<string name="auth_wtf_reenter_URL">Unexpected state; please, enter the server URL again</string>
<string name="auth_expired_oauth_token_toast">Your authorization expired.\nPlease, authorize again</string>
<string name="auth_expired_basic_auth_toast">Please, enter the current password</string>
+ <string name="auth_expired_saml_sso_token_toast">Your session expired.\nPlease, authenticate again</string>
<string name="auth_connecting_auth_server">Connecting to authentication server…</string>
<string name="auth_follow_auth_server">Follow instructions above to get authenticated</string>
<string name="auth_unsupported_auth_method">The server does not support this authentication method</string>
}\r
mHostBaseUrl = normalizeUrl(mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL));\r
mHostUrlInput.setText(mHostBaseUrl);\r
+ String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@'));\r
+ mUsernameInput.setText(userName);\r
+ mAccountNameInput.setText(userName);\r
}\r
initAuthorizationMethod(); // checks intent and setup.xml to determine mCurrentAuthorizationMethod\r
mJustCreated = true;\r
mUsernameInput.setEnabled(false);\r
mUsernameInput.setFocusable(false);\r
mOAuth2Check.setVisibility(View.GONE);\r
+ mAccountNameInput.setEnabled(false);\r
+ mAccountNameInput.setFocusable(false);\r
}\r
\r
//if (mServerIsChecked && !mServerIsValid && mRefreshButtonEnabled) showRefreshButton();\r
protected void onResume() {\r
super.onResume();\r
if (mAction == ACTION_UPDATE_TOKEN && mJustCreated && getIntent().getBooleanExtra(EXTRA_ENFORCED_UPDATE, false)) {\r
- if (mOAuth2Check.isChecked())\r
+ if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) {\r
Toast.makeText(this, R.string.auth_expired_oauth_token_toast, Toast.LENGTH_LONG).show();\r
- else\r
+ \r
+ } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {\r
+ Toast.makeText(this, R.string.auth_expired_saml_sso_token_toast, Toast.LENGTH_LONG).show();\r
+ \r
+ } else {\r
Toast.makeText(this, R.string.auth_expired_basic_auth_toast, Toast.LENGTH_LONG).show();\r
+ }\r
}\r
\r
if (mNewCapturedUriFromOAuth2Redirection != null) {\r
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
+import com.owncloud.android.authentication.AccountAuthenticator;
import com.owncloud.android.authentication.AuthenticatorActivity;
import com.owncloud.android.datamodel.FileDataStorageManager;
import com.owncloud.android.datamodel.OCFile;
int contentId = (downloadResult.isSuccess()) ? R.string.downloader_download_succeeded_content : R.string.downloader_download_failed_content;
Notification finalNotification = new Notification(R.drawable.icon, getString(tickerId), System.currentTimeMillis());
finalNotification.flags |= Notification.FLAG_AUTO_CANCEL;
- boolean needsToUpdateCredentials = (downloadResult.getCode() == ResultCode.UNAUTHORIZED);
+ boolean needsToUpdateCredentials = (downloadResult.getCode() == ResultCode.UNAUTHORIZED ||
+ (downloadResult.isTemporalRedirection() && AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mDownloadClient.getAuthTokenType())));
if (needsToUpdateCredentials) {
// let the user update credentials with one click
Intent updateAccountCredentials = new Intent(this, AuthenticatorActivity.class);
mUploadClient.exhaustResponse(propfind.getResponseBodyAsStream());
}
- result = new RemoteOperationResult(isMultiStatus, status);
+ result = new RemoteOperationResult(isMultiStatus, status, propfind.getResponseHeaders());
Log_OC.i(TAG, "Update: synchronizing properties for uploaded " + mCurrentUpload.getRemotePath() + ": "
+ result.getLogMessage());
Notification finalNotification = new Notification(R.drawable.icon,
getString(R.string.uploader_upload_failed_ticker), System.currentTimeMillis());
finalNotification.flags |= Notification.FLAG_AUTO_CANCEL;
- if (uploadResult.getCode() == ResultCode.UNAUTHORIZED) {
+ if (uploadResult.getCode() == ResultCode.UNAUTHORIZED ||
+ (uploadResult.isTemporalRedirection() && AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mUploadClient.getAuthTokenType()))) {
// let the user update credentials with one click
Intent updateAccountCredentials = new Intent(this, AuthenticatorActivity.class);
updateAccountCredentials.putExtra(AuthenticatorActivity.EXTRA_ACCOUNT, upload.getAccount());
import javax.net.ssl.TrustManager;
import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
+import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.protocol.Protocol;
import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;
import org.apache.http.conn.ssl.X509HostnameVerifier;
//Log_OC.d(TAG, "Creating WebdavClient associated to " + account.name);
Uri uri = Uri.parse(AccountUtils.constructFullURLForAccount(appContext, account));
- WebdavClient client = createOwnCloudClient(uri, appContext, true);
AccountManager am = AccountManager.get(appContext);
- if (am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null) { // TODO avoid a call to getUserData here
+ boolean isOauth2 = am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null; // TODO avoid calling to getUserData here
+ boolean isSamlSso = am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null;
+ WebdavClient client = createOwnCloudClient(uri, appContext, !isSamlSso);
+ if (isOauth2) {
String accessToken = am.blockingGetAuthToken(account, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, false);
client.setBearerCredentials(accessToken); // TODO not assume that the access token is a bearer token
- } else if (am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null) { // TODO avoid a call to getUserData here
+ } else if (isSamlSso) { // TODO avoid a call to getUserData here
String accessToken = am.blockingGetAuthToken(account, AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE, false);
client.setSsoSessionCookie(accessToken);
public static WebdavClient createOwnCloudClient (Account account, Context appContext, Activity currentActivity) throws OperationCanceledException, AuthenticatorException, IOException, AccountNotFoundException {
Uri uri = Uri.parse(AccountUtils.constructFullURLForAccount(appContext, account));
- WebdavClient client = createOwnCloudClient(uri, appContext, true);
AccountManager am = AccountManager.get(appContext);
- if (am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null) { // TODO avoid a call to getUserData here
+ boolean isOauth2 = am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null; // TODO avoid calling to getUserData here
+ boolean isSamlSso = am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null;
+ WebdavClient client = createOwnCloudClient(uri, appContext, !isSamlSso);
+
+ if (isOauth2) { // TODO avoid a call to getUserData here
AccountManagerFuture<Bundle> future = am.getAuthToken(account, AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN, null, currentActivity, null, null);
Bundle result = future.getResult();
String accessToken = result.getString(AccountManager.KEY_AUTHTOKEN);
if (accessToken == null) throw new AuthenticatorException("WTF!");
client.setBearerCredentials(accessToken); // TODO not assume that the access token is a bearer token
- } else if (am.getUserData(account, AccountAuthenticator.KEY_SUPPORTS_SAML_WEB_SSO) != null) { // TODO avoid a call to getUserData here
+ } else if (isSamlSso) { // TODO avoid a call to getUserData here
AccountManagerFuture<Bundle> future = am.getAuthToken(account, AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE, null, currentActivity, null, null);
Bundle result = future.getResult();
String accessToken = result.getString(AccountManager.KEY_AUTHTOKEN);
String uriPrefix = client.getBaseUri() + WebdavUtils.encodePath(getRemotePath()) + "-chunking-" + Math.abs((new Random()).nextInt(9000)+1000) + "-" ;
long chunkCount = (long) Math.ceil((double)file.length() / CHUNK_SIZE);
for (int chunkIndex = 0; chunkIndex < chunkCount ; chunkIndex++, offset += CHUNK_SIZE) {
+ if (mPutMethod != null) {
+ mPutMethod.releaseConnection(); // let the connection available for other methods
+ }
mPutMethod = new PutMethod(uriPrefix + chunkCount + "-" + chunkIndex);
mPutMethod.addRequestHeader(OC_CHUNKED_HEADER, OC_CHUNKED_HEADER);
((ChunkFromFileChannelRequestEntity)mEntity).setOffset(offset);
mStorageManager.saveFile(newDir);
}
- result = new RemoteOperationResult(mkcol.succeeded(), status);
+ result = new RemoteOperationResult(mkcol.succeeded(), status, mkcol.getResponseHeaders());
Log_OC.d(TAG, "Create directory " + mRemotePath + ": " + result.getLogMessage());
client.exhaustResponse(mkcol.getResponseBodyAsStream());
private Set<OnDatatransferProgressListener> mDataTransferListeners = new HashSet<OnDatatransferProgressListener>();
private final AtomicBoolean mCancellationRequested = new AtomicBoolean(false);
private long mModificationTimestamp = 0;
+ private GetMethod mGet;
public DownloadFileOperation(Account account, OCFile file) {
if (!moved)
result = new RemoteOperationResult(RemoteOperationResult.ResultCode.LOCAL_STORAGE_NOT_MOVED);
else
- result = new RemoteOperationResult(isSuccess(status), status);
+ result = new RemoteOperationResult(isSuccess(status), status, (mGet != null ? mGet.getResponseHeaders() : null));
Log_OC.i(TAG, "Download of " + mFile.getRemotePath() + " to " + getSavePath() + ": " + result.getLogMessage());
} catch (Exception e) {
protected int downloadFile(WebdavClient client, File targetFile) throws HttpException, IOException, OperationCancelledException {
int status = -1;
boolean savedFile = false;
- GetMethod get = new GetMethod(client.getBaseUri() + WebdavUtils.encodePath(mFile.getRemotePath()));
+ mGet = new GetMethod(client.getBaseUri() + WebdavUtils.encodePath(mFile.getRemotePath()));
Iterator<OnDatatransferProgressListener> it = null;
FileOutputStream fos = null;
try {
- status = client.executeMethod(get);
+ status = client.executeMethod(mGet);
if (isSuccess(status)) {
targetFile.createNewFile();
- BufferedInputStream bis = new BufferedInputStream(get.getResponseBodyAsStream());
+ BufferedInputStream bis = new BufferedInputStream(mGet.getResponseBodyAsStream());
fos = new FileOutputStream(targetFile);
long transferred = 0;
while ((readResult = bis.read(bytes)) != -1) {
synchronized(mCancellationRequested) {
if (mCancellationRequested.get()) {
- get.abort();
+ mGet.abort();
throw new OperationCancelledException();
}
}
}
}
savedFile = true;
- Header modificationTime = get.getResponseHeader("Last-Modified");
+ Header modificationTime = mGet.getResponseHeader("Last-Modified");
if (modificationTime != null) {
Date d = WebdavUtils.parseResponseDate((String) modificationTime.getValue());
mModificationTimestamp = (d != null) ? d.getTime() : 0;
}
} else {
- client.exhaustResponse(get.getResponseBodyAsStream());
+ client.exhaustResponse(mGet.getResponseBodyAsStream());
}
} finally {
if (!savedFile && targetFile.exists()) {
targetFile.delete();
}
- get.releaseConnection(); // let the connection available for other methods
+ mGet.releaseConnection(); // let the connection available for other methods
}
return status;
}
result = new RemoteOperationResult(ResultCode.OAUTH2_ERROR);
} else {
- result = new RemoteOperationResult(true, status);
+ result = new RemoteOperationResult(true, status, postMethod.getResponseHeaders());
}
} else {
client.exhaustResponse(postMethod.getResponseBodyAsStream());
- result = new RemoteOperationResult(false, status);
+ result = new RemoteOperationResult(false, status, postMethod.getResponseHeaders());
}
}
}
} else {
- mLatestResult = new RemoteOperationResult(false, status);
+ mLatestResult = new RemoteOperationResult(false, status, get.getResponseHeaders());
}
} catch (JSONException e) {
result = run(mClient);
repeat = false;
- if (mCallerActivity != null && mAccount != null && mContext != null && !result.isSuccess() && result.getCode() == ResultCode.UNAUTHORIZED) {
- /// fail due to lack of authorization in an operation performed in foreground
- AccountManager am = AccountManager.get(mContext);
+ if (mCallerActivity != null && mAccount != null && mContext != null && !result.isSuccess() &&
+ (result.getCode() == ResultCode.UNAUTHORIZED || result.isTemporalRedirection())) {
+ /// possible fail due to lack of authorization in an operation performed in foreground
Credentials cred = mClient.getCredentials();
- if (cred instanceof BearerCredentials) {
- am.invalidateAuthToken(AccountAuthenticator.ACCOUNT_TYPE, ((BearerCredentials)cred).getAccessToken());
- } else {
- am.clearPassword(mAccount);
+ String ssoSessionCookie = mClient.getSsoSessionCookie();
+ if (cred != null || ssoSessionCookie != null) {
+ /// confirmed : unauthorized operation
+ AccountManager am = AccountManager.get(mContext);
+ boolean bearerAuthorization = (cred != null && cred instanceof BearerCredentials);
+ boolean samlBasedSsoAuthorization = (cred == null && ssoSessionCookie != null);
+ if (bearerAuthorization) {
+ am.invalidateAuthToken(AccountAuthenticator.ACCOUNT_TYPE, ((BearerCredentials)cred).getAccessToken());
+ } else if (samlBasedSsoAuthorization ) {
+ am.invalidateAuthToken(AccountAuthenticator.ACCOUNT_TYPE, ssoSessionCookie);
+ } else {
+ am.clearPassword(mAccount);
+ }
+ mClient = null;
+ repeat = true; // when repeated, the creation of a new OwnCloudClient after erasing the saved credentials will trigger the login activity
+ result = null;
}
- mClient = null;
- repeat = true; // when repeated, the creation of a new OwnCloudClient after erasing the saved credentials will trigger the login activity
- result = null;
}
} while (repeat);
mSuccess = (code == ResultCode.OK || code == ResultCode.OK_SSL || code == ResultCode.OK_NO_SSL);
}
- public RemoteOperationResult(boolean success, int httpCode) {
+ private RemoteOperationResult(boolean success, int httpCode) {
mSuccess = success;
mHttpCode = httpCode;
}
}
delete.getResponseBodyAsString(); // exhaust the response, although not interesting
- result = new RemoteOperationResult((delete.succeeded() || status == HttpStatus.SC_NOT_FOUND), status);
+ result = new RemoteOperationResult((delete.succeeded() || status == HttpStatus.SC_NOT_FOUND), status, delete.getResponseHeaders());
Log_OC.i(TAG, "Remove " + mFileToRemove.getRemotePath() + ": " + result.getLogMessage());
} catch (Exception e) {
}
move.getResponseBodyAsString(); // exhaust response, although not interesting
- result = new RemoteOperationResult(move.succeeded(), status);
+ result = new RemoteOperationResult(move.succeeded(), status, move.getResponseHeaders());
Log_OC.i(TAG, "Rename " + mFile.getRemotePath() + " to " + mNewRemotePath + ": " + result.getLogMessage());
} catch (Exception e) {
} else {
client.exhaustResponse(propfind.getResponseBodyAsStream());
- result = new RemoteOperationResult(false, status);
+ result = new RemoteOperationResult(false, status, propfind.getResponseHeaders());
}
}
result = new RemoteOperationResult(ResultCode.SYNC_CONFLICT); // should be different result, but will do the job
} else {
- result = new RemoteOperationResult(true, status);
+ result = new RemoteOperationResult(true, status, query.getResponseHeaders());
}
} else {
- result = new RemoteOperationResult(false, status);
+ result = new RemoteOperationResult(false, status, query.getResponseHeaders());
}
int status = client.executeMethod(get);
if (status != HttpStatus.SC_OK) {
client.exhaustResponse(get.getResponseBodyAsStream());
- result = new RemoteOperationResult(false, status);
+ result = new RemoteOperationResult(false, status, get.getResponseHeaders());
} else {
String response = get.getResponseBodyAsString();
}
}
- result = new RemoteOperationResult(isSuccess(status), status);
+ result = new RemoteOperationResult(isSuccess(status), status, (mPutMethod != null ? mPutMethod.getResponseHeaders() : null));
} catch (Exception e) {
// TODO something cleaner with cancellations
import com.owncloud.android.Log_OC;
import com.owncloud.android.R;
+import com.owncloud.android.authentication.AccountAuthenticator;
import com.owncloud.android.authentication.AuthenticatorActivity;
import com.owncloud.android.datamodel.DataStorageManager;
import com.owncloud.android.datamodel.FileDataStorageManager;
sendStickyBroadcast(true, remotePath, null);
} else {
- if (result.getCode() == RemoteOperationResult.ResultCode.UNAUTHORIZED) {
+ if (result.getCode() == RemoteOperationResult.ResultCode.UNAUTHORIZED ||
+ (result.isTemporalRedirection() && getClient().getSsoSessionCookie() != null)) {
mSyncResult.stats.numAuthExceptions++;
} else if (result.getException() instanceof DavException) {
private void notifyFailedSynchronization() {
Notification notification = new Notification(R.drawable.icon, getContext().getString(R.string.sync_fail_ticker), System.currentTimeMillis());
notification.flags |= Notification.FLAG_AUTO_CANCEL;
- boolean needsToUpdateCredentials = (mLastFailedResult != null && mLastFailedResult.getCode() == ResultCode.UNAUTHORIZED);
+ boolean needsToUpdateCredentials = (mLastFailedResult != null &&
+ ( mLastFailedResult.getCode() == ResultCode.UNAUTHORIZED ||
+ (mLastFailedResult.isTemporalRedirection() && AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(getClient().getAuthTokenType()))
+ )
+ );
// TODO put something smart in the contentIntent below for all the possible errors
notification.contentIntent = PendingIntent.getActivity(getContext().getApplicationContext(), (int)System.currentTimeMillis(), new Intent(), 0);
if (needsToUpdateCredentials) {
import com.owncloud.android.Log_OC;
+import com.owncloud.android.authentication.AccountAuthenticator;
import com.owncloud.android.network.BearerAuthScheme;
import com.owncloud.android.network.BearerCredentials;
+import android.accounts.AccountAuthenticatorActivity;
import android.net.Uri;
public class WebdavClient extends HttpClient {
private Credentials mCredentials;
private boolean mFollowRedirects;
private String mSsoSessionCookie;
+ private String mAuthTokenType;
final private static String TAG = "WebdavClient";
public static final String USER_AGENT = "Android-ownCloud";
getParams().setParameter(CoreProtocolPNames.PROTOCOL_VERSION, HttpVersion.HTTP_1_1);
mFollowRedirects = true;
mSsoSessionCookie = null;
+ mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;
}
public void setBearerCredentials(String accessToken) {
mCredentials = new BearerCredentials(accessToken);
getState().setCredentials(AuthScope.ANY, mCredentials);
mSsoSessionCookie = null;
+ mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN;
}
public void setBasicCredentials(String username, String password) {
mCredentials = new UsernamePasswordCredentials(username, password);
getState().setCredentials(AuthScope.ANY, mCredentials);
mSsoSessionCookie = null;
+ mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;
}
public void setSsoSessionCookie(String accessToken) {
getParams().setCookiePolicy(CookiePolicy.IGNORE_COOKIES);
mSsoSessionCookie = accessToken;
mCredentials = null;
+ mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE;
}
public final Credentials getCredentials() {\r
return mCredentials;\r
}
+
+ public final String getSsoSessionCookie() {
+ return mSsoSessionCookie;
+ }
public void setFollowRedirects(boolean followRedirects) {
mFollowRedirects = followRedirects;
}
+ public String getAuthTokenType() {
+ return mAuthTokenType;
+ }
+
}
projects / pub / Android / ownCloud.git / commitdiff