diff --git a/mastodon/build.gradle b/mastodon/build.gradle index 8e1fec48..d0fcf491 100644 --- a/mastodon/build.gradle +++ b/mastodon/build.gradle @@ -9,7 +9,7 @@ android { applicationId "org.joinmastodon.android" minSdk 23 targetSdk 31 - versionCode 34 + versionCode 35 versionName "1.0.4" testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner" } diff --git a/mastodon/src/main/java/org/joinmastodon/android/PushNotificationReceiver.java b/mastodon/src/main/java/org/joinmastodon/android/PushNotificationReceiver.java index c983862a..16c45495 100644 --- a/mastodon/src/main/java/org/joinmastodon/android/PushNotificationReceiver.java +++ b/mastodon/src/main/java/org/joinmastodon/android/PushNotificationReceiver.java @@ -18,6 +18,7 @@ import android.util.Log; import org.joinmastodon.android.api.MastodonAPIController; import org.joinmastodon.android.api.requests.notifications.GetNotificationByID; +import org.joinmastodon.android.api.session.AccountSession; import org.joinmastodon.android.api.session.AccountSessionManager; import org.joinmastodon.android.model.Account; import org.joinmastodon.android.model.PushNotification; @@ -52,10 +53,23 @@ public class PushNotificationReceiver extends BroadcastReceiver{ String k=intent.getStringExtra("k"); String p=intent.getStringExtra("p"); String s=intent.getStringExtra("s"); - String accountID=intent.getStringExtra("x"); - if(!TextUtils.isEmpty(accountID) && !TextUtils.isEmpty(k) && !TextUtils.isEmpty(p) && !TextUtils.isEmpty(s)){ + String pushAccountID=intent.getStringExtra("x"); + if(!TextUtils.isEmpty(pushAccountID) && !TextUtils.isEmpty(k) && !TextUtils.isEmpty(p) && !TextUtils.isEmpty(s)){ MastodonAPIController.runInBackground(()->{ try{ + List accounts=AccountSessionManager.getInstance().getLoggedInAccounts(); + AccountSession account=null; + for(AccountSession acc:accounts){ + if(pushAccountID.equals(acc.pushAccountID)){ + account=acc; + break; + } + } + if(account==null){ + Log.w(TAG, "onReceive: account for id '"+pushAccountID+"' not found"); + return; + } + String accountID=account.getID(); PushNotification pn=AccountSessionManager.getInstance().getAccount(accountID).getPushSubscriptionManager().decryptNotification(k, p, s); new GetNotificationByID(pn.notificationId+"") .setCallback(new Callback<>(){ diff --git a/mastodon/src/main/java/org/joinmastodon/android/api/PushSubscriptionManager.java b/mastodon/src/main/java/org/joinmastodon/android/api/PushSubscriptionManager.java index 19f9e39b..91da9115 100644 --- a/mastodon/src/main/java/org/joinmastodon/android/api/PushSubscriptionManager.java +++ b/mastodon/src/main/java/org/joinmastodon/android/api/PushSubscriptionManager.java @@ -126,7 +126,7 @@ public class PushSubscriptionManager{ throw new IllegalStateException("No device push token available"); MastodonAPIController.runInBackground(()->{ Log.d(TAG, "registerAccountForPush: started for "+accountID); - String encodedPublicKey, encodedAuthKey; + String encodedPublicKey, encodedAuthKey, pushAccountID; try{ KeyPairGenerator generator=KeyPairGenerator.getInstance("EC"); ECGenParameterSpec spec=new ECGenParameterSpec(EC_CURVE_NAME); @@ -136,13 +136,17 @@ public class PushSubscriptionManager{ privateKey=keyPair.getPrivate(); encodedPublicKey=Base64.encodeToString(serializeRawPublicKey(publicKey), Base64.URL_SAFE | Base64.NO_WRAP | Base64.NO_PADDING); authKey=new byte[16]; - new SecureRandom().nextBytes(authKey); + SecureRandom secureRandom=new SecureRandom(); + secureRandom.nextBytes(authKey); + byte[] randomAccountID=new byte[16]; + secureRandom.nextBytes(randomAccountID); AccountSession session=AccountSessionManager.getInstance().tryGetAccount(accountID); if(session==null) return; session.pushPrivateKey=Base64.encodeToString(privateKey.getEncoded(), Base64.URL_SAFE | Base64.NO_WRAP | Base64.NO_PADDING); session.pushPublicKey=Base64.encodeToString(publicKey.getEncoded(), Base64.URL_SAFE | Base64.NO_WRAP | Base64.NO_PADDING); session.pushAuthKey=encodedAuthKey=Base64.encodeToString(authKey, Base64.URL_SAFE | Base64.NO_WRAP | Base64.NO_PADDING); + session.pushAccountID=pushAccountID=Base64.encodeToString(randomAccountID, Base64.URL_SAFE | Base64.NO_WRAP | Base64.NO_PADDING); AccountSessionManager.getInstance().writeAccountsFile(); }catch(NoSuchAlgorithmException|InvalidAlgorithmParameterException e){ Log.e(TAG, "registerAccountForPush: error generating encryption key", e); @@ -153,7 +157,7 @@ public class PushSubscriptionManager{ encodedAuthKey, subscription==null ? PushSubscription.Alerts.ofAll() : subscription.alerts, subscription==null ? PushSubscription.Policy.ALL : subscription.policy, - accountID) + pushAccountID) .setCallback(new Callback<>(){ @Override public void onSuccess(PushSubscription result){ diff --git a/mastodon/src/main/java/org/joinmastodon/android/api/session/AccountSession.java b/mastodon/src/main/java/org/joinmastodon/android/api/session/AccountSession.java index 48fbb1bc..2bd33157 100644 --- a/mastodon/src/main/java/org/joinmastodon/android/api/session/AccountSession.java +++ b/mastodon/src/main/java/org/joinmastodon/android/api/session/AccountSession.java @@ -27,6 +27,7 @@ public class AccountSession{ public boolean needUpdatePushSettings; public long filtersLastUpdated; public List wordFilters=new ArrayList<>(); + public String pushAccountID; private transient MastodonAPIController apiController; private transient StatusInteractionController statusInteractionController; private transient CacheController cacheController;