From b47f5ab1bf0825d4552299796fd3bc9ac83b290a Mon Sep 17 00:00:00 2001 From: Andy Scherzinger Date: Tue, 12 Dec 2023 17:12:46 +0100 Subject: [PATCH 1/2] Bump hwsecurity-fido from 2.4.5 to 4.1.0-patch2 Signed-off-by: Andy Scherzinger --- app/build.gradle | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/app/build.gradle b/app/build.gradle index 4ed5503302..99b086ee4c 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -145,6 +145,7 @@ ext { coilKtVersion = "2.5.0" daggerVersion = "2.49" emojiVersion = "1.4.0" + fidoVersion = "4.1.0-patch2" lifecycleVersion = '2.6.2' okhttpVersion = "4.12.0" markwonVersion = "4.6.2" @@ -252,7 +253,8 @@ dependencies { implementation "io.coil-kt:coil-svg:${coilKtVersion}" implementation 'com.github.natario1:Autocomplete:v1.1.0' - implementation 'com.github.cotechde.hwsecurity:hwsecurity-fido:2.4.5' + implementation "com.github.nextcloud-deps.hwsecurity:hwsecurity-fido:${fidoVersion}" + implementation "com.github.nextcloud-deps.hwsecurity:hwsecurity-fido2:${fidoVersion}" implementation 'com.novoda:merlin:1.2.1' From a77ad7bf742cd2e30aa7bda11a528731b1955023 Mon Sep 17 00:00:00 2001 From: tobiasKaminsky Date: Mon, 18 Dec 2023 09:32:09 +0100 Subject: [PATCH 2/2] Add WebAuthN support Signed-off-by: tobiasKaminsky --- .../nextcloud/talk/account/WebViewLoginActivity.kt | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/app/src/main/java/com/nextcloud/talk/account/WebViewLoginActivity.kt b/app/src/main/java/com/nextcloud/talk/account/WebViewLoginActivity.kt index fb98745730..d2bd035790 100644 --- a/app/src/main/java/com/nextcloud/talk/account/WebViewLoginActivity.kt +++ b/app/src/main/java/com/nextcloud/talk/account/WebViewLoginActivity.kt @@ -66,6 +66,8 @@ import com.nextcloud.talk.utils.bundle.BundleKeys.KEY_TOKEN import com.nextcloud.talk.utils.bundle.BundleKeys.KEY_USERNAME import com.nextcloud.talk.utils.ssl.TrustManager import de.cotech.hw.fido.WebViewFidoBridge +import de.cotech.hw.fido2.WebViewWebauthnBridge +import de.cotech.hw.fido2.ui.WebauthnDialogOptions import io.reactivex.disposables.Disposable import java.lang.reflect.Field import java.net.CookieManager @@ -99,6 +101,7 @@ class WebViewLoginActivity : BaseActivity() { private var loginStep = 0 private var automatedLoginAttempted = false private var webViewFidoBridge: WebViewFidoBridge? = null + private var webViewWebauthnBridge: WebViewWebauthnBridge? = null private val onBackPressedCallback = object : OnBackPressedCallback(true) { override fun handleOnBackPressed() { @@ -164,6 +167,12 @@ class WebViewLoginActivity : BaseActivity() { binding.webview.clearHistory() WebView.clearClientCertPreferences(null) webViewFidoBridge = WebViewFidoBridge.createInstanceForWebView(this, binding.webview) + + val webauthnOptionsBuilder = WebauthnDialogOptions.builder().setShowSdkLogo(true).setAllowSkipPin(true) + webViewWebauthnBridge = WebViewWebauthnBridge.createInstanceForWebView( + this, binding.webview, webauthnOptionsBuilder + ) + CookieSyncManager.createInstance(this) android.webkit.CookieManager.getInstance().removeAllCookies(null) val headers: MutableMap = HashMap() @@ -172,12 +181,14 @@ class WebViewLoginActivity : BaseActivity() { private var basePageLoaded = false override fun shouldInterceptRequest(view: WebView, request: WebResourceRequest): WebResourceResponse? { webViewFidoBridge?.delegateShouldInterceptRequest(view, request) + webViewWebauthnBridge?.delegateShouldInterceptRequest(view, request) return super.shouldInterceptRequest(view, request) } override fun onPageStarted(view: WebView, url: String, favicon: Bitmap?) { super.onPageStarted(view, url, favicon) webViewFidoBridge?.delegateOnPageStarted(view, url, favicon) + webViewWebauthnBridge?.delegateOnPageStarted(view, url, favicon) } @Deprecated("Use shouldOverrideUrlLoading(WebView view, WebResourceRequest request)")