Commit 41a07a87 authored by Julian Sparber's avatar Julian Sparber

accountsettings: generate client secret for each request

* Generate a 36 char long secret needed by the API calls
  for adding phone numbers and email addresses
* Simplify callback for the address button and remove duplicated code

https://gitlab.gnome.org/World/fractal/issues/21
parent 7c459d39
......@@ -82,9 +82,9 @@ pub enum BKResponse {
Name(String),
SetUserName(String),
GetThreePID(Vec<UserInfo>),
GetTokenEmail(String),
GetTokenPhone(String),
SubmitPhoneToken(Option<String>),
GetTokenEmail(String, String),
GetTokenPhone(String, String),
SubmitPhoneToken(Option<String>, String),
AddThreePID(String),
GetTokenPhoneUsed,
GetTokenEmailUsed,
......
......@@ -102,7 +102,7 @@ pub fn get_email_token(bk: &Backend, identity: String, email: String, client_sec
let attrs = json!({
"id_server": identity[8..],
"client_secret": client_secret,
"client_secret": client_secret.clone(),
"email": email,
"send_attempt": "1",
});
......@@ -111,7 +111,7 @@ pub fn get_email_token(bk: &Backend, identity: String, email: String, client_sec
post!(&url, &attrs,
|r: JsonValue| {
let sid = String::from(r["sid"].as_str().unwrap_or(""));
tx.send(BKResponse::GetTokenEmail(sid)).unwrap();
tx.send(BKResponse::GetTokenEmail(sid, client_secret)).unwrap();
},
|err| {
match err {
......@@ -141,7 +141,7 @@ pub fn get_phone_token(bk: &Backend, identity: String, phone: String, client_sec
post!(&url, &attrs,
|r: JsonValue| {
let sid = String::from(r["sid"].as_str().unwrap_or(""));
tx.send(BKResponse::GetTokenPhone(sid)).unwrap();
tx.send(BKResponse::GetTokenPhone(sid, client_secret)).unwrap();
},
|err| {
match err {
......@@ -162,7 +162,7 @@ pub fn add_threepid(bk: &Backend, identity: String, client_secret: String, sid:
"three_pid_creds": {
"id_server": identity[8..],
"sid": sid,
"client_secret": client_secret
"client_secret": client_secret.clone()
},
"bind": true
});
......
......@@ -53,13 +53,15 @@ pub fn backend_loop(rx: Receiver<BKResponse>) {
let l = Some(list);
APPOP!(set_three_pid, (l));
}
Ok(BKResponse::GetTokenEmail(sid)) => {
Ok(BKResponse::GetTokenEmail(sid, secret)) => {
let sid = Some(sid);
APPOP!(get_token_email, (sid));
let secret = Some(secret);
APPOP!(get_token_email, (sid, secret));
}
Ok(BKResponse::GetTokenPhone(sid)) => {
Ok(BKResponse::GetTokenPhone(sid, secret)) => {
let sid = Some(sid);
APPOP!(get_token_phone, (sid));
let secret = Some(secret);
APPOP!(get_token_phone, (sid, secret));
}
Ok(BKResponse:: GetTokenEmailUsed) => {
let error = gettext("Email is already in use");
......@@ -69,8 +71,9 @@ pub fn backend_loop(rx: Receiver<BKResponse>) {
let error = gettext("Phone number is already in use");
APPOP!(show_three_pid_error_dialog, (error));
}
Ok(BKResponse:: SubmitPhoneToken(sid)) => {
APPOP!(valid_phone_token, (sid));
Ok(BKResponse:: SubmitPhoneToken(sid, secret)) => {
let secret = Some(secret);
APPOP!(valid_phone_token, (sid, secret));
}
Ok(BKResponse:: AddThreePID(list)) => {
let l = Some(list);
......
......@@ -24,9 +24,11 @@ impl AppOp {
self.get_three_pid();
}
pub fn valid_phone_token(&self, sid: Option<String>) {
pub fn valid_phone_token(&self, sid: Option<String>, secret: Option<String>) {
if let Some(sid) = sid {
let _ = self.backend.send(BKCommand::AddThreePID(self.identity_url.clone(), String::from("canitworksandia2"), sid.clone()));
if let Some(secret) = secret {
let _ = self.backend.send(BKCommand::AddThreePID(self.identity_url.clone(), secret.clone(), sid.clone()));
}
}
else {
self.show_error_dialog(String::from("The validation code is not correct."));
......@@ -34,7 +36,7 @@ impl AppOp {
}
}
pub fn show_phone_dialog(&self, sid: String) {
pub fn show_phone_dialog(&self, sid: String, secret: String) {
let parent = self.ui.builder
.get_object::<gtk::Window>("main_window")
.expect("Can't find main_window in ui file.");
......@@ -75,8 +77,7 @@ impl AppOp {
match gtk::ResponseType::from(r) {
gtk::ResponseType::Ok => {
if let Some(token) = value.get_text() {
// identity_url with https://
let _ = backend.send(BKCommand::SubmitPhoneToken(id_server.clone(), String::from("canitworksandia2"), sid.clone(), token));
let _ = backend.send(BKCommand::SubmitPhoneToken(id_server.clone(), secret.clone(), sid.clone(), token));
}
},
_ => {}
......@@ -86,7 +87,7 @@ impl AppOp {
dialog.show_all();
}
pub fn show_email_dialog(&self, sid: String) {
pub fn show_email_dialog(&self, sid: String, secret: String) {
let parent = self.ui.builder
.get_object::<gtk::Window>("main_window")
.expect("Can't find main_window in ui file.");
......@@ -101,7 +102,7 @@ impl AppOp {
dialog.connect_response(move |w, r| {
match gtk::ResponseType::from(r) {
gtk::ResponseType::Ok => {
let _ = backend.send(BKCommand::AddThreePID(id_server.clone(), String::from("tosecretsecret2"), sid.clone()));
let _ = backend.send(BKCommand::AddThreePID(id_server.clone(), secret.clone(), sid.clone()));
},
_ => {}
}
......@@ -134,18 +135,19 @@ impl AppOp {
}
pub fn get_token_email(&mut self, sid: Option<String>) {
self.tmp_sid = sid.clone();
pub fn get_token_email(&mut self, sid: Option<String>, secret: Option<String>) {
if let Some(sid) = sid {
self.show_email_dialog(sid);
if let Some(secret) = secret {
self.show_email_dialog(sid, secret);
}
}
}
pub fn get_token_phone(&mut self, sid: Option<String>) {
self.tmp_sid = sid.clone();
pub fn get_token_phone(&mut self, sid: Option<String>, secret: Option<String>) {
if let Some(sid) = sid {
println!("Phone sid: {}", sid);
self.show_phone_dialog(sid);
if let Some(secret) = secret {
self.show_phone_dialog(sid, secret);
}
}
}
......@@ -380,7 +382,6 @@ impl AppOp {
.get_object::<gtk::EventBox>("account_settings_delete_toggle")
.expect("Can't find account_settings_delete_toggle in ui file.");
self.tmp_avatar = None;
advanced_toggle.get_style_context().unwrap().remove_class("advanced_revealer_divider");
delete_toggle.get_style_context().unwrap().remove_class("advanced_revealer_divider");
advanced.set_reveal_child(false);
......
......@@ -81,9 +81,6 @@ pub struct AppOp {
pub popover_search: Option<String>,
pub popover_closing: bool,
pub tmp_avatar: Option<String>,
pub tmp_sid: Option<String>,
pub state: AppState,
pub since: Option<String>,
pub member_limit: usize,
......@@ -134,9 +131,6 @@ impl AppOp {
member_limit: 50,
unsent_messages: HashMap::new(),
tmp_avatar: None,
tmp_sid: None,
highlighted_entry: vec![],
popover_position: None,
popover_search: None,
......
extern crate rand;
extern crate gtk;
use self::rand::{thread_rng, Rng};
use self::gtk::prelude::*;
use glib::signal;
......@@ -154,70 +156,36 @@ impl<'a> Address<'a> {
let backend = &self.op.backend;
self.signal_id = Some(self.button.clone().connect_clicked(clone!(id_server, medium, action, entry, address, backend => move |w| {
if w.get_sensitive() && w.is_visible() {
/* get address from entry if we don't have one */
let address = if address.is_none() {
entry.get_text()
}
else {
address.clone()
let spinner = gtk::Spinner::new();
spinner.start();
w.set_image(&spinner);
w.set_sensitive(false);
entry.set_editable(false);
let medium = match medium {
AddressType::Email => String::from("email"),
AddressType::Phone => String::from("msisdn"),
};
if let Some(address) = address.clone() {
match medium {
AddressType::Email => {
if let Some(action) = action.clone() {
match action {
AddressAction::Delete => {
println!("Delete email address");
let spinner = gtk::Spinner::new();
spinner.start();
w.set_image(&spinner);
w.set_sensitive(false);
entry.set_editable(false);
backend.send(
BKCommand::DeleteThreePID(String::from("email"), address)).unwrap();
},
AddressAction::Add => {
println!("Add email address");
let spinner = gtk::Spinner::new();
spinner.start();
w.set_image(&spinner);
w.set_sensitive(false);
entry.set_editable(false);
backend.send(
BKCommand::GetTokenEmail(
id_server.clone(), address, String::from("tosecretsecret2"))).unwrap();
},
}
if let Some(action) = action.clone() {
match action {
AddressAction::Delete => {
if let Some(address) = address.clone() {
backend.send(BKCommand::DeleteThreePID(medium, address)).unwrap();
}
},
AddressType::Phone => {
if let Some(ref action) = action {
match action {
AddressAction::Delete => {
println!("Delete phone number, call");
let spinner = gtk::Spinner::new();
spinner.start();
w.set_image(&spinner);
w.set_sensitive(false);
entry.set_editable(false);
backend.send(
BKCommand::DeleteThreePID(String::from("msisdn"), address)).unwrap();
},
AddressAction::Add => {
println!("Add phone address");
let spinner = gtk::Spinner::new();
spinner.start();
w.set_image(&spinner);
w.set_sensitive(false);
entry.set_editable(false);
backend.send(
BKCommand::GetTokenPhone(
id_server.clone(), address, String::from("canitworksandia2"))).unwrap();
},
AddressAction::Add => {
if let Some(address) = entry.get_text() {
let secret: String = thread_rng().gen_ascii_chars().take(36).collect();
if medium == "msisdn" {
backend.send(BKCommand::GetTokenPhone(id_server.clone(), address, secret)).unwrap();
}
else {
backend.send(BKCommand::GetTokenEmail(id_server.clone(), address, secret)).unwrap();
}
}
},
};
}
}
}
})));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment