Changing the default oAuth callback URL

1. Change config.hostname value in config.properties to your desired value and build your own APK.

Certificate pinning

There are many write up on the internet with regards to certificate pinning. This project shall not go into details. ^{1 2 3}

A quote from okhttp docs

Warning: Certificate Pinning is Dangerous! Pinning certificates limits your server team's abilities to update their TLS certificates. By pinning certificates, you take on additional operational complexity and limit your ability to migrate between certificate authorities. Do not use certificate pinning without the blessing of your server's TLS administrator!

If you are still brave, carry on reading.

To enable certificate pinning:

1. Run cert_pinning.sh

$ ./cert.sh www.google.com
/C=US/ST=California/L=Mountain View/O=Google LLC/CN=www.google.com
47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=
/C=US/O=Google Trust Services/CN=Google Internet Authority G3
f8NnEFZxQ4ExFOhSN7EiFWtiudZQVD2oY60uauV/n78=

2. Copy the sha256 value hash of the certificate's Subject Public Key Info to the app settings.