more robust switch actions in pgp settings (#3148)

* more robust switch actions in pgp settings

* Update app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt

Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Signed-off-by: agrahn <agrahn@users.noreply.github.com>

* Update app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt

Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Signed-off-by: agrahn <agrahn@users.noreply.github.com>

* Update app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt

Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Signed-off-by: agrahn <agrahn@users.noreply.github.com>

* formatting fixed (ktfmtFormat)

---------

Signed-off-by: agrahn <agrahn@users.noreply.github.com>
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
This commit is contained in:
agrahn 2024-08-04 18:45:09 +02:00 committed by GitHub
parent 6fcee50f92
commit 17a8bbc3b8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 58 additions and 27 deletions

View file

@ -17,7 +17,6 @@ import app.passwordstore.util.extensions.sharedPrefs
import app.passwordstore.util.features.Feature import app.passwordstore.util.features.Feature
import app.passwordstore.util.settings.PreferenceKeys import app.passwordstore.util.settings.PreferenceKeys
import de.Maxr1998.modernpreferences.PreferenceScreen import de.Maxr1998.modernpreferences.PreferenceScreen
import de.Maxr1998.modernpreferences.helpers.onCheckedChange
import de.Maxr1998.modernpreferences.helpers.onClick import de.Maxr1998.modernpreferences.helpers.onClick
import de.Maxr1998.modernpreferences.helpers.pref import de.Maxr1998.modernpreferences.helpers.pref
import de.Maxr1998.modernpreferences.helpers.switch import de.Maxr1998.modernpreferences.helpers.switch
@ -47,27 +46,45 @@ class PGPSettings(
titleRes = R.string.pref_passphrase_cache_title titleRes = R.string.pref_passphrase_cache_title
summaryRes = R.string.pref_passphrase_cache_summary summaryRes = R.string.pref_passphrase_cache_summary
defaultValue = false defaultValue = false
onCheckedChange { checked -> onClick {
if (checked) {
if (BiometricAuthenticator.canAuthenticate(activity)) { if (BiometricAuthenticator.canAuthenticate(activity)) {
BiometricAuthenticator.authenticate( val promptTitle =
activity, if (checked) R.string.pref_passphrase_cache_authenticate_enable
R.string.pref_passphrase_cache_authenticate_enable, else R.string.pref_passphrase_cache_authenticate_disable
) {
if (!(it is BiometricAuthenticator.Result.Success)) BiometricAuthenticator.authenticate(activity, promptTitle) { result ->
when (result) {
is BiometricAuthenticator.Result.Success -> {
/* Any successful change of this setting clears the passphrase
* cache for safety */
activity.lifecycleScope.launch {
passphraseCache.clearAllCachedPassphrases(activity)
}
activity.sharedPrefs.edit { activity.sharedPrefs.edit {
putBoolean(Feature.EnablePGPPassphraseCache.configKey, false) putBoolean(Feature.EnablePGPPassphraseCache.configKey, checked)
if (!checked) remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE)
} }
} }
} else is BiometricAuthenticator.Result.Retry -> {}
else -> {
/* revert back to previous state in case of error or cancellation */
checked = !checked
activity.sharedPrefs.edit { activity.sharedPrefs.edit {
putBoolean(Feature.EnablePGPPassphraseCache.configKey, false) putBoolean(Feature.EnablePGPPassphraseCache.configKey, checked)
}
}
}
} }
} else { } else {
activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) } /* we may get here if device lock has been disabled while PGP settings
activity.lifecycleScope.launch { passphraseCache.clearAllCachedPassphrases(activity) } * screen was left open */
checked = false
enabled = false
activity.sharedPrefs.edit {
putBoolean(Feature.EnablePGPPassphraseCache.configKey, false)
} }
true }
false
} }
} }
switch(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) { switch(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) {
@ -81,26 +98,39 @@ class PGPSettings(
* authentication, otherwise the app crashes. Thus, the bad user could still bypass cache * authentication, otherwise the app crashes. Thus, the bad user could still bypass cache
* clearing by dismissing the auhentication dialog. To prevent this, we enforce cache * clearing by dismissing the auhentication dialog. To prevent this, we enforce cache
* clearing to stay enabled in case of any authentication failure. */ * clearing to stay enabled in case of any authentication failure. */
onCheckedChange { checked -> onClick {
if (!checked) { if (!checked) {
if (BiometricAuthenticator.canAuthenticate(activity)) { if (
BiometricAuthenticator.canAuthenticate(activity) &&
activity.sharedPrefs.getBoolean(Feature.EnablePGPPassphraseCache.configKey, false)
) {
BiometricAuthenticator.authenticate( BiometricAuthenticator.authenticate(
activity, activity,
R.string.pref_passphrase_cache_auto_clear_authenticate_disable, R.string.pref_passphrase_cache_auto_clear_authenticate_disable,
) { ) { result ->
if (it is BiometricAuthenticator.Result.Success) { when (result) {
is BiometricAuthenticator.Result.Success -> {
activity.sharedPrefs.edit {
putBoolean(PreferenceKeys.CLEAR_PASSPHRASE_CACHE, false)
}
activity.lifecycleScope.launch { activity.lifecycleScope.launch {
passphraseCache.clearAllCachedPassphrases(activity) passphraseCache.clearAllCachedPassphrases(activity)
} }
} else { }
is BiometricAuthenticator.Result.Retry -> {}
else -> {
activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) } activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) }
checked = true
}
} }
} }
} else { } else {
activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) } activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) }
checked = true
enabled = false
} }
} }
true false
} }
} }
} }

View file

@ -138,6 +138,7 @@
<string name="pref_passphrase_cache_title">Enable passphrase caching</string> <string name="pref_passphrase_cache_title">Enable passphrase caching</string>
<string name="pref_passphrase_cache_summary">WARNING: this feature is functional but very experimental. Requires an active screen lock.</string> <string name="pref_passphrase_cache_summary">WARNING: this feature is functional but very experimental. Requires an active screen lock.</string>
<string name="pref_passphrase_cache_authenticate_enable">Authenticate to enable cache</string> <string name="pref_passphrase_cache_authenticate_enable">Authenticate to enable cache</string>
<string name="pref_passphrase_cache_authenticate_disable">Authenticate to disable cache</string>
<string name="pref_passphrase_cache_auto_clear_authenticate_disable">Authenticate to disable cache clearing</string> <string name="pref_passphrase_cache_auto_clear_authenticate_disable">Authenticate to disable cache clearing</string>
<string name="pref_passphrase_cache_auto_clear_title">Automatically clear passphrase cache</string> <string name="pref_passphrase_cache_auto_clear_title">Automatically clear passphrase cache</string>
<string name="pref_passphrase_cache_auto_clear_summary">Clears the passphrase cache when the screen is turned off</string> <string name="pref_passphrase_cache_auto_clear_summary">Clears the passphrase cache when the screen is turned off</string>