X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/blobdiff_plain/5be4bf17e11bfae134f24bbc8501b618304467b4..2be23eaec586972a5ff86c4f9c34d95188231821:/src/com/owncloud/android/network/OwnCloudClientUtils.java diff --git a/src/com/owncloud/android/network/OwnCloudClientUtils.java b/src/com/owncloud/android/network/OwnCloudClientUtils.java index 02e29851..8c260b70 100644 --- a/src/com/owncloud/android/network/OwnCloudClientUtils.java +++ b/src/com/owncloud/android/network/OwnCloudClientUtils.java @@ -1,10 +1,9 @@ /* ownCloud Android client application - * Copyright (C) 2011 Bartek Przybylski + * Copyright (C) 2012-2013 ownCloud Inc. * * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of @@ -22,7 +21,6 @@ import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; -import java.net.URL; import java.security.GeneralSecurityException; import java.security.KeyStore; import java.security.KeyStoreException; @@ -38,20 +36,27 @@ import org.apache.commons.httpclient.protocol.Protocol; import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier; import org.apache.http.conn.ssl.X509HostnameVerifier; -import com.owncloud.android.AccountUtils; -import com.owncloud.android.authenticator.AccountAuthenticator; +import com.owncloud.android.authentication.AccountAuthenticator; +import com.owncloud.android.authentication.AccountUtils; +import com.owncloud.android.authentication.AccountUtils.AccountNotFoundException; +import com.owncloud.android.network.webdav.WebdavClient; +import com.owncloud.android.Log_OC; +import com.owncloud.android.MainApp; -import eu.alefzero.webdav.WebdavClient; import android.accounts.Account; import android.accounts.AccountManager; +import android.accounts.AccountManagerFuture; +import android.accounts.AuthenticatorException; +import android.accounts.OperationCanceledException; +import android.app.Activity; import android.content.Context; import android.net.Uri; -import android.util.Log; +import android.os.Bundle; public class OwnCloudClientUtils { - final private static String TAG = "OwnCloudClientFactory"; + final private static String TAG = OwnCloudClientUtils.class.getSimpleName(); /** Default timeout for waiting data from the server */ public static final int DEFAULT_DATA_TIMEOUT = 60000; @@ -72,52 +77,77 @@ public class OwnCloudClientUtils { /** * Creates a WebdavClient setup for an ownCloud account * - * @param account The ownCloud account - * @param context The application context - * @return A WebdavClient object ready to be used + * Do not call this method from the main thread. + * + * @param account The ownCloud account + * @param appContext Android application context + * @return A WebdavClient object ready to be used + * @throws AuthenticatorException If the authenticator failed to get the authorization token for the account. + * @throws OperationCanceledException If the authenticator operation was cancelled while getting the authorization token for the account. + * @throws IOException If there was some I/O error while getting the authorization token for the account. + * @throws AccountNotFoundException If 'account' is unknown for the AccountManager */ - public static WebdavClient createOwnCloudClient (Account account, Context context) { - //Log.d(TAG, "Creating WebdavClient associated to " + account.name); + public static WebdavClient createOwnCloudClient (Account account, Context appContext) throws OperationCanceledException, AuthenticatorException, IOException, AccountNotFoundException { + //Log_OC.d(TAG, "Creating WebdavClient associated to " + account.name); - Uri uri = Uri.parse(AccountUtils.constructFullURLForAccount(context, account)); - WebdavClient client = createOwnCloudClient(uri, context); + Uri uri = Uri.parse(AccountUtils.constructFullURLForAccount(appContext, account)); + AccountManager am = AccountManager.get(appContext); + boolean isOauth2 = am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null; // TODO avoid calling to getUserData here + boolean isSamlSso = am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null; + WebdavClient client = createOwnCloudClient(uri, appContext, !isSamlSso); + if (isOauth2) { + String accessToken = am.blockingGetAuthToken(account, MainApp.getAuthTokenTypeAccessToken(), false); + client.setBearerCredentials(accessToken); // TODO not assume that the access token is a bearer token - String username = account.name.substring(0, account.name.lastIndexOf('@')); - /*if (ama.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_OAUTH2)) { - // TODO - this is a trap; the OAuth access token shouldn't be saved as the account password - String accessToken = AccountManager.get(context).getPassword(account); - client.setCredentials("bearer", accessToken); - - } else {*/ - String password = AccountManager.get(context).getPassword(account); - //String password = am.blockingGetAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE, true); - client.setCredentials(username, password); - //} + } else if (isSamlSso) { // TODO avoid a call to getUserData here + String accessToken = am.blockingGetAuthToken(account, MainApp.getAuthTokenTypeSamlSessionCookie(), false); + client.setSsoSessionCookie(accessToken); + + } else { + String username = account.name.substring(0, account.name.lastIndexOf('@')); + //String password = am.getPassword(account); + String password = am.blockingGetAuthToken(account, MainApp.getAuthTokenTypePass(), false); + client.setBasicCredentials(username, password); + } return client; } - /** - * Creates a WebdavClient to try a new account before saving it - * - * @param uri URL to the ownCloud server - * @param username User name - * @param password User password - * @param context Android context where the WebdavClient is being created. - * @return A WebdavClient object ready to be used - */ - public static WebdavClient createOwnCloudClient(Uri uri, String username, String password, Context context) { - //Log.d(TAG, "Creating WebdavClient for " + username + "@" + uri); - - WebdavClient client = createOwnCloudClient(uri, context); + public static WebdavClient createOwnCloudClient (Account account, Context appContext, Activity currentActivity) throws OperationCanceledException, AuthenticatorException, IOException, AccountNotFoundException { + Uri uri = Uri.parse(AccountUtils.constructFullURLForAccount(appContext, account)); + AccountManager am = AccountManager.get(appContext); + boolean isOauth2 = am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null; // TODO avoid calling to getUserData here + boolean isSamlSso = am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null; + WebdavClient client = createOwnCloudClient(uri, appContext, !isSamlSso); - client.setCredentials(username, password); + if (isOauth2) { // TODO avoid a call to getUserData here + AccountManagerFuture future = am.getAuthToken(account, MainApp.getAuthTokenTypeAccessToken(), null, currentActivity, null, null); + Bundle result = future.getResult(); + String accessToken = result.getString(AccountManager.KEY_AUTHTOKEN); + if (accessToken == null) throw new AuthenticatorException("WTF!"); + client.setBearerCredentials(accessToken); // TODO not assume that the access token is a bearer token + + } else if (isSamlSso) { // TODO avoid a call to getUserData here + AccountManagerFuture future = am.getAuthToken(account, MainApp.getAuthTokenTypeSamlSessionCookie(), null, currentActivity, null, null); + Bundle result = future.getResult(); + String accessToken = result.getString(AccountManager.KEY_AUTHTOKEN); + if (accessToken == null) throw new AuthenticatorException("WTF!"); + client.setSsoSessionCookie(accessToken); + + } else { + String username = account.name.substring(0, account.name.lastIndexOf('@')); + //String password = am.getPassword(account); + //String password = am.blockingGetAuthToken(account, MainApp.getAuthTokenTypePass(), false); + AccountManagerFuture future = am.getAuthToken(account, MainApp.getAuthTokenTypePass(), null, currentActivity, null, null); + Bundle result = future.getResult(); + String password = result.getString(AccountManager.KEY_AUTHTOKEN); + client.setBasicCredentials(username, password); + } return client; } - /** * Creates a WebdavClient to access a URL and sets the desired parameters for ownCloud client connections. * @@ -125,55 +155,27 @@ public class OwnCloudClientUtils { * @param context Android context where the WebdavClient is being created. * @return A WebdavClient object ready to be used */ - public static WebdavClient createOwnCloudClient(Uri uri, Context context) { - //Log.d(TAG, "Creating WebdavClient for " + uri); - - //allowSelfsignedCertificates(true); + public static WebdavClient createOwnCloudClient(Uri uri, Context context, boolean followRedirects) { try { registerAdvancedSslContext(true, context); } catch (GeneralSecurityException e) { - Log.e(TAG, "Advanced SSL Context could not be loaded. Default SSL management in the system will be used for HTTPS connections", e); + Log_OC.e(TAG, "Advanced SSL Context could not be loaded. Default SSL management in the system will be used for HTTPS connections", e); } catch (IOException e) { - Log.e(TAG, "The local server truststore could not be read. Default SSL management in the system will be used for HTTPS connections", e); + Log_OC.e(TAG, "The local server truststore could not be read. Default SSL management in the system will be used for HTTPS connections", e); } WebdavClient client = new WebdavClient(getMultiThreadedConnManager()); client.setDefaultTimeouts(DEFAULT_DATA_TIMEOUT, DEFAULT_CONNECTION_TIMEOUT); client.setBaseUri(uri); + client.setFollowRedirects(followRedirects); return client; } /** - * Allows or disallows self-signed certificates in ownCloud servers to reach - * - * @param allow 'True' to allow, 'false' to disallow - */ - public static void allowSelfsignedCertificates(boolean allow) { - Protocol pr = null; - try { - pr = Protocol.getProtocol("https"); - if (pr != null && mDefaultHttpsProtocol == null) { - mDefaultHttpsProtocol = pr; - } - } catch (IllegalStateException e) { - // nothing to do here; really - } - boolean isAllowed = (pr != null && pr.getSocketFactory() instanceof EasySSLSocketFactory); - if (allow && !isAllowed) { - Protocol.registerProtocol("https", new Protocol("https", new EasySSLSocketFactory(), 443)); - } else if (!allow && isAllowed) { - if (mDefaultHttpsProtocol != null) { - Protocol.registerProtocol("https", mDefaultHttpsProtocol); - } - } - } - - - /** * Registers or unregisters the proper components for advanced SSL handling. * @throws IOException */ @@ -239,7 +241,7 @@ public class OwnCloudClientUtils { //mKnownServersStore = KeyStore.getInstance("BKS"); mKnownServersStore = KeyStore.getInstance(KeyStore.getDefaultType()); File localTrustStoreFile = new File(context.getFilesDir(), LOCAL_TRUSTSTORE_FILENAME); - Log.d(TAG, "Searching known-servers store at " + localTrustStoreFile.getAbsolutePath()); + Log_OC.d(TAG, "Searching known-servers store at " + localTrustStoreFile.getAbsolutePath()); if (localTrustStoreFile.exists()) { InputStream in = new FileInputStream(localTrustStoreFile); try {