Commit 96ec2b6f authored by Ricki Hirner's avatar Ricki Hirner

Improve certificate notification

* don't remove notification on timeout
* show certificate subject in notification sub-text
* reject certificate temporarily if notificate is swiped out
* show toast when certificate is rejected temporarily
parent 7532ea31
Pipeline #10087992 passed with stage
in 1 minute and 38 seconds
......@@ -36,7 +36,7 @@ class CustomCertManager: X509TrustManager, Closeable {
companion object {
/** how log to wait for a decision from {@link CustomCertService} */
@JvmField
var SERVICE_TIMEOUT: Long = 5 * 60 * 1000
var SERVICE_TIMEOUT: Long = 5*60*1000
val nextDecisionID = AtomicInteger()
val decisions = SparseArray<Boolean?>()
......
......@@ -15,6 +15,7 @@ import android.content.Intent
import android.os.*
import android.support.v4.app.NotificationManagerCompat
import android.support.v7.app.NotificationCompat
import android.widget.Toast
import java.io.File
import java.io.FileInputStream
import java.io.FileOutputStream
......@@ -128,8 +129,10 @@ class CustomCertService: Service() {
} catch(e: KeyStoreException) {
Constants.log.log(Level.SEVERE, "Couldn't add certificate into key store", e)
}
} else
} else {
untrustedCerts.add(cert)
Toast.makeText(this, R.string.service_rejected_temporarily, Toast.LENGTH_LONG).show()
}
// notify receivers which are waiting for a decision
pendingDecisions[cert]?.let { receivers ->
......@@ -220,14 +223,22 @@ class CustomCertService: Service() {
val decisionIntent = Intent(service, TrustCertificateActivity::class.java)
decisionIntent.putExtra(TrustCertificateActivity.EXTRA_CERTIFICATE, cert)
val rejectIntent = Intent(service, CustomCertService::class.java)
with(rejectIntent) {
action = at.bitfire.cert4android.CustomCertService.CMD_CERTIFICATION_DECISION
putExtra(at.bitfire.cert4android.CustomCertService.EXTRA_CERTIFICATE, cert)
putExtra(at.bitfire.cert4android.CustomCertService.EXTRA_TRUSTED, false)
}
val notify = NotificationCompat.Builder(service)
.setSmallIcon(R.drawable.ic_lock_open_white)
.setContentTitle(service.getString(R.string.certificate_notification_connection_security))
.setContentText(service.getString(R.string.certificate_notification_user_interaction))
.setSubText(cert.subjectDN.name)
.setCategory(NotificationCompat.CATEGORY_SERVICE)
.setPriority(NotificationCompat.PRIORITY_HIGH)
.setOngoing(true)
.setContentIntent(PendingIntent.getActivity(service, id, decisionIntent, PendingIntent.FLAG_UPDATE_CURRENT))
.setDeleteIntent(PendingIntent.getService(service, id, rejectIntent, PendingIntent.FLAG_UPDATE_CURRENT))
.build()
val nm = NotificationManagerCompat.from(service)
nm.notify(CertUtils.getTag(cert), Constants.NOTIFICATION_CERT_DECISION, notify)
......@@ -254,9 +265,6 @@ class CustomCertService: Service() {
if (replyInfos == null || replyInfos.isEmpty()) {
// no more decision receivers, remove pending decision
service.pendingDecisions.remove(cert)
val nm = NotificationManagerCompat.from(service)
nm.cancel(CertUtils.getTag(cert), Constants.NOTIFICATION_CERT_DECISION)
}
}
}
......
......@@ -4,6 +4,8 @@
<string name="certificate_notification_connection_security">Connection security</string>
<string name="certificate_notification_user_interaction">Please review the certificate</string>
<string name="service_rejected_temporarily">Certificate temporarily rejected</string>
<string name="trust_certificate_unknown_certificate_found">cert4android has encountered an unknown certificate. Do you want to trust it?</string>
<string name="trust_certificate_x509_certificate_details">X509 certificate details</string>
<string name="trust_certificate_issued_for">Issued for</string>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment