86 lines
3.2 KiB
Dart
86 lines
3.2 KiB
Dart
import 'package:flutter/foundation.dart';
|
|
import 'package:json_annotation/json_annotation.dart';
|
|
|
|
part 'dev_tools_settings.g.dart';
|
|
|
|
enum MarianumConnectEndpoint { live, beta, custom }
|
|
|
|
@JsonSerializable()
|
|
class DevToolsSettings {
|
|
bool showPerformanceOverlay;
|
|
bool checkerboardOffscreenLayers;
|
|
bool checkerboardRasterCacheImages;
|
|
|
|
@JsonKey(defaultValue: MarianumConnectEndpoint.live)
|
|
MarianumConnectEndpoint marianumConnectEndpoint;
|
|
|
|
@JsonKey(defaultValue: '')
|
|
String marianumConnectCustomUrl;
|
|
|
|
DevToolsSettings({
|
|
required this.showPerformanceOverlay,
|
|
required this.checkerboardOffscreenLayers,
|
|
required this.checkerboardRasterCacheImages,
|
|
this.marianumConnectEndpoint = MarianumConnectEndpoint.live,
|
|
this.marianumConnectCustomUrl = '',
|
|
});
|
|
|
|
// Resolves the effective base URL for the Marianum-Connect mobile API.
|
|
// Falls back to live when the custom URL is empty or malformed. HTTP is
|
|
// accepted alongside HTTPS only in debug/profile builds (developers can
|
|
// point at `http://10.0.2.2:8080` without configuring TLS locally); release
|
|
// builds restrict the custom endpoint to HTTPS so a leaked debug URL never
|
|
// ships an unencrypted bearer token over the wire.
|
|
String resolveMarianumConnectBaseUrl() {
|
|
switch (marianumConnectEndpoint) {
|
|
case MarianumConnectEndpoint.live:
|
|
return liveUrl;
|
|
case MarianumConnectEndpoint.beta:
|
|
return betaUrl;
|
|
case MarianumConnectEndpoint.custom:
|
|
final sanitized = sanitizeCustomUrl(marianumConnectCustomUrl);
|
|
return sanitized ?? liveUrl;
|
|
}
|
|
}
|
|
|
|
static const String liveUrl = 'https://connect.marianum-fulda.de';
|
|
static const String betaUrl = 'https://connect-beta.marianum-fulda.de';
|
|
|
|
/// `true` in builds where plaintext HTTP custom endpoints are still allowed
|
|
/// (debug, profile). Release builds keep this `false` and the picker
|
|
/// rejects `http://` entirely.
|
|
static bool get allowsHttpCustomEndpoint => !kReleaseMode;
|
|
|
|
/// Returns the trimmed URL without a trailing slash, or null when the input
|
|
/// is not a usable HTTP/HTTPS URL. HTTP is only accepted when
|
|
/// [allowsHttpCustomEndpoint] is `true` — i.e. outside release builds.
|
|
static String? sanitizeCustomUrl(String raw) {
|
|
final trimmed = raw.trim();
|
|
if (trimmed.isEmpty) return null;
|
|
final uri = Uri.tryParse(trimmed);
|
|
if (uri == null || !uri.hasScheme) return null;
|
|
if (uri.scheme == 'https') {
|
|
// always fine
|
|
} else if (uri.scheme == 'http' && allowsHttpCustomEndpoint) {
|
|
// dev only
|
|
} else {
|
|
return null;
|
|
}
|
|
if (uri.host.isEmpty) return null;
|
|
return trimmed.endsWith('/')
|
|
? trimmed.substring(0, trimmed.length - 1)
|
|
: trimmed;
|
|
}
|
|
|
|
/// `true` when the configured custom URL is plain HTTP — the picker shows
|
|
/// this as a warning so developers don't accidentally ship a debug URL.
|
|
bool get marianumConnectCustomUrlIsInsecure {
|
|
final sanitized = sanitizeCustomUrl(marianumConnectCustomUrl);
|
|
return sanitized != null && Uri.parse(sanitized).scheme == 'http';
|
|
}
|
|
|
|
factory DevToolsSettings.fromJson(Map<String, dynamic> json) =>
|
|
_$DevToolsSettingsFromJson(json);
|
|
Map<String, dynamic> toJson() => _$DevToolsSettingsToJson(this);
|
|
}
|