msb-public
/
FairEmail
mirror of https://github.com/M66B/FairEmail.git
1
0
Code Issues Projects Releases Wiki Activity

OAuth configure

Browse Source
pull/170/head
M66B 6 years ago
parent 0737a88ea2
commit 0bd87ead2e
2 changed files with 223 additions and 144 deletions
Show Stats Download Patch File Download Diff File

195
app/src/main/java/eu/faircode/email/ActivitySetup.java
Unescape View File

@ -136,6 +136,8 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
private static final int KEY_ITERATIONS = 65536; private static final int KEY_ITERATIONS = 65536;
private static final int KEY_LENGTH = 256; private static final int KEY_LENGTH = 256;
private static final int OAUTH_TIMEOUT = 20 * 1000; // milliseconds
static final int REQUEST_PERMISSION = 1; static final int REQUEST_PERMISSION = 1;
static final int REQUEST_SOUND = 2; static final int REQUEST_SOUND = 2;
static final int REQUEST_EXPORT = 3; static final int REQUEST_EXPORT = 3;
@ -147,7 +149,6 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
static final String ACTION_QUICK_GMAIL = BuildConfig.APPLICATION_ID + ".ACTION_QUICK_GMAIL"; static final String ACTION_QUICK_GMAIL = BuildConfig.APPLICATION_ID + ".ACTION_QUICK_GMAIL";
static final String ACTION_QUICK_OAUTH = BuildConfig.APPLICATION_ID + ".ACTION_QUICK_OAUTH"; static final String ACTION_QUICK_OAUTH = BuildConfig.APPLICATION_ID + ".ACTION_QUICK_OAUTH";
static final String ACTION_QUICK_OUTLOOK = BuildConfig.APPLICATION_ID + ".ACTION_QUICK_OUTLOOK";
static final String ACTION_QUICK_SETUP = BuildConfig.APPLICATION_ID + ".ACTION_QUICK_SETUP"; static final String ACTION_QUICK_SETUP = BuildConfig.APPLICATION_ID + ".ACTION_QUICK_SETUP";
static final String ACTION_VIEW_ACCOUNTS = BuildConfig.APPLICATION_ID + ".ACTION_VIEW_ACCOUNTS"; static final String ACTION_VIEW_ACCOUNTS = BuildConfig.APPLICATION_ID + ".ACTION_VIEW_ACCOUNTS";
static final String ACTION_VIEW_IDENTITIES = BuildConfig.APPLICATION_ID + ".ACTION_VIEW_IDENTITIES"; static final String ACTION_VIEW_IDENTITIES = BuildConfig.APPLICATION_ID + ".ACTION_VIEW_IDENTITIES";
@ -1197,6 +1198,7 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
.setState(provider.name) .setState(provider.name)
.build(); .build();
Log.i("OAuth request provider=" + provider.name);
Intent authIntent = getAuthorizationService().getAuthorizationRequestIntent(authRequest); Intent authIntent = getAuthorizationService().getAuthorizationRequestIntent(authRequest);
startActivityForResult(authIntent, REQUEST_OAUTH); startActivityForResult(authIntent, REQUEST_OAUTH);
@ -1215,9 +1217,8 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
if (auth == null) if (auth == null)
throw AuthorizationException.fromIntent(data); throw AuthorizationException.fromIntent(data);
for (EmailProvider provider : EmailProvider.loadProfiles(this)) for (final EmailProvider provider : EmailProvider.loadProfiles(this))
if (provider.name.equals(auth.state)) { if (provider.name.equals(auth.state)) {
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this); SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
final AuthState authState = AuthState.jsonDeserialize(prefs.getString("oauth." + provider.name, null)); final AuthState authState = AuthState.jsonDeserialize(prefs.getString("oauth." + provider.name, null));
authState.update(auth, null); authState.update(auth, null);
@ -1228,6 +1229,8 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
clientAuth = NoClientAuthentication.INSTANCE; clientAuth = NoClientAuthentication.INSTANCE;
else else
clientAuth = new ClientSecretPost(provider.oauth.clientSecret); clientAuth = new ClientSecretPost(provider.oauth.clientSecret);
Log.i("OAuth get token provider=" + provider.name);
getAuthorizationService().performTokenRequest( getAuthorizationService().performTokenRequest(
auth.createTokenExchangeRequest(), auth.createTokenExchangeRequest(),
clientAuth, clientAuth,
@ -1238,28 +1241,9 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
if (access == null) if (access == null)
throw error; throw error;
Log.i("OAuth got token provider=" + provider.name);
authState.update(access, null); authState.update(access, null);
onOAuthorized(provider.name, access.accessToken, authState);
Log.i("OAuth token provider=" + provider.name);
if ("Gmail".equals(provider.name)) {
} else if ("Outlook/Office365".equals(provider.name)) {
authState.performActionWithFreshTokens(getAuthorizationService(), new AuthState.AuthStateAction() {
@Override
public void execute(String accessToken, String idToken, AuthorizationException error) {
try {
if (error != null)
throw error;
onOutlook(accessToken, idToken);
} catch (Throwable ex) {
Log.unexpectedError(getSupportFragmentManager(), ex);
}
}
});
} else
throw new IllegalArgumentException("Unknown action provider=" + provider.name);
} catch (Throwable ex) { } catch (Throwable ex) {
Log.unexpectedError(getSupportFragmentManager(), ex); Log.unexpectedError(getSupportFragmentManager(), ex);
} }
@ -1275,68 +1259,115 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
} }
} }
private void onOutlook(String accessToken, String idToken) { private void onOAuthorized(String name, String accessToken, AuthState state) {
Bundle args = new Bundle(); Bundle args = new Bundle();
args.putString("name", name);
args.putString("token", accessToken); args.putString("token", accessToken);
args.putString("state", state.jsonSerializeString());
new SimpleTask<JSONObject>() { new SimpleTask<Void>() {
@Override @Override
protected JSONObject onExecute(Context context, Bundle args) throws Throwable { protected Void onExecute(Context context, Bundle args) throws Throwable {
String name = args.getString("name");
String token = args.getString("token"); String token = args.getString("token");
String state = args.getString("state");
// https://docs.microsoft.com/en-us/graph/api/user-get?view=graph-rest-1.0&tabs=http#http-request String emailAddress = null;
URL url = new URL("https://graph.microsoft.com/v1.0/me" + String displayName = null;
"?$select=displayName,otherMails");
Log.i("MSGraph fetching " + url); if ("Gmail".equals(name)) {
// https://developers.google.com/gmail/api/v1/reference/users/getProfile
URL url = new URL("https://www.googleapis.com/gmail/v1/users/me/settings/sendAs");
Log.i("Fetching " + url);
HttpURLConnection request = (HttpURLConnection) url.openConnection(); HttpURLConnection request = (HttpURLConnection) url.openConnection();
request.setReadTimeout(15 * 1000); request.setReadTimeout(OAUTH_TIMEOUT);
request.setConnectTimeout(15 * 1000); request.setConnectTimeout(OAUTH_TIMEOUT);
request.setRequestMethod("GET"); request.setRequestMethod("GET");
request.setDoInput(true); request.setDoInput(true);
request.setRequestProperty("Authorization", "Bearer " + token); request.setRequestProperty("Authorization", "Bearer " + token);
request.setRequestProperty("Content-Type", "application/json"); request.setRequestProperty("Accept", "application/json");
request.connect(); request.connect();
try { try {
Log.i("MSGraph getting response");
String json = Helper.readStream(request.getInputStream(), StandardCharsets.UTF_8.name()); String json = Helper.readStream(request.getInputStream(), StandardCharsets.UTF_8.name());
return new JSONObject(json); Log.i("Response=" + json);
JSONObject data = new JSONObject(json);
String altDisplayName = null;
JSONArray sendAs = (JSONArray) data.get("sendAs");
for (int i = 0; i < sendAs.length(); i++) {
JSONObject send = (JSONObject) sendAs.get(i);
if (send.optBoolean("isPrimary")) {
emailAddress = send.getString("sendAsEmail");
displayName = send.getString("displayName");
}
if (TextUtils.isEmpty(altDisplayName))
altDisplayName = send.getString("sendAsEmail");
}
} finally { } finally {
request.disconnect(); request.disconnect();
} }
} } else if ("Outlook/Office365".equals(name)) {
// https://docs.microsoft.com/en-us/graph/api/user-get?view=graph-rest-1.0&tabs=http#http-request
URL url = new URL("https://graph.microsoft.com/v1.0/me?$select=displayName,otherMails");
Log.i("Fetching " + url);
@Override HttpURLConnection request = (HttpURLConnection) url.openConnection();
protected void onExecuted(Bundle args, JSONObject data) { request.setReadTimeout(OAUTH_TIMEOUT);
Log.i("MSGraph " + data); request.setConnectTimeout(OAUTH_TIMEOUT);
request.setRequestMethod("GET");
request.setDoInput(true);
request.setRequestProperty("Authorization", "Bearer " + token);
request.setRequestProperty("Content-Type", "application/json");
request.connect();
try { try {
String json = Helper.readStream(request.getInputStream(), StandardCharsets.UTF_8.name());
Log.i("Response=" + json);
JSONObject data = new JSONObject(json);
JSONArray otherMails = data.getJSONArray("otherMails"); JSONArray otherMails = data.getJSONArray("otherMails");
args.putString("displayName", data.getString("displayName")); emailAddress = (String) otherMails.get(0);
args.putString("email", (String) otherMails.get(0)); displayName = data.getString("displayName");
} finally {
request.disconnect();
}
} else
throw new IllegalArgumentException("Unknown provider=" + name);
if (TextUtils.isEmpty(emailAddress))
throw new IllegalArgumentException("email address missing");
if (TextUtils.isEmpty(displayName))
displayName = emailAddress;
new SimpleTask<Void>() { Log.i("OAuth email=" + emailAddress + " name=" + displayName);
@Override
protected Void onExecute(Context context, Bundle args) throws Throwable { for (EmailProvider provider : EmailProvider.loadProfiles(context))
String token = args.getString("token"); if (provider.name.equals(name)) {
String email = args.getString("email");
String displayName = args.getString("displayName");
List<EntityFolder> folders; List<EntityFolder> folders;
// https://msdn.microsoft.com/en-us/windows/desktop/dn440163 Log.i("OAuth checking IMAP provider=" + provider.name);
String host = "imap-mail.outlook.com"; String aprotocol = provider.imap.starttls ? "imap" : "imaps";
int port = 993; try (MailService iservice = new MailService(context, aprotocol, null, false, true, true)) {
boolean starttls = false; iservice.connect(provider.imap.host, provider.imap.port, MailService.AUTH_TYPE_OAUTH, emailAddress, state, null);
String user = email;
String password = token;
try (MailService iservice = new MailService(context, "imaps", null, false, true, true)) {
iservice.connect(host, port, MailService.AUTH_TYPE_OUTLOOK, user, password, null);
folders = iservice.getFolders(); folders = iservice.getFolders();
if (folders == null)
throw new IllegalArgumentException(context.getString(R.string.title_setup_no_system_folders));
}
Log.i("OAuth checking SMTP provider=" + provider.name);
String iprotocol = provider.smtp.starttls ? "smtp" : "smtps";
try (MailService iservice = new MailService(context, iprotocol, null, false, true, true)) {
iservice.connect(provider.smtp.host, provider.smtp.port, MailService.AUTH_TYPE_OAUTH, emailAddress, state, null);
}
Log.i("OAuth passed provider=" + provider.name);
DB db = DB.getInstance(context); DB db = DB.getInstance(context);
try { try {
db.beginTransaction(); db.beginTransaction();
@ -1346,14 +1377,14 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
// Create account // Create account
EntityAccount account = new EntityAccount(); EntityAccount account = new EntityAccount();
account.host = host; account.host = provider.imap.host;
account.starttls = starttls; account.starttls = provider.imap.starttls;
account.port = port; account.port = provider.imap.port;
account.auth_type = MailService.AUTH_TYPE_OUTLOOK; account.auth_type = MailService.AUTH_TYPE_OAUTH;
account.user = user; account.user = emailAddress;
account.password = password; account.password = state;
account.name = "OutLook"; account.name = provider.name;
account.synchronize = true; account.synchronize = true;
account.primary = (primary == null); account.primary = (primary == null);
@ -1363,13 +1394,13 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
account.id = db.account().insertAccount(account); account.id = db.account().insertAccount(account);
args.putLong("account", account.id); args.putLong("account", account.id);
EntityLog.log(context, "OutLook account=" + account.name); EntityLog.log(context, "OAuth account=" + account.name);
// Create folders // Create folders
for (EntityFolder folder : folders) { for (EntityFolder folder : folders) {
folder.account = account.id; folder.account = account.id;
folder.id = db.folder().insertFolder(folder); folder.id = db.folder().insertFolder(folder);
EntityLog.log(context, "OutLook folder=" + folder.name + " type=" + folder.type); EntityLog.log(context, "OAuth folder=" + folder.name + " type=" + folder.type);
} }
// Set swipe left/right folder // Set swipe left/right folder
@ -1383,48 +1414,46 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
// Create identity // Create identity
EntityIdentity identity = new EntityIdentity(); EntityIdentity identity = new EntityIdentity();
identity.name = displayName; identity.name = name;
identity.email = user; identity.email = displayName;
identity.account = account.id; identity.account = account.id;
identity.host = "smtp-mail.outlook.com"; identity.host = provider.smtp.host;
identity.starttls = true; identity.starttls = provider.smtp.starttls;
identity.port = 587; identity.port = provider.smtp.port;
identity.auth_type = MailService.AUTH_TYPE_OUTLOOK; identity.auth_type = MailService.AUTH_TYPE_GMAIL;
identity.user = user; identity.user = emailAddress;
identity.password = password; identity.password = state;
identity.synchronize = true; identity.synchronize = true;
identity.primary = true; identity.primary = true;
identity.id = db.identity().insertIdentity(identity); identity.id = db.identity().insertIdentity(identity);
args.putLong("identity", identity.id); args.putLong("identity", identity.id);
EntityLog.log(context, "Gmail identity=" + identity.name + " email=" + identity.email); EntityLog.log(context, "OAuth identity=" + identity.name + " email=" + identity.email);
db.setTransactionSuccessful(); db.setTransactionSuccessful();
} finally { } finally {
db.endTransaction(); db.endTransaction();
} }
ServiceSynchronize.eval(context, "OAuth");
} }
return null; return null;
} }
@Override @Override
protected void onException(Bundle args, Throwable ex) { protected void onExecuted(Bundle args, Void data) {
FragmentReview fragment = new FragmentReview();
} fragment.setArguments(args);
}.execute(ActivitySetup.this, args, "outlook:account"); fragment.show(getSupportFragmentManager(), "oauth:review");
} catch (JSONException ex) {
Log.e(ex);
}
} }
@Override @Override
protected void onException(Bundle args, Throwable ex) { protected void onException(Bundle args, Throwable ex) {
Log.unexpectedError(getSupportFragmentManager(), ex); Log.unexpectedError(getSupportFragmentManager(), ex);
} }
}.execute(ActivitySetup.this, args, "graph:profile"); }.execute(ActivitySetup.this, args, "oauth:configure");
} }
private void onViewQuickSetup(Intent intent) { private void onViewQuickSetup(Intent intent) {

56
app/src/main/java/eu/faircode/email/MailService.java
Unescape View File

@ -14,6 +14,10 @@ import com.sun.mail.imap.IMAPStore;
import com.sun.mail.smtp.SMTPTransport; import com.sun.mail.smtp.SMTPTransport;
import com.sun.mail.util.MailConnectException; import com.sun.mail.util.MailConnectException;
import net.openid.appauth.AuthState;
import net.openid.appauth.AuthorizationException;
import net.openid.appauth.AuthorizationService;
import org.bouncycastle.asn1.x509.GeneralName; import org.bouncycastle.asn1.x509.GeneralName;
import org.jetbrains.annotations.NotNull; import org.jetbrains.annotations.NotNull;
@ -41,6 +45,7 @@ import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Properties; import java.util.Properties;
import java.util.concurrent.ExecutorService; import java.util.concurrent.ExecutorService;
import java.util.concurrent.Semaphore;
import javax.mail.AuthenticationFailedException; import javax.mail.AuthenticationFailedException;
import javax.mail.Folder; import javax.mail.Folder;
@ -72,7 +77,7 @@ public class MailService implements AutoCloseable {
static final int AUTH_TYPE_PASSWORD = 1; static final int AUTH_TYPE_PASSWORD = 1;
static final int AUTH_TYPE_GMAIL = 2; static final int AUTH_TYPE_GMAIL = 2;
static final int AUTH_TYPE_OUTLOOK = 3; static final int AUTH_TYPE_OAUTH = 3;
private final static int CHECK_TIMEOUT = 15 * 1000; // milliseconds private final static int CHECK_TIMEOUT = 15 * 1000; // milliseconds
private final static int CONNECT_TIMEOUT = 20 * 1000; // milliseconds private final static int CONNECT_TIMEOUT = 20 * 1000; // milliseconds
@ -227,15 +232,21 @@ public class MailService implements AutoCloseable {
} }
try { try {
if (auth == AUTH_TYPE_GMAIL || auth == AUTH_TYPE_OUTLOOK) if (auth == AUTH_TYPE_GMAIL || auth == AUTH_TYPE_OAUTH)
properties.put("mail." + protocol + ".auth.mechanisms", "XOAUTH2"); properties.put("mail." + protocol + ".auth.mechanisms", "XOAUTH2");
//if (BuildConfig.DEBUG) //if (BuildConfig.DEBUG)
// throw new MailConnectException( // throw new MailConnectException(
// new SocketConnectException("Debug", new Exception("Test"), host, port, 0)); // new SocketConnectException("Debug", new Exception("Test"), host, port, 0));
if (auth == AUTH_TYPE_OAUTH) {
AuthState authState = OAuthRefresh(context, password);
_connect(context, host, port, user, authState.getAccessToken(), factory);
return authState.jsonSerializeString();
} else {
_connect(context, host, port, user, password, factory); _connect(context, host, port, user, password, factory);
return null; return null;
}
} catch (AuthenticationFailedException ex) { } catch (AuthenticationFailedException ex) {
// Refresh token // Refresh token
if (auth == AUTH_TYPE_GMAIL) if (auth == AUTH_TYPE_GMAIL)
@ -260,7 +271,11 @@ public class MailService implements AutoCloseable {
Log.e(ex1); Log.e(ex1);
throw new AuthenticationFailedException(ex.getMessage(), ex1); throw new AuthenticationFailedException(ex.getMessage(), ex1);
} }
else else if (auth == AUTH_TYPE_OAUTH) {
AuthState authState = OAuthRefresh(context, password);
_connect(context, host, port, user, authState.getAccessToken(), factory);
return authState.jsonSerializeString();
} else
throw ex; throw ex;
} catch (MailConnectException ex) { } catch (MailConnectException ex) {
try { try {
@ -358,6 +373,41 @@ public class MailService implements AutoCloseable {
} }
} }
private static class ErrorHolder {
AuthorizationException error;
}
static AuthState OAuthRefresh(Context context, String json) throws MessagingException {
try {
AuthState authState = AuthState.jsonDeserialize(json);
Semaphore semaphore = new Semaphore(0);
ErrorHolder holder = new ErrorHolder();
Log.i("OAuth refresh");
AuthorizationService authService = new AuthorizationService(context);
authState.performActionWithFreshTokens(authService, new AuthState.AuthStateAction() {
@Override
public void execute(String accessToken, String idToken, AuthorizationException error) {
if (error != null)
holder.error = error;
semaphore.release();
}
});
semaphore.acquire();
Log.i("OAuth refreshed");
if (holder.error != null)
throw holder.error;
return authState;
} catch (Exception ex) {
throw new MessagingException("OAuth refresh", ex);
}
}
static String getAuthTokenType(String type) { static String getAuthTokenType(String type) {
// https://developers.google.com/gmail/imap/xoauth2-protocol // https://developers.google.com/gmail/imap/xoauth2-protocol
if ("com.google".equals(type)) if ("com.google".equals(type))

Write Preview
Loading…
Cancel
Save