From: masensio Date: Fri, 23 Aug 2013 11:42:07 +0000 (+0200) Subject: Merge branch 'saml_based_federated_single_sign_on' into saml_based_federated_single_s... X-Git-Tag: oc-android-1.4.6~17^2~6^2 X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/commitdiff_plain/71347b48a089a677d7799628abf4056bbd780d71?hp=-c Merge branch 'saml_based_federated_single_sign_on' into saml_based_federated_single_sign_on_expired Conflicts: src/com/owncloud/android/ui/dialog/SamlWebViewDialog.java --- 71347b48a089a677d7799628abf4056bbd780d71 diff --combined src/com/owncloud/android/authentication/AuthenticatorActivity.java index e69ff8e3,4fd50c7f..9ba0970c --- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java +++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java @@@ -18,6 -18,8 +18,6 @@@ package com.owncloud.android.authentication; -import java.net.URLDecoder; - import android.accounts.Account; import android.accounts.AccountManager; import android.app.AlertDialog; @@@ -49,6 -51,7 +49,6 @@@ import android.widget.CheckBox import android.widget.EditText; import android.widget.TextView; import android.widget.TextView.OnEditorActionListener; -import android.widget.Toast; import com.actionbarsherlock.app.SherlockDialogFragment; import com.owncloud.android.Log_OC; @@@ -86,8 -89,6 +86,8 @@@ implements OnRemoteOperationListener, public static final String EXTRA_ACTION = "ACTION"; public static final String EXTRA_ENFORCED_UPDATE = "ENFORCE_UPDATE"; + private static final String KEY_AUTH_MESSAGE_VISIBILITY = "AUTH_MESSAGE_VISIBILITY"; + private static final String KEY_AUTH_MESSAGE_TEXT = "AUTH_MESSAGE_TEXT"; private static final String KEY_HOST_URL_TEXT = "HOST_URL_TEXT"; private static final String KEY_OC_VERSION = "OC_VERSION"; private static final String KEY_ACCOUNT = "ACCOUNT"; @@@ -121,8 -122,7 +121,8 @@@ private String mHostBaseUrl; private OwnCloudVersion mDiscoveredVersion; - private int mServerStatusText, mServerStatusIcon; + private String mAuthMessageText; + private int mAuthMessageVisibility, mServerStatusText, mServerStatusIcon; private boolean mServerIsChecked, mServerIsValid, mIsSslConn; private int mAuthStatusText, mAuthStatusIcon; private TextView mAuthStatusLayout; @@@ -140,8 -140,6 +140,8 @@@ private byte mAction; private Account mAccount; + private TextView mAuthMessage; + private EditText mHostUrlInput; private boolean mHostUrlInputEnabled; private View mRefreshButton; @@@ -175,7 -173,6 +175,7 @@@ /// set view and get references to view elements setContentView(R.layout.account_setup); + mAuthMessage = (TextView) findViewById(R.id.auth_message); mHostUrlInput = (EditText) findViewById(R.id.hostUrlInput); mHostUrlInput.setText(getString(R.string.server_url)); // valid although R.string.server_url is an empty string mUsernameInput = (EditText) findViewById(R.id.account_username); @@@ -216,7 -213,6 +216,7 @@@ if (savedInstanceState == null) { /// connection state and info + mAuthMessageVisibility = View.GONE; mServerStatusText = mServerStatusIcon = 0; mServerIsValid = false; mServerIsChecked = false; @@@ -232,8 -228,6 +232,8 @@@ } mHostBaseUrl = normalizeUrl(mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL)); mHostUrlInput.setText(mHostBaseUrl); + String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@')); + mUsernameInput.setText(userName); } initAuthorizationMethod(); // checks intent and setup.xml to determine mCurrentAuthorizationMethod mJustCreated = true; @@@ -244,8 -238,6 +244,8 @@@ } else { /// connection state and info + mAuthMessageVisibility = savedInstanceState.getInt(KEY_AUTH_MESSAGE_VISIBILITY); + mAuthMessageText = savedInstanceState.getString(KEY_AUTH_MESSAGE_TEXT); mServerIsValid = savedInstanceState.getBoolean(KEY_SERVER_VALID); mServerIsChecked = savedInstanceState.getBoolean(KEY_SERVER_CHECKED); mServerStatusText = savedInstanceState.getInt(KEY_SERVER_STATUS_TEXT); @@@ -283,12 -275,6 +283,12 @@@ } + if (mAuthMessageVisibility== View.VISIBLE) { + showAuthMessage(mAuthMessageText); + } + else { + hideAuthMessage(); + } adaptViewAccordingToAuthenticationMethod(); showServerStatus(); showAuthStatus(); @@@ -401,8 -387,6 +401,8 @@@ super.onSaveInstanceState(outState); /// connection state and info + outState.putInt(KEY_AUTH_MESSAGE_VISIBILITY, mAuthMessage.getVisibility()); + outState.putString(KEY_AUTH_MESSAGE_TEXT, mAuthMessage.getText().toString()); outState.putInt(KEY_SERVER_STATUS_TEXT, mServerStatusText); outState.putInt(KEY_SERVER_STATUS_ICON, mServerStatusIcon); outState.putBoolean(KEY_SERVER_VALID, mServerIsValid); @@@ -457,16 -441,10 +457,16 @@@ protected void onResume() { super.onResume(); if (mAction == ACTION_UPDATE_TOKEN && mJustCreated && getIntent().getBooleanExtra(EXTRA_ENFORCED_UPDATE, false)) { - if (mOAuth2Check.isChecked()) - Toast.makeText(this, R.string.auth_expired_oauth_token_toast, Toast.LENGTH_LONG).show(); - else - Toast.makeText(this, R.string.auth_expired_basic_auth_toast, Toast.LENGTH_LONG).show(); + if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { + //Toast.makeText(this, R.string.auth_expired_oauth_token_toast, Toast.LENGTH_LONG).show(); + showAuthMessage(getString(R.string.auth_expired_oauth_token_toast)); + } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + //Toast.makeText(this, R.string.auth_expired_saml_sso_token_toast, Toast.LENGTH_LONG).show(); + showAuthMessage(getString(R.string.auth_expired_saml_sso_token_toast)); + } else { + //Toast.makeText(this, R.string.auth_expired_basic_auth_toast, Toast.LENGTH_LONG).show(); + showAuthMessage(getString(R.string.auth_expired_basic_auth_toast)); + } } if (mNewCapturedUriFromOAuth2Redirection != null) { @@@ -660,7 -638,6 +660,7 @@@ return; } + hideAuthMessage(); if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { startOauthorization(); } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { @@@ -739,6 -716,7 +739,7 @@@ mAuthCheckOperation = new ExistenceCheckOperation("", this, false); WebdavClient client = OwnCloudClientUtils.createOwnCloudClient(Uri.parse(mHostBaseUrl + webdav_path), this, false); mOperationThread = mAuthCheckOperation.execute(client, this, mHandler); + } /** @@@ -773,7 -751,7 +774,7 @@@ // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens } - if (result.isTemporalRedirection() || result.isIdPRedirection()) { + if (result.isTemporalRedirection() && result.isIdPRedirection()) { String url = result.getRedirectedLocation(); String targetUrl = mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType); @@@ -781,8 -759,8 +782,8 @@@ mSamlDialog = SamlWebViewDialog.newInstance(url, targetUrl); mSamlDialog.show(getSupportFragmentManager(), TAG_SAML_DIALOG); - mAuthStatusIcon = android.R.drawable.ic_secure; - mAuthStatusText = R.string.auth_follow_auth_server; + mAuthStatusIcon = 0; + mAuthStatusText = 0; } else { mAuthStatusIcon = R.drawable.common_error; @@@ -1018,9 -996,6 +1019,9 @@@ case ACCOUNT_NOT_NEW: mAuthStatusText = R.string.auth_account_not_new; break; + case ACCOUNT_NOT_THE_SAME: + mAuthStatusText = R.string.auth_account_not_the_same; + break; case UNHANDLED_HTTP_CODE: case UNKNOWN_ERROR: mAuthStatusText = R.string.auth_unknown_error_title; @@@ -1085,12 -1060,12 +1086,12 @@@ if (result.isSuccess()) { Log_OC.d(TAG, "Successful access - time to save the account"); - boolean success = true; + boolean success = false; if (mAction == ACTION_CREATE) { success = createAccount(); } else { - updateToken(); + success = updateToken(); } if (success) { @@@ -1128,6 -1103,7 +1129,7 @@@ showAuthStatus(); Log_OC.d(TAG, "Access failed: " + result.getLogMessage()); } + } @@@ -1135,7 -1111,7 +1137,7 @@@ * Sets the proper response to get that the Account Authenticator that started this activity saves * a new authorization token for mAccount. */ - private void updateToken() { + private boolean updateToken() { Bundle response = new Bundle(); response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type); @@@ -1146,17 -1122,6 +1148,17 @@@ mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + String username = getUserNameForSamlSso(); + if (!mUsernameInput.getText().toString().equals(username)) { + // fail - not a new account, but an existing one; disallow + RemoteOperationResult result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); + updateAuthStatusIconAndText(result); + showAuthStatus(); + Log_OC.d(TAG, result.getLogMessage()); + + return false; + } + response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); @@@ -1166,8 -1131,6 +1168,8 @@@ mAccountMgr.setPassword(mAccount, mPasswordInput.getText().toString()); } setAccountAuthenticatorResult(response); + + return true; } @@@ -1204,6 -1167,7 +1206,6 @@@ Log_OC.d(TAG, result.getLogMessage()); return false; - } else { if (isOAuth || isSaml) { @@@ -1248,10 -1212,6 +1250,10 @@@ Bundle bundle = new Bundle(); bundle.putBoolean(ContentResolver.SYNC_EXTRAS_MANUAL, true); ContentResolver.requestSync(mAccount, AccountAuthenticator.AUTHORITY, bundle); + syncAccount(); +// Bundle bundle = new Bundle(); +// bundle.putBoolean(ContentResolver.SYNC_EXTRAS_MANUAL, true); +// ContentResolver.requestSync(mAccount, AccountAuthenticator.AUTHORITY, bundle); return true; } } @@@ -1571,17 -1531,18 +1573,18 @@@ if (sessionCookie != null && sessionCookie.length() > 0) { Log_OC.d(TAG, "Successful SSO - time to save the account"); mAuthToken = sessionCookie; - boolean success = true; + boolean success = false; if (mAction == ACTION_CREATE) { success = createAccount(); } else { - updateToken(); + success = updateToken(); } if (success) { finish(); } } + } @@@ -1605,27 -1566,8 +1608,27 @@@ // TODO - show fail Log_OC.d(TAG, "SSO failed"); } - } + } + /** Show auth_message + * + * @param message + */ + private void showAuthMessage(String message) { + mAuthMessage.setVisibility(View.VISIBLE); + mAuthMessage.setText(message); + } + + private void hideAuthMessage() { + mAuthMessage.setVisibility(View.GONE); + } + + private void syncAccount(){ + /// immediately request for the synchronization of the new account + Bundle bundle = new Bundle(); + bundle.putBoolean(ContentResolver.SYNC_EXTRAS_MANUAL, true); + ContentResolver.requestSync(mAccount, AccountAuthenticator.AUTHORITY, bundle); + } }