feat: Implementing encrypted local storage for user sessions #1191
Conversation
Thanks for opening this pull request!
|
There was a problem hiding this comment.
Wow @DrMimik! Many thanks for this contribution. It's highly appreciated! Looks very clean and nice!
I have the feeling that this is something working for a long time somewhere else, correct me if I'm wrong. I'm guessing that because of the copyright comments.
I left just few questions and small javadoc suggestions. I'm wondering @mtrezza if the migration mechanism should be here forever or there is some policy about that. But if @DrMimik say that already migrated stores are covered and there's no performance issue maybe can stay for a while.
|
|
||
| import java.util.Arrays; | ||
|
|
||
| public class ParseObjectStoreMigrator<T extends ParseObject> implements ParseObjectStore<T> { |
There was a problem hiding this comment.
You could add some Javadoc with comments.
Does this migrator needs to be here forever or just for about some migration period?
There was a problem hiding this comment.
Wow @DrMimik! Many thanks for this contribution. It's highly appreciated! Looks very clean and nice!
I have the feeling that this is something working for a long time somewhere else, correct me if I'm wrong. I'm guessing that because of the copyright comments.
I left just few questions and small javadoc suggestions. I'm wondering @mtrezza if the migration mechanism should be here forever or there is some policy about that. But if @DrMimik say that already migrated stores are covered and there's no performance issue maybe can stay for a while.
Thank you guys for creating this awesome platform, I actuallty just copied the ParseObjectStore's logic for creating a new ObjectStore and used Jetpack's crypto library.
Since Robolectric doesn't mock Android's java.security.KeyStore I copied a couple files from this repo (with their copyright XD ) to create tests using Robolectric.
I am actually in a learning process, so please don't hesitate to edit or comment on anything in the code.
There was a problem hiding this comment.
We don't have a specific policy for the duration of providing migration mechanisms. It depends on the type of change. In this case I'd see the mechanism staying for several years, so indefinite at this point. The reason is that it can be a years long process to migrate clientes once they are released to end-users.
I think the migrator should be available for old users until they migrate, or remove it on a major release.
| import java.security.GeneralSecurityException; | ||
| import java.util.concurrent.Callable; | ||
|
|
||
| public class EncryptedFileObjectStore<T extends ParseObject> implements ParseObjectStore<T> { |
There was a problem hiding this comment.
Can you add Javadoc on the public classes and their public methods you have introduced?
| this.legacy = legacy; | ||
| } | ||
|
|
||
| private static <T extends ParseObject> Task<T> migrate( |
There was a problem hiding this comment.
Is there a way to check whenever migrate is needed?
There was a problem hiding this comment.
If from is deleted and next time you call migrate the onSuccessTask what will happen? It will call again onSuccessTask? Is there chance onFailedTask or something similar to be called in such case?
There was a problem hiding this comment.
Thanks for pointing that out, that is actually a bug which is going to be calling from.getAsync() recursively, I'll fix it ASAP.
|
|
||
| override fun generateKeyPair(): KeyPair = wrapped.generateKeyPair().also { keyPair -> | ||
| null | ||
| // AndroidKeyStore.storedKeys[lastSpec!!.keystoreAlias] = KeyStore.PrivateKeyEntry(keyPair.private, arrayOf(keyPair.toCertificate())) |
There was a problem hiding this comment.
Let's not have commented code.
If this is a TODO or a FIXME or something important for reference later on, please consider adding a descriptive comment instead of deleting it.
| } | ||
|
|
||
| @Test | ||
| public void testGetAsync() throws Exception { |
There was a problem hiding this comment.
Can we have a test covering the migrate? Pardon me if is covered already. If it is can you point it to me?
| package com.parse | ||
|
|
||
| /* | ||
| * Copyright 2020 Appmattus Limited |
There was a problem hiding this comment.
We need to make sure to consider the license implications. This repository is planned to be migrated to Apache 2, we should do that before merging this, otherwise we need to add this as a second license.
|
We don't have a specific policy for the duration of providing migration mechanisms. It depends on the type of change. In this case I'd see the mechanism staying for several years, so indefinite at this point. The reason is that it can be a years long process to migrate clientes once they are released to end-users. |
Fix: migrate method was called recursively in EncryptedFileObjectStore
|
@mtrezza @DrMimik I believe here we are on the finish line, what do you think can we get this merged? |
|
Hi, pardon me if my question is out of the context. Why we need to |
ghost
closed this by deleting the head repository
|
@parse-community/android-sdk anyone wants to pick this up and submit a new PR? It seems this was almost ready for merge. |
|
As it was almost ready for merge, I will work on the PR very soon. Thanks for the attention. |
New Pull Request Checklist
Issue Description
User data can be copied on rooted devices.
Closes: #1192
Approach
Encrypting local user session using Jetpack security features to ensure better security for rooted devices.
TODOs before merging