public static final String WEBDAV_PATH_2_0 = "/files/webdav.php";\r
public static final String WEBDAV_PATH_4_0 = "/remote.php/webdav";\r
private static final String ODAV_PATH = "/remote.php/odav";\r
+ private static final String SAML_SSO_PATH = "/ocShibAuth";\r
public static final String CARDDAV_PATH_2_0 = "/apps/contacts/carddav.php";\r
public static final String CARDDAV_PATH_4_0 = "/remote/carddav.php";\r
public static final String STATUS_PATH = "/status.php";\r
* @param version version of owncloud\r
* @return webdav path for given OC version, null if OC version unknown\r
*/\r
- public static String getWebdavPath(OwnCloudVersion version, boolean supportsOAuth) {\r
+ public static String getWebdavPath(OwnCloudVersion version, boolean supportsOAuth, boolean supportsSamlSso) {\r
if (version != null) {\r
if (supportsOAuth) {\r
return ODAV_PATH;\r
}\r
+ if (supportsSamlSso) {\r
+ return SAML_SSO_PATH;\r
+ }\r
+ if (version.compareTo(OwnCloudVersion.owncloud_v4) >= 0)\r
+ return WEBDAV_PATH_4_0;\r
+ if (version.compareTo(OwnCloudVersion.owncloud_v3) >= 0\r
+ || version.compareTo(OwnCloudVersion.owncloud_v2) >= 0)\r
+ return WEBDAV_PATH_2_0;\r
+ if (version.compareTo(OwnCloudVersion.owncloud_v1) >= 0)\r
+ return WEBDAV_PATH_1_2;\r
+ }\r
+ return null;\r
+ }\r
+ \r
+ /**\r
+ * Returns the proper URL path to access the WebDAV interface of an ownCloud server,\r
+ * according to its version and the authorization method used.\r
+ * \r
+ * @param version Version of ownCloud server.\r
+ * @param authTokenType Authorization token type, matching some of the AUTH_TOKEN_TYPE_* constants in {@link AccountAuthenticator}. \r
+ * @return WebDAV path for given OC version and authorization method, null if OC version is unknown.\r
+ */\r
+ public static String getWebdavPath(OwnCloudVersion version, String authTokenType) {\r
+ if (version != null) {\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(authTokenType)) {\r
+ return ODAV_PATH;\r
+ }\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(authTokenType)) {\r
+ return SAML_SSO_PATH;\r
+ }\r
if (version.compareTo(OwnCloudVersion.owncloud_v4) >= 0)\r
return WEBDAV_PATH_4_0;\r
if (version.compareTo(OwnCloudVersion.owncloud_v3) >= 0\r
String baseurl = ama.getUserData(account, AccountAuthenticator.KEY_OC_BASE_URL);\r
String strver = ama.getUserData(account, AccountAuthenticator.KEY_OC_VERSION);\r
boolean supportsOAuth = (ama.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null);\r
+ boolean supportsSamlSso = (ama.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null);\r
OwnCloudVersion ver = new OwnCloudVersion(strver);\r
- String webdavpath = getWebdavPath(ver, supportsOAuth);\r
+ String webdavpath = getWebdavPath(ver, supportsOAuth, supportsSamlSso);\r
\r
if (baseurl == null || webdavpath == null) \r
throw new AccountNotFoundException(account, "Account not found", null);\r
private static final String KEY_SERVER_STATUS_ICON = "SERVER_STATUS_ICON";\r
private static final String KEY_IS_SSL_CONN = "IS_SSL_CONN";\r
private static final String KEY_PASSWORD_VISIBLE = "PASSWORD_VISIBLE";\r
- private static final String KEY_AUTH_METHOD = "AUTH_METHOD";\r
private static final String KEY_AUTH_STATUS_TEXT = "AUTH_STATUS_TEXT";\r
private static final String KEY_AUTH_STATUS_ICON = "AUTH_STATUS_ICON";\r
private static final String KEY_REFRESH_BUTTON_ENABLED = "KEY_REFRESH_BUTTON_ENABLED";\r
private static final String AUTH_OFF = "off";\r
private static final String AUTH_OPTIONAL = "optional";\r
\r
- private static final int AUTH_METHOD_BASIC_HTTP = 0;\r
- private static final int AUTH_METHOD_OAUTH2 = 1;\r
- private static final int AUTH_METHOD_SAML_WEB_SSO = 2;\r
-\r
private static final int DIALOG_LOGIN_PROGRESS = 0;\r
private static final int DIALOG_SSL_VALIDATOR = 1;\r
private static final int DIALOG_CERT_NOT_SAVED = 2;\r
private boolean mHostUrlInputEnabled;\r
private View mRefreshButton;\r
\r
- private int mCurrentAuthorizationMethod; \r
+ private String mCurrentAuthTokenType;\r
\r
private EditText mUsernameInput;\r
private EditText mPasswordInput;\r
mHostUrlInput.setText(mHostBaseUrl);\r
}\r
initAuthorizationMethod(); // checks intent and setup.xml to determine mCurrentAuthorizationMethod\r
- mOAuth2Check.setChecked(mCurrentAuthorizationMethod == AUTH_METHOD_OAUTH2);\r
+ mOAuth2Check.setChecked(mCurrentAuthTokenType == AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN);\r
mJustCreated = true;\r
\r
if (mAction == ACTION_UPDATE_TOKEN || !mHostUrlInputEnabled) {\r
\r
// account data, if updating\r
mAccount = savedInstanceState.getParcelable(KEY_ACCOUNT);\r
- mCurrentAuthorizationMethod = savedInstanceState.getInt(KEY_AUTH_METHOD, AUTH_METHOD_BASIC_HTTP);\r
+ mCurrentAuthTokenType = savedInstanceState.getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE, AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD);\r
\r
// check if server check was interrupted by a configuration change\r
if (savedInstanceState.getBoolean(KEY_SERVER_CHECK_IN_PROGRESS, false)) {\r
if (mServerIsChecked && !mServerIsValid && refreshButtonEnabled) showRefreshButton();\r
mOkButton.setEnabled(mServerIsValid); // state not automatically recovered in configuration changes\r
\r
- if (mCurrentAuthorizationMethod == AUTH_METHOD_SAML_WEB_SSO || !AUTH_OPTIONAL.equals(getString(R.string.auth_method_oauth2))) {\r
+ if (mCurrentAuthTokenType == AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE || \r
+ !AUTH_OPTIONAL.equals(getString(R.string.auth_method_oauth2))) {\r
mOAuth2Check.setVisibility(View.GONE);\r
}\r
\r
boolean oAuthRequired = false;\r
boolean samlWebSsoRequired = false;\r
\r
- String tokenType = getIntent().getExtras().getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE);\r
+ mCurrentAuthTokenType = getIntent().getExtras().getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE);\r
mAccount = getIntent().getExtras().getParcelable(EXTRA_ACCOUNT);\r
\r
- if (tokenType != null) {\r
- /// use the authentication method requested by caller \r
- oAuthRequired = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(tokenType);\r
- samlWebSsoRequired = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(tokenType);\r
- \r
- } else if (mAccount != null) {\r
- /// same authentication method than the one used to create the account to update\r
- oAuthRequired = (mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null);\r
- samlWebSsoRequired = (mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null);\r
- \r
- } else {\r
- /// use the one set in setup.xml\r
- oAuthRequired = AUTH_ON.equals(getString(R.string.auth_method_oauth2));\r
- samlWebSsoRequired = AUTH_ON.equals(getString(R.string.auth_method_saml_web_sso)); \r
- }\r
+ // TODO could be a good moment to validate the received token type, if not null\r
\r
- if (oAuthRequired) {\r
- mCurrentAuthorizationMethod = AUTH_METHOD_OAUTH2; \r
- } else if (samlWebSsoRequired) {\r
- mCurrentAuthorizationMethod = AUTH_METHOD_SAML_WEB_SSO;\r
- } else {\r
- mCurrentAuthorizationMethod = AUTH_METHOD_BASIC_HTTP;\r
+ if (mCurrentAuthTokenType == null) { \r
+ if (mAccount != null) {\r
+ /// same authentication method than the one used to create the account to update\r
+ oAuthRequired = (mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null);\r
+ samlWebSsoRequired = (mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null);\r
+ \r
+ } else {\r
+ /// use the one set in setup.xml\r
+ oAuthRequired = AUTH_ON.equals(getString(R.string.auth_method_oauth2));\r
+ samlWebSsoRequired = AUTH_ON.equals(getString(R.string.auth_method_saml_web_sso)); \r
+ }\r
+ if (oAuthRequired) {\r
+ mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN;\r
+ } else if (samlWebSsoRequired) {\r
+ mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE;\r
+ } else {\r
+ mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;\r
+ }\r
}\r
-\r
+ \r
if (mAccount != null) {\r
String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@'));\r
mUsernameInput.setText(userName);\r
if (mAccount != null) {\r
outState.putParcelable(KEY_ACCOUNT, mAccount);\r
}\r
- outState.putInt(KEY_AUTH_METHOD, mCurrentAuthorizationMethod);\r
+ outState.putString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE, mCurrentAuthTokenType);\r
\r
// refresh button enabled\r
outState.putBoolean(KEY_REFRESH_BUTTON_ENABLED, (mRefreshButton.getVisibility() == View.VISIBLE));\r
return;\r
}\r
\r
- if (mOAuth2Check.isChecked()) {\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) {\r
startOauthorization();\r
-\r
+ } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { \r
+ startSamlBasedFederatedSingleSignOnAuthorization();\r
} else {\r
checkBasicAuthorization();\r
}\r
*/\r
private void checkBasicAuthorization() {\r
/// get the path to the root folder through WebDAV from the version server\r
- String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, false);\r
+ String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);\r
\r
/// get basic credentials entered by user\r
String username = mUsernameInput.getText().toString();\r
\r
\r
/**\r
+ * Starts the Web Single Sign On flow to get access to the root folder\r
+ * in the server.\r
+ */\r
+ private void startSamlBasedFederatedSingleSignOnAuthorization() {\r
+ /// get the path to the root folder through WebDAV from the version server\r
+ String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);\r
+\r
+ /// test credentials accessing the root folder\r
+ mAuthCheckOperation = new ExistenceCheckOperation("", this, false);\r
+ WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this);\r
+ mOperationThread = mAuthCheckOperation.execute(client, this, mHandler);\r
+ }\r
+\r
+ /**\r
* Callback method invoked when a RemoteOperation executed by this Activity finishes.\r
* \r
* Dispatches the operation flow to the right method.\r
onGetOAuthAccessTokenFinish((OAuth2GetAccessToken)operation, result);\r
\r
} else if (operation instanceof ExistenceCheckOperation) {\r
- onAuthorizationCheckFinish((ExistenceCheckOperation)operation, result);\r
-\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ Toast.makeText(this, result.getLogMessage(), Toast.LENGTH_LONG).show();\r
+ \r
+ } else {\r
+ onAuthorizationCheckFinish((ExistenceCheckOperation)operation, result);\r
+ }\r
}\r
}\r
\r
// NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens\r
}\r
\r
- String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, true);\r
+ String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);\r
if (result.isSuccess() && webdav_path != null) {\r
/// be gentle with the user\r
showDialog(DIALOG_LOGIN_PROGRESS);\r
public void onCheckClick(View view) {\r
CheckBox oAuth2Check = (CheckBox)view;\r
if (oAuth2Check.isChecked()) {\r
- mCurrentAuthorizationMethod = AUTH_METHOD_OAUTH2;\r
+ mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN;\r
} else {\r
- mCurrentAuthorizationMethod = AUTH_METHOD_BASIC_HTTP;\r
+ mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;\r
}\r
adaptViewAccordingToAuthenticationMethod();\r
}\r
* the current authorization method.\r
*/\r
private void adaptViewAccordingToAuthenticationMethod () {\r
- switch (mCurrentAuthorizationMethod) { \r
- case AUTH_METHOD_OAUTH2:\r
- // OAuth 2 authorization\r
- mOAuthAuthEndpointText.setVisibility(View.VISIBLE);\r
- mOAuthTokenEndpointText.setVisibility(View.VISIBLE);\r
- mUsernameInput.setVisibility(View.GONE);\r
- mPasswordInput.setVisibility(View.GONE);\r
- mAccountNameInput.setVisibility(View.GONE);\r
- mWebSsoView.setVisibility(View.GONE);\r
- break;\r
- \r
- case AUTH_METHOD_SAML_WEB_SSO:\r
- // SAML-based web Single Sign On\r
- mOAuthAuthEndpointText.setVisibility(View.GONE);\r
- mOAuthTokenEndpointText.setVisibility(View.GONE);\r
- mUsernameInput.setVisibility(View.GONE);\r
- mPasswordInput.setVisibility(View.GONE);\r
- mAccountNameInput.setVisibility(View.VISIBLE);\r
- mWebSsoView.setVisibility(View.VISIBLE);\r
- break;\r
- \r
- case AUTH_METHOD_BASIC_HTTP:\r
- default:\r
- // basic HTTP authorization\r
- mOAuthAuthEndpointText.setVisibility(View.GONE);\r
- mOAuthTokenEndpointText.setVisibility(View.GONE);\r
- mUsernameInput.setVisibility(View.VISIBLE);\r
- mPasswordInput.setVisibility(View.VISIBLE);\r
- mAccountNameInput.setVisibility(View.GONE);\r
- mWebSsoView.setVisibility(View.GONE);\r
- }\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) {\r
+ // OAuth 2 authorization\r
+ mOAuthAuthEndpointText.setVisibility(View.VISIBLE);\r
+ mOAuthTokenEndpointText.setVisibility(View.VISIBLE);\r
+ mUsernameInput.setVisibility(View.GONE);\r
+ mPasswordInput.setVisibility(View.GONE);\r
+ mAccountNameInput.setVisibility(View.GONE);\r
+ mWebSsoView.setVisibility(View.GONE);\r
+ \r
+ } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ // SAML-based web Single Sign On\r
+ mOAuthAuthEndpointText.setVisibility(View.GONE);\r
+ mOAuthTokenEndpointText.setVisibility(View.GONE);\r
+ mUsernameInput.setVisibility(View.GONE);\r
+ mPasswordInput.setVisibility(View.GONE);\r
+ mAccountNameInput.setVisibility(View.VISIBLE);\r
+ mWebSsoView.setVisibility(View.VISIBLE);\r
+ \r
+ } else {\r
+ // basic HTTP authorization\r
+ mOAuthAuthEndpointText.setVisibility(View.GONE);\r
+ mOAuthTokenEndpointText.setVisibility(View.GONE);\r
+ mUsernameInput.setVisibility(View.VISIBLE);\r
+ mPasswordInput.setVisibility(View.VISIBLE);\r
+ mAccountNameInput.setVisibility(View.GONE);\r
+ mWebSsoView.setVisibility(View.GONE);\r
+ }\r
}\r
\r
/**\r
projects / pub / Android / ownCloud.git / commitdiff