X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/blobdiff_plain/b6c7719415ce87d905996a4def50066415786c3e..afaa2879d192be067cae523b51dad75d89a6c6cb:/src/com/owncloud/android/authentication/AuthenticatorActivity.java diff --git a/src/com/owncloud/android/authentication/AuthenticatorActivity.java b/src/com/owncloud/android/authentication/AuthenticatorActivity.java index d88b8dc2..713851ba 100644 --- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java +++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java @@ -1,6 +1,11 @@ -/* ownCloud Android client application +/** + * ownCloud Android client application + * + * @author Bartek Przybylski + * @author David A. Velasco + * @author masensio * Copyright (C) 2012 Bartek Przybylski - * Copyright (C) 2012-2014 ownCloud Inc. + * Copyright (C) 2015 ownCloud Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, @@ -64,7 +69,10 @@ import com.actionbarsherlock.app.SherlockDialogFragment; import com.owncloud.android.MainApp; import com.owncloud.android.R; import com.owncloud.android.authentication.SsoWebViewClient.SsoWebViewClientListener; +import com.owncloud.android.lib.common.OwnCloudCredentials; +import com.owncloud.android.lib.common.OwnCloudCredentialsFactory; import com.owncloud.android.lib.common.accounts.AccountTypeUtils; +import com.owncloud.android.lib.common.accounts.AccountUtils.AccountNotFoundException; import com.owncloud.android.lib.common.accounts.AccountUtils.Constants; import com.owncloud.android.lib.common.network.CertificateCombinedException; import com.owncloud.android.lib.common.operations.OnRemoteOperationListener; @@ -72,7 +80,6 @@ import com.owncloud.android.lib.common.operations.RemoteOperation; import com.owncloud.android.lib.common.operations.RemoteOperationResult; import com.owncloud.android.lib.common.operations.RemoteOperationResult.ResultCode; import com.owncloud.android.lib.common.utils.Log_OC; -import com.owncloud.android.lib.resources.files.ExistenceCheckRemoteOperation; import com.owncloud.android.lib.resources.status.OwnCloudVersion; import com.owncloud.android.lib.resources.users.GetRemoteUserNameOperation; import com.owncloud.android.operations.DetectAuthenticationMethodOperation.AuthenticationMethod; @@ -85,17 +92,15 @@ import com.owncloud.android.ui.dialog.IndeterminateProgressDialog; import com.owncloud.android.ui.dialog.SamlWebViewDialog; import com.owncloud.android.ui.dialog.SslUntrustedCertDialog; import com.owncloud.android.ui.dialog.SslUntrustedCertDialog.OnSslUntrustedCertListener; +import com.owncloud.android.utils.DisplayUtils; /** * This Activity is used to add an ownCloud account to the App - * - * @author Bartek Przybylski - * @author David A. Velasco - * @author masensio */ public class AuthenticatorActivity extends AccountAuthenticatorActivity -implements OnRemoteOperationListener, OnFocusChangeListener, OnEditorActionListener, -SsoWebViewClientListener, OnSslUntrustedCertListener { + implements OnRemoteOperationListener, OnFocusChangeListener, OnEditorActionListener, + SsoWebViewClientListener, OnSslUntrustedCertListener, + AuthenticatorAsyncTask.OnAuthenticatorTaskListener { private static final String TAG = AuthenticatorActivity.class.getSimpleName(); @@ -131,6 +136,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private static final String CREDENTIALS_DIALOG_TAG = "CREDENTIALS_DIALOG"; private static final String KEY_AUTH_IS_FIRST_ATTEMPT_TAG = "KEY_AUTH_IS_FIRST_ATTEMPT"; + private static final String KEY_USERNAME = "USERNAME"; + private static final String KEY_PASSWORD = "PASSWORD"; + private static final String KEY_ASYNC_TASK_IN_PROGRESS = "AUTH_IN_PROGRESS"; /// parameters from EXTRAs in starter Intent private byte mAction; @@ -174,14 +182,19 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private int mAuthStatusText = 0, mAuthStatusIcon = 0; private String mAuthToken = ""; + private AuthenticatorAsyncTask mAsyncTask; private boolean mIsFirstAuthAttempt; - /// Identifier of operation in progress which result shouldn't be lost private long mWaitingForOpId = Long.MAX_VALUE; - + private final String BASIC_TOKEN_TYPE = AccountTypeUtils.getAuthTokenTypePass(MainApp.getAccountType()); + private final String OAUTH_TOKEN_TYPE = AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()); + private final String SAML_TOKEN_TYPE = + AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()); + + /** * {@inheritDoc} * @@ -226,7 +239,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { setContentView(R.layout.account_setup); /// initialize general UI elements - initOverallUi(savedInstanceState); + initOverallUi(); mOkButton = findViewById(R.id.buttonOK); @@ -246,13 +259,17 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (mAccount != null) { boolean oAuthRequired = (mAccountMgr.getUserData(mAccount, Constants.KEY_SUPPORTS_OAUTH2) != null); - boolean samlWebSsoRequired = - (mAccountMgr.getUserData(mAccount, Constants.KEY_SUPPORTS_SAML_WEB_SSO) != null); + boolean samlWebSsoRequired = ( + mAccountMgr.getUserData( + mAccount, Constants.KEY_SUPPORTS_SAML_WEB_SSO + ) != null + ); mAuthTokenType = chooseAuthTokenType(oAuthRequired, samlWebSsoRequired); } else { boolean oAuthSupported = AUTH_ON.equals(getString(R.string.auth_method_oauth2)); - boolean samlWebSsoSupported = AUTH_ON.equals(getString(R.string.auth_method_saml_web_sso)); + boolean samlWebSsoSupported = + AUTH_ON.equals(getString(R.string.auth_method_saml_web_sso)); mAuthTokenType = chooseAuthTokenType(oAuthSupported, samlWebSsoSupported); } } @@ -260,21 +277,19 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private String chooseAuthTokenType(boolean oauth, boolean saml) { if (saml) { - return AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()); + return SAML_TOKEN_TYPE; } else if (oauth) { - return AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()); + return OAUTH_TOKEN_TYPE; } else { - return AccountTypeUtils.getAuthTokenTypePass(MainApp.getAccountType()); + return BASIC_TOKEN_TYPE; } } /** * Configures elements in the user interface under direct control of the Activity. - * - * @param savedInstanceState Saved activity state, as in {{@link #onCreate(Bundle)} */ - private void initOverallUi(Bundle savedInstanceState) { + private void initOverallUi() { /// step 1 - load and process relevant inputs (resources, intent, savedInstanceState) boolean isWelcomeLinkVisible = getResources().getBoolean(R.bool.show_welcome_link); @@ -321,7 +336,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (savedInstanceState == null) { if (mAccount != null) { mServerInfo.mBaseUrl = mAccountMgr.getUserData(mAccount, Constants.KEY_OC_BASE_URL); - mServerInfo.mIsSslConn = mServerInfo.mBaseUrl.startsWith("https://"); // TODO do this in a setter for mBaseUrl + // TODO do next in a setter for mBaseUrl + mServerInfo.mIsSslConn = mServerInfo.mBaseUrl.startsWith("https://"); String ocVersion = mAccountMgr.getUserData(mAccount, Constants.KEY_OC_VERSION); if (ocVersion != null) { mServerInfo.mVersion = new OwnCloudVersion(ocVersion); @@ -351,7 +367,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /// step 2 - set properties of UI elements (text, visibility, enabled...) mHostUrlInput = (EditText) findViewById(R.id.hostUrlInput); - mHostUrlInput.setText(mServerInfo.mBaseUrl); + // Convert IDN to Unicode + mHostUrlInput.setText(DisplayUtils.convertIdn(mServerInfo.mBaseUrl, false)); if (mAction != ACTION_CREATE) { /// lock things that should not change mHostUrlInput.setEnabled(false); @@ -363,7 +380,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { findViewById(R.id.hostUrlFrame).setVisibility(View.GONE); mRefreshButton = findViewById(R.id.centeredRefreshButton); } - showRefreshButton(mServerIsChecked && !mServerIsValid && + showRefreshButton(mServerIsChecked && !mServerIsValid && mWaitingForOpId > Integer.MAX_VALUE); mServerStatusView = (TextView) findViewById(R.id.server_status_text); showServerStatus(); @@ -405,8 +422,12 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public boolean onTouch(View view, MotionEvent event) { if (event.getAction() == MotionEvent.ACTION_DOWN) { - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType) && - mHostUrlInput.hasFocus()) { + if ( + AccountTypeUtils.getAuthTokenTypeSamlSessionCookie( + MainApp.getAccountType() + ).equals(mAuthTokenType) && + mHostUrlInput.hasFocus() + ) { checkOcServer(); } } @@ -534,10 +555,11 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** * Saves relevant state before {@link #onPause()} * - * Do NOT save {@link #mNewCapturedUriFromOAuth2Redirection}; it keeps a temporal flag, intended to defer the - * processing of the redirection caught in {@link #onNewIntent(Intent)} until {@link #onResume()} + * Do NOT save {@link #mNewCapturedUriFromOAuth2Redirection}; it keeps a temporal flag, + * intended to defer the processing of the redirection caught in + * {@link #onNewIntent(Intent)} until {@link #onResume()} * - * See {@link #loadSavedInstanceState(Bundle)} + * See {@link #onSaveInstanceState(Bundle)} */ @Override protected void onSaveInstanceState(Bundle outState) { @@ -569,16 +591,49 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /// authentication outState.putBoolean(KEY_AUTH_IS_FIRST_ATTEMPT_TAG, mIsFirstAuthAttempt); + /// AsyncTask (User and password) + outState.putString(KEY_USERNAME, mUsernameInput.getText().toString()); + outState.putString(KEY_PASSWORD, mPasswordInput.getText().toString()); + + if (mAsyncTask != null) { + mAsyncTask.cancel(true); + outState.putBoolean(KEY_ASYNC_TASK_IN_PROGRESS, true); + } else { + outState.putBoolean(KEY_ASYNC_TASK_IN_PROGRESS, false); + } + mAsyncTask = null; + //Log_OC.wtf(TAG, "onSaveInstanceState end" ); } + @Override + public void onRestoreInstanceState(Bundle savedInstanceState) { + super.onRestoreInstanceState(savedInstanceState); + + // AsyncTask + boolean inProgress = savedInstanceState.getBoolean(KEY_ASYNC_TASK_IN_PROGRESS); + if (inProgress){ + String username = savedInstanceState.getString(KEY_USERNAME); + String password = savedInstanceState.getString(KEY_PASSWORD); + + OwnCloudCredentials credentials = null; + if (BASIC_TOKEN_TYPE.equals(mAuthTokenType)) { + credentials = OwnCloudCredentialsFactory.newBasicCredentials(username, password); + + } else if (OAUTH_TOKEN_TYPE.equals(mAuthTokenType)) { + credentials = OwnCloudCredentialsFactory.newBearerCredentials(mAuthToken); + + } + accessRootFolder(credentials); + } + } /** - * The redirection triggered by the OAuth authentication server as response to the GET AUTHORIZATION request - * is caught here. + * The redirection triggered by the OAuth authentication server as response to the + * GET AUTHORIZATION request is caught here. * - * To make this possible, this activity needs to be qualified with android:launchMode = "singleTask" in the - * AndroidManifest.xml file. + * To make this possible, this activity needs to be qualified with android:launchMode = + * "singleTask" in the AndroidManifest.xml file. */ @Override protected void onNewIntent (Intent intent) { @@ -591,12 +646,11 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** - * The redirection triggered by the OAuth authentication server as response to the GET AUTHORIZATION, and - * deferred in {@link #onNewIntent(Intent)}, is processed here. + * The redirection triggered by the OAuth authentication server as response to the + * GET AUTHORIZATION, and deferred in {@link #onNewIntent(Intent)}, is processed here. */ @Override protected void onResume() { - //Log_OC.wtf(TAG, "onResume init" ); super.onResume(); // bound here to avoid spurious changes triggered by Android on device rotations @@ -611,15 +665,12 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { doOnResumeAndBound(); } - //Log_OC.wtf(TAG, "onResume end" ); } @Override protected void onPause() { - //Log_OC.wtf(TAG, "onPause init" ); if (mOperationsServiceBinder != null) { - //Log_OC.wtf(TAG, "unregistering to listen for operation callbacks" ); mOperationsServiceBinder.removeOperationListener(this); } @@ -627,7 +678,6 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { mHostUrlInput.setOnFocusChangeListener(null); super.onPause(); - //Log_OC.wtf(TAG, "onPause end" ); } @Override @@ -671,7 +721,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (mOperationsServiceBinder != null) { //Log_OC.wtf(TAG, "getting access token..." ); - mWaitingForOpId = mOperationsServiceBinder.newOperation(getServerInfoIntent); + mWaitingForOpId = mOperationsServiceBinder.queueNewOperation(getServerInfoIntent); } } @@ -683,14 +733,14 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { public void onFocusChange(View view, boolean hasFocus) { if (view.getId() == R.id.hostUrlInput) { if (!hasFocus) { - onUrlInputFocusLost((TextView) view); + onUrlInputFocusLost(); } else { showRefreshButton(false); } } else if (view.getId() == R.id.account_password) { - onPasswordFocusChanged((TextView) view, hasFocus); + onPasswordFocusChanged(hasFocus); } } @@ -703,10 +753,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * started. * * When hasFocus: user 'comes back' to write again the server URL. - * - * @param hostInput TextView with the URL input field receiving the change of focus. */ - private void onUrlInputFocusLost(TextView hostInput) { + private void onUrlInputFocusLost() { if (!mServerInfo.mBaseUrl.equals( normalizeUrl(mHostUrlInput.getText().toString(), mServerInfo.mIsSslConn))) { // check server again only if the user changed something in the field @@ -725,17 +773,23 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { mOkButton.setEnabled(false); mServerInfo = new GetServerInfoOperation.ServerInfo(); showRefreshButton(false); - + if (uri.length() != 0) { + // Handle internationalized domain names + uri = DisplayUtils.convertIdn(uri, true); + mServerStatusText = R.string.auth_testing_connection; mServerStatusIcon = R.drawable.progress_small; showServerStatus(); Intent getServerInfoIntent = new Intent(); getServerInfoIntent.setAction(OperationsService.ACTION_GET_SERVER_INFO); - getServerInfoIntent.putExtra(OperationsService.EXTRA_SERVER_URL, uri); + getServerInfoIntent.putExtra( + OperationsService.EXTRA_SERVER_URL, + normalizeUrlSuffix(uri) + ); if (mOperationsServiceBinder != null) { - mWaitingForOpId = mOperationsServiceBinder.newOperation(getServerInfoIntent); + mWaitingForOpId = mOperationsServiceBinder.queueNewOperation(getServerInfoIntent); } else { Log_OC.wtf(TAG, "Server check tried with OperationService unbound!" ); } @@ -755,10 +809,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * * When (!hasFocus), the button is made invisible and the password is hidden. * - * @param passwordInput TextView with the password input field receiving the change of focus. * @param hasFocus 'True' if focus is received, 'false' if is lost */ - private void onPasswordFocusChanged(TextView passwordInput, boolean hasFocus) { + private void onPasswordFocusChanged(boolean hasFocus) { if (hasFocus) { showViewPasswordButton(); } else { @@ -777,7 +830,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } private boolean isPasswordVisible() { - return ((mPasswordInput.getInputType() & InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD) == InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD); + return ((mPasswordInput.getInputType() & InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD) == + InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD); } private void hidePasswordButton() { @@ -785,12 +839,16 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } private void showPassword() { - mPasswordInput.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD); + mPasswordInput.setInputType( + InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD + ); showViewPasswordButton(); } private void hidePassword() { - mPasswordInput.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD); + mPasswordInput.setInputType( + InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD + ); showViewPasswordButton(); } @@ -818,13 +876,16 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { mServerStatusText = R.string.auth_wtf_reenter_URL; showServerStatus(); mOkButton.setEnabled(false); - //Log_OC.wtf(TAG, "The user was allowed to click 'connect' to an unchecked server!!"); return; } - if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType)) { + if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()). + equals(mAuthTokenType)) { + startOauthorization(); - } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { + } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType)) { + startSamlBasedFederatedSingleSignOnAuthorization(); } else { checkBasicAuthorization(); @@ -847,25 +908,17 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { dialog.show(getSupportFragmentManager(), WAIT_DIALOG_TAG); /// validate credentials accessing the root folder - accessRootFolderRemoteOperation(username, password); - + OwnCloudCredentials credentials = OwnCloudCredentialsFactory.newBasicCredentials(username, password); + accessRootFolder(credentials); } - private void accessRootFolderRemoteOperation(String username, String password) { - Intent existenceCheckIntent = new Intent(); - existenceCheckIntent.setAction(OperationsService.ACTION_EXISTENCE_CHECK); - existenceCheckIntent.putExtra(OperationsService.EXTRA_SERVER_URL, mServerInfo.mBaseUrl); - existenceCheckIntent.putExtra(OperationsService.EXTRA_REMOTE_PATH, "/"); - existenceCheckIntent.putExtra(OperationsService.EXTRA_USERNAME, username); - existenceCheckIntent.putExtra(OperationsService.EXTRA_PASSWORD, password); - existenceCheckIntent.putExtra(OperationsService.EXTRA_AUTH_TOKEN, mAuthToken); - - if (mOperationsServiceBinder != null) { - //Log_OC.wtf(TAG, "starting existenceCheckRemoteOperation..." ); - mWaitingForOpId = mOperationsServiceBinder.newOperation(existenceCheckIntent); - } + private void accessRootFolder(OwnCloudCredentials credentials) { + mAsyncTask = new AuthenticatorAsyncTask(this); + Object[] params = { mServerInfo.mBaseUrl, credentials }; + mAsyncTask.execute(params); } + /** * Starts the OAuth 'grant type' flow to get an access token, with * a GET AUTHORIZATION request to the BUILT-IN authorization server. @@ -879,10 +932,18 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { // GET AUTHORIZATION request Uri uri = Uri.parse(mOAuthAuthEndpointText.getText().toString().trim()); Uri.Builder uriBuilder = uri.buildUpon(); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_RESPONSE_TYPE, getString(R.string.oauth2_response_type)); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_REDIRECT_URI, getString(R.string.oauth2_redirect_uri)); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_CLIENT_ID, getString(R.string.oauth2_client_id)); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_SCOPE, getString(R.string.oauth2_scope)); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_RESPONSE_TYPE, getString(R.string.oauth2_response_type) + ); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_REDIRECT_URI, getString(R.string.oauth2_redirect_uri) + ); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_CLIENT_ID, getString(R.string.oauth2_client_id) + ); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_SCOPE, getString(R.string.oauth2_scope) + ); uri = uriBuilder.build(); Log_OC.d(TAG, "Starting browser to view " + uri.toString()); Intent i = new Intent(Intent.ACTION_VIEW, uri); @@ -895,17 +956,16 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * in the server. */ private void startSamlBasedFederatedSingleSignOnAuthorization() { - // be gentle with the user + /// be gentle with the user mAuthStatusIcon = R.drawable.progress_small; mAuthStatusText = R.string.auth_connecting_auth_server; showAuthStatus(); - IndeterminateProgressDialog dialog = - IndeterminateProgressDialog.newInstance(R.string.auth_trying_to_login, true); - dialog.show(getSupportFragmentManager(), WAIT_DIALOG_TAG); - - /// validate credentials accessing the root folder - accessRootFolderRemoteOperation("", ""); + /// Show SAML-based SSO web dialog + String targetUrl = mServerInfo.mBaseUrl + + AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); + SamlWebViewDialog dialog = SamlWebViewDialog.newInstance(targetUrl, targetUrl); + dialog.show(getSupportFragmentManager(), SAML_DIALOG_TAG); } /** @@ -925,14 +985,6 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } else if (operation instanceof OAuth2GetAccessToken) { onGetOAuthAccessTokenFinish(result); - } else if (operation instanceof ExistenceCheckRemoteOperation) { - //Log_OC.wtf(TAG, "received detection response through callback" ); - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { - onSamlBasedFederatedSingleSignOnAuthorizationStart(result); - - } else { - onAuthorizationCheckFinish(result); - } } else if (operation instanceof GetRemoteUserNameOperation) { onGetUserNameFinish(result); } @@ -953,20 +1005,20 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (!mUsernameInput.getText().toString().equals(username)) { // fail - not a new account, but an existing one; disallow result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); - /* - OwnCloudClientManagerFactory.getDefaultSingleton().removeClientFor( - new OwnCloudAccount( - Uri.parse(mServerInfo.mBaseUrl), - OwnCloudCredentialsFactory.newSamlSsoCredentials(mAuthToken)) - ); - */ mAuthToken = ""; updateAuthStatusIconAndText(result); showAuthStatus(); Log_OC.d(TAG, result.getLogMessage()); } else { - updateToken(); - success = true; + try { + updateAccountAuthentication(); + success = true; + + } catch (AccountNotFoundException e) { + Log_OC.e(TAG, "Account " + mAccount + " was removed!", e); + Toast.makeText(this, R.string.auth_account_does_not_exist, Toast.LENGTH_SHORT).show(); + finish(); + } } } @@ -980,36 +1032,10 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } - private void onSamlBasedFederatedSingleSignOnAuthorizationStart(RemoteOperationResult result) { - mWaitingForOpId = Long.MAX_VALUE; - dismissDialog(WAIT_DIALOG_TAG); - - if (result.isIdPRedirection()) { - String url = result.getRedirectedLocation(); - String targetUrl = mServerInfo.mBaseUrl - + AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); - - // Show dialog - SamlWebViewDialog dialog = SamlWebViewDialog.newInstance(url, targetUrl); - dialog.show(getSupportFragmentManager(), SAML_DIALOG_TAG); - - mAuthStatusIcon = 0; - mAuthStatusText = 0; - - } else { - mAuthStatusIcon = R.drawable.common_error; - mAuthStatusText = R.string.auth_unsupported_auth_method; - - } - showAuthStatus(); - } - - /** * Processes the result of the server check performed when the user finishes the enter of the * server URL. - * - * @param operation Server check performed. + * * @param result Result of the check. */ private void onGetServerInfoFinish(RemoteOperationResult result) { @@ -1054,16 +1080,12 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private boolean authSupported(AuthenticationMethod authMethod) { - String basic = AccountTypeUtils.getAuthTokenTypePass(MainApp.getAccountType()); - String oAuth = AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()); - String saml = AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()); - - return (( mAuthTokenType.equals(basic) && - authMethod.equals(AuthenticationMethod.BASIC_HTTP_AUTH) ) || - ( mAuthTokenType.equals(oAuth) && - authMethod.equals(AuthenticationMethod.BEARER_TOKEN)) || - ( mAuthTokenType.equals(saml) && - authMethod.equals(AuthenticationMethod.SAML_WEB_SSO)) + return (( BASIC_TOKEN_TYPE.equals(mAuthTokenType) && + AuthenticationMethod.BASIC_HTTP_AUTH.equals(authMethod) ) || + ( OAUTH_TOKEN_TYPE.equals(mAuthTokenType) && + AuthenticationMethod.BEARER_TOKEN.equals(authMethod)) || + ( SAML_TOKEN_TYPE.equals(mAuthTokenType) && + AuthenticationMethod.SAML_WEB_SSO.equals(authMethod)) ); } @@ -1080,27 +1102,27 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { url = "http://" + url; } } - - url = trimUrlWebdav(url); - - if (url.endsWith("/")) { - url = url.substring(0, url.length() - 1); - } - + + url = normalizeUrlSuffix(url); } return (url != null ? url : ""); } + + + private String normalizeUrlSuffix(String url) { + if (url.endsWith("/")) { + url = url.substring(0, url.length() - 1); + } + url = trimUrlWebdav(url); + return url; + } // TODO remove, if possible private String trimUrlWebdav(String url){ - if(url.toLowerCase().endsWith(AccountUtils.WEBDAV_PATH_4_0)){ - url = url.substring(0, url.length() - AccountUtils.WEBDAV_PATH_4_0.length()); - } else if(url.toLowerCase().endsWith(AccountUtils.WEBDAV_PATH_2_0)){ - url = url.substring(0, url.length() - AccountUtils.WEBDAV_PATH_2_0.length()); - } else if (url.toLowerCase().endsWith(AccountUtils.WEBDAV_PATH_1_2)){ - url = url.substring(0, url.length() - AccountUtils.WEBDAV_PATH_1_2.length()); - } + if(url.toLowerCase().endsWith(AccountUtils.WEBDAV_PATH_4_0_AND_LATER)){ + url = url.substring(0, url.length() - AccountUtils.WEBDAV_PATH_4_0_AND_LATER.length()); + } return (url != null ? url : ""); } @@ -1299,10 +1321,11 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @SuppressWarnings("unchecked") Map tokens = (Map)(result.getData().get(0)); mAuthToken = tokens.get(OAuth2Constants.KEY_ACCESS_TOKEN); - //mAuthToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN); Log_OC.d(TAG, "Got ACCESS TOKEN: " + mAuthToken); - - accessRootFolderRemoteOperation("", ""); + + /// validate token accessing to root folder / getting session + OwnCloudCredentials credentials = OwnCloudCredentialsFactory.newBearerCredentials(mAuthToken); + accessRootFolder(credentials); } else { updateAuthStatusIconAndText(result); @@ -1316,11 +1339,11 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * Processes the result of the access check performed to try the user credentials. * * Creates a new account through the AccountManager. - * - * @param operation Access check performed. + * * @param result Result of the operation. */ - private void onAuthorizationCheckFinish(RemoteOperationResult result) { + @Override + public void onAuthenticatorTaskCallback(RemoteOperationResult result) { mWaitingForOpId = Long.MAX_VALUE; dismissDialog(WAIT_DIALOG_TAG); @@ -1332,15 +1355,22 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { success = createAccount(); } else { - updateToken(); - success = true; + try { + updateAccountAuthentication(); + success = true; + + } catch (AccountNotFoundException e) { + Log_OC.e(TAG, "Account " + mAccount + " was removed!", e); + Toast.makeText(this, R.string.auth_account_does_not_exist, Toast.LENGTH_SHORT).show(); + finish(); + } } if (success) { finish(); } - } else if (result.isServerFail() || result.isException()) { + } else if (result.isServerFail() || result.isException()) { /// server errors or exceptions in authorization take to requiring a new check of /// the server mServerIsChecked = true; @@ -1358,7 +1388,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { showRefreshButton(true); mOkButton.setEnabled(false); - // very special case (TODO: move to a common place for all the remote operations) (dangerous here?) + // very special case (TODO: move to a common place for all the remote operations) if (result.getCode() == ResultCode.SSL_RECOVERABLE_PEER_UNVERIFIED) { showUntrustedCertDialog(result); } @@ -1374,23 +1404,33 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** - * Sets the proper response to get that the Account Authenticator that started this activity saves - * a new authorization token for mAccount. + * Updates the authentication token. + * + * Sets the proper response so that the AccountAuthenticator that started this activity + * saves a new authorization token for mAccount. + * + * Kills the session kept by OwnCloudClientManager so that a new one will created with + * the new credentials when needed. */ - private void updateToken() { + private void updateAccountAuthentication() throws AccountNotFoundException { + Bundle response = new Bundle(); response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type); - if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType)) { + if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()). + equals(mAuthTokenType)) { response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); - // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention + // the next line is necessary, notifications are calling directly to the + // AuthenticatorActivity to update, without AccountManager intervention mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken); - } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { + } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType)) { response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); - // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention + // the next line is necessary; by now, notifications are calling directly to the + // AuthenticatorActivity to update, without AccountManager intervention mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken); } else { @@ -1411,8 +1451,10 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { */ private boolean createAccount() { /// create and save new ownCloud account - boolean isOAuth = AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType); - boolean isSaml = AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType); + boolean isOAuth = AccountTypeUtils. + getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType); + boolean isSaml = AccountTypeUtils. + getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType); Uri uri = Uri.parse(mServerInfo.mBaseUrl); String username = mUsernameInput.getText().toString().trim(); @@ -1434,11 +1476,21 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { mAccount = newAccount; if (isOAuth || isSaml) { - mAccountMgr.addAccountExplicitly(mAccount, "", null); // with external authorizations, the password is never input in the app + // with external authorizations, the password is never input in the app + mAccountMgr.addAccountExplicitly(mAccount, "", null); } else { - mAccountMgr.addAccountExplicitly(mAccount, mPasswordInput.getText().toString(), null); + mAccountMgr.addAccountExplicitly( + mAccount, mPasswordInput.getText().toString(), null + ); } + // include account version with the new account + mAccountMgr.setUserData( + mAccount, + Constants.KEY_OC_ACCOUNT_VERSION, + Integer.toString(AccountUtils.ACCOUNT_VERSION) + ); + /// add the new account as default in preferences, if there is none already Account defaultAccount = AccountUtils.getCurrentOwnCloudAccount(this); if (defaultAccount == null) { @@ -1449,20 +1501,24 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } /// prepare result to return to the Authenticator - // TODO check again what the Authenticator makes with it; probably has the same effect as addAccountExplicitly, but it's not well done + // TODO check again what the Authenticator makes with it; probably has the same + // effect as addAccountExplicitly, but it's not well done final Intent intent = new Intent(); intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE, MainApp.getAccountType()); intent.putExtra(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); - /*if (!isOAuth) - intent.putExtra(AccountManager.KEY_AUTHTOKEN, MainApp.getAccountType()); */ intent.putExtra(AccountManager.KEY_USERDATA, username); if (isOAuth || isSaml) { mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken); } - /// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA - mAccountMgr.setUserData(mAccount, Constants.KEY_OC_VERSION, mServerInfo.mVersion.getVersion()); - mAccountMgr.setUserData(mAccount, Constants.KEY_OC_BASE_URL, mServerInfo.mBaseUrl); - + /// add user data to the new account; TODO probably can be done in the last parameter + // addAccountExplicitly, or in KEY_USERDATA + mAccountMgr.setUserData( + mAccount, Constants.KEY_OC_VERSION, mServerInfo.mVersion.getVersion() + ); + mAccountMgr.setUserData( + mAccount, Constants.KEY_OC_BASE_URL, mServerInfo.mBaseUrl + ); + if (isSaml) { mAccountMgr.setUserData(mAccount, Constants.KEY_SUPPORTS_SAML_WEB_SSO, "TRUE"); } else if (isOAuth) { @@ -1483,7 +1539,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * @param view 'Account register' button */ public void onRegisterClick(View view) { - Intent register = new Intent(Intent.ACTION_VIEW, Uri.parse(getString(R.string.welcome_link_url))); + Intent register = new Intent( + Intent.ACTION_VIEW, Uri.parse(getString(R.string.welcome_link_url)) + ); setResult(RESULT_CANCELED); startActivity(register); } @@ -1492,9 +1550,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** * Updates the content and visibility state of the icon and text associated * to the last check on the ownCloud server. - * - * @param serverStatusText Resource identifier of the text to show. - * @param serverStatusIcon Resource identifier of the icon to show. + * */ private void showServerStatus() { if (mServerStatusIcon == 0 && mServerStatusText == 0) { @@ -1572,9 +1628,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { public void onCheckClick(View view) { CheckBox oAuth2Check = (CheckBox)view; if (oAuth2Check.isChecked()) { - mAuthTokenType = AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()); + mAuthTokenType = OAUTH_TOKEN_TYPE; } else { - mAuthTokenType = AccountTypeUtils.getAuthTokenTypePass(MainApp.getAccountType()); + mAuthTokenType = BASIC_TOKEN_TYPE; } updateAuthenticationPreFragmentVisibility(); } @@ -1583,18 +1639,21 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** * Called when the 'action' button in an IME is pressed ('enter' in software keyboard). * - * Used to trigger the authentication check when the user presses 'enter' after writing the password, - * or to throw the server test when the only field on screen is the URL input field. + * Used to trigger the authentication check when the user presses 'enter' after writing the + * password, or to throw the server test when the only field on screen is the URL input field. */ @Override public boolean onEditorAction(TextView inputField, int actionId, KeyEvent event) { - if (actionId == EditorInfo.IME_ACTION_DONE && inputField != null && inputField.equals(mPasswordInput)) { + if (actionId == EditorInfo.IME_ACTION_DONE && inputField != null && + inputField.equals(mPasswordInput)) { if (mOkButton.isEnabled()) { mOkButton.performClick(); } - } else if (actionId == EditorInfo.IME_ACTION_NEXT && inputField != null && inputField.equals(mHostUrlInput)) { - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { + } else if (actionId == EditorInfo.IME_ACTION_NEXT && inputField != null && + inputField.equals(mHostUrlInput)) { + if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType)) { checkOcServer(); } } @@ -1622,8 +1681,10 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { final int x = (int) event.getX(); final int y = (int) event.getY(); final Rect bounds = rightDrawable.getBounds(); - if (x >= (view.getRight() - bounds.width() - fuzz) && x <= (view.getRight() - view.getPaddingRight() + fuzz) - && y >= (view.getPaddingTop() - fuzz) && y <= (view.getHeight() - view.getPaddingBottom()) + fuzz) { + if ( x >= (view.getRight() - bounds.width() - fuzz) && + x <= (view.getRight() - view.getPaddingRight() + fuzz) && + y >= (view.getPaddingTop() - fuzz) && + y <= (view.getHeight() - view.getPaddingBottom()) + fuzz) { return onDrawableTouch(event); } @@ -1643,8 +1704,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { getUserNameIntent.putExtra(OperationsService.EXTRA_COOKIE, sessionCookie); if (mOperationsServiceBinder != null) { - //Log_OC.wtf(TAG, "starting getRemoteUserNameOperation..." ); - mWaitingForOpId = mOperationsServiceBinder.newOperation(getUserNameIntent); + mWaitingForOpId = mOperationsServiceBinder.queueNewOperation(getUserNameIntent); } } @@ -1672,7 +1732,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public boolean onTouchEvent(MotionEvent event) { - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType) && + if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType) && mHostUrlInput.hasFocus() && event.getAction() == MotionEvent.ACTION_DOWN) { checkOcServer(); } @@ -1683,13 +1744,16 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** * Show untrusted cert dialog */ - public void showUntrustedCertDialog(X509Certificate x509Certificate, SslError error, SslErrorHandler handler) { + public void showUntrustedCertDialog( + X509Certificate x509Certificate, SslError error, SslErrorHandler handler + ) { // Show a dialog with the certificate info SslUntrustedCertDialog dialog = null; if (x509Certificate == null) { dialog = SslUntrustedCertDialog.newInstanceForEmptySslError(error, handler); } else { - dialog = SslUntrustedCertDialog.newInstanceForFullSslError(x509Certificate, error, handler); + dialog = SslUntrustedCertDialog. + newInstanceForFullSslError(x509Certificate, error, handler); } FragmentManager fm = getSupportFragmentManager(); FragmentTransaction ft = fm.beginTransaction(); @@ -1703,7 +1767,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { */ private void showUntrustedCertDialog(RemoteOperationResult result) { // Show a dialog with the certificate info - SslUntrustedCertDialog dialog = SslUntrustedCertDialog.newInstanceForFullSslError((CertificateCombinedException)result.getException()); + SslUntrustedCertDialog dialog = SslUntrustedCertDialog. + newInstanceForFullSslError((CertificateCombinedException)result.getException()); FragmentManager fm = getSupportFragmentManager(); FragmentTransaction ft = fm.beginTransaction(); ft.addToBackStack(null); @@ -1717,7 +1782,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { public void onSavedCertificate() { Fragment fd = getSupportFragmentManager().findFragmentByTag(SAML_DIALOG_TAG); if (fd == null) { - // if SAML dialog is not shown, the SslDialog was shown due to an SSL error in the server check + // if SAML dialog is not shown, + // the SslDialog was shown due to an SSL error in the server check checkOcServer(); } } @@ -1767,8 +1833,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public void onServiceConnected(ComponentName component, IBinder service) { - if (component.equals(new ComponentName(AuthenticatorActivity.this, OperationsService.class))) { - //Log_OC.wtf(TAG, "Operations service connected"); + if (component.equals( + new ComponentName(AuthenticatorActivity.this, OperationsService.class) + )) { mOperationsServiceBinder = (OperationsServiceBinder) service; doOnResumeAndBound(); @@ -1781,7 +1848,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public void onServiceDisconnected(ComponentName component) { - if (component.equals(new ComponentName(AuthenticatorActivity.this, OperationsService.class))) { + if (component.equals( + new ComponentName(AuthenticatorActivity.this, OperationsService.class) + )) { Log_OC.e(TAG, "Operations service crashed"); mOperationsServiceBinder = null; } @@ -1797,7 +1866,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { public void createAuthenticationDialog(WebView webView, HttpAuthHandler handler) { // Show a dialog with the certificate info - CredentialsDialogFragment dialog = CredentialsDialogFragment.newInstanceForCredentials(webView, handler); + CredentialsDialogFragment dialog = + CredentialsDialogFragment.newInstanceForCredentials(webView, handler); FragmentManager fm = getSupportFragmentManager(); FragmentTransaction ft = fm.beginTransaction(); ft.addToBackStack(null); @@ -1805,7 +1875,11 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { dialog.show(ft, CREDENTIALS_DIALOG_TAG); if (!mIsFirstAuthAttempt) { - Toast.makeText(getApplicationContext(), getText(R.string.saml_authentication_wrong_pass), Toast.LENGTH_LONG).show(); + Toast.makeText( + getApplicationContext(), + getText(R.string.saml_authentication_wrong_pass), + Toast.LENGTH_LONG + ).show(); } else { mIsFirstAuthAttempt = false; } @@ -1817,4 +1891,6 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { public void doNegativeAuthenticatioDialogClick(){ mIsFirstAuthAttempt = true; } + + }