wireapp · MohamadJaara · Aug 28, 2023 · Aug 21, 2023 · Aug 21, 2023 · Aug 22, 2023
diff --git a/app/src/main/kotlin/com/wire/android/di/KaliumConfigsModule.kt b/app/src/main/kotlin/com/wire/android/di/KaliumConfigsModule.kt
@@ -49,14 +49,8 @@ class KaliumConfigsModule {
         }
 
         return KaliumConfigs(
-            isChangeEmailEnabled = BuildConfig.ALLOW_CHANGE_OF_EMAIL,
-            isLoggingEnabled = BuildConfig.LOGGING_ENABLED,
-            blacklistHost = BuildConfig.DEFAULT_BACKEND_URL_BLACKLIST,
             fileRestrictionState = fileRestriction,
             forceConstantBitrateCalls = BuildConfig.FORCE_CONSTANT_BITRATE_CALLS,
-            developerFeaturesEnabled = BuildConfig.DEVELOPER_FEATURES_ENABLED,
-            enableBlacklist = BuildConfig.ENABLE_BLACKLIST,
-            maxAccount = BuildConfig.MAX_ACCOUNTS,
             // we use upsert, available from SQL3.24, which is supported from Android API30, so for older APIs we have to use SQLCipher
             shouldEncryptData = !BuildConfig.DEBUG || Build.VERSION.SDK_INT < Build.VERSION_CODES.R,
             lowerKeyPackageLimits = BuildConfig.PRIVATE_BUILD,
@@ -69,7 +63,8 @@ class KaliumConfigsModule {
             wipeOnCookieInvalid = BuildConfig.WIPE_ON_COOKIE_INVALID,
             wipeOnDeviceRemoval = BuildConfig.WIPE_ON_DEVICE_REMOVAL,
             wipeOnRootedDevice = BuildConfig.WIPE_ON_ROOTED_DEVICE,
-            isWebSocketEnabledByDefault = isWebsocketEnabledByDefault(context)
+            isWebSocketEnabledByDefault = isWebsocketEnabledByDefault(context),
+            certPinningConfig = BuildConfig.CERTIFICATE_PINNING_CONFIG
         )
     }
 }
diff --git a/app/src/main/kotlin/com/wire/android/ui/userprofile/self/SelfUserProfileViewModel.kt b/app/src/main/kotlin/com/wire/android/ui/userprofile/self/SelfUserProfileViewModel.kt
@@ -25,6 +25,7 @@ import androidx.compose.runtime.mutableStateOf
 import androidx.compose.runtime.setValue
 import androidx.lifecycle.ViewModel
 import androidx.lifecycle.viewModelScope
+import com.wire.android.BuildConfig
 import com.wire.android.appLogger
 import com.wire.android.datastore.UserDataStore
 import com.wire.android.di.AuthServerConfigProvider
@@ -56,7 +57,6 @@ import com.wire.kalium.logic.feature.user.IsReadOnlyAccountUseCase
 import com.wire.kalium.logic.feature.user.ObserveValidAccountsUseCase
 import com.wire.kalium.logic.feature.user.SelfServerConfigUseCase
 import com.wire.kalium.logic.feature.user.UpdateSelfAvailabilityStatusUseCase
-import com.wire.kalium.logic.featureFlags.KaliumConfigs
 import dagger.hilt.android.lifecycle.HiltViewModel
 import kotlinx.coroutines.flow.SharingStarted
 import kotlinx.coroutines.flow.StateFlow
@@ -85,7 +85,6 @@ class SelfUserProfileViewModel @Inject constructor(
     private val wireSessionImageLoader: WireSessionImageLoader,
     private val authServerConfigProvider: AuthServerConfigProvider,
     private val selfServerLinks: SelfServerConfigUseCase,
-    private val kaliumConfigs: KaliumConfigs,
     private val otherAccountMapper: OtherAccountMapper,
     private val observeEstablishedCalls: ObserveEstablishedCallsUseCase,
     private val accountSwitch: AccountSwitchUseCase,
@@ -228,7 +227,7 @@ class SelfUserProfileViewModel @Inject constructor(
     fun tryToInitAddingAccount(onSucceeded: () -> Unit) {
         viewModelScope.launch {
             // the total number of accounts is otherAccounts + 1 for the current account
-            val canAddNewAccounts: Boolean = (userProfileState.otherAccounts.size + 1) < kaliumConfigs.maxAccount
+            val canAddNewAccounts: Boolean = (userProfileState.otherAccounts.size + 1) < BuildConfig.MAX_ACCOUNTS
 
             if (!canAddNewAccounts) {
                 userProfileState = userProfileState.copy(maxAccountsReached = true)

diff --git a/buildSrc/src/main/kotlin/customization/FeatureConfigs.kt b/buildSrc/src/main/kotlin/customization/FeatureConfigs.kt
@@ -22,6 +22,7 @@ enum class ConfigType(val type: String) {
     STRING("String"),
     BOOLEAN("Boolean"),
     INT("int"),
+    MapOfStringToListOfStrings("java.util.HashMap<String, java.util.List<String>>")
 }
 
 enum class FeatureConfigs(val value: String, val configType: ConfigType) {
@@ -88,6 +89,7 @@ enum class FeatureConfigs(val value: String, val configType: ConfigType) {
     DEFAULT_BACKEND_URL_BLACKLIST("default_backend_url_blacklist", ConfigType.STRING),
     DEFAULT_BACKEND_URL_WEBSITE("default_backend_url_website", ConfigType.STRING),
     DEFAULT_BACKEND_TITLE("default_backend_title", ConfigType.STRING),
-    // TODO: Add support for default proxy configs
 
+    CERTIFICATE_PINNING_CONFIG("cert_pinning_config", ConfigType.MapOfStringToListOfStrings),
+    // TODO: Add support for default proxy configs
 }
diff --git a/buildSrc/src/main/kotlin/scripts/variants.gradle.kts b/buildSrc/src/main/kotlin/scripts/variants.gradle.kts
@@ -23,7 +23,6 @@ package scripts
 import com.android.build.api.dsl.ApplicationProductFlavor
 import com.android.build.api.dsl.ProductFlavor
 import customization.ConfigType
-import customization.Customization
 import customization.Customization.getBuildtimeConfiguration
 import customization.FeatureConfigs
 import customization.FeatureFlags
@@ -185,14 +184,30 @@ android {
                     )
                 }
 
-                ConfigType.INT, ConfigType.BOOLEAN -> {
+                ConfigType.INT,
+                ConfigType.BOOLEAN -> {
                     buildNonStringConfig(
                         flavor,
                         configs.configType.type,
                         configs.name,
                         flavorMap[flavor.name]?.get(configs.value).toString()
                     )
                 }
+
+                ConfigType.MapOfStringToListOfStrings -> {
+                    val map = flavorMap[flavor.name]?.get(configs.value) as? Map<*, *>
+                    val mapString = map?.map { (key, value) ->
+                        "\"$key\", java.util.Arrays.asList(${(value as? List<*>)?.joinToString { "\"$it\"" } ?: ""})".let {
+                            "put($it);"
+                        }
+                    }?.joinToString(",\n") ?: ""
+                    buildNonStringConfig(
+                        flavor,
+                        configs.configType.type,
+                        configs.name,
+                        "new java.util.HashMap<String, java.util.List<String>>() {{\n$mapString\n}}"
+                    )
+                }
             }
         }
     }

diff --git a/default.json b/default.json
@@ -6,7 +6,15 @@
             "logging_enabled": false,
             "application_is_private_build": false,
             "development_api_enabled": false,
-            "mls_support_enabled": false
+            "mls_support_enabled": false,
+            "cert_pinning_config": {
+                "sha256/fnBeCwh0imI9t46Onid49IwvsB5vcf7RCvafRRdCyRE=": [
+                    "**.prod-nginz-https.wire.com",
+                    "**.prod-nginz-ssl.wire.com",
+                    "**.prod-assets.wire.com",
+                    "clientblacklist.wire.com"
+                ]
+            }
         },
         "dev": {
             "application_id": "com.waz.zclient.dev",
@@ -65,40 +73,35 @@
     },
     "application_name": "Wire",
     "allow_sso_authentication_option": true,
-
     "url_support": "https://support.wire.com",
-    "allow_account_creation" : true,
+    "allow_account_creation": true,
     "max_accounts": 3,
     "enable_blacklist": true,
     "allow_email_change": true,
     "enable_guest_room_link": true,
     "file_restriction_enabled": false,
     "file_restriction_list": "3gpp, aac, amr, avi, bmp, css, csv, dib, doc, docx, eml, flac, gif, html, ico, jfif, jpeg, jpg, jpg-large, key, m4a, m4v, md, midi, mkv, mov, mp3, mp4, mpeg, mpeg3, mpg, msg, ods, odt, ogg, pdf, pjp, pjpeg, png, pps, ppt, pptx, psd, pst, rtf, sql, svg, tex, tiff, txt, vcf, vid, wav, webm, webp, wmv, xls, xlsx, xml",
     "force_constant_bitrate_calls": false,
-
     "mls_support_enabled": true,
     "encrypt_proteus_storage": false,
     "self_deleting_messages": true,
     "wipe_on_cookie_invalid": false,
     "wipe_on_device_removal": false,
     "wipe_on_rooted_device": false,
     "websocket_enabled_by_default": false,
-
     "firebase_push_sender_id": "782078216207",
     "firebase_app_id": "1:782078216207:android:d3db2443512d2055",
     "google_api_key": "AIzaSyBXtNKuX6GCKv2jDtsFImUaxCRL21DTLEQ",
     "fcm_project_id": "w966768976",
-
     "report_bug_menu_item_enabled": true,
     "debug_screen_enabled": true,
-
     "update_app_url": "https://wire.com/en/download/",
-
     "default_backend_url_base_api": "https://prod-nginz-https.wire.com",
     "default_backend_url_accounts": "https://account.wire.com",
     "default_backend_url_base_websocket": "https://prod-nginz-ssl.wire.com",
     "default_backend_url_teams": "https://teams.wire.com",
     "default_backend_url_blacklist": "https://clientblacklist.wire.com/prod",
     "default_backend_url_website": "https://wire.com",
-    "default_backend_title": "wire-production"
+    "default_backend_title": "wire-production",
+    "cert_pinning_config": {}
 }
diff --git a/kalium b/kalium
+7 −1		logic/src/commonMain/kotlin/com/wire/kalium/logic/CoreLogic.kt
+4 −2		logic/src/commonMain/kotlin/com/wire/kalium/logic/GlobalKaliumScope.kt
+4 −2		logic/src/commonMain/kotlin/com/wire/kalium/logic/feature/UserSessionScope.kt
+10 −2		logic/src/commonMain/kotlin/com/wire/kalium/logic/feature/appVersioning/ObserveIfAppUpdateRequiredUseCase.kt
+8 −3		logic/src/commonMain/kotlin/com/wire/kalium/logic/feature/auth/AuthenticationScope.kt
+2 −7		logic/src/commonMain/kotlin/com/wire/kalium/logic/featureFlags/KaliumConfigs.kt
+1 −1		logic/src/commonTest/kotlin/com/wire/kalium/logic/feature/call/usecase/StartCallUseCaseTest.kt
+0 −1		logic/src/commonTest/kotlin/com/wire/kalium/logic/feature/message/PendingProposalSchedulerTest.kt
+16 −1		network/src/appleMain/kotlin/com/wire/kalium/network/defaultHttpEngine.kt
+15 −1		network/src/commonJvmAndroid/kotlin/com/wire/kalium/network/HttpEngine.kt
+3 −1		network/src/commonMain/kotlin/com/wire/kalium/network/HttpEngine.kt
+7 −1		...ain/kotlin/com/wire/kalium/network/api/v0/authenticated/networkContainer/AuthenticatedNetworkContainerV0.kt
+7 −2		...kotlin/com/wire/kalium/network/api/v0/unauthenticated/networkContainer/UnauthenticatedNetworkContainerV0.kt
+6 −1		...ain/kotlin/com/wire/kalium/network/api/v2/authenticated/networkContainer/AuthenticatedNetworkContainerV2.kt
+7 −2		...kotlin/com/wire/kalium/network/api/v2/unauthenticated/networkContainer/UnauthenticatedNetworkContainerV2.kt
+7 −1		...ain/kotlin/com/wire/kalium/network/api/v3/authenticated/networkContainer/AuthenticatedNetworkContainerV3.kt
+7 −2		...kotlin/com/wire/kalium/network/api/v3/unauthenticated/networkContainer/UnauthenticatedNetworkContainerV3.kt
+5 −2		...ain/kotlin/com/wire/kalium/network/api/v4/authenticated/networkContainer/AuthenticatedNetworkContainerV4.kt
+7 −2		...kotlin/com/wire/kalium/network/api/v4/unauthenticated/networkContainer/UnauthenticatedNetworkContainerV4.kt
+14 −7		network/src/commonMain/kotlin/com/wire/kalium/network/networkContainer/AuthenticatedNetworkContainer.kt
+14 −9		network/src/commonMain/kotlin/com/wire/kalium/network/networkContainer/UnauthenticatedNetworkContainer.kt
+9 −7		network/src/commonMain/kotlin/com/wire/kalium/network/networkContainer/UnboundNetworkContainer.kt
+5 −0		network/src/commonMain/kotlin/com/wire/kalium/network/session/SessionManager.kt
+9 −4		network/src/commonTest/kotlin/com/wire/kalium/api/ApiTest.kt
+3 −1		testservice/src/main/kotlin/com/wire/kalium/testservice/managed/InstanceService.kt