E2E: do not modifiy userid

[tobiasKaminsky]

Fix #2173
Fix #2134

As we now have a call to get the uid, we shall not split the string, as usernames such as are valid: tobi@nc

Signed-off-by: tobiasKaminsky tobias@kaminsky.me

[AndyScherzinger]

but wouldn't you now be using tobi@nc@yourawesomeserver.com?

[tobiasKaminsky]

No, we fetch the userid, which never has server included, e.g:
userid: tobi@nc
name: tobias kaminsky
email: tobias@nc.server.com

Now with userid fetching, it does not matter with what you authenticate (userid, name, email), the CSR will always use userid (tobi@nc).

Previously, we took simply the "id" with which we authenticated (on account setup).
So if you back then used "tobi@nc" it was fine, as loginid matches the userid.
But if you used your email address, it would not have worked.

[AndyScherzinger]

👍 alright! I did think the userId is actually username@server which is why we usually do the @-split.

[mario]

Sure, but how do we migrate existing users?

[tobiasKaminsky]

We do not have to: CSR is only signed by server if common name in CSR matches the userid.
Therefore we get always the userid before generating a CSR:

android/src/main/java/com/owncloud/android/ui/dialog/SetupEncryptionDialogFragment.java

Lines 348 to 363 in 04de5ca

	// get user id
	String userID;
	GetRemoteUserInfoOperation remoteUserNameOperation = new GetRemoteUserInfoOperation();
	RemoteOperationResult remoteUserNameOperationResult = remoteUserNameOperation
	.execute(account, getContext(), true);
	if (remoteUserNameOperationResult.isSuccess() &&
	remoteUserNameOperationResult.getData() != null) {
	UserInfo userInfo = (UserInfo) remoteUserNameOperationResult.getData().get(0);
	userID = userInfo.getId();
	} else {
	userID = account.name;
	}
	// create CSR
	String urlEncoded = CsrHelper.generateCsrPemEncodedString(keyPair, userID);

(the above is true for all stable app releases, on alpha testing there was no server side checking of userid)

[mario]

👍