gotev / android-cookie-store Goto Github PK

InMemoryCookieStore is not just kotlin-ized, you made mistake that getInternal1 and getInternal2 working on separate list which cause returned result contains duplicated cookies.

Given the recent announcement made by JFrog: https://jfrog.com/blog/into-the-sunset-bintray-jcenter-gocenter-and-chartcenter/?utm_source=mkto&utm_medium=email&utm_campaign=bintray-sunset&utm_content=global-02-2021

Deploy pipelines have to be modified to publish directly on Maven Central: https://getstream.io/blog/publishing-libraries-to-mavencentral-2021/?s=09

In SharedPreferencesCookieStore.kt line 60:

gson.toJson(ArrayList(cookies)))

This is critical to serialize HttpCookie ArrayList to sharedPreferences.
Only httpOnly and whenCreated fields appear as BoundFields.
name and value of the cookie does not get written to prefs.

This bug renders the library useless above Android 12+

First, thanks for your work. I love this repo.

I have a question:
Can we inject cookies from android.webkit.CookieManager (cookies was made by Android Webview) into every request of OkHttp?

Thanks

java.util.ArrayList$Itr.next (ArrayList.java:860) net.gotev.cookiestore.SharedPreferencesCookieStore.add (SharedPreferencesCookieStore.kt:107) java.net.CookieManager.put (CookieManager.java:360) net.gotev.cookiestore.WebKitSyncCookieManager.put (WebKitSyncCookieManager.kt:37)

Caused by android.util.AndroidRuntimeException
android.content.pm.PackageManager$NameNotFoundException: com.google.android.webview
android.webkit.WebViewFactory.getFactoryClass (WebViewFactory.java:195)
android.webkit.CookieManager.getInstance (CookieManager.java:42)
net.gotev.cookiestore.WebKitSyncCookieManager$webKitCookieManager$2.invoke (WebKitSyncCookieManager.java:14)
net.gotev.cookiestore.WebKitSyncCookieManager$webKitCookieManager$2.invoke (WebKitSyncCookieManager.java:8)
kotlin.SynchronizedLazyImpl.getValue (SynchronizedLazyImpl.java:74)
net.gotev.cookiestore.WebKitSyncCookieManager.getWebKitCookieManager (WebKitSyncCookieManager.java)

java.util.ArrayList$Itr.next (ArrayList.java:860)
com.google.gson.internal.bind.CollectionTypeAdapterFactory$Adapter.write (CollectionTypeAdapterFactory.java:96)
com.google.gson.internal.bind.CollectionTypeAdapterFactory$Adapter.write (CollectionTypeAdapterFactory.java:61)
com.google.gson.Gson.toJson (Gson.java:704)
com.google.gson.Gson.toJson (Gson.java:683)
com.google.gson.Gson.toJson (Gson.java:638)
com.google.gson.Gson.toJson (Gson.java:618)
net.gotev.cookiestore.SharedPreferencesCookieStore.add (SharedPreferencesCookieStore.java:54)
java.net.CookieManager.put (CookieManager.java:360)

What are your thoughts on modifying/adding an implementation where the SharedPreferencesCookieStore uses an EncryptedSharedPreference? I tried to extend InMemoryCookieStore with my own implementation with EncryptedSharedPreference, but was unable to reference the underlying map of URIs and cookies (uriIndex)

There seems to be a flaw in the creation of the expiration part of HttpCookie.toSetCookieString().

HttpCookie.maxAge is the amount of time from the moment the cookie is created to when it should expire. This duration isn't being translated to the string being generated by toSetCookieString(). The string has the time at which that method is called plus the maxAge. This means every time I call the function I get a different "expiry" value, leading to the chance that I actually send a cookie that has expired after syncing with a WebView.

Unfortunately, HttpCookie doesn't allow access to the whenCreated value to make calculating the true expiry date possible, no matter when you happen to call the method HttpCookie.toSetCookieString().

I have resolved this in a similar library by creating my own "Cookie" class and using it to generate an HttpCookie or okhttp(2|3).Cookie when needed. This new class contains the maxAge and a created timestamp that is accessible.

It'd be neat if y'all implemented CookieJar and stopped depending on the okhttp-urlconnection artificact that's necessary to integrate java.net APIs.

happens on this line preferences.edit().putString(index.toString(), gson.toJson(cookies)).apply()

E/AndroidRuntime: FATAL EXCEPTION: OkHttp Dispatcher
    Process: com.light.finder, PID: 28247
    java.util.ConcurrentModificationException
        at java.util.ArrayList$Itr.next(ArrayList.java:860)
        at com.google.gson.internal.bind.CollectionTypeAdapterFactory$Adapter.write(CollectionTypeAdapterFactory.java:96)
        at com.google.gson.internal.bind.CollectionTypeAdapterFactory$Adapter.write(CollectionTypeAdapterFactory.java:61)
        at com.google.gson.Gson.toJson(Gson.java:704)
        at com.google.gson.Gson.toJson(Gson.java:683)
        at com.google.gson.Gson.toJson(Gson.java:638)
        at com.google.gson.Gson.toJson(Gson.java:618)
        at com.light.finder.data.source.remote.SharedPreferencesCookieStore.add(SharedPreferencesCookieStore.kt:51)
        at java.net.CookieManager.put(CookieManager.java:360)
        at com.light.finder.data.source.remote.WebKitSyncCookieManager.put(WebKitSyncCookieManager.kt:24)
        at okhttp3.JavaNetCookieJar.saveFromResponse(JavaNetCookieJar.kt:38)
        at okhttp3.internal.http.HttpHeaders.receiveHeaders(HttpHeaders.kt:207)
        at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:86)
        at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:112)
        at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:71)
        at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:112)
        at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:87)
        at okhttp3.logging.HttpLoggingInterceptor.intercept(HttpLoggingInterceptor.java:213)
        at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:112)
        at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:87)
        at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.kt:184)
        at okhttp3.RealCall$AsyncCall.run(RealCall.kt:136)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
        at java.lang.Thread.run(Thread.java:919)

I'm using OkHttp, and it saves cookies received while the app is still running, but once I close the app and restart, it no longer has the cookie.

// Example extension function to demonstrate how to create both cookie stores
    private fun createCookieStore(name: String, persistent: Boolean) = if (persistent) {
        context?.let { SharedPreferencesCookieStore(it, name) }
    } else {
        InMemoryCookieStore(name)
    }


    private val cookieManager = CookieManager(
        createCookieStore(name = "myCookies", persistent = true),
        CookiePolicy.ACCEPT_ALL
    )

    private val client = OkHttpClient.Builder()
        .cookieJar(JavaNetCookieJar(cookieManager))
        .build()

This is how I have the code implemented.

When enabling Proguard, SharedPreferencesCookieStore is not parsing correctly saved preferences probably due to HttpCookie class being minified/obfuscate by Proguard.

I manage to fix it by adding -keep class java.net.HttpCookie { <fields>; } in my proguard-rules.pro file.

It will be great if this can be handle by the library or adding a Proguard section in the README.

If maxAge is not set cookie is set as expired

    init {
        handleExceptions {
            android.webkit.CookieManager.getInstance().setAcceptCookie(true)
        }
    }

The default value of setAcceptCookie is true. do we need to still set this? we are facing ANR in production for some device