src/com/owncloud/android/authentication/SsoWebViewClient.java

   1 /* ownCloud Android client application
   2  *   Copyright (C) 2012-2013 ownCloud Inc.
   3  *
   4  *   This program is free software: you can redistribute it and/or modify
   5  *   it under the terms of the GNU General Public License version 2,
   6  *   as published by the Free Software Foundation.
   7  *
   8  *   This program is distributed in the hope that it will be useful,
   9  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  10  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  11  *   GNU General Public License for more details.
  12  *
  13  *   You should have received a copy of the GNU General Public License
  14  *   along with this program.  If not, see <http://www.gnu.org/licenses/>.
  15  *
  16  */
  17
  18 package com.owncloud.android.authentication;
  19
  20 import java.io.ByteArrayInputStream;
  21 import java.lang.ref.WeakReference;
  22 import java.security.cert.Certificate;
  23 import java.security.cert.CertificateException;
  24 import java.security.cert.CertificateFactory;
  25 import java.security.cert.X509Certificate;
  26
  27 import android.app.AlertDialog;
  28 import android.app.AlertDialog.Builder;
  29 import android.content.Context;
  30 import android.content.DialogInterface;
  31 import android.graphics.Bitmap;
  32 import android.net.http.SslCertificate;
  33 import android.net.http.SslError;
  34 import android.os.Bundle;
  35 import android.os.Handler;
  36 import android.os.Message;
  37 import android.text.InputType;
  38 import android.view.KeyEvent;
  39 import android.view.View;
  40 import android.webkit.CookieManager;
  41 import android.webkit.HttpAuthHandler;
  42 import android.webkit.SslErrorHandler;
  43 import android.webkit.WebResourceResponse;
  44 import android.webkit.WebView;
  45 import android.webkit.WebViewClient;
  46 import android.widget.EditText;
  47 import android.widget.LinearLayout;
  48 import android.widget.Toast;
  49
  50 import com.owncloud.android.R;
  51 import com.owncloud.android.lib.common.network.NetworkUtils;
  52 import com.owncloud.android.utils.Log_OC;
  53
  54
  55 /**
  56  * Custom {@link WebViewClient} client aimed to catch the end of a single-sign-on process
  57  * running in the {@link WebView} that is attached to.
  58  *
  59  * Assumes that the single-sign-on is kept thanks to a cookie set at the end of the
  60  * authentication process.
  61  *
  62  * @author David A. Velasco
  63  */
  64 public class SsoWebViewClient extends WebViewClient {
  65
  66     private static final String TAG = SsoWebViewClient.class.getSimpleName();
  67
  68     public interface SsoWebViewClientListener {
  69         public void onSsoFinished(String sessionCookie);
  70     }
  71
  72     private Context mContext;
  73     private Handler mListenerHandler;
  74     private WeakReference<SsoWebViewClientListener> mListenerRef;
  75     private String mTargetUrl;
  76     private String mLastReloadedUrlAtError;
  77
  78     private boolean mIsFirstAttempt;
  79
  80     public SsoWebViewClient (Context context, Handler listenerHandler, SsoWebViewClientListener listener) {
  81         mContext = context;
  82         mListenerHandler = listenerHandler;
  83         mListenerRef = new WeakReference<SsoWebViewClient.SsoWebViewClientListener>(listener);
  84         mTargetUrl = "fake://url.to.be.set";
  85         mLastReloadedUrlAtError = null;
  86         mIsFirstAttempt = true;
  87     }
  88
  89     public String getTargetUrl() {
  90         return mTargetUrl;
  91     }
  92
  93     public void setTargetUrl(String targetUrl) {
  94         mTargetUrl = targetUrl;
  95     }
  96
  97     @Override
  98     public void onPageStarted (WebView view, String url, Bitmap favicon) {
  99         Log_OC.d(TAG, "onPageStarted : " + url);
 100         super.onPageStarted(view, url, favicon);
 101     }
 102
 103     @Override
 104     public void onFormResubmission (WebView view, Message dontResend, Message resend) {
 105         Log_OC.d(TAG, "onFormResubMission ");
 106
 107         // necessary to grant reload of last page when device orientation is changed after sending a form
 108         resend.sendToTarget();
 109     }
 110
 111     @Override
 112     public boolean shouldOverrideUrlLoading(WebView view, String url) {
 113         return false;
 114     }
 115
 116     @Override
 117     public void onReceivedError (WebView view, int errorCode, String description, String failingUrl) {
 118         Log_OC.e(TAG, "onReceivedError : " + failingUrl + ", code " + errorCode + ", description: " + description);
 119         if (!failingUrl.equals(mLastReloadedUrlAtError)) {
 120             view.reload();
 121             mLastReloadedUrlAtError = failingUrl;
 122         } else {
 123             mLastReloadedUrlAtError = null;
 124             super.onReceivedError(view, errorCode, description, failingUrl);
 125         }
 126     }
 127
 128     @Override
 129     public void onPageFinished (WebView view, String url) {
 130         Log_OC.d(TAG, "onPageFinished : " + url);
 131         mLastReloadedUrlAtError = null;
 132         if (url.startsWith(mTargetUrl)) {
 133             view.setVisibility(View.GONE);
 134             CookieManager cookieManager = CookieManager.getInstance();
 135             final String cookies = cookieManager.getCookie(url);
 136             Log_OC.d(TAG, "Cookies: " + cookies);
 137             if (mListenerHandler != null && mListenerRef != null) {
 138                 // this is good idea because onPageFinished is not running in the UI thread
 139                 mListenerHandler.post(new Runnable() {
 140                     @Override
 141                     public void run() {
 142                         SsoWebViewClientListener listener = mListenerRef.get();
 143                         if (listener != null) {
 144                                 // Send Cookies to the listener
 145                             listener.onSsoFinished(cookies);
 146                         }
 147                     }
 148                 });
 149             }
 150         }
 151     }
 152
 153
 154     @Override
 155     public void doUpdateVisitedHistory (WebView view, String url, boolean isReload) {
 156         Log_OC.d(TAG, "doUpdateVisitedHistory : " + url);
 157     }
 158
 159     @Override
 160     public void onReceivedSslError (final WebView view, final SslErrorHandler handler, SslError error) {
 161         Log_OC.d(TAG, "onReceivedSslError : " + error);
 162         // Test 1
 163         X509Certificate x509Certificate = getX509CertificateFromError(error);
 164         boolean isKnownServer = false;
 165
 166         if (x509Certificate != null) {
 167             Log_OC.d(TAG, "------>>>>> x509Certificate " + x509Certificate.toString());
 168
 169             try {
 170                 isKnownServer = NetworkUtils.isCertInKnownServersStore((Certificate) x509Certificate, mContext);
 171             } catch (Exception e) {
 172                 Log_OC.e(TAG, "Exception: " + e.getMessage());
 173             }
 174         }
 175
 176          if (isKnownServer) {
 177              handler.proceed();
 178          } else {
 179              ((AuthenticatorActivity)mContext).showUntrustedCertDialog(x509Certificate, error, handler);
 180          }
 181     }
 182
 183     /**
 184      * Obtain the X509Certificate from SslError
 185      * @param   error     SslError
 186      * @return  X509Certificate from error
 187      */
 188     public X509Certificate getX509CertificateFromError (SslError error) {
 189         Bundle bundle = SslCertificate.saveState(error.getCertificate());
 190         X509Certificate x509Certificate;
 191         byte[] bytes = bundle.getByteArray("x509-certificate");
 192         if (bytes == null) {
 193             x509Certificate = null;
 194         } else {
 195             try {
 196                 CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
 197                 Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes));
 198                 x509Certificate = (X509Certificate) cert;
 199             } catch (CertificateException e) {
 200                 x509Certificate = null;
 201             }
 202         }
 203         return x509Certificate;
 204     }
 205
 206     @Override
 207     public void onReceivedHttpAuthRequest (WebView view, HttpAuthHandler handler, String host, String realm) {
 208         Log_OC.d(TAG, "onReceivedHttpAuthRequest : " + host);
 209
 210         createAuthenticationDialog(view, handler);
 211
 212         if (!mIsFirstAttempt) {
 213             Toast.makeText(mContext, mContext.getText(R.string.saml_authentication_wrong_pass), Toast.LENGTH_LONG).show();
 214         } else {
 215             mIsFirstAttempt = false;
 216         }
 217     }
 218
 219     @Override
 220     public WebResourceResponse shouldInterceptRequest (WebView view, String url) {
 221         Log_OC.d(TAG, "shouldInterceptRequest : " + url);
 222         return null;
 223     }
 224
 225     @Override
 226     public void onLoadResource (WebView view, String url) {
 227         Log_OC.d(TAG, "onLoadResource : " + url);
 228     }
 229
 230     @Override
 231     public void onReceivedLoginRequest (WebView view, String realm, String account, String args) {
 232         Log_OC.d(TAG, "onReceivedLoginRequest : " + realm + ", " + account + ", " + args);
 233     }
 234
 235     @Override
 236     public void onScaleChanged (WebView view, float oldScale, float newScale) {
 237         Log_OC.d(TAG, "onScaleChanged : " + oldScale + " -> " + newScale);
 238         super.onScaleChanged(view, oldScale, newScale);
 239     }
 240
 241     @Override
 242     public void onUnhandledKeyEvent (WebView view, KeyEvent event) {
 243         Log_OC.d(TAG, "onUnhandledKeyEvent : " + event);
 244     }
 245
 246     @Override
 247     public boolean shouldOverrideKeyEvent (WebView view, KeyEvent event) {
 248         Log_OC.d(TAG, "shouldOverrideKeyEvent : " + event);
 249         return false;
 250     }
 251
 252     /**
 253      * Create dialog for request authentication to the user
 254      * @param webView
 255      * @param handler
 256      */
 257     private void createAuthenticationDialog(WebView webView, HttpAuthHandler handler) {
 258         final WebView mWebView = webView;
 259         final HttpAuthHandler mHandler = handler;
 260
 261         // Create field for username
 262         final EditText usernameET = new EditText(mContext);
 263         usernameET.setHint(mContext.getText(R.string.auth_username));
 264
 265         // Create field for password
 266         final EditText passwordET = new EditText(mContext);
 267         passwordET.setHint(mContext.getText(R.string.auth_password));
 268         passwordET.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD);
 269
 270         // Prepare LinearLayout for dialog
 271         LinearLayout ll = new LinearLayout(mContext);
 272         ll.setOrientation(LinearLayout.VERTICAL);
 273         ll.addView(usernameET);
 274         ll.addView(passwordET);
 275
 276         Builder authDialog = new AlertDialog
 277                 .Builder(mContext)
 278                 .setTitle(mContext.getText(R.string.saml_authentication_required_text))
 279                 .setView(ll)
 280                 .setCancelable(false)
 281                 .setPositiveButton(mContext.getText(R.string.common_ok),
 282                         new DialogInterface.OnClickListener() {
 283                     public void onClick(DialogInterface dialog, int whichButton) {
 284
 285                         String username = usernameET.getText().toString().trim();
 286                         String password = passwordET.getText().toString().trim();
 287
 288                         // Proceed with the authentication
 289                         mHandler.proceed(username, password);
 290                         dialog.dismiss();
 291                     }
 292                 })
 293                 .setNegativeButton(mContext.getText(R.string.common_cancel),
 294                         new DialogInterface.OnClickListener() {
 295                     public void onClick(DialogInterface dialog, int whichButton) {
 296                         dialog.dismiss();
 297                         mWebView.stopLoading();
 298                         mIsFirstAttempt = true;
 299                     }
 300                 });
 301
 302         if (mWebView!=null) {
 303             authDialog.show();
 304         }
 305
 306     }
 307 }