From: David A. Velasco Date: Fri, 23 Aug 2013 12:37:14 +0000 (+0200) Subject: Merge branch 'saml_based_federated_single_sign_on' into saml_based_federated_single_s... X-Git-Tag: oc-android-1.4.6~17^2~5 X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/commitdiff_plain/dc02769e492205edce2a206cafe47152d526c09b?ds=inline;hp=--cc Merge branch 'saml_based_federated_single_sign_on' into saml_based_federated_single_sign_on_expired --- dc02769e492205edce2a206cafe47152d526c09b diff --cc src/com/owncloud/android/authentication/AuthenticatorActivity.java index 9ba0970c,88738bbb..753c29d9 --- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java +++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java @@@ -457,16 -453,10 +469,16 @@@ implements OnRemoteOperationListener, protected void onResume() { super.onResume(); if (mAction == ACTION_UPDATE_TOKEN && mJustCreated && getIntent().getBooleanExtra(EXTRA_ENFORCED_UPDATE, false)) { - if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { - if (mOAuth2Check.isChecked()) - Toast.makeText(this, R.string.auth_expired_oauth_token_toast, Toast.LENGTH_LONG).show(); - else - Toast.makeText(this, R.string.auth_expired_basic_auth_toast, Toast.LENGTH_LONG).show(); ++ if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mAuthTokenType)) { + //Toast.makeText(this, R.string.auth_expired_oauth_token_toast, Toast.LENGTH_LONG).show(); + showAuthMessage(getString(R.string.auth_expired_oauth_token_toast)); - } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { ++ } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType)) { + //Toast.makeText(this, R.string.auth_expired_saml_sso_token_toast, Toast.LENGTH_LONG).show(); + showAuthMessage(getString(R.string.auth_expired_saml_sso_token_toast)); + } else { + //Toast.makeText(this, R.string.auth_expired_basic_auth_toast, Toast.LENGTH_LONG).show(); + showAuthMessage(getString(R.string.auth_expired_basic_auth_toast)); + } } if (mNewCapturedUriFromOAuth2Redirection != null) { @@@ -774,9 -763,9 +785,9 @@@ // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens } - if (result.isTemporalRedirection() || result.isIdPRedirection()) { + if (result.isTemporalRedirection() && result.isIdPRedirection()) { String url = result.getRedirectedLocation(); - String targetUrl = mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType); + String targetUrl = mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mAuthTokenType); // Show dialog mSamlDialog = SamlWebViewDialog.newInstance(url, targetUrl); @@@ -1142,26 -1127,15 +1152,26 @@@ response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name); response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type); - if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { + if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mAuthTokenType)) { response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention - mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); + mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken); - } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { + } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType)) { + String username = getUserNameForSamlSso(); + if (!mUsernameInput.getText().toString().equals(username)) { + // fail - not a new account, but an existing one; disallow + RemoteOperationResult result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); + updateAuthStatusIconAndText(result); + showAuthStatus(); + Log_OC.d(TAG, result.getLogMessage()); + + return false; + } + response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken); // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention - mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken); + mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken); } else { response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString()); @@@ -1571,9 -1540,8 +1581,8 @@@ mAuthToken = sessionCookie; if (sessionCookie != null && sessionCookie.length() > 0) { - Log_OC.d(TAG, "Successful SSO - time to save the account"); mAuthToken = sessionCookie; - boolean success = true; + boolean success = false; if (mAction == ACTION_CREATE) { success = createAccount(); @@@ -1611,20 -1579,7 +1620,19 @@@ } + /** Show auth_message + * + * @param message + */ + private void showAuthMessage(String message) { + mAuthMessage.setVisibility(View.VISIBLE); + mAuthMessage.setText(message); + } + + private void hideAuthMessage() { + mAuthMessage.setVisibility(View.GONE); + } - private void syncAccount(){ /// immediately request for the synchronization of the new account Bundle bundle = new Bundle();