OC-1668: Block creation of account from device settings

[pub/Android/ownCloud.git] / src / com / owncloud / android / authentication / AccountAuthenticator.java

diff --git a/src/com/owncloud/android/authentication/AccountAuthenticator.java b/src/com/owncloud/android/authentication/AccountAuthenticator.java
index 30eda59..2a43dab 100644 (file)
--- a/src/com/owncloud/android/authentication/AccountAuthenticator.java
+++ b/src/com/owncloud/android/authentication/AccountAuthenticator.java
@@ -22,7 +22,11 @@ import android.accounts.*;
 import android.content.Context;
 import android.content.Intent;
 import android.os.Bundle;
+import android.os.Handler;
+import android.widget.Toast;
+
 import com.owncloud.android.Log_OC;
+import com.owncloud.android.R;
 
 /**
  *  Authenticator for ownCloud accounts.
@@ -46,6 +50,7 @@ public class AccountAuthenticator extends AbstractAccountAuthenticator {
     public static final String AUTH_TOKEN_TYPE_PASSWORD = "owncloud.password";
     public static final String AUTH_TOKEN_TYPE_ACCESS_TOKEN = "owncloud.oauth2.access_token";
     public static final String AUTH_TOKEN_TYPE_REFRESH_TOKEN = "owncloud.oauth2.refresh_token";
+    public static final String AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE = "owncloud.saml.web_sso.session_cookie";
 
     public static final String KEY_AUTH_TOKEN_TYPE = "authTokenType";
     public static final String KEY_REQUIRED_FEATURES = "requiredFeatures";
@@ -75,14 +80,21 @@ public class AccountAuthenticator extends AbstractAccountAuthenticator {
      * Flag signaling if the ownCloud server can be accessed with OAuth2 access tokens.
      */
     public static final String KEY_SUPPORTS_OAUTH2 = "oc_supports_oauth2";
+    /**
+     * Flag signaling if the ownCloud server can be accessed with session cookies from SAML-based web single-sign-on.
+     */
+    public static final String KEY_SUPPORTS_SAML_WEB_SSO = "oc_supports_saml_web_sso";
     
     private static final String TAG = AccountAuthenticator.class.getSimpleName();
     
     private Context mContext;
+    
+    private Handler mHandler;
 
     public AccountAuthenticator(Context context) {
         super(context);
         mContext = context;
+        mHandler = new Handler();
     }
 
     /**
@@ -95,25 +107,49 @@ public class AccountAuthenticator extends AbstractAccountAuthenticator {
             throws NetworkErrorException {
         Log_OC.i(TAG, "Adding account with type " + accountType
                 + " and auth token " + authTokenType);
-        try {
-            validateAccountType(accountType);
-        } catch (AuthenticatorException e) {
-            Log_OC.e(TAG, "Failed to validate account type " + accountType + ": "
-                    + e.getMessage());
-            e.printStackTrace();
-            return e.getFailureBundle();
-        }
-        final Intent intent = new Intent(mContext, AuthenticatorActivity.class);
-        intent.putExtra(AccountManager.KEY_ACCOUNT_AUTHENTICATOR_RESPONSE, response);
-        intent.putExtra(KEY_AUTH_TOKEN_TYPE, authTokenType);
-        intent.putExtra(KEY_REQUIRED_FEATURES, requiredFeatures);
-        intent.putExtra(KEY_LOGIN_OPTIONS, options);
-        intent.putExtra(AuthenticatorActivity.EXTRA_ACTION, AuthenticatorActivity.ACTION_CREATE);
-
-        setIntentFlags(intent);
         
         final Bundle bundle = new Bundle();
-        bundle.putParcelable(AccountManager.KEY_INTENT, intent);
+        
+        AccountManager accountManager = AccountManager.get(mContext);
+        Account[] accounts = accountManager.getAccountsByType(ACCOUNT_TYPE);
+        
+        if (mContext.getResources().getBoolean(R.bool.multiaccount_support) || accounts.length < 1) {
+            try {
+                validateAccountType(accountType);
+            } catch (AuthenticatorException e) {
+                Log_OC.e(TAG, "Failed to validate account type " + accountType + ": "
+                        + e.getMessage());
+                e.printStackTrace();
+                return e.getFailureBundle();
+            }
+            
+            final Intent intent = new Intent(mContext, AuthenticatorActivity.class);
+            intent.putExtra(AccountManager.KEY_ACCOUNT_AUTHENTICATOR_RESPONSE, response);
+            intent.putExtra(KEY_AUTH_TOKEN_TYPE, authTokenType);
+            intent.putExtra(KEY_REQUIRED_FEATURES, requiredFeatures);
+            intent.putExtra(KEY_LOGIN_OPTIONS, options);
+            intent.putExtra(AuthenticatorActivity.EXTRA_ACTION, AuthenticatorActivity.ACTION_CREATE);
+
+            setIntentFlags(intent);
+            
+            bundle.putParcelable(AccountManager.KEY_INTENT, intent);
+        
+        } else {
+
+            // Return an error
+            bundle.putInt(AccountManager.KEY_ERROR_CODE, AccountManager.ERROR_CODE_UNSUPPORTED_OPERATION);
+            bundle.putString(AccountManager.KEY_ERROR_MESSAGE, mContext.getString(R.string.auth_unsupported_multiaccount));
+           
+            mHandler.post(new Runnable() {
+
+                @Override
+                public void run() {
+                    Toast.makeText(mContext, R.string.auth_unsupported_multiaccount, Toast.LENGTH_SHORT).show();
+                }
+            });
+            
+        }
+        
         return bundle;
     }
 
@@ -254,7 +290,8 @@ public class AccountAuthenticator extends AbstractAccountAuthenticator {
         if (!authTokenType.equals(AUTH_TOKEN_TYPE) &&\r
             !authTokenType.equals(AUTH_TOKEN_TYPE_PASSWORD) &&\r
             !authTokenType.equals(AUTH_TOKEN_TYPE_ACCESS_TOKEN) &&\r
-            !authTokenType.equals(AUTH_TOKEN_TYPE_REFRESH_TOKEN) ) {\r
+            !authTokenType.equals(AUTH_TOKEN_TYPE_REFRESH_TOKEN) &&
+            !authTokenType.equals(AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE)) {\r
             throw new UnsupportedAuthTokenTypeException();\r
         }\r
     }\r