Exemple #1
0
        /// <summary>
        /// Traverse AssistStructure and add ViewNode metadata to a flat list.
        /// </summary>
        /// <returns>The parse.</returns>
        /// <param name="forFill">If set to <c>true</c> for fill.</param>
        /// <param name="isManualRequest"></param>
        string Parse(bool forFill, bool isManualRequest)
        {
            CommonUtil.logd("Parsing structure for " + Structure.ActivityComponent);
            var nodes = Structure.WindowNodeCount;

            ClientFormData = new FilledAutofillFieldCollection();
            String webDomain = null;

            _editTextsWithoutHint.Clear();

            for (int i = 0; i < nodes; i++)
            {
                var node = Structure.GetWindowNodeAt(i);
                var view = node.RootViewNode;
                ParseLocked(forFill, isManualRequest, view, ref webDomain);
            }



            List <AssistStructure.ViewNode> passwordFields = new List <AssistStructure.ViewNode>();
            List <AssistStructure.ViewNode> usernameFields = new List <AssistStructure.ViewNode>();

            if (AutofillFields.Empty)
            {
                passwordFields = _editTextsWithoutHint.Where(IsPassword).ToList();
                if (!passwordFields.Any())
                {
                    passwordFields = _editTextsWithoutHint.Where(HasPasswordHint).ToList();
                }

                foreach (var passwordField in passwordFields)
                {
                    var usernameField = _editTextsWithoutHint.TakeWhile(f => f.AutofillId != passwordField.AutofillId).LastOrDefault();
                    if (usernameField != null)
                    {
                        usernameFields.Add(usernameField);
                    }
                }
                //for some pages with two-step login, we don't see a password field and don't display the autofill for non-manual requests. But if the user forces autofill,
                //let's assume it is a username field:
                if (isManualRequest && !passwordFields.Any() && _editTextsWithoutHint.Count == 1)
                {
                    usernameFields.Add(_editTextsWithoutHint.First());
                }
            }

            //force focused fields to be included in autofill fields when request was triggered manually. This allows to fill fields which are "off" or don't have a hint (in case there are hints)
            if (isManualRequest)
            {
                foreach (AssistStructure.ViewNode editText in _editTextsWithoutHint)
                {
                    if (editText.IsFocused)
                    {
                        if (IsPassword(editText) || HasPasswordHint(editText))
                        {
                            passwordFields.Add(editText);
                        }
                        else
                        {
                            usernameFields.Add(editText);
                        }
                        break;
                    }
                }
            }

            if (forFill)
            {
                foreach (var uf in usernameFields)
                {
                    AutofillFields.Add(new AutofillFieldMetadata(uf, new[] { View.AutofillHintUsername }));
                }
                foreach (var pf in passwordFields)
                {
                    AutofillFields.Add(new AutofillFieldMetadata(pf, new[] { View.AutofillHintPassword }));
                }
            }
            else
            {
                foreach (var uf in usernameFields)
                {
                    ClientFormData.Add(new FilledAutofillField(uf, new[] { View.AutofillHintUsername }));
                }
                foreach (var pf in passwordFields)
                {
                    ClientFormData.Add(new FilledAutofillField(pf, new[] { View.AutofillHintPassword }));
                }
            }



            String packageName = Structure.ActivityComponent.PackageName;

            if (!string.IsNullOrEmpty(webDomain))
            {
                bool valid = Kp2aDigitalAssetLinksDataSource.Instance.IsValid(mContext, webDomain, packageName);
                if (!valid)
                {
                    CommonUtil.loge($"DAL verification failed for {packageName}/{webDomain}");
                    webDomain = null;
                }
            }
            if (string.IsNullOrEmpty(webDomain))
            {
                webDomain = "androidapp://" + packageName;
                CommonUtil.logd("no web domain. Using package name.");
            }
            return(webDomain);
        }
Exemple #2
0
        void ParseLocked(bool forFill, bool isManualRequest, AssistStructure.ViewNode viewNode, ref string validWebdomain)
        {
            String webDomain = viewNode.WebDomain;

            if (webDomain != null)
            {
                CommonUtil.logd($"child web domain: {webDomain}");
                if (!string.IsNullOrEmpty(validWebdomain))
                {
                    if (webDomain == validWebdomain)
                    {
                        throw new Java.Lang.SecurityException($"Found multiple web domains: valid= {validWebdomain}, child={webDomain}");
                    }
                }
                else
                {
                    validWebdomain = webDomain;
                }
            }

            string[] viewHints = viewNode.GetAutofillHints();
            if (viewHints != null && viewHints.Length == 1 && viewHints.First() == "off" && viewNode.IsFocused &&
                isManualRequest)
            {
                viewHints[0] = "on";
            }
            CommonUtil.logd("viewHints=" + viewHints);
            CommonUtil.logd("class=" + viewNode.ClassName);
            CommonUtil.logd("tag=" + (viewNode?.HtmlInfo?.Tag ?? "(null)"));
            if (viewNode?.HtmlInfo?.Tag == "input")
            {
                foreach (var p in viewNode.HtmlInfo.Attributes)
                {
                    CommonUtil.logd("attr=" + p.First + "/" + p.Second);
                }
            }
            if (viewHints != null && viewHints.Length > 0 && viewHints.First() != "on" /*if hint is "on", treat as if there is no hint*/)
            {
                if (forFill)
                {
                    AutofillFields.Add(new AutofillFieldMetadata(viewNode));
                }
                else
                {
                    FilledAutofillField filledAutofillField = new FilledAutofillField(viewNode);
                    ClientFormData.Add(filledAutofillField);
                }
            }
            else
            {
                if (viewNode.ClassName == "android.widget.EditText" || viewNode?.HtmlInfo?.Tag == "input")
                {
                    _editTextsWithoutHint.Add(viewNode);
                }
            }
            var childrenSize = viewNode.ChildCount;

            if (childrenSize > 0)
            {
                for (int i = 0; i < childrenSize; i++)
                {
                    ParseLocked(forFill, isManualRequest, viewNode.GetChildAt(i), ref validWebdomain);
                }
            }
        }
        public override void OnFillRequest(FillRequest request, CancellationSignal cancellationSignal, FillCallback callback)
        {
            bool isManual = (request.Flags & FillRequest.FlagManualRequest) != 0;

            CommonUtil.logd("onFillRequest " + (isManual ? "manual" : "auto"));
            var structure = request.FillContexts.Last().Structure;


            if (_lockTime + _lockTimeout < DateTime.Now)
            {
                _lockTime = DateTime.Now;

                //TODO support package signature verification as soon as this is supported in Keepass storage

                var clientState = request.ClientState;
                CommonUtil.logd("onFillRequest(): data=" + CommonUtil.BundleToString(clientState));


                cancellationSignal.CancelEvent += (sender, e) =>
                {
                    Kp2aLog.Log("Cancel autofill not implemented yet.");
                    _lockTime = DateTime.MinValue;
                };
                // Parse AutoFill data in Activity
                StructureParser.AutofillTargetId query = null;
                var parser = new StructureParser(this, structure);
                try
                {
                    query = parser.ParseForFill(isManual);
                }
                catch (Java.Lang.SecurityException e)
                {
                    Log.Warn(CommonUtil.Tag, "Security exception handling request");
                    callback.OnFailure(e.Message);
                    return;
                }

                AutofillFieldMetadataCollection autofillFields = parser.AutofillFields;


                var autofillIds = autofillFields.GetAutofillIds();
                if (autofillIds.Length != 0 && CanAutofill(query, isManual))
                {
                    var responseBuilder = new FillResponse.Builder();

                    bool hasEntryDataset = false;

                    if (query.IncompatiblePackageAndDomain == false)
                    {
                        Kp2aLog.Log("AF: (query.IncompatiblePackageAndDomain == false)");
                        //domain and package are compatible. Use Domain if available and package otherwise. Can fill without warning.
                        foreach (var entryDataset in BuildEntryDatasets(query.DomainOrPackage, query.WebDomain,
                                                                        query.PackageName,
                                                                        autofillIds, parser, DisplayWarning.None).Where(ds => ds != null)
                                 )
                        {
                            Kp2aLog.Log("AF: Got EntryDataset " + (entryDataset == null));
                            responseBuilder.AddDataset(entryDataset);
                            hasEntryDataset = true;
                        }
                    }



                    {
                        if (query.WebDomain != null)
                        {
                            AddQueryDataset(query.WebDomain,
                                            query.WebDomain, query.PackageName,
                                            isManual, autofillIds, responseBuilder, !hasEntryDataset,
                                            query.IncompatiblePackageAndDomain
                                    ? DisplayWarning.FillDomainInUntrustedApp
                                    : DisplayWarning.None);
                        }
                        else
                        {
                            AddQueryDataset(query.PackageNameWithPseudoSchema,
                                            query.WebDomain, query.PackageName,
                                            isManual, autofillIds, responseBuilder, !hasEntryDataset, DisplayWarning.None);
                        }
                    }

                    AddDisableDataset(query.DomainOrPackage, autofillIds, responseBuilder, isManual);

                    if (PreferenceManager.GetDefaultSharedPreferences(this)
                        .GetBoolean(GetString(Resource.String.OfferSaveCredentials_key), true))
                    {
                        if (!CompatBrowsers.Contains(parser.PackageId))
                        {
                            responseBuilder.SetSaveInfo(new SaveInfo.Builder(parser.AutofillFields.SaveType,
                                                                             parser.AutofillFields.GetAutofillIds()).Build());
                        }
                    }

                    Kp2aLog.Log("return autofill success");
                    callback.OnSuccess(responseBuilder.Build());
                }
                else
                {
                    Kp2aLog.Log("cannot autofill");
                    callback.OnSuccess(null);
                }
            }
            else
            {
                Kp2aLog.Log("Ignoring onFillRequest as there is another request going on.");
            }
        }
 public override void OnDisconnected()
 {
     _lockTime = DateTime.MinValue;
     CommonUtil.logd("onDisconnected");
 }
 public override void OnConnected()
 {
     CommonUtil.logd("onConnected");
 }
        public override void OnFillRequest(FillRequest request, CancellationSignal cancellationSignal, FillCallback callback)
        {
            bool isManual = (request.Flags & FillRequest.FlagManualRequest) != 0;

            CommonUtil.logd("onFillRequest " + (isManual ? "manual" : "auto"));
            var structure = request.FillContexts[request.FillContexts.Count - 1].Structure;

            //TODO support package signature verification as soon as this is supported in Keepass storage

            var clientState = request.ClientState;

            CommonUtil.logd("onFillRequest(): data=" + CommonUtil.BundleToString(clientState));


            cancellationSignal.CancelEvent += (sender, e) => {
                Log.Warn(CommonUtil.Tag, "Cancel autofill not implemented yet.");
            };
            // Parse AutoFill data in Activity
            string query  = null;
            var    parser = new StructureParser(this, structure);

            try
            {
                query = parser.ParseForFill(isManual);
            }
            catch (Java.Lang.SecurityException e)
            {
                Log.Warn(CommonUtil.Tag, "Security exception handling request");
                callback.OnFailure(e.Message);
                return;
            }

            AutofillFieldMetadataCollection autofillFields = parser.AutofillFields;


            var autofillIds = autofillFields.GetAutofillIds();

            if (autofillIds.Length != 0 && CanAutofill(query, isManual))
            {
                var responseBuilder = new FillResponse.Builder();

                var  entryDataset    = AddEntryDataset(query, parser);
                bool hasEntryDataset = entryDataset != null;
                if (entryDataset != null)
                {
                    responseBuilder.AddDataset(entryDataset);
                }

                AddQueryDataset(query, isManual, autofillIds, responseBuilder, !hasEntryDataset);
                AddDisableDataset(query, autofillIds, responseBuilder, isManual);
                if (PreferenceManager.GetDefaultSharedPreferences(this).GetBoolean(GetString(Resource.String.OfferSaveCredentials_key), true))
                {
                    responseBuilder.SetSaveInfo(new SaveInfo.Builder(parser.AutofillFields.SaveType,
                                                                     parser.AutofillFields.GetAutofillIds()).Build());
                }

                callback.OnSuccess(responseBuilder.Build());
            }
            else
            {
                callback.OnSuccess(null);
            }
        }