X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/blobdiff_plain/5ede3e9909ab292ea4b8c55b088b190d66acb6e9..dd9fe3e57294dcc01770db4a8c7cd2dfef5c97b3:/src/com/owncloud/android/authentication/AuthenticatorActivity.java diff --git a/src/com/owncloud/android/authentication/AuthenticatorActivity.java b/src/com/owncloud/android/authentication/AuthenticatorActivity.java index f648b6ef..0e8ba48c 100644 --- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java +++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java @@ -22,6 +22,7 @@ import com.owncloud.android.Log_OC; import com.owncloud.android.ui.dialog.SslValidatorDialog; import com.owncloud.android.ui.dialog.SslValidatorDialog.OnSslValidatorListener; import com.owncloud.android.utils.OwnCloudVersion; +import com.owncloud.android.authentication.SsoWebViewClient.SsoWebViewClientListener; import com.owncloud.android.network.OwnCloudClientUtils; import com.owncloud.android.operations.OwnCloudServerCheckOperation; import com.owncloud.android.operations.ExistenceCheckOperation; @@ -79,7 +80,7 @@ import eu.alefzero.webdav.WebdavClient; * @author David A. Velasco */ public class AuthenticatorActivity extends AccountAuthenticatorActivity -implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener { +implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener, SsoWebViewClientListener { private static final String TAG = AuthenticatorActivity.class.getSimpleName(); @@ -146,7 +147,6 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList private EditText mPasswordInput; private CheckBox mOAuth2Check; - private String mOAuthAccessToken; private TextView mOAuthAuthEndpointText; private TextView mOAuthTokenEndpointText; @@ -156,6 +156,8 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList private SsoWebViewClient mWebViewClient; private View mOkButton; + + private String mAuthToken; /** @@ -229,7 +231,6 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mHostUrlInput.setText(mHostBaseUrl); } initAuthorizationMethod(); // checks intent and setup.xml to determine mCurrentAuthorizationMethod - mOAuth2Check.setChecked(mCurrentAuthTokenType == AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN); mJustCreated = true; if (mAction == ACTION_UPDATE_TOKEN || !mHostUrlInputEnabled) { @@ -261,6 +262,9 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mCurrentAuthTokenType = savedInstanceState.getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE); if (mCurrentAuthTokenType == null) { mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD; + + } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + restoreWebView(savedInstanceState); } // check if server check was interrupted by a configuration change @@ -291,7 +295,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList if (mServerIsChecked && !mServerIsValid && refreshButtonEnabled) showRefreshButton(); mOkButton.setEnabled(mServerIsValid); // state not automatically recovered in configuration changes - if (mCurrentAuthTokenType == AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE || + if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType) || !AUTH_OPTIONAL.equals(getString(R.string.auth_method_oauth2))) { mOAuth2Check.setVisibility(View.GONE); } @@ -335,9 +339,9 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList private void initWebView() { CookieManager cookieManager = CookieManager.getInstance(); cookieManager.setAcceptCookie(true); - //cookieManager.removeSessionCookie(); + cookieManager.removeAllCookie(); - mWebViewClient = new SsoWebViewClient(this); + mWebViewClient = new SsoWebViewClient(mHandler, this); mSsoWebView.setWebViewClient(mWebViewClient); WebSettings webSettings = mSsoWebView.getSettings(); webSettings.setJavaScriptEnabled(true); @@ -347,6 +351,25 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList webSettings.setUserAgentString(WebdavClient.USER_AGENT); } + @SuppressLint("SetJavaScriptEnabled") + private void restoreWebView(Bundle savedInstanceState) { + mSsoWebView.restoreState(savedInstanceState); + + CookieManager cookieManager = CookieManager.getInstance(); + Log_OC.e(TAG, "Accept Cookie: " + cookieManager.acceptCookie()); + + mWebViewClient = new SsoWebViewClient(mHandler, this); + mSsoWebView.setWebViewClient(mWebViewClient); + mWebViewClient.setTargetUrl(mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType)); + + WebSettings webSettings = mSsoWebView.getSettings(); + webSettings.setJavaScriptEnabled(true); // at least this one is not being kept by WebView#restoreState + webSettings.setBuiltInZoomControls(true); + webSettings.setLoadWithOverviewMode(false); + webSettings.setSavePassword(false); + webSettings.setUserAgentString(WebdavClient.USER_AGENT); + } + private void initAuthorizationMethod() { boolean oAuthRequired = false; boolean samlWebSsoRequired = false; @@ -380,6 +403,12 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@')); mUsernameInput.setText(userName); } + + if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + initWebView(); + } + mOAuth2Check.setChecked(AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)); + } /** @@ -416,6 +445,9 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList outState.putParcelable(KEY_ACCOUNT, mAccount); } outState.putString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE, mCurrentAuthTokenType); + if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + mSsoWebView.saveState(outState); + } // refresh button enabled outState.putBoolean(KEY_REFRESH_BUTTON_ENABLED, (mRefreshButton.getVisibility() == View.VISIBLE)); @@ -1026,11 +1058,11 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList showDialog(DIALOG_LOGIN_PROGRESS); /// time to test the retrieved access token on the ownCloud server - mOAuthAccessToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN); - Log_OC.d(TAG, "Got ACCESS TOKEN: " + mOAuthAccessToken); + mAuthToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN); + Log_OC.d(TAG, "Got ACCESS TOKEN: " + mAuthToken); mAuthCheckOperation = new ExistenceCheckOperation("", this, false); WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, true); - client.setBearerCredentials(mOAuthAccessToken); + client.setBearerCredentials(mAuthToken); mAuthCheckOperation.execute(client, this, mHandler); } else { @@ -1110,11 +1142,17 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList Bundle response = new Bundle(); response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type); - boolean isOAuth = mOAuth2Check.isChecked(); - if (isOAuth) { - response.putString(AccountManager.KEY_AUTHTOKEN, mOAuthAccessToken); + + if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { + response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention - mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken); + mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); + + } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); + // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention + mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); + } else { response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString()); mAccountMgr.setPassword(mAccount, mPasswordInput.getText().toString()); @@ -1132,11 +1170,15 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList */ private void createAccount() { /// create and save new ownCloud account - boolean isOAuth = mOAuth2Check.isChecked(); + boolean isOAuth = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType); + boolean isSaml = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType); Uri uri = Uri.parse(mHostBaseUrl); String username = mUsernameInput.getText().toString().trim(); - if (isOAuth) { + if (isSaml) { + username = mAccountNameInput.getText().toString().trim(); + + } else if (isOAuth) { username = "OAuth_user" + (new java.util.Random(System.currentTimeMillis())).nextLong(); } String accountName = username + "@" + uri.getHost(); @@ -1144,8 +1186,8 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList accountName += ":" + uri.getPort(); } mAccount = new Account(accountName, AccountAuthenticator.ACCOUNT_TYPE); - if (isOAuth) { - mAccountMgr.addAccountExplicitly(mAccount, "", null); // with our implementation, the password is never input in the app + if (isOAuth || isSaml) { + mAccountMgr.addAccountExplicitly(mAccount, "", null); // with external authorizations, the password is never input in the app } else { mAccountMgr.addAccountExplicitly(mAccount, mPasswordInput.getText().toString(), null); } @@ -1164,17 +1206,20 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList final Intent intent = new Intent(); intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE, AccountAuthenticator.ACCOUNT_TYPE); intent.putExtra(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); - if (!isOAuth) - intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); // TODO check this; not sure it's right; maybe + /*if (!isOAuth) + intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); */ intent.putExtra(AccountManager.KEY_USERDATA, username); - if (isOAuth) { - mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken); + if (isOAuth || isSaml) { + mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); } /// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION, mDiscoveredVersion.toString()); mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL, mHostBaseUrl); - if (isOAuth) - mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); // TODO this flag should be unnecessary + if (isSaml) { + mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO, "TRUE"); + } else if (isOAuth) { + mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); + } setAccountAuthenticatorResult(intent.getExtras()); setResult(RESULT_OK, intent); @@ -1403,7 +1448,6 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mPasswordInput.setVisibility(View.GONE); mAccountNameInput.setVisibility(View.VISIBLE); mSsoWebView.setVisibility(View.VISIBLE); - initWebView(); } else { // basic HTTP authorization @@ -1482,4 +1526,27 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList public abstract boolean onDrawableTouch(final MotionEvent event); } + + @Override + public void onSsoFinished(String sessionCookie) { + //Toast.makeText(this, "got cookies: " + sessionCookie, Toast.LENGTH_LONG).show(); + + if (sessionCookie != null && sessionCookie.length() > 0) { + Log_OC.d(TAG, "Successful SSO - time to save the account"); + mAuthToken = sessionCookie; + if (mAction == ACTION_CREATE) { + createAccount(); + + } else { + updateToken(); + } + + finish(); + + } else { + // TODO - show fail + Log_OC.d(TAG, "SSO failed"); + } + } + }