import com.owncloud.android.ui.dialog.SslValidatorDialog;\r
import com.owncloud.android.ui.dialog.SslValidatorDialog.OnSslValidatorListener;\r
import com.owncloud.android.utils.OwnCloudVersion;\r
+import com.owncloud.android.authentication.SsoWebViewClient.SsoWebViewClientListener;\r
import com.owncloud.android.network.OwnCloudClientUtils;\r
import com.owncloud.android.operations.OwnCloudServerCheckOperation;\r
import com.owncloud.android.operations.ExistenceCheckOperation;\r
* @author David A. Velasco\r
*/\r
public class AuthenticatorActivity extends AccountAuthenticatorActivity\r
-implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener {\r
+implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener, SsoWebViewClientListener {\r
\r
private static final String TAG = AuthenticatorActivity.class.getSimpleName();\r
\r
private EditText mPasswordInput;\r
\r
private CheckBox mOAuth2Check;\r
- private String mOAuthAccessToken;\r
\r
private TextView mOAuthAuthEndpointText;\r
private TextView mOAuthTokenEndpointText;\r
private SsoWebViewClient mWebViewClient;\r
\r
private View mOkButton;\r
+ \r
+ private String mAuthToken;\r
\r
\r
/**\r
}\r
mHostBaseUrl = normalizeUrl(mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL));\r
mHostUrlInput.setText(mHostBaseUrl);\r
+ String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@'));\r
+ mUsernameInput.setText(userName);\r
+ mAccountNameInput.setText(userName);\r
}\r
initAuthorizationMethod(); // checks intent and setup.xml to determine mCurrentAuthorizationMethod\r
- mOAuth2Check.setChecked(mCurrentAuthTokenType == AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN);\r
mJustCreated = true;\r
\r
if (mAction == ACTION_UPDATE_TOKEN || !mHostUrlInputEnabled) {\r
mCurrentAuthTokenType = savedInstanceState.getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE);\r
if (mCurrentAuthTokenType == null) {\r
mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;\r
+ \r
+ } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ restoreWebView(savedInstanceState);\r
}\r
\r
// check if server check was interrupted by a configuration change\r
mUsernameInput.setEnabled(false);\r
mUsernameInput.setFocusable(false);\r
mOAuth2Check.setVisibility(View.GONE);\r
+ mAccountNameInput.setEnabled(false);\r
+ mAccountNameInput.setFocusable(false);\r
}\r
\r
//if (mServerIsChecked && !mServerIsValid && mRefreshButtonEnabled) showRefreshButton();\r
if (mServerIsChecked && !mServerIsValid && refreshButtonEnabled) showRefreshButton();\r
mOkButton.setEnabled(mServerIsValid); // state not automatically recovered in configuration changes\r
\r
- if (mCurrentAuthTokenType == AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE || \r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType) || \r
!AUTH_OPTIONAL.equals(getString(R.string.auth_method_oauth2))) {\r
mOAuth2Check.setVisibility(View.GONE);\r
}\r
private void initWebView() {\r
CookieManager cookieManager = CookieManager.getInstance();\r
cookieManager.setAcceptCookie(true);\r
- //cookieManager.removeSessionCookie(); \r
+ cookieManager.removeAllCookie();\r
\r
- mWebViewClient = new SsoWebViewClient(this);\r
+ mWebViewClient = new SsoWebViewClient(mHandler, this);\r
mSsoWebView.setWebViewClient(mWebViewClient);\r
WebSettings webSettings = mSsoWebView.getSettings();\r
webSettings.setJavaScriptEnabled(true);\r
webSettings.setUserAgentString(WebdavClient.USER_AGENT);\r
}\r
\r
+ @SuppressLint("SetJavaScriptEnabled")\r
+ private void restoreWebView(Bundle savedInstanceState) {\r
+ mSsoWebView.restoreState(savedInstanceState);\r
+ \r
+ CookieManager cookieManager = CookieManager.getInstance();\r
+ Log_OC.e(TAG, "Accept Cookie: " + cookieManager.acceptCookie());\r
+\r
+ mWebViewClient = new SsoWebViewClient(mHandler, this);\r
+ mSsoWebView.setWebViewClient(mWebViewClient);\r
+ mWebViewClient.setTargetUrl(mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType));\r
+ \r
+ WebSettings webSettings = mSsoWebView.getSettings();\r
+ webSettings.setJavaScriptEnabled(true); // at least this one is not being kept by WebView#restoreState\r
+ webSettings.setBuiltInZoomControls(true);\r
+ webSettings.setLoadWithOverviewMode(false);\r
+ webSettings.setSavePassword(false);\r
+ webSettings.setUserAgentString(WebdavClient.USER_AGENT);\r
+ }\r
+\r
private void initAuthorizationMethod() {\r
boolean oAuthRequired = false;\r
boolean samlWebSsoRequired = false;\r
String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@'));\r
mUsernameInput.setText(userName);\r
}\r
+ \r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ initWebView();\r
+ }\r
+ mOAuth2Check.setChecked(AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType));\r
+ \r
}\r
\r
/**\r
outState.putParcelable(KEY_ACCOUNT, mAccount);\r
}\r
outState.putString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE, mCurrentAuthTokenType);\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ mSsoWebView.saveState(outState);\r
+ }\r
\r
// refresh button enabled\r
outState.putBoolean(KEY_REFRESH_BUTTON_ENABLED, (mRefreshButton.getVisibility() == View.VISIBLE));\r
protected void onResume() {\r
super.onResume();\r
if (mAction == ACTION_UPDATE_TOKEN && mJustCreated && getIntent().getBooleanExtra(EXTRA_ENFORCED_UPDATE, false)) {\r
- if (mOAuth2Check.isChecked())\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) {\r
Toast.makeText(this, R.string.auth_expired_oauth_token_toast, Toast.LENGTH_LONG).show();\r
- else\r
+ \r
+ } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ Toast.makeText(this, R.string.auth_expired_saml_sso_token_toast, Toast.LENGTH_LONG).show();\r
+ \r
+ } else {\r
Toast.makeText(this, R.string.auth_expired_basic_auth_toast, Toast.LENGTH_LONG).show();\r
+ }\r
}\r
\r
if (mNewCapturedUriFromOAuth2Redirection != null) {\r
mAuthStatusIcon = R.drawable.progress_small;\r
mAuthStatusText = R.string.oauth_login_connection;\r
showAuthStatus();\r
+ \r
\r
// GET AUTHORIZATION request\r
//Uri uri = Uri.parse(getString(R.string.oauth2_url_endpoint_auth));\r
private void startSamlBasedFederatedSingleSignOnAuthorization() {\r
// be gentle with the user\r
mAuthStatusIcon = R.drawable.progress_small;\r
- mAuthStatusText = R.string.oauth_login_connection;\r
+ mAuthStatusText = R.string.auth_connecting_auth_server;\r
showAuthStatus();\r
+ showDialog(DIALOG_LOGIN_PROGRESS);\r
\r
/// get the path to the root folder through WebDAV from the version server\r
String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);\r
\r
} else if (operation instanceof ExistenceCheckOperation) {\r
if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
- if (result.isTemporalRedirection()) {\r
- String url = result.getRedirectedLocation();\r
- mWebViewClient.setTargetUrl(mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType));\r
- mSsoWebView.loadUrl(url);\r
- }\r
+ onSamlBasedFederatedSingleSignOnAuthorizationStart(operation, result);\r
\r
} else {\r
onAuthorizationCheckFinish((ExistenceCheckOperation)operation, result);\r
}\r
}\r
}\r
+ \r
+ \r
+ private void onSamlBasedFederatedSingleSignOnAuthorizationStart(RemoteOperation operation, RemoteOperationResult result) {\r
+ try {\r
+ dismissDialog(DIALOG_LOGIN_PROGRESS);\r
+ } catch (IllegalArgumentException e) {\r
+ // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens\r
+ }\r
+\r
+ if (result.isTemporalRedirection()) {\r
+ String url = result.getRedirectedLocation();\r
+ mWebViewClient.setTargetUrl(mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType));\r
+ mSsoWebView.loadUrl(url);\r
+ \r
+ mAuthStatusIcon = android.R.drawable.ic_secure;\r
+ mAuthStatusText = R.string.auth_follow_auth_server;\r
+ \r
+ } else {\r
+ mAuthStatusIcon = R.drawable.common_error;\r
+ mAuthStatusText = R.string.auth_unsupported_auth_method;\r
+ \r
+ }\r
+ showAuthStatus();\r
+ }\r
\r
\r
/**\r
showDialog(DIALOG_LOGIN_PROGRESS);\r
\r
/// time to test the retrieved access token on the ownCloud server\r
- mOAuthAccessToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN);\r
- Log_OC.d(TAG, "Got ACCESS TOKEN: " + mOAuthAccessToken);\r
+ mAuthToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN);\r
+ Log_OC.d(TAG, "Got ACCESS TOKEN: " + mAuthToken);\r
mAuthCheckOperation = new ExistenceCheckOperation("", this, false);\r
WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, true);\r
- client.setBearerCredentials(mOAuthAccessToken);\r
+ client.setBearerCredentials(mAuthToken);\r
mAuthCheckOperation.execute(client, this, mHandler);\r
\r
} else {\r
Bundle response = new Bundle();\r
response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name);\r
response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type);\r
- boolean isOAuth = mOAuth2Check.isChecked();\r
- if (isOAuth) {\r
- response.putString(AccountManager.KEY_AUTHTOKEN, mOAuthAccessToken);\r
+ \r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { \r
+ response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);\r
+ // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention\r
+ mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
+ \r
+ } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);\r
// the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention\r
- mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken);\r
+ mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
+ \r
} else {\r
response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString());\r
mAccountMgr.setPassword(mAccount, mPasswordInput.getText().toString());\r
*/\r
private void createAccount() {\r
/// create and save new ownCloud account\r
- boolean isOAuth = mOAuth2Check.isChecked();\r
+ boolean isOAuth = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType);\r
+ boolean isSaml = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType);\r
\r
Uri uri = Uri.parse(mHostBaseUrl);\r
String username = mUsernameInput.getText().toString().trim();\r
- if (isOAuth) {\r
+ if (isSaml) {\r
+ username = mAccountNameInput.getText().toString().trim();\r
+ \r
+ } else if (isOAuth) {\r
username = "OAuth_user" + (new java.util.Random(System.currentTimeMillis())).nextLong();\r
} \r
String accountName = username + "@" + uri.getHost();\r
accountName += ":" + uri.getPort();\r
}\r
mAccount = new Account(accountName, AccountAuthenticator.ACCOUNT_TYPE);\r
- if (isOAuth) {\r
- mAccountMgr.addAccountExplicitly(mAccount, "", null); // with our implementation, the password is never input in the app\r
+ if (isOAuth || isSaml) {\r
+ mAccountMgr.addAccountExplicitly(mAccount, "", null); // with external authorizations, the password is never input in the app\r
} else {\r
mAccountMgr.addAccountExplicitly(mAccount, mPasswordInput.getText().toString(), null);\r
}\r
final Intent intent = new Intent(); \r
intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE, AccountAuthenticator.ACCOUNT_TYPE);\r
intent.putExtra(AccountManager.KEY_ACCOUNT_NAME, mAccount.name);\r
- if (!isOAuth)\r
- intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); // TODO check this; not sure it's right; maybe\r
+ /*if (!isOAuth)\r
+ intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); */\r
intent.putExtra(AccountManager.KEY_USERDATA, username);\r
- if (isOAuth) {\r
- mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken);\r
+ if (isOAuth || isSaml) {\r
+ mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
}\r
/// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA\r
mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION, mDiscoveredVersion.toString());\r
mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL, mHostBaseUrl);\r
- if (isOAuth)\r
- mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); // TODO this flag should be unnecessary\r
+ if (isSaml) {\r
+ mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO, "TRUE"); \r
+ } else if (isOAuth) {\r
+ mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); \r
+ }\r
\r
setAccountAuthenticatorResult(intent.getExtras());\r
setResult(RESULT_OK, intent);\r
mPasswordInput.setVisibility(View.GONE);\r
mAccountNameInput.setVisibility(View.VISIBLE);\r
mSsoWebView.setVisibility(View.VISIBLE);\r
- initWebView();\r
\r
} else {\r
// basic HTTP authorization\r
public abstract boolean onDrawableTouch(final MotionEvent event);\r
}\r
\r
+\r
+ @Override\r
+ public void onSsoFinished(String sessionCookie) {\r
+ //Toast.makeText(this, "got cookies: " + sessionCookie, Toast.LENGTH_LONG).show();\r
+ \r
+ if (sessionCookie != null && sessionCookie.length() > 0) {\r
+ Log_OC.d(TAG, "Successful SSO - time to save the account");\r
+ mAuthToken = sessionCookie;\r
+ if (mAction == ACTION_CREATE) {\r
+ createAccount();\r
+\r
+ } else {\r
+ updateToken();\r
+ }\r
+\r
+ finish();\r
+\r
+ } else { \r
+ // TODO - show fail\r
+ Log_OC.d(TAG, "SSO failed");\r
+ }\r
+ }\r
+\r
}\r
projects / pub / Android / ownCloud.git / blobdiff