projects / pub / Android / ownCloud.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'develop' into videoInstandUploads
[pub/Android/ownCloud.git] / src / com / owncloud / android / operations / DetectAuthenticationMethodOperation.java
1 /* ownCloud Android Library is available under MIT license
2 * Copyright (C) 2014 ownCloud Inc.
3 *
4 * Permission is hereby granted, free of charge, to any person obtaining a copy
5 * of this software and associated documentation files (the "Software"), to deal
6 * in the Software without restriction, including without limitation the rights
7 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8 * copies of the Software, and to permit persons to whom the Software is
9 * furnished to do so, subject to the following conditions:
10 *
11 * The above copyright notice and this permission notice shall be included in
12 * all copies or substantial portions of the Software.
13 *
14 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
18 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
19 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
20 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
21 * THE SOFTWARE.
22 *
23 */
24
25 package com.owncloud.android.operations;
26
27 import java.util.ArrayList;
28
29 import com.owncloud.android.lib.common.OwnCloudClient;
30 import com.owncloud.android.lib.common.operations.OnRemoteOperationListener;
31 import com.owncloud.android.lib.common.operations.RemoteOperation;
32 import com.owncloud.android.lib.common.operations.RemoteOperationResult;
33 import com.owncloud.android.lib.common.operations.RemoteOperationResult.ResultCode;
34 import com.owncloud.android.lib.resources.files.ExistenceCheckRemoteOperation;
35
36 import android.content.Context;
37 import android.net.Uri;
38 import android.util.Log;
39
40 /**
41 * Operation to find out what authentication method requires
42 * the server to access files.
43 *
44 * Basically, tries to access to the root folder without authorization
45 * and analyzes the response.
46 *
47 * When successful, the instance of {@link RemoteOperationResult} passed
48 * through {@link OnRemoteOperationListener#onRemoteOperationFinish(RemoteOperation,
49 * RemoteOperationResult)} returns in {@link RemoteOperationResult#getData()}
50 * a value of {@link AuthenticationMethod}.
51 *
52 * @author David A. Velasco
53 */
54 public class DetectAuthenticationMethodOperation extends RemoteOperation {
55
56 private static final String TAG = DetectAuthenticationMethodOperation.class.getSimpleName();
57
58 public enum AuthenticationMethod {
59 UNKNOWN,
60 NONE,
61 BASIC_HTTP_AUTH,
62 SAML_WEB_SSO,
63 BEARER_TOKEN
64 }
65
66 private Context mContext;
67 private String mWebDavUrl;
68
69 /**
70 * Constructor
71 *
72 * @param context Android context of the caller.
73 * @param webdavUrl
74 */
75 public DetectAuthenticationMethodOperation(Context context, String webdavUrl) {
76 mContext = context;
77 mWebDavUrl = webdavUrl;
78 }
79
80
81 /**
82 * Performs the operation.
83 *
84 * Triggers a check of existence on the root folder of the server, granting
85 * that the request is not authenticated.
86 *
87 * Analyzes the result of check to find out what authentication method, if
88 * any, is requested by the server.
89 */
90 @Override
91 protected RemoteOperationResult run(OwnCloudClient client) {
92 RemoteOperationResult result = null;
93 AuthenticationMethod authMethod = AuthenticationMethod.UNKNOWN;
94
95 RemoteOperation operation = new ExistenceCheckRemoteOperation("", mContext, false);
96 client.setWebdavUri(Uri.parse(mWebDavUrl));
97 client.setBasicCredentials("", "");
98 client.setFollowRedirects(false);
99
100 // try to access the root folder, following redirections but not SAML SSO redirections
101 result = operation.execute(client);
102 String redirectedLocation = result.getRedirectedLocation();
103 while (redirectedLocation != null && redirectedLocation.length() > 0 && !result.isIdPRedirection()) {
104 client.setWebdavUri(Uri.parse(result.getRedirectedLocation()));
105 result = operation.execute(client);
106 redirectedLocation = result.getRedirectedLocation();
107 }
108
109 // analyze response
110 if (result.getCode() == ResultCode.UNAUTHORIZED) {
111 String authRequest = ((result.getAuthenticateHeader()).trim()).toLowerCase();
112 if (authRequest.startsWith("basic")) {
113 authMethod = AuthenticationMethod.BASIC_HTTP_AUTH;
114
115 } else if (authRequest.startsWith("bearer")) {
116 authMethod = AuthenticationMethod.BEARER_TOKEN;
117 }
118 // else - fall back to UNKNOWN
119
120 } else if (result.isSuccess()) {
121 authMethod = AuthenticationMethod.NONE;
122
123 } else if (result.isIdPRedirection()) {
124 authMethod = AuthenticationMethod.SAML_WEB_SSO;
125 }
126 // else - fall back to UNKNOWN
127 Log.d(TAG, "Authentication method found: " + authenticationMethodToString(authMethod));
128
129 if (!authMethod.equals(AuthenticationMethod.UNKNOWN)) {
130 result = new RemoteOperationResult(true, result.getHttpCode(), null);
131 }
132 ArrayList<Object> data = new ArrayList<Object>();
133 data.add(authMethod);
134 result.setData(data);
135 return result; // same result instance, so that other errors can be handled by the caller transparently
136 }
137
138
139 private String authenticationMethodToString(AuthenticationMethod value) {
140 switch (value){
141 case NONE:
142 return "NONE";
143 case BASIC_HTTP_AUTH:
144 return "BASIC_HTTP_AUTH";
145 case BEARER_TOKEN:
146 return "BEARER_TOKEN";
147 case SAML_WEB_SSO:
148 return "SAML_WEB_SSO";
149 default:
150 return "UNKNOWN";
151 }
152 }
153
154 }
ownCloud Android App