Updated for logging in via Librem One services

PIALibrary.podspec

@@ -32,6 +32,7 @@ Pod::Spec.new do |s|
         p.dependency "Alamofire", "~> 4"
         p.dependency "ReachabilitySwift"
         p.dependency "SwiftyBeaver"
+        p.dependency "SwiftyJSON"
         p.dependency "PopupDialog"
         p.dependency "PIARegions"
         p.dependency "PIAAccountModule"
@@ -58,6 +59,7 @@ Pod::Spec.new do |s|
         p.resources             = "PIALibrary/Resources/UI/Shared/**/*"
         p.dependency "PIALibrary/Library"
         p.dependency "SwiftyBeaver"
+        p.dependency "SwiftyJSON"
         p.dependency "SwiftEntryKit", "0.7.2"
         p.dependency "lottie-ios"
         p.dependency "FXPageControl"

PIALibrary/Sources/Core/WebServices/Credentials.swift

@@ -5,6 +5,9 @@
 //  Created by Davide De Rosa on 10/1/17.
 //  Copyright © 2020 Private Internet Access, Inc.
 //
+//  Updated for Libre One by Thomas Markiewicz on 01/09/2021
+//  Copyright © 2020 Purism, SPC.
+//
 //  This file is part of the Private Internet Access iOS Client.
 //
 //  The Private Internet Access iOS Client is free software: you can redistribute it and/or
@@ -31,10 +34,25 @@ public struct Credentials {
     /// The password.
     public let password: String
     
+    /// The email.
+    public let email: String
+    
+    /// True if this is a reseller
+    public let isReseller: Bool
+
     /// :nodoc:
-    public init(username: String, password: String) {
+    public init(username: String, password: String, isReseller: Bool = false) {
         self.username = username
         self.password = password
+        self.email = ""
+        self.isReseller = isReseller
+    }
+
+    public init(username: String, password: String, email: String) {
+        self.username = username
+        self.password = password
+        self.email = email
+        self.isReseller = true
     }
     
 }
@@ -45,4 +63,8 @@ public extension Credentials {
         return ["username":username, "password": password]
     }
 
+    func resellerToken() -> String {
+        return isReseller ? username + password : ""
+    }
+
 }

PIALibrary/Sources/Library/Account/DefaultAccountProvider.swift

@@ -86,7 +86,7 @@ class DefaultAccountProvider: AccountProvider, ConfigurationAccess, DatabaseAcce
                 return nil
             }
             return UserAccount(
-                credentials: Credentials(username: username, password: password),
+                credentials: Credentials(username: username, password: password, isReseller: true), // added `isReseller` for Librem One
                 info: accessedDatabase.plain.accountInfo
             )
         }
@@ -211,6 +211,35 @@ class DefaultAccountProvider: AccountProvider, ConfigurationAccess, DatabaseAcce
         guard !isLoggedIn else {
             preconditionFailure()
         }
+
+        // START: Librem One change
+        if request.credentials.isReseller {
+            
+            let token = request.credentials.resellerToken();
+            
+            self.updateDatabaseWith(token, andUsername: request.credentials.username)
+            
+            let accountInfo = AccountInfo( email: request.credentials.email,
+                                           username: request.credentials.email,
+                                           plan: .other,
+                                           productId: "librem-one",
+                                           isRenewable: false,
+                                           isRecurring: false,
+                                           expirationDate: Date.distantFuture,
+                                           canInvite: false,
+                                           shouldPresentExpirationAlert: false,
+                                           renewUrl: nil)
+
+            self.accessedDatabase.plain.accountInfo = accountInfo
+            
+            let user = UserAccount(credentials: request.credentials, info: accountInfo)
+            Macros.postNotification(.PIAAccountDidLogin, [
+                .user: user
+                ])
+            callback?(user, nil)
+            return
+        } 
+        // END: Librem One change
         
         webServices.token(credentials: request.credentials) { (token, error) in
             

PIALibrary/Sources/Library/WebServices/PIAWebServices.swift

@@ -90,7 +90,7 @@ class PIAWebServices: WebServices, ConfigurationAccess {
      Generates a new auth token for the specific user
      */
     func token(credentials: Credentials, _ callback: ((String?, Error?) -> Void)?) {
-        
+
         self.accountAPI.loginWithCredentials(username: credentials.username,
                                              password: credentials.password) { (response, error) in
 

PIALibrary/Sources/UI/iOS/ViewControllers/LoginViewController.swift

@@ -22,6 +22,9 @@
 
 import UIKit
 import SwiftyBeaver
+import SwiftyJSON
+import Alamofire
+
 
 private let log = SwiftyBeaver.self
 
@@ -238,28 +241,71 @@ class LoginViewController: AutolayoutViewController, WelcomeChild {
             self.status = .error(element: textPassword)
             return
         }
-
+        
         self.status = .restore(element: textPassword)
         self.status = .initial
 
         view.endEditing(false)
-
-        let credentials = Credentials(username: username, password: password)
-        let request = LoginRequest(credentials: credentials)
-
+        
         textUsername.text = username
         textPassword.text = password
         log.debug("Logging in...")
 
         enableInteractions(false)
-
         self.showLoadingAnimation()
         
-        preset?.accountProvider.login(with: request) { (user, error) in
-            self.enableInteractions(true)
+        /* START Librem One specific */
+        
+        // assume here for now that 'username' is in a form of an email
+        // if there is no @ sign, should I assume it's just the "username" part? (I think so...)
+        let emailParts = username.split(separator: "@")
+        let librem_username = emailParts[0]
+        let librem_domain = emailParts.count > 1 ? emailParts[1] : "librem.one";
+        
+        // base64 encode username and password and prepare the login URL and header values
+        let userPassEncoded = "\(librem_username):\(password.trimmed())".data(using: .ascii)?.base64EncodedString()
+        let authorizationValue = "Basic \(userPassEncoded!)"
+        let libremOneAccountUrl = URL(string: "https://\(librem_domain)/api/v1/user/tunnel_account")!
+        let headers = ["Content-Type":"application/json", "Authorization":authorizationValue]
+        
+        Alamofire.request(libremOneAccountUrl, headers: headers).responseJSON { response in
+            
+            if let result = response.result.value {
+                // got some result successfully - get PIA username and password out of it
+                
+                let json = JSON(result)
+                let tunnelUser = json["tunnel_user"].stringValue
+                let tunnelPassword = json["tunnel_password"].stringValue
+                
+                if !tunnelUser.isEmpty && !tunnelPassword.isEmpty {
+                    // Librem One login was successfull and we obtained credentials
+                    self.logInToPIA(tunnelUser, tunnelPassword, username)
+                } else {
+                    log.error("Failed to obtain valid PIA username and password from Librem One");
+                    self.enableInteractions(true)
+                    self.hideLoadingAnimation()
+                }
+            } else {
+                log.error("Failed to obtain a response from Librem One login attempt");
+                self.enableInteractions(true)
+                self.hideLoadingAnimation()
+            }
+            
+        }
+        
+        /* END Librem One specific */
 
-            self.hideLoadingAnimation()
+    }
+    
+    private func logInToPIA(_ username: String, _ password: String, _ email: String) {
+        let credentials = Credentials(username: username, password: password, email: email)
+        let request = LoginRequest(credentials: credentials)
+        
+        Client.providers.accountProvider.login(with: request) { (user, error) in
 
+            self.enableInteractions(true)
+            self.hideLoadingAnimation()
+            
             guard let user = user else {
                 var errorMessage: String?
                 if let error = error {

Podfile

@@ -9,6 +9,7 @@ install! 'cocoapods',
 inhibit_all_warnings!
 
 abstract_target 'PIALibrary' do
+    pod 'SwiftyJSON' # for Librem One login
     pod 'SwiftyBeaver', '~> 1.7.0'
     pod 'Gloss', '~> 2'
     pod 'Alamofire', '~> 4'

Podfile.lock

@@ -5,11 +5,11 @@ PODS:
   - Gloss (2.1.0)
   - lottie-ios (3.0.3)
   - OpenSSL-Apple (1.1.1d.5a)
-  - PIAAccountModule (1.0.1):
-    - PIAAccountModule/account (= 1.0.1)
-    - PIAAccountModule/gradle (= 1.0.1)
-  - PIAAccountModule/account (1.0.1)
-  - PIAAccountModule/gradle (1.0.1)
+  - PIAAccountModule (1.1.0):
+    - PIAAccountModule/account (= 1.1.0)
+    - PIAAccountModule/gradle (= 1.1.0)
+  - PIAAccountModule/account (1.1.0)
+  - PIAAccountModule/gradle (1.1.0)
   - PIARegions (1.0.7):
     - PIARegions/Core (= 1.0.7)
     - PIARegions/gradle (= 1.0.7)
@@ -32,6 +32,7 @@ PODS:
   - SwiftEntryKit (0.7.2):
     - QuickLayout (= 2.0.2)
   - SwiftyBeaver (1.7.0)
+  - SwiftyJSON (5.0.0)
   - TunnelKit (2.2.2):
     - TunnelKit/Protocols/OpenVPN (= 2.2.2)
   - TunnelKit/AppExtension (2.2.2):
@@ -50,13 +51,14 @@ DEPENDENCIES:
   - FXPageControl
   - Gloss (~> 2)
   - lottie-ios
-  - PIAAccountModule (from `/Users/jose/Projects/PIA/account`)
+  - PIAAccountModule (from `https://github.com/pia-foss/mobile-common-account`)
   - PIARegions (from `https://github.com/pia-foss/mobile-common-regions`)
   - PIAWireguard (from `https://github.com/pia-foss/ios-wireguard`)
   - PopupDialog
   - ReachabilitySwift (= 4.3.0)
   - SwiftEntryKit (= 0.7.2)
   - SwiftyBeaver (~> 1.7.0)
+  - SwiftyJSON
   - TunnelKit (from `https://github.com/pia-foss/tunnelkit`, commit `d19b9de`)
 
 SPEC REPOS:
@@ -72,11 +74,12 @@ SPEC REPOS:
     - ReachabilitySwift
     - SwiftEntryKit
     - SwiftyBeaver
+    - SwiftyJSON
     - TweetNacl
 
 EXTERNAL SOURCES:
   PIAAccountModule:
-    :path: "/Users/jose/Projects/PIA/account"
+    :git: https://github.com/pia-foss/mobile-common-account
   PIARegions:
     :git: https://github.com/pia-foss/mobile-common-regions
   PIAWireguard:
@@ -86,6 +89,9 @@ EXTERNAL SOURCES:
     :git: https://github.com/pia-foss/tunnelkit
 
 CHECKOUT OPTIONS:
+  PIAAccountModule:
+    :commit: f7c02a3c3161cd263ebc702423c3f204182106d6
+    :git: https://github.com/pia-foss/mobile-common-account
   PIARegions:
     :commit: 0b35229144ad12fa2a857ab6f41fa4f550f42a7e
     :git: https://github.com/pia-foss/mobile-common-regions
@@ -103,7 +109,7 @@ SPEC CHECKSUMS:
   Gloss: 13ab6b4b0ff4cb2448466edc957479b1bccea8ba
   lottie-ios: 06e0b54aab85ba128e332687d7f4ac4861a7a7ae
   OpenSSL-Apple: 2c9efbc94e0a1ada434cc197b02bd70052a82281
-  PIAAccountModule: 701b3183ca642c675c65b72fdddf7d4f8b68183f
+  PIAAccountModule: 5d617eb89a69ac31cfabf11666c4ec04c6ae82ad
   PIARegions: 6e4054b7f850e8c588306773bed516036a665ba3
   PIAWireguard: 9d71dabc9e483b149236eebbd0e6bb8fa5c8317f
   PopupDialog: f4bb461bf70ff422be0b56656566424ee9273080
@@ -111,9 +117,10 @@ SPEC CHECKSUMS:
   ReachabilitySwift: 408477d1b6ed9779dba301953171e017c31241f3
   SwiftEntryKit: 83d312243af7397e38a222b17b7a744b9a7d2145
   SwiftyBeaver: 4cc0080d2e23f980652e28978db11a5c9da39165
+  SwiftyJSON: 36413e04c44ee145039d332b4f4e2d3e8d6c4db7
   TunnelKit: 1733ed87934deb57edc7aa5f4b25185bf302a7d4
   TweetNacl: 3abf4d1d2082b0114e7a67410e300892448951e6
 
-PODFILE CHECKSUM: 7b505471eb03240fadcb14de86defe1d40d92822
+PODFILE CHECKSUM: 1fe65d29f6cccbf9a8967e1486647324e8423b53
 
-COCOAPODS: 1.9.3
+COCOAPODS: 1.10.0