X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/blobdiff_plain/3969dbb768843818c3fd17f19beb19e3b0714b52..e901b609baa4dd5f681e2a5257c9e504997e3377:/src/com/owncloud/android/authentication/AuthenticatorActivity.java diff --git a/src/com/owncloud/android/authentication/AuthenticatorActivity.java b/src/com/owncloud/android/authentication/AuthenticatorActivity.java index 32bbcdcc..0f7892ee 100644 --- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java +++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java @@ -50,7 +50,9 @@ import android.view.View.OnFocusChangeListener; import android.view.View.OnTouchListener; import android.view.Window; import android.view.inputmethod.EditorInfo; +import android.webkit.HttpAuthHandler; import android.webkit.SslErrorHandler; +import android.webkit.WebView; import android.widget.Button; import android.widget.CheckBox; import android.widget.EditText; @@ -64,26 +66,26 @@ import com.owncloud.android.R; import com.owncloud.android.authentication.SsoWebViewClient.SsoWebViewClientListener; import com.owncloud.android.lib.common.accounts.AccountTypeUtils; import com.owncloud.android.lib.common.accounts.AccountUtils.Constants; -import com.owncloud.android.operations.DetectAuthenticationMethodOperation.AuthenticationMethod; -import com.owncloud.android.operations.GetServerInfoOperation; -import com.owncloud.android.operations.OAuth2GetAccessToken; - import com.owncloud.android.lib.common.network.CertificateCombinedException; import com.owncloud.android.lib.common.operations.OnRemoteOperationListener; import com.owncloud.android.lib.common.operations.RemoteOperation; import com.owncloud.android.lib.common.operations.RemoteOperationResult; import com.owncloud.android.lib.common.operations.RemoteOperationResult.ResultCode; +import com.owncloud.android.lib.common.utils.Log_OC; import com.owncloud.android.lib.resources.files.ExistenceCheckRemoteOperation; +import com.owncloud.android.lib.resources.status.OwnCloudVersion; import com.owncloud.android.lib.resources.users.GetRemoteUserNameOperation; - +import com.owncloud.android.operations.DetectAuthenticationMethodOperation.AuthenticationMethod; +import com.owncloud.android.operations.GetServerInfoOperation; +import com.owncloud.android.operations.OAuth2GetAccessToken; import com.owncloud.android.services.OperationsService; import com.owncloud.android.services.OperationsService.OperationsServiceBinder; +import com.owncloud.android.ui.dialog.CredentialsDialogFragment; import com.owncloud.android.ui.dialog.IndeterminateProgressDialog; import com.owncloud.android.ui.dialog.SamlWebViewDialog; import com.owncloud.android.ui.dialog.SslUntrustedCertDialog; import com.owncloud.android.ui.dialog.SslUntrustedCertDialog.OnSslUntrustedCertListener; -import com.owncloud.android.utils.Log_OC; -import com.owncloud.android.lib.resources.status.OwnCloudVersion; +import com.owncloud.android.utils.DisplayUtils; /** * This Activity is used to add an ownCloud account to the App @@ -127,6 +129,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private static final String UNTRUSTED_CERT_DIALOG_TAG = "UNTRUSTED_CERT_DIALOG"; private static final String SAML_DIALOG_TAG = "SAML_DIALOG"; private static final String WAIT_DIALOG_TAG = "WAIT_DIALOG"; + private static final String CREDENTIALS_DIALOG_TAG = "CREDENTIALS_DIALOG"; + private static final String KEY_AUTH_IS_FIRST_ATTEMPT_TAG = "KEY_AUTH_IS_FIRST_ATTEMPT"; /// parameters from EXTRAs in starter Intent @@ -172,6 +176,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private String mAuthToken = ""; + private boolean mIsFirstAuthAttempt; + /// Identifier of operation in progress which result shouldn't be lost private long mWaitingForOpId = Long.MAX_VALUE; @@ -188,6 +194,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { super.onCreate(savedInstanceState); getWindow().requestFeature(Window.FEATURE_NO_TITLE); + mIsFirstAuthAttempt = true; + // bind to Operations Service mOperationsServiceConnection = new OperationsServiceConnection(); if (!bindService(new Intent(this, OperationsService.class), @@ -212,6 +220,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } else { mAuthTokenType = savedInstanceState.getString(KEY_AUTH_TOKEN_TYPE); mWaitingForOpId = savedInstanceState.getLong(KEY_WAITING_FOR_OP_ID); + mIsFirstAuthAttempt = savedInstanceState.getBoolean(KEY_AUTH_IS_FIRST_ATTEMPT_TAG); } /// load user interface @@ -238,13 +247,17 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (mAccount != null) { boolean oAuthRequired = (mAccountMgr.getUserData(mAccount, Constants.KEY_SUPPORTS_OAUTH2) != null); - boolean samlWebSsoRequired = - (mAccountMgr.getUserData(mAccount, Constants.KEY_SUPPORTS_SAML_WEB_SSO) != null); + boolean samlWebSsoRequired = ( + mAccountMgr.getUserData( + mAccount, Constants.KEY_SUPPORTS_SAML_WEB_SSO + ) != null + ); mAuthTokenType = chooseAuthTokenType(oAuthRequired, samlWebSsoRequired); } else { boolean oAuthSupported = AUTH_ON.equals(getString(R.string.auth_method_oauth2)); - boolean samlWebSsoSupported = AUTH_ON.equals(getString(R.string.auth_method_saml_web_sso)); + boolean samlWebSsoSupported = + AUTH_ON.equals(getString(R.string.auth_method_saml_web_sso)); mAuthTokenType = chooseAuthTokenType(oAuthSupported, samlWebSsoSupported); } } @@ -313,7 +326,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (savedInstanceState == null) { if (mAccount != null) { mServerInfo.mBaseUrl = mAccountMgr.getUserData(mAccount, Constants.KEY_OC_BASE_URL); - mServerInfo.mIsSslConn = mServerInfo.mBaseUrl.startsWith("https://"); // TODO do this in a setter for mBaseUrl + // TODO do next in a setter for mBaseUrl + mServerInfo.mIsSslConn = mServerInfo.mBaseUrl.startsWith("https://"); String ocVersion = mAccountMgr.getUserData(mAccount, Constants.KEY_OC_VERSION); if (ocVersion != null) { mServerInfo.mVersion = new OwnCloudVersion(ocVersion); @@ -343,7 +357,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /// step 2 - set properties of UI elements (text, visibility, enabled...) mHostUrlInput = (EditText) findViewById(R.id.hostUrlInput); - mHostUrlInput.setText(mServerInfo.mBaseUrl); + // Convert IDN to Unicode + mHostUrlInput.setText(DisplayUtils.convertIdn(mServerInfo.mBaseUrl, false)); if (mAction != ACTION_CREATE) { /// lock things that should not change mHostUrlInput.setEnabled(false); @@ -397,8 +412,12 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public boolean onTouch(View view, MotionEvent event) { if (event.getAction() == MotionEvent.ACTION_DOWN) { - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType) && - mHostUrlInput.hasFocus()) { + if ( + AccountTypeUtils.getAuthTokenTypeSamlSessionCookie( + MainApp.getAccountType() + ).equals(mAuthTokenType) && + mHostUrlInput.hasFocus() + ) { checkOcServer(); } } @@ -526,8 +545,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** * Saves relevant state before {@link #onPause()} * - * Do NOT save {@link #mNewCapturedUriFromOAuth2Redirection}; it keeps a temporal flag, intended to defer the - * processing of the redirection caught in {@link #onNewIntent(Intent)} until {@link #onResume()} + * Do NOT save {@link #mNewCapturedUriFromOAuth2Redirection}; it keeps a temporal flag, + * intended to defer the processing of the redirection caught in + * {@link #onNewIntent(Intent)} until {@link #onResume()} * * See {@link #loadSavedInstanceState(Bundle)} */ @@ -558,16 +578,19 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { outState.putInt(KEY_AUTH_STATUS_TEXT, mAuthStatusText); outState.putString(KEY_AUTH_TOKEN, mAuthToken); + /// authentication + outState.putBoolean(KEY_AUTH_IS_FIRST_ATTEMPT_TAG, mIsFirstAuthAttempt); + //Log_OC.wtf(TAG, "onSaveInstanceState end" ); } /** - * The redirection triggered by the OAuth authentication server as response to the GET AUTHORIZATION request - * is caught here. + * The redirection triggered by the OAuth authentication server as response to the + * GET AUTHORIZATION request is caught here. * - * To make this possible, this activity needs to be qualified with android:launchMode = "singleTask" in the - * AndroidManifest.xml file. + * To make this possible, this activity needs to be qualified with android:launchMode = + * "singleTask" in the AndroidManifest.xml file. */ @Override protected void onNewIntent (Intent intent) { @@ -580,8 +603,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** - * The redirection triggered by the OAuth authentication server as response to the GET AUTHORIZATION, and - * deferred in {@link #onNewIntent(Intent)}, is processed here. + * The redirection triggered by the OAuth authentication server as response to the + * GET AUTHORIZATION, and deferred in {@link #onNewIntent(Intent)}, is processed here. */ @Override protected void onResume() { @@ -716,16 +739,19 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { showRefreshButton(false); if (uri.length() != 0) { + // Handle internationalized domain names + uri = DisplayUtils.convertIdn(uri, true); mServerStatusText = R.string.auth_testing_connection; mServerStatusIcon = R.drawable.progress_small; showServerStatus(); Intent getServerInfoIntent = new Intent(); getServerInfoIntent.setAction(OperationsService.ACTION_GET_SERVER_INFO); - getServerInfoIntent.putExtra(OperationsService.EXTRA_SERVER_URL, uri); - getServerInfoIntent.putExtra(OperationsService.EXTRA_AUTH_TOKEN_TYPE, mAuthTokenType); + getServerInfoIntent.putExtra( + OperationsService.EXTRA_SERVER_URL, + normalizeUrlSuffix(uri) + ); if (mOperationsServiceBinder != null) { - //Log_OC.wtf(TAG, "checking server..." ); mWaitingForOpId = mOperationsServiceBinder.newOperation(getServerInfoIntent); } else { Log_OC.wtf(TAG, "Server check tried with OperationService unbound!" ); @@ -768,7 +794,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } private boolean isPasswordVisible() { - return ((mPasswordInput.getInputType() & InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD) == InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD); + return ((mPasswordInput.getInputType() & InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD) == + InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD); } private void hidePasswordButton() { @@ -776,12 +803,16 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } private void showPassword() { - mPasswordInput.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD); + mPasswordInput.setInputType( + InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD + ); showViewPasswordButton(); } private void hidePassword() { - mPasswordInput.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD); + mPasswordInput.setInputType( + InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD + ); showViewPasswordButton(); } @@ -813,9 +844,13 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { return; } - if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType)) { + if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()). + equals(mAuthTokenType)) { + startOauthorization(); - } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { + } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType)) { + startSamlBasedFederatedSingleSignOnAuthorization(); } else { checkBasicAuthorization(); @@ -828,9 +863,6 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * the root folder of the ownCloud server. */ private void checkBasicAuthorization() { - /// get the path to the root folder through WebDAV from the version server - String webdav_path = AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); - /// get basic credentials entered by user String username = mUsernameInput.getText().toString(); String password = mPasswordInput.getText().toString(); @@ -840,26 +872,19 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { IndeterminateProgressDialog.newInstance(R.string.auth_trying_to_login, true); dialog.show(getSupportFragmentManager(), WAIT_DIALOG_TAG); - /// test credentials accessing the root folder - String remotePath =""; - boolean successIfAbsent = false; - boolean followRedirects = true; - startExistenceCheckRemoteOperation(remotePath, this, successIfAbsent, webdav_path, username, password, followRedirects); + /// validate credentials accessing the root folder + accessRootFolderRemoteOperation(username, password); } - private void startExistenceCheckRemoteOperation(String remotePath, Context context, boolean successIfAbsent, String webdav_path, - String username, String password, boolean followRedirects) { + private void accessRootFolderRemoteOperation(String username, String password) { Intent existenceCheckIntent = new Intent(); existenceCheckIntent.setAction(OperationsService.ACTION_EXISTENCE_CHECK); existenceCheckIntent.putExtra(OperationsService.EXTRA_SERVER_URL, mServerInfo.mBaseUrl); - existenceCheckIntent.putExtra(OperationsService.EXTRA_REMOTE_PATH, remotePath); - existenceCheckIntent.putExtra(OperationsService.EXTRA_SUCCESS_IF_ABSENT, successIfAbsent); - existenceCheckIntent.putExtra(OperationsService.EXTRA_WEBDAV_PATH, webdav_path); + existenceCheckIntent.putExtra(OperationsService.EXTRA_REMOTE_PATH, "/"); existenceCheckIntent.putExtra(OperationsService.EXTRA_USERNAME, username); existenceCheckIntent.putExtra(OperationsService.EXTRA_PASSWORD, password); existenceCheckIntent.putExtra(OperationsService.EXTRA_AUTH_TOKEN, mAuthToken); - existenceCheckIntent.putExtra(OperationsService.EXTRA_FOLLOW_REDIRECTS, followRedirects); if (mOperationsServiceBinder != null) { //Log_OC.wtf(TAG, "starting existenceCheckRemoteOperation..." ); @@ -880,10 +905,18 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { // GET AUTHORIZATION request Uri uri = Uri.parse(mOAuthAuthEndpointText.getText().toString().trim()); Uri.Builder uriBuilder = uri.buildUpon(); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_RESPONSE_TYPE, getString(R.string.oauth2_response_type)); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_REDIRECT_URI, getString(R.string.oauth2_redirect_uri)); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_CLIENT_ID, getString(R.string.oauth2_client_id)); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_SCOPE, getString(R.string.oauth2_scope)); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_RESPONSE_TYPE, getString(R.string.oauth2_response_type) + ); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_REDIRECT_URI, getString(R.string.oauth2_redirect_uri) + ); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_CLIENT_ID, getString(R.string.oauth2_client_id) + ); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_SCOPE, getString(R.string.oauth2_scope) + ); uri = uriBuilder.build(); Log_OC.d(TAG, "Starting browser to view " + uri.toString()); Intent i = new Intent(Intent.ACTION_VIEW, uri); @@ -904,14 +937,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { IndeterminateProgressDialog.newInstance(R.string.auth_trying_to_login, true); dialog.show(getSupportFragmentManager(), WAIT_DIALOG_TAG); - /// get the path to the root folder through WebDAV from the version server - String webdav_path = AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); - - /// test credentials accessing the root folder - String remotePath =""; - boolean successIfAbsent = false; - boolean followRedirections = false; - startExistenceCheckRemoteOperation(remotePath, this, successIfAbsent, webdav_path, "", "", followRedirections); + /// validate credentials accessing the root folder + accessRootFolderRemoteOperation("", ""); } @@ -934,7 +961,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } else if (operation instanceof ExistenceCheckRemoteOperation) { //Log_OC.wtf(TAG, "received detection response through callback" ); - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { + if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType)) { onSamlBasedFederatedSingleSignOnAuthorizationStart(result); } else { @@ -959,7 +987,15 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (!mUsernameInput.getText().toString().equals(username)) { // fail - not a new account, but an existing one; disallow - result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); + result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); + /* + OwnCloudClientManagerFactory.getDefaultSingleton().removeClientFor( + new OwnCloudAccount( + Uri.parse(mServerInfo.mBaseUrl), + OwnCloudCredentialsFactory.newSamlSsoCredentials(mAuthToken)) + ); + */ + mAuthToken = ""; updateAuthStatusIconAndText(result); showAuthStatus(); Log_OC.d(TAG, result.getLogMessage()); @@ -1079,16 +1115,20 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { url = "http://" + url; } } - - url = trimUrlWebdav(url); - - if (url.endsWith("/")) { - url = url.substring(0, url.length() - 1); - } - + + url = normalizeUrlSuffix(url); } return (url != null ? url : ""); } + + + private String normalizeUrlSuffix(String url) { + if (url.endsWith("/")) { + url = url.substring(0, url.length() - 1); + } + url = trimUrlWebdav(url); + return url; + } // TODO remove, if possible @@ -1174,6 +1214,10 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { case UNKNOWN_ERROR: mServerStatusText = R.string.auth_unknown_error_title; break; + case OK_REDIRECT_TO_NON_SECURE_CONNECTION: + mServerStatusIcon = android.R.drawable.ic_partial_secure; + mServerStatusText = R.string.auth_redirect_non_secure_connection_title; + break; default: mServerStatusText = 0; mServerStatusIcon = 0; @@ -1284,8 +1328,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { mWaitingForOpId = Long.MAX_VALUE; dismissDialog(WAIT_DIALOG_TAG); - String webdav_path = AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); - if (result.isSuccess() && webdav_path != null) { + if (result.isSuccess()) { /// be gentle with the user IndeterminateProgressDialog dialog = IndeterminateProgressDialog.newInstance(R.string.auth_trying_to_login, true); @@ -1295,13 +1338,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @SuppressWarnings("unchecked") Map tokens = (Map)(result.getData().get(0)); mAuthToken = tokens.get(OAuth2Constants.KEY_ACCESS_TOKEN); - //mAuthToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN); Log_OC.d(TAG, "Got ACCESS TOKEN: " + mAuthToken); - String remotePath =""; - boolean successIfAbsent = false; - boolean followRedirects = true; - startExistenceCheckRemoteOperation(remotePath, this, successIfAbsent, webdav_path, "", "", followRedirects); + accessRootFolderRemoteOperation("", ""); } else { updateAuthStatusIconAndText(result); @@ -1357,7 +1396,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { showRefreshButton(true); mOkButton.setEnabled(false); - // very special case (TODO: move to a common place for all the remote operations) (dangerous here?) + // very special case (TODO: move to a common place for all the remote operations) if (result.getCode() == ResultCode.SSL_RECOVERABLE_PEER_UNVERIFIED) { showUntrustedCertDialog(result); } @@ -1373,23 +1412,27 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** - * Sets the proper response to get that the Account Authenticator that started this activity saves - * a new authorization token for mAccount. + * Sets the proper response to get that the Account Authenticator that started this activity + * saves a new authorization token for mAccount. */ private void updateToken() { Bundle response = new Bundle(); response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type); - if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType)) { + if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()). + equals(mAuthTokenType)) { response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); - // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention + // the next line is necessary, notifications are calling directly to the + // AuthenticatorActivity to update, without AccountManager intervention mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken); - } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { + } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType)) { response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); - // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention + // the next line is necessary; by now, notifications are calling directly to the + // AuthenticatorActivity to update, without AccountManager intervention mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken); } else { @@ -1410,18 +1453,18 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { */ private boolean createAccount() { /// create and save new ownCloud account - boolean isOAuth = AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType); - boolean isSaml = AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType); + boolean isOAuth = AccountTypeUtils. + getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType); + boolean isSaml = AccountTypeUtils. + getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType); Uri uri = Uri.parse(mServerInfo.mBaseUrl); String username = mUsernameInput.getText().toString().trim(); if (isOAuth) { username = "OAuth_user" + (new java.util.Random(System.currentTimeMillis())).nextLong(); - } - String accountName = username + "@" + uri.getHost(); - if (uri.getPort() >= 0) { - accountName += ":" + uri.getPort(); } + String accountName = com.owncloud.android.lib.common.accounts.AccountUtils. + buildAccountName(uri, username); Account newAccount = new Account(accountName, MainApp.getAccountType()); if (AccountUtils.exists(newAccount, getApplicationContext())) { // fail - not a new account, but an existing one; disallow @@ -1435,9 +1478,12 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { mAccount = newAccount; if (isOAuth || isSaml) { - mAccountMgr.addAccountExplicitly(mAccount, "", null); // with external authorizations, the password is never input in the app + // with external authorizations, the password is never input in the app + mAccountMgr.addAccountExplicitly(mAccount, "", null); } else { - mAccountMgr.addAccountExplicitly(mAccount, mPasswordInput.getText().toString(), null); + mAccountMgr.addAccountExplicitly( + mAccount, mPasswordInput.getText().toString(), null + ); } /// add the new account as default in preferences, if there is none already @@ -1450,7 +1496,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } /// prepare result to return to the Authenticator - // TODO check again what the Authenticator makes with it; probably has the same effect as addAccountExplicitly, but it's not well done + // TODO check again what the Authenticator makes with it; probably has the same + // effect as addAccountExplicitly, but it's not well done final Intent intent = new Intent(); intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE, MainApp.getAccountType()); intent.putExtra(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); @@ -1460,9 +1507,14 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (isOAuth || isSaml) { mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken); } - /// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA - mAccountMgr.setUserData(mAccount, Constants.KEY_OC_VERSION, mServerInfo.mVersion.getVersion()); - mAccountMgr.setUserData(mAccount, Constants.KEY_OC_BASE_URL, mServerInfo.mBaseUrl); + /// add user data to the new account; TODO probably can be done in the last parameter + // addAccountExplicitly, or in KEY_USERDATA + mAccountMgr.setUserData( + mAccount, Constants.KEY_OC_VERSION, mServerInfo.mVersion.getVersion() + ); + mAccountMgr.setUserData( + mAccount, Constants.KEY_OC_BASE_URL, mServerInfo.mBaseUrl + ); if (isSaml) { mAccountMgr.setUserData(mAccount, Constants.KEY_SUPPORTS_SAML_WEB_SSO, "TRUE"); @@ -1484,7 +1536,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * @param view 'Account register' button */ public void onRegisterClick(View view) { - Intent register = new Intent(Intent.ACTION_VIEW, Uri.parse(getString(R.string.welcome_link_url))); + Intent register = new Intent( + Intent.ACTION_VIEW, Uri.parse(getString(R.string.welcome_link_url)) + ); setResult(RESULT_CANCELED); startActivity(register); } @@ -1584,18 +1638,21 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** * Called when the 'action' button in an IME is pressed ('enter' in software keyboard). * - * Used to trigger the authentication check when the user presses 'enter' after writing the password, - * or to throw the server test when the only field on screen is the URL input field. + * Used to trigger the authentication check when the user presses 'enter' after writing the + * password, or to throw the server test when the only field on screen is the URL input field. */ @Override public boolean onEditorAction(TextView inputField, int actionId, KeyEvent event) { - if (actionId == EditorInfo.IME_ACTION_DONE && inputField != null && inputField.equals(mPasswordInput)) { + if (actionId == EditorInfo.IME_ACTION_DONE && inputField != null && + inputField.equals(mPasswordInput)) { if (mOkButton.isEnabled()) { mOkButton.performClick(); } - } else if (actionId == EditorInfo.IME_ACTION_NEXT && inputField != null && inputField.equals(mHostUrlInput)) { - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { + } else if (actionId == EditorInfo.IME_ACTION_NEXT && inputField != null && + inputField.equals(mHostUrlInput)) { + if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType)) { checkOcServer(); } } @@ -1623,8 +1680,10 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { final int x = (int) event.getX(); final int y = (int) event.getY(); final Rect bounds = rightDrawable.getBounds(); - if (x >= (view.getRight() - bounds.width() - fuzz) && x <= (view.getRight() - view.getPaddingRight() + fuzz) - && y >= (view.getPaddingTop() - fuzz) && y <= (view.getHeight() - view.getPaddingBottom()) + fuzz) { + if ( x >= (view.getRight() - bounds.width() - fuzz) && + x <= (view.getRight() - view.getPaddingRight() + fuzz) && + y >= (view.getPaddingTop() - fuzz) && + y <= (view.getHeight() - view.getPaddingBottom()) + fuzz) { return onDrawableTouch(event); } @@ -1642,7 +1701,6 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { getUserNameIntent.setAction(OperationsService.ACTION_GET_USER_NAME); getUserNameIntent.putExtra(OperationsService.EXTRA_SERVER_URL, mServerInfo.mBaseUrl); getUserNameIntent.putExtra(OperationsService.EXTRA_COOKIE, sessionCookie); - getUserNameIntent.putExtra(OperationsService.EXTRA_FOLLOW_REDIRECTS, followRedirects); if (mOperationsServiceBinder != null) { //Log_OC.wtf(TAG, "starting getRemoteUserNameOperation..." ); @@ -1674,7 +1732,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public boolean onTouchEvent(MotionEvent event) { - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType) && + if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType) && mHostUrlInput.hasFocus() && event.getAction() == MotionEvent.ACTION_DOWN) { checkOcServer(); } @@ -1685,13 +1744,16 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** * Show untrusted cert dialog */ - public void showUntrustedCertDialog(X509Certificate x509Certificate, SslError error, SslErrorHandler handler) { + public void showUntrustedCertDialog( + X509Certificate x509Certificate, SslError error, SslErrorHandler handler + ) { // Show a dialog with the certificate info SslUntrustedCertDialog dialog = null; if (x509Certificate == null) { dialog = SslUntrustedCertDialog.newInstanceForEmptySslError(error, handler); } else { - dialog = SslUntrustedCertDialog.newInstanceForFullSslError(x509Certificate, error, handler); + dialog = SslUntrustedCertDialog. + newInstanceForFullSslError(x509Certificate, error, handler); } FragmentManager fm = getSupportFragmentManager(); FragmentTransaction ft = fm.beginTransaction(); @@ -1699,12 +1761,14 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { dialog.show(ft, UNTRUSTED_CERT_DIALOG_TAG); } + /** * Show untrusted cert dialog */ private void showUntrustedCertDialog(RemoteOperationResult result) { // Show a dialog with the certificate info - SslUntrustedCertDialog dialog = SslUntrustedCertDialog.newInstanceForFullSslError((CertificateCombinedException)result.getException()); + SslUntrustedCertDialog dialog = SslUntrustedCertDialog. + newInstanceForFullSslError((CertificateCombinedException)result.getException()); FragmentManager fm = getSupportFragmentManager(); FragmentTransaction ft = fm.beginTransaction(); ft.addToBackStack(null); @@ -1718,7 +1782,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { public void onSavedCertificate() { Fragment fd = getSupportFragmentManager().findFragmentByTag(SAML_DIALOG_TAG); if (fd == null) { - // if SAML dialog is not shown, the SslDialog was shown due to an SSL error in the server check + // if SAML dialog is not shown, + // the SslDialog was shown due to an SSL error in the server check checkOcServer(); } } @@ -1768,7 +1833,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public void onServiceConnected(ComponentName component, IBinder service) { - if (component.equals(new ComponentName(AuthenticatorActivity.this, OperationsService.class))) { + if (component.equals( + new ComponentName(AuthenticatorActivity.this, OperationsService.class) + )) { //Log_OC.wtf(TAG, "Operations service connected"); mOperationsServiceBinder = (OperationsServiceBinder) service; @@ -1782,12 +1849,47 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public void onServiceDisconnected(ComponentName component) { - if (component.equals(new ComponentName(AuthenticatorActivity.this, OperationsService.class))) { + if (component.equals( + new ComponentName(AuthenticatorActivity.this, OperationsService.class) + )) { Log_OC.e(TAG, "Operations service crashed"); mOperationsServiceBinder = null; } } } - + + /** + * Create and show dialog for request authentication to the user + * @param webView + * @param handler + */ + public void createAuthenticationDialog(WebView webView, HttpAuthHandler handler) { + + // Show a dialog with the certificate info + CredentialsDialogFragment dialog = + CredentialsDialogFragment.newInstanceForCredentials(webView, handler); + FragmentManager fm = getSupportFragmentManager(); + FragmentTransaction ft = fm.beginTransaction(); + ft.addToBackStack(null); + dialog.setCancelable(false); + dialog.show(ft, CREDENTIALS_DIALOG_TAG); + + if (!mIsFirstAuthAttempt) { + Toast.makeText( + getApplicationContext(), + getText(R.string.saml_authentication_wrong_pass), + Toast.LENGTH_LONG + ).show(); + } else { + mIsFirstAuthAttempt = false; + } + } + + /** + * For retrieving the clicking on authentication cancel button + */ + public void doNegativeAuthenticatioDialogClick(){ + mIsFirstAuthAttempt = true; + } }