe4f9f7011d4b2998e2e3fea8080aee2ed4 Mon Sep 17 00:00:00 2001 From: am654971 Date: Fri, 23 Jul 2021 13:43:16 +0530 Subject: [PATCH 15/15] state variable name changed --- .../java/com/ca/mas/core/oauth/CodeVerifierCache.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java b/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java index 7867913eb..2901ae0b8 100644 --- a/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java +++ b/mas-foundation/src/main/java/com/ca/mas/core/oauth/CodeVerifierCache.java @@ -17,7 +17,7 @@ public class CodeVerifierCache { private static CodeVerifierCache instance = new CodeVerifierCache(); private SharedPreferencesUtil prefUtil = null; - private static final String mState = "##default-state##"; + private static final String DEFAULT_STATE = "##default-state##"; private CodeVerifierCache() { prefUtil = new SharedPreferencesUtil("codeverifier"); @@ -28,7 +28,7 @@ public static CodeVerifierCache getInstance() { } public void store(String state, String codeVerifier) { - prefUtil.save(mState, codeVerifier); + prefUtil.save(DEFAULT_STATE, codeVerifier); if (state != null) { prefUtil.save(state, codeVerifier); } @@ -36,11 +36,11 @@ public void store(String state, String codeVerifier) { //Workaround for pre MAG 3.3, Defect reference DE256594 public String take() { - String cv = prefUtil.getString(mState); + String cv = prefUtil.getString(DEFAULT_STATE); if (cv == null) { throw new IllegalStateException("OAuth State Mismatch"); } - prefUtil.delete(mState); + prefUtil.delete(DEFAULT_STATE); return cv; }