diff --git a/android/build.gradle.kts b/android/build.gradle.kts index 569127a2..e3baf329 100644 --- a/android/build.gradle.kts +++ b/android/build.gradle.kts @@ -66,7 +66,11 @@ dependencies { implementation(libs.androidx.work.runtime.ktx) implementation(libs.coil) implementation(libs.copydown) + implementation(libs.jsoup) implementation(libs.kotlinx.collections.immutable) implementation(libs.kotlinx.coroutines.core) implementation(libs.sqldelight.extensions.coroutines) + testImplementation(libs.kotest.assertions.core) + testImplementation(libs.kotest.runner.junit5) + testImplementation(libs.okhttp.mockwebserver) } diff --git a/android/src/main/kotlin/dev/msfjarvis/claw/android/viewmodel/CSRFRepository.kt b/android/src/main/kotlin/dev/msfjarvis/claw/android/viewmodel/CSRFRepository.kt new file mode 100644 index 00000000..147bc11a --- /dev/null +++ b/android/src/main/kotlin/dev/msfjarvis/claw/android/viewmodel/CSRFRepository.kt @@ -0,0 +1,36 @@ +/* + * Copyright © 2023 Harsh Shandilya. + * Use of this source code is governed by an MIT-style + * license that can be found in the LICENSE file or at + * https://opensource.org/licenses/MIT. + */ +package dev.msfjarvis.claw.android.viewmodel + +import dev.msfjarvis.claw.android.injection.IODispatcher +import dev.msfjarvis.claw.api.injection.BaseUrl +import javax.inject.Inject +import kotlinx.coroutines.CoroutineDispatcher +import kotlinx.coroutines.withContext +import okhttp3.OkHttpClient +import okhttp3.Request +import org.jsoup.Jsoup + +/** Helper for extracting CSRF token for authenticated requests to https://lobste.rs. */ +class CSRFRepository +@Inject +constructor( + private val okHttpClient: OkHttpClient, + @IODispatcher private val dispatcher: CoroutineDispatcher, + @BaseUrl private val url: String, +) { + suspend fun extractToken(): String? { + val request = Request.Builder().url(url).get().build() + return withContext(dispatcher) { + okHttpClient.newCall(request).execute().use { response -> + val doc = Jsoup.parse(response.body?.string() ?: return@use null) + val element = doc.select("meta[name=\"csrf-token\"]").first() ?: return@use null + return@use element.attr("content") + } + } + } +} diff --git a/android/src/test/kotlin/dev/msfjarvis/claw/android/viewmodel/CSRFRepositoryTest.kt b/android/src/test/kotlin/dev/msfjarvis/claw/android/viewmodel/CSRFRepositoryTest.kt new file mode 100644 index 00000000..ca9428ff --- /dev/null +++ b/android/src/test/kotlin/dev/msfjarvis/claw/android/viewmodel/CSRFRepositoryTest.kt @@ -0,0 +1,56 @@ +/* + * Copyright © 2023 Harsh Shandilya. + * Use of this source code is governed by an MIT-style + * license that can be found in the LICENSE file or at + * https://opensource.org/licenses/MIT. + */ +package dev.msfjarvis.claw.android.viewmodel + +import io.kotest.core.spec.Spec +import io.kotest.core.spec.style.FunSpec +import io.kotest.matchers.shouldBe +import kotlinx.coroutines.Dispatchers +import okhttp3.OkHttpClient +import okhttp3.mockwebserver.Dispatcher +import okhttp3.mockwebserver.MockResponse +import okhttp3.mockwebserver.MockWebServer +import okhttp3.mockwebserver.RecordedRequest + +class CSRFRepositoryTest : FunSpec() { + private val server = MockWebServer() + + init { + test("Correctly extracts CSRF token").config(coroutineTestScope = true) { + val repo = + CSRFRepository( + OkHttpClient.Builder().build(), + Dispatchers.Default, + server.url("/").toString(), + ) + repo.extractToken() shouldBe + "OZWykgFemPVeOSNmB53-ccKXe458X7xCInO1-qzFU6nk_9RCSrSQqS9OPmA5_pyy8qD3IYAIZ7XfAM3gdhJpkQ" + } + } + + override suspend fun beforeSpec(spec: Spec) { + super.beforeSpec(spec) + val dispatcher = + object : Dispatcher() { + override fun dispatch(request: RecordedRequest): MockResponse { + return when (val path = request.path) { + "/" -> + MockResponse() + .setResponseCode(200) + .setBody( + javaClass.classLoader!! + .getResourceAsStream("csrf_page.html") + .readAllBytes() + .decodeToString(), + ) + else -> error("Invalid path: $path") + } + } + } + server.dispatcher = dispatcher + } +} diff --git a/android/src/test/resources/csrf_page.html b/android/src/test/resources/csrf_page.html new file mode 100644 index 00000000..f27c3a17 --- /dev/null +++ b/android/src/test/resources/csrf_page.html @@ -0,0 +1,5 @@ +Lobsters
  1. 42
    PotatoP - A LISP-programmable laptop with battery life measured in yearshardwarelispperformancehackaday.io
    sjamaan avatarviasjamaan11 hours ago|
    Archive.orgArchive.todayGhostarchive
    |5 comments
  2. 22
    Which is worse when working on production databases? Being drunk or tired?practicesledgersmbdev.blogspot.com
    sjamaan avatarviasjamaan11 hours ago|
    Archive.orgArchive.todayGhostarchive
    |10 comments
  3. 23
    The GraphicalEmoji hackjavascriptxeiaso.net
    cadey avatarauthored bycadey19 hours ago|
    Archive.orgArchive.todayGhostarchive
    |12 comments
  4. 8
    Losing Signalcultureploum.net
    ploum avatarauthored byploum3 hours ago|
    Archive.orgArchive.todayGhostarchive
    |3 comments
  5. 46
    New tag: sustainability?meta
    sjamaan avatarauthored bysjamaan11 hours ago|11 comments
  6. 6
    Getting Past “Ampersand-Driven Development” in Rust - A mental model for ownership and borrowingrustfiberplane.com
    emschwartz avatarauthored byemschwartz5 hours ago|
    Archive.orgArchive.todayGhostarchive
    |no comments
  7. 56
    Google Groups has been left to diecultureahelwer.ca
    ahelwer avatarauthored byahelwer26 hours ago|
    Archive.orgArchive.todayGhostarchive
    |50 comments
  8. 3
    Introducing ngrok-go: Ingress to Your Go Apps as a `net.Listener`gonetworkingprogrammingblog.ngrok.com
    dineshgowda avatarviadineshgowda1 hour ago|
    Archive.orgArchive.todayGhostarchive
    |3 comments
  9. 26
    An Engine For An Editoremacsgraphicsprogrammingmatklad.github.io
    carlmjohnson avatarviacarlmjohnson24 hours ago|
    Archive.orgArchive.todayGhostarchive
    |8 comments
  10. 32
    Uncle Bob and Casey Muratori Discuss Clean Codeperformancepltpracticesgithub.com
    amw-zero avatarviaamw-zero28 hours ago|
    Archive.orgArchive.todayGhostarchive
    |59 comments
  11. 18
    Leveraging Rust and the GPU to render user interfaces at 120 FPSgraphicsperformancerustzed.dev
    matklad avatarviamatklad17 hours ago|
    Archive.orgArchive.todayGhostarchive
    |no comments
  12. 26
    PEP 709 – Inlined comprehensionspythonpeps.python.org
    usrme avatarviausrme24 hours ago|
    Archive.orgArchive.todayGhostarchive
    |4 comments
  13. 3
    When Debug Symbols Get Largeprogrammingwindowsrandomascii.wordpress.com
    calvin avatarviacalvin3 hours ago|
    Archive.orgArchive.todayGhostarchive
    |no comments
  14. 2
    Create Your Own Programming Language (Part I)luabas.codes
    sebst avatarauthored bysebst6 hours ago|
    Archive.orgArchive.todayGhostarchive
    |no comments
  15. 14
    diff.rs — View a diff between crate versionsrustdiff.rs
    kellogh avatarviakellogh18 hours ago|
    Archive.orgArchive.todayGhostarchive
    |no comments
  16. 4
    Gameplay Loop - Mars After Midnight by dukopegamesluadukope.itch.io
    tumdum avatarviatumdum8 hours ago|
    Archive.orgArchive.todayGhostarchive
    |no comments
  17. 1
    Domain Logic and SQL (2003)databasesperformancepracticesmartinfowler.com
    amw-zero avatarviaamw-zero3 hours ago|
    Archive.orgArchive.todayGhostarchive
    |3 comments
  18. 13
    50 Years Later, We’re Still Living in the Xerox Alto’s Worldhistoricalspectrum.ieee.org
    hapax avatarviahapax23 hours ago|
    Archive.orgArchive.todayGhostarchive
    |6 comments
  19. 4
    Gear Hashing for Content Defined Chunkingcompscijoshleeb.com
    joshleeb avatarauthored byjoshleeb14 hours ago|
    Archive.orgArchive.todayGhostarchive
    |no comments
  20. 1
    A Safer High Performance AV1 Decoderassemblyrustsecuritymemorysafety.org
    JulianWgs avatarviaJulianWgs27 minutes ago|
    Archive.orgArchive.todayGhostarchive
    |no comments
  21. 1
    Design of the Austral Compilercompilersborretti.me
    joakin avatarviajoakin30 minutes ago|
    Archive.orgArchive.todayGhostarchive
    |no comments
  22. 1
    Help test Cargo's new index protocoldevopsrustblog.rust-lang.org
    icefox avatarviaicefox31 minutes ago|
    Archive.orgArchive.todayGhostarchive
    |1 comment
  23. 21
    Cachix 1.3: Nix Uploads unleasheddevopsnixblog.cachix.org
    domenkozar avatarauthored bydomenkozar32 hours ago|
    Archive.orgArchive.todayGhostarchive
    |6 comments
  24. 1
    Free The Game Boyhardwarefreethegameboy.info
    calvin avatarviacalvin1 hour ago|
    Archive.orgArchive.todayGhostarchive
    |no comments
  25. 1
    NiceGUI: Let any browser be the frontend of your Python codepythongithub.com
    usrme avatarviausrme1 hour ago|
    Archive.orgArchive.todayGhostarchive
    |no comments
Page 2 >>
\ No newline at end of file diff --git a/api/src/main/kotlin/dev/msfjarvis/claw/api/injection/ApiModule.kt b/api/src/main/kotlin/dev/msfjarvis/claw/api/injection/ApiModule.kt index c513b953..20f829e1 100644 --- a/api/src/main/kotlin/dev/msfjarvis/claw/api/injection/ApiModule.kt +++ b/api/src/main/kotlin/dev/msfjarvis/claw/api/injection/ApiModule.kt @@ -1,5 +1,5 @@ /* - * Copyright © 2021-2022 Harsh Shandilya. + * Copyright © 2021-2023 Harsh Shandilya. * Use of this source code is governed by an MIT-style * license that can be found in the LICENSE file or at * https://opensource.org/licenses/MIT. @@ -13,6 +13,7 @@ import com.squareup.anvil.annotations.ContributesTo import dagger.Module import dagger.Provides import dev.msfjarvis.claw.api.LobstersApi +import javax.inject.Qualifier import okhttp3.OkHttpClient import retrofit2.Converter import retrofit2.Retrofit @@ -25,10 +26,11 @@ object ApiModule { fun provideRetrofit( client: OkHttpClient, converterFactories: Set<@JvmSuppressWildcards Converter.Factory>, + @BaseUrl baseUrl: String, ): Retrofit { return Retrofit.Builder() .client(client) - .baseUrl(LobstersApi.BASE_URL) + .baseUrl(baseUrl) .addConverterFactory(ApiResultConverterFactory) .addCallAdapterFactory(ApiResultCallAdapterFactory) .apply { converterFactories.forEach(this::addConverterFactory) } @@ -39,4 +41,8 @@ object ApiModule { fun provideApi(retrofit: Retrofit): LobstersApi { return retrofit.create() } + + @Provides @BaseUrl fun provideBaseUrl(): String = LobstersApi.BASE_URL } + +@Qualifier @Retention(AnnotationRetention.RUNTIME) annotation class BaseUrl diff --git a/build-logic/src/main/kotlin/dev/msfjarvis/claw/gradle/versioning/VersioningPlugin.kt b/build-logic/src/main/kotlin/dev/msfjarvis/claw/gradle/versioning/VersioningPlugin.kt index f4f392b5..4894aedd 100644 --- a/build-logic/src/main/kotlin/dev/msfjarvis/claw/gradle/versioning/VersioningPlugin.kt +++ b/build-logic/src/main/kotlin/dev/msfjarvis/claw/gradle/versioning/VersioningPlugin.kt @@ -1,5 +1,5 @@ /* - * Copyright © 2022 Harsh Shandilya. + * Copyright © 2022-2023 Harsh Shandilya. * Use of this source code is governed by an MIT-style * license that can be found in the LICENSE file or at * https://opensource.org/licenses/MIT. diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index f1a41929..ff5215d3 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -77,6 +77,7 @@ napier = "io.github.aakira:napier:2.6.1" okhttp-bom = "com.squareup.okhttp3:okhttp-bom:4.10.0" okhttp-core = { module = "com.squareup.okhttp3:okhttp" } okhttp-loggingInterceptor = { module = "com.squareup.okhttp3:logging-interceptor" } +okhttp-mockwebserver = { module = "com.squareup.okhttp3:mockwebserver" } retrofit = { module = "com.squareup.retrofit2:retrofit", version.ref = "retrofit" } retrofit-kotlinxSerializationConverter = "com.jakewharton.retrofit:retrofit2-kotlinx-serialization-converter:0.8.0" sentry-bom = { module = "io.sentry:sentry-bom", version.ref = "sentry-sdk" }