From: David A. Velasco <dvelasco@solidgear.es>
Date: Thu, 22 Aug 2013 17:25:15 +0000 (+0200)
Subject: Fixed condition to determine expiration of SAML SSO
X-Git-Tag: oc-android-1.4.6~17^2~8
X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/commitdiff_plain/2dc5cc57f12cf2832f6b19ee52f87e9f1f313eaa

Fixed condition to determine expiration of SAML SSO
---

diff --git a/src/com/owncloud/android/authentication/AuthenticatorActivity.java b/src/com/owncloud/android/authentication/AuthenticatorActivity.java
index 37ff4912..e69ff8e3 100644
--- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java
+++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java
@@ -18,8 +18,6 @@
 
 package com.owncloud.android.authentication;
 
-import java.net.URLDecoder;
-
 import android.accounts.Account;
 import android.accounts.AccountManager;
 import android.app.AlertDialog;
@@ -51,7 +49,6 @@ import android.widget.CheckBox;
 import android.widget.EditText;
 import android.widget.TextView;
 import android.widget.TextView.OnEditorActionListener;
-import android.widget.Toast;
 
 import com.actionbarsherlock.app.SherlockDialogFragment;
 import com.owncloud.android.Log_OC;
@@ -776,7 +773,7 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
             // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens
         }
         
-        if (result.isTemporalRedirection() || result.isIdPRedirection()) {
+        if (result.isTemporalRedirection() && result.isIdPRedirection()) {
             String url = result.getRedirectedLocation();
             String targetUrl = mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);
             
@@ -1163,7 +1160,6 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
             response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);
             // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention
             mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);
-            Log_OC.e(TAG, "saving auth token: " + mAuthToken);
             
         } else {
             response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString());
@@ -1235,7 +1231,6 @@ implements  OnRemoteOperationListener, OnSslValidatorListener, OnFocusChangeList
             intent.putExtra(AccountManager.KEY_USERDATA,        username);
             if (isOAuth || isSaml) {
                 mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);
-                Log_OC.e(TAG, "saving auth token: " + mAuthToken);
             }
             /// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA
             mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION,    mDiscoveredVersion.toString());
diff --git a/src/com/owncloud/android/files/services/FileDownloader.java b/src/com/owncloud/android/files/services/FileDownloader.java
index 0afcf6ac..0ae09d7b 100644
--- a/src/com/owncloud/android/files/services/FileDownloader.java
+++ b/src/com/owncloud/android/files/services/FileDownloader.java
@@ -465,7 +465,7 @@ public class FileDownloader extends Service implements OnDatatransferProgressLis
             Notification finalNotification = new Notification(R.drawable.icon, getString(tickerId), System.currentTimeMillis());
             finalNotification.flags |= Notification.FLAG_AUTO_CANCEL;
             boolean needsToUpdateCredentials = (downloadResult.getCode() == ResultCode.UNAUTHORIZED ||
-                                                ((downloadResult.isTemporalRedirection() || downloadResult.isIdPRedirection())
+                                                (downloadResult.isTemporalRedirection() && downloadResult.isIdPRedirection()
                                                         && AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mDownloadClient.getAuthTokenType())));
             if (needsToUpdateCredentials) {
                 // let the user update credentials with one click
diff --git a/src/com/owncloud/android/files/services/FileUploader.java b/src/com/owncloud/android/files/services/FileUploader.java
index 48638408..2356c439 100644
--- a/src/com/owncloud/android/files/services/FileUploader.java
+++ b/src/com/owncloud/android/files/services/FileUploader.java
@@ -794,8 +794,8 @@ public class FileUploader extends Service implements OnDatatransferProgressListe
             String content = null;
             
             boolean needsToUpdateCredentials = (uploadResult.getCode() == ResultCode.UNAUTHORIZED ||
-                    ((uploadResult.isTemporalRedirection() || uploadResult.isIdPRedirection())
-                            && AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mUploadClient.getAuthTokenType())));
+                    (uploadResult.isTemporalRedirection() && uploadResult.isIdPRedirection() && 
+                            AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mUploadClient.getAuthTokenType())));
             if (needsToUpdateCredentials) {
                 // let the user update credentials with one click
                 Intent updateAccountCredentials = new Intent(this, AuthenticatorActivity.class);
diff --git a/src/com/owncloud/android/network/OwnCloudClientUtils.java b/src/com/owncloud/android/network/OwnCloudClientUtils.java
index 7148d2d0..75aed4ac 100644
--- a/src/com/owncloud/android/network/OwnCloudClientUtils.java
+++ b/src/com/owncloud/android/network/OwnCloudClientUtils.java
@@ -102,7 +102,6 @@ public class OwnCloudClientUtils {
         } else if (isSamlSso) {    // TODO avoid a call to getUserData here
             String accessToken = am.blockingGetAuthToken(account, AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE, false);
             client.setSsoSessionCookie(accessToken);
-            Log_OC.e(TAG, "client with auth token: " + accessToken);
             
         } else {
             String username = account.name.substring(0, account.name.lastIndexOf('@'));
@@ -135,7 +134,6 @@ public class OwnCloudClientUtils {
             String accessToken = result.getString(AccountManager.KEY_AUTHTOKEN);
             if (accessToken == null) throw new AuthenticatorException("WTF!");
             client.setSsoSessionCookie(accessToken);
-            Log_OC.e(TAG, "client with auth token: " + accessToken);
 
         } else {
             String username = account.name.substring(0, account.name.lastIndexOf('@'));
diff --git a/src/com/owncloud/android/operations/RemoteOperation.java b/src/com/owncloud/android/operations/RemoteOperation.java
index 0d7e6ec6..9306e350 100644
--- a/src/com/owncloud/android/operations/RemoteOperation.java
+++ b/src/com/owncloud/android/operations/RemoteOperation.java
@@ -243,7 +243,7 @@ public abstract class RemoteOperation implements Runnable {
         
             repeat = false;
             if (mCallerActivity != null && mAccount != null && mContext != null && !result.isSuccess() &&
-                    (result.getCode() == ResultCode.UNAUTHORIZED || result.isTemporalRedirection() || result.isIdPRedirection())) {
+                    (result.getCode() == ResultCode.UNAUTHORIZED || (result.isTemporalRedirection() && result.isIdPRedirection()))) {
                 /// possible fail due to lack of authorization in an operation performed in foreground
                 Credentials cred = mClient.getCredentials();
                 String ssoSessionCookie = mClient.getSsoSessionCookie();
diff --git a/src/com/owncloud/android/syncadapter/FileSyncAdapter.java b/src/com/owncloud/android/syncadapter/FileSyncAdapter.java
index 4103dbf7..0ae6d775 100644
--- a/src/com/owncloud/android/syncadapter/FileSyncAdapter.java
+++ b/src/com/owncloud/android/syncadapter/FileSyncAdapter.java
@@ -225,7 +225,8 @@ public class FileSyncAdapter extends AbstractOwnCloudSyncAdapter {
             
         } else {
             if (result.getCode() == RemoteOperationResult.ResultCode.UNAUTHORIZED ||
-                    ((result.isTemporalRedirection() || result.isIdPRedirection()) && getClient().getSsoSessionCookie() != null)) {
+                    (result.isTemporalRedirection() && result.isIdPRedirection() && 
+                            AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(getClient().getAuthTokenType()))) {
                 mSyncResult.stats.numAuthExceptions++;
                 
             } else if (result.getException() instanceof DavException) {
@@ -308,8 +309,8 @@ public class FileSyncAdapter extends AbstractOwnCloudSyncAdapter {
         notification.flags |= Notification.FLAG_AUTO_CANCEL;
         boolean needsToUpdateCredentials = (mLastFailedResult != null && 
                                              (  mLastFailedResult.getCode() == ResultCode.UNAUTHORIZED ||
-                                                ((mLastFailedResult.isTemporalRedirection() || mLastFailedResult.isIdPRedirection())
-                                                        && AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(getClient().getAuthTokenType()))
+                                                (mLastFailedResult.isTemporalRedirection() && mLastFailedResult.isIdPRedirection() && 
+                                                 AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(getClient().getAuthTokenType()))
                                              )
                                            );
         // TODO put something smart in the contentIntent below for all the possible errors