X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/blobdiff_plain/d2ee9062fad2591bcb91badbee1636812860a790..b458c92be0e4e02220316b997702d4dcad1af125:/src/com/owncloud/android/authentication/AuthenticatorActivity.java diff --git a/src/com/owncloud/android/authentication/AuthenticatorActivity.java b/src/com/owncloud/android/authentication/AuthenticatorActivity.java index e2ab0378..d844011e 100644 --- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java +++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java @@ -18,23 +18,8 @@ package com.owncloud.android.authentication; -import com.owncloud.android.Log_OC; -import com.owncloud.android.ui.dialog.SslValidatorDialog; -import com.owncloud.android.ui.dialog.SslValidatorDialog.OnSslValidatorListener; -import com.owncloud.android.utils.OwnCloudVersion; -import com.owncloud.android.network.OwnCloudClientUtils; -import com.owncloud.android.operations.OwnCloudServerCheckOperation; -import com.owncloud.android.operations.ExistenceCheckOperation; -import com.owncloud.android.operations.OAuth2GetAccessToken; -import com.owncloud.android.operations.OnRemoteOperationListener; -import com.owncloud.android.operations.RemoteOperation; -import com.owncloud.android.operations.RemoteOperationResult; -import com.owncloud.android.operations.RemoteOperationResult.ResultCode; - import android.accounts.Account; -import android.accounts.AccountAuthenticatorActivity; import android.accounts.AccountManager; -import android.annotation.SuppressLint; import android.app.AlertDialog; import android.app.Dialog; import android.app.ProgressDialog; @@ -58,17 +43,28 @@ import android.view.View.OnFocusChangeListener; import android.view.View.OnTouchListener; import android.view.Window; import android.view.inputmethod.EditorInfo; -import android.webkit.CookieManager; -import android.webkit.WebSettings; -import android.webkit.WebView; +import android.widget.Button; import android.widget.CheckBox; import android.widget.EditText; -import android.widget.Button; import android.widget.TextView; -import android.widget.Toast; import android.widget.TextView.OnEditorActionListener; +import android.widget.Toast; +import com.owncloud.android.Log_OC; import com.owncloud.android.R; +import com.owncloud.android.authentication.SsoWebViewClient.SsoWebViewClientListener; +import com.owncloud.android.network.OwnCloudClientUtils; +import com.owncloud.android.operations.ExistenceCheckOperation; +import com.owncloud.android.operations.OAuth2GetAccessToken; +import com.owncloud.android.operations.OnRemoteOperationListener; +import com.owncloud.android.operations.OwnCloudServerCheckOperation; +import com.owncloud.android.operations.RemoteOperation; +import com.owncloud.android.operations.RemoteOperationResult; +import com.owncloud.android.operations.RemoteOperationResult.ResultCode; +import com.owncloud.android.ui.dialog.SamlWebViewDialog; +import com.owncloud.android.ui.dialog.SslValidatorDialog; +import com.owncloud.android.ui.dialog.SslValidatorDialog.OnSslValidatorListener; +import com.owncloud.android.utils.OwnCloudVersion; import eu.alefzero.webdav.WebdavClient; @@ -79,7 +75,7 @@ import eu.alefzero.webdav.WebdavClient; * @author David A. Velasco */ public class AuthenticatorActivity extends AccountAuthenticatorActivity -implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener { +implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener, SsoWebViewClientListener{ private static final String TAG = AuthenticatorActivity.class.getSimpleName(); @@ -115,6 +111,8 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList public static final byte ACTION_CREATE = 0; public static final byte ACTION_UPDATE_TOKEN = 1; + private static final String TAG_SAML_DIALOG = "samlWebViewDialog"; + private String mHostBaseUrl; private OwnCloudVersion mDiscoveredVersion; @@ -146,16 +144,16 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList private EditText mPasswordInput; private CheckBox mOAuth2Check; - private String mOAuthAccessToken; private TextView mOAuthAuthEndpointText; private TextView mOAuthTokenEndpointText; private TextView mAccountNameInput; - private WebView mSsoWebView; - private SsoWebViewClient mWebViewClient; + private SamlWebViewDialog mSamlDialog; private View mOkButton; + + private String mAuthToken; /** @@ -178,7 +176,6 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mOAuthTokenEndpointText = (TextView)findViewById(R.id.oAuthEntryPoint_2); mOAuth2Check = (CheckBox) findViewById(R.id.oauth_onOff_check); mAccountNameInput = (EditText) findViewById(R.id.account_name); - mSsoWebView = (WebView) findViewById(R.id.web_sso_view); mOkButton = findViewById(R.id.buttonOK); mAuthStatusLayout = (TextView) findViewById(R.id.auth_status_text); @@ -229,7 +226,6 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mHostUrlInput.setText(mHostBaseUrl); } initAuthorizationMethod(); // checks intent and setup.xml to determine mCurrentAuthorizationMethod - mOAuth2Check.setChecked(mCurrentAuthTokenType == AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN); mJustCreated = true; if (mAction == ACTION_UPDATE_TOKEN || !mHostUrlInputEnabled) { @@ -261,6 +257,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mCurrentAuthTokenType = savedInstanceState.getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE); if (mCurrentAuthTokenType == null) { mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD; + } // check if server check was interrupted by a configuration change @@ -291,7 +288,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList if (mServerIsChecked && !mServerIsValid && refreshButtonEnabled) showRefreshButton(); mOkButton.setEnabled(mServerIsValid); // state not automatically recovered in configuration changes - if (mCurrentAuthTokenType == AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE || + if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType) || !AUTH_OPTIONAL.equals(getString(R.string.auth_method_oauth2))) { mOAuth2Check.setVisibility(View.GONE); } @@ -331,21 +328,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList } - @SuppressLint("SetJavaScriptEnabled") - private void initWebView() { - CookieManager cookieManager = CookieManager.getInstance(); - cookieManager.setAcceptCookie(true); - //cookieManager.removeSessionCookie(); - - mWebViewClient = new SsoWebViewClient(this); - mSsoWebView.setWebViewClient(mWebViewClient); - WebSettings webSettings = mSsoWebView.getSettings(); - webSettings.setJavaScriptEnabled(true); - webSettings.setBuiltInZoomControls(true); - webSettings.setLoadWithOverviewMode(false); - webSettings.setSavePassword(false); - webSettings.setUserAgentString(WebdavClient.USER_AGENT); - } + private void initAuthorizationMethod() { boolean oAuthRequired = false; @@ -380,6 +363,9 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@')); mUsernameInput.setText(userName); } + + mOAuth2Check.setChecked(AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)); + } /** @@ -419,6 +405,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList // refresh button enabled outState.putBoolean(KEY_REFRESH_BUTTON_ENABLED, (mRefreshButton.getVisibility() == View.VISIBLE)); + } @@ -459,6 +446,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList } mJustCreated = false; + } @@ -686,6 +674,7 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mAuthStatusIcon = R.drawable.progress_small; mAuthStatusText = R.string.oauth_login_connection; showAuthStatus(); + // GET AUTHORIZATION request //Uri uri = Uri.parse(getString(R.string.oauth2_url_endpoint_auth)); @@ -710,8 +699,9 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList private void startSamlBasedFederatedSingleSignOnAuthorization() { // be gentle with the user mAuthStatusIcon = R.drawable.progress_small; - mAuthStatusText = R.string.oauth_login_connection; + mAuthStatusText = R.string.auth_connecting_auth_server; showAuthStatus(); + showDialog(DIALOG_LOGIN_PROGRESS); /// get the path to the root folder through WebDAV from the version server String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType); @@ -738,17 +728,40 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList } else if (operation instanceof ExistenceCheckOperation) { if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { - if (result.isTemporalRedirection()) { - String url = result.getRedirectedLocation(); - mWebViewClient.setTargetUrl(mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType)); - mSsoWebView.loadUrl(url); - } + onSamlBasedFederatedSingleSignOnAuthorizationStart(operation, result); } else { onAuthorizationCheckFinish((ExistenceCheckOperation)operation, result); } } } + + + private void onSamlBasedFederatedSingleSignOnAuthorizationStart(RemoteOperation operation, RemoteOperationResult result) { + try { + dismissDialog(DIALOG_LOGIN_PROGRESS); + } catch (IllegalArgumentException e) { + // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens + } + + if (result.isTemporalRedirection()) { + String url = result.getRedirectedLocation(); + String targetUrl = mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType); + + // Show dialog + mSamlDialog = SamlWebViewDialog.newInstance(url, targetUrl); + mSamlDialog.show(getSupportFragmentManager(), TAG_SAML_DIALOG); + + mAuthStatusIcon = android.R.drawable.ic_secure; + mAuthStatusText = R.string.auth_follow_auth_server; + + } else { + mAuthStatusIcon = R.drawable.common_error; + mAuthStatusText = R.string.auth_unsupported_auth_method; + + } + showAuthStatus(); + } /** @@ -1004,11 +1017,11 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList showDialog(DIALOG_LOGIN_PROGRESS); /// time to test the retrieved access token on the ownCloud server - mOAuthAccessToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN); - Log_OC.d(TAG, "Got ACCESS TOKEN: " + mOAuthAccessToken); + mAuthToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN); + Log_OC.d(TAG, "Got ACCESS TOKEN: " + mAuthToken); mAuthCheckOperation = new ExistenceCheckOperation("", this, false); WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, true); - client.setBearerCredentials(mOAuthAccessToken); + client.setBearerCredentials(mAuthToken); mAuthCheckOperation.execute(client, this, mHandler); } else { @@ -1088,11 +1101,17 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList Bundle response = new Bundle(); response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type); - boolean isOAuth = mOAuth2Check.isChecked(); - if (isOAuth) { - response.putString(AccountManager.KEY_AUTHTOKEN, mOAuthAccessToken); + + if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { + response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention - mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken); + mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); + + } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); + // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention + mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); + } else { response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString()); mAccountMgr.setPassword(mAccount, mPasswordInput.getText().toString()); @@ -1110,11 +1129,15 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList */ private void createAccount() { /// create and save new ownCloud account - boolean isOAuth = mOAuth2Check.isChecked(); + boolean isOAuth = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType); + boolean isSaml = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType); Uri uri = Uri.parse(mHostBaseUrl); String username = mUsernameInput.getText().toString().trim(); - if (isOAuth) { + if (isSaml) { + username = mAccountNameInput.getText().toString().trim(); + + } else if (isOAuth) { username = "OAuth_user" + (new java.util.Random(System.currentTimeMillis())).nextLong(); } String accountName = username + "@" + uri.getHost(); @@ -1122,8 +1145,8 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList accountName += ":" + uri.getPort(); } mAccount = new Account(accountName, AccountAuthenticator.ACCOUNT_TYPE); - if (isOAuth) { - mAccountMgr.addAccountExplicitly(mAccount, "", null); // with our implementation, the password is never input in the app + if (isOAuth || isSaml) { + mAccountMgr.addAccountExplicitly(mAccount, "", null); // with external authorizations, the password is never input in the app } else { mAccountMgr.addAccountExplicitly(mAccount, mPasswordInput.getText().toString(), null); } @@ -1142,17 +1165,20 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList final Intent intent = new Intent(); intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE, AccountAuthenticator.ACCOUNT_TYPE); intent.putExtra(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); - if (!isOAuth) - intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); // TODO check this; not sure it's right; maybe + /*if (!isOAuth) + intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); */ intent.putExtra(AccountManager.KEY_USERDATA, username); - if (isOAuth) { - mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken); + if (isOAuth || isSaml) { + mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); } /// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION, mDiscoveredVersion.toString()); mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL, mHostBaseUrl); - if (isOAuth) - mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); // TODO this flag should be unnecessary + if (isSaml) { + mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO, "TRUE"); + } else if (isOAuth) { + mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); + } setAccountAuthenticatorResult(intent.getExtras()); setResult(RESULT_OK, intent); @@ -1371,7 +1397,6 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mUsernameInput.setVisibility(View.GONE); mPasswordInput.setVisibility(View.GONE); mAccountNameInput.setVisibility(View.GONE); - mSsoWebView.setVisibility(View.GONE); } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { // SAML-based web Single Sign On @@ -1380,9 +1405,6 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mUsernameInput.setVisibility(View.GONE); mPasswordInput.setVisibility(View.GONE); mAccountNameInput.setVisibility(View.VISIBLE); - mSsoWebView.setVisibility(View.VISIBLE); - initWebView(); - } else { // basic HTTP authorization mOAuthAuthEndpointText.setVisibility(View.GONE); @@ -1390,7 +1412,6 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList mUsernameInput.setVisibility(View.VISIBLE); mPasswordInput.setVisibility(View.VISIBLE); mAccountNameInput.setVisibility(View.GONE); - mSsoWebView.setVisibility(View.GONE); } } @@ -1460,4 +1481,42 @@ implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList public abstract boolean onDrawableTouch(final MotionEvent event); } + + public void onSamlDialogSuccess(String sessionCookie){ + mAuthToken = sessionCookie; + + if (sessionCookie != null && sessionCookie.length() > 0) { + Log_OC.d(TAG, "Successful SSO - time to save the account"); + mAuthToken = sessionCookie; + if (mAction == ACTION_CREATE) { + createAccount(); + + } else { + updateToken(); + } + + finish(); + + } + } + + + + @Override + public void onSsoFinished(String sessionCookie) { + //Toast.makeText(this, "got cookies: " + sessionCookie, Toast.LENGTH_LONG).show(); + + if (sessionCookie != null && sessionCookie.length() > 0) { + Log_OC.d(TAG, "Successful SSO - time to save the account"); + onSamlDialogSuccess(sessionCookie); + finish(); + + } else { + // TODO - show fail + Log_OC.d(TAG, "SSO failed"); + } + } + + + }