\r
package com.owncloud.android.authentication;\r
\r
-import com.owncloud.android.AccountUtils;\r
-import com.owncloud.android.Log_OC;\r
-import com.owncloud.android.ui.dialog.SslValidatorDialog;\r
-import com.owncloud.android.ui.dialog.SslValidatorDialog.OnSslValidatorListener;\r
-import com.owncloud.android.utils.OwnCloudVersion;\r
-import com.owncloud.android.network.OwnCloudClientUtils;\r
-import com.owncloud.android.operations.OwnCloudServerCheckOperation;\r
-import com.owncloud.android.operations.ExistenceCheckOperation;\r
-import com.owncloud.android.operations.OAuth2GetAccessToken;\r
-import com.owncloud.android.operations.OnRemoteOperationListener;\r
-import com.owncloud.android.operations.RemoteOperation;\r
-import com.owncloud.android.operations.RemoteOperationResult;\r
-import com.owncloud.android.operations.RemoteOperationResult.ResultCode;\r
-\r
import android.accounts.Account;\r
-import android.accounts.AccountAuthenticatorActivity;\r
import android.accounts.AccountManager;\r
import android.app.AlertDialog;\r
import android.app.Dialog;\r
import android.view.View.OnTouchListener;\r
import android.view.Window;\r
import android.view.inputmethod.EditorInfo;\r
+import android.widget.Button;\r
import android.widget.CheckBox;\r
import android.widget.EditText;\r
-import android.widget.Button;\r
import android.widget.TextView;\r
-import android.widget.Toast;\r
import android.widget.TextView.OnEditorActionListener;\r
+import android.widget.Toast;\r
\r
+import com.owncloud.android.Log_OC;\r
import com.owncloud.android.R;\r
+import com.owncloud.android.authentication.SsoWebViewClient.SsoWebViewClientListener;\r
+import com.owncloud.android.network.OwnCloudClientUtils;\r
+import com.owncloud.android.operations.ExistenceCheckOperation;\r
+import com.owncloud.android.operations.OAuth2GetAccessToken;\r
+import com.owncloud.android.operations.OnRemoteOperationListener;\r
+import com.owncloud.android.operations.OwnCloudServerCheckOperation;\r
+import com.owncloud.android.operations.RemoteOperation;\r
+import com.owncloud.android.operations.RemoteOperationResult;\r
+import com.owncloud.android.operations.RemoteOperationResult.ResultCode;\r
+import com.owncloud.android.ui.dialog.SamlWebViewDialog;\r
+import com.owncloud.android.ui.dialog.SslValidatorDialog;\r
+import com.owncloud.android.ui.dialog.SslValidatorDialog.OnSslValidatorListener;\r
+import com.owncloud.android.utils.OwnCloudVersion;\r
\r
import eu.alefzero.webdav.WebdavClient;\r
\r
* @author David A. Velasco\r
*/\r
public class AuthenticatorActivity extends AccountAuthenticatorActivity\r
-implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener {\r
+implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener, SsoWebViewClientListener{\r
\r
private static final String TAG = AuthenticatorActivity.class.getSimpleName();\r
\r
public static final String EXTRA_USER_NAME = "USER_NAME";\r
public static final String EXTRA_HOST_NAME = "HOST_NAME";\r
public static final String EXTRA_ACTION = "ACTION";\r
+ public static final String EXTRA_ENFORCED_UPDATE = "ENFORCE_UPDATE";\r
\r
private static final String KEY_HOST_URL_TEXT = "HOST_URL_TEXT";\r
private static final String KEY_OC_VERSION = "OC_VERSION";\r
private static final String KEY_PASSWORD_VISIBLE = "PASSWORD_VISIBLE";\r
private static final String KEY_AUTH_STATUS_TEXT = "AUTH_STATUS_TEXT";\r
private static final String KEY_AUTH_STATUS_ICON = "AUTH_STATUS_ICON";\r
+ private static final String KEY_REFRESH_BUTTON_ENABLED = "KEY_REFRESH_BUTTON_ENABLED";\r
\r
- private static final String OAUTH_MODE_ON = "on";\r
- private static final String OAUTH_MODE_OFF = "off";\r
- private static final String OAUTH_MODE_OPTIONAL = "optional";\r
-\r
+ private static final String AUTH_ON = "on";\r
+ private static final String AUTH_OFF = "off";\r
+ private static final String AUTH_OPTIONAL = "optional";\r
+ \r
private static final int DIALOG_LOGIN_PROGRESS = 0;\r
private static final int DIALOG_SSL_VALIDATOR = 1;\r
private static final int DIALOG_CERT_NOT_SAVED = 2;\r
public static final byte ACTION_CREATE = 0;\r
public static final byte ACTION_UPDATE_TOKEN = 1;\r
\r
-\r
+ private static final String TAG_SAML_DIALOG = "samlWebViewDialog";\r
+ \r
private String mHostBaseUrl;\r
private OwnCloudVersion mDiscoveredVersion;\r
\r
private int mServerStatusText, mServerStatusIcon;\r
private boolean mServerIsChecked, mServerIsValid, mIsSslConn;\r
private int mAuthStatusText, mAuthStatusIcon; \r
+ private TextView mAuthStatusLayout;\r
\r
private final Handler mHandler = new Handler();\r
private Thread mOperationThread;\r
private Account mAccount;\r
\r
private EditText mHostUrlInput;\r
+ private boolean mHostUrlInputEnabled;\r
+ private View mRefreshButton;\r
+\r
+ private String mCurrentAuthTokenType;\r
+ \r
private EditText mUsernameInput;\r
private EditText mPasswordInput;\r
+ \r
private CheckBox mOAuth2Check;\r
- private String mOAuthAccessToken;\r
- private View mOkButton;\r
- private TextView mAuthStatusLayout;\r
-\r
+ \r
private TextView mOAuthAuthEndpointText;\r
private TextView mOAuthTokenEndpointText;\r
+ \r
+ private TextView mAccountNameInput;\r
+ private SamlWebViewDialog mSamlDialog;\r
+ \r
+ private View mOkButton;\r
+ \r
+ private String mAuthToken;\r
\r
\r
/**\r
/// set view and get references to view elements\r
setContentView(R.layout.account_setup);\r
mHostUrlInput = (EditText) findViewById(R.id.hostUrlInput);\r
+ mHostUrlInput.setText(getString(R.string.server_url)); // valid although R.string.server_url is an empty string\r
mUsernameInput = (EditText) findViewById(R.id.account_username);\r
mPasswordInput = (EditText) findViewById(R.id.account_password);\r
mOAuthAuthEndpointText = (TextView)findViewById(R.id.oAuthEntryPoint_1);\r
mOAuthTokenEndpointText = (TextView)findViewById(R.id.oAuthEntryPoint_2);\r
mOAuth2Check = (CheckBox) findViewById(R.id.oauth_onOff_check);\r
+ mAccountNameInput = (EditText) findViewById(R.id.account_name);\r
mOkButton = findViewById(R.id.buttonOK);\r
mAuthStatusLayout = (TextView) findViewById(R.id.auth_status_text); \r
+ \r
+ /// set Host Url Input Enabled\r
+ mHostUrlInputEnabled = getResources().getBoolean(R.bool.show_server_url_input);\r
+ \r
\r
/// complete label for 'register account' button\r
Button b = (Button) findViewById(R.id.account_register);\r
mAction = getIntent().getByteExtra(EXTRA_ACTION, ACTION_CREATE); \r
mAccount = null;\r
mHostBaseUrl = "";\r
+ boolean refreshButtonEnabled = false;\r
+ \r
+ // URL input configuration applied\r
+ if (!mHostUrlInputEnabled)\r
+ {\r
+ findViewById(R.id.hostUrlFrame).setVisibility(View.GONE);\r
+ mRefreshButton = findViewById(R.id.centeredRefreshButton);\r
+\r
+ } else {\r
+ mRefreshButton = findViewById(R.id.embeddedRefreshButton);\r
+ }\r
\r
if (savedInstanceState == null) {\r
/// connection state and info\r
mAuthStatusText = mAuthStatusIcon = 0;\r
\r
/// retrieve extras from intent\r
- String tokenType = getIntent().getExtras().getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE);\r
- boolean oAuthRequired = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(tokenType) || OAUTH_MODE_ON.equals(getString(R.string.oauth2_mode));\r
-\r
mAccount = getIntent().getExtras().getParcelable(EXTRA_ACCOUNT);\r
if (mAccount != null) {\r
String ocVersion = mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION);\r
}\r
mHostBaseUrl = normalizeUrl(mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL));\r
mHostUrlInput.setText(mHostBaseUrl);\r
- String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@'));\r
- mUsernameInput.setText(userName);\r
- oAuthRequired = (mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null);\r
}\r
- mOAuth2Check.setChecked(oAuthRequired);\r
- changeViewByOAuth2Check(oAuthRequired);\r
-\r
-\r
+ initAuthorizationMethod(); // checks intent and setup.xml to determine mCurrentAuthorizationMethod\r
+ mJustCreated = true;\r
+ \r
+ if (mAction == ACTION_UPDATE_TOKEN || !mHostUrlInputEnabled) {\r
+ checkOcServer(); \r
+ }\r
+ \r
} else {\r
/// connection state and info\r
mServerIsValid = savedInstanceState.getBoolean(KEY_SERVER_VALID);\r
\r
// account data, if updating\r
mAccount = savedInstanceState.getParcelable(KEY_ACCOUNT);\r
+ mCurrentAuthTokenType = savedInstanceState.getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE);\r
+ if (mCurrentAuthTokenType == null) {\r
+ mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;\r
+ \r
+ }\r
\r
// check if server check was interrupted by a configuration change\r
if (savedInstanceState.getBoolean(KEY_SERVER_CHECK_IN_PROGRESS, false)) {\r
checkOcServer();\r
- }\r
+ } \r
+ \r
+ // refresh button enabled\r
+ refreshButtonEnabled = savedInstanceState.getBoolean(KEY_REFRESH_BUTTON_ENABLED);\r
+ \r
\r
}\r
\r
+ adaptViewAccordingToAuthenticationMethod();\r
showServerStatus();\r
showAuthStatus();\r
- if (mServerIsChecked && !mServerIsValid) showRefreshButton();\r
- mOkButton.setEnabled(mServerIsValid); // state not automatically recovered in configuration changes\r
-\r
- if (!OAUTH_MODE_OPTIONAL.equals(getString(R.string.oauth2_mode))) {\r
- mOAuth2Check.setVisibility(View.GONE);\r
- }\r
-\r
+ \r
if (mAction == ACTION_UPDATE_TOKEN) {\r
/// lock things that should not change\r
mHostUrlInput.setEnabled(false);\r
+ mHostUrlInput.setFocusable(false);\r
mUsernameInput.setEnabled(false);\r
+ mUsernameInput.setFocusable(false);\r
+ mOAuth2Check.setVisibility(View.GONE);\r
+ }\r
+ \r
+ //if (mServerIsChecked && !mServerIsValid && mRefreshButtonEnabled) showRefreshButton();\r
+ if (mServerIsChecked && !mServerIsValid && refreshButtonEnabled) showRefreshButton();\r
+ mOkButton.setEnabled(mServerIsValid); // state not automatically recovered in configuration changes\r
+\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType) || \r
+ !AUTH_OPTIONAL.equals(getString(R.string.auth_method_oauth2))) {\r
mOAuth2Check.setVisibility(View.GONE);\r
- if (!mServerIsValid && mOcServerChkOperation == null) {\r
- checkOcServer(); \r
- }\r
}\r
\r
mPasswordInput.setText(""); // clean password to avoid social hacking (disadvantage: password in removed if the device is turned aside)\r
- mJustCreated = true;\r
\r
- /// bind view elements to listeners\r
+ /// bind view elements to listeners and other friends\r
mHostUrlInput.setOnFocusChangeListener(this);\r
- mHostUrlInput.setOnTouchListener(new RightDrawableOnTouchListener() {\r
- @Override\r
- public boolean onDrawableTouch(final MotionEvent event) {\r
- if (event.getAction() == MotionEvent.ACTION_UP) {\r
- AuthenticatorActivity.this.onRefreshClick();\r
- }\r
- return true;\r
- }\r
- });\r
mHostUrlInput.addTextChangedListener(new TextWatcher() {\r
\r
@Override\r
});\r
mPasswordInput.setOnFocusChangeListener(this);\r
mPasswordInput.setImeOptions(EditorInfo.IME_ACTION_DONE);\r
- mPasswordInput.setOnEditorActionListener(this);\r
+ mPasswordInput.setOnEditorActionListener(this);
mPasswordInput.setOnTouchListener(new RightDrawableOnTouchListener() {\r
@Override\r
public boolean onDrawableTouch(final MotionEvent event) {\r
return true;\r
}\r
});\r
+ \r
+ }\r
+ \r
+ \r
+\r
+ private void initAuthorizationMethod() {\r
+ boolean oAuthRequired = false;\r
+ boolean samlWebSsoRequired = false;\r
+\r
+ mCurrentAuthTokenType = getIntent().getExtras().getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE);\r
+ mAccount = getIntent().getExtras().getParcelable(EXTRA_ACCOUNT);\r
+ \r
+ // TODO could be a good moment to validate the received token type, if not null\r
+ \r
+ if (mCurrentAuthTokenType == null) { \r
+ if (mAccount != null) {\r
+ /// same authentication method than the one used to create the account to update\r
+ oAuthRequired = (mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null);\r
+ samlWebSsoRequired = (mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null);\r
+ \r
+ } else {\r
+ /// use the one set in setup.xml\r
+ oAuthRequired = AUTH_ON.equals(getString(R.string.auth_method_oauth2));\r
+ samlWebSsoRequired = AUTH_ON.equals(getString(R.string.auth_method_saml_web_sso)); \r
+ }\r
+ if (oAuthRequired) {\r
+ mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN;\r
+ } else if (samlWebSsoRequired) {\r
+ mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE;\r
+ } else {\r
+ mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;\r
+ }\r
+ }\r
+ \r
+ if (mAccount != null) {\r
+ String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@'));\r
+ mUsernameInput.setText(userName);\r
+ }\r
+ \r
+ mOAuth2Check.setChecked(AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType));\r
+ \r
}\r
\r
/**\r
if (mAccount != null) {\r
outState.putParcelable(KEY_ACCOUNT, mAccount);\r
}\r
+ outState.putString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE, mCurrentAuthTokenType);\r
+ \r
+ // refresh button enabled\r
+ outState.putBoolean(KEY_REFRESH_BUTTON_ENABLED, (mRefreshButton.getVisibility() == View.VISIBLE));\r
+ \r
\r
}\r
\r
@Override\r
protected void onResume() {\r
super.onResume();\r
- // the state of mOAuth2Check is automatically recovered between configuration changes, but not before onCreate() finishes; so keep the next lines here\r
- changeViewByOAuth2Check(mOAuth2Check.isChecked()); \r
- if (mAction == ACTION_UPDATE_TOKEN && mJustCreated) {\r
+ if (mAction == ACTION_UPDATE_TOKEN && mJustCreated && getIntent().getBooleanExtra(EXTRA_ENFORCED_UPDATE, false)) {\r
if (mOAuth2Check.isChecked())\r
Toast.makeText(this, R.string.auth_expired_oauth_token_toast, Toast.LENGTH_LONG).show();\r
else\r
}\r
\r
mJustCreated = false;\r
+ \r
}\r
\r
\r
getString(R.string.oauth2_grant_type),\r
queryParameters);\r
//WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(getString(R.string.oauth2_url_endpoint_access)), getApplicationContext());\r
- WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mOAuthTokenEndpointText.getText().toString().trim()), getApplicationContext());\r
+ WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mOAuthTokenEndpointText.getText().toString().trim()), getApplicationContext(), true);\r
operation.execute(client, this, mHandler);\r
}\r
\r
checkOcServer();\r
} else {\r
mOkButton.setEnabled(mServerIsValid);\r
+ if (!mServerIsValid) {\r
+ showRefreshButton();\r
+ }\r
}\r
}\r
\r
\r
private void checkOcServer() {\r
- String uri = mHostUrlInput.getText().toString().trim();\r
+ String uri = trimUrlWebdav(mHostUrlInput.getText().toString().trim());\r
+ \r
+ if (!mHostUrlInputEnabled){\r
+ uri = getString(R.string.server_url);\r
+ }\r
+ \r
mServerIsValid = false;\r
mServerIsChecked = false;\r
mOkButton.setEnabled(false);\r
mServerStatusIcon = R.drawable.progress_small;\r
showServerStatus();\r
mOcServerChkOperation = new OwnCloudServerCheckOperation(uri, this);\r
- WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(uri), this);\r
+ WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(uri), this, true);\r
mOperationThread = mOcServerChkOperation.execute(client, this, mHandler);\r
} else {\r
mServerStatusText = 0;\r
return;\r
}\r
\r
- if (mOAuth2Check.isChecked()) {\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) {\r
startOauthorization();\r
-\r
+ } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { \r
+ startSamlBasedFederatedSingleSignOnAuthorization();\r
} else {\r
checkBasicAuthorization();\r
}\r
*/\r
private void checkBasicAuthorization() {\r
/// get the path to the root folder through WebDAV from the version server\r
- String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, false);\r
+ String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);\r
\r
/// get basic credentials entered by user\r
String username = mUsernameInput.getText().toString();\r
\r
/// test credentials accessing the root folder\r
mAuthCheckOperation = new ExistenceCheckOperation("", this, false);\r
- WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this);\r
+ WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, true);\r
client.setBasicCredentials(username, password);\r
mOperationThread = mAuthCheckOperation.execute(client, this, mHandler);\r
}\r
mAuthStatusIcon = R.drawable.progress_small;\r
mAuthStatusText = R.string.oauth_login_connection;\r
showAuthStatus();\r
+ \r
\r
// GET AUTHORIZATION request\r
//Uri uri = Uri.parse(getString(R.string.oauth2_url_endpoint_auth));\r
\r
\r
/**\r
+ * Starts the Web Single Sign On flow to get access to the root folder\r
+ * in the server.\r
+ */\r
+ private void startSamlBasedFederatedSingleSignOnAuthorization() {\r
+ // be gentle with the user\r
+ mAuthStatusIcon = R.drawable.progress_small;\r
+ mAuthStatusText = R.string.auth_connecting_auth_server;\r
+ showAuthStatus();\r
+ showDialog(DIALOG_LOGIN_PROGRESS);\r
+ \r
+ /// get the path to the root folder through WebDAV from the version server\r
+ String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);\r
+\r
+ /// test credentials accessing the root folder\r
+ mAuthCheckOperation = new ExistenceCheckOperation("", this, false);\r
+ WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, false);\r
+ mOperationThread = mAuthCheckOperation.execute(client, this, mHandler);\r
+ }\r
+\r
+ /**\r
* Callback method invoked when a RemoteOperation executed by this Activity finishes.\r
* \r
* Dispatches the operation flow to the right method.\r
onGetOAuthAccessTokenFinish((OAuth2GetAccessToken)operation, result);\r
\r
} else if (operation instanceof ExistenceCheckOperation) {\r
- onAuthorizationCheckFinish((ExistenceCheckOperation)operation, result);\r
-\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ onSamlBasedFederatedSingleSignOnAuthorizationStart(operation, result);\r
+ \r
+ } else {\r
+ onAuthorizationCheckFinish((ExistenceCheckOperation)operation, result);\r
+ }\r
}\r
}\r
+ \r
+ \r
+ private void onSamlBasedFederatedSingleSignOnAuthorizationStart(RemoteOperation operation, RemoteOperationResult result) {\r
+ try {\r
+ dismissDialog(DIALOG_LOGIN_PROGRESS);\r
+ } catch (IllegalArgumentException e) {\r
+ // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens\r
+ }\r
+ \r
+ if (result.isTemporalRedirection() || result.isIdPRedirection()) {\r
+ String url = result.getRedirectedLocation();\r
+ String targetUrl = mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);\r
+ \r
+ // Show dialog\r
+ mSamlDialog = SamlWebViewDialog.newInstance(url, targetUrl); \r
+ mSamlDialog.show(getSupportFragmentManager(), TAG_SAML_DIALOG);\r
+ \r
+ mAuthStatusIcon = android.R.drawable.ic_secure;\r
+ mAuthStatusText = R.string.auth_follow_auth_server;\r
+ \r
+ } else {\r
+ mAuthStatusIcon = R.drawable.common_error;\r
+ mAuthStatusText = R.string.auth_unsupported_auth_method;\r
+ \r
+ }\r
+ showAuthStatus();\r
+ }\r
\r
\r
/**\r
} else {\r
url = "http://" + url;\r
}\r
-\r
}\r
+\r
+ // OC-208: Add suffix remote.php/webdav to normalize (OC-34) \r
+ url = trimUrlWebdav(url);\r
+\r
if (url.endsWith("/")) {\r
url = url.substring(0, url.length() - 1);\r
}\r
+\r
}\r
+ Log_OC.d(TAG, "URL Normalize " + url);\r
return (url != null ? url : "");\r
}\r
\r
+\r
+ private String trimUrlWebdav(String url){ \r
+ if(url.toLowerCase().endsWith(AccountUtils.WEBDAV_PATH_4_0)){\r
+ url = url.substring(0, url.length() - AccountUtils.WEBDAV_PATH_4_0.length()); \r
+ } else if(url.toLowerCase().endsWith(AccountUtils.WEBDAV_PATH_2_0)){\r
+ url = url.substring(0, url.length() - AccountUtils.WEBDAV_PATH_2_0.length()); \r
+ } else if (url.toLowerCase().endsWith(AccountUtils.WEBDAV_PATH_1_2)){\r
+ url = url.substring(0, url.length() - AccountUtils.WEBDAV_PATH_1_2.length()); \r
+ } \r
+ return (url != null ? url : "");\r
+ }\r
+ \r
+ \r
/**\r
* Chooses the right icon and text to show to the user for the received operation result.\r
* \r
// NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens\r
}\r
\r
- String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, true);\r
+ String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);\r
if (result.isSuccess() && webdav_path != null) {\r
/// be gentle with the user\r
showDialog(DIALOG_LOGIN_PROGRESS);\r
\r
/// time to test the retrieved access token on the ownCloud server\r
- mOAuthAccessToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN);\r
- Log_OC.d(TAG, "Got ACCESS TOKEN: " + mOAuthAccessToken);\r
+ mAuthToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN);\r
+ Log_OC.d(TAG, "Got ACCESS TOKEN: " + mAuthToken);\r
mAuthCheckOperation = new ExistenceCheckOperation("", this, false);\r
- WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this);\r
- client.setBearerCredentials(mOAuthAccessToken);\r
+ WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, true);\r
+ client.setBearerCredentials(mAuthToken);\r
mAuthCheckOperation.execute(client, this, mHandler);\r
\r
} else {\r
\r
finish();\r
\r
- } else {\r
+ } else if (result.isServerFail() || result.isException()) {\r
+ /// if server fail or exception in authorization, the UI is updated as when a server check failed\r
+ mServerIsChecked = true;\r
+ mServerIsValid = false;\r
+ mIsSslConn = false;\r
+ mOcServerChkOperation = null;\r
+ mDiscoveredVersion = null;\r
+ mHostBaseUrl = normalizeUrl(mHostUrlInput.getText().toString());\r
+\r
+ // update status icon and text\r
+ updateServerStatusIconAndText(result);\r
+ showServerStatus();\r
+ mAuthStatusIcon = 0;\r
+ mAuthStatusText = 0;\r
+ showAuthStatus();\r
+ \r
+ // update input controls state\r
+ showRefreshButton();\r
+ mOkButton.setEnabled(false);\r
+\r
+ // very special case (TODO: move to a common place for all the remote operations) (dangerous here?)\r
+ if (result.getCode() == ResultCode.SSL_RECOVERABLE_PEER_UNVERIFIED) {\r
+ mLastSslUntrustedServerResult = result;\r
+ showDialog(DIALOG_SSL_VALIDATOR); \r
+ }\r
+\r
+ } else { // authorization fail due to client side - probably wrong credentials\r
updateAuthStatusIconAndText(result);\r
showAuthStatus();\r
Log_OC.d(TAG, "Access failed: " + result.getLogMessage());\r
Bundle response = new Bundle();\r
response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name);\r
response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type);\r
- boolean isOAuth = mOAuth2Check.isChecked();\r
- if (isOAuth) {\r
- response.putString(AccountManager.KEY_AUTHTOKEN, mOAuthAccessToken);\r
+ \r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { \r
+ response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);\r
// the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention\r
- mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken);\r
+ mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
+ \r
+ } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);\r
+ // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention\r
+ mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
+ \r
} else {\r
response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString());\r
mAccountMgr.setPassword(mAccount, mPasswordInput.getText().toString());\r
*/\r
private void createAccount() {\r
/// create and save new ownCloud account\r
- boolean isOAuth = mOAuth2Check.isChecked();\r
+ boolean isOAuth = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType);\r
+ boolean isSaml = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType);\r
\r
Uri uri = Uri.parse(mHostBaseUrl);\r
String username = mUsernameInput.getText().toString().trim();\r
- if (isOAuth) {\r
+ if (isSaml) {\r
+ username = mAccountNameInput.getText().toString().trim();\r
+ \r
+ } else if (isOAuth) {\r
username = "OAuth_user" + (new java.util.Random(System.currentTimeMillis())).nextLong();\r
} \r
String accountName = username + "@" + uri.getHost();\r
accountName += ":" + uri.getPort();\r
}\r
mAccount = new Account(accountName, AccountAuthenticator.ACCOUNT_TYPE);\r
- if (isOAuth) {\r
- mAccountMgr.addAccountExplicitly(mAccount, "", null); // with our implementation, the password is never input in the app\r
+ if (isOAuth || isSaml) {\r
+ mAccountMgr.addAccountExplicitly(mAccount, "", null); // with external authorizations, the password is never input in the app\r
} else {\r
mAccountMgr.addAccountExplicitly(mAccount, mPasswordInput.getText().toString(), null);\r
}\r
final Intent intent = new Intent(); \r
intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE, AccountAuthenticator.ACCOUNT_TYPE);\r
intent.putExtra(AccountManager.KEY_ACCOUNT_NAME, mAccount.name);\r
- if (!isOAuth)\r
- intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); // TODO check this; not sure it's right; maybe\r
+ /*if (!isOAuth)\r
+ intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); */\r
intent.putExtra(AccountManager.KEY_USERDATA, username);\r
- if (isOAuth) {\r
- mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken);\r
+ if (isOAuth || isSaml) {\r
+ mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
}\r
/// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA\r
mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION, mDiscoveredVersion.toString());\r
mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL, mHostBaseUrl);\r
- if (isOAuth)\r
- mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); // TODO this flag should be unnecessary\r
+ if (isSaml) {\r
+ mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO, "TRUE"); \r
+ } else if (isOAuth) {\r
+ mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); \r
+ }\r
\r
setAccountAuthenticatorResult(intent.getExtras());\r
setResult(RESULT_OK, intent);\r
\r
\r
private void showRefreshButton() {\r
- mHostUrlInput.setCompoundDrawablesWithIntrinsicBounds(0, 0, R.drawable.ic_action_refresh_black, 0);\r
+ mRefreshButton.setVisibility(View.VISIBLE);\r
}\r
\r
private void hideRefreshButton() {\r
- mHostUrlInput.setCompoundDrawablesWithIntrinsicBounds(0, 0, 0, 0);\r
+ mRefreshButton.setVisibility(View.GONE);\r
}\r
\r
/**\r
* \r
* @param view Refresh 'button'\r
*/\r
- public void onRefreshClick() {\r
+ public void onRefreshClick(View view) {\r
checkOcServer();\r
}\r
\r
* @param view 'View password' 'button'\r
*/\r
public void onCheckClick(View view) {\r
- CheckBox oAuth2Check = (CheckBox)view; \r
- changeViewByOAuth2Check(oAuth2Check.isChecked());\r
-\r
+ CheckBox oAuth2Check = (CheckBox)view;\r
+ if (oAuth2Check.isChecked()) {\r
+ mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN;\r
+ } else {\r
+ mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;\r
+ }\r
+ adaptViewAccordingToAuthenticationMethod();\r
}\r
\r
+ \r
/**\r
- * Changes the visibility of input elements depending upon the kind of authorization\r
- * chosen by the user: basic or OAuth\r
- * \r
- * @param checked 'True' when OAuth is selected.\r
+ * Changes the visibility of input elements depending on\r
+ * the current authorization method.\r
*/\r
- public void changeViewByOAuth2Check(Boolean checked) {\r
-\r
- if (checked) {\r
+ private void adaptViewAccordingToAuthenticationMethod () {\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) {\r
+ // OAuth 2 authorization\r
mOAuthAuthEndpointText.setVisibility(View.VISIBLE);\r
mOAuthTokenEndpointText.setVisibility(View.VISIBLE);\r
mUsernameInput.setVisibility(View.GONE);\r
mPasswordInput.setVisibility(View.GONE);\r
+ mAccountNameInput.setVisibility(View.GONE);\r
+ \r
+ } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ // SAML-based web Single Sign On\r
+ mOAuthAuthEndpointText.setVisibility(View.GONE);\r
+ mOAuthTokenEndpointText.setVisibility(View.GONE);\r
+ mUsernameInput.setVisibility(View.GONE);\r
+ mPasswordInput.setVisibility(View.GONE);\r
+ mAccountNameInput.setVisibility(View.VISIBLE);\r
} else {\r
+ // basic HTTP authorization\r
mOAuthAuthEndpointText.setVisibility(View.GONE);\r
mOAuthTokenEndpointText.setVisibility(View.GONE);\r
mUsernameInput.setVisibility(View.VISIBLE);\r
mPasswordInput.setVisibility(View.VISIBLE);\r
- } \r
-\r
- } \r
-\r
+ mAccountNameInput.setVisibility(View.GONE);\r
+ }\r
+ }\r
+ \r
/**\r
* Called from SslValidatorDialog when a new server certificate was correctly saved.\r
*/\r
public void onSavedCertificate() {\r
- mOperationThread = mOcServerChkOperation.retry(this, mHandler); \r
+ checkOcServer();\r
}\r
\r
/**\r
public abstract boolean onDrawableTouch(final MotionEvent event);\r
}\r
\r
+\r
+ public void onSamlDialogSuccess(String sessionCookie){\r
+ mAuthToken = sessionCookie;\r
+ \r
+ if (sessionCookie != null && sessionCookie.length() > 0) {\r
+ Log_OC.d(TAG, "Successful SSO - time to save the account");\r
+ mAuthToken = sessionCookie;\r
+ if (mAction == ACTION_CREATE) {\r
+ createAccount();\r
+\r
+ } else {\r
+ updateToken();\r
+ }\r
+\r
+ finish();\r
+\r
+ }\r
+ }\r
+\r
+\r
+\r
+ @Override\r
+ public void onSsoFinished(String sessionCookie) {\r
+ //Toast.makeText(this, "got cookies: " + sessionCookie, Toast.LENGTH_LONG).show();\r
+\r
+ if (sessionCookie != null && sessionCookie.length() > 0) {\r
+ Log_OC.d(TAG, "Successful SSO - time to save the account");\r
+ onSamlDialogSuccess(sessionCookie);\r
+ finish();\r
+\r
+ } else { \r
+ // TODO - show fail\r
+ Log_OC.d(TAG, "SSO failed");\r
+ }\r
+ }\r
+ \r
+ \r
+\r
}\r
projects / pub / Android / ownCloud.git / blobdiff