1 /* ownCloud Android Library is available under MIT license 
   2  *   Copyright (C) 2014 ownCloud Inc. 
   4  *   Permission is hereby granted, free of charge, to any person obtaining a copy 
   5  *   of this software and associated documentation files (the "Software"), to deal 
   6  *   in the Software without restriction, including without limitation the rights 
   7  *   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 
   8  *   copies of the Software, and to permit persons to whom the Software is 
   9  *   furnished to do so, subject to the following conditions: 
  11  *   The above copyright notice and this permission notice shall be included in 
  12  *   all copies or substantial portions of the Software. 
  14  *   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,  
  15  *   EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 
  16  *   MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND  
  17  *   NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS  
  18  *   BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN  
  19  *   ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN  
  20  *   CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 
  25 package com
.owncloud
.android
.operations
; 
  27 import java
.util
.ArrayList
; 
  29 import com
.owncloud
.android
.lib
.common
.OwnCloudClient
; 
  30 import com
.owncloud
.android
.lib
.common
.operations
.OnRemoteOperationListener
; 
  31 import com
.owncloud
.android
.lib
.common
.operations
.RemoteOperation
; 
  32 import com
.owncloud
.android
.lib
.common
.operations
.RemoteOperationResult
; 
  33 import com
.owncloud
.android
.lib
.common
.operations
.RemoteOperationResult
.ResultCode
; 
  34 import com
.owncloud
.android
.lib
.common
.utils
.Log_OC
; 
  35 import com
.owncloud
.android
.lib
.resources
.files
.ExistenceCheckRemoteOperation
; 
  37 import android
.content
.Context
; 
  38 import android
.net
.Uri
; 
  39 import android
.util
.Log
; 
  42  * Operation to find out what authentication method requires 
  43  * the server to access files. 
  45  * Basically, tries to access to the root folder without authorization 
  46  * and analyzes the response. 
  48  * When successful, the instance of {@link RemoteOperationResult} passed 
  49  * through {@link OnRemoteOperationListener#onRemoteOperationFinish(RemoteOperation,  
  50  * RemoteOperationResult)} returns in {@link RemoteOperationResult#getData()} 
  51  * a value of {@link AuthenticationMethod}.  
  53  * @author David A. Velasco 
  55 public class DetectAuthenticationMethodOperation 
extends RemoteOperation 
{ 
  57     private static final String TAG 
= DetectAuthenticationMethodOperation
.class.getSimpleName(); 
  59     public enum AuthenticationMethod 
{ 
  67     private Context mContext
; 
  72      * @param context       Android context of the caller. 
  75     public DetectAuthenticationMethodOperation(Context context
) { 
  81      *  Performs the operation. 
  83      *  Triggers a check of existence on the root folder of the server, granting 
  84      *  that the request is not authenticated. 
  86      *  Analyzes the result of check to find out what authentication method, if 
  87      *  any, is requested by the server. 
  90         protected RemoteOperationResult 
run(OwnCloudClient client
) { 
  91         RemoteOperationResult result 
= null
; 
  92         AuthenticationMethod authMethod 
= AuthenticationMethod
.UNKNOWN
; 
  94         RemoteOperation operation 
= new ExistenceCheckRemoteOperation("", mContext
, false
); 
  95         client
.clearCredentials(); 
  96         client
.setFollowRedirects(false
); 
  98         // try to access the root folder, following redirections but not SAML SSO redirections 
  99         result 
= operation
.execute(client
); 
 100         String redirectedLocation 
= result
.getRedirectedLocation();  
 101         while (redirectedLocation 
!= null 
&& redirectedLocation
.length() > 0 &&  
 102                 !result
.isIdPRedirection()) { 
 103             client
.setBaseUri(Uri
.parse(result
.getRedirectedLocation())); 
 104             result 
= operation
.execute(client
); 
 105             redirectedLocation 
= result
.getRedirectedLocation(); 
 109         if (result
.getCode() == ResultCode
.UNAUTHORIZED
) { 
 110             String authRequest 
= ((result
.getAuthenticateHeader()).trim()).toLowerCase(); 
 111             if (authRequest
.startsWith("basic")) { 
 112                 authMethod 
= AuthenticationMethod
.BASIC_HTTP_AUTH
; 
 114             } else if (authRequest
.startsWith("bearer")) { 
 115                 authMethod 
= AuthenticationMethod
.BEARER_TOKEN
; 
 117             // else - fall back to UNKNOWN 
 119         } else if (result
.isSuccess()) { 
 120             authMethod 
= AuthenticationMethod
.NONE
; 
 122         } else if (result
.isIdPRedirection()) { 
 123             authMethod 
= AuthenticationMethod
.SAML_WEB_SSO
; 
 125         // else - fall back to UNKNOWN 
 126         Log_OC
.d(TAG
, "Authentication method found: " + authenticationMethodToString(authMethod
)); 
 128         if (!authMethod
.equals(AuthenticationMethod
.UNKNOWN
)) { 
 129             result 
= new RemoteOperationResult(true
, result
.getHttpCode(), null
); 
 131         ArrayList
<Object
> data 
= new ArrayList
<Object
>(); 
 132         data
.add(authMethod
); 
 133         result
.setData(data
); 
 134         return result
;  // same result instance, so that other errors can be handled by the caller transparently 
 138         private String 
authenticationMethodToString(AuthenticationMethod value
) { 
 142             case BASIC_HTTP_AUTH
: 
 143                 return "BASIC_HTTP_AUTH"; 
 145                 return "BEARER_TOKEN"; 
 147                 return "SAML_WEB_SSO";