case ACCOUNT_NOT_NEW:\r
mAuthStatusText = R.string.auth_account_not_new;\r
break;\r
+ case ACCOUNT_NOT_THE_SAME:\r
+ mAuthStatusText = R.string.auth_account_not_the_same;\r
+ break;\r
case UNHANDLED_HTTP_CODE:\r
case UNKNOWN_ERROR:\r
mAuthStatusText = R.string.auth_unknown_error_title;\r
if (result.isSuccess()) {\r
Log_OC.d(TAG, "Successful access - time to save the account");\r
\r
- boolean success = true;\r
+ boolean success = false;\r
if (mAction == ACTION_CREATE) {\r
success = createAccount();\r
\r
} else {\r
- updateToken();\r
+ success = updateToken();\r
}\r
\r
if (success) {\r
* Sets the proper response to get that the Account Authenticator that started this activity saves \r
* a new authorization token for mAccount.\r
*/\r
- private void updateToken() {\r
+ private boolean updateToken() {\r
Bundle response = new Bundle();\r
response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name);\r
response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type);\r
mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
\r
} else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ String username = getUserNameForSamlSso();\r
+ if (!mUsernameInput.getText().toString().equals(username)) {\r
+ // fail - not a new account, but an existing one; disallow\r
+ RemoteOperationResult result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); \r
+ updateAuthStatusIconAndText(result);\r
+ showAuthStatus();\r
+ Log_OC.d(TAG, result.getLogMessage());\r
+ \r
+ return false;\r
+ }\r
+ \r
response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);\r
// the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention\r
mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
+ Log_OC.e(TAG, "saving auth token: " + mAuthToken);\r
\r
} else {\r
response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString());\r
}\r
setAccountAuthenticatorResult(response);\r
\r
- // Sync Account\r
- syncAccount();\r
+ return true;\r
}\r
\r
\r
Log_OC.d(TAG, result.getLogMessage());\r
return false;\r
\r
- \r
} else {\r
\r
if (isOAuth || isSaml) {\r
intent.putExtra(AccountManager.KEY_USERDATA, username);\r
if (isOAuth || isSaml) {\r
mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
+ Log_OC.e(TAG, "saving auth token: " + mAuthToken);\r
}\r
/// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA\r
mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION, mDiscoveredVersion.toString());\r
if (sessionCookie != null && sessionCookie.length() > 0) {\r
Log_OC.d(TAG, "Successful SSO - time to save the account");\r
mAuthToken = sessionCookie;\r
- boolean success = true;\r
+ boolean success = false;\r
if (mAction == ACTION_CREATE) {\r
success = createAccount();\r
\r
} else {\r
- updateToken();\r
+ success = updateToken();\r
}\r
if (success) {\r
finish();\r
projects / pub / Android / ownCloud.git / blobdiff