package com.owncloud.android.authentication;
+import java.io.ByteArrayInputStream;
import java.lang.ref.WeakReference;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import com.actionbarsherlock.app.SherlockFragmentActivity;
+import com.owncloud.android.R;
+import com.owncloud.android.lib.common.network.NetworkUtils;
+import com.owncloud.android.ui.dialog.SslUntrustedCertDialog;
+import com.owncloud.android.ui.dialog.SslUntrustedCertDialogABSTRACT;
+import com.owncloud.android.ui.dialog.SslUntrustedCertDialog.OnSslUntrustedCertListener;
import com.owncloud.android.utils.Log_OC;
+import android.app.AlertDialog;
+import android.content.Context;
+import android.content.DialogInterface;
import android.graphics.Bitmap;
+import android.net.http.SslCertificate;
import android.net.http.SslError;
+import android.os.Bundle;
import android.os.Handler;
import android.os.Message;
+import android.support.v4.app.FragmentActivity;
+import android.support.v4.app.FragmentManager;
+import android.support.v4.app.FragmentTransaction;
import android.view.KeyEvent;
import android.view.View;
import android.webkit.CookieManager;
*
* @author David A. Velasco
*/
-public class SsoWebViewClient extends WebViewClient {
+public class SsoWebViewClient extends WebViewClient implements OnSslUntrustedCertListener {
private static final String TAG = SsoWebViewClient.class.getSimpleName();
+
+ public final static String DIALOG_UNTRUSTED_CERT = "UNTRUSTED CERT";
public interface SsoWebViewClientListener {
public void onSsoFinished(String sessionCookie);
}
+ private Context mContext;
private Handler mListenerHandler;
private WeakReference<SsoWebViewClientListener> mListenerRef;
private String mTargetUrl;
private String mLastReloadedUrlAtError;
- public SsoWebViewClient (Handler listenerHandler, SsoWebViewClientListener listener) {
+ public SsoWebViewClient (Context context, Handler listenerHandler, SsoWebViewClientListener listener) {
+ mContext = context;
mListenerHandler = listenerHandler;
mListenerRef = new WeakReference<SsoWebViewClient.SsoWebViewClientListener>(listener);
mTargetUrl = "fake://url.to.be.set";
}
@Override
- public void onReceivedSslError (WebView view, SslErrorHandler handler, SslError error) {
+ public void onReceivedSslError (final WebView view, final SslErrorHandler handler, SslError error) {
Log_OC.d(TAG, "onReceivedSslError : " + error);
- handler.proceed();
+ // Test 1
+ X509Certificate x509Certificate = getX509CertificateFromError(error);
+ boolean isKnownServer = false;
+
+ if (x509Certificate != null) {
+ Log_OC.d(TAG, "------>>>>> x509Certificate " + x509Certificate.toString());
+
+ try {
+ isKnownServer = NetworkUtils.isCertInKnownServersStore((Certificate) x509Certificate, mContext);
+ } catch (Exception e) {
+ Log_OC.e(TAG, "Exception: " + e.getMessage());
+ }
+ }
+
+ if (isKnownServer) {
+ handler.proceed();
+ } else if (x509Certificate != null) {
+ // Show a dialog with all the certificate info
+ SslUntrustedCertDialog dialog = SslUntrustedCertDialog.newInstance(mContext, x509Certificate, this, handler);
+ FragmentManager fm = ((SherlockFragmentActivity)mContext).getSupportFragmentManager();
+ FragmentTransaction ft = fm.beginTransaction();
+ dialog.show(ft, DIALOG_UNTRUSTED_CERT);
+ handler.cancel();
+ } else {
+ // Show a dialog with the certificate information available in SslError (not full)
+ SslUntrustedCertDialogABSTRACT dialog = SslUntrustedCertDialogABSTRACT.newInstanceForEmptySslError(error, handler);
+ FragmentManager fm = ((SherlockFragmentActivity)mContext).getSupportFragmentManager();
+ FragmentTransaction ft = fm.beginTransaction();
+ dialog.show(ft, DIALOG_UNTRUSTED_CERT);
+ // let's forward the handler, and see what happens...
+ }
+ }
+
+ /**
+ * Obtain the X509Certificate from SslError
+ * @param error SslError
+ * @return X509Certificate from error
+ */
+ public X509Certificate getX509CertificateFromError (SslError error) {
+ Bundle bundle = SslCertificate.saveState(error.getCertificate());
+ X509Certificate x509Certificate;
+ byte[] bytes = bundle.getByteArray("x509-certificate");
+ if (bytes == null) {
+ x509Certificate = null;
+ } else {
+ try {
+ CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
+ Certificate cert = certFactory.generateCertificate(new ByteArrayInputStream(bytes));
+ x509Certificate = (X509Certificate) cert;
+ } catch (CertificateException e) {
+ x509Certificate = null;
+ }
+ }
+ return x509Certificate;
}
@Override
return false;
}
+ @Override
+ public void onFailedSavingCertificate() {
+ AlertDialog.Builder builder = new AlertDialog.Builder(mContext);
+ builder.setMessage(mContext.getString(R.string.ssl_validator_not_saved));
+ builder.setCancelable(false);
+ builder.setPositiveButton(R.string.common_ok, new DialogInterface.OnClickListener() {
+ @Override
+ public void onClick(DialogInterface dialog, int which) {
+ dialog.dismiss();
+ };
+ });
+ builder.create().show();
+
+ }
+
}
projects / pub / Android / ownCloud.git / blobdiff