Session cookie caught and saved to use in requests after successful SAML-based federa...

[pub/Android/ownCloud.git] / src / com / owncloud / android / authentication / AuthenticatorActivity.java
diff --git a/src/com/owncloud/android/authentication/AuthenticatorActivity.java b/src/com/owncloud/android/authentication/AuthenticatorActivity.java

index e2ab037..50360c0 100644 (file)
--- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java
+++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java
@@ -22,6 +22,7 @@ import com.owncloud.android.Log_OC;
  import com.owncloud.android.ui.dialog.SslValidatorDialog;\r
  import com.owncloud.android.ui.dialog.SslValidatorDialog.OnSslValidatorListener;\r
  import com.owncloud.android.utils.OwnCloudVersion;\r
  import com.owncloud.android.ui.dialog.SslValidatorDialog;\r
  import com.owncloud.android.ui.dialog.SslValidatorDialog.OnSslValidatorListener;\r
  import com.owncloud.android.utils.OwnCloudVersion;\r
+import com.owncloud.android.authentication.SsoWebViewClient.SsoWebViewClientListener;\r
  import com.owncloud.android.network.OwnCloudClientUtils;\r
  import com.owncloud.android.operations.OwnCloudServerCheckOperation;\r
  import com.owncloud.android.operations.ExistenceCheckOperation;\r
  import com.owncloud.android.network.OwnCloudClientUtils;\r
  import com.owncloud.android.operations.OwnCloudServerCheckOperation;\r
  import com.owncloud.android.operations.ExistenceCheckOperation;\r
@@ -79,7 +80,7 @@ import eu.alefzero.webdav.WebdavClient;
   * @author David A. Velasco\r
   */\r
  public class AuthenticatorActivity extends AccountAuthenticatorActivity\r
   * @author David A. Velasco\r
   */\r
  public class AuthenticatorActivity extends AccountAuthenticatorActivity\r
-implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener {\r
+implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener, SsoWebViewClientListener {\r
  \r
      private static final String TAG = AuthenticatorActivity.class.getSimpleName();\r
  \r
  \r
      private static final String TAG = AuthenticatorActivity.class.getSimpleName();\r
  \r
@@ -146,7 +147,6 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
      private EditText mPasswordInput;\r
      \r
      private CheckBox mOAuth2Check;\r
      private EditText mPasswordInput;\r
      \r
      private CheckBox mOAuth2Check;\r
-    private String mOAuthAccessToken;\r
      \r
      private TextView mOAuthAuthEndpointText;\r
      private TextView mOAuthTokenEndpointText;\r
      \r
      private TextView mOAuthAuthEndpointText;\r
      private TextView mOAuthTokenEndpointText;\r
@@ -156,6 +156,8 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
      private SsoWebViewClient mWebViewClient;\r
      \r
      private View mOkButton;\r
      private SsoWebViewClient mWebViewClient;\r
      \r
      private View mOkButton;\r
+    \r
+    private String mAuthToken;\r
  \r
  \r
      /**\r
  \r
  \r
      /**\r
@@ -337,7 +339,7 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
          cookieManager.setAcceptCookie(true);\r
          //cookieManager.removeSessionCookie();        \r
  \r
          cookieManager.setAcceptCookie(true);\r
          //cookieManager.removeSessionCookie();        \r
  \r
-        mWebViewClient = new SsoWebViewClient(this);\r
+        mWebViewClient = new SsoWebViewClient(mHandler, this);\r
          mSsoWebView.setWebViewClient(mWebViewClient);\r
          WebSettings webSettings = mSsoWebView.getSettings();\r
          webSettings.setJavaScriptEnabled(true);\r
          mSsoWebView.setWebViewClient(mWebViewClient);\r
          WebSettings webSettings = mSsoWebView.getSettings();\r
          webSettings.setJavaScriptEnabled(true);\r
@@ -686,6 +688,7 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
          mAuthStatusIcon = R.drawable.progress_small;\r
          mAuthStatusText = R.string.oauth_login_connection;\r
          showAuthStatus();\r
          mAuthStatusIcon = R.drawable.progress_small;\r
          mAuthStatusText = R.string.oauth_login_connection;\r
          showAuthStatus();\r
+        \r
  \r
          // GET AUTHORIZATION request\r
          //Uri uri = Uri.parse(getString(R.string.oauth2_url_endpoint_auth));\r
  \r
          // GET AUTHORIZATION request\r
          //Uri uri = Uri.parse(getString(R.string.oauth2_url_endpoint_auth));\r
@@ -710,8 +713,9 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
      private void startSamlBasedFederatedSingleSignOnAuthorization() {\r
          // be gentle with the user\r
          mAuthStatusIcon = R.drawable.progress_small;\r
      private void startSamlBasedFederatedSingleSignOnAuthorization() {\r
          // be gentle with the user\r
          mAuthStatusIcon = R.drawable.progress_small;\r
-        mAuthStatusText = R.string.oauth_login_connection;\r
+        mAuthStatusText = R.string.auth_connecting_auth_server;\r
          showAuthStatus();\r
          showAuthStatus();\r
+        showDialog(DIALOG_LOGIN_PROGRESS);\r
          \r
          /// get the path to the root folder through WebDAV from the version server\r
          String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);\r
          \r
          /// get the path to the root folder through WebDAV from the version server\r
          String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);\r
@@ -738,17 +742,37 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
  \r
          } else if (operation instanceof ExistenceCheckOperation)  {\r
              if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
  \r
          } else if (operation instanceof ExistenceCheckOperation)  {\r
              if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
-                if (result.isTemporalRedirection()) {\r
-                    String url = result.getRedirectedLocation();\r
-                    mWebViewClient.setTargetUrl(mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType));\r
-                    mSsoWebView.loadUrl(url);\r
-                }\r
+                onSamlBasedFederatedSingleSignOnAuthorizationStart(operation, result);\r
                  \r
              } else {\r
                  onAuthorizationCheckFinish((ExistenceCheckOperation)operation, result);\r
              }\r
          }\r
      }\r
                  \r
              } else {\r
                  onAuthorizationCheckFinish((ExistenceCheckOperation)operation, result);\r
              }\r
          }\r
      }\r
+    \r
+    \r
+    private void onSamlBasedFederatedSingleSignOnAuthorizationStart(RemoteOperation operation, RemoteOperationResult result) {\r
+        try {\r
+            dismissDialog(DIALOG_LOGIN_PROGRESS);\r
+        } catch (IllegalArgumentException e) {\r
+            // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens\r
+        }\r
+\r
+        if (result.isTemporalRedirection()) {\r
+            String url = result.getRedirectedLocation();\r
+            mWebViewClient.setTargetUrl(mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType));\r
+            mSsoWebView.loadUrl(url);\r
+            \r
+            mAuthStatusIcon = android.R.drawable.ic_secure;\r
+            mAuthStatusText = R.string.auth_follow_auth_server;\r
+            \r
+        } else {\r
+            mAuthStatusIcon = R.drawable.common_error;\r
+            mAuthStatusText = R.string.auth_unsupported_auth_method;\r
+            \r
+        }\r
+        showAuthStatus();\r
+    }\r
  \r
  \r
      /**\r
  \r
  \r
      /**\r
@@ -1004,11 +1028,11 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
              showDialog(DIALOG_LOGIN_PROGRESS);\r
  \r
              /// time to test the retrieved access token on the ownCloud server\r
              showDialog(DIALOG_LOGIN_PROGRESS);\r
  \r
              /// time to test the retrieved access token on the ownCloud server\r
-            mOAuthAccessToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN);\r
-            Log_OC.d(TAG, "Got ACCESS TOKEN: " + mOAuthAccessToken);\r
+            mAuthToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN);\r
+            Log_OC.d(TAG, "Got ACCESS TOKEN: " + mAuthToken);\r
              mAuthCheckOperation = new ExistenceCheckOperation("", this, false);\r
              WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, true);\r
              mAuthCheckOperation = new ExistenceCheckOperation("", this, false);\r
              WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, true);\r
-            client.setBearerCredentials(mOAuthAccessToken);\r
+            client.setBearerCredentials(mAuthToken);\r
              mAuthCheckOperation.execute(client, this, mHandler);\r
  \r
          } else {\r
              mAuthCheckOperation.execute(client, this, mHandler);\r
  \r
          } else {\r
@@ -1088,11 +1112,17 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
          Bundle response = new Bundle();\r
          response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name);\r
          response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type);\r
          Bundle response = new Bundle();\r
          response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name);\r
          response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type);\r
-        boolean isOAuth = mOAuth2Check.isChecked();\r
-        if (isOAuth) {\r
-            response.putString(AccountManager.KEY_AUTHTOKEN, mOAuthAccessToken);\r
+        \r
+        if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { \r
+            response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);\r
              // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention\r
              // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention\r
-            mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken);\r
+            mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
+            \r
+        } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+            response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);\r
+            // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention\r
+            mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
+            \r
          } else {\r
              response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString());\r
              mAccountMgr.setPassword(mAccount, mPasswordInput.getText().toString());\r
          } else {\r
              response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString());\r
              mAccountMgr.setPassword(mAccount, mPasswordInput.getText().toString());\r
@@ -1110,11 +1140,15 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
       */\r
      private void createAccount() {\r
          /// create and save new ownCloud account\r
       */\r
      private void createAccount() {\r
          /// create and save new ownCloud account\r
-        boolean isOAuth = mOAuth2Check.isChecked();\r
+        boolean isOAuth = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType);\r
+        boolean isSaml =  AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType);\r
  \r
          Uri uri = Uri.parse(mHostBaseUrl);\r
          String username = mUsernameInput.getText().toString().trim();\r
  \r
          Uri uri = Uri.parse(mHostBaseUrl);\r
          String username = mUsernameInput.getText().toString().trim();\r
-        if (isOAuth) {\r
+        if (isSaml) {\r
+            username = mAccountNameInput.getText().toString().trim();\r
+            \r
+        } else if (isOAuth) {\r
              username = "OAuth_user" + (new java.util.Random(System.currentTimeMillis())).nextLong();\r
          }            \r
          String accountName = username + "@" + uri.getHost();\r
              username = "OAuth_user" + (new java.util.Random(System.currentTimeMillis())).nextLong();\r
          }            \r
          String accountName = username + "@" + uri.getHost();\r
@@ -1122,8 +1156,8 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
              accountName += ":" + uri.getPort();\r
          }\r
          mAccount = new Account(accountName, AccountAuthenticator.ACCOUNT_TYPE);\r
              accountName += ":" + uri.getPort();\r
          }\r
          mAccount = new Account(accountName, AccountAuthenticator.ACCOUNT_TYPE);\r
-        if (isOAuth) {\r
-            mAccountMgr.addAccountExplicitly(mAccount, "", null);  // with our implementation, the password is never input in the app\r
+        if (isOAuth || isSaml) {\r
+            mAccountMgr.addAccountExplicitly(mAccount, "", null);  // with external authorizations, the password is never input in the app\r
          } else {\r
              mAccountMgr.addAccountExplicitly(mAccount, mPasswordInput.getText().toString(), null);\r
          }\r
          } else {\r
              mAccountMgr.addAccountExplicitly(mAccount, mPasswordInput.getText().toString(), null);\r
          }\r
@@ -1142,17 +1176,20 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
          final Intent intent = new Intent();       \r
          intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE,    AccountAuthenticator.ACCOUNT_TYPE);\r
          intent.putExtra(AccountManager.KEY_ACCOUNT_NAME,    mAccount.name);\r
          final Intent intent = new Intent();       \r
          intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE,    AccountAuthenticator.ACCOUNT_TYPE);\r
          intent.putExtra(AccountManager.KEY_ACCOUNT_NAME,    mAccount.name);\r
-        if (!isOAuth)\r
-            intent.putExtra(AccountManager.KEY_AUTHTOKEN,   AccountAuthenticator.ACCOUNT_TYPE); // TODO check this; not sure it's right; maybe\r
+        /*if (!isOAuth)\r
+            intent.putExtra(AccountManager.KEY_AUTHTOKEN,   AccountAuthenticator.ACCOUNT_TYPE); */\r
          intent.putExtra(AccountManager.KEY_USERDATA,        username);\r
          intent.putExtra(AccountManager.KEY_USERDATA,        username);\r
-        if (isOAuth) {\r
-            mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken);\r
+        if (isOAuth || isSaml) {\r
+            mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
          }\r
          /// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA\r
          mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION,    mDiscoveredVersion.toString());\r
          mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL,   mHostBaseUrl);\r
          }\r
          /// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA\r
          mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION,    mDiscoveredVersion.toString());\r
          mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL,   mHostBaseUrl);\r
-        if (isOAuth)\r
-            mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE");  // TODO this flag should be unnecessary\r
+        if (isSaml) {\r
+            mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO, "TRUE"); \r
+        } else if (isOAuth) {\r
+            mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE");  \r
+        }\r
  \r
          setAccountAuthenticatorResult(intent.getExtras());\r
          setResult(RESULT_OK, intent);\r
  \r
          setAccountAuthenticatorResult(intent.getExtras());\r
          setResult(RESULT_OK, intent);\r
@@ -1460,4 +1497,27 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
          public abstract boolean onDrawableTouch(final MotionEvent event);\r
      }\r
  \r
          public abstract boolean onDrawableTouch(final MotionEvent event);\r
      }\r
  \r
+\r
+    @Override\r
+    public void onSsoFinished(String sessionCookie) {\r
+        //Toast.makeText(this, "got cookies: " + sessionCookie, Toast.LENGTH_LONG).show();\r
+        \r
+        if (sessionCookie != null && sessionCookie.length() > 0) {\r
+            Log_OC.d(TAG, "Successful SSO - time to save the account");\r
+            mAuthToken = sessionCookie;\r
+            if (mAction == ACTION_CREATE) {\r
+                createAccount();\r
+\r
+            } else {\r
+                updateToken();\r
+            }\r
+\r
+            finish();\r
+\r
+        } else { \r
+            // TODO - show fail\r
+            Log_OC.d(TAG, "SSO failed");\r
+        }\r
+    }\r
+\r
  }\r
  }\r