From 9a5eb57a5399eeed8d2c5259c7b02637dab4e60d Mon Sep 17 00:00:00 2001
From: Austin Huang <im@austinhuang.me>
Date: Sun, 10 Oct 2021 14:20:40 -0400
Subject: [PATCH 1/2] Implement new authorization_code flow

Fix https://github.com/ultranity/Pix-EzViewer/issues/46
Fix https://github.com/ultranity/Pix-EzViewer/issues/47
Fix https://github.com/ultranity/Pix-EzViewer/issues/48
Fix https://github.com/ultranity/Pix-EzViewer/issues/50
---
 .../asdpl/pixivez/activity/LoginActivity.kt   | 262 +++++++-----------
 .../asdpl/pixivez/activity/NewUserActivity.kt | 180 +++++-------
 .../asdpl/pixivez/networks/RestClient.kt      |   2 +-
 .../perol/asdpl/pixivez/objects/PkceUtil.kt   |  31 +++
 .../asdpl/pixivez/objects/ReFreshFunction.kt  |   6 +-
 .../pixivez/services/OAuthSecureService.java  |   2 +-
 app/src/main/res/layout/activity_login.xml    |  72 +----
 app/src/main/res/layout/activity_new_user.xml |  55 ++--
 app/src/main/res/values-en/strings.xml        |   1 +
 app/src/main/res/values/strings.xml           |   1 +
 10 files changed, 243 insertions(+), 369 deletions(-)
 create mode 100644 app/src/main/java/com/perol/asdpl/pixivez/objects/PkceUtil.kt

diff --git a/app/src/main/java/com/perol/asdpl/pixivez/activity/LoginActivity.kt b/app/src/main/java/com/perol/asdpl/pixivez/activity/LoginActivity.kt
index 6ccb5ff6..953e5fa4 100644
--- a/app/src/main/java/com/perol/asdpl/pixivez/activity/LoginActivity.kt
+++ b/app/src/main/java/com/perol/asdpl/pixivez/activity/LoginActivity.kt
@@ -65,8 +65,7 @@ import java.io.IOException
 import java.util.*
 
 class LoginActivity : RinkActivity() {
-    private var username: String? = null
-    private var password: String? = null
+    lateinit var oAuthSecureService: OAuthSecureService
     lateinit var sharedPreferencesServices: SharedPreferencesServices
 
     override fun onCreate(savedInstanceState: Bundle?) {
@@ -85,6 +84,11 @@ class LoginActivity : RinkActivity() {
 
     }
 
+    override fun onResume() {
+        super.onResume()
+        loginBtn.isEnabled = true
+    }
+
     override fun onCreateOptionsMenu(menu: Menu): Boolean {
         menuInflater.inflate(R.menu.menu_login, menu)
         return true
@@ -104,19 +108,13 @@ class LoginActivity : RinkActivity() {
     private fun initBind() {
         sharedPreferencesServices = SharedPreferencesServices.getInstance()
         try {
-
-            if (sharedPreferencesServices.getString("password") != null) {
-                edit_password!!.setText(sharedPreferencesServices.getString("password"))
-                edit_username!!.setText(sharedPreferencesServices.getString("username"))
-            }
             if (!sharedPreferencesServices.getBoolean("firstinfo")) {
                 FirstInfoDialog().show(this.supportFragmentManager, "infodialog")
             }
         } catch (e: Exception) {
 
         }
-        val oAuthSecureService =
-            RestClient.getRetrofitOauthSecure().create(OAuthSecureService::class.java)
+        oAuthSecureService = RestClient.getRetrofitOauthSecure().create(OAuthSecureService::class.java)
         textview_help.setOnClickListener {
             val builder = MaterialAlertDialogBuilder(this)
             val view = layoutInflater.inflate(R.layout.new_dialog_user_help, null)
@@ -137,164 +135,114 @@ class LoginActivity : RinkActivity() {
             builder.create().show()
         }
 
-        edit_username.addTextChangedListener(object : TextWatcher {
-            override fun afterTextChanged(s: Editable?) {
-                // Ignore.
-            }
-
-            override fun beforeTextChanged(s: CharSequence?, start: Int, count: Int, after: Int) {
-                // Ignore.
-            }
-
-            override fun onTextChanged(s: CharSequence?, start: Int, before: Int, count: Int) {
-                accountTextInputLayout.isErrorEnabled = false
-            }
-        })
-        edit_password.addTextChangedListener(object : TextWatcher {
-            override fun afterTextChanged(s: Editable?) {
-                // Ignore.
-            }
-
-            override fun beforeTextChanged(s: CharSequence?, start: Int, count: Int, after: Int) {
-                // Ignore.
-            }
-
-            override fun onTextChanged(s: CharSequence?, start: Int, before: Int, count: Int) {
-                passwordTextInputLayout.isErrorEnabled = false
-            }
-        })
-
         loginBtn!!.setOnClickListener {
-
-            username = edit_username!!.text.toString().trim()
-            password = edit_password!!.text.toString()
-
-            if (username.isNullOrBlank()) accountTextInputLayout.error =
-                getString(R.string.error_blank_account)
-
-            if (password.isNullOrBlank()) passwordTextInputLayout.error =
-                getString(R.string.error_blank_password)
-
-            if (username.isNullOrBlank() || password.isNullOrBlank()) {
-                return@setOnClickListener
-            }
             loginBtn.isEnabled = false
-            sharedPreferencesServices.setString("username", username)
-            sharedPreferencesServices.setString("password", password)
-            val map = HashMap<String, Any>()
-            map["client_id"] = "MOBrBDS8blbauoSck0ZfDbtuzpyT"
-            map["client_secret"] = "lsACyCD94FhDUtGTXi3QzcFE2uU1hqtDaKeqrdwj"
-            map["grant_type"] = "password"
-            map["username"] = username!!
-            map["password"] = password!!
-            map["device_token"] = sharedPreferencesServices.getString("Device_token") ?: "pixiv"
-            map["get_secure_url"] = true
-            map["include_policy"] = true
 
-            oAuthSecureService.postAuthToken(map).subscribeOn(Schedulers.io())
-                .observeOn(AndroidSchedulers.mainThread())
-                .subscribe(object : Observer<PixivOAuthResponse> {
-                    override fun onSubscribe(d: Disposable) {
-                        Toast.makeText(
-                            applicationContext,
-                            getString(R.string.try_to_login),
-                            Toast.LENGTH_SHORT
-                        ).show()
-                    }
+            val intent = Intent(this@LoginActivity, NewUserActivity::class.java)
+            startActivityForResult(intent, 8080)
+        }
+    }
 
-                    override fun onNext(pixivOAuthResponse: PixivOAuthResponse) {
-                        val user = pixivOAuthResponse.response.user
-                        GlobalScope.launch {
-                            AppDataRepository.insertUser(
-                                UserEntity(
-                                    user.profile_image_urls.px_170x170,
-                                    user.id.toLong(),
-                                    user.name,
-                                    user.mail_address,
-                                    user.isIs_premium,
-                                    pixivOAuthResponse.response.device_token,
-                                    pixivOAuthResponse.response.refresh_token,
-                                    "Bearer " + pixivOAuthResponse.response.access_token
-                                )
+    override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
+        super.onActivityResult(requestCode, resultCode, data)
+        if (resultCode != 8080) return
+        val code = data?.getStringExtra("code")
+        val codeVerifier = data?.getStringExtra("codeVerifier")
+        if (code == null || codeVerifier == null) {
+            Toast.makeText(applicationContext, R.string.error_unknown, Toast.LENGTH_LONG).show()
+            return
+        }
+        val map = HashMap<String, Any>()
+        map["client_id"] = "MOBrBDS8blbauoSck0ZfDbtuzpyT"
+        map["client_secret"] = "lsACyCD94FhDUtGTXi3QzcFE2uU1hqtDaKeqrdwj"
+        map["grant_type"] = "authorization_code"
+        map["code"] = code
+        map["code_verifier"] = codeVerifier
+        map["redirect_uri"] = "https://app-api.pixiv.net/web/v1/users/auth/pixiv/callback"
+        map["include_policy"] = true
+
+        oAuthSecureService.postAuthToken(map).subscribeOn(Schedulers.io())
+            .observeOn(AndroidSchedulers.mainThread())
+            .subscribe(object : Observer<PixivOAuthResponse> {
+                override fun onSubscribe(d: Disposable) {
+                    Toast.makeText(
+                        applicationContext,
+                        getString(R.string.try_to_login),
+                        Toast.LENGTH_SHORT
+                    ).show()
+                }
+
+                override fun onNext(pixivOAuthResponse: PixivOAuthResponse) {
+                    val user = pixivOAuthResponse.response.user
+                    GlobalScope.launch {
+                        AppDataRepository.insertUser(
+                            UserEntity(
+                                user.profile_image_urls.px_170x170,
+                                user.id.toLong(),
+                                user.name,
+                                user.mail_address,
+                                user.isIs_premium,
+                                "",
+                                pixivOAuthResponse.response.refresh_token,
+                                "Bearer " + pixivOAuthResponse.response.access_token
                             )
+                        )
 
-                            sharedPreferencesServices.setBoolean("isnone", false)
-                            sharedPreferencesServices.setString("username", username)
-                            sharedPreferencesServices.setString("password", password)
-                            sharedPreferencesServices.setString(
-                                "Device_token",
-                                pixivOAuthResponse.response.device_token
+                        sharedPreferencesServices.setBoolean("isnone", false)
+                        sharedPreferencesServices.setString(
+                            "Device_token",
+                            pixivOAuthResponse.response.device_token
+                        )
+                    }
+                }
+
+                override fun onError(e: Throwable) {
+                    loginBtn.isEnabled = true
+
+                    textview_help.visibility = View.VISIBLE
+                    if (e is HttpException) {
+                        try {
+                            val errorBody = e.response()?.errorBody()?.string()
+                            val gson = Gson()
+                            val errorResponse = gson.fromJson<ErrorResponse>(
+                                errorBody,
+                                ErrorResponse::class.java
                             )
+                            var errMsg = "${e.message}\n${errorResponse.errors.system.message}"
+                            errMsg =
+                                if (errorResponse.has_error && errorResponse.errors.system.message.contains(
+                                        Regex(""".*103:.*""")
+                                    )
+                                ) {
+                                    getString(R.string.error_invalid_account_password)
+                                } else {
+                                    getString(R.string.error_unknown) + "\n" + errMsg
+                                }
+
+                            Toast.makeText(applicationContext, errMsg, Toast.LENGTH_LONG).show()
+                        } catch (e1: IOException) {
+                            Toast.makeText(
+                                applicationContext,
+                                "${e.message}",
+                                Toast.LENGTH_LONG
+                            ).show()
                         }
-                    }
-
-                    override fun onError(e: Throwable) {
-                        loginBtn.isEnabled = true
 
-                        textview_help.visibility = View.VISIBLE
-                        if (e is HttpException) {
-                            try {
-                                val errorBody = e.response()?.errorBody()?.string()
-                                val gson = Gson()
-                                val errorResponse = gson.fromJson<ErrorResponse>(
-                                    errorBody,
-                                    ErrorResponse::class.java
-                                )
-                                var errMsg = "${e.message}\n${errorResponse.errors.system.message}"
-                                errMsg =
-                                    if (errorResponse.has_error && errorResponse.errors.system.message.contains(
-                                            Regex(""".*103:.*""")
-                                        )
-                                    ) {
-                                        getString(R.string.error_invalid_account_password)
-                                    } else {
-                                        getString(R.string.error_unknown) + "\n" + errMsg
-                                    }
-
-                                Toast.makeText(applicationContext, errMsg, Toast.LENGTH_LONG).show()
-                            } catch (e1: IOException) {
-                                Toast.makeText(
-                                    applicationContext,
-                                    "${e.message}",
-                                    Toast.LENGTH_LONG
-                                ).show()
-                            }
-
-                        } else {
-                            Toast.makeText(applicationContext, "${e.message}", Toast.LENGTH_LONG)
-                                .show()
-                        }
+                    } else {
+                        Toast.makeText(applicationContext, "${e.message}", Toast.LENGTH_LONG)
+                            .show()
                     }
-
-                    override fun onComplete() {
-                        Toast.makeText(applicationContext, getString(R.string.login_success), Toast.LENGTH_LONG).show()
-                        val intent = Intent(this@LoginActivity, HelloMActivity::class.java).apply {
-                            // 避免循环添加账号导致相同页面嵌套。或者在添加账号（登录）成功时回到账号列表页面而不是导航至新的主页
-                            flags =
-                                Intent.FLAG_ACTIVITY_CLEAR_TASK or Intent.FLAG_ACTIVITY_NEW_TASK // Or launchMode = "singleTop|singleTask"
-                        }
-                        startActivity(intent)
+                }
+
+                override fun onComplete() {
+                    Toast.makeText(applicationContext, getString(R.string.login_success), Toast.LENGTH_LONG).show()
+                    val intent = Intent(this@LoginActivity, HelloMActivity::class.java).apply {
+                        // 避免循环添加账号导致相同页面嵌套。或者在添加账号（登录）成功时回到账号列表页面而不是导航至新的主页
+                        flags =
+                            Intent.FLAG_ACTIVITY_CLEAR_TASK or Intent.FLAG_ACTIVITY_NEW_TASK // Or launchMode = "singleTop|singleTask"
                     }
-                })
-        }
-/*        println(GoogleApiAvailability.getInstance().isGooglePlayServicesAvailable(this))
-        if(BuildConfig.ISGOOGLEPLAY)
-        if(GoogleApiAvailability.getInstance().isGooglePlayServicesAvailable(this)==ConnectionResult.SERVICE_MISSING){
-            MaterialDialog(this).show {
-                title(text="Google Play service丢失！")
-                message(text = "你使用的是Google play的版本，请确保应用是从Google play安装的，而不是第三方打包（如QQ传应用，APKPURE，应用备份等等），因为这会导致play版本的诸多问题bug\n" +
-                        "如果无法使用play service，请前往项目地址下载适合中国内陆地区更新的全量包版本")
-                negativeButton(android.R.string.cancel)
-                positiveButton(R.string.action_select)
-                lifecycleOwner(this@LoginActivity)
-            }
-        }*/
-    }
-
-    fun showHelp(view: View) {
-//        val intent = Intent(this@LoginActivity, NewUserActivity::class.java)
-//        startActivity(intent)
-        Toasty.info(this, this.resources.getString(R.string.registerclose), Toast.LENGTH_LONG)
-            .show()
+                    startActivity(intent)
+                }
+            })
     }
 }
diff --git a/app/src/main/java/com/perol/asdpl/pixivez/activity/NewUserActivity.kt b/app/src/main/java/com/perol/asdpl/pixivez/activity/NewUserActivity.kt
index 159b83ca..6dff6c4b 100644
--- a/app/src/main/java/com/perol/asdpl/pixivez/activity/NewUserActivity.kt
+++ b/app/src/main/java/com/perol/asdpl/pixivez/activity/NewUserActivity.kt
@@ -1,6 +1,7 @@
 /*
  * MIT License
  *
+ * Copyright (c) 2021 Austin Huang
  * Copyright (c) 2020 ultranity
  * Copyright (c) 2019 Perol_Notsfsssf
  *
@@ -25,135 +26,104 @@
 
 package com.perol.asdpl.pixivez.activity
 
+import android.annotation.SuppressLint
 import android.content.Intent
+import android.graphics.Bitmap
+import android.os.Build
 import android.os.Bundle
+import android.view.LayoutInflater
 import android.view.View
+import android.webkit.*
 import android.widget.Toast
 import com.perol.asdpl.pixivez.R
 import com.perol.asdpl.pixivez.networks.RestClient
 import com.perol.asdpl.pixivez.networks.SharedPreferencesServices
+import com.perol.asdpl.pixivez.objects.PkceUtil
 import com.perol.asdpl.pixivez.responses.PixivAccountsResponse
 import com.perol.asdpl.pixivez.responses.PixivOAuthResponse
 import com.perol.asdpl.pixivez.services.AccountPixivService
 import com.perol.asdpl.pixivez.services.OAuthSecureService
-import io.reactivex.Observer
-import io.reactivex.android.schedulers.AndroidSchedulers
-import io.reactivex.disposables.Disposable
-import io.reactivex.schedulers.Schedulers
 import kotlinx.android.synthetic.main.activity_new_user.*
 import java.util.*
 
 class NewUserActivity : RinkActivity() {
-    private val Authorization = "Bearer l-f9qZ0ZyqSwRyZs8-MymbtWBbSxmCu1pmbOlyisou8"
-    private var accountPixivService: AccountPixivService? = null
-    private var RestClient: RestClient? = null
-    private var sharedPreferencesServices: SharedPreferencesServices? = null
-    private var oAuthSecureService: OAuthSecureService? = null
+    private var webViewUrl: String? = null
+    private var ready = false
+    private var codeVerifier: String? = null
+
+    private val webChromeClient = WebChromeClient()
+    private val webViewClient: WebViewClient = object : WebViewClient() {
+        override fun onPageStarted(view: WebView, url: String, favicon: Bitmap?) {
+        }
+
+        override fun onPageFinished(view: WebView, url: String) {
+            if (url.startsWith("pixiv://account/login")) {
+                val code = url.split("?")[1].split("&").find{ it.startsWith("code=") }
+                if (code == null || code.length < 6) {
+                    Toast.makeText(applicationContext, R.string.error_unknown, Toast.LENGTH_LONG).show()
+                    finish()
+                    return
+                }
+                val intent = Intent()
+                intent.putExtra("code", code.substring(5))
+                intent.putExtra("codeVerifier", codeVerifier)
+                setResult(8080, intent)
+                finish()
+            }
+        }
+    }
 
     override fun onCreate(savedInstanceState: Bundle?) {
         super.onCreate(savedInstanceState)
         setContentView(R.layout.activity_new_user)
-        RestClient = RestClient
-        accountPixivService = RestClient!!.retrofitAccount.create(AccountPixivService::class.java)
-        oAuthSecureService =
-            RestClient!!.getRetrofitOauthSecure().create(OAuthSecureService::class.java)
-        sharedPreferencesServices = SharedPreferencesServices(applicationContext)
-        button_login.setOnClickListener {
-            if (edittext_username.text.toString().isNotBlank()) {
-                accountPixivService!!.createProvisionalAccount(
-                    edittext_username.text.toString(),
-                    "pixiv_android_app_provisional_account",
-                    Authorization
-                ).observeOn(AndroidSchedulers.mainThread()).subscribeOn(Schedulers.io())
-                    .subscribe(object : Observer<PixivAccountsResponse> {
-                        override fun onSubscribe(d: Disposable) {}
-
-                        override fun onNext(pixivAccountsResponse: PixivAccountsResponse) {
-                            sharedPreferencesServices!!.setString(
-                                "Device_token",
-                                pixivAccountsResponse.body.device_token
-                            )
-                            sharedPreferencesServices!!.setString(
-                                "client_id",
-                                "KzEZED7aC0vird8jWyHM38mXjNTY"
-                            )
-                            sharedPreferencesServices!!.setString(
-                                "client_secret",
-                                "W9JZoJe00qPvJsiyCGT3CCtC6ZUtdpKpzMbNlUGP"
-                            )
-                            sharedPreferencesServices!!.setString(
-                                "username",
-                                pixivAccountsResponse.body.user_account
-                            )
-                            sharedPreferencesServices!!.setString(
-                                "password",
-                                pixivAccountsResponse.body.password
-                            )
-                            sharedPreferencesServices!!.setBoolean("isnone", true)
-                        }
+        initWebView()
+    }
 
-                        override fun onError(e: Throwable) {
-                            Toast.makeText(applicationContext, e.message, Toast.LENGTH_LONG).show()
-                        }
+    @SuppressLint("SetJavaScriptEnabled")
+    private fun initWebView() {
+        webView.webChromeClient = webChromeClient
+        webView.webViewClient = webViewClient
+        val webSettings = webView.settings
+        webSettings.userAgentString = "PixivAndroidApp/5.0.234 (Android ${Build.VERSION.RELEASE}; ${Build.MODEL})"
+        webSettings.javaScriptEnabled = true
+        webSettings.domStorageEnabled = true
+        webSettings.setSupportZoom(true)
+        webSettings.builtInZoomControls = true
+        webSettings.displayZoomControls = false
+        webSettings.loadWithOverviewMode = true
+        webSettings.useWideViewPort = true
+        webSettings.mixedContentMode = WebSettings.MIXED_CONTENT_ALWAYS_ALLOW
 
-                        override fun onComplete() {
-                            val map = HashMap<String, Any>()
-                            map["client_id"] = "KzEZED7aC0vird8jWyHM38mXjNTY"
-                            map["client_secret"] = "W9JZoJe00qPvJsiyCGT3CCtC6ZUtdpKpzMbNlUGP"
-                            map["grant_type"] = "password"
-                            map["username"] = sharedPreferencesServices!!.getString("username")
-                            map["password"] = sharedPreferencesServices!!.getString("password")
-                            map["device_token"] =
-                                sharedPreferencesServices!!.getString("Device_token")
-                            oAuthSecureService!!.postAuthToken(map).subscribeOn(Schedulers.io())
-                                .observeOn(AndroidSchedulers.mainThread())
-                                .subscribe(object : Observer<PixivOAuthResponse> {
-                                    override fun onSubscribe(d: Disposable) {
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP_MR1) {
+            CookieManager.getInstance().removeAllCookies(null)
+            CookieManager.getInstance().flush()
+        } else {
+            val cookieSyncMngr = CookieSyncManager.createInstance(applicationContext)
+            cookieSyncMngr.startSync()
+            val cookieManager = CookieManager.getInstance()
+            cookieManager.removeAllCookie()
+            cookieManager.removeSessionCookie()
+            cookieSyncMngr.stopSync()
+            cookieSyncMngr.sync()
+        }
 
-                                    }
+        codeVerifier = PkceUtil.generateCodeVerifier()
+        val codeChallenge = PkceUtil.generateCodeChallenge(codeVerifier!!)
+        webView.loadUrl("https://app-api.pixiv.net/web/v1/login?code_challenge_method=S256&client=pixiv-android&code_challenge=" + codeChallenge)
+    }
 
-                                    override fun onNext(pixivOAuthResponse: PixivOAuthResponse) {
-                                        sharedPreferencesServices!!.setString(
-                                            "Device_token",
-                                            pixivOAuthResponse.response.device_token
-                                        )
-                                        sharedPreferencesServices!!.setString(
-                                            "Refresh_token",
-                                            pixivOAuthResponse.response.refresh_token
-                                        )
-                                        sharedPreferencesServices!!.setString(
-                                            "Authorization",
-                                            "Bearer " + pixivOAuthResponse.response.access_token
-                                        )
-                                        sharedPreferencesServices!!.setString(
-                                            "userid",
-                                            pixivOAuthResponse.response.user.id.toString()
-                                        )
-                                    }
+    override fun onPause() {
+        webView.onPause()
+        super.onPause()
+    }
 
-                                    override fun onError(e: Throwable) {
-                                        Toast.makeText(
-                                            applicationContext,
-                                            e.message,
-                                            Toast.LENGTH_LONG
-                                        ).show()
-                                    }
+    override fun onResume() {
+        super.onResume()
+        webView.onResume()
+    }
 
-                                    override fun onComplete() {
-                                        Toast.makeText(
-                                            applicationContext,
-                                            getString(R.string.login_success),
-                                            Toast.LENGTH_LONG
-                                        ).show()
-                                        val intent =
-                                            Intent(applicationContext, HelloMActivity::class.java)
-                                        startActivity(intent)
-                                        finish()
-                                    }
-                                })
-                        }
-                    })
-            }
-        }
+    override fun onDestroy() {
+        webView.destroy()
+        super.onDestroy()
     }
 }
diff --git a/app/src/main/java/com/perol/asdpl/pixivez/networks/RestClient.kt b/app/src/main/java/com/perol/asdpl/pixivez/networks/RestClient.kt
index b054f46d..dd2e2e43 100644
--- a/app/src/main/java/com/perol/asdpl/pixivez/networks/RestClient.kt
+++ b/app/src/main/java/com/perol/asdpl/pixivez/networks/RestClient.kt
@@ -68,7 +68,7 @@ object RestClient {
                     .header("Accept-Language", "${local.language}_${local.country}")
                     .header(
                         "User-Agent",
-                        "PixivAndroidApp/5.0.155 (Android ${android.os.Build.VERSION.RELEASE}; ${android.os.Build.MODEL})"
+                        "PixivAndroidApp/5.0.234 (Android ${android.os.Build.VERSION.RELEASE}; ${android.os.Build.MODEL})"
                     )
                 val request = requestBuilder.build()
                 return chain.proceed(request)
diff --git a/app/src/main/java/com/perol/asdpl/pixivez/objects/PkceUtil.kt b/app/src/main/java/com/perol/asdpl/pixivez/objects/PkceUtil.kt
new file mode 100644
index 00000000..0cde8c77
--- /dev/null
+++ b/app/src/main/java/com/perol/asdpl/pixivez/objects/PkceUtil.kt
@@ -0,0 +1,31 @@
+// Copied from https://github.com/CeuiLiSA/Pixiv-Shaft/blob/77e0cb739cf502b7453000ff5738b79697ca9666/app/src/main/java/ceui/lisa/feature/PkceUtil.java (MIT)
+// Converted to Kotlin
+
+package com.perol.asdpl.pixivez.objects
+
+import android.util.Base64
+import java.io.UnsupportedEncodingException
+import java.nio.charset.StandardCharsets
+import java.security.MessageDigest
+import java.security.NoSuchAlgorithmException
+import java.security.SecureRandom
+
+object PkceUtil {
+    fun generateCodeVerifier(): String {
+        val secureRandom = SecureRandom()
+        val codeVerifier = ByteArray(32)
+        secureRandom.nextBytes(codeVerifier)
+        return Base64.encodeToString(
+            codeVerifier,
+            Base64.URL_SAFE or Base64.NO_WRAP or Base64.NO_PADDING
+        )
+    }
+
+    fun generateCodeChallenge(codeVerifier: String): String {
+        val bytes = codeVerifier.toByteArray(StandardCharsets.US_ASCII)
+        val messageDigest = MessageDigest.getInstance("SHA-256")
+        messageDigest.update(bytes, 0, bytes.size)
+        val digest = messageDigest.digest()
+        return Base64.encodeToString(digest, Base64.URL_SAFE or Base64.NO_WRAP or Base64.NO_PADDING)
+    }
+}
\ No newline at end of file
diff --git a/app/src/main/java/com/perol/asdpl/pixivez/objects/ReFreshFunction.kt b/app/src/main/java/com/perol/asdpl/pixivez/objects/ReFreshFunction.kt
index 8f1cc7a1..4895077f 100644
--- a/app/src/main/java/com/perol/asdpl/pixivez/objects/ReFreshFunction.kt
+++ b/app/src/main/java/com/perol/asdpl/pixivez/objects/ReFreshFunction.kt
@@ -149,10 +149,8 @@ class ReFreshFunction : Function<Observable<Throwable>, ObservableSource<*>> {
                 Toast.LENGTH_SHORT
             ).show()
         Log.d("init","reFreshToken")
-        SharedPreferencesServices.getInstance().setString("Device_token", it.Device_token)
         return oAuthSecureService!!.postRefreshAuthToken(
-            client_id, client_secret, "refresh_token", it.Refresh_token,
-            it.Device_token, true
+            client_id, client_secret, "refresh_token", it.Refresh_token, true
         ).subscribeOn(Schedulers.io()).observeOn(AndroidSchedulers.mainThread())
             .doOnNext { pixivOAuthResponse ->
                     val user = pixivOAuthResponse.response.user
@@ -164,7 +162,7 @@ class ReFreshFunction : Function<Observable<Throwable>, ObservableSource<*>> {
                         user.name,
                         user.mail_address,
                         user.isIs_premium,
-                        pixivOAuthResponse.response.device_token,
+                        "",
                         pixivOAuthResponse.response.refresh_token,
                         "Bearer " + pixivOAuthResponse.response.access_token
                     )
diff --git a/app/src/main/java/com/perol/asdpl/pixivez/services/OAuthSecureService.java b/app/src/main/java/com/perol/asdpl/pixivez/services/OAuthSecureService.java
index 84f36462..07e395ec 100644
--- a/app/src/main/java/com/perol/asdpl/pixivez/services/OAuthSecureService.java
+++ b/app/src/main/java/com/perol/asdpl/pixivez/services/OAuthSecureService.java
@@ -52,5 +52,5 @@ public interface OAuthSecureService {
 
     @FormUrlEncoded
     @POST("/auth/token")
-    Observable<PixivOAuthResponse> postRefreshAuthToken(@Field("client_id") String paramString1, @Field("client_secret") String paramString2, @Field("grant_type") String paramString3, @Field("refresh_token") String paramString4, @Field("device_token") String paramString5, @Field("get_secure_url") boolean paramBoolean);
+    Observable<PixivOAuthResponse> postRefreshAuthToken(@Field("client_id") String paramString1, @Field("client_secret") String paramString2, @Field("grant_type") String paramString3, @Field("refresh_token") String paramString4, @Field("get_secure_url") boolean paramBoolean);
 }
diff --git a/app/src/main/res/layout/activity_login.xml b/app/src/main/res/layout/activity_login.xml
index 3cfd9473..393d6efc 100644
--- a/app/src/main/res/layout/activity_login.xml
+++ b/app/src/main/res/layout/activity_login.xml
@@ -25,79 +25,30 @@
         android:text="PxEz"
         android:textColor="?attr/colorPrimaryDark"
         android:textSize="80sp"
-        app:layout_constraintBottom_toTopOf="@id/accountTextInputLayout"
+        app:layout_constraintBottom_toTopOf="@id/loginBtn"
         app:layout_constraintEnd_toEndOf="parent"
         app:layout_constraintStart_toStartOf="parent"
         app:layout_constraintTop_toTopOf="parent"
         app:layout_constraintVertical_bias="0.382"
         app:layout_constraintVertical_chainStyle="packed" />
 
-    <com.google.android.material.textfield.TextInputLayout
-        android:id="@+id/accountTextInputLayout"
-        style="@style/Widget.MaterialComponents.TextInputLayout.FilledBox.Dense"
-        android:layout_width="0dp"
-        android:layout_height="wrap_content"
-        android:layout_marginStart="16dp"
-        android:layout_marginTop="8dp"
-        android:layout_marginEnd="16dp"
-        app:endIconMode="clear_text"
-        app:helperText="@string/account_helper"
-        app:layout_constraintBottom_toTopOf="@id/passwordTextInputLayout"
-        app:layout_constraintEnd_toEndOf="parent"
-        app:layout_constraintStart_toStartOf="parent"
-        app:layout_constraintTop_toBottomOf="@id/textView1">
-
-        <com.google.android.material.textfield.TextInputEditText
-            android:id="@+id/edit_username"
-            android:layout_width="match_parent"
-            android:layout_height="wrap_content"
-            android:hint="@string/account"
-            android:imeOptions="actionNext"
-            android:inputType="text"
-            android:maxLines="1"
-            android:textSize="16sp" />
-
-    </com.google.android.material.textfield.TextInputLayout>
-
-    <com.google.android.material.textfield.TextInputLayout
-        android:id="@+id/passwordTextInputLayout"
-        style="@style/Widget.MaterialComponents.TextInputLayout.FilledBox.Dense"
-        android:layout_width="0dp"
-        android:layout_height="wrap_content"
-        android:layout_marginTop="8dp"
-        app:layout_constraintBottom_toTopOf="@id/loginBtn"
-        app:layout_constraintEnd_toEndOf="@id/accountTextInputLayout"
-        app:layout_constraintStart_toStartOf="@id/accountTextInputLayout"
-        app:layout_constraintTop_toBottomOf="@id/accountTextInputLayout"
-        app:passwordToggleEnabled="true">
-
-        <com.google.android.material.textfield.TextInputEditText
-            android:id="@+id/edit_password"
-            android:layout_width="match_parent"
-            android:layout_height="wrap_content"
-            android:hint="@string/password"
-            android:imeOptions="actionDone"
-            android:inputType="textPassword"
-            android:maxLines="1"
-            android:textSize="16sp" />
-
-    </com.google.android.material.textfield.TextInputLayout>
-
     <com.google.android.material.button.MaterialButton
         android:id="@+id/loginBtn"
         style="@style/Widget.MaterialComponents.Button.UnelevatedButton"
         android:layout_width="0dp"
         android:layout_height="wrap_content"
+        android:layout_marginStart="16dp"
         android:layout_marginTop="8dp"
+        android:layout_marginEnd="16dp"
         android:background="?attr/colorPrimary"
         android:text="@string/login"
         android:textSize="18sp"
         app:icon="@drawable/ic_done_black_24dp"
         app:iconGravity="textStart"
         app:layout_constraintBottom_toTopOf="@id/textview_help"
-        app:layout_constraintEnd_toEndOf="@id/passwordTextInputLayout"
-        app:layout_constraintStart_toStartOf="@id/passwordTextInputLayout"
-        app:layout_constraintTop_toBottomOf="@id/passwordTextInputLayout" />
+        app:layout_constraintEnd_toEndOf="parent"
+        app:layout_constraintStart_toStartOf="parent"
+        app:layout_constraintTop_toBottomOf="@id/textView1" />
 
     <com.google.android.material.button.MaterialButton
         android:id="@+id/textview_help"
@@ -115,15 +66,4 @@
         app:layout_constraintTop_toBottomOf="@id/loginBtn"
         tools:visibility="visible" />
 
-    <TextView
-        android:id="@+id/textView2"
-        android:layout_width="wrap_content"
-        android:layout_height="wrap_content"
-        android:layout_marginTop="8dp"
-        android:onClick="showHelp"
-        android:text="@string/donthaveaccount"
-        android:textColor="?attr/colorPrimary"
-        app:layout_constraintEnd_toEndOf="@id/loginBtn"
-        app:layout_constraintTop_toBottomOf="@id/textview_help" />
-
 </androidx.constraintlayout.widget.ConstraintLayout>
diff --git a/app/src/main/res/layout/activity_new_user.xml b/app/src/main/res/layout/activity_new_user.xml
index 4e038951..ca65b22a 100644
--- a/app/src/main/res/layout/activity_new_user.xml
+++ b/app/src/main/res/layout/activity_new_user.xml
@@ -1,44 +1,29 @@
 <?xml version="1.0" encoding="utf-8"?>
-<androidx.constraintlayout.widget.ConstraintLayout xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:app="http://schemas.android.com/apk/res-auto"
+<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
     xmlns:tools="http://schemas.android.com/tools"
     android:layout_width="match_parent"
     android:layout_height="match_parent"
     android:orientation="vertical"
     tools:context="com.perol.asdpl.pixivez.activity.NewUserActivity">
 
-    <EditText
-        android:id="@+id/edittext_username"
-        android:layout_width="0dp"
-        android:layout_height="50dp"
-        android:layout_marginEnd="8dp"
-        android:layout_marginStart="8dp"
-        android:layout_marginTop="150dp"
-        android:hint="@string/username"
-        app:layout_constraintEnd_toEndOf="parent"
-        app:layout_constraintStart_toStartOf="parent"
-        app:layout_constraintTop_toTopOf="parent"
-        android:inputType="text" />
+    <WebView
+        android:id="@+id/webView"
+        android:layout_width="match_parent"
+        android:layout_height="0dp"
+        android:layout_weight="1" />
 
-    <Button
-        android:background="@color/colorPrimary"
-        android:id="@+id/button_login"
-        android:layout_width="0dp"
-        android:layout_height="50dp"
-style="@style/Base.TextAppearance.AppCompat.Widget.Button.Colored"
-        android:layout_marginEnd="8dp"
-        android:layout_marginStart="8dp"
-        android:layout_marginTop="8dp"
-        android:text="@string/account_create_button"
-        app:layout_constraintEnd_toEndOf="parent"
-        app:layout_constraintStart_toStartOf="parent"
-        app:layout_constraintTop_toBottomOf="@+id/edittext_username" />
-
-    <TextView
-        android:layout_width="wrap_content"
+    <androidx.appcompat.widget.LinearLayoutCompat
+        style="@style/Widget.AppCompat.ButtonBar"
+        android:layout_width="match_parent"
         android:layout_height="wrap_content"
-        android:layout_marginEnd="8dp"
-        android:text="@string/account_create_recommed"
-        app:layout_constraintEnd_toEndOf="parent"
-        app:layout_constraintTop_toBottomOf="@+id/button_login" />
-</androidx.constraintlayout.widget.ConstraintLayout>
+        android:orientation="horizontal">
+
+        <TextView
+            android:id="@+id/cookies"
+            style="@style/Widget.AppCompat.Button.ButtonBar.AlertDialog"
+            android:layout_width="0dp"
+            android:layout_height="wrap_content"
+            android:layout_weight="1"
+            android:text="@string/webview_login" />
+    </androidx.appcompat.widget.LinearLayoutCompat>
+</LinearLayout>
diff --git a/app/src/main/res/values-en/strings.xml b/app/src/main/res/values-en/strings.xml
index e1c58d05..2d62bed8 100644
--- a/app/src/main/res/values-en/strings.xml
+++ b/app/src/main/res/values-en/strings.xml
@@ -260,4 +260,5 @@
 	<string name="set_mirror">Click to set the mirror website</string>
 	<string name="login_expired">Login expired, please login again</string>
 	<string name="token_expired">Token expired, please wait for refreshing</string>
+	<string name="webview_login">Please use the browser above to login</string>
 </resources>
\ No newline at end of file
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index c54db837..978f9532 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -307,4 +307,5 @@
     <string name="set_mirror">点击可设置镜像站</string>
     <string name="login_expired">登录过期，请重新登录</string>
     <string name="token_expired">身份信息过期，请等待刷新</string>
+    <string name="webview_login">请使用上方浏览器登录</string>
 </resources>

From af194511b325821c5f41fc6f4939567e19f1024d Mon Sep 17 00:00:00 2001
From: Austin Huang <im@austinhuang.me>
Date: Sun, 10 Oct 2021 14:28:34 -0400
Subject: [PATCH 2/2] Remove mentions of device_token

---
 .../asdpl/pixivez/activity/LoginActivity.kt      |  4 ----
 .../pixivez/responses/PixivOAuthResponse.java    | 16 ++++++++--------
 2 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/app/src/main/java/com/perol/asdpl/pixivez/activity/LoginActivity.kt b/app/src/main/java/com/perol/asdpl/pixivez/activity/LoginActivity.kt
index 953e5fa4..181db3de 100644
--- a/app/src/main/java/com/perol/asdpl/pixivez/activity/LoginActivity.kt
+++ b/app/src/main/java/com/perol/asdpl/pixivez/activity/LoginActivity.kt
@@ -189,10 +189,6 @@ class LoginActivity : RinkActivity() {
                         )
 
                         sharedPreferencesServices.setBoolean("isnone", false)
-                        sharedPreferencesServices.setString(
-                            "Device_token",
-                            pixivOAuthResponse.response.device_token
-                        )
                     }
                 }
 
diff --git a/app/src/main/java/com/perol/asdpl/pixivez/responses/PixivOAuthResponse.java b/app/src/main/java/com/perol/asdpl/pixivez/responses/PixivOAuthResponse.java
index df7ae015..f0aa9ced 100644
--- a/app/src/main/java/com/perol/asdpl/pixivez/responses/PixivOAuthResponse.java
+++ b/app/src/main/java/com/perol/asdpl/pixivez/responses/PixivOAuthResponse.java
@@ -49,7 +49,7 @@ public static class ResponseBean {
          * scope :
          * refresh_token : YeysYu5dgbu0tV1yckzLhJmUCMOyDmqTeriZfFh-UTw
          * user : {"profile_image_urls":{"px_16x16":"https://i.pximg.net/user-profile/img/2018/06/11/22/00/29/14348260_c1f2b130248005062b7c6c358812160a_16.jpg","px_50x50":"https://i.pximg.net/user-profile/img/2018/06/11/22/00/29/14348260_c1f2b130248005062b7c6c358812160a_50.jpg","px_170x170":"https://i.pximg.net/user-profile/img/2018/06/11/22/00/29/14348260_c1f2b130248005062b7c6c358812160a_170.jpg"},"id":"14713395","name":"Notsfsssf","account":"912756674","mail_address":"912756674@qq.com","is_premium":false,"x_restrict":2,"is_mail_authorized":true}
-         * device_token : eb3adb884046935fe8952c977b949209
+         * device_token : DEPRECATED
          */
 
         private String access_token;
@@ -108,13 +108,13 @@ public void setUser(UserBean user) {
             this.user = user;
         }
 
-        public String getDevice_token() {
-            return device_token;
-        }
-
-        public void setDevice_token(String device_token) {
-            this.device_token = device_token;
-        }
+//        public String getDevice_token() {
+//            return device_token;
+//        }
+//
+//        public void setDevice_token(String device_token) {
+//            this.device_token = device_token;
+//        }
 
         public static class UserBean {
             /**