X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/blobdiff_plain/63a3522ab7c8940ccc48be09e2247f86cbf60598..b6213a0d5fbc40568c32b36fa12ce24c1780c58b:/src/com/owncloud/android/authentication/AuthenticatorActivity.java diff --git a/src/com/owncloud/android/authentication/AuthenticatorActivity.java b/src/com/owncloud/android/authentication/AuthenticatorActivity.java index 3c34be61..138c8609 100644 --- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java +++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java @@ -18,22 +18,7 @@ package com.owncloud.android.authentication; -import com.owncloud.android.AccountUtils; -import com.owncloud.android.Log_OC; -import com.owncloud.android.ui.dialog.SslValidatorDialog; -import com.owncloud.android.ui.dialog.SslValidatorDialog.OnSslValidatorListener; -import com.owncloud.android.utils.OwnCloudVersion; -import com.owncloud.android.network.OwnCloudClientUtils; -import com.owncloud.android.operations.OwnCloudServerCheckOperation; -import com.owncloud.android.operations.ExistenceCheckOperation; -import com.owncloud.android.operations.OAuth2GetAccessToken; -import com.owncloud.android.operations.OnRemoteOperationListener; -import com.owncloud.android.operations.RemoteOperation; -import com.owncloud.android.operations.RemoteOperationResult; -import com.owncloud.android.operations.RemoteOperationResult.ResultCode; - import android.accounts.Account; -import android.accounts.AccountAuthenticatorActivity; import android.accounts.AccountManager; import android.app.AlertDialog; import android.app.Dialog; @@ -58,14 +43,28 @@ import android.view.View.OnFocusChangeListener; import android.view.View.OnTouchListener; import android.view.Window; import android.view.inputmethod.EditorInfo; +import android.widget.Button; import android.widget.CheckBox; import android.widget.EditText; -import android.widget.Button; import android.widget.TextView; -import android.widget.Toast; import android.widget.TextView.OnEditorActionListener; +import android.widget.Toast; +import com.owncloud.android.Log_OC; import com.owncloud.android.R; +import com.owncloud.android.authentication.SsoWebViewClient.SsoWebViewClientListener; +import com.owncloud.android.network.OwnCloudClientUtils; +import com.owncloud.android.operations.ExistenceCheckOperation; +import com.owncloud.android.operations.OAuth2GetAccessToken; +import com.owncloud.android.operations.OnRemoteOperationListener; +import com.owncloud.android.operations.OwnCloudServerCheckOperation; +import com.owncloud.android.operations.RemoteOperation; +import com.owncloud.android.operations.RemoteOperationResult; +import com.owncloud.android.operations.RemoteOperationResult.ResultCode; +import com.owncloud.android.ui.dialog.SamlWebViewDialog; +import com.owncloud.android.ui.dialog.SslValidatorDialog; +import com.owncloud.android.ui.dialog.SslValidatorDialog.OnSslValidatorListener; +import com.owncloud.android.utils.OwnCloudVersion; import eu.alefzero.webdav.WebdavClient; @@ -76,7 +75,7 @@ import eu.alefzero.webdav.WebdavClient; * @author David A. Velasco */ public class AuthenticatorActivity extends AccountAuthenticatorActivity -implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener { +implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener, SsoWebViewClientListener{ private static final String TAG = AuthenticatorActivity.class.getSimpleName(); @@ -84,6 +83,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList public static final String EXTRA_USER_NAME = "USER_NAME"; public static final String EXTRA_HOST_NAME = "HOST_NAME"; public static final String EXTRA_ACTION = "ACTION"; + public static final String EXTRA_ENFORCED_UPDATE = "ENFORCE_UPDATE"; private static final String KEY_HOST_URL_TEXT = "HOST_URL_TEXT"; private static final String KEY_OC_VERSION = "OC_VERSION"; @@ -99,10 +99,10 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList private static final String KEY_AUTH_STATUS_ICON = "AUTH_STATUS_ICON"; private static final String KEY_REFRESH_BUTTON_ENABLED = "KEY_REFRESH_BUTTON_ENABLED"; - private static final String OAUTH_MODE_ON = "on"; - private static final String OAUTH_MODE_OFF = "off"; - private static final String OAUTH_MODE_OPTIONAL = "optional"; - + private static final String AUTH_ON = "on"; + private static final String AUTH_OFF = "off"; + private static final String AUTH_OPTIONAL = "optional"; + private static final int DIALOG_LOGIN_PROGRESS = 0; private static final int DIALOG_SSL_VALIDATOR = 1; private static final int DIALOG_CERT_NOT_SAVED = 2; @@ -110,6 +110,8 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList public static final byte ACTION_CREATE = 0; public static final byte ACTION_UPDATE_TOKEN = 1; + + private static final String TAG_SAML_DIALOG = "samlWebViewDialog"; private String mHostBaseUrl; private OwnCloudVersion mDiscoveredVersion; @@ -117,6 +119,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList private int mServerStatusText, mServerStatusIcon; private boolean mServerIsChecked, mServerIsValid, mIsSslConn; private int mAuthStatusText, mAuthStatusIcon; + private TextView mAuthStatusLayout; private final Handler mHandler = new Handler(); private Thread mOperationThread; @@ -132,17 +135,25 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList private Account mAccount; private EditText mHostUrlInput; + private boolean mHostUrlInputEnabled; + private View mRefreshButton; + + private String mCurrentAuthTokenType; + private EditText mUsernameInput; private EditText mPasswordInput; + private CheckBox mOAuth2Check; - private String mOAuthAccessToken; - private View mOkButton; - private TextView mAuthStatusLayout; - + private TextView mOAuthAuthEndpointText; private TextView mOAuthTokenEndpointText; - private boolean mRefreshButtonEnabled; + private TextView mAccountNameInput; + private SamlWebViewDialog mSamlDialog; + + private View mOkButton; + + private String mAuthToken; /** @@ -158,13 +169,19 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList /// set view and get references to view elements setContentView(R.layout.account_setup); mHostUrlInput = (EditText) findViewById(R.id.hostUrlInput); + mHostUrlInput.setText(getString(R.string.server_url)); // valid although R.string.server_url is an empty string mUsernameInput = (EditText) findViewById(R.id.account_username); mPasswordInput = (EditText) findViewById(R.id.account_password); mOAuthAuthEndpointText = (TextView)findViewById(R.id.oAuthEntryPoint_1); mOAuthTokenEndpointText = (TextView)findViewById(R.id.oAuthEntryPoint_2); mOAuth2Check = (CheckBox) findViewById(R.id.oauth_onOff_check); + mAccountNameInput = (EditText) findViewById(R.id.account_name); mOkButton = findViewById(R.id.buttonOK); mAuthStatusLayout = (TextView) findViewById(R.id.auth_status_text); + + /// set Host Url Input Enabled + mHostUrlInputEnabled = getResources().getBoolean(R.bool.show_server_url_input); + /// complete label for 'register account' button Button b = (Button) findViewById(R.id.account_register); @@ -178,6 +195,17 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mAction = getIntent().getByteExtra(EXTRA_ACTION, ACTION_CREATE); mAccount = null; mHostBaseUrl = ""; + boolean refreshButtonEnabled = false; + + // URL input configuration applied + if (!mHostUrlInputEnabled) + { + findViewById(R.id.hostUrlFrame).setVisibility(View.GONE); + mRefreshButton = findViewById(R.id.centeredRefreshButton); + + } else { + mRefreshButton = findViewById(R.id.embeddedRefreshButton); + } if (savedInstanceState == null) { /// connection state and info @@ -188,9 +216,6 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mAuthStatusText = mAuthStatusIcon = 0; /// retrieve extras from intent - String tokenType = getIntent().getExtras().getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE); - boolean oAuthRequired = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(tokenType) || OAUTH_MODE_ON.equals(getString(R.string.oauth2_mode)); - mAccount = getIntent().getExtras().getParcelable(EXTRA_ACCOUNT); if (mAccount != null) { String ocVersion = mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION); @@ -199,14 +224,14 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList } mHostBaseUrl = normalizeUrl(mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL)); mHostUrlInput.setText(mHostBaseUrl); - String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@')); - mUsernameInput.setText(userName); - oAuthRequired = (mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null); } - mOAuth2Check.setChecked(oAuthRequired); - changeViewByOAuth2Check(oAuthRequired); - - + initAuthorizationMethod(); // checks intent and setup.xml to determine mCurrentAuthorizationMethod + mJustCreated = true; + + if (mAction == ACTION_UPDATE_TOKEN || !mHostUrlInputEnabled) { + checkOcServer(); + } + } else { /// connection state and info mServerIsValid = savedInstanceState.getBoolean(KEY_SERVER_VALID); @@ -229,6 +254,11 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList // account data, if updating mAccount = savedInstanceState.getParcelable(KEY_ACCOUNT); + mCurrentAuthTokenType = savedInstanceState.getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE); + if (mCurrentAuthTokenType == null) { + mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD; + + } // check if server check was interrupted by a configuration change if (savedInstanceState.getBoolean(KEY_SERVER_CHECK_IN_PROGRESS, false)) { @@ -236,43 +266,37 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList } // refresh button enabled - mRefreshButtonEnabled = savedInstanceState.getBoolean(KEY_REFRESH_BUTTON_ENABLED); + refreshButtonEnabled = savedInstanceState.getBoolean(KEY_REFRESH_BUTTON_ENABLED); + } + adaptViewAccordingToAuthenticationMethod(); showServerStatus(); showAuthStatus(); - if (mServerIsChecked && !mServerIsValid && mRefreshButtonEnabled) showRefreshButton(); - mOkButton.setEnabled(mServerIsValid); // state not automatically recovered in configuration changes - - if (!OAUTH_MODE_OPTIONAL.equals(getString(R.string.oauth2_mode))) { - mOAuth2Check.setVisibility(View.GONE); - } - + if (mAction == ACTION_UPDATE_TOKEN) { /// lock things that should not change mHostUrlInput.setEnabled(false); + mHostUrlInput.setFocusable(false); mUsernameInput.setEnabled(false); + mUsernameInput.setFocusable(false); + mOAuth2Check.setVisibility(View.GONE); + } + + //if (mServerIsChecked && !mServerIsValid && mRefreshButtonEnabled) showRefreshButton(); + if (mServerIsChecked && !mServerIsValid && refreshButtonEnabled) showRefreshButton(); + mOkButton.setEnabled(mServerIsValid); // state not automatically recovered in configuration changes + + if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType) || + !AUTH_OPTIONAL.equals(getString(R.string.auth_method_oauth2))) { mOAuth2Check.setVisibility(View.GONE); - if (!mServerIsValid && mOcServerChkOperation == null) { - checkOcServer(); - } } mPasswordInput.setText(""); // clean password to avoid social hacking (disadvantage: password in removed if the device is turned aside) - mJustCreated = true; - /// bind view elements to listeners + /// bind view elements to listeners and other friends mHostUrlInput.setOnFocusChangeListener(this); - mHostUrlInput.setOnTouchListener(new RightDrawableOnTouchListener() { - @Override - public boolean onDrawableTouch(final MotionEvent event) { - if (event.getAction() == MotionEvent.ACTION_UP) { - AuthenticatorActivity.this.onRefreshClick(); - } - return true; - } - }); mHostUrlInput.addTextChangedListener(new TextWatcher() { @Override @@ -300,7 +324,48 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList } return true; } - }); + }); + + } + + + + private void initAuthorizationMethod() { + boolean oAuthRequired = false; + boolean samlWebSsoRequired = false; + + mCurrentAuthTokenType = getIntent().getExtras().getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE); + mAccount = getIntent().getExtras().getParcelable(EXTRA_ACCOUNT); + + // TODO could be a good moment to validate the received token type, if not null + + if (mCurrentAuthTokenType == null) { + if (mAccount != null) { + /// same authentication method than the one used to create the account to update + oAuthRequired = (mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null); + samlWebSsoRequired = (mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null); + + } else { + /// use the one set in setup.xml + oAuthRequired = AUTH_ON.equals(getString(R.string.auth_method_oauth2)); + samlWebSsoRequired = AUTH_ON.equals(getString(R.string.auth_method_saml_web_sso)); + } + if (oAuthRequired) { + mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN; + } else if (samlWebSsoRequired) { + mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE; + } else { + mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD; + } + } + + if (mAccount != null) { + String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@')); + mUsernameInput.setText(userName); + } + + mOAuth2Check.setChecked(AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)); + } /** @@ -336,9 +401,11 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList if (mAccount != null) { outState.putParcelable(KEY_ACCOUNT, mAccount); } + outState.putString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE, mCurrentAuthTokenType); // refresh button enabled - outState.putBoolean(KEY_REFRESH_BUTTON_ENABLED, mRefreshButtonEnabled); + outState.putBoolean(KEY_REFRESH_BUTTON_ENABLED, (mRefreshButton.getVisibility() == View.VISIBLE)); + } @@ -367,9 +434,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList @Override protected void onResume() { super.onResume(); - // the state of mOAuth2Check is automatically recovered between configuration changes, but not before onCreate() finishes; so keep the next lines here - changeViewByOAuth2Check(mOAuth2Check.isChecked()); - if (mAction == ACTION_UPDATE_TOKEN && mJustCreated) { + if (mAction == ACTION_UPDATE_TOKEN && mJustCreated && getIntent().getBooleanExtra(EXTRA_ENFORCED_UPDATE, false)) { if (mOAuth2Check.isChecked()) Toast.makeText(this, R.string.auth_expired_oauth_token_toast, Toast.LENGTH_LONG).show(); else @@ -381,6 +446,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList } mJustCreated = false; + } @@ -402,7 +468,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList getString(R.string.oauth2_grant_type), queryParameters); //WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(getString(R.string.oauth2_url_endpoint_access)), getApplicationContext()); - WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mOAuthTokenEndpointText.getText().toString().trim()), getApplicationContext()); + WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mOAuthTokenEndpointText.getText().toString().trim()), getApplicationContext(), true); operation.execute(client, this, mHandler); } @@ -415,9 +481,6 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList if (view.getId() == R.id.hostUrlInput) { if (!hasFocus) { onUrlInputFocusLost((TextView) view); - if (!mServerIsValid) { - showRefreshButton(); - } } else { hideRefreshButton(); @@ -445,12 +508,20 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList checkOcServer(); } else { mOkButton.setEnabled(mServerIsValid); + if (!mServerIsValid) { + showRefreshButton(); + } } } private void checkOcServer() { String uri = trimUrlWebdav(mHostUrlInput.getText().toString().trim()); + + if (!mHostUrlInputEnabled){ + uri = getString(R.string.server_url); + } + mServerIsValid = false; mServerIsChecked = false; mOkButton.setEnabled(false); @@ -461,7 +532,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mServerStatusIcon = R.drawable.progress_small; showServerStatus(); mOcServerChkOperation = new OwnCloudServerCheckOperation(uri, this); - WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(uri), this); + WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(uri), this, true); mOperationThread = mOcServerChkOperation.execute(client, this, mHandler); } else { mServerStatusText = 0; @@ -561,9 +632,10 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList return; } - if (mOAuth2Check.isChecked()) { + if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { startOauthorization(); - + } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + startSamlBasedFederatedSingleSignOnAuthorization(); } else { checkBasicAuthorization(); } @@ -576,7 +648,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList */ private void checkBasicAuthorization() { /// get the path to the root folder through WebDAV from the version server - String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, false); + String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType); /// get basic credentials entered by user String username = mUsernameInput.getText().toString(); @@ -587,7 +659,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList /// test credentials accessing the root folder mAuthCheckOperation = new ExistenceCheckOperation("", this, false); - WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this); + WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, true); client.setBasicCredentials(username, password); mOperationThread = mAuthCheckOperation.execute(client, this, mHandler); } @@ -602,6 +674,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mAuthStatusIcon = R.drawable.progress_small; mAuthStatusText = R.string.oauth_login_connection; showAuthStatus(); + // GET AUTHORIZATION request //Uri uri = Uri.parse(getString(R.string.oauth2_url_endpoint_auth)); @@ -620,6 +693,26 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList /** + * Starts the Web Single Sign On flow to get access to the root folder + * in the server. + */ + private void startSamlBasedFederatedSingleSignOnAuthorization() { + // be gentle with the user + mAuthStatusIcon = R.drawable.progress_small; + mAuthStatusText = R.string.auth_connecting_auth_server; + showAuthStatus(); + showDialog(DIALOG_LOGIN_PROGRESS); + + /// get the path to the root folder through WebDAV from the version server + String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType); + + /// test credentials accessing the root folder + mAuthCheckOperation = new ExistenceCheckOperation("", this, false); + WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, false); + mOperationThread = mAuthCheckOperation.execute(client, this, mHandler); + } + + /** * Callback method invoked when a RemoteOperation executed by this Activity finishes. * * Dispatches the operation flow to the right method. @@ -634,10 +727,41 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList onGetOAuthAccessTokenFinish((OAuth2GetAccessToken)operation, result); } else if (operation instanceof ExistenceCheckOperation) { - onAuthorizationCheckFinish((ExistenceCheckOperation)operation, result); - + if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + onSamlBasedFederatedSingleSignOnAuthorizationStart(operation, result); + + } else { + onAuthorizationCheckFinish((ExistenceCheckOperation)operation, result); + } } } + + + private void onSamlBasedFederatedSingleSignOnAuthorizationStart(RemoteOperation operation, RemoteOperationResult result) { + try { + dismissDialog(DIALOG_LOGIN_PROGRESS); + } catch (IllegalArgumentException e) { + // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens + } + + if (result.isTemporalRedirection() || result.isIdPRedirection()) { + String url = result.getRedirectedLocation(); + String targetUrl = mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType); + + // Show dialog + mSamlDialog = SamlWebViewDialog.newInstance(url, targetUrl); + mSamlDialog.show(getSupportFragmentManager(), TAG_SAML_DIALOG); + + mAuthStatusIcon = android.R.drawable.ic_secure; + mAuthStatusText = R.string.auth_follow_auth_server; + + } else { + mAuthStatusIcon = R.drawable.common_error; + mAuthStatusText = R.string.auth_unsupported_auth_method; + + } + showAuthStatus(); + } /** @@ -887,17 +1011,17 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens } - String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, true); + String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType); if (result.isSuccess() && webdav_path != null) { /// be gentle with the user showDialog(DIALOG_LOGIN_PROGRESS); /// time to test the retrieved access token on the ownCloud server - mOAuthAccessToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN); - Log_OC.d(TAG, "Got ACCESS TOKEN: " + mOAuthAccessToken); + mAuthToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN); + Log_OC.d(TAG, "Got ACCESS TOKEN: " + mAuthToken); mAuthCheckOperation = new ExistenceCheckOperation("", this, false); - WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this); - client.setBearerCredentials(mOAuthAccessToken); + WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, true); + client.setBearerCredentials(mAuthToken); mAuthCheckOperation.execute(client, this, mHandler); } else { @@ -977,11 +1101,17 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList Bundle response = new Bundle(); response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type); - boolean isOAuth = mOAuth2Check.isChecked(); - if (isOAuth) { - response.putString(AccountManager.KEY_AUTHTOKEN, mOAuthAccessToken); + + if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { + response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); + // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention + mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); + + } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention - mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken); + mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); + } else { response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString()); mAccountMgr.setPassword(mAccount, mPasswordInput.getText().toString()); @@ -999,11 +1129,15 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList */ private void createAccount() { /// create and save new ownCloud account - boolean isOAuth = mOAuth2Check.isChecked(); + boolean isOAuth = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType); + boolean isSaml = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType); Uri uri = Uri.parse(mHostBaseUrl); String username = mUsernameInput.getText().toString().trim(); - if (isOAuth) { + if (isSaml) { + username = mAccountNameInput.getText().toString().trim(); + + } else if (isOAuth) { username = "OAuth_user" + (new java.util.Random(System.currentTimeMillis())).nextLong(); } String accountName = username + "@" + uri.getHost(); @@ -1011,8 +1145,8 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList accountName += ":" + uri.getPort(); } mAccount = new Account(accountName, AccountAuthenticator.ACCOUNT_TYPE); - if (isOAuth) { - mAccountMgr.addAccountExplicitly(mAccount, "", null); // with our implementation, the password is never input in the app + if (isOAuth || isSaml) { + mAccountMgr.addAccountExplicitly(mAccount, "", null); // with external authorizations, the password is never input in the app } else { mAccountMgr.addAccountExplicitly(mAccount, mPasswordInput.getText().toString(), null); } @@ -1031,17 +1165,20 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList final Intent intent = new Intent(); intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE, AccountAuthenticator.ACCOUNT_TYPE); intent.putExtra(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); - if (!isOAuth) - intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); // TODO check this; not sure it's right; maybe + /*if (!isOAuth) + intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); */ intent.putExtra(AccountManager.KEY_USERDATA, username); - if (isOAuth) { - mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken); + if (isOAuth || isSaml) { + mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); } /// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION, mDiscoveredVersion.toString()); mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL, mHostBaseUrl); - if (isOAuth) - mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); // TODO this flag should be unnecessary + if (isSaml) { + mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO, "TRUE"); + } else if (isOAuth) { + mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); + } setAccountAuthenticatorResult(intent.getExtras()); setResult(RESULT_OK, intent); @@ -1194,13 +1331,11 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList private void showRefreshButton() { - mHostUrlInput.setCompoundDrawablesWithIntrinsicBounds(0, 0, R.drawable.ic_action_refresh_black, 0); - mRefreshButtonEnabled = true; + mRefreshButton.setVisibility(View.VISIBLE); } private void hideRefreshButton() { - mHostUrlInput.setCompoundDrawablesWithIntrinsicBounds(0, 0, 0, 0); - mRefreshButtonEnabled = false; + mRefreshButton.setVisibility(View.GONE); } /** @@ -1210,7 +1345,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList * * @param view Refresh 'button' */ - public void onRefreshClick() { + public void onRefreshClick(View view) { checkOcServer(); } @@ -1240,38 +1375,51 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList * @param view 'View password' 'button' */ public void onCheckClick(View view) { - CheckBox oAuth2Check = (CheckBox)view; - changeViewByOAuth2Check(oAuth2Check.isChecked()); - + CheckBox oAuth2Check = (CheckBox)view; + if (oAuth2Check.isChecked()) { + mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN; + } else { + mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD; + } + adaptViewAccordingToAuthenticationMethod(); } + /** - * Changes the visibility of input elements depending upon the kind of authorization - * chosen by the user: basic or OAuth - * - * @param checked 'True' when OAuth is selected. + * Changes the visibility of input elements depending on + * the current authorization method. */ - public void changeViewByOAuth2Check(Boolean checked) { - - if (checked) { + private void adaptViewAccordingToAuthenticationMethod () { + if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { + // OAuth 2 authorization mOAuthAuthEndpointText.setVisibility(View.VISIBLE); mOAuthTokenEndpointText.setVisibility(View.VISIBLE); mUsernameInput.setVisibility(View.GONE); mPasswordInput.setVisibility(View.GONE); + mAccountNameInput.setVisibility(View.GONE); + + } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + // SAML-based web Single Sign On + mOAuthAuthEndpointText.setVisibility(View.GONE); + mOAuthTokenEndpointText.setVisibility(View.GONE); + mUsernameInput.setVisibility(View.GONE); + mPasswordInput.setVisibility(View.GONE); + mAccountNameInput.setVisibility(View.VISIBLE); } else { + // basic HTTP authorization mOAuthAuthEndpointText.setVisibility(View.GONE); mOAuthTokenEndpointText.setVisibility(View.GONE); mUsernameInput.setVisibility(View.VISIBLE); mPasswordInput.setVisibility(View.VISIBLE); - } - - } - + mAccountNameInput.setVisibility(View.GONE); + } + } + /** * Called from SslValidatorDialog when a new server certificate was correctly saved. */ public void onSavedCertificate() { - mOperationThread = mOcServerChkOperation.retry(this, mHandler); + checkOcServer(); } /** @@ -1333,4 +1481,42 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList public abstract boolean onDrawableTouch(final MotionEvent event); } + + public void onSamlDialogSuccess(String sessionCookie){ + mAuthToken = sessionCookie; + + if (sessionCookie != null && sessionCookie.length() > 0) { + Log_OC.d(TAG, "Successful SSO - time to save the account"); + mAuthToken = sessionCookie; + if (mAction == ACTION_CREATE) { + createAccount(); + + } else { + updateToken(); + } + + finish(); + + } + } + + + + @Override + public void onSsoFinished(String sessionCookie) { + //Toast.makeText(this, "got cookies: " + sessionCookie, Toast.LENGTH_LONG).show(); + + if (sessionCookie != null && sessionCookie.length() > 0) { + Log_OC.d(TAG, "Successful SSO - time to save the account"); + onSamlDialogSuccess(sessionCookie); + finish(); + + } else { + // TODO - show fail + Log_OC.d(TAG, "SSO failed"); + } + } + + + }