X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/blobdiff_plain/d60ddd81a007f045f1d6300a1407997378790a9f..daed8115880d061f1cbf8c6450d930ae1e99e8b8:/src/com/owncloud/android/authentication/AuthenticatorActivity.java diff --git a/src/com/owncloud/android/authentication/AuthenticatorActivity.java b/src/com/owncloud/android/authentication/AuthenticatorActivity.java index 1247f3f5..1e4e8b4f 100644 --- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java +++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java @@ -1,6 +1,11 @@ -/* ownCloud Android client application +/** + * ownCloud Android client application + * + * @author Bartek Przybylski + * @author David A. Velasco + * @author masensio * Copyright (C) 2012 Bartek Przybylski - * Copyright (C) 2012-2014 ownCloud Inc. + * Copyright (C) 2015 ownCloud Inc. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, @@ -50,7 +55,9 @@ import android.view.View.OnFocusChangeListener; import android.view.View.OnTouchListener; import android.view.Window; import android.view.inputmethod.EditorInfo; +import android.webkit.HttpAuthHandler; import android.webkit.SslErrorHandler; +import android.webkit.WebView; import android.widget.Button; import android.widget.CheckBox; import android.widget.EditText; @@ -62,39 +69,38 @@ import com.actionbarsherlock.app.SherlockDialogFragment; import com.owncloud.android.MainApp; import com.owncloud.android.R; import com.owncloud.android.authentication.SsoWebViewClient.SsoWebViewClientListener; +import com.owncloud.android.lib.common.OwnCloudCredentials; +import com.owncloud.android.lib.common.OwnCloudCredentialsFactory; import com.owncloud.android.lib.common.accounts.AccountTypeUtils; +import com.owncloud.android.lib.common.accounts.AccountUtils.AccountNotFoundException; import com.owncloud.android.lib.common.accounts.AccountUtils.Constants; -import com.owncloud.android.operations.DetectAuthenticationMethodOperation.AuthenticationMethod; -import com.owncloud.android.operations.GetServerInfoOperation; -import com.owncloud.android.operations.OAuth2GetAccessToken; - import com.owncloud.android.lib.common.network.CertificateCombinedException; import com.owncloud.android.lib.common.operations.OnRemoteOperationListener; import com.owncloud.android.lib.common.operations.RemoteOperation; import com.owncloud.android.lib.common.operations.RemoteOperationResult; import com.owncloud.android.lib.common.operations.RemoteOperationResult.ResultCode; -import com.owncloud.android.lib.resources.files.ExistenceCheckRemoteOperation; +import com.owncloud.android.lib.common.utils.Log_OC; +import com.owncloud.android.lib.resources.status.OwnCloudVersion; import com.owncloud.android.lib.resources.users.GetRemoteUserNameOperation; - +import com.owncloud.android.operations.DetectAuthenticationMethodOperation.AuthenticationMethod; +import com.owncloud.android.operations.GetServerInfoOperation; +import com.owncloud.android.operations.OAuth2GetAccessToken; import com.owncloud.android.services.OperationsService; import com.owncloud.android.services.OperationsService.OperationsServiceBinder; +import com.owncloud.android.ui.dialog.CredentialsDialogFragment; import com.owncloud.android.ui.dialog.IndeterminateProgressDialog; import com.owncloud.android.ui.dialog.SamlWebViewDialog; import com.owncloud.android.ui.dialog.SslUntrustedCertDialog; import com.owncloud.android.ui.dialog.SslUntrustedCertDialog.OnSslUntrustedCertListener; -import com.owncloud.android.utils.Log_OC; -import com.owncloud.android.lib.resources.status.OwnCloudVersion; +import com.owncloud.android.utils.DisplayUtils; /** * This Activity is used to add an ownCloud account to the App - * - * @author Bartek Przybylski - * @author David A. Velasco - * @author masensio */ public class AuthenticatorActivity extends AccountAuthenticatorActivity -implements OnRemoteOperationListener, OnFocusChangeListener, OnEditorActionListener, -SsoWebViewClientListener, OnSslUntrustedCertListener { + implements OnRemoteOperationListener, OnFocusChangeListener, OnEditorActionListener, + SsoWebViewClientListener, OnSslUntrustedCertListener, + AuthenticatorAsyncTask.OnAuthenticatorTaskListener { private static final String TAG = AuthenticatorActivity.class.getSimpleName(); @@ -114,7 +120,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private static final String KEY_AUTH_STATUS_TEXT = "AUTH_STATUS_TEXT"; private static final String KEY_AUTH_STATUS_ICON = "AUTH_STATUS_ICON"; private static final String KEY_SERVER_AUTH_METHOD = "SERVER_AUTH_METHOD"; - private static final String KEY_WAITING_FOR_OP_ID = "DETECT_AUTH_OP_ID"; + private static final String KEY_WAITING_FOR_OP_ID = "WAITING_FOR_OP_ID"; private static final String KEY_AUTH_TOKEN = "AUTH_TOKEN"; private static final String AUTH_ON = "on"; @@ -127,7 +133,12 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private static final String UNTRUSTED_CERT_DIALOG_TAG = "UNTRUSTED_CERT_DIALOG"; private static final String SAML_DIALOG_TAG = "SAML_DIALOG"; private static final String WAIT_DIALOG_TAG = "WAIT_DIALOG"; + private static final String CREDENTIALS_DIALOG_TAG = "CREDENTIALS_DIALOG"; + private static final String KEY_AUTH_IS_FIRST_ATTEMPT_TAG = "KEY_AUTH_IS_FIRST_ATTEMPT"; + private static final String KEY_USERNAME = "USERNAME"; + private static final String KEY_PASSWORD = "PASSWORD"; + private static final String KEY_ASYNC_TASK_IN_PROGRESS = "AUTH_IN_PROGRESS"; /// parameters from EXTRAs in starter Intent private byte mAction; @@ -171,12 +182,19 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private int mAuthStatusText = 0, mAuthStatusIcon = 0; private String mAuthToken = ""; + private AuthenticatorAsyncTask mAsyncTask; + private boolean mIsFirstAuthAttempt; /// Identifier of operation in progress which result shouldn't be lost private long mWaitingForOpId = Long.MAX_VALUE; - + private final String BASIC_TOKEN_TYPE = AccountTypeUtils.getAuthTokenTypePass(MainApp.getAccountType()); + private final String OAUTH_TOKEN_TYPE = AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()); + private final String SAML_TOKEN_TYPE = + AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()); + + /** * {@inheritDoc} * @@ -188,6 +206,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { super.onCreate(savedInstanceState); getWindow().requestFeature(Window.FEATURE_NO_TITLE); + mIsFirstAuthAttempt = true; + // bind to Operations Service mOperationsServiceConnection = new OperationsServiceConnection(); if (!bindService(new Intent(this, OperationsService.class), @@ -212,13 +232,14 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } else { mAuthTokenType = savedInstanceState.getString(KEY_AUTH_TOKEN_TYPE); mWaitingForOpId = savedInstanceState.getLong(KEY_WAITING_FOR_OP_ID); + mIsFirstAuthAttempt = savedInstanceState.getBoolean(KEY_AUTH_IS_FIRST_ATTEMPT_TAG); } /// load user interface setContentView(R.layout.account_setup); /// initialize general UI elements - initOverallUi(savedInstanceState); + initOverallUi(); mOkButton = findViewById(R.id.buttonOK); @@ -238,13 +259,17 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (mAccount != null) { boolean oAuthRequired = (mAccountMgr.getUserData(mAccount, Constants.KEY_SUPPORTS_OAUTH2) != null); - boolean samlWebSsoRequired = - (mAccountMgr.getUserData(mAccount, Constants.KEY_SUPPORTS_SAML_WEB_SSO) != null); + boolean samlWebSsoRequired = ( + mAccountMgr.getUserData( + mAccount, Constants.KEY_SUPPORTS_SAML_WEB_SSO + ) != null + ); mAuthTokenType = chooseAuthTokenType(oAuthRequired, samlWebSsoRequired); } else { boolean oAuthSupported = AUTH_ON.equals(getString(R.string.auth_method_oauth2)); - boolean samlWebSsoSupported = AUTH_ON.equals(getString(R.string.auth_method_saml_web_sso)); + boolean samlWebSsoSupported = + AUTH_ON.equals(getString(R.string.auth_method_saml_web_sso)); mAuthTokenType = chooseAuthTokenType(oAuthSupported, samlWebSsoSupported); } } @@ -252,21 +277,19 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private String chooseAuthTokenType(boolean oauth, boolean saml) { if (saml) { - return AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()); + return SAML_TOKEN_TYPE; } else if (oauth) { - return AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()); + return OAUTH_TOKEN_TYPE; } else { - return AccountTypeUtils.getAuthTokenTypePass(MainApp.getAccountType()); + return BASIC_TOKEN_TYPE; } } /** * Configures elements in the user interface under direct control of the Activity. - * - * @param savedInstanceState Saved activity state, as in {{@link #onCreate(Bundle)} */ - private void initOverallUi(Bundle savedInstanceState) { + private void initOverallUi() { /// step 1 - load and process relevant inputs (resources, intent, savedInstanceState) boolean isWelcomeLinkVisible = getResources().getBoolean(R.bool.show_welcome_link); @@ -313,7 +336,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (savedInstanceState == null) { if (mAccount != null) { mServerInfo.mBaseUrl = mAccountMgr.getUserData(mAccount, Constants.KEY_OC_BASE_URL); - mServerInfo.mIsSslConn = mServerInfo.mBaseUrl.startsWith("https://"); // TODO do this in a setter for mBaseUrl + // TODO do next in a setter for mBaseUrl + mServerInfo.mIsSslConn = mServerInfo.mBaseUrl.startsWith("https://"); String ocVersion = mAccountMgr.getUserData(mAccount, Constants.KEY_OC_VERSION); if (ocVersion != null) { mServerInfo.mVersion = new OwnCloudVersion(ocVersion); @@ -343,7 +367,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /// step 2 - set properties of UI elements (text, visibility, enabled...) mHostUrlInput = (EditText) findViewById(R.id.hostUrlInput); - mHostUrlInput.setText(mServerInfo.mBaseUrl); + // Convert IDN to Unicode + mHostUrlInput.setText(DisplayUtils.convertIdn(mServerInfo.mBaseUrl, false)); if (mAction != ACTION_CREATE) { /// lock things that should not change mHostUrlInput.setEnabled(false); @@ -397,8 +422,12 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public boolean onTouch(View view, MotionEvent event) { if (event.getAction() == MotionEvent.ACTION_DOWN) { - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType) && - mHostUrlInput.hasFocus()) { + if ( + AccountTypeUtils.getAuthTokenTypeSamlSessionCookie( + MainApp.getAccountType() + ).equals(mAuthTokenType) && + mHostUrlInput.hasFocus() + ) { checkOcServer(); } } @@ -526,10 +555,11 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** * Saves relevant state before {@link #onPause()} * - * Do NOT save {@link #mNewCapturedUriFromOAuth2Redirection}; it keeps a temporal flag, intended to defer the - * processing of the redirection caught in {@link #onNewIntent(Intent)} until {@link #onResume()} + * Do NOT save {@link #mNewCapturedUriFromOAuth2Redirection}; it keeps a temporal flag, + * intended to defer the processing of the redirection caught in + * {@link #onNewIntent(Intent)} until {@link #onResume()} * - * See {@link #loadSavedInstanceState(Bundle)} + * See {@link #onSaveInstanceState(Bundle)} */ @Override protected void onSaveInstanceState(Bundle outState) { @@ -558,16 +588,52 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { outState.putInt(KEY_AUTH_STATUS_TEXT, mAuthStatusText); outState.putString(KEY_AUTH_TOKEN, mAuthToken); + /// authentication + outState.putBoolean(KEY_AUTH_IS_FIRST_ATTEMPT_TAG, mIsFirstAuthAttempt); + + /// AsyncTask (User and password) + outState.putString(KEY_USERNAME, mUsernameInput.getText().toString()); + outState.putString(KEY_PASSWORD, mPasswordInput.getText().toString()); + + if (mAsyncTask != null) { + mAsyncTask.cancel(true); + outState.putBoolean(KEY_ASYNC_TASK_IN_PROGRESS, true); + } else { + outState.putBoolean(KEY_ASYNC_TASK_IN_PROGRESS, false); + } + mAsyncTask = null; + //Log_OC.wtf(TAG, "onSaveInstanceState end" ); } + @Override + public void onRestoreInstanceState(Bundle savedInstanceState) { + super.onRestoreInstanceState(savedInstanceState); + + // AsyncTask + boolean inProgress = savedInstanceState.getBoolean(KEY_ASYNC_TASK_IN_PROGRESS); + if (inProgress){ + String username = savedInstanceState.getString(KEY_USERNAME); + String password = savedInstanceState.getString(KEY_PASSWORD); + + OwnCloudCredentials credentials = null; + if (BASIC_TOKEN_TYPE.equals(mAuthTokenType)) { + credentials = OwnCloudCredentialsFactory.newBasicCredentials(username, password); + + } else if (OAUTH_TOKEN_TYPE.equals(mAuthTokenType)) { + credentials = OwnCloudCredentialsFactory.newBearerCredentials(mAuthToken); + + } + accessRootFolder(credentials); + } + } /** - * The redirection triggered by the OAuth authentication server as response to the GET AUTHORIZATION request - * is caught here. + * The redirection triggered by the OAuth authentication server as response to the + * GET AUTHORIZATION request is caught here. * - * To make this possible, this activity needs to be qualified with android:launchMode = "singleTask" in the - * AndroidManifest.xml file. + * To make this possible, this activity needs to be qualified with android:launchMode = + * "singleTask" in the AndroidManifest.xml file. */ @Override protected void onNewIntent (Intent intent) { @@ -580,12 +646,11 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** - * The redirection triggered by the OAuth authentication server as response to the GET AUTHORIZATION, and - * deferred in {@link #onNewIntent(Intent)}, is processed here. + * The redirection triggered by the OAuth authentication server as response to the + * GET AUTHORIZATION, and deferred in {@link #onNewIntent(Intent)}, is processed here. */ @Override protected void onResume() { - //Log_OC.wtf(TAG, "onResume init" ); super.onResume(); // bound here to avoid spurious changes triggered by Android on device rotations @@ -600,15 +665,12 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { doOnResumeAndBound(); } - //Log_OC.wtf(TAG, "onResume end" ); } @Override protected void onPause() { - //Log_OC.wtf(TAG, "onPause init" ); if (mOperationsServiceBinder != null) { - //Log_OC.wtf(TAG, "unregistering to listen for operation callbacks" ); mOperationsServiceBinder.removeOperationListener(this); } @@ -616,7 +678,6 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { mHostUrlInput.setOnFocusChangeListener(null); super.onPause(); - //Log_OC.wtf(TAG, "onPause end" ); } @Override @@ -660,7 +721,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (mOperationsServiceBinder != null) { //Log_OC.wtf(TAG, "getting access token..." ); - mWaitingForOpId = mOperationsServiceBinder.newOperation(getServerInfoIntent); + mWaitingForOpId = mOperationsServiceBinder.queueNewOperation(getServerInfoIntent); } } @@ -672,14 +733,14 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { public void onFocusChange(View view, boolean hasFocus) { if (view.getId() == R.id.hostUrlInput) { if (!hasFocus) { - onUrlInputFocusLost((TextView) view); + onUrlInputFocusLost(); } else { showRefreshButton(false); } } else if (view.getId() == R.id.account_password) { - onPasswordFocusChanged((TextView) view, hasFocus); + onPasswordFocusChanged(hasFocus); } } @@ -692,10 +753,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * started. * * When hasFocus: user 'comes back' to write again the server URL. - * - * @param hostInput TextView with the URL input field receiving the change of focus. */ - private void onUrlInputFocusLost(TextView hostInput) { + private void onUrlInputFocusLost() { if (!mServerInfo.mBaseUrl.equals( normalizeUrl(mHostUrlInput.getText().toString(), mServerInfo.mIsSslConn))) { // check server again only if the user changed something in the field @@ -716,17 +775,20 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { showRefreshButton(false); if (uri.length() != 0) { + // Handle internationalized domain names + uri = DisplayUtils.convertIdn(uri, true); mServerStatusText = R.string.auth_testing_connection; mServerStatusIcon = R.drawable.progress_small; showServerStatus(); Intent getServerInfoIntent = new Intent(); getServerInfoIntent.setAction(OperationsService.ACTION_GET_SERVER_INFO); - getServerInfoIntent.putExtra(OperationsService.EXTRA_SERVER_URL, uri); - getServerInfoIntent.putExtra(OperationsService.EXTRA_AUTH_TOKEN_TYPE, mAuthTokenType); + getServerInfoIntent.putExtra( + OperationsService.EXTRA_SERVER_URL, + normalizeUrlSuffix(uri) + ); if (mOperationsServiceBinder != null) { - //Log_OC.wtf(TAG, "checking server..." ); - mWaitingForOpId = mOperationsServiceBinder.newOperation(getServerInfoIntent); + mWaitingForOpId = mOperationsServiceBinder.queueNewOperation(getServerInfoIntent); } else { Log_OC.wtf(TAG, "Server check tried with OperationService unbound!" ); } @@ -746,10 +808,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * * When (!hasFocus), the button is made invisible and the password is hidden. * - * @param passwordInput TextView with the password input field receiving the change of focus. * @param hasFocus 'True' if focus is received, 'false' if is lost */ - private void onPasswordFocusChanged(TextView passwordInput, boolean hasFocus) { + private void onPasswordFocusChanged(boolean hasFocus) { if (hasFocus) { showViewPasswordButton(); } else { @@ -768,7 +829,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } private boolean isPasswordVisible() { - return ((mPasswordInput.getInputType() & InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD) == InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD); + return ((mPasswordInput.getInputType() & InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD) == + InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD); } private void hidePasswordButton() { @@ -776,12 +838,16 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } private void showPassword() { - mPasswordInput.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD); + mPasswordInput.setInputType( + InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_VISIBLE_PASSWORD + ); showViewPasswordButton(); } private void hidePassword() { - mPasswordInput.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD); + mPasswordInput.setInputType( + InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD + ); showViewPasswordButton(); } @@ -809,13 +875,16 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { mServerStatusText = R.string.auth_wtf_reenter_URL; showServerStatus(); mOkButton.setEnabled(false); - //Log_OC.wtf(TAG, "The user was allowed to click 'connect' to an unchecked server!!"); return; } - if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType)) { + if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()). + equals(mAuthTokenType)) { + startOauthorization(); - } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { + } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType)) { + startSamlBasedFederatedSingleSignOnAuthorization(); } else { checkBasicAuthorization(); @@ -828,9 +897,6 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * the root folder of the ownCloud server. */ private void checkBasicAuthorization() { - /// get the path to the root folder through WebDAV from the version server - String webdav_path = AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); - /// get basic credentials entered by user String username = mUsernameInput.getText().toString(); String password = mPasswordInput.getText().toString(); @@ -840,33 +906,18 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { IndeterminateProgressDialog.newInstance(R.string.auth_trying_to_login, true); dialog.show(getSupportFragmentManager(), WAIT_DIALOG_TAG); - /// test credentials accessing the root folder - String remotePath =""; - boolean successIfAbsent = false; - boolean followRedirects = true; - startExistenceCheckRemoteOperation(remotePath, this, successIfAbsent, webdav_path, username, password, followRedirects); - + /// validate credentials accessing the root folder + OwnCloudCredentials credentials = OwnCloudCredentialsFactory.newBasicCredentials(username, password); + accessRootFolder(credentials); } - private void startExistenceCheckRemoteOperation(String remotePath, Context context, boolean successIfAbsent, String webdav_path, - String username, String password, boolean followRedirects) { - Intent existenceCheckIntent = new Intent(); - existenceCheckIntent.setAction(OperationsService.ACTION_EXISTENCE_CHECK); - existenceCheckIntent.putExtra(OperationsService.EXTRA_SERVER_URL, mServerInfo.mBaseUrl); - existenceCheckIntent.putExtra(OperationsService.EXTRA_REMOTE_PATH, remotePath); - existenceCheckIntent.putExtra(OperationsService.EXTRA_SUCCESS_IF_ABSENT, successIfAbsent); - existenceCheckIntent.putExtra(OperationsService.EXTRA_WEBDAV_PATH, webdav_path); - existenceCheckIntent.putExtra(OperationsService.EXTRA_USERNAME, username); - existenceCheckIntent.putExtra(OperationsService.EXTRA_PASSWORD, password); - existenceCheckIntent.putExtra(OperationsService.EXTRA_AUTH_TOKEN, mAuthToken); - existenceCheckIntent.putExtra(OperationsService.EXTRA_FOLLOW_REDIRECTS, followRedirects); - - if (mOperationsServiceBinder != null) { - //Log_OC.wtf(TAG, "starting existenceCheckRemoteOperation..." ); - mWaitingForOpId = mOperationsServiceBinder.newOperation(existenceCheckIntent); - } + private void accessRootFolder(OwnCloudCredentials credentials) { + mAsyncTask = new AuthenticatorAsyncTask(this); + Object[] params = { mServerInfo.mBaseUrl, credentials }; + mAsyncTask.execute(params); } + /** * Starts the OAuth 'grant type' flow to get an access token, with * a GET AUTHORIZATION request to the BUILT-IN authorization server. @@ -880,10 +931,18 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { // GET AUTHORIZATION request Uri uri = Uri.parse(mOAuthAuthEndpointText.getText().toString().trim()); Uri.Builder uriBuilder = uri.buildUpon(); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_RESPONSE_TYPE, getString(R.string.oauth2_response_type)); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_REDIRECT_URI, getString(R.string.oauth2_redirect_uri)); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_CLIENT_ID, getString(R.string.oauth2_client_id)); - uriBuilder.appendQueryParameter(OAuth2Constants.KEY_SCOPE, getString(R.string.oauth2_scope)); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_RESPONSE_TYPE, getString(R.string.oauth2_response_type) + ); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_REDIRECT_URI, getString(R.string.oauth2_redirect_uri) + ); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_CLIENT_ID, getString(R.string.oauth2_client_id) + ); + uriBuilder.appendQueryParameter( + OAuth2Constants.KEY_SCOPE, getString(R.string.oauth2_scope) + ); uri = uriBuilder.build(); Log_OC.d(TAG, "Starting browser to view " + uri.toString()); Intent i = new Intent(Intent.ACTION_VIEW, uri); @@ -896,23 +955,16 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * in the server. */ private void startSamlBasedFederatedSingleSignOnAuthorization() { - // be gentle with the user + /// be gentle with the user mAuthStatusIcon = R.drawable.progress_small; mAuthStatusText = R.string.auth_connecting_auth_server; showAuthStatus(); - IndeterminateProgressDialog dialog = - IndeterminateProgressDialog.newInstance(R.string.auth_trying_to_login, true); - dialog.show(getSupportFragmentManager(), WAIT_DIALOG_TAG); - - /// get the path to the root folder through WebDAV from the version server - String webdav_path = AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); - - /// test credentials accessing the root folder - String remotePath =""; - boolean successIfAbsent = false; - boolean followRedirections = false; - startExistenceCheckRemoteOperation(remotePath, this, successIfAbsent, webdav_path, "", "", followRedirections); + /// Show SAML-based SSO web dialog + String targetUrl = mServerInfo.mBaseUrl + + AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); + SamlWebViewDialog dialog = SamlWebViewDialog.newInstance(targetUrl, targetUrl); + dialog.show(getSupportFragmentManager(), SAML_DIALOG_TAG); } /** @@ -932,14 +984,6 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } else if (operation instanceof OAuth2GetAccessToken) { onGetOAuthAccessTokenFinish(result); - } else if (operation instanceof ExistenceCheckRemoteOperation) { - //Log_OC.wtf(TAG, "received detection response through callback" ); - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { - onSamlBasedFederatedSingleSignOnAuthorizationStart(result); - - } else { - onAuthorizationCheckFinish(result); - } } else if (operation instanceof GetRemoteUserNameOperation) { onGetUserNameFinish(result); } @@ -959,13 +1003,21 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { if (!mUsernameInput.getText().toString().equals(username)) { // fail - not a new account, but an existing one; disallow - result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); + result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); + mAuthToken = ""; updateAuthStatusIconAndText(result); showAuthStatus(); Log_OC.d(TAG, result.getLogMessage()); } else { - updateToken(); - success = true; + try { + updateAccountAuthentication(); + success = true; + + } catch (AccountNotFoundException e) { + Log_OC.e(TAG, "Account " + mAccount + " was removed!", e); + Toast.makeText(this, R.string.auth_account_does_not_exist, Toast.LENGTH_SHORT).show(); + finish(); + } } } @@ -979,36 +1031,10 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } - private void onSamlBasedFederatedSingleSignOnAuthorizationStart(RemoteOperationResult result) { - mWaitingForOpId = Long.MAX_VALUE; - dismissDialog(WAIT_DIALOG_TAG); - - if (result.isIdPRedirection()) { - String url = result.getRedirectedLocation(); - String targetUrl = mServerInfo.mBaseUrl - + AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); - - // Show dialog - SamlWebViewDialog dialog = SamlWebViewDialog.newInstance(url, targetUrl); - dialog.show(getSupportFragmentManager(), SAML_DIALOG_TAG); - - mAuthStatusIcon = 0; - mAuthStatusText = 0; - - } else { - mAuthStatusIcon = R.drawable.common_error; - mAuthStatusText = R.string.auth_unsupported_auth_method; - - } - showAuthStatus(); - } - - /** * Processes the result of the server check performed when the user finishes the enter of the * server URL. - * - * @param operation Server check performed. + * * @param result Result of the check. */ private void onGetServerInfoFinish(RemoteOperationResult result) { @@ -1053,16 +1079,12 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { private boolean authSupported(AuthenticationMethod authMethod) { - String basic = AccountTypeUtils.getAuthTokenTypePass(MainApp.getAccountType()); - String oAuth = AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()); - String saml = AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()); - - return (( mAuthTokenType.equals(basic) && - authMethod.equals(AuthenticationMethod.BASIC_HTTP_AUTH) ) || - ( mAuthTokenType.equals(oAuth) && - authMethod.equals(AuthenticationMethod.BEARER_TOKEN)) || - ( mAuthTokenType.equals(saml) && - authMethod.equals(AuthenticationMethod.SAML_WEB_SSO)) + return (( BASIC_TOKEN_TYPE.equals(mAuthTokenType) && + AuthenticationMethod.BASIC_HTTP_AUTH.equals(authMethod) ) || + ( OAUTH_TOKEN_TYPE.equals(mAuthTokenType) && + AuthenticationMethod.BEARER_TOKEN.equals(authMethod)) || + ( SAML_TOKEN_TYPE.equals(mAuthTokenType) && + AuthenticationMethod.SAML_WEB_SSO.equals(authMethod)) ); } @@ -1079,16 +1101,20 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { url = "http://" + url; } } - - url = trimUrlWebdav(url); - - if (url.endsWith("/")) { - url = url.substring(0, url.length() - 1); - } - + + url = normalizeUrlSuffix(url); } return (url != null ? url : ""); } + + + private String normalizeUrlSuffix(String url) { + if (url.endsWith("/")) { + url = url.substring(0, url.length() - 1); + } + url = trimUrlWebdav(url); + return url; + } // TODO remove, if possible @@ -1174,6 +1200,10 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { case UNKNOWN_ERROR: mServerStatusText = R.string.auth_unknown_error_title; break; + case OK_REDIRECT_TO_NON_SECURE_CONNECTION: + mServerStatusIcon = android.R.drawable.ic_partial_secure; + mServerStatusText = R.string.auth_redirect_non_secure_connection_title; + break; default: mServerStatusText = 0; mServerStatusIcon = 0; @@ -1284,8 +1314,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { mWaitingForOpId = Long.MAX_VALUE; dismissDialog(WAIT_DIALOG_TAG); - String webdav_path = AccountUtils.getWebdavPath(mServerInfo.mVersion, mAuthTokenType); - if (result.isSuccess() && webdav_path != null) { + if (result.isSuccess()) { /// be gentle with the user IndeterminateProgressDialog dialog = IndeterminateProgressDialog.newInstance(R.string.auth_trying_to_login, true); @@ -1295,13 +1324,11 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @SuppressWarnings("unchecked") Map tokens = (Map)(result.getData().get(0)); mAuthToken = tokens.get(OAuth2Constants.KEY_ACCESS_TOKEN); - //mAuthToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN); Log_OC.d(TAG, "Got ACCESS TOKEN: " + mAuthToken); - - String remotePath =""; - boolean successIfAbsent = false; - boolean followRedirects = true; - startExistenceCheckRemoteOperation(remotePath, this, successIfAbsent, webdav_path, "", "", followRedirects); + + /// validate token accessing to root folder / getting session + OwnCloudCredentials credentials = OwnCloudCredentialsFactory.newBearerCredentials(mAuthToken); + accessRootFolder(credentials); } else { updateAuthStatusIconAndText(result); @@ -1315,11 +1342,11 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * Processes the result of the access check performed to try the user credentials. * * Creates a new account through the AccountManager. - * - * @param operation Access check performed. + * * @param result Result of the operation. */ - private void onAuthorizationCheckFinish(RemoteOperationResult result) { + @Override + public void onAuthenticatorTaskCallback(RemoteOperationResult result) { mWaitingForOpId = Long.MAX_VALUE; dismissDialog(WAIT_DIALOG_TAG); @@ -1331,15 +1358,22 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { success = createAccount(); } else { - updateToken(); - success = true; + try { + updateAccountAuthentication(); + success = true; + + } catch (AccountNotFoundException e) { + Log_OC.e(TAG, "Account " + mAccount + " was removed!", e); + Toast.makeText(this, R.string.auth_account_does_not_exist, Toast.LENGTH_SHORT).show(); + finish(); + } } if (success) { finish(); } - } else if (result.isServerFail() || result.isException()) { + } else if (result.isServerFail() || result.isException()) { /// server errors or exceptions in authorization take to requiring a new check of /// the server mServerIsChecked = true; @@ -1357,7 +1391,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { showRefreshButton(true); mOkButton.setEnabled(false); - // very special case (TODO: move to a common place for all the remote operations) (dangerous here?) + // very special case (TODO: move to a common place for all the remote operations) if (result.getCode() == ResultCode.SSL_RECOVERABLE_PEER_UNVERIFIED) { showUntrustedCertDialog(result); } @@ -1373,23 +1407,33 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** - * Sets the proper response to get that the Account Authenticator that started this activity saves - * a new authorization token for mAccount. + * Updates the authentication token. + * + * Sets the proper response so that the AccountAuthenticator that started this activity + * saves a new authorization token for mAccount. + * + * Kills the session kept by OwnCloudClientManager so that a new one will created with + * the new credentials when needed. */ - private void updateToken() { + private void updateAccountAuthentication() throws AccountNotFoundException { + Bundle response = new Bundle(); response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type); - if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType)) { + if (AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()). + equals(mAuthTokenType)) { response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); - // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention + // the next line is necessary, notifications are calling directly to the + // AuthenticatorActivity to update, without AccountManager intervention mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken); - } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { + } else if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType)) { response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); - // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention + // the next line is necessary; by now, notifications are calling directly to the + // AuthenticatorActivity to update, without AccountManager intervention mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken); } else { @@ -1410,18 +1454,18 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { */ private boolean createAccount() { /// create and save new ownCloud account - boolean isOAuth = AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType); - boolean isSaml = AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType); + boolean isOAuth = AccountTypeUtils. + getAuthTokenTypeAccessToken(MainApp.getAccountType()).equals(mAuthTokenType); + boolean isSaml = AccountTypeUtils. + getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType); Uri uri = Uri.parse(mServerInfo.mBaseUrl); String username = mUsernameInput.getText().toString().trim(); if (isOAuth) { username = "OAuth_user" + (new java.util.Random(System.currentTimeMillis())).nextLong(); - } - String accountName = username + "@" + uri.getHost(); - if (uri.getPort() >= 0) { - accountName += ":" + uri.getPort(); } + String accountName = com.owncloud.android.lib.common.accounts.AccountUtils. + buildAccountName(uri, username); Account newAccount = new Account(accountName, MainApp.getAccountType()); if (AccountUtils.exists(newAccount, getApplicationContext())) { // fail - not a new account, but an existing one; disallow @@ -1435,9 +1479,12 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { mAccount = newAccount; if (isOAuth || isSaml) { - mAccountMgr.addAccountExplicitly(mAccount, "", null); // with external authorizations, the password is never input in the app + // with external authorizations, the password is never input in the app + mAccountMgr.addAccountExplicitly(mAccount, "", null); } else { - mAccountMgr.addAccountExplicitly(mAccount, mPasswordInput.getText().toString(), null); + mAccountMgr.addAccountExplicitly( + mAccount, mPasswordInput.getText().toString(), null + ); } /// add the new account as default in preferences, if there is none already @@ -1450,20 +1497,24 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { } /// prepare result to return to the Authenticator - // TODO check again what the Authenticator makes with it; probably has the same effect as addAccountExplicitly, but it's not well done + // TODO check again what the Authenticator makes with it; probably has the same + // effect as addAccountExplicitly, but it's not well done final Intent intent = new Intent(); intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE, MainApp.getAccountType()); intent.putExtra(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); - /*if (!isOAuth) - intent.putExtra(AccountManager.KEY_AUTHTOKEN, MainApp.getAccountType()); */ intent.putExtra(AccountManager.KEY_USERDATA, username); if (isOAuth || isSaml) { mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken); } - /// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA - mAccountMgr.setUserData(mAccount, Constants.KEY_OC_VERSION, mServerInfo.mVersion.getVersion()); - mAccountMgr.setUserData(mAccount, Constants.KEY_OC_BASE_URL, mServerInfo.mBaseUrl); - + /// add user data to the new account; TODO probably can be done in the last parameter + // addAccountExplicitly, or in KEY_USERDATA + mAccountMgr.setUserData( + mAccount, Constants.KEY_OC_VERSION, mServerInfo.mVersion.getVersion() + ); + mAccountMgr.setUserData( + mAccount, Constants.KEY_OC_BASE_URL, mServerInfo.mBaseUrl + ); + if (isSaml) { mAccountMgr.setUserData(mAccount, Constants.KEY_SUPPORTS_SAML_WEB_SSO, "TRUE"); } else if (isOAuth) { @@ -1484,7 +1535,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { * @param view 'Account register' button */ public void onRegisterClick(View view) { - Intent register = new Intent(Intent.ACTION_VIEW, Uri.parse(getString(R.string.welcome_link_url))); + Intent register = new Intent( + Intent.ACTION_VIEW, Uri.parse(getString(R.string.welcome_link_url)) + ); setResult(RESULT_CANCELED); startActivity(register); } @@ -1493,9 +1546,7 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** * Updates the content and visibility state of the icon and text associated * to the last check on the ownCloud server. - * - * @param serverStatusText Resource identifier of the text to show. - * @param serverStatusIcon Resource identifier of the icon to show. + * */ private void showServerStatus() { if (mServerStatusIcon == 0 && mServerStatusText == 0) { @@ -1573,9 +1624,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { public void onCheckClick(View view) { CheckBox oAuth2Check = (CheckBox)view; if (oAuth2Check.isChecked()) { - mAuthTokenType = AccountTypeUtils.getAuthTokenTypeAccessToken(MainApp.getAccountType()); + mAuthTokenType = OAUTH_TOKEN_TYPE; } else { - mAuthTokenType = AccountTypeUtils.getAuthTokenTypePass(MainApp.getAccountType()); + mAuthTokenType = BASIC_TOKEN_TYPE; } updateAuthenticationPreFragmentVisibility(); } @@ -1584,18 +1635,21 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** * Called when the 'action' button in an IME is pressed ('enter' in software keyboard). * - * Used to trigger the authentication check when the user presses 'enter' after writing the password, - * or to throw the server test when the only field on screen is the URL input field. + * Used to trigger the authentication check when the user presses 'enter' after writing the + * password, or to throw the server test when the only field on screen is the URL input field. */ @Override public boolean onEditorAction(TextView inputField, int actionId, KeyEvent event) { - if (actionId == EditorInfo.IME_ACTION_DONE && inputField != null && inputField.equals(mPasswordInput)) { + if (actionId == EditorInfo.IME_ACTION_DONE && inputField != null && + inputField.equals(mPasswordInput)) { if (mOkButton.isEnabled()) { mOkButton.performClick(); } - } else if (actionId == EditorInfo.IME_ACTION_NEXT && inputField != null && inputField.equals(mHostUrlInput)) { - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType)) { + } else if (actionId == EditorInfo.IME_ACTION_NEXT && inputField != null && + inputField.equals(mHostUrlInput)) { + if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType)) { checkOcServer(); } } @@ -1623,8 +1677,10 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { final int x = (int) event.getX(); final int y = (int) event.getY(); final Rect bounds = rightDrawable.getBounds(); - if (x >= (view.getRight() - bounds.width() - fuzz) && x <= (view.getRight() - view.getPaddingRight() + fuzz) - && y >= (view.getPaddingTop() - fuzz) && y <= (view.getHeight() - view.getPaddingBottom()) + fuzz) { + if ( x >= (view.getRight() - bounds.width() - fuzz) && + x <= (view.getRight() - view.getPaddingRight() + fuzz) && + y >= (view.getPaddingTop() - fuzz) && + y <= (view.getHeight() - view.getPaddingBottom()) + fuzz) { return onDrawableTouch(event); } @@ -1642,11 +1698,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { getUserNameIntent.setAction(OperationsService.ACTION_GET_USER_NAME); getUserNameIntent.putExtra(OperationsService.EXTRA_SERVER_URL, mServerInfo.mBaseUrl); getUserNameIntent.putExtra(OperationsService.EXTRA_COOKIE, sessionCookie); - getUserNameIntent.putExtra(OperationsService.EXTRA_FOLLOW_REDIRECTS, followRedirects); if (mOperationsServiceBinder != null) { - //Log_OC.wtf(TAG, "starting getRemoteUserNameOperation..." ); - mWaitingForOpId = mOperationsServiceBinder.newOperation(getUserNameIntent); + mWaitingForOpId = mOperationsServiceBinder.queueNewOperation(getUserNameIntent); } } @@ -1674,7 +1728,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public boolean onTouchEvent(MotionEvent event) { - if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()).equals(mAuthTokenType) && + if (AccountTypeUtils.getAuthTokenTypeSamlSessionCookie(MainApp.getAccountType()). + equals(mAuthTokenType) && mHostUrlInput.hasFocus() && event.getAction() == MotionEvent.ACTION_DOWN) { checkOcServer(); } @@ -1685,13 +1740,16 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { /** * Show untrusted cert dialog */ - public void showUntrustedCertDialog(X509Certificate x509Certificate, SslError error, SslErrorHandler handler) { + public void showUntrustedCertDialog( + X509Certificate x509Certificate, SslError error, SslErrorHandler handler + ) { // Show a dialog with the certificate info SslUntrustedCertDialog dialog = null; if (x509Certificate == null) { dialog = SslUntrustedCertDialog.newInstanceForEmptySslError(error, handler); } else { - dialog = SslUntrustedCertDialog.newInstanceForFullSslError(x509Certificate, error, handler); + dialog = SslUntrustedCertDialog. + newInstanceForFullSslError(x509Certificate, error, handler); } FragmentManager fm = getSupportFragmentManager(); FragmentTransaction ft = fm.beginTransaction(); @@ -1699,12 +1757,14 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { dialog.show(ft, UNTRUSTED_CERT_DIALOG_TAG); } + /** * Show untrusted cert dialog */ private void showUntrustedCertDialog(RemoteOperationResult result) { // Show a dialog with the certificate info - SslUntrustedCertDialog dialog = SslUntrustedCertDialog.newInstanceForFullSslError((CertificateCombinedException)result.getException()); + SslUntrustedCertDialog dialog = SslUntrustedCertDialog. + newInstanceForFullSslError((CertificateCombinedException)result.getException()); FragmentManager fm = getSupportFragmentManager(); FragmentTransaction ft = fm.beginTransaction(); ft.addToBackStack(null); @@ -1718,7 +1778,8 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { public void onSavedCertificate() { Fragment fd = getSupportFragmentManager().findFragmentByTag(SAML_DIALOG_TAG); if (fd == null) { - // if SAML dialog is not shown, the SslDialog was shown due to an SSL error in the server check + // if SAML dialog is not shown, + // the SslDialog was shown due to an SSL error in the server check checkOcServer(); } } @@ -1768,8 +1829,9 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public void onServiceConnected(ComponentName component, IBinder service) { - if (component.equals(new ComponentName(AuthenticatorActivity.this, OperationsService.class))) { - //Log_OC.wtf(TAG, "Operations service connected"); + if (component.equals( + new ComponentName(AuthenticatorActivity.this, OperationsService.class) + )) { mOperationsServiceBinder = (OperationsServiceBinder) service; doOnResumeAndBound(); @@ -1782,12 +1844,49 @@ SsoWebViewClientListener, OnSslUntrustedCertListener { @Override public void onServiceDisconnected(ComponentName component) { - if (component.equals(new ComponentName(AuthenticatorActivity.this, OperationsService.class))) { + if (component.equals( + new ComponentName(AuthenticatorActivity.this, OperationsService.class) + )) { Log_OC.e(TAG, "Operations service crashed"); mOperationsServiceBinder = null; } } } - + + /** + * Create and show dialog for request authentication to the user + * @param webView + * @param handler + */ + public void createAuthenticationDialog(WebView webView, HttpAuthHandler handler) { + + // Show a dialog with the certificate info + CredentialsDialogFragment dialog = + CredentialsDialogFragment.newInstanceForCredentials(webView, handler); + FragmentManager fm = getSupportFragmentManager(); + FragmentTransaction ft = fm.beginTransaction(); + ft.addToBackStack(null); + dialog.setCancelable(false); + dialog.show(ft, CREDENTIALS_DIALOG_TAG); + + if (!mIsFirstAuthAttempt) { + Toast.makeText( + getApplicationContext(), + getText(R.string.saml_authentication_wrong_pass), + Toast.LENGTH_LONG + ).show(); + } else { + mIsFirstAuthAttempt = false; + } + } + + /** + * For retrieving the clicking on authentication cancel button + */ + public void doNegativeAuthenticatioDialogClick(){ + mIsFirstAuthAttempt = true; + } + + }