Suggest full passport reset in case of bad secret.

2025-01-14 03:01:15 +00:00 · 2018-04-15 20:22:13 +04:00 · 2018-04-15 20:22:13 +04:00 · 5b615519e8
commit 5b615519e8
parent 03b7a3ca2b
6 changed files with 83 additions and 22 deletions
--- a/Telegram/SourceFiles/passport/passport_form_controller.cpp
+++ b/Telegram/SourceFiles/passport/passport_form_controller.cpp
@ -397,23 +397,15 @@ void FormController::validateSecureSecret(
 		_secret = DecryptSecureSecret(salt, encryptedSecret, password);
 		if (_secret.empty()) {
 			_secretId = 0;
-			LOG(("API Error: Failed to decrypt secure secret. "
-				"Forgetting all files and data :("));
-			for (auto &[type, value] : _form.values) {
-				if (!value.data.original.isEmpty()) {
-					resetValue(value);
-				}
-			}
+			LOG(("API Error: Failed to decrypt secure secret."));
+			suggestReset(bytes::make_vector(password));
+			return;
 		} else if (CountSecureSecretId(_secret) != serverSecretId) {
 			_secret.clear();
 			_secretId = 0;
-			LOG(("API Error: Wrong secure secret id. "
-				"Forgetting all files and data :("));
-			for (auto &[type, value] : _form.values) {
-				if (!value.data.original.isEmpty()) {
-					resetValue(value);
-				}
-			}
+			LOG(("API Error: Wrong secure secret id."));
+			suggestReset(bytes::make_vector(password));
+			return;
 		} else {
 			_secretId = serverSecretId;
 			decryptValues();
@ -425,6 +417,40 @@ void FormController::validateSecureSecret(
 	_secretReady.fire({});
 }

+void FormController::suggestReset(bytes::vector password) {
+	for (auto &[type, value] : _form.values) {
+//		if (!value.data.original.isEmpty()) {
+		resetValue(value);
+//		}
+	}
+	_view->suggestReset([=] {
+		const auto hashForAuth = openssl::Sha256(bytes::concatenate(
+			_password.salt,
+			password,
+			_password.salt));
+		using Flag = MTPDaccount_passwordInputSettings::Flag;
+		_saveSecretRequestId = request(MTPaccount_UpdatePasswordSettings(
+			MTP_bytes(hashForAuth),
+			MTP_account_passwordInputSettings(
+				MTP_flags(Flag::f_new_secure_secret),
+				MTPbytes(), // new_salt
+				MTPbytes(), // new_password_hash
+				MTPstring(), // hint
+				MTPstring(), // email
+			MTP_bytes(QByteArray()), // new_secure_salt
+			MTP_bytes(QByteArray()), // new_secure_secret
+			MTP_long(0)) // new_secure_secret_id
+		)).done([=](const MTPBool &result) {
+			_saveSecretRequestId = 0;
+			generateSecret(password);
+		}).fail([=](const RPCError &error) {
+			_saveSecretRequestId = 0;
+			formFail(error.type());
+		}).send();
+		_secretReady.fire({});
+	});
+}
+
 void FormController::decryptValues() {
 	Expects(!_secret.empty());

@ -441,10 +467,16 @@ void FormController::decryptValue(Value &value) {
 		return;
 	}
 	if (!value.data.original.isEmpty()) {
-		const auto fields = DeserializeData(DecryptData(
+		const auto decrypted = DecryptData(
 			bytes::make_span(value.data.original),
 			value.data.hash,
-			value.data.secret));
+			value.data.secret);
+		if (decrypted.empty()) {
+			LOG(("API Error: Could not decrypt value fields."));
+			resetValue(value);
+			return;
+		}
+		const auto fields = DeserializeData(decrypted);
 		value.data.parsed.fields.clear();
 		for (const auto [key, text] : fields) {
 			value.data.parsed.fields[key] = { text };
@ -459,8 +491,7 @@ bool FormController::validateValueSecrets(Value &value) {
 			_secret,
 			value.data.hash);
 		if (value.data.secret.empty()) {
-			LOG(("API Error: Could not decrypt data secret. "
-				"Forgetting files and data :("));
+			LOG(("API Error: Could not decrypt data secret."));
 			return false;
 		}
 	}
@ -470,8 +501,7 @@ bool FormController::validateValueSecrets(Value &value) {
 			_secret,
 			file.hash);
 		if (file.secret.empty()) {
-			LOG(("API Error: Could not decrypt selfie secret. "
-				"Forgetting files and data :("));
+			LOG(("API Error: Could not decrypt file secret."));
 			return false;
 		}
 		return true;
--- a/Telegram/SourceFiles/passport/passport_form_controller.h
+++ b/Telegram/SourceFiles/passport/passport_form_controller.h
@ -250,6 +250,7 @@ public:
 	bool savingValue(not_null<const Value*> value) const;

 	void cancel();
+	void cancelSure();

 	rpl::lifetime &lifetime();

@ -352,8 +353,8 @@ private:
 		const MTPInputSecureValue &data);
 	FinalData prepareFinalData();

+	void suggestReset(bytes::vector password);
 	void suggestRestart();
-	void cancelSure();
 	void cancelAbort();

 	not_null<Window::Controller*> _controller;
--- a/Telegram/SourceFiles/passport/passport_form_view_controller.h
+++ b/Telegram/SourceFiles/passport/passport_form_view_controller.h
@ -48,6 +48,7 @@ public:

 	virtual void showBox(object_ptr<BoxContent> box) = 0;
 	virtual void showToast(const QString &text) = 0;
+	virtual void suggestReset(base::lambda<void()> callback) = 0;

 	virtual int closeGetDuration() = 0;

--- a/Telegram/SourceFiles/passport/passport_panel_controller.cpp
+++ b/Telegram/SourceFiles/passport/passport_panel_controller.cpp
@ -17,6 +17,7 @@ https://github.com/telegramdesktop/tdesktop/blob/master/LEGAL
 #include "ui/toast/toast.h"
 #include "ui/countryinput.h"
 #include "layout.h"
+#include "styles/style_boxes.h"

 namespace Passport {

@ -639,6 +640,29 @@ void PanelController::deleteValueSure(bool withDetails) {
 	}
 }

+void PanelController::suggestReset(base::lambda<void()> callback) {
+	_resetBox = BoxPointer(show(Box<ConfirmBox>(
+		Lang::Hard::PassportCorrupted(),
+		Lang::Hard::PassportCorruptedReset(),
+		[=] { resetPassport(callback); },
+		[=] { cancelReset(); })).data()); // #TODO passport no need for confirmation?
+}
+
+void PanelController::resetPassport(base::lambda<void()> callback) {
+	const auto box = show(Box<ConfirmBox>(
+		Lang::Hard::PassportCorruptedResetSure(),
+		Lang::Hard::PassportCorruptedReset(),
+		st::attentionBoxButton,
+		[=] { base::take(_resetBox); callback(); },
+		[=] { suggestReset(callback); }));
+	_resetBox = BoxPointer(box.data());
+}
+
+void PanelController::cancelReset() {
+	const auto weak = base::take(_resetBox);
+	_form->cancelSure();
+}
+
 QString PanelController::getDefaultContactValue(Scope::Type type) const {
 	switch (type) {
 	case Scope::Type::Phone:
--- a/Telegram/SourceFiles/passport/passport_panel_controller.h
+++ b/Telegram/SourceFiles/passport/passport_panel_controller.h
@ -108,6 +108,7 @@ public:

 	void showBox(object_ptr<BoxContent> box) override;
 	void showToast(const QString &text) override;
+	void suggestReset(base::lambda<void()> callback) override;

 	int closeGetDuration() override;

@ -140,6 +141,9 @@ private:
 	QString getDefaultContactValue(Scope::Type type) const;
 	void deleteValueSure(bool withDetails);

+	void resetPassport(base::lambda<void()> callback);
+	void cancelReset();
+
 	not_null<FormController*> _form;
 	std::vector<Scope> _scopes;
 	rpl::event_stream<> _submitFailed;
@ -157,6 +161,8 @@ private:
 	BoxPointer _scopeDocumentTypeBox;
 	std::map<not_null<const Value*>, BoxPointer> _verificationBoxes;

+	BoxPointer _resetBox;
+
 	rpl::lifetime _lifetime;

 };
--- a/Telegram/SourceFiles/window/layer_widget.cpp
+++ b/Telegram/SourceFiles/window/layer_widget.cpp
@ -789,7 +789,6 @@ LayerStackWidget::~LayerStackWidget() {
 	// other layers, that call methods of LayerStackWidget and access
 	// its fields, so if it is destroyed already everything crashes.
 	for (auto layer : base::take(_layers)) {
-		layer->setClosing();
 		layer->hide();
 		delete layer;
 	}