if (!authTokenType.equals(AUTH_TOKEN_TYPE) &&\r
!authTokenType.equals(AUTH_TOKEN_TYPE_PASSWORD) &&\r
!authTokenType.equals(AUTH_TOKEN_TYPE_ACCESS_TOKEN) &&\r
- !authTokenType.equals(AUTH_TOKEN_TYPE_REFRESH_TOKEN) ) {\r
+ !authTokenType.equals(AUTH_TOKEN_TYPE_REFRESH_TOKEN) &&
+ !authTokenType.equals(AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE)) {\r
throw new UnsupportedAuthTokenTypeException();\r
}\r
}\r
import com.owncloud.android.ui.dialog.SslValidatorDialog;\r
import com.owncloud.android.ui.dialog.SslValidatorDialog.OnSslValidatorListener;\r
import com.owncloud.android.utils.OwnCloudVersion;\r
+import com.owncloud.android.authentication.SsoWebViewClient.SsoWebViewClientListener;\r
import com.owncloud.android.network.OwnCloudClientUtils;\r
import com.owncloud.android.operations.OwnCloudServerCheckOperation;\r
import com.owncloud.android.operations.ExistenceCheckOperation;\r
* @author David A. Velasco\r
*/\r
public class AuthenticatorActivity extends AccountAuthenticatorActivity\r
-implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener {\r
+implements OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeListener, OnEditorActionListener, SsoWebViewClientListener {\r
\r
private static final String TAG = AuthenticatorActivity.class.getSimpleName();\r
\r
private EditText mPasswordInput;\r
\r
private CheckBox mOAuth2Check;\r
- private String mOAuthAccessToken;\r
\r
private TextView mOAuthAuthEndpointText;\r
private TextView mOAuthTokenEndpointText;\r
private SsoWebViewClient mWebViewClient;\r
\r
private View mOkButton;\r
+ \r
+ private String mAuthToken;\r
\r
\r
/**\r
cookieManager.setAcceptCookie(true);\r
//cookieManager.removeSessionCookie(); \r
\r
- mWebViewClient = new SsoWebViewClient(this);\r
+ mWebViewClient = new SsoWebViewClient(mHandler, this);\r
mSsoWebView.setWebViewClient(mWebViewClient);\r
WebSettings webSettings = mSsoWebView.getSettings();\r
webSettings.setJavaScriptEnabled(true);\r
showDialog(DIALOG_LOGIN_PROGRESS);\r
\r
/// time to test the retrieved access token on the ownCloud server\r
- mOAuthAccessToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN);\r
- Log_OC.d(TAG, "Got ACCESS TOKEN: " + mOAuthAccessToken);\r
+ mAuthToken = ((OAuth2GetAccessToken)operation).getResultTokenMap().get(OAuth2Constants.KEY_ACCESS_TOKEN);\r
+ Log_OC.d(TAG, "Got ACCESS TOKEN: " + mAuthToken);\r
mAuthCheckOperation = new ExistenceCheckOperation("", this, false);\r
WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, true);\r
- client.setBearerCredentials(mOAuthAccessToken);\r
+ client.setBearerCredentials(mAuthToken);\r
mAuthCheckOperation.execute(client, this, mHandler);\r
\r
} else {\r
Bundle response = new Bundle();\r
response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name);\r
response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type);\r
- boolean isOAuth = mOAuth2Check.isChecked();\r
- if (isOAuth) {\r
- response.putString(AccountManager.KEY_AUTHTOKEN, mOAuthAccessToken);\r
+ \r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { \r
+ response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);\r
+ // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention\r
+ mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
+ \r
+ } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);\r
// the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention\r
- mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken);\r
+ mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
+ \r
} else {\r
response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString());\r
mAccountMgr.setPassword(mAccount, mPasswordInput.getText().toString());\r
*/\r
private void createAccount() {\r
/// create and save new ownCloud account\r
- boolean isOAuth = mOAuth2Check.isChecked();\r
+ boolean isOAuth = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType);\r
+ boolean isSaml = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType);\r
\r
Uri uri = Uri.parse(mHostBaseUrl);\r
String username = mUsernameInput.getText().toString().trim();\r
- if (isOAuth) {\r
+ if (isSaml) {\r
+ username = mAccountNameInput.getText().toString().trim();\r
+ \r
+ } else if (isOAuth) {\r
username = "OAuth_user" + (new java.util.Random(System.currentTimeMillis())).nextLong();\r
} \r
String accountName = username + "@" + uri.getHost();\r
accountName += ":" + uri.getPort();\r
}\r
mAccount = new Account(accountName, AccountAuthenticator.ACCOUNT_TYPE);\r
- if (isOAuth) {\r
- mAccountMgr.addAccountExplicitly(mAccount, "", null); // with our implementation, the password is never input in the app\r
+ if (isOAuth || isSaml) {\r
+ mAccountMgr.addAccountExplicitly(mAccount, "", null); // with external authorizations, the password is never input in the app\r
} else {\r
mAccountMgr.addAccountExplicitly(mAccount, mPasswordInput.getText().toString(), null);\r
}\r
final Intent intent = new Intent(); \r
intent.putExtra(AccountManager.KEY_ACCOUNT_TYPE, AccountAuthenticator.ACCOUNT_TYPE);\r
intent.putExtra(AccountManager.KEY_ACCOUNT_NAME, mAccount.name);\r
- if (!isOAuth)\r
- intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); // TODO check this; not sure it's right; maybe\r
+ /*if (!isOAuth)\r
+ intent.putExtra(AccountManager.KEY_AUTHTOKEN, AccountAuthenticator.ACCOUNT_TYPE); */\r
intent.putExtra(AccountManager.KEY_USERDATA, username);\r
- if (isOAuth) {\r
- mAccountMgr.setAuthToken(mAccount, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, mOAuthAccessToken);\r
+ if (isOAuth || isSaml) {\r
+ mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);\r
}\r
/// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA\r
mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION, mDiscoveredVersion.toString());\r
mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL, mHostBaseUrl);\r
- if (isOAuth)\r
- mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); // TODO this flag should be unnecessary\r
+ if (isSaml) {\r
+ mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO, "TRUE"); \r
+ } else if (isOAuth) {\r
+ mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2, "TRUE"); \r
+ }\r
\r
setAccountAuthenticatorResult(intent.getExtras());\r
setResult(RESULT_OK, intent);\r
public abstract boolean onDrawableTouch(final MotionEvent event);\r
}\r
\r
+\r
+ @Override\r
+ public void onSsoFinished(String sessionCookie) {\r
+ //Toast.makeText(this, "got cookies: " + sessionCookie, Toast.LENGTH_LONG).show();\r
+ \r
+ if (sessionCookie != null && sessionCookie.length() > 0) {\r
+ Log_OC.d(TAG, "Successful SSO - time to save the account");\r
+ mAuthToken = sessionCookie;\r
+ if (mAction == ACTION_CREATE) {\r
+ createAccount();\r
+\r
+ } else {\r
+ updateToken();\r
+ }\r
+\r
+ finish();\r
+\r
+ } else { \r
+ // TODO - show fail\r
+ Log_OC.d(TAG, "SSO failed");\r
+ }\r
+ }\r
+\r
}\r
package com.owncloud.android.authentication;
-import android.content.Context;
+import java.lang.ref.WeakReference;
+
import android.graphics.Bitmap;
+import android.os.Handler;
import android.view.View;
import android.webkit.CookieManager;
import android.webkit.WebView;
import android.webkit.WebViewClient;
-import android.widget.Toast;
import com.owncloud.android.Log_OC;
private static final String TAG = SsoWebViewClient.class.getSimpleName();
- private Context mContext;
+ public interface SsoWebViewClientListener {
+ public void onSsoFinished(String sessionCookie);
+ }
+
+ private Handler mListenerHandler;
+ private WeakReference<SsoWebViewClientListener> mListenerRef;
private String mTargetUrl;
- public SsoWebViewClient (Context context) {
- mContext = context;
+ public SsoWebViewClient (Handler listenerHandler, SsoWebViewClientListener listener) {
+ mListenerHandler = listenerHandler;
+ mListenerRef = new WeakReference<SsoWebViewClient.SsoWebViewClientListener>(listener);
mTargetUrl = "fake://url.to.be.set";
}
if (url.startsWith(mTargetUrl)) {
view.setVisibility(View.GONE);
CookieManager cookieManager = CookieManager.getInstance();
- String cookies = cookieManager.getCookie(url);
- Toast.makeText(mContext, "got cookies: " + cookies, Toast.LENGTH_LONG).show();
+ final String cookies = cookieManager.getCookie(url);
+ if (mListenerHandler != null && mListenerRef != null) {
+ // this is good idea because onPageStarted is not running in the UI thread
+ mListenerHandler.post(new Runnable() {
+ @Override
+ public void run() {
+ SsoWebViewClientListener listener = mListenerRef.get();
+ if (listener != null) {
+ listener.onSsoFinished(cookies);
+ }
+ }
+ });
+ }
}
}
String accessToken = am.blockingGetAuthToken(account, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, false);
client.setBearerCredentials(accessToken); // TODO not assume that the access token is a bearer token
+ } else if (am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null) { // TODO avoid a call to getUserData here
+ String accessToken = am.blockingGetAuthToken(account, AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE, false);
+ client.setSsoSessionCookie(accessToken);
+
} else {
String username = account.name.substring(0, account.name.lastIndexOf('@'));
//String password = am.getPassword(account);
AccountManagerFuture<Bundle> future = am.getAuthToken(account, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, null, currentActivity, null, null);
Bundle result = future.getResult();
String accessToken = result.getString(AccountManager.KEY_AUTHTOKEN);
- //String accessToken = am.blockingGetAuthToken(account, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, false);
if (accessToken == null) throw new AuthenticatorException("WTF!");
client.setBearerCredentials(accessToken); // TODO not assume that the access token is a bearer token
-
+
+ } else if (am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null) { // TODO avoid a call to getUserData here
+ AccountManagerFuture<Bundle> future = am.getAuthToken(account, AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE, null, currentActivity, null, null);
+ Bundle result = future.getResult();
+ String accessToken = result.getString(AccountManager.KEY_AUTHTOKEN);
+ if (accessToken == null) throw new AuthenticatorException("WTF!");
+ client.setSsoSessionCookie(accessToken);
+
} else {
String username = account.name.substring(0, account.name.lastIndexOf('@'));
//String password = am.getPassword(account);
break;
default:
mCode = ResultCode.UNHANDLED_HTTP_CODE;
- Log_OC.d(TAG, "RemoteOperationResult has prcessed UNHANDLED_HTTP_CODE: " + httpCode);
+ Log_OC.d(TAG, "RemoteOperationResult has processed UNHANDLED_HTTP_CODE: " + httpCode);
}
}
}
} else {
mFailsInFavouritesFound++;
if (contentsResult.getException() != null) {
- Log_OC.d(TAG, "Error while synchronizing favourites : " + contentsResult.getLogMessage(), contentsResult.getException());
+ Log_OC.e(TAG, "Error while synchronizing favourites : " + contentsResult.getLogMessage(), contentsResult.getException());
} else {
- Log_OC.d(TAG, "Error while synchronizing favourites : " + contentsResult.getLogMessage());
+ Log_OC.e(TAG, "Error while synchronizing favourites : " + contentsResult.getLogMessage());
}
}
} // won't let these fails break the synchronization process
} else {
result = new RemoteOperationResult(false, status);
}
- Log_OC.i(TAG, "Synchronizing " + mAccount.name + ", folder " + mRemotePath + ": " + result.getLogMessage());
+
} catch (Exception e) {
result = new RemoteOperationResult(e);
- Log_OC.e(TAG, "Synchronizing " + mAccount.name + ", folder " + mRemotePath + ": " + result.getLogMessage(), result.getException());
+
} finally {
if (query != null)
query.releaseConnection(); // let the connection available for other methods
+ if (result.isSuccess()) {
+ Log_OC.i(TAG, "Synchronizing " + mAccount.name + ", folder " + mRemotePath + ": " + result.getLogMessage());
+ } else {
+ if (result.isException()) {
+ Log_OC.e(TAG, "Synchronizing " + mAccount.name + ", folder " + mRemotePath + ": " + result.getLogMessage(), result.getException());
+ } else {
+ Log_OC.e(TAG, "Synchronizing " + mAccount.name + ", folder " + mRemotePath + ": " + result.getLogMessage());
+ }
+ }
}
return result;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpConnectionManager;
import org.apache.commons.httpclient.HttpException;
+import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpMethodBase;
import org.apache.commons.httpclient.HttpVersion;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthPolicy;
import org.apache.commons.httpclient.auth.AuthScope;
+import org.apache.commons.httpclient.cookie.CookiePolicy;
import org.apache.commons.httpclient.methods.HeadMethod;
import org.apache.commons.httpclient.params.HttpMethodParams;
import org.apache.http.HttpStatus;
private Uri mUri;
private Credentials mCredentials;
private boolean mFollowRedirects;
+ private String mSsoSessionCookie;
final private static String TAG = "WebdavClient";
public static final String USER_AGENT = "Android-ownCloud";
getParams().setParameter(HttpMethodParams.USER_AGENT, USER_AGENT);
getParams().setParameter(CoreProtocolPNames.PROTOCOL_VERSION, HttpVersion.HTTP_1_1);
mFollowRedirects = true;
+ mSsoSessionCookie = null;
}
public void setBearerCredentials(String accessToken) {
mCredentials = new BearerCredentials(accessToken);
getState().setCredentials(AuthScope.ANY, mCredentials);
+ mSsoSessionCookie = null;
}
public void setBasicCredentials(String username, String password) {
getParams().setAuthenticationPreemptive(true);
mCredentials = new UsernamePasswordCredentials(username, password);
getState().setCredentials(AuthScope.ANY, mCredentials);
+ mSsoSessionCookie = null;
}
+ public void setSsoSessionCookie(String accessToken) {
+ getParams().setAuthenticationPreemptive(false);
+ getParams().setCookiePolicy(CookiePolicy.IGNORE_COOKIES);
+ mSsoSessionCookie = accessToken;
+ mCredentials = null;
+ }
+
+
/**
* Check if a file exists in the OC server
*
public boolean existsFile(String path) throws IOException, HttpException {
HeadMethod head = new HeadMethod(mUri.toString() + WebdavUtils.encodePath(path));
try {
- head.setFollowRedirects(mFollowRedirects);
int status = executeMethod(head);
Log_OC.d(TAG, "HEAD to " + path + " finished with HTTP status " + status + ((status != HttpStatus.SC_OK)?"(FAIL)":""));
exhaustResponse(head.getResponseBodyAsStream());
if (connectionTimeout >= 0) {
getHttpConnectionManager().getParams().setConnectionTimeout(connectionTimeout);
}
- method.setFollowRedirects(mFollowRedirects);
return executeMethod(method);
} finally {
getParams().setSoTimeout(oldSoTimeout);
getHttpConnectionManager().getParams().setConnectionTimeout(oldConnectionTimeout);
}
}
+
+
+ @Override
+ public int executeMethod(HttpMethod method) throws IOException, HttpException {
+ try {
+ method.setFollowRedirects(mFollowRedirects);
+ } catch (Exception e) {
+
+ }
+ if (mSsoSessionCookie != null && mSsoSessionCookie.length() > 0) {
+ method.setRequestHeader("Cookie", mSsoSessionCookie);
+ }
+ return super.executeMethod(method);
+ }
+
/**
* Exhausts a not interesting HTTP response. Encouraged by HttpClient documentation.
public void setFollowRedirects(boolean followRedirects) {
mFollowRedirects = followRedirects;
- }\r
-\r
+ }
+
}
projects / pub / Android / ownCloud.git / commitdiff