X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/blobdiff_plain/3969dbb768843818c3fd17f19beb19e3b0714b52..b20ace9185ea9b174675b77bcc71ee04d2578cc4:/src/com/owncloud/android/authentication/AuthenticatorActivity.java diff --git a/src/com/owncloud/android/authentication/AuthenticatorActivity.java b/src/com/owncloud/android/authentication/AuthenticatorActivity.java index 32bbcdcc..9569a532 100644 --- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java +++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java @@ -50,7 +50,9 @@ import android.view.View.OnFocusChangeListener; import android.view.View.OnTouchListener; import android.view.Window; import android.view.inputmethod.EditorInfo; +import android.webkit.HttpAuthHandler; import android.webkit.SslErrorHandler; +import android.webkit.WebView; import android.widget.Button; import android.widget.CheckBox; import android.widget.EditText; @@ -64,26 +66,26 @@ import com.owncloud.android.R; import com.owncloud.android.authentication.SsoWebViewClient.SsoWebViewClientListener; import com.owncloud.android.lib.common.accounts.AccountTypeUtils; import com.owncloud.android.lib.common.accounts.AccountUtils.Constants; -import com.owncloud.android.operations.DetectAuthenticationMethodOperation.AuthenticationMethod; -import com.owncloud.android.operations.GetServerInfoOperation; -import com.owncloud.android.operations.OAuth2GetAccessToken; - import com.owncloud.android.lib.common.network.CertificateCombinedException; import com.owncloud.android.lib.common.operations.OnRemoteOperationListener; import com.owncloud.android.lib.common.operations.RemoteOperation; import com.owncloud.android.lib.common.operations.RemoteOperationResult; import com.owncloud.android.lib.common.operations.RemoteOperationResult.ResultCode; import com.owncloud.android.lib.resources.files.ExistenceCheckRemoteOperation; +import com.owncloud.android.lib.resources.status.OwnCloudVersion; import com.owncloud.android.lib.resources.users.GetRemoteUserNameOperation; - +import com.owncloud.android.operations.DetectAuthenticationMethodOperation.AuthenticationMethod; +import com.owncloud.android.operations.GetServerInfoOperation; +import com.owncloud.android.operations.OAuth2GetAccessToken; import com.owncloud.android.services.OperationsService; import com.owncloud.android.services.OperationsService.OperationsServiceBinder; +import com.owncloud.android.ui.dialog.CredentialsDialogFragment; import com.owncloud.android.ui.dialog.IndeterminateProgressDialog; import com.owncloud.android.ui.dialog.SamlWebViewDialog; import com.owncloud.android.ui.dialog.SslUntrustedCertDialog; import com.owncloud.android.ui.dialog.SslUntrustedCertDialog.OnSslUntrustedCertListener; +import com.owncloud.android.utils.DisplayUtils; import com.owncloud.android.utils.Log_OC; -import com.owncloud.android.lib.resources.status.OwnCloudVersion; /** * This Activity is used to add an ownCloud account to the App @@ -127,6 +129,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private static final String UNTRUSTED_CERT_DIALOG_TAG = "UNTRUSTED_CERT_DIALOG"; private static final String SAML_DIALOG_TAG = "SAML_DIALOG"; private static final String WAIT_DIALOG_TAG = "WAIT_DIALOG"; + private static final String CREDENTIALS_DIALOG_TAG = "CREDENTIALS_DIALOG"; + private static final String KEY_AUTH_IS_FIRST_ATTEMPT_TAG = "KEY_AUTH_IS_FIRST_ATTEMPT"; /// parameters from EXTRAs in starter Intent @@ -172,6 +176,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private String mAuthToken = ""; + private boolean mIsFirstAuthAttempt; + /// Identifier of operation in progress which result shouldn't be lost private long mWaitingForOpId = Long.MAX_VALUE; @@ -188,6 +194,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { super.onCreate(savedInstanceState); getWindow().requestFeature(Window.FEATURE_NO_TITLE); + mIsFirstAuthAttempt = true; + // bind to Operations Service mOperationsServiceConnection = new OperationsServiceConnection(); if (!bindService(new Intent(this, OperationsService.class), @@ -212,6 +220,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } else { mAuthTokenType = savedInstanceState.getString(KEY_AUTH_TOKEN_TYPE); mWaitingForOpId = savedInstanceState.getLong(KEY_WAITING_FOR_OP_ID); + mIsFirstAuthAttempt = savedInstanceState.getBoolean(KEY_AUTH_IS_FIRST_ATTEMPT_TAG); } /// load user interface @@ -343,7 +352,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /// step 2 - set properties of UI elements (text, visibility, enabled...) mHostUrlInput = (EditText) findViewById(R.id.hostUrlInput); - mHostUrlInput.setText(mServerInfo.mBaseUrl); + // Convert IDN to Unicode + mHostUrlInput.setText(DisplayUtils.convertIdn(mServerInfo.mBaseUrl, false)); if (mAction != ACTION_CREATE) { /// lock things that should not change mHostUrlInput.setEnabled(false); @@ -558,6 +568,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { outState.putInt(KEY_AUTH_STATUS_TEXT, mAuthStatusText); outState.putString(KEY_AUTH_TOKEN, mAuthToken); + /// authentication + outState.putBoolean(KEY_AUTH_IS_FIRST_ATTEMPT_TAG, mIsFirstAuthAttempt); + //Log_OC.wtf(TAG, "onSaveInstanceState end" ); } @@ -716,6 +729,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { showRefreshButton(false); if (uri.length() != 0) { + // Handle internationalized domain names + uri = DisplayUtils.convertIdn(uri, true); mServerStatusText = R.string.auth_testing_connection; mServerStatusIcon = R.drawable.progress_small; showServerStatus(); @@ -723,9 +738,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { Intent getServerInfoIntent = new Intent(); getServerInfoIntent.setAction(OperationsService.ACTION_GET_SERVER_INFO); getServerInfoIntent.putExtra(OperationsService.EXTRA_SERVER_URL, uri); - getServerInfoIntent.putExtra(OperationsService.EXTRA_AUTH_TOKEN_TYPE, mAuthTokenType); if (mOperationsServiceBinder != null) { - //Log_OC.wtf(TAG, "checking server..." ); mWaitingForOpId = mOperationsServiceBinder.newOperation(getServerInfoIntent); } else { Log_OC.wtf(TAG, "Server check tried with OperationService unbound!" ); @@ -828,9 +841,6 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * the root folder of the ownCloud server. */ private void checkBasicAuthorization() { - /// get the path to the root folder through WebDAV from the version server - String webdav_path = AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); - /// get basic credentials entered by user String username = mUsernameInput.getText().toString(); String password = mPasswordInput.getText().toString(); @@ -840,26 +850,19 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { IndeterminateProgressDialog.newInstance(R.string.auth_trying_to_login, true); dialog.show(getSupportFragmentManager(), WAIT_DIALOG_TAG); - /// test credentials accessing the root folder - String remotePath =""; - boolean successIfAbsent = false; - boolean followRedirects = true; - startExistenceCheckRemoteOperation(remotePath, this, successIfAbsent, webdav_path, username, password, followRedirects); + /// validate credentials accessing the root folder + accessRootFolderRemoteOperation(username, password); } - private void startExistenceCheckRemoteOperation(String remotePath, Context context, boolean successIfAbsent, String webdav_path, - String username, String password, boolean followRedirects) { + private void accessRootFolderRemoteOperation(String username, String password) { Intent existenceCheckIntent = new Intent(); existenceCheckIntent.setAction(OperationsService.ACTION_EXISTENCE_CHECK); existenceCheckIntent.putExtra(OperationsService.EXTRA_SERVER_URL, mServerInfo.mBaseUrl); - existenceCheckIntent.putExtra(OperationsService.EXTRA_REMOTE_PATH, remotePath); - existenceCheckIntent.putExtra(OperationsService.EXTRA_SUCCESS_IF_ABSENT, successIfAbsent); - existenceCheckIntent.putExtra(OperationsService.EXTRA_WEBDAV_PATH, webdav_path); + existenceCheckIntent.putExtra(OperationsService.EXTRA_REMOTE_PATH, "/"); existenceCheckIntent.putExtra(OperationsService.EXTRA_USERNAME, username); existenceCheckIntent.putExtra(OperationsService.EXTRA_PASSWORD, password); existenceCheckIntent.putExtra(OperationsService.EXTRA_AUTH_TOKEN, mAuthToken); - existenceCheckIntent.putExtra(OperationsService.EXTRA_FOLLOW_REDIRECTS, followRedirects); if (mOperationsServiceBinder != null) { //Log_OC.wtf(TAG, "starting existenceCheckRemoteOperation..." ); @@ -904,14 +907,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { IndeterminateProgressDialog.newInstance(R.string.auth_trying_to_login, true); dialog.show(getSupportFragmentManager(), WAIT_DIALOG_TAG); - /// get the path to the root folder through WebDAV from the version server - String webdav_path = AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); - - /// test credentials accessing the root folder - String remotePath =""; - boolean successIfAbsent = false; - boolean followRedirections = false; - startExistenceCheckRemoteOperation(remotePath, this, successIfAbsent, webdav_path, "", "", followRedirections); + /// validate credentials accessing the root folder + accessRootFolderRemoteOperation("", ""); } @@ -959,7 +956,15 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (!mUsernameInput.getText().toString().equals(username)) { // fail - not a new account, but an existing one; disallow - result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); + result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); + /* + OwnCloudClientManagerFactory.getDefaultSingleton().removeClientFor( + new OwnCloudAccount( + Uri.parse(mServerInfo.mBaseUrl), + OwnCloudCredentialsFactory.newSamlSsoCredentials(mAuthToken)) + ); + */ + mAuthToken = ""; updateAuthStatusIconAndText(result); showAuthStatus(); Log_OC.d(TAG, result.getLogMessage()); @@ -1174,6 +1179,10 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { case UNKNOWN_ERROR: mServerStatusText = R.string.auth_unknown_error_title; break; + case OK_REDIRECT_TO_NON_SECURE_CONNECTION: + mServerStatusIcon = android.R.drawable.ic_partial_secure; + mServerStatusText = R.string.auth_redirect_non_secure_connection_title; + break; default: mServerStatusText = 0; mServerStatusIcon = 0; @@ -1284,8 +1293,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { mWaitingForOpId = Long.MAX_VALUE; dismissDialog(WAIT_DIALOG_TAG); - String webdav_path = AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); - if (result.isSuccess() && webdav_path != null) { + if (result.isSuccess()) { /// be gentle with the user IndeterminateProgressDialog dialog = IndeterminateProgressDialog.newInstance(R.string.auth_trying_to_login, true); @@ -1298,10 +1306,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { //mAuthToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN); Log_OC.d(TAG, "Got ACCESS TOKEN: " + mAuthToken); - String remotePath =""; - boolean successIfAbsent = false; - boolean followRedirects = true; - startExistenceCheckRemoteOperation(remotePath, this, successIfAbsent, webdav_path, "", "", followRedirects); + accessRootFolderRemoteOperation("", ""); } else { updateAuthStatusIconAndText(result); @@ -1417,11 +1422,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { String username = mUsernameInput.getText().toString().trim(); if (isOAuth) { username = "OAuth_user" + (new java.util.Random(System.currentTimeMillis())).nextLong(); - } - String accountName = username + "@" + uri.getHost(); - if (uri.getPort() >= 0) { - accountName += ":" + uri.getPort(); } + String accountName = com.owncloud.android.lib.common.accounts.AccountUtils. + buildAccountName(uri, username); Account newAccount = new Account(accountName, MainApp.getAccountType()); if (AccountUtils.exists(newAccount, getApplicationContext())) { // fail - not a new account, but an existing one; disallow @@ -1642,7 +1645,6 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { getUserNameIntent.setAction(OperationsService.ACTION_GET_USER_NAME); getUserNameIntent.putExtra(OperationsService.EXTRA_SERVER_URL, mServerInfo.mBaseUrl); getUserNameIntent.putExtra(OperationsService.EXTRA_COOKIE, sessionCookie); - getUserNameIntent.putExtra(OperationsService.EXTRA_FOLLOW_REDIRECTS, followRedirects); if (mOperationsServiceBinder != null) { //Log_OC.wtf(TAG, "starting getRemoteUserNameOperation..." ); @@ -1699,6 +1701,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { dialog.show(ft, UNTRUSTED_CERT_DIALOG_TAG); } + /** * Show untrusted cert dialog */ @@ -1789,5 +1792,33 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } } - + + /** + * Create and show dialog for request authentication to the user + * @param webView + * @param handler + */ + public void createAuthenticationDialog(WebView webView, HttpAuthHandler handler) { + + // Show a dialog with the certificate info + CredentialsDialogFragment dialog = CredentialsDialogFragment.newInstanceForCredentials(webView, handler); + FragmentManager fm = getSupportFragmentManager(); + FragmentTransaction ft = fm.beginTransaction(); + ft.addToBackStack(null); + dialog.setCancelable(false); + dialog.show(ft, CREDENTIALS_DIALOG_TAG); + + if (!mIsFirstAuthAttempt) { + Toast.makeText(getApplicationContext(), getText(R.string.saml_authentication_wrong_pass), Toast.LENGTH_LONG).show(); + } else { + mIsFirstAuthAttempt = false; + } + } + + /** + * For retrieving the clicking on authentication cancel button + */ + public void doNegativeAuthenticatioDialogClick(){ + mIsFirstAuthAttempt = true; + } }