X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/blobdiff_plain/316a0a12ad4799ed0d43182a5b1b9bc04fbecee5..8aa08be8706131a60f3a249c4ac9d326d4dfde53:/src/com/owncloud/android/authentication/AuthenticatorActivity.java

diff --git a/src/com/owncloud/android/authentication/AuthenticatorActivity.java b/src/com/owncloud/android/authentication/AuthenticatorActivity.java
index 58c0c979..e69ff8e3 100644
--- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java
+++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java
@@ -18,8 +18,6 @@
 
 package com.owncloud.android.authentication;
 
-import java.net.URLDecoder;
-
 import android.accounts.Account;
 import android.accounts.AccountManager;
 import android.app.AlertDialog;
@@ -51,7 +49,6 @@ import android.widget.CheckBox;
 import android.widget.EditText;
 import android.widget.TextView;
 import android.widget.TextView.OnEditorActionListener;
-import android.widget.Toast;
 
 import com.actionbarsherlock.app.SherlockDialogFragment;
 import com.owncloud.android.Log_OC;
@@ -776,7 +773,7 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
             // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens
         }
         
-        if (result.isTemporalRedirection() || result.isIdPRedirection()) {
+        if (result.isTemporalRedirection() && result.isIdPRedirection()) {
             String url = result.getRedirectedLocation();
             String targetUrl = mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);
             
@@ -1021,6 +1018,9 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
         case ACCOUNT_NOT_NEW:
             mAuthStatusText = R.string.auth_account_not_new;
             break;
+        case ACCOUNT_NOT_THE_SAME:
+            mAuthStatusText = R.string.auth_account_not_the_same;
+            break;
         case UNHANDLED_HTTP_CODE:
         case UNKNOWN_ERROR:
             mAuthStatusText = R.string.auth_unknown_error_title;
@@ -1085,12 +1085,12 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
         if (result.isSuccess()) {
             Log_OC.d(TAG, "Successful access - time to save the account");
 
-            boolean success = true;
+            boolean success = false;
             if (mAction == ACTION_CREATE) {
                 success = createAccount();
 
             } else {
-                updateToken();
+                success = updateToken();
             }
 
             if (success) {
@@ -1135,7 +1135,7 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
      * Sets the proper response to get that the Account Authenticator that started this activity saves 
      * a new authorization token for mAccount.
      */
-    private void updateToken() {
+    private boolean updateToken() {
         Bundle response = new Bundle();
         response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name);
         response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type);
@@ -1146,6 +1146,17 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
             mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);
             
         } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {
+            String username = getUserNameForSamlSso();
+            if (!mUsernameInput.getText().toString().equals(username)) {
+                // fail - not a new account, but an existing one; disallow
+                RemoteOperationResult result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); 
+                updateAuthStatusIconAndText(result);
+                showAuthStatus();
+                Log_OC.d(TAG, result.getLogMessage());
+                
+                return false;
+            }
+            
             response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);
             // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention
             mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);
@@ -1156,8 +1167,7 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
         }
         setAccountAuthenticatorResult(response);
         
-        // Sync Account
-        syncAccount();
+        return true;
     }
 
 
@@ -1194,7 +1204,6 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
             Log_OC.d(TAG, result.getLogMessage());
             return false;
             
-            
         } else {
         
             if (isOAuth || isSaml) {
@@ -1562,12 +1571,12 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
         if (sessionCookie != null && sessionCookie.length() > 0) {
             Log_OC.d(TAG, "Successful SSO - time to save the account");
             mAuthToken = sessionCookie;
-            boolean success = true;
+            boolean success = false;
             if (mAction == ACTION_CREATE) {
                 success = createAccount();
         
             } else {
-                updateToken();
+                success = updateToken();
             }
             if (success) {
                 finish();