From 4a5ad0a33dce11e75103b335a780324a5fec7e55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20P=C3=B6hn?= Date: Sat, 6 Jan 2018 16:07:19 +0100 Subject: [PATCH] implemented parser for (repository) provisioning --- .../java/org/fdroid/fdroid/Provisioner.java | 242 ++++++++++++++++++ .../java/org/fdroid/fdroid/UpdateService.java | 2 + .../org/fdroid/fdroid/ProvisionerTest.java | 105 ++++++++ .../resources/demo_credentials_user1.fdrp | Bin 0 -> 259 bytes .../resources/demo_credentials_user2.fdrp | Bin 0 -> 220 bytes 5 files changed, 349 insertions(+) create mode 100644 app/src/main/java/org/fdroid/fdroid/Provisioner.java create mode 100644 app/src/test/java/org/fdroid/fdroid/ProvisionerTest.java create mode 100644 app/src/test/resources/demo_credentials_user1.fdrp create mode 100644 app/src/test/resources/demo_credentials_user2.fdrp diff --git a/app/src/main/java/org/fdroid/fdroid/Provisioner.java b/app/src/main/java/org/fdroid/fdroid/Provisioner.java new file mode 100644 index 000000000..03ce936cb --- /dev/null +++ b/app/src/main/java/org/fdroid/fdroid/Provisioner.java @@ -0,0 +1,242 @@ +package org.fdroid.fdroid; + +import android.os.Environment; +import android.util.Base64; + +import com.fasterxml.jackson.databind.ObjectMapper; + +import org.apache.commons.io.IOUtils; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.FilenameFilter; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.nio.charset.Charset; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import java.util.zip.ZipEntry; +import java.util.zip.ZipInputStream; + +/** + * @author Michael Pöhn (michael.poehn@fsfe.org) + */ +public class Provisioner { + + public static final String TAG = "Provisioner"; + + private static final String DEFAULT_PROVISION_DIR = Environment.getExternalStorageDirectory().getPath(); + + protected Provisioner() { + } + + /** + * search for provision files and process them + */ + public void scanAndProcess() { + + List files = findProvisionFiles(); + List plaintexts = extractProvisionsPlaintext(files); + files.clear(); + + List provisions = parseProvisions(plaintexts); + plaintexts.clear(); + + // TODO: do something useful with provisions, like prompting users + for (Provision provision : provisions) { + if (provision.getRepositoryProvision() != null) { + RepositoryProvision repo = provision.getRepositoryProvision(); + Utils.debugLog(TAG, "repository:" + + " " + repo.getName() + + " " + repo.getUrl() + + " " + repo.getUsername()); + } + } + } + + /** + * @return List of + */ + public List findProvisionFiles() { + return findProvisionFilesInDir(new File(DEFAULT_PROVISION_DIR)); + } + + protected List findProvisionFilesInDir(File file) { + File[] files = file.listFiles(new FilenameFilter() { + @Override + public boolean accept(File dir, String name) { + if (name != null && name.endsWith(".fdrp")) { + return true; + } + return false; + } + }); + return files != null ? Arrays.asList(files) : null; + } + + String rot13(String text) { + StringBuilder sb = new StringBuilder(text.length()); + for (int i = 0; i < text.length(); i++) { + char c = text.charAt(i); + if ((c >= 'a' && c <= 'm') || (c >= 'A' && c <= 'M')) { + sb.append(c + 13); + } else if ((c >= 'n' && c <= 'z') || (c >= 'N' && c <= 'Z')) { + sb.append(c - 13); + } else { + sb.append(c); + } + } + return sb.toString(); + } + + protected String deobfuscate(String obfuscated) { + try { + return new String(Base64.decode(rot13(obfuscated), Base64.DEFAULT), "UTF-8"); + } catch (UnsupportedEncodingException e) { + // encoding is defined to be utf8, continue gracefully if this magically fails. + return ""; + } + } + + protected List extractProvisionsPlaintext(List files) { + List result = new ArrayList<>(); + for (File file : files) { + ProvisionPlaintext plain = new ProvisionPlaintext(); + plain.setProvisionPath(file.getAbsolutePath()); + ZipInputStream in = null; + try { + in = new ZipInputStream(new FileInputStream(file)); + ZipEntry zipEntry = null; + while ((zipEntry = in.getNextEntry()) != null) { + String name = zipEntry.getName(); + if ("repo_provision.json".equals(name)) { + if (plain.getRepositoryProvision() != null) { + throw new IOException("provision malformed: contains more than one repo provision file."); + } + plain.setRepositoryProvision(IOUtils.toString(in, Charset.forName("UTF-8"))); + } else if ("repo_provision.ojson".equals(name)) { + if (plain.getRepositoryProvision() != null) { + throw new IOException("provision malformed: contains more than one repo provision file."); + } + plain.setRepositoryProvision(deobfuscate(IOUtils.toString(in, Charset.forName("UTF-8")))); + } + } + } catch (FileNotFoundException e) { + Utils.debugLog(TAG, String.format("finding provision '%s' failed", file.getPath()), e); + continue; + } catch (IOException e) { + Utils.debugLog(TAG, String.format("reading provision '%s' failed", file.getPath()), e); + continue; + } finally { + IOUtils.closeQuietly(in); + } + + result.add(plain); + } + return result; + } + + public List parseProvisions(List provisionPlaintexts) { + + List provisions = new ArrayList<>(); + ObjectMapper mapper = new ObjectMapper(); + + for (ProvisionPlaintext provisionPlaintext : provisionPlaintexts) { + Provision provision = new Provision(); + provision.setProvisonPath(provisionPlaintext.getProvisionPath()); + try { + provision.setRepositoryProvision( + mapper.readValue(provisionPlaintext.getRepositoryProvision(), RepositoryProvision.class)); + } catch (IOException e) { + Utils.debugLog(TAG, "could not parse repository provision", e); + } + provisions.add(provision); + } + + return provisions; + } + + public static class ProvisionPlaintext { + private String provisionPath; + private String repositoryProvision; + + public String getProvisionPath() { + return provisionPath; + } + + public void setProvisionPath(String provisionPath) { + this.provisionPath = provisionPath; + } + + public String getRepositoryProvision() { + return repositoryProvision; + } + + public void setRepositoryProvision(String repositoryProvision) { + this.repositoryProvision = repositoryProvision; + } + } + + public static class Provision { + private String provisonPath; + private RepositoryProvision repositoryProvision; + + public String getProvisonPath() { + return provisonPath; + } + + public void setProvisonPath(String provisonPath) { + this.provisonPath = provisonPath; + } + + public RepositoryProvision getRepositoryProvision() { + return repositoryProvision; + } + + public void setRepositoryProvision(RepositoryProvision repositoryProvision) { + this.repositoryProvision = repositoryProvision; + } + } + + public static class RepositoryProvision { + + private String name; + private String url; + private String username; + private String password; + + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + public String getUrl() { + return url; + } + + public void setUrl(String url) { + this.url = url; + } + + public String getUsername() { + return username; + } + + public void setUsername(String username) { + this.username = username; + } + + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } + } +} diff --git a/app/src/main/java/org/fdroid/fdroid/UpdateService.java b/app/src/main/java/org/fdroid/fdroid/UpdateService.java index e6a02303f..f037132a7 100644 --- a/app/src/main/java/org/fdroid/fdroid/UpdateService.java +++ b/app/src/main/java/org/fdroid/fdroid/UpdateService.java @@ -467,6 +467,8 @@ public class UpdateService extends IntentService { long time = System.currentTimeMillis() - startTime; Log.i(TAG, "Updating repo(s) complete, took " + time / 1000 + " seconds to complete."); + + // TODO provi: this looks like a good spot for adding automated repository provisioning } private void notifyContentProviders() { diff --git a/app/src/test/java/org/fdroid/fdroid/ProvisionerTest.java b/app/src/test/java/org/fdroid/fdroid/ProvisionerTest.java new file mode 100644 index 000000000..368ab6112 --- /dev/null +++ b/app/src/test/java/org/fdroid/fdroid/ProvisionerTest.java @@ -0,0 +1,105 @@ +package org.fdroid.fdroid; + +import org.junit.Assert; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.robolectric.RobolectricTestRunner; +import org.robolectric.annotation.Config; + +import java.io.File; +import java.io.IOException; +import java.util.Arrays; +import java.util.List; + +/** + * @author Michael Poehn (michael.poehn@fsfe.org) + */ +@Config(constants = BuildConfig.class, sdk = 24) +@RunWith(RobolectricTestRunner.class) +@SuppressWarnings("LineLength") +public class ProvisionerTest { + + @Test + public void provisionLookup() throws IOException { + // wired hack for getting resource dir path ... + String resourceDir = getResourceFile( + "demo_credentials_user1.fdrp").getParent(); + + Provisioner p = new Provisioner(); + List files = p.findProvisionFilesInDir(new File(resourceDir)); + + List expectedFilenames = Arrays.asList( + "demo_credentials_user1.fdrp", + "demo_credentials_user2.fdrp"); + + Assert.assertEquals(2, files.size()); + for (File f : files) { + Assert.assertTrue("unexpected file name " + f.getName(), expectedFilenames.contains(f.getName())); + } + } + + @Test + public void rot13() { + Provisioner p = new Provisioner(); + String result = p.rot13("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890{}\"':="); + Assert.assertEquals("nopqrstuvwxyzabcdefghijklmNOPQRSTUVWXYZABCDEFGHIJKLM1234567890{}\"':=", result); + } + + @Test + public void deobfuscate() { + Provisioner p = new Provisioner(); + String result = p.deobfuscate("rlWVMKWuL2kcqUImVwbaGz90nTyhMlOyozE1pzImVTW1qPOwnTShM2HhWljXVPNtVPq3nTIhWmbtJlWuLz91qPN1ZQNtDv5QYvWqsD=="); + Assert.assertEquals("{\"Heraclitus\":'Nothing endures but change.',\n 'when': [\"about 500 B.C.\"]}", result); + } + + @Test + public void extractProvisionsPlaintextUnobfuscated() throws IOException { + Provisioner p = new Provisioner(); + List files = Arrays.asList(getResourceFile("demo_credentials_user2.fdrp")); + List result = p.extractProvisionsPlaintext(files); + + Assert.assertEquals(result.size(), 1); + Assert.assertEquals("{\"username\": \"user2\", \"name\": \"test repo a\", \"password\": \"other secret\", \"url\": \"https://example.com/repo\"}", result.get(0).getRepositoryProvision()); + Assert.assertTrue(String.valueOf(result.get(0).getProvisionPath()).endsWith("demo_credentials_user2.fdrp")); + } + + @Test + public void extractProvisionsPlaintextObfuscated() throws IOException { + Provisioner p = new Provisioner(); + List files = Arrays.asList(getResourceFile("demo_credentials_user1.fdrp")); + List result = p.extractProvisionsPlaintext(files); + + Assert.assertEquals(result.size(), 1); + Assert.assertEquals("{\"username\": \"user1\", \"password\": \"secret1\", \"name\": \"test repo a\", \"url\": \"https://example.com/repo\"}", result.get(0).getRepositoryProvision()); + Assert.assertTrue(String.valueOf(result.get(0).getProvisionPath()).endsWith("demo_credentials_user1.fdrp")); + } + + @Test + public void parseProvisions() { + + List plaintexts = Arrays.asList(new Provisioner.ProvisionPlaintext(), new Provisioner.ProvisionPlaintext()); + plaintexts.get(0).setProvisionPath("/some/dir/abc.fdrp"); + plaintexts.get(0).setRepositoryProvision("{\"username\": \"user1\", \"password\": \"secret1\", \"name\": \"test repo a\", \"url\": \"https://example.com/repo\"}"); + plaintexts.get(1).setProvisionPath("/some/dir/def.fdrp"); + plaintexts.get(1).setRepositoryProvision("{\"username\": \"user2\", \"name\": \"test repo a\", \"password\": \"other secret\", \"url\": \"https://example.com/repo\"}"); + + Provisioner p = new Provisioner(); + List result = p.parseProvisions(plaintexts); + + Assert.assertEquals("/some/dir/abc.fdrp", result.get(0).getProvisonPath()); + Assert.assertEquals("test repo a", result.get(0).getRepositoryProvision().getName()); + Assert.assertEquals("https://example.com/repo", result.get(0).getRepositoryProvision().getUrl()); + Assert.assertEquals("user1", result.get(0).getRepositoryProvision().getUsername()); + Assert.assertEquals("secret1", result.get(0).getRepositoryProvision().getPassword()); + + Assert.assertEquals("/some/dir/def.fdrp", result.get(1).getProvisonPath()); + Assert.assertEquals("test repo a", result.get(1).getRepositoryProvision().getName()); + Assert.assertEquals("https://example.com/repo", result.get(1).getRepositoryProvision().getUrl()); + Assert.assertEquals("user2", result.get(1).getRepositoryProvision().getUsername()); + Assert.assertEquals("other secret", result.get(1).getRepositoryProvision().getPassword()); + } + + private File getResourceFile(String resourceFileName) { + return new File(getClass().getClassLoader().getResource(resourceFileName).getPath()); + } +} diff --git a/app/src/test/resources/demo_credentials_user1.fdrp b/app/src/test/resources/demo_credentials_user1.fdrp new file mode 100644 index 0000000000000000000000000000000000000000..6864a8ab38d604fef0158fc76e226d4b89782822 GIT binary patch literal 259 zcmWIWW@Zs#U|`??Vnv3t+ZfhX0$CkE3=%C$Ey#~AD9SI(EY8f&)635)&d*crI>>iO zL4dV><)kY&lBJ!O>~PwmcX4sMlz@}rCf^@bo%imY*|Xhzb}Og+>8G4B+gJRrd2Vt2 zZQmyT&QiHA>sckL`HTKL70K)5_C0Q7vkIK$;t_RqnT}uju9vTt%q*RyL3lMj&(o(yPJh0jqme A>Hq)$ literal 0 HcmV?d00001 diff --git a/app/src/test/resources/demo_credentials_user2.fdrp b/app/src/test/resources/demo_credentials_user2.fdrp new file mode 100644 index 0000000000000000000000000000000000000000..d0122cdba33c81d8fe790b42d134f294e5a8bc95 GIT binary patch literal 220 zcmWIWW@Zs#U|`??Vnqh?hmWg5fUImF76#&?)Pnr@f};Gg%;L=aJiV;q{5;b$j$91} zJT4bkx2!qZbo$=1D~)c=v