src/com/owncloud/android/authentication/SsoWebViewClient.java

   1 /* ownCloud Android client application
   2  *   Copyright (C) 2012-2013 ownCloud Inc.
   3  *
   4  *   This program is free software: you can redistribute it and/or modify
   5  *   it under the terms of the GNU General Public License version 2,
   6  *   as published by the Free Software Foundation.
   7  *
   8  *   This program is distributed in the hope that it will be useful,
   9  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  10  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  11  *   GNU General Public License for more details.
  12  *
  13  *   You should have received a copy of the GNU General Public License
  14  *   along with this program.  If not, see <http://www.gnu.org/licenses/>.
  15  *
  16  */
  17
  18 package com.owncloud.android.authentication;
  19
  20 import java.io.ByteArrayInputStream;
  21 import java.lang.ref.WeakReference;
  22 import java.security.cert.Certificate;
  23 import java.security.cert.CertificateException;
  24 import java.security.cert.CertificateFactory;
  25 import java.security.cert.X509Certificate;
  26
  27 import com.owncloud.android.lib.common.network.NetworkUtils;
  28 import com.owncloud.android.lib.common.utils.Log_OC;
  29
  30 import android.content.Context;
  31 import android.graphics.Bitmap;
  32 import android.net.http.SslCertificate;
  33 import android.net.http.SslError;
  34 import android.os.Bundle;
  35 import android.os.Handler;
  36 import android.os.Message;
  37 import android.view.KeyEvent;
  38 import android.view.View;
  39 import android.webkit.CookieManager;
  40 import android.webkit.HttpAuthHandler;
  41 import android.webkit.SslErrorHandler;
  42 import android.webkit.WebResourceResponse;
  43 import android.webkit.WebView;
  44 import android.webkit.WebViewClient;
  45
  46
  47 /**
  48  * Custom {@link WebViewClient} client aimed to catch the end of a single-sign-on process
  49  * running in the {@link WebView} that is attached to.
  50  *
  51  * Assumes that the single-sign-on is kept thanks to a cookie set at the end of the
  52  * authentication process.
  53  *
  54  * @author David A. Velasco
  55  */
  56 public class SsoWebViewClient extends WebViewClient {
  57
  58     private static final String TAG = SsoWebViewClient.class.getSimpleName();
  59
  60     public interface SsoWebViewClientListener {
  61         public void onSsoFinished(String sessionCookie);
  62     }
  63
  64     private Context mContext;
  65     private Handler mListenerHandler;
  66     private WeakReference<SsoWebViewClientListener> mListenerRef;
  67     private String mTargetUrl;
  68     private String mLastReloadedUrlAtError;
  69
  70
  71     public SsoWebViewClient (Context context, Handler listenerHandler, SsoWebViewClientListener listener) {
  72         mContext = context;
  73         mListenerHandler = listenerHandler;
  74         mListenerRef = new WeakReference<SsoWebViewClient.SsoWebViewClientListener>(listener);
  75         mTargetUrl = "fake://url.to.be.set";
  76         mLastReloadedUrlAtError = null;
  77     }
  78
  79     public String getTargetUrl() {
  80         return mTargetUrl;
  81     }
  82
  83     public void setTargetUrl(String targetUrl) {
  84         mTargetUrl = targetUrl;
  85     }
  86
  87     @Override
  88     public void onPageStarted (WebView view, String url, Bitmap favicon) {
  89         Log_OC.d(TAG, "onPageStarted : " + url);
  90         view.clearCache(true);
  91         super.onPageStarted(view, url, favicon);
  92     }
  93
  94     @Override
  95     public void onFormResubmission (WebView view, Message dontResend, Message resend) {
  96         Log_OC.d(TAG, "onFormResubMission ");
  97
  98         // necessary to grant reload of last page when device orientation is changed after sending a form
  99         resend.sendToTarget();
 100     }
 101
 102     @Override
 103     public boolean shouldOverrideUrlLoading(WebView view, String url) {
 104         return false;
 105     }
 106
 107     @Override
 108     public void onReceivedError (WebView view, int errorCode, String description, String failingUrl) {
 109         Log_OC.e(TAG, "onReceivedError : " + failingUrl + ", code " + errorCode + ", description: " + description);
 110         if (!failingUrl.equals(mLastReloadedUrlAtError)) {
 111             view.reload();
 112             mLastReloadedUrlAtError = failingUrl;
 113         } else {
 114             mLastReloadedUrlAtError = null;
 115             super.onReceivedError(view, errorCode, description, failingUrl);
 116         }
 117     }
 118
 119     @Override
 120     public void onPageFinished (WebView view, String url) {
 121         Log_OC.d(TAG, "onPageFinished : " + url);
 122         mLastReloadedUrlAtError = null;
 123         if (url.startsWith(mTargetUrl)) {
 124             view.setVisibility(View.GONE);
 125             CookieManager cookieManager = CookieManager.getInstance();
 126             final String cookies = cookieManager.getCookie(url);
 127             Log_OC.d(TAG, "Cookies: " + cookies);
 128             if (mListenerHandler != null && mListenerRef != null) {
 129                 // this is good idea because onPageFinished is not running in the UI thread
 130                 mListenerHandler.post(new Runnable() {
 131                     @Override
 132                     public void run() {
 133                         SsoWebViewClientListener listener = mListenerRef.get();
 134                         if (listener != null) {
 135                                 // Send Cookies to the listener
 136                             listener.onSsoFinished(cookies);
 137                         }
 138                     }
 139                 });
 140             }
 141         }
 142     }
 143
 144
 145     @Override
 146     public void doUpdateVisitedHistory (WebView view, String url, boolean isReload) {
 147         Log_OC.d(TAG, "doUpdateVisitedHistory : " + url);
 148     }
 149
 150     @Override
 151     public void onReceivedSslError (final WebView view, final SslErrorHandler handler, SslError error) {
 152         Log_OC.d(TAG, "onReceivedSslError : " + error);
 153         // Test 1
 154         X509Certificate x509Certificate = getX509CertificateFromError(error);
 155         boolean isKnownServer = false;
 156
 157         if (x509Certificate != null) {
 158             Log_OC.d(TAG, "------>>>>> x509Certificate " + x509Certificate.toString());
 159
 160             try {
 161                 isKnownServer = NetworkUtils.isCertInKnownServersStore((Certificate) x509Certificate, mContext);
 162             } catch (Exception e) {
 163                 Log_OC.e(TAG, "Exception: " + e.getMessage());
 164             }
 165         }
 166
 167          if (isKnownServer) {
 168              handler.proceed();
 169          } else {
 170              ((AuthenticatorActivity)mContext).showUntrustedCertDialog(x509Certificate, error, handler);
 171          }
 172     }
 173
 174     /**
 175      * Obtain the X509Certificate from SslError
 176      * @param   error     SslError
 177      * @return  X509Certificate from error
 178      */
 179     public X509Certificate getX509CertificateFromError (SslError error) {
 180         Bundle bundle = SslCertificate.saveState(error.getCertificate());
 181         X509Certificate x509Certificate;
 182         byte[] bytes = bundle.getByteArray("x509-certificate");
 183         if (bytes == null) {
 184             x509Certificate = null;
 185         } else {
 186             try {
 187                 CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
 188                 Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes));
 189                 x509Certificate = (X509Certificate) cert;
 190             } catch (CertificateException e) {
 191                 x509Certificate = null;
 192             }
 193         }
 194         return x509Certificate;
 195     }
 196
 197     @Override
 198     public void onReceivedHttpAuthRequest (WebView view, HttpAuthHandler handler, String host, String realm) {
 199         Log_OC.d(TAG, "onReceivedHttpAuthRequest : " + host);
 200
 201         ((AuthenticatorActivity)mContext).createAuthenticationDialog(view, handler);
 202     }
 203
 204     @Override
 205     public WebResourceResponse shouldInterceptRequest (WebView view, String url) {
 206         Log_OC.d(TAG, "shouldInterceptRequest : " + url);
 207         return null;
 208     }
 209
 210     @Override
 211     public void onLoadResource (WebView view, String url) {
 212         Log_OC.d(TAG, "onLoadResource : " + url);
 213     }
 214
 215     @Override
 216     public void onReceivedLoginRequest (WebView view, String realm, String account, String args) {
 217         Log_OC.d(TAG, "onReceivedLoginRequest : " + realm + ", " + account + ", " + args);
 218     }
 219
 220     @Override
 221     public void onScaleChanged (WebView view, float oldScale, float newScale) {
 222         Log_OC.d(TAG, "onScaleChanged : " + oldScale + " -> " + newScale);
 223         super.onScaleChanged(view, oldScale, newScale);
 224     }
 225
 226     @Override
 227     public void onUnhandledKeyEvent (WebView view, KeyEvent event) {
 228         Log_OC.d(TAG, "onUnhandledKeyEvent : " + event);
 229     }
 230
 231     @Override
 232     public boolean shouldOverrideKeyEvent (WebView view, KeyEvent event) {
 233         Log_OC.d(TAG, "shouldOverrideKeyEvent : " + event);
 234         return false;
 235     }
 236 }