rixxc/KeePassDX
1
0
Fork 0
mirror of https://github.com/Kunzisoft/KeePassDX.git synced 2025-12-04 15:49:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: Browser selection and URL scheme

Browse Source
This commit is contained in:
J-Jamet
2025-08-27 23:27:48 +02:00
parent 5f27f161a5
commit 98007c962d
4 changed files with 34 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
app/src/main/java/com/kunzisoft/keepass/credentialprovider/activity/PasskeyLauncherActivity.kt
View File

@@ -92,24 +92,35 @@ class PasskeyLauncherActivity : DatabaseModeActivity() {
passkey?.let {
mUsageParameters?.let { usageParameters ->
// Check verified origin
usageParameters.androidApp.checkInAppOrigin(
appOrigin = appOrigin,
onOriginChecked = {
usageParameters.androidAppVerified = true
PendingIntentHandler.setGetCredentialResponse(
responseIntent,
GetCredentialResponse(
buildPasskeyPublicKeyCredential(
usageParameters = usageParameters,
passkey = passkey
)
if (usageParameters.androidAppVerified) {
PendingIntentHandler.setGetCredentialResponse(
responseIntent,
GetCredentialResponse(
buildPasskeyPublicKeyCredential(
usageParameters = usageParameters,
passkey = passkey
)
)
},
onOriginNotChecked = {
throw SecurityException("Wrong signature for ${usageParameters.androidApp.id}")
}
)
)
} else {
usageParameters.androidApp.checkInAppOrigin(
appOrigin = appOrigin,
onOriginChecked = {
PendingIntentHandler.setGetCredentialResponse(
responseIntent,
GetCredentialResponse(
buildPasskeyPublicKeyCredential(
usageParameters = usageParameters,
passkey = passkey
)
)
)
},
onOriginNotChecked = {
throw SecurityException("Wrong signature for ${usageParameters.androidApp.id}")
}
)
}
} ?: run {
throw IOException("Usage parameters is null")
}

2
app/src/main/java/com/kunzisoft/keepass/credentialprovider/passkey/data/PublicKeyCredentialUsageParameters.kt
View File

@@ -25,5 +25,5 @@ data class PublicKeyCredentialUsageParameters(
val publicKeyCredentialRequestOptions: PublicKeyCredentialRequestOptions,
val clientDataResponse: ClientDataResponse,
val androidApp: AppIdentifier,
var androidAppVerified: Boolean
val androidAppVerified: Boolean
)

2
app/src/main/java/com/kunzisoft/keepass/credentialprovider/passkey/util/OriginManager.kt
View File

@@ -45,7 +45,7 @@ class OriginManager(
onOriginRetrieved = { appIdentifier, callOrigin, clientDataHash ->
onOriginRetrieved(
AppOrigin().apply {
addIdentifier(appIdentifier)
// Do not store Web Browser AppId -> addIdentifier(appIdentifier)
addWebDomain(callOrigin)
},
clientDataHash

6
database/src/main/java/com/kunzisoft/keepass/model/AppOriginEntryField.kt
View File

@@ -83,7 +83,11 @@ object AppOriginEntryField {
// If unable to save web domain in custom field or URL not populated, save in URL
webDomain?.let {
val webScheme = if (scheme.isNullOrEmpty()) "https" else scheme
val webDomainToStore = "$webScheme://$webDomain"
val webDomainToStore = if (webDomain.contains("://")) {
webDomain
} else {
"$webScheme://$webDomain"
}
if (!containsDomainOrApplicationId(webDomain)) {
if (!customFieldsAllowed || url.isEmpty()) {
url = webDomainToStore