-/* ownCloud Android client application\r
- *   Copyright (C) 2011  Bartek Przybylski\r
- *\r
- *   This program is free software: you can redistribute it and/or modify\r
- *   it under the terms of the GNU General Public License as published by\r
- *   the Free Software Foundation, either version 3 of the License, or\r
- *   (at your option) any later version.\r
- *\r
- *   This program is distributed in the hope that it will be useful,\r
- *   but WITHOUT ANY WARRANTY; without even the implied warranty of\r
- *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\r
- *   GNU General Public License for more details.\r
- *\r
- *   You should have received a copy of the GNU General Public License\r
- *   along with this program.  If not, see <http://www.gnu.org/licenses/>.\r
- *\r
- */\r
-package eu.alefzero.webdav;\r
-\r
-import java.io.BufferedInputStream;\r
-import java.io.File;\r
-import java.io.FileOutputStream;\r
-import java.io.IOException;\r
-\r
-import org.apache.commons.httpclient.Credentials;\r
-import org.apache.commons.httpclient.HttpClient;\r
-import org.apache.commons.httpclient.HttpException;\r
-import org.apache.commons.httpclient.HttpMethodBase;\r
-import org.apache.commons.httpclient.HttpVersion;\r
-import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;\r
-import org.apache.commons.httpclient.UsernamePasswordCredentials;\r
-import org.apache.commons.httpclient.auth.AuthScope;\r
-import org.apache.commons.httpclient.methods.GetMethod;\r
-import org.apache.commons.httpclient.methods.HeadMethod;\r
-import org.apache.commons.httpclient.methods.PutMethod;\r
-import org.apache.commons.httpclient.params.HttpMethodParams;\r
-import org.apache.commons.httpclient.protocol.Protocol;\r
-import org.apache.http.HttpStatus;\r
-import org.apache.http.params.CoreProtocolPNames;\r
-import org.apache.jackrabbit.webdav.client.methods.DavMethod;\r
-import org.apache.jackrabbit.webdav.client.methods.DeleteMethod;\r
-import org.apache.jackrabbit.webdav.client.methods.MkColMethod;\r
-\r
-import android.accounts.Account;\r
-import android.accounts.AccountManager;\r
-import android.content.Context;\r
-import android.net.Uri;\r
-import android.util.Log;\r
-import eu.alefzero.owncloud.AccountUtils;\r
-import eu.alefzero.owncloud.authenticator.AccountAuthenticator;\r
-import eu.alefzero.owncloud.authenticator.EasySSLSocketFactory;\r
-import eu.alefzero.owncloud.files.interfaces.OnDatatransferProgressListener;\r
-import eu.alefzero.owncloud.utils.OwnCloudVersion;\r
-\r
-public class WebdavClient extends HttpClient {\r
-    private Uri mUri;\r
-    private Credentials mCredentials;\r
-    final private static String TAG = "WebdavClient";\r
-    private static final String USER_AGENT = "Android-ownCloud";\r
-    \r
-    /** Default timeout for waiting data from the server: 10 seconds */\r
-    public static final int DEFAULT_DATA_TIMEOUT = 10000;\r
-    \r
-    /** Default timeout for establishing a connection: infinite */\r
-    public static final int DEFAULT_CONNECTION_TIMEOUT = 0;\r
-    \r
-    private OnDatatransferProgressListener mDataTransferListener;\r
-    static private MultiThreadedHttpConnectionManager mConnManager = null;\r
-    \r
-    static public MultiThreadedHttpConnectionManager getMultiThreadedConnManager() {\r
-        if (mConnManager == null) {\r
-            mConnManager = new MultiThreadedHttpConnectionManager();\r
-            mConnManager.setMaxConnectionsPerHost(5);\r
-            mConnManager.setMaxTotalConnections(5);\r
-        }\r
-        return mConnManager;\r
-    }\r
-    \r
-    /**\r
-     * Creates a WebdavClient setup for the current account\r
-     * @param account The client accout\r
-     * @param context The application context\r
-     * @return\r
-     */\r
-    public WebdavClient (Account account, Context context) {\r
-        setDefaultTimeouts();\r
-        \r
-        OwnCloudVersion ownCloudVersion = new OwnCloudVersion(AccountManager.get(context).getUserData(account,\r
-                AccountAuthenticator.KEY_OC_VERSION));\r
-        String baseUrl = AccountManager.get(context).getUserData(account, AccountAuthenticator.KEY_OC_BASE_URL);\r
-        String webDavPath = AccountUtils.getWebdavPath(ownCloudVersion);        \r
-        String username = account.name.substring(0, account.name.lastIndexOf('@'));\r
-        String password = AccountManager.get(context).getPassword(account);\r
-        \r
-        mUri = Uri.parse(baseUrl + webDavPath);\r
-        Log.e("ASD", ""+username);\r
-        setCredentials(username, password);\r
-    }\r
-    \r
-    public WebdavClient() {\r
-        super(getMultiThreadedConnManager());\r
-        \r
-        setDefaultTimeouts();\r
-        \r
-        getParams().setParameter(HttpMethodParams.USER_AGENT, USER_AGENT);\r
-        getParams().setParameter(CoreProtocolPNames.PROTOCOL_VERSION, HttpVersion.HTTP_1_1);\r
-        allowSelfsignedCertificates();\r
-    }\r
-\r
-    public void setCredentials(String username, String password) {\r
-        getParams().setAuthenticationPreemptive(true);\r
-        getState().setCredentials(AuthScope.ANY,\r
-                getCredentials(username, password));\r
-    }\r
-\r
-    private Credentials getCredentials(String username, String password) {\r
-        if (mCredentials == null)\r
-            mCredentials = new UsernamePasswordCredentials(username, password);\r
+/* ownCloud Android client application
+ *   Copyright (C) 2011  Bartek Przybylski
+ *   Copyright (C) 2012-2013 ownCloud Inc.
+ *
+ *   This program is free software: you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License version 2,
+ *   as published by the Free Software Foundation.
+ *
+ *   This program is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *   GNU General Public License for more details.
+ *
+ *   You should have received a copy of the GNU General Public License
+ *   along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+package eu.alefzero.webdav;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.commons.httpclient.Credentials;
+import org.apache.commons.httpclient.Header;
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.HttpConnectionManager;
+import org.apache.commons.httpclient.HttpException;
+import org.apache.commons.httpclient.HttpMethod;
+import org.apache.commons.httpclient.HttpMethodBase;
+import org.apache.commons.httpclient.HttpVersion;
+import org.apache.commons.httpclient.URI;
+import org.apache.commons.httpclient.UsernamePasswordCredentials;
+import org.apache.commons.httpclient.auth.AuthPolicy;
+import org.apache.commons.httpclient.auth.AuthScope;
+import org.apache.commons.httpclient.cookie.CookiePolicy;
+import org.apache.commons.httpclient.methods.HeadMethod;
+import org.apache.commons.httpclient.params.HttpMethodParams;
+import org.apache.http.HttpStatus;
+import org.apache.http.params.CoreProtocolPNames;
+
+import com.owncloud.android.Log_OC;
+
+import com.owncloud.android.authentication.AccountAuthenticator;
+import com.owncloud.android.network.BearerAuthScheme;
+import com.owncloud.android.network.BearerCredentials;
+
+import android.net.Uri;
+
+public class WebdavClient extends HttpClient {
+    private static final int MAX_REDIRECTIONS_COUNT = 3;
+    
+    private Uri mUri;
+    private Credentials mCredentials;
+    private boolean mFollowRedirects;
+    private String mSsoSessionCookie;
+    private String mAuthTokenType;
+    final private static String TAG = "WebdavClient";
+    public static final String USER_AGENT = "Android-ownCloud";
+    
+    static private byte[] sExhaustBuffer = new byte[1024];
+    
+    /**
+     * Constructor
+     */
+    public WebdavClient(HttpConnectionManager connectionMgr) {
+        super(connectionMgr);
+        Log_OC.d(TAG, "Creating WebdavClient");
+        getParams().setParameter(HttpMethodParams.USER_AGENT, USER_AGENT);
+        getParams().setParameter(CoreProtocolPNames.PROTOCOL_VERSION, HttpVersion.HTTP_1_1);
+        mFollowRedirects = true;
+        mSsoSessionCookie = null;
+        mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;
+    }
+
+    public void setBearerCredentials(String accessToken) {
+        AuthPolicy.registerAuthScheme(BearerAuthScheme.AUTH_POLICY, BearerAuthScheme.class);
+        
+        List<String> authPrefs = new ArrayList<String>(1);
+        authPrefs.add(BearerAuthScheme.AUTH_POLICY);
+        getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs);        
+        
+        mCredentials = new BearerCredentials(accessToken);
+        getState().setCredentials(AuthScope.ANY, mCredentials);
+        mSsoSessionCookie = null;
+        mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN;
+    }
+
+    public void setBasicCredentials(String username, String password) {
+        List<String> authPrefs = new ArrayList<String>(1);
+        authPrefs.add(AuthPolicy.BASIC);
+        getParams().setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, authPrefs);        
+        
+        getParams().setAuthenticationPreemptive(true);
+        mCredentials = new UsernamePasswordCredentials(username, password);
+        getState().setCredentials(AuthScope.ANY, mCredentials);
+        mSsoSessionCookie = null;
+        mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;
+    }
+    
+    public void setSsoSessionCookie(String accessToken) {
+        getParams().setAuthenticationPreemptive(false);
+        getParams().setCookiePolicy(CookiePolicy.IGNORE_COOKIES);
+        mSsoSessionCookie = accessToken;
+        mCredentials = null;
+        mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE;
+    }
+    
+    
+    /**
+     * Check if a file exists in the OC server
+     * 
+     * TODO replace with ExistenceOperation
+     * 
+     * @return              'true' if the file exists; 'false' it doesn't exist
+     * @throws  Exception   When the existence could not be determined
+     */
+    public boolean existsFile(String path) throws IOException, HttpException {
+        HeadMethod head = new HeadMethod(mUri.toString() + WebdavUtils.encodePath(path));
+        try {
+            int status = executeMethod(head);
+            Log_OC.d(TAG, "HEAD to " + path + " finished with HTTP status " + status + ((status != HttpStatus.SC_OK)?"(FAIL)":""));
+            exhaustResponse(head.getResponseBodyAsStream());
+            return (status == HttpStatus.SC_OK);
+            
+        } finally {
+            head.releaseConnection();    // let the connection available for other methods
+        }
+    }
+    
+    /**
+     * Requests the received method with the received timeout (milliseconds).
+     * 
+     * Executes the method through the inherited HttpClient.executedMethod(method).
+     * 
+     * Sets the socket and connection timeouts only for the method received.
+     * 
+     * The timeouts are both in milliseconds; 0 means 'infinite'; < 0 means 'do not change the default'
+     * 
+     * @param method            HTTP method request.
+     * @param readTimeout       Timeout to set for data reception
+     * @param conntionTimout    Timeout to set for connection establishment
+     */
+    public int executeMethod(HttpMethodBase method, int readTimeout, int connectionTimeout) throws HttpException, IOException {
+        int oldSoTimeout = getParams().getSoTimeout();
+        int oldConnectionTimeout = getHttpConnectionManager().getParams().getConnectionTimeout();
+        try {
+            if (readTimeout >= 0) { 
+                method.getParams().setSoTimeout(readTimeout);   // this should be enough...
+                getParams().setSoTimeout(readTimeout);          // ... but this looks like necessary for HTTPS
+            }
+            if (connectionTimeout >= 0) {
+                getHttpConnectionManager().getParams().setConnectionTimeout(connectionTimeout);
+            }
+            return executeMethod(method);
+        } finally {
+            getParams().setSoTimeout(oldSoTimeout);
+            getHttpConnectionManager().getParams().setConnectionTimeout(oldConnectionTimeout);
+        }
+    }
+    
+    
+    @Override
+    public int executeMethod(HttpMethod method) throws IOException, HttpException {
+        boolean customRedirectionNeeded = false;
+        try {
+            method.setFollowRedirects(mFollowRedirects);
+        } catch (Exception e) {
+            if (mFollowRedirects) Log_OC.d(TAG, "setFollowRedirects failed for " + method.getName() + " method, custom redirection will be used");
+            customRedirectionNeeded = mFollowRedirects;
+        }
+        if (mSsoSessionCookie != null && mSsoSessionCookie.length() > 0) {
+            method.setRequestHeader("Cookie", mSsoSessionCookie);
+        }
+        int status = super.executeMethod(method);
+        int redirectionsCount = 0;
+        while (customRedirectionNeeded &&
+                redirectionsCount < MAX_REDIRECTIONS_COUNT &&
+                (   status == HttpStatus.SC_MOVED_PERMANENTLY || 
+                    status == HttpStatus.SC_MOVED_TEMPORARILY ||
+                    status == HttpStatus.SC_TEMPORARY_REDIRECT)
+                ) {
+            
+            Header location = method.getResponseHeader("Location");
+            if (location != null) {
+                Log_OC.d(TAG,  "Location to redirect: " + location.getValue());
+                method.setURI(new URI(location.getValue(), true));
+                status = super.executeMethod(method);
+                redirectionsCount++;
+                
+            } else {
+                Log_OC.d(TAG,  "No location to redirect!");
+                status = HttpStatus.SC_NOT_FOUND;
+            }
+        }
+        
+        return status;
+    }
+
+
+    /**
+     * Exhausts a not interesting HTTP response. Encouraged by HttpClient documentation.
+     * 
+     * @param responseBodyAsStream      InputStream with the HTTP response to exhaust.
+     */
+    public void exhaustResponse(InputStream responseBodyAsStream) {
+        if (responseBodyAsStream != null) {
+            try {
+                while (responseBodyAsStream.read(sExhaustBuffer) >= 0);
+                responseBodyAsStream.close();
+            
+            } catch (IOException io) {
+                Log_OC.e(TAG, "Unexpected exception while exhausting not interesting HTTP response; will be IGNORED", io);
+            }
+        }
+    }
+
+    /**
+     * Sets the connection and wait-for-data timeouts to be applied by default to the methods performed by this client.
+     */
+    public void setDefaultTimeouts(int defaultDataTimeout, int defaultConnectionTimeout) {
+            getParams().setSoTimeout(defaultDataTimeout);
+            getHttpConnectionManager().getParams().setConnectionTimeout(defaultConnectionTimeout);
+    }
+
+    /**
+     * Sets the base URI for the helper methods that receive paths as parameters, instead of full URLs
+     * @param uri
+     */
+    public void setBaseUri(Uri uri) {
+        mUri = uri;
+    }
+
+    public Uri getBaseUri() {
+        return mUri;
+    }
+
+    public final Credentials getCredentials() {\r
         return mCredentials;\r
-    }\r
-    \r
-    /**\r
-     * Sets the connection and wait-for-data timeouts to be applied by default.\r
-     */\r
-    private void setDefaultTimeouts() {\r
-        getParams().setSoTimeout(DEFAULT_DATA_TIMEOUT);\r
-        getHttpConnectionManager().getParams().setConnectionTimeout(DEFAULT_CONNECTION_TIMEOUT);\r
-    }\r
-\r
-    public void allowSelfsignedCertificates() {\r
-        // https\r
-        Protocol.registerProtocol("https", new Protocol("https",\r
-                new EasySSLSocketFactory(), 443));\r
-    }\r
-\r
-    /**\r
-     * Downloads a file in remoteFilepath to the local targetPath.\r
-     * \r
-     * @param remoteFilepath    Path to the file in the remote server, URL DECODED. \r
-     * @param targetFile        Local path to save the downloaded file.\r
-     * @return                  'True' when the file is successfully downloaded.\r
-     */\r
-    public boolean downloadFile(String remoteFilepath, File targetFile) {\r
-        boolean ret = false;\r
-        boolean caughtException = false;\r
-        GetMethod get = new GetMethod(mUri.toString() + WebdavUtils.encodePath(remoteFilepath));\r
-\r
-        // get.setHeader("Host", mUri.getHost());\r
-        // get.setHeader("User-Agent", "Android-ownCloud");\r
-\r
-        int status = -1;\r
-        try {\r
-            status = executeMethod(get);\r
-            if (status == HttpStatus.SC_OK) {\r
-                targetFile.createNewFile();\r
-                BufferedInputStream bis = new BufferedInputStream(\r
-                        get.getResponseBodyAsStream());\r
-                FileOutputStream fos = new FileOutputStream(targetFile);\r
-\r
-                byte[] bytes = new byte[4096];\r
-                int readResult;\r
-                while ((readResult = bis.read(bytes)) != -1) {\r
-                    if (mDataTransferListener != null)\r
-                        mDataTransferListener.transferProgress(readResult);\r
-                    fos.write(bytes, 0, readResult);\r
-                }\r
-                ret = true;\r
-            }\r
-            \r
-        } catch (HttpException e) {\r
-            Log.e(TAG, "HTTP exception downloading " + remoteFilepath, e);\r
-            caughtException = true;\r
-\r
-        } catch (IOException e) {\r
-            Log.e(TAG, "I/O exception downloading " + remoteFilepath, e);\r
-            caughtException = true;\r
-\r
-        } catch (Exception e) {\r
-            Log.e(TAG, "Unexpected exception downloading " + remoteFilepath, e);\r
-            caughtException = true;\r
-            \r
-        } finally {\r
-            if (!ret) {\r
-                if (!caughtException) {\r
-                    Log.e(TAG, "Download of " + remoteFilepath + " to " + targetFile + " failed with HTTP status " + status);\r
-                }\r
-                if (targetFile.exists()) {\r
-                    targetFile.delete();\r
-                }\r
-            }\r
-        }\r
-        return ret;\r
-    }\r
-    \r
-    /**\r
-     * Deletes a remote file via webdav\r
-     * @param remoteFilePath       Remote file path of the file to delete, in URL DECODED format.\r
-     * @return\r
-     */\r
-    public boolean deleteFile(String remoteFilePath){\r
-        DavMethod delete = new DeleteMethod(mUri.toString() + WebdavUtils.encodePath(remoteFilePath));\r
-        try {\r
-            executeMethod(delete);\r
-        }  catch (Throwable e) {\r
-            Log.e(TAG, "Deleting failed with error: " + e.getMessage(), e);\r
-            return false;\r
-        }\r
-        return true;\r
-    }\r
-\r
-    public void setDataTransferProgressListener(OnDatatransferProgressListener listener) {\r
-        mDataTransferListener = listener;\r
-    }\r
-    \r
-    /**\r
-     * Creates or update a file in the remote server with the contents of a local file.\r
-     * \r
-     * \r
-     * @param localFile         Path to the local file to upload.\r
-     * @param remoteTarget      Remote path to the file to create or update, URL DECODED\r
-     * @param contentType       MIME type of the file.\r
-     * @return                  'True' then the upload was successfully completed\r
-     */\r
-    public boolean putFile(String localFile, String remoteTarget,\r
-            String contentType) {\r
-        boolean result = false;\r
-\r
-        try {\r
-            Log.e("ASD", contentType + "");\r
-            File f = new File(localFile);\r
-            FileRequestEntity entity = new FileRequestEntity(f, contentType);\r
-            entity.setOnDatatransferProgressListener(mDataTransferListener);\r
-            Log.e("ASD", f.exists() + " " + entity.getContentLength());\r
-            PutMethod put = new PutMethod(mUri.toString() + WebdavUtils.encodePath(remoteTarget));\r
-            put.setRequestEntity(entity);\r
-            Log.d(TAG, "" + put.getURI().toString());\r
-            int status = executeMethod(put, 0);\r
-            Log.d(TAG, "PUT method return with status " + status);\r
-\r
-            if (status == HttpStatus.SC_OK || status == HttpStatus.SC_CREATED || status == HttpStatus.SC_NO_CONTENT) {\r
-                result = true;\r
-                Log.i(TAG, "Uploading, done");\r
-            }\r
-            \r
-        } catch (final Exception e) {\r
-            Log.i(TAG, "" + e.getMessage());\r
-            result = false;\r
-        }\r
-\r
-        return result;\r
-    }\r
-\r
-    /**\r
-     * Tries to log in to the given WedDavURI, with the given credentials\r
-     * @param uri To test\r
-     * @param username Username to check\r
-     * @param password Password to verify\r
-     * @return A {@link HttpStatus}-Code of the result. SC_OK is good.\r
-     */\r
-    public static int tryToLogin(Uri uri, String username, String password) {\r
-        int returnCode = 0;\r
-        WebdavClient client = new WebdavClient();\r
-        client.setCredentials(username, password);\r
-        HeadMethod head = new HeadMethod(uri.toString());\r
-        try {\r
-            returnCode = client.executeMethod(head);\r
-        } catch (Exception e) {\r
-            Log.e(TAG, "Error: " + e.getMessage());\r
-        }\r
-        return returnCode;\r
-    }\r
-\r
-    /**\r
-     * Creates a remote directory with the received path.\r
-     * \r
-     * @param path      Path of the directory to create, URL DECODED\r
-     * @return          'True' when the directory is successfully created\r
-     */\r
-    public boolean createDirectory(String path) {\r
-        try {\r
-            MkColMethod mkcol = new MkColMethod(mUri.toString() + WebdavUtils.encodePath(path));\r
-            int status = executeMethod(mkcol);\r
-            Log.d(TAG, "Status returned " + status);\r
-            Log.d(TAG, "uri: " + mkcol.getURI().toString());\r
-            Log.i(TAG, "Creating dir completed");\r
-        } catch (final Exception e) {\r
-            e.printStackTrace();\r
-            return false;\r
-        }\r
-        return true;\r
-    }\r
-    \r
-    \r
-    /**\r
-     * Check if a file exists in the OC server\r
-     * \r
-     * @return      'Boolean.TRUE' if the file exists; 'Boolean.FALSE' it doesn't exist; NULL if couldn't be checked\r
-     */\r
-    public Boolean existsFile(String path) {\r
-        try {\r
-            HeadMethod head = new HeadMethod(mUri.toString() + WebdavUtils.encodePath(path));\r
-            int status = executeMethod(head);\r
-            return (status == HttpStatus.SC_OK);\r
-        } catch (Exception e) {\r
-            e.printStackTrace();\r
-            return null;\r
-        }\r
-    }\r
-\r
-\r
-    /**\r
-     * Requests the received method with the received timeout (milliseconds).\r
-     * \r
-     * Executes the method through the inherited HttpClient.executedMethod(method).\r
-     * \r
-     * Sets the socket timeout for the HttpMethodBase method received.\r
-     * \r
-     * @param method    HTTP method request.\r
-     * @param timeout   Timeout to set, in milliseconds; <= 0 means infinite.\r
-     */\r
-    public int executeMethod(HttpMethodBase method, int readTimeout) throws HttpException, IOException {\r
-        int oldSoTimeout = getParams().getSoTimeout();\r
-        try {\r
-            if (readTimeout < 0) { \r
-                readTimeout = 0;\r
-            }\r
-            HttpMethodParams params = method.getParams();\r
-            params.setSoTimeout(readTimeout);       \r
-            method.setParams(params);               // this should be enough...\r
-            getParams().setSoTimeout(readTimeout);  // ... but this is necessary for HTTPS\r
-            return executeMethod(method);\r
-        } finally {\r
-            getParams().setSoTimeout(oldSoTimeout);\r
-        }\r
-    }\r
-}\r
+    }
+    
+    public final String getSsoSessionCookie() {
+        return mSsoSessionCookie;
+    }
+
+    public void setFollowRedirects(boolean followRedirects) {
+        mFollowRedirects = followRedirects;
+    }
+
+    public String getAuthTokenType() {
+        return mAuthTokenType;
+    }
+
+}