Mirrors/FairEmail
1
0
Fork 0
mirror of https://github.com/M66B/FairEmail.git synced 2026-04-02 23:26:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added OAuth PKCE support

Browse Source 
https://oauth.net/2/pkce/
This commit is contained in:
M66B
2020-07-16 18:50:36 +02:00
parent 5ee4955841
commit 8e78172c92
3 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/src/main/java/eu/faircode/email/EmailProvider.java
View File

@@ -159,6 +159,7 @@ public class EmailProvider {
provider.oauth.askAccount = xml.getAttributeBooleanValue(null, "askAccount", false);
provider.oauth.clientId = xml.getAttributeValue(null, "clientId");
provider.oauth.clientSecret = xml.getAttributeValue(null, "clientSecret");
provider.oauth.pcke = xml.getAttributeBooleanValue(null, "pcke", false);
provider.oauth.scopes = xml.getAttributeValue(null, "scopes").split(",");
provider.oauth.authorizationEndpoint = xml.getAttributeValue(null, "authorizationEndpoint");
provider.oauth.tokenEndpoint = xml.getAttributeValue(null, "tokenEndpoint");
@@ -687,6 +688,7 @@ public class EmailProvider {
boolean askAccount;
String clientId;
String clientSecret;
boolean pcke;
String[] scopes;
String authorizationEndpoint;
String tokenEndpoint;

4
app/src/main/java/eu/faircode/email/FragmentOAuth.java
View File

@@ -55,6 +55,7 @@ import net.openid.appauth.AuthorizationService;
import net.openid.appauth.AuthorizationServiceConfiguration;
import net.openid.appauth.ClientAuthentication;
import net.openid.appauth.ClientSecretPost;
import net.openid.appauth.CodeVerifierUtil;
import net.openid.appauth.NoClientAuthentication;
import net.openid.appauth.ResponseTypeValues;
import net.openid.appauth.TokenResponse;
@@ -282,6 +283,9 @@ public class FragmentOAuth extends FragmentBase {
if (askAccount)
authRequestBuilder.setLoginHint(etEmail.getText().toString().trim());
if (provider.oauth.pcke)
authRequestBuilder.setCodeVerifier(CodeVerifierUtil.generateRandomCodeVerifier());
// For offline access
if ("gmail".equals(provider.id))
authRequestBuilder.setPrompt("consent");