* Improve Autofill UI and enable inline presentations
Improves the Autofill UI in the following ways:
* Add support for Android 11 inline presentations of Autofill datasets.
* Instead of showing the identifier (app name or web origin) of the
current app on top of every Autofill dataset, it is now shown 1) as a
header dataset on Android 9 and 10 as well as 2) at the top of the
search activity on all supported versions of Android. Rationale: The
identifier is only used in trust decisions when choosing an existing
entry to fill and should feature prominently in that view, not
elsewhere.
* Show the actual identifier part of a matched entry's path, which may
differ from the identifier of the matched app/website.
* Slightly tweak the labels of Search/Generate Autofill actions to
indicate that a) this is about entries and b) the user may skip the
generation of a password and supply a custom one as well.
* Suppress lint error
* Address review comments
* Add a fixme about properly handling fill-in datasets
* CHANGELOG: add entry for inline presentation
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Remove unused parameter
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
* release:
build: bump version
CHANGELOG: add entries for #1142 and #1131
Temporarily work around SSHJ compatibility issues (#1142)
all: refactor ActivityResultContracts usages to adhere to API requirements
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
Using ECDSA either as a key exchange or a host key algorithm fails with
SSHJ 0.30.0 on Android, but should again become possible in 0.31.0.
While we wait for the release, demote ECDSA in the list of key
algorithms (as it should still be available for public key auth) and
remove it from the list of key exchange algorithms.
(cherry picked from commit 0d2788ab54)
The newest versions of AndroidX Activity and Fragments correctly enforce the
requirement for all contracts to be registered at class init or before
the lifecycle has reached `Lifecycle.State.STARTED`. To comply with these requirements,
move all instances of `registerForActivityResult` being called at arbitrary points
in the code to be done at class init.
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
(cherry picked from commit cf03c55478)
Using ECDSA either as a key exchange or a host key algorithm fails with
SSHJ 0.30.0 on Android, but should again become possible in 0.31.0.
While we wait for the release, demote ECDSA in the list of key
algorithms (as it should still be available for public key auth) and
remove it from the list of key exchange algorithms.
If Autofill shows a warning about an app whose publisher changed and the
user decides to trust the app and clear previous matches, they should
immediately be given the option to select a new match.
Previously, as AutofillPublisherChangedActivity did not return a
result, the old FillResponse with just a warning would be reused. We
now pass a useful response with no matches on to the activity, which
returns it after the user has chosen to reset the publisher info.
The newest versions of AndroidX Activity and Fragments correctly enforce the
requirement for all contracts to be registered at class init or before
the lifecycle has reached `Lifecycle.State.STARTED`. To comply with these requirements,
move all instances of `registerForActivityResult` being called at arbitrary points
in the code to be done at class init.
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* BaseGitActivity: unwrap root cause for InvalidRemoteException as well
JGit's InvalidRemoteException, like TransportException, swallows more
useful errors as is clear from this (redacted) snippet.
```
D org.eclipse.jgit.api.errors.InvalidRemoteException: Invalid remote: origin
D at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:26)
D at org.eclipse.jgit.api.PullCommand.call(PullCommand.java:41)
D at com.zeapo.pwdstore.git.GitCommandExecutor$execute$2$result$1.invokeSuspend(GitCommandExecutor.kt:2)
D at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:3)
D at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:15)
D at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:1)
D at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:13)
D Caused by: org.eclipse.jgit.errors.NoRemoteRepositoryException: ssh://msfjarvis@[fe80::dead:beef]:22/pass-repo: fatal: '/pass-repo'
does not appear to be a git repository
D at org.eclipse.jgit.transport.TransportGitSsh.cleanNotFound(TransportGitSsh.java:14)
D at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:20)
D at org.eclipse.jgit.transport.TransportGitSsh.openFetch(TransportGitSsh.java:1)
D at org.eclipse.jgit.transport.FetchProcess.executeImp(FetchProcess.java:1)
D at org.eclipse.jgit.transport.Transport.fetch(Transport.java:20)
D at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:18)
```
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Add changelog entry
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Ensure we're creating dialogs on the main thread
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Remove unused operation type
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Refactor launchGitOperation to use an enum
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* OnboardingActivity: fix directory change option
Add an else clause to cover the case when storage permission is granted already
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* all: rename permission grant method
The new name is a bit more explicit about its purpose
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* UserPreference: add static method for external directory selection intent
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* DecryptActivity: properly calculate remaining OTP time on first pass
We default to 30 seconds for each recalculation but the first run might not have 30 seconds left in its period, making the value stale much earlier. While most websites offer another 30 seconds of validity for TOTP codes, many do not, thus making it hard to enter a correct OTP
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Update changelog
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Double check Git server protocol
Ensure that the Git server protocol is not at odds with the URL scheme.
Also move the Protocol switches below the URL to make it clear that the
URL should be entered first.
* Remove protocol selection from server config
The protocol is now extracted from the URL, and the authentication mode selection is validated by GitSettings
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Don't use pref values for auth modes
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Apply suggestions from code review
Remove now unused protocol mismatch result type
Co-authored-by: Fabian Henneke <FabianHenneke@users.noreply.github.com>
* Simplify migration logic and fix tests
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Revert "Simplify migration logic and fix tests"
This reverts commit 1c4c4ba5fbc212843cb6b74dd29ac858eaea7582.
* Detect URLs with null scheme as ssh
* Add changelog entry
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Co-authored-by: Harsh Shandilya <msfjarvis@gmail.com>
* release:
build: bump version
Add changelog entry for HTTPS authentication
Return HTTPS URI username from CredentialsProvider (#1049)
Prevent racing double commits on password creation (#1047)
Prepare release 1.11.2
Let the PasswordFinderCredentialsProvider support Username as a
CredentialItem type and return the user part of the repository URI when
it is requested.
(cherry picked from commit 679037b81d)
Let the PasswordFinderCredentialsProvider support Username as a
CredentialItem type and return the user part of the repository URI when
it is requested.
* Update sshj to 0.30.0 and improve algorithm order
Updates sshj to 0.30.0, which brings support for rsa-sha2-* key types
and bugfixes related to RSA certificates and Android Keystore backed
keys.
Along the way, this improves the algorithm preferences to be consistent
with the Mozilla Intermediate SSH configuration (as far as possible,
given that most certificate types and some encryption algorithms are
not yet supported).
We also add "ext-info-c" to the kex algorithm proposal to work around
certain kinds of "user agent sniffing" that limits the support of
rsa-sha2-* key types.
* Add SSHJ backend for OpenKeychain authentication
* Address review comments
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
* Update sshj to 0.30.0 and improve algorithm order
Updates sshj to 0.30.0, which brings support for rsa-sha2-* key types
and bugfixes related to RSA certificates and Android Keystore backed
keys.
Along the way, this improves the algorithm preferences to be consistent
with the Mozilla Intermediate SSH configuration (as far as possible,
given that most certificate types and some encryption algorithms are
not yet supported).
We also add "ext-info-c" to the kex algorithm proposal to work around
certain kinds of "user agent sniffing" that limits the support of
rsa-sha2-* key types.
* Preserve SSH key passphrase on connection errors
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Updates sshj to 0.30.0, which brings support for rsa-sha2-* key types
and bugfixes related to RSA certificates and Android Keystore backed
keys.
Along the way, this improves the algorithm preferences to be consistent
with the Mozilla Intermediate SSH configuration (as far as possible,
given that most certificate types and some encryption algorithms are
not yet supported).
We also add "ext-info-c" to the kex algorithm proposal to work around
certain kinds of "user agent sniffing" that limits the support of
rsa-sha2-* key types.
* - XkPasswordGeneratorDialogFragment: add symbol/number mask to allow appending numbers+symbols via a mask such as `ddds` which would generate random.password123!; position of `d` and `s` is not currently considered; only the count is relevant
* - update CHANGELOG.md
* - update CHANGELOG.md
* - rename constants
* Update CHANGELOG.md
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
* - add missing marginTop
* - add missing marginTop
Co-authored-by: null <null>
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Co-authored-by: glowinthedark <glowinthedark>
Co-authored-by: Harsh Shandilya <msfjarvis@gmail.com>
* build: update to Kotlin 1.4
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* UserPreference: finish if directory selection was triggered from an intent
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* PasswordStore: switch permission request to ActivityResultContracts
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* PasswordStore: fix activity reference
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* GitOperationActivity: make invalid values more obvious
Would have caught this issue much sooner if I had just done this
Fixes: 3d8cea5966 ("Improve permission handling logic (#732)")
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Assorted collection of hackery to make external storage use palatable
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Update changelog
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Add symlink support to JGit (#1016)
* Add symlink support to JGit
* Fix a typo
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
* Prevent crash when following a broken symlink
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>