Final Report — Bugheist The Flutter Project, GSoC`21 @ OWASP

Final Report — Bugheist The Flutter Project, GSoC`21 @ OWASP
-5 min read

GSoC 2k21

OWASP

BugHeist

Final Evaluations

Introduction

Bug Logging Tool (Bugheist) lets anyone find and report issues on the internet. If you find something out of place on Amazon or any other website let them know. Companies show their response time and history. Get points on every bug you find on the internet and keep the internet free of bugs. Whenever you find a bug, just report it... Bugs or Issues are the vulnerabilities which you find on Websites or Applications when you expect some functionalities to occur but something else happens, which can cause some problems from minor to major level such as tempering a website like Amazon to buy things at relatively lower prices. Here comes BugHeist with an ultimate solution to the problem where users can report bugs/issues and can win exciting prizes or money.

What does it cover for all?

Points are awarded to keep the interest of users. Money is offered if you join the BugHeist Contest Community. There is a jackpot money listed in the leaderboard of BugHeist Issues. Money is offered if you are given tips by someone through the tip button. A good experience for your resume.

How does it Proceed and how does it work?

Firstly create a User Account on BugHeist Website. Then click on report and issue . Describe the type of issue you want to upload. Attach the screenshot of the bug or issue you have found. Click on the submit button to submit the information. You can organise a company sponsored Bug Hunt also and can also decide a prize money for it. You can also participate in BugHeist or OWASP sponsored events or contests and the prize money will be called a tip.

The idea is to create a:

Flutter Application for the bug hunters and people who want to contribute in making the Internet Bug Free. Having the code which follows the existing style guides, which also passes all the existing quality gates regarding test coverage and code analysis.

Mentor Advices

So I had some meetings with my mentors about all the updates. We have decided about what we have to cover next and what are the challenges we are facing. And decided what should be completed untill now. I was continously active on slack also with my mentors and asked my doubts from them there.

Work

I started with fixing some css stuff in BLT Repo, after that I added Rest APIs for Login, Logout, Password Recovery, Mailing, Github Login, Google Login, Facebook Login, Registration and all authentication stuffs, after that I had created some issues in BugHeist Repo for the upcoming tasks I had to complete in this GSoC. I also had added Code Coverage Github Actions as well, from that we can cover all the code base present in the Repo, also created issues from Figma Screenshots, I have also fixed some APIs in frontend. I had integrated Facebook SDK for IOS and Android also, made a call using web view in the App on our Facebook App and after getting accessToken from Facebook, we are using it in our database. So it will be a 2 way authentication for Facebook. I learnt too much while implementing this feature and have good grasp over social authentication stuffs. You can seet the preview here. Coding image After that I had spent huge time for fixing the drawer and app bar in the app. For me, its look awesome after giving drawer the idea of layers, whenever a user clicks on the menu Icon, it opens the 3rd layer of Drawer, having 2nd and 1st layer on certain angles, which looks attractive. I have learned about offset and matrix tranform for making this feature and learnt about how to set offsets in x and y axis and with certain angles. Here is the preview for that. Coding image Also I have fixed the splsh screen and created an animation from the scratch. I have used every layer one by one and created an animation using Bugheist Logo. Have a look at this also. Coding image Also there is one more exciting feature I loved to work with, i.e. creating the Flutter UI for the Pricing Page. I have used the Carousel Widget to give all 4 pricing pages a horizontal slider look. Solved some null safety issue with code to implement it, and I learned too much about position and options parameter in Carousel class for implementing this feature. Please check it out. Coding image

Apart from these beautiful features, I have added some APIs in the backend for terms, policy page rendring and for the search bar. I have integrated them in the UI also. I have used flutter_html module to simply render the HTML content in the Flutter App. Used Navigator and Animation Controller and made a API model for fetching HTML content using Rest API, and then, just integrated it by making Terms, About, and Privacy Classes. You can check out this at: Check out

I have added and modified the screen, with a better UI, and the functionality of uploading bug in the website. I have used the /issues routes from the website from its APIs and also added it for the anonymous user. You can just tick on checkbox to post bug Anonymously on the Website. It was a fun to make this page, used scroll view to handle the page in landscape mode. Please check it out: Check out

I have also implemented the Error page for the App. If their is a connection failure or some authentication error. It pops up and inform the user about the issue. After that I have implemented the Feed Page or Social Page for the Bugheist App. I loved to take this up and used social_embed_webview package for implementing the feature and embedded all the twitter feed from the Bugheist Twitter Handle to the Bugheist Feed App Page. Please Check out here.

After that I designed the figma elements for some pages like user profile details, company scoreboard, invite a friend and issue list and details. Then, I converted each page from figma to Flutter UI and added responsiveness for every page.

You can check out all my PRs for the BugHeist UI Repo at: Check out

And in the Backend Repo at: Check out

Challenges

While doing my work, I have encountered with many bugs and challenges that I am able to solve timely. First while implementing the Facebook Auth, I encountered with the connection of facebook token with the UI and then I researched about the Facebook Authentications. Then I used ngrok for testing out my Facebook web app for Social Authentication and integrated the Secret and Client key in the UI, which and called the Graph APIs in the UI for getting the info about the user and then using facebook_auth module in flutter I integrated the API in UI.

Another challenge is using the carousel module. While implementing the Pricing Page, I encounter with many null safety issues as we are using the lower version of Flutter in the BugHeist that we will upgrade later. So for getting rid of that issue, I had to migrate the code in null safety parameters.

Apart from that implementing some features like Drawer Page was bit challenging and I have read about transformations for implementing the feature, also for implementing some pages like pricing, company dashboard, invite friends, I have implemented a tranform class for vectorisizing the stuffs. So overall these features were mostly challenging.

Experience

I have learned a lot of new things this summer. This GSoC with OWASp was an enjoyable experience. The mentors I have been assigned with were very friendly, helpful, and supportive. The community as a whole is fabulous and enthusiastic. It was one of the most awesome experience for me in my life. I would love to contribute more in the project even after the GSoC and will definately apply for the GSoC mentor for the project next year if I got a chance. I can now say, I have done all the tasks sincerely, and I should pass the Final Evaluation ass I have designed whole UI for the BugHeist App in this Summer of Code.😊😊😊

Acknowledgment

I am very thankful to my mentors Sourav and Donnie. Without them, the work never would have been this joyful and rewarding. Both were always available to answer my questions on time. I love the OWASP community for its welcoming and enthusiastic nature. Finally, thanks to the GSoC program, without which, I wouldn’t be a part of this awesome project and gain this memorable experience. I am thankful to them for creating this kind of opportunity for students. I am grateful and love to contribute more in open source.

Future Work

Complete and Integrate the Flutter UI from separte PRs in the Single Branch.

Integrate all the Backend APIs in UI for a full functional APP.

Improve the UI for some pages like Invite Page and Social Page.

Updating the Flutter version for the Current APP for getting support for SVG assets as current version is incompatible for that

Last Words

So with this I am done with my blog post for GSoC evaluation. But the journey will go on. I will continue to contribute in the project after the GSoC as well and all the bugs if occurs. I will also apply in next year also for the same project if not as a student then as a mentor. Now, I will come back with new update in my project if I got a chance.

So yaa, good byeeee👋🏻👋🏻👋🏻👋🏻👋🏻