react-native-security-suite 0.6.5 → 0.6.7

package/android/src/main/java/com/securitysuite/internal/support/FormatUtils.kt

@@ -0,0 +1,117 @@
+package com.securitysuite.internal.support
+
+import com.securitysuite.internal.data.entity.HttpHeader
+import com.google.gson.JsonParseException
+import com.google.gson.JsonParser
+import org.w3c.dom.Document
+import org.xml.sax.InputSource
+import org.xml.sax.SAXParseException
+import java.io.ByteArrayInputStream
+import java.io.IOException
+import java.io.StringWriter
+import java.io.UnsupportedEncodingException
+import java.net.URLDecoder
+import java.nio.charset.Charset
+import java.util.Locale
+import javax.xml.XMLConstants
+import javax.xml.parsers.DocumentBuilder
+import javax.xml.parsers.DocumentBuilderFactory
+import javax.xml.transform.OutputKeys
+import javax.xml.transform.TransformerException
+import javax.xml.transform.TransformerFactory
+import javax.xml.transform.dom.DOMSource
+import javax.xml.transform.stream.StreamResult
+import kotlin.math.ln
+import kotlin.math.pow
+
+internal object FormatUtils {
+    private const val SI_MULTIPLE = 1000
+    private const val BASE_TWO_MULTIPLE = 1024
+
+    fun formatHeaders(
+        httpHeaders: List<HttpHeader>?,
+        withMarkup: Boolean,
+    ): String {
+        return httpHeaders?.joinToString(separator = "") { header ->
+            if (withMarkup) {
+                "<b> ${header.name}: </b>${header.value} <br />"
+            } else {
+                "${header.name}: ${header.value}\n"
+            }
+        } ?: ""
+    }
+
+    fun formatByteCount(
+        bytes: Long,
+        si: Boolean,
+    ): String {
+        val unit = if (si) SI_MULTIPLE else BASE_TWO_MULTIPLE
+
+        if (bytes < unit) {
+            return "$bytes B"
+        }
+
+        val exp = (ln(bytes.toDouble()) / ln(unit.toDouble())).toInt()
+        val pre = (if (si) "kMGTPE" else "KMGTPE")[exp - 1] + if (si) "" else "i"
+
+        return String.format(Locale.US, "%.1f %sB", bytes / unit.toDouble().pow(exp.toDouble()), pre)
+    }
+
+    fun formatJson(json: String): String {
+        return try {
+            val je = JsonParser.parseString(json)
+            JsonConverter.instance.toJson(je)
+        } catch (e: JsonParseException) {
+            json
+        }
+    }
+
+    fun formatXml(xml: String): String {
+        return try {
+            val documentFactory: DocumentBuilderFactory = DocumentBuilderFactory.newInstance()
+            // This flag is required for security reasons
+            documentFactory.isExpandEntityReferences = false
+
+            val documentBuilder: DocumentBuilder = documentFactory.newDocumentBuilder()
+            val inputSource = InputSource(ByteArrayInputStream(xml.toByteArray(Charset.defaultCharset())))
+            val document: Document = documentBuilder.parse(inputSource)
+
+            val domSource = DOMSource(document)
+            val writer = StringWriter()
+            val result = StreamResult(writer)
+
+            TransformerFactory.newInstance().apply {
+                setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true)
+            }.newTransformer().apply {
+                setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "2")
+                setOutputProperty(OutputKeys.INDENT, "yes")
+                transform(domSource, result)
+            }
+            writer.toString()
+        } catch (ignore: SAXParseException) {
+            xml
+        } catch (ignore: IOException) {
+            xml
+        } catch (ignore: TransformerException) {
+            xml
+        }
+    }
+
+    fun formatUrlEncodedForm(form: String): String {
+        return try {
+            if (form.isBlank()) {
+                return form
+            }
+            form.split("&").joinToString(separator = "\n") { entry ->
+                val keyValue = entry.split("=")
+                val key = keyValue[0]
+                val value = if (keyValue.size > 1) URLDecoder.decode(keyValue[1], "UTF-8") else ""
+                "$key: $value"
+            }
+        } catch (ignore: IllegalArgumentException) {
+            form
+        } catch (ignore: UnsupportedEncodingException) {
+            form
+        }
+    }
+}

package/android/src/main/java/com/securitysuite/internal/support/FormattedUrl.kt

@@ -0,0 +1,76 @@
+package com.securitysuite.internal.support
+
+import okhttp3.HttpUrl
+
+internal class FormattedUrl private constructor(
+    val scheme: String,
+    val host: String,
+    val port: Int,
+    val path: String,
+    val query: String,
+) {
+    val pathWithQuery: String
+        get() =
+            if (query.isBlank()) {
+                path
+            } else {
+                "$path?$query"
+            }
+
+    val url: String
+        get() {
+            return if (shouldShowPort()) {
+                "$scheme://$host:$port$pathWithQuery"
+            } else {
+                "$scheme://$host$pathWithQuery"
+            }
+        }
+
+    private fun shouldShowPort(): Boolean {
+        if (scheme == "https" && port == HTTPS_PORT) {
+            return false
+        }
+        if (scheme == "http" && port == HTTP_PORT) {
+            return false
+        }
+        return true
+    }
+
+    companion object {
+        private const val HTTPS_PORT = 443
+        private const val HTTP_PORT = 80
+
+        fun fromHttpUrl(
+            httpUrl: HttpUrl,
+            encoded: Boolean,
+        ): FormattedUrl {
+            return if (encoded) {
+                encodedUrl(httpUrl)
+            } else {
+                decodedUrl(httpUrl)
+            }
+        }
+
+        private fun encodedUrl(httpUrl: HttpUrl): FormattedUrl {
+            val path = httpUrl.encodedPathSegments.joinToString("/")
+            return FormattedUrl(
+                httpUrl.scheme,
+                httpUrl.host,
+                httpUrl.port,
+                if (path.isNotBlank()) "/$path" else "",
+                httpUrl.encodedQuery.orEmpty(),
+            )
+        }
+
+        private fun decodedUrl(httpUrl: HttpUrl): FormattedUrl {
+            val path = httpUrl.pathSegments.joinToString("/")
+            return FormattedUrl(
+                httpUrl.scheme,
+                httpUrl.host,
+                httpUrl.port,
+                if (path.isNotBlank()) "/$path" else "",
+                httpUrl.query.orEmpty(),
+            )
+        }
+    }
+}

package/android/src/main/java/com/securitysuite/internal/support/HarUtils.kt

@@ -0,0 +1,28 @@
+package com.securitysuite.internal.support
+
+import com.securitysuite.internal.data.entity.HttpTransaction
+import com.securitysuite.internal.data.har.Har
+import com.securitysuite.internal.data.har.log.Creator
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.withContext
+
+// http://www.softwareishard.com/blog/har-12-spec/
+// https://github.com/ahmadnassri/har-spec/blob/master/versions/1.2.md
+internal object HarUtils {
+    suspend fun harStringFromTransactions(
+        transactions: List<HttpTransaction>,
+        name: String,
+        version: String,
+    ): String =
+        withContext(Dispatchers.Default) {
+            JsonConverter.nonNullSerializerInstance
+                .toJson(fromHttpTransactions(transactions, Creator(name, version)))
+        }
+
+    internal fun fromHttpTransactions(
+        transactions: List<HttpTransaction>,
+        creator: Creator,
+    ): Har {
+        return Har(transactions, creator)
+    }
+}

package/android/src/main/java/com/securitysuite/internal/support/HttpUrlUtils.kt

@@ -0,0 +1,11 @@
+package com.securitysuite.internal.support
+
+import okhttp3.HttpUrl
+
+private const val PATH_SEGMENTS_DELIMITER = "/"
+
+public fun HttpUrl.Builder.addNonBlankPathSegments(candidatePath: String): HttpUrl.Builder =
+    apply {
+        candidatePath.split(PATH_SEGMENTS_DELIMITER).filter { it.isNotBlank() }
+            .forEach { item -> addPathSegment(item) }
+    }

package/android/src/main/java/com/securitysuite/internal/support/JsonConverter.kt

@@ -0,0 +1,19 @@
+package com.securitysuite.internal.support
+
+import com.google.gson.Gson
+import com.google.gson.GsonBuilder
+
+internal object JsonConverter {
+    val nonNullSerializerInstance: Gson by lazy {
+        GsonBuilder()
+            .disableHtmlEscaping()
+            .setPrettyPrinting()
+            .create()
+    }
+
+    val instance: Gson by lazy {
+        nonNullSerializerInstance.newBuilder()
+            .serializeNulls()
+            .create()
+    }
+}

package/android/src/main/java/com/securitysuite/internal/support/LimitingSource.kt

@@ -0,0 +1,22 @@
+package com.securitysuite.internal.support
+
+import okio.Buffer
+import okio.ForwardingSource
+import okio.Source
+
+internal class LimitingSource(
+    delegate: Source,
+    private val bytesCountThreshold: Long,
+) : ForwardingSource(delegate) {
+    private var bytesRead = 0L
+    val isThresholdReached get() = bytesRead >= bytesCountThreshold
+
+    override fun read(
+        sink: Buffer,
+        byteCount: Long,
+    ) = if (!isThresholdReached) {
+        super.read(sink, byteCount).also { bytesRead += it }
+    } else {
+        -1L
+    }
+}

package/android/src/main/java/com/securitysuite/internal/support/LiveDataUtils.kt

@@ -0,0 +1,68 @@
+package com.securitysuite.internal.support
+
+import android.annotation.SuppressLint
+import androidx.arch.core.executor.ArchTaskExecutor
+import androidx.lifecycle.LiveData
+import androidx.lifecycle.MediatorLiveData
+import java.util.concurrent.Executor
+
+internal fun <T1, T2, R> LiveData<T1>.combineLatest(
+    other: LiveData<T2>,
+    func: (T1, T2) -> R,
+): LiveData<R> {
+    return MediatorLiveData<R>().apply {
+        var lastA: T1? = null
+        var lastB: T2? = null
+
+        addSource(this@combineLatest) {
+            lastA = it
+            val observedB = lastB
+            if (it == null && value != null) {
+                value = null
+            } else if (it != null && observedB != null) {
+                value = func(it, observedB)
+            }
+        }
+
+        addSource(other) {
+            lastB = it
+            val observedA = lastA
+            if (it == null && value != null) {
+                value = null
+            } else if (observedA != null && it != null) {
+                value = func(observedA, it)
+            }
+        }
+    }
+}
+
+internal fun <T1, T2> LiveData<T1>.combineLatest(other: LiveData<T2>): LiveData<Pair<T1, T2>> {
+    return combineLatest(other) { a, b -> a to b }
+}
+
+// Unlike built-in extension operation is performed on a provided thread pool.
+// This is needed in our case since we compare requests and responses which can be big
+// and result in frame drops.
+internal fun <T> LiveData<T>.distinctUntilChanged(
+    executor: Executor = ioExecutor(),
+    areEqual: (old: T, new: T) -> Boolean = { old, new -> old == new },
+): LiveData<T> {
+    val distinctMediator = MediatorLiveData<T>()
+    var old = uninitializedToken
+    distinctMediator.addSource(this) { new ->
+        executor.execute {
+            @Suppress("UNCHECKED_CAST")
+            if (old === uninitializedToken || !areEqual(old as T, new)) {
+                old = new
+                distinctMediator.postValue(new)
+            }
+        }
+    }
+    return distinctMediator
+}
+
+private val uninitializedToken: Any? = Any()
+
+// It is lesser evil than providing a custom executor.
+@SuppressLint("RestrictedApi")
+private fun ioExecutor() = ArchTaskExecutor.getIOThreadExecutor()

package/android/src/main/java/com/securitysuite/internal/support/Logger.kt

@@ -0,0 +1,43 @@
+package com.securitysuite.internal.support
+
+import com.securitysuite.api.Chucker
+
+internal interface Logger {
+    fun info(
+        message: String,
+        throwable: Throwable? = null,
+    )
+
+    fun warn(
+        message: String,
+        throwable: Throwable? = null,
+    )
+
+    fun error(
+        message: String,
+        throwable: Throwable? = null,
+    )
+
+    companion object : Logger {
+        override fun info(
+            message: String,
+            throwable: Throwable?,
+        ) {
+            Chucker.logger.info(message, throwable)
+        }
+
+        override fun warn(
+            message: String,
+            throwable: Throwable?,
+        ) {
+            Chucker.logger.warn(message, throwable)
+        }
+
+        override fun error(
+            message: String,
+            throwable: Throwable?,
+        ) {
+            Chucker.logger.error(message, throwable)
+        }
+    }
+}

package/android/src/main/java/com/securitysuite/internal/support/NotificationHelper.kt

@@ -0,0 +1,149 @@
+package com.securitysuite.internal.support
+
+import android.app.NotificationChannel
+import android.app.NotificationManager
+import android.app.PendingIntent
+import android.content.Context
+import android.content.Intent
+import android.os.Build
+import android.util.LongSparseArray
+import androidx.core.app.NotificationCompat
+import androidx.core.content.ContextCompat
+import com.securitysuite.R
+import com.securitysuite.api.Chucker
+import com.securitysuite.internal.data.entity.HttpTransaction
+import com.securitysuite.internal.ui.BaseChuckerActivity
+import java.util.HashSet
+
+internal class NotificationHelper(val context: Context) {
+    companion object {
+        private const val TRANSACTIONS_CHANNEL_ID = "chucker_transactions"
+
+        private const val TRANSACTION_NOTIFICATION_ID = 1138
+
+        private const val BUFFER_SIZE = 10
+        private const val INTENT_REQUEST_CODE = 11
+        private val transactionBuffer = LongSparseArray<HttpTransaction>()
+        private val transactionIdsSet = HashSet<Long>()
+
+        fun clearBuffer() {
+            synchronized(transactionBuffer) {
+                transactionBuffer.clear()
+                transactionIdsSet.clear()
+            }
+        }
+    }
+
+    private val notificationManager: NotificationManager =
+        context.getSystemService(Context.NOTIFICATION_SERVICE) as NotificationManager
+
+    private val transactionsScreenIntent by lazy {
+        PendingIntent.getActivity(
+            context,
+            TRANSACTION_NOTIFICATION_ID,
+            Chucker.getLaunchIntent(context),
+            PendingIntent.FLAG_UPDATE_CURRENT or immutableFlag(),
+        )
+    }
+
+    init {
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
+            val transactionsChannel =
+                NotificationChannel(
+                    TRANSACTIONS_CHANNEL_ID,
+                    context.getString(R.string.chucker_network_notification_category),
+                    NotificationManager.IMPORTANCE_LOW,
+                )
+            notificationManager.createNotificationChannels(listOf(transactionsChannel))
+        }
+    }
+
+    private fun addToBuffer(transaction: HttpTransaction) {
+        if (transaction.id == 0L) {
+            // Don't store Transactions with an invalid ID (0).
+            // Transaction with an Invalid ID will be shown twice in the notification
+            // with both the invalid and the valid ID and we want to avoid this.
+            return
+        }
+        synchronized(transactionBuffer) {
+            transactionIdsSet.add(transaction.id)
+            transactionBuffer.put(transaction.id, transaction)
+            if (transactionBuffer.size() > BUFFER_SIZE) {
+                transactionBuffer.removeAt(0)
+            }
+        }
+    }
+
+    private fun canShowNotifications(): Boolean {
+        return if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
+            notificationManager.areNotificationsEnabled()
+        } else {
+            true
+        }
+    }
+
+    fun show(transaction: HttpTransaction) {
+        addToBuffer(transaction)
+        if (!BaseChuckerActivity.isInForeground && canShowNotifications()) {
+            val builder =
+                NotificationCompat.Builder(context, TRANSACTIONS_CHANNEL_ID)
+                    .setContentIntent(transactionsScreenIntent)
+                    .setLocalOnly(true)
+                    .setSmallIcon(R.drawable.chucker_ic_transaction_notification)
+                    .setColor(ContextCompat.getColor(context, R.color.chucker_color_primary))
+                    .setContentTitle(context.getString(R.string.chucker_http_notification_title))
+                    .setAutoCancel(true)
+                    .addAction(createClearAction())
+            val inboxStyle = NotificationCompat.InboxStyle()
+            synchronized(transactionBuffer) {
+                var count = 0
+                for (i in transactionBuffer.size() - 1 downTo 0) {
+                    val bufferedTransaction = transactionBuffer.valueAt(i)
+                    if ((bufferedTransaction != null) && count < BUFFER_SIZE) {
+                        if (count == 0) {
+                            builder.setContentText(bufferedTransaction.notificationText)
+                        }
+                        inboxStyle.addLine(bufferedTransaction.notificationText)
+                    }
+                    count++
+                }
+                builder.setStyle(inboxStyle)
+                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
+                    builder.setSubText(transactionIdsSet.size.toString())
+                } else {
+                    builder.setNumber(transactionIdsSet.size)
+                }
+            }
+            notificationManager.notify(TRANSACTION_NOTIFICATION_ID, builder.build())
+        }
+    }
+
+    private fun createClearAction(): NotificationCompat.Action {
+        val clearTitle = context.getString(R.string.chucker_clear)
+        val clearTransactionsBroadcastIntent =
+            Intent(context, ClearDatabaseJobIntentServiceReceiver::class.java)
+        val pendingBroadcastIntent =
+            PendingIntent.getBroadcast(
+                context,
+                INTENT_REQUEST_CODE,
+                clearTransactionsBroadcastIntent,
+                PendingIntent.FLAG_ONE_SHOT or immutableFlag(),
+            )
+        return NotificationCompat.Action(
+            R.drawable.chucker_ic_delete_white,
+            clearTitle,
+            pendingBroadcastIntent,
+        )
+    }
+
+    fun dismissNotifications() {
+        notificationManager.cancel(TRANSACTION_NOTIFICATION_ID)
+    }
+
+    private fun immutableFlag() =
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+            PendingIntent.FLAG_IMMUTABLE
+        } else {
+            0
+        }
+}

package/android/src/main/java/com/securitysuite/internal/support/OkHttpUtils.kt

@@ -0,0 +1,86 @@
+package com.securitysuite.internal.support
+
+import okhttp3.Headers
+import okhttp3.Response
+import okio.Source
+import okio.buffer
+import okio.gzip
+import okio.source
+import org.brotli.dec.BrotliInputStream
+import java.net.HttpURLConnection.HTTP_NOT_MODIFIED
+import java.net.HttpURLConnection.HTTP_NO_CONTENT
+import java.net.HttpURLConnection.HTTP_OK
+import java.util.Locale
+
+private const val HTTP_CONTINUE = 100
+
+/** Returns true if the response must have a (possibly 0-length) body. See RFC 7231.  */
+internal fun Response.hasBody(): Boolean {
+    // HEAD requests never yield a body regardless of the response headers.
+    if (request.method == "HEAD") {
+        return false
+    }
+
+    val responseCode = code
+    if ((responseCode < HTTP_CONTINUE || responseCode >= HTTP_OK) &&
+        (responseCode != HTTP_NO_CONTENT) &&
+        (responseCode != HTTP_NOT_MODIFIED)
+    ) {
+        return true
+    }
+
+    // If the Content-Length or Transfer-Encoding headers disagree with the response code, the
+    // response is malformed. For best compatibility, we honor the headers.
+    return ((contentLength > 0) || isChunked)
+}
+
+private val Response.contentLength: Long
+    get() {
+        return this.header("Content-Length")?.toLongOrNull() ?: -1L
+    }
+
+internal val Response.isChunked: Boolean
+    get() {
+        return this.header("Transfer-Encoding").equals("chunked", ignoreCase = true)
+    }
+
+internal val Response.contentType: String?
+    get() {
+        return this.header("Content-Type")
+    }
+
+private val Headers.containsGzip: Boolean
+    get() {
+        return this["Content-Encoding"].equals("gzip", ignoreCase = true)
+    }
+
+private val Headers.containsBrotli: Boolean
+    get() {
+        return this["Content-Encoding"].equals("br", ignoreCase = true)
+    }
+
+private val supportedEncodings = listOf("identity", "gzip", "br")
+
+internal val Headers.hasSupportedContentEncoding: Boolean
+    get() =
+        get("Content-Encoding")
+            ?.takeIf { it.isNotEmpty() }
+            ?.let { it.lowercase(Locale.ROOT) in supportedEncodings }
+            ?: true
+
+internal fun Source.uncompress(headers: Headers) =
+    when {
+        headers.containsGzip -> gzip()
+        headers.containsBrotli -> BrotliInputStream(this.buffer().inputStream()).source()
+        else -> this
+    }
+
+internal fun Headers.redact(names: Iterable<String>): Headers {
+    val builder = newBuilder()
+    for (name in names()) {
+        if (names.any { userHeader -> userHeader.equals(name, ignoreCase = true) }) {
+            builder[name] = "**"
+        }
+    }
+    return builder.build()
+}

package/android/src/main/java/com/securitysuite/internal/support/OkioUtils.kt

@@ -0,0 +1,34 @@
+package com.securitysuite.internal.support
+
+import okio.Buffer
+import okio.ByteString
+import java.io.EOFException
+import kotlin.math.min
+
+private const val MAX_PREFIX_SIZE = 64L
+private const val CODE_POINT_SIZE = 16
+
+/**
+ * Returns true if the [Buffer] contains human readable text. Uses a small sample
+ * of code points to detect unicode control characters commonly used in binary file signatures.
+ */
+internal val Buffer.isProbablyPlainText
+    get() =
+        try {
+            val prefix = Buffer()
+            val byteCount = min(size, MAX_PREFIX_SIZE)
+            copyTo(prefix, 0, byteCount)
+            sequence { while (!prefix.exhausted()) yield(prefix.readUtf8CodePoint()) }
+                .take(CODE_POINT_SIZE)
+                .all { codePoint -> codePoint.isPlainTextChar() }
+        } catch (_: EOFException) {
+            false // Truncated UTF-8 sequence
+        }
+
+internal val ByteString.isProbablyPlainText: Boolean
+    get() {
+        val byteCount = min(size, MAX_PREFIX_SIZE.toInt())
+        return Buffer().write(this, offset = 0, byteCount).isProbablyPlainText
+    }
+
+private fun Int.isPlainTextChar() = Character.isWhitespace(this) || !Character.isISOControl(this)

package/android/src/main/java/com/securitysuite/internal/support/PlainTextDecoder.kt

@@ -0,0 +1,30 @@
+package com.securitysuite.internal.support
+
+import com.securitysuite.api.BodyDecoder
+import okhttp3.Headers
+import okhttp3.MediaType
+import okhttp3.Request
+import okhttp3.Response
+import okio.ByteString
+import kotlin.text.Charsets.UTF_8
+
+internal object PlainTextDecoder : BodyDecoder {
+    override fun decodeRequest(
+        request: Request,
+        body: ByteString,
+    ) = body.tryDecodeAsPlainText(request.headers, request.body?.contentType())
+
+    override fun decodeResponse(
+        response: Response,
+        body: ByteString,
+    ) = body.tryDecodeAsPlainText(response.headers, response.body?.contentType())
+
+    private fun ByteString.tryDecodeAsPlainText(
+        headers: Headers,
+        contentType: MediaType?,
+    ) = if (headers.hasSupportedContentEncoding && isProbablyPlainText) {
+        string(contentType?.charset() ?: UTF_8)
+    } else {
+        null
+    }
+}