From: David A. Velasco <dvelasco@solidgear.es>
Date: Fri, 23 Aug 2013 12:37:14 +0000 (+0200)
Subject: Merge branch 'saml_based_federated_single_sign_on' into saml_based_federated_single_s... 
X-Git-Tag: oc-android-1.4.6~17^2~5
X-Git-Url: http://git.linex4red.de/pub/Android/ownCloud.git/commitdiff_plain/dc02769e492205edce2a206cafe47152d526c09b?hp=-c

Merge branch 'saml_based_federated_single_sign_on' into saml_based_federated_single_sign_on_expired
---

dc02769e492205edce2a206cafe47152d526c09b
diff --combined res/layout-land/account_setup.xml
index 2ae4b33f,bff91f5d..fed4dceb
--- a/res/layout-land/account_setup.xml
+++ b/res/layout-land/account_setup.xml
@@@ -43,6 -43,7 +43,7 @@@
  		    android:layout_width="0dp"
  		    android:layout_height="match_parent"
  		    android:layout_weight="1"
+ 		    android:id="@+id/scroll"
  		    android:fillViewport="true"
  		    android:orientation="vertical" >
  						
@@@ -50,7 -51,6 +51,6 @@@
  			    android:id="@+id/LinearLayout1"
  			    android:layout_width="match_parent"
  			    android:layout_height="wrap_content"
- 			    android:focusable="true"
  			    android:gravity="center"
  			    android:orientation="vertical"
  			    android:padding="8dp" >
@@@ -64,14 -64,7 +64,14 @@@
              		android:onClick="onRefreshClick"
  				    android:text="@string/auth_check_server"
  				    android:visibility="gone" />
 -		
 +				<TextView
 +				    android:id="@+id/auth_message"
 +				    android:layout_width="wrap_content"
 +				    android:layout_height="wrap_content"
 +				    android:layout_gravity="fill_horizontal"
 +				    android:text="@string/auth_expired_basic_auth_toast" 
 +				    android:visibility="gone"
 +				    android:layout_marginBottom="10dp"/>
  			    <FrameLayout 
  	        		android:id="@+id/hostUrlFrame"
  					android:layout_width="match_parent"
diff --combined res/layout/account_setup.xml
index e059a641,a7f549f1..52a8ed29
--- a/res/layout/account_setup.xml
+++ b/res/layout/account_setup.xml
@@@ -22,12 -22,13 +22,13 @@@
      android:layout_height="match_parent"
      android:layout_gravity="center"
      android:fillViewport="true"
-     android:orientation="vertical" >
+     android:orientation="vertical" 
+     android:id="@+id/scroll"
+     >
  
      <LinearLayout
          android:layout_width="match_parent"
          android:layout_height="wrap_content"
-         android:focusable="true"
          android:gravity="center"
          android:orientation="vertical"
          android:padding="8dp" >
@@@ -49,15 -50,6 +50,15 @@@
              android:onClick="onRefreshClick"
              android:text="@string/auth_check_server"
              android:visibility="gone" />
 +        
 +        <TextView
 +            android:id="@+id/auth_message"
 +            android:layout_width="wrap_content"
 +            android:layout_height="wrap_content"
 +            android:layout_gravity="fill_horizontal"
 +            android:text="@string/auth_expired_basic_auth_toast"
 +            android:visibility="gone"
 +            android:layout_marginBottom="10dp" />
  
  	    <FrameLayout 
  	        android:id="@+id/hostUrlFrame"
diff --combined src/com/owncloud/android/authentication/AuthenticatorActivity.java
index 9ba0970c,88738bbb..753c29d9
--- a/src/com/owncloud/android/authentication/AuthenticatorActivity.java
+++ b/src/com/owncloud/android/authentication/AuthenticatorActivity.java
@@@ -18,6 -18,8 +18,6 @@@
  
  package com.owncloud.android.authentication;
  
 -import java.net.URLDecoder;
 -
  import android.accounts.Account;
  import android.accounts.AccountManager;
  import android.app.AlertDialog;
@@@ -49,6 -51,7 +49,6 @@@ import android.widget.CheckBox
  import android.widget.EditText;
  import android.widget.TextView;
  import android.widget.TextView.OnEditorActionListener;
 -import android.widget.Toast;
  
  import com.actionbarsherlock.app.SherlockDialogFragment;
  import com.owncloud.android.Log_OC;
@@@ -86,8 -89,6 +86,8 @@@ implements  OnRemoteOperationListener, 
      public static final String EXTRA_ACTION = "ACTION";
      public static final String EXTRA_ENFORCED_UPDATE = "ENFORCE_UPDATE";
  
 +    private static final String KEY_AUTH_MESSAGE_VISIBILITY = "AUTH_MESSAGE_VISIBILITY";
 +    private static final String KEY_AUTH_MESSAGE_TEXT = "AUTH_MESSAGE_TEXT";
      private static final String KEY_HOST_URL_TEXT = "HOST_URL_TEXT";
      private static final String KEY_OC_VERSION = "OC_VERSION";
      private static final String KEY_ACCOUNT = "ACCOUNT";
@@@ -121,8 -122,7 +121,8 @@@
      private String mHostBaseUrl;
      private OwnCloudVersion mDiscoveredVersion;
  
 -    private int mServerStatusText, mServerStatusIcon;
 +    private String mAuthMessageText;
 +    private int mAuthMessageVisibility, mServerStatusText, mServerStatusIcon;
      private boolean mServerIsChecked, mServerIsValid, mIsSslConn;
      private int mAuthStatusText, mAuthStatusIcon;    
      private TextView mAuthStatusLayout;
@@@ -140,13 -140,11 +140,13 @@@
      private byte mAction;
      private Account mAccount;
  
 +    private TextView mAuthMessage;
 +    
      private EditText mHostUrlInput;
      private boolean mHostUrlInputEnabled;
      private View mRefreshButton;
  
-     private String mCurrentAuthTokenType;
+     private String mAuthTokenType;
      
      private EditText mUsernameInput;
      private EditText mPasswordInput;
@@@ -175,7 -173,6 +175,7 @@@
  
          /// set view and get references to view elements
          setContentView(R.layout.account_setup);
 +        mAuthMessage = (TextView) findViewById(R.id.auth_message);
          mHostUrlInput = (EditText) findViewById(R.id.hostUrlInput);
          mHostUrlInput.setText(getString(R.string.server_url));  // valid although R.string.server_url is an empty string
          mUsernameInput = (EditText) findViewById(R.id.account_username);
@@@ -216,7 -213,6 +216,7 @@@
  
          if (savedInstanceState == null) {
              /// connection state and info
 +            mAuthMessageVisibility = View.GONE;
              mServerStatusText = mServerStatusIcon = 0;
              mServerIsValid = false;
              mServerIsChecked = false;
@@@ -232,8 -228,6 +232,8 @@@
                  }
                  mHostBaseUrl = normalizeUrl(mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_OC_BASE_URL));
                  mHostUrlInput.setText(mHostBaseUrl);
 +                String userName = mAccount.name.substring(0, mAccount.name.lastIndexOf('@'));
 +                mUsernameInput.setText(userName);
              }
              initAuthorizationMethod();  // checks intent and setup.xml to determine mCurrentAuthorizationMethod
              mJustCreated = true;
@@@ -244,8 -238,6 +244,8 @@@
              
          } else {
              /// connection state and info
 +            mAuthMessageVisibility = savedInstanceState.getInt(KEY_AUTH_MESSAGE_VISIBILITY);
 +            mAuthMessageText = savedInstanceState.getString(KEY_AUTH_MESSAGE_TEXT);
              mServerIsValid = savedInstanceState.getBoolean(KEY_SERVER_VALID);
              mServerIsChecked = savedInstanceState.getBoolean(KEY_SERVER_CHECKED);
              mServerStatusText = savedInstanceState.getInt(KEY_SERVER_STATUS_TEXT);
@@@ -266,9 -258,9 +266,9 @@@
  
              // account data, if updating
              mAccount = savedInstanceState.getParcelable(KEY_ACCOUNT);
-             mCurrentAuthTokenType = savedInstanceState.getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE);
-             if (mCurrentAuthTokenType == null) {
-                 mCurrentAuthTokenType =  AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;
+             mAuthTokenType = savedInstanceState.getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE);
+             if (mAuthTokenType == null) {
+                 mAuthTokenType =  AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;
                  
              }
  
@@@ -283,12 -275,6 +283,12 @@@
  
          }
  
 +        if (mAuthMessageVisibility== View.VISIBLE) {
 +            showAuthMessage(mAuthMessageText);
 +        }
 +        else {
 +            hideAuthMessage();
 +        }
          adaptViewAccordingToAuthenticationMethod();
          showServerStatus();
          showAuthStatus();
@@@ -306,7 -292,7 +306,7 @@@
          if (mServerIsChecked && !mServerIsValid && refreshButtonEnabled) showRefreshButton();
          mOkButton.setEnabled(mServerIsValid); // state not automatically recovered in configuration changes
  
-         if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType) || 
+         if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType) || 
                  !AUTH_OPTIONAL.equals(getString(R.string.auth_method_oauth2))) {
              mOAuth2Check.setVisibility(View.GONE);
          }
@@@ -346,6 -332,18 +346,18 @@@
              }
          });
          
+         findViewById(R.id.scroll).setOnTouchListener(new OnTouchListener() {
+             @Override
+             public boolean onTouch(View view, MotionEvent event) {
+                 if (event.getAction() == MotionEvent.ACTION_DOWN) {
+                     if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType) &&
+                             mHostUrlInput.hasFocus()) {
+                         checkOcServer();
+                     }
+                 }
+                 return false;
+             }
+         });
      }
      
     
@@@ -354,12 -352,12 +366,12 @@@
          boolean oAuthRequired = false;
          boolean samlWebSsoRequired = false;
  
-         mCurrentAuthTokenType = getIntent().getExtras().getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE);
+         mAuthTokenType = getIntent().getExtras().getString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE);
          mAccount = getIntent().getExtras().getParcelable(EXTRA_ACCOUNT);
          
          // TODO could be a good moment to validate the received token type, if not null
          
-         if (mCurrentAuthTokenType == null) {    
+         if (mAuthTokenType == null) {    
              if (mAccount != null) {
                  /// same authentication method than the one used to create the account to update
                  oAuthRequired = (mAccountMgr.getUserData(mAccount, AccountAuthenticator.KEY_SUPPORTS_OAUTH2) != null);
@@@ -371,11 -369,11 +383,11 @@@
                  samlWebSsoRequired = AUTH_ON.equals(getString(R.string.auth_method_saml_web_sso));            
              }
              if (oAuthRequired) {
-                 mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN;
+                 mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN;
              } else if (samlWebSsoRequired) {
-                 mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE;
+                 mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE;
              } else {
-                 mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;
+                 mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;
              }
          }
      
@@@ -384,7 -382,7 +396,7 @@@
              mUsernameInput.setText(userName);
          }
          
-         mOAuth2Check.setChecked(AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType));
+         mOAuth2Check.setChecked(AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mAuthTokenType));
          
      }
  
@@@ -401,8 -399,6 +413,8 @@@
          super.onSaveInstanceState(outState);
  
          /// connection state and info
 +        outState.putInt(KEY_AUTH_MESSAGE_VISIBILITY, mAuthMessage.getVisibility());
 +        outState.putString(KEY_AUTH_MESSAGE_TEXT, mAuthMessage.getText().toString());
          outState.putInt(KEY_SERVER_STATUS_TEXT, mServerStatusText);
          outState.putInt(KEY_SERVER_STATUS_ICON, mServerStatusIcon);
          outState.putBoolean(KEY_SERVER_VALID, mServerIsValid);
@@@ -423,7 -419,7 +435,7 @@@
          if (mAccount != null) {
              outState.putParcelable(KEY_ACCOUNT, mAccount);
          }
-         outState.putString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE, mCurrentAuthTokenType);
+         outState.putString(AccountAuthenticator.KEY_AUTH_TOKEN_TYPE, mAuthTokenType);
          
          // refresh button enabled
          outState.putBoolean(KEY_REFRESH_BUTTON_ENABLED, (mRefreshButton.getVisibility() == View.VISIBLE));
@@@ -457,16 -453,10 +469,16 @@@
      protected void onResume() {
          super.onResume();
          if (mAction == ACTION_UPDATE_TOKEN && mJustCreated && getIntent().getBooleanExtra(EXTRA_ENFORCED_UPDATE, false)) {
-             if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) {
 -            if (mOAuth2Check.isChecked())
 -                Toast.makeText(this, R.string.auth_expired_oauth_token_toast, Toast.LENGTH_LONG).show();
 -            else
 -                Toast.makeText(this, R.string.auth_expired_basic_auth_toast, Toast.LENGTH_LONG).show();
++            if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mAuthTokenType)) {
 +                //Toast.makeText(this, R.string.auth_expired_oauth_token_toast, Toast.LENGTH_LONG).show();
 +                showAuthMessage(getString(R.string.auth_expired_oauth_token_toast));
-             } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {
++            } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType)) {
 +                //Toast.makeText(this, R.string.auth_expired_saml_sso_token_toast, Toast.LENGTH_LONG).show();
 +                showAuthMessage(getString(R.string.auth_expired_saml_sso_token_toast));
 +            } else {
 +                //Toast.makeText(this, R.string.auth_expired_basic_auth_toast, Toast.LENGTH_LONG).show();
 +                showAuthMessage(getString(R.string.auth_expired_basic_auth_toast));
 +            }
          }
  
          if (mNewCapturedUriFromOAuth2Redirection != null) {
@@@ -660,10 -650,9 +672,9 @@@
              return;
          }
  
-         hideAuthMessage();
-         if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) {
+         if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mAuthTokenType)) {
              startOauthorization();
-         } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) { 
+         } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType)) { 
              startSamlBasedFederatedSingleSignOnAuthorization();
          } else {
              checkBasicAuthorization();
@@@ -677,7 -666,7 +688,7 @@@
       */
      private void checkBasicAuthorization() {
          /// get the path to the root folder through WebDAV from the version server
-         String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);
+         String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mAuthTokenType);
  
          /// get basic credentials entered by user
          String username = mUsernameInput.getText().toString();
@@@ -733,7 -722,7 +744,7 @@@
          showDialog(DIALOG_LOGIN_PROGRESS);
          
          /// get the path to the root folder through WebDAV from the version server
-         String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);
+         String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mAuthTokenType);
  
          /// test credentials accessing the root folder
          mAuthCheckOperation = new  ExistenceCheckOperation("", this, false);
@@@ -757,7 -746,7 +768,7 @@@
              onGetOAuthAccessTokenFinish((OAuth2GetAccessToken)operation, result);
  
          } else if (operation instanceof ExistenceCheckOperation)  {
-             if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {
+             if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType)) {
                  onSamlBasedFederatedSingleSignOnAuthorizationStart(operation, result);
                  
              } else {
@@@ -774,9 -763,9 +785,9 @@@
              // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens
          }
          
 -        if (result.isTemporalRedirection() || result.isIdPRedirection()) {
 +        if (result.isTemporalRedirection() && result.isIdPRedirection()) {
              String url = result.getRedirectedLocation();
-             String targetUrl = mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);
+             String targetUrl = mHostBaseUrl + AccountUtils.getWebdavPath(mDiscoveredVersion, mAuthTokenType);
              
              // Show dialog
              mSamlDialog = SamlWebViewDialog.newInstance(url, targetUrl);            
@@@ -856,7 -845,6 +867,6 @@@
              }
  
          }
-         Log_OC.d(TAG, "URL Normalize " + url);
          return (url != null ? url : "");
      }
  
@@@ -1019,9 -1007,6 +1029,9 @@@
          case ACCOUNT_NOT_NEW:
              mAuthStatusText = R.string.auth_account_not_new;
              break;
 +        case ACCOUNT_NOT_THE_SAME:
 +            mAuthStatusText = R.string.auth_account_not_the_same;
 +            break;
          case UNHANDLED_HTTP_CODE:
          case UNKNOWN_ERROR:
              mAuthStatusText = R.string.auth_unknown_error_title;
@@@ -1047,7 -1032,7 +1057,7 @@@
              // NOTHING TO DO ; can't find out what situation that leads to the exception in this code, but user logs signal that it happens
          }
  
-         String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mCurrentAuthTokenType);
+         String webdav_path = AccountUtils.getWebdavPath(mDiscoveredVersion, mAuthTokenType);
          if (result.isSuccess() && webdav_path != null) {
              /// be gentle with the user
              showDialog(DIALOG_LOGIN_PROGRESS);
@@@ -1086,12 -1071,12 +1096,12 @@@
          if (result.isSuccess()) {
              Log_OC.d(TAG, "Successful access - time to save the account");
  
 -            boolean success = true;
 +            boolean success = false;
              if (mAction == ACTION_CREATE) {
                  success = createAccount();
  
              } else {
 -                updateToken();
 +                success = updateToken();
              }
  
              if (success) {
@@@ -1137,39 -1122,26 +1147,39 @@@
       * Sets the proper response to get that the Account Authenticator that started this activity saves 
       * a new authorization token for mAccount.
       */
 -    private void updateToken() {
 +    private boolean updateToken() {
          Bundle response = new Bundle();
          response.putString(AccountManager.KEY_ACCOUNT_NAME, mAccount.name);
          response.putString(AccountManager.KEY_ACCOUNT_TYPE, mAccount.type);
          
-         if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) { 
+         if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mAuthTokenType)) { 
              response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);
              // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention
-             mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);
+             mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken);
              
-         } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {
+         } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType)) {
 +            String username = getUserNameForSamlSso();
 +            if (!mUsernameInput.getText().toString().equals(username)) {
 +                // fail - not a new account, but an existing one; disallow
 +                RemoteOperationResult result = new RemoteOperationResult(ResultCode.ACCOUNT_NOT_THE_SAME); 
 +                updateAuthStatusIconAndText(result);
 +                showAuthStatus();
 +                Log_OC.d(TAG, result.getLogMessage());
 +                
 +                return false;
 +            }
 +            
              response.putString(AccountManager.KEY_AUTHTOKEN, mAuthToken);
              // the next line is necessary; by now, notifications are calling directly to the AuthenticatorActivity to update, without AccountManager intervention
-             mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);
+             mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken);
              
          } else {
              response.putString(AccountManager.KEY_AUTHTOKEN, mPasswordInput.getText().toString());
              mAccountMgr.setPassword(mAccount, mPasswordInput.getText().toString());
          }
          setAccountAuthenticatorResult(response);
 +        
 +        return true;
      }
  
  
@@@ -1182,8 -1154,8 +1192,8 @@@
       */
      private boolean createAccount() {
          /// create and save new ownCloud account
-         boolean isOAuth = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType);
-         boolean isSaml =  AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType);
+         boolean isOAuth = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mAuthTokenType);
+         boolean isSaml =  AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType);
  
          Uri uri = Uri.parse(mHostBaseUrl);
          String username = mUsernameInput.getText().toString().trim();
@@@ -1206,6 -1178,7 +1216,6 @@@
              Log_OC.d(TAG, result.getLogMessage());
              return false;
              
 -            
          } else {
          
              if (isOAuth || isSaml) {
@@@ -1232,7 -1205,7 +1242,7 @@@
                  intent.putExtra(AccountManager.KEY_AUTHTOKEN,   AccountAuthenticator.ACCOUNT_TYPE); */
              intent.putExtra(AccountManager.KEY_USERDATA,        username);
              if (isOAuth || isSaml) {
-                 mAccountMgr.setAuthToken(mAccount, mCurrentAuthTokenType, mAuthToken);
+                 mAccountMgr.setAuthToken(mAccount, mAuthTokenType, mAuthToken);
              }
              /// add user data to the new account; TODO probably can be done in the last parameter addAccountExplicitly, or in KEY_USERDATA
              mAccountMgr.setUserData(mAccount, AccountAuthenticator.KEY_OC_VERSION,    mDiscoveredVersion.toString());
@@@ -1250,10 -1223,6 +1260,10 @@@
              Bundle bundle = new Bundle();
              bundle.putBoolean(ContentResolver.SYNC_EXTRAS_MANUAL, true);
              ContentResolver.requestSync(mAccount, AccountAuthenticator.AUTHORITY, bundle);
 +            syncAccount();
 +//          Bundle bundle = new Bundle();
 +//          bundle.putBoolean(ContentResolver.SYNC_EXTRAS_MANUAL, true);
 +//          ContentResolver.requestSync(mAccount, AccountAuthenticator.AUTHORITY, bundle);
              return true;
          }
      }
@@@ -1460,9 -1429,9 +1470,9 @@@
      public void onCheckClick(View view) {
          CheckBox oAuth2Check = (CheckBox)view;
          if (oAuth2Check.isChecked()) {
-             mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN;
+             mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN;
          } else {
-             mCurrentAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;
+             mAuthTokenType = AccountAuthenticator.AUTH_TOKEN_TYPE_PASSWORD;
          }
          adaptViewAccordingToAuthenticationMethod();
      }
@@@ -1473,14 -1442,14 +1483,14 @@@
       * the current authorization method.
       */
      private void adaptViewAccordingToAuthenticationMethod () {
-         if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mCurrentAuthTokenType)) {
+         if (AccountAuthenticator.AUTH_TOKEN_TYPE_ACCESS_TOKEN.equals(mAuthTokenType)) {
              // OAuth 2 authorization
              mOAuthAuthEndpointText.setVisibility(View.VISIBLE);
              mOAuthTokenEndpointText.setVisibility(View.VISIBLE);
              mUsernameInput.setVisibility(View.GONE);
              mPasswordInput.setVisibility(View.GONE);
              
-         } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {
+         } else if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType)) {
              // SAML-based web Single Sign On
              mOAuthAuthEndpointText.setVisibility(View.GONE);
              mOAuthTokenEndpointText.setVisibility(View.GONE);
@@@ -1526,7 -1495,7 +1536,7 @@@
              }
              
          } else if (actionId == EditorInfo.IME_ACTION_NEXT && inputField != null && inputField.equals(mHostUrlInput)) {
-             if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mCurrentAuthTokenType)) {
+             if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType)) {
                  checkOcServer();
              }
          }
@@@ -1571,14 -1540,13 +1581,13 @@@
          mAuthToken = sessionCookie;
          
          if (sessionCookie != null && sessionCookie.length() > 0) {
-             Log_OC.d(TAG, "Successful SSO - time to save the account");
              mAuthToken = sessionCookie;
 -            boolean success = true;
 +            boolean success = false;
              if (mAction == ACTION_CREATE) {
                  success = createAccount();
          
              } else {
 -                updateToken();
 +                success = updateToken();
              }
              if (success) {
                  finish();
@@@ -1611,24 -1579,20 +1620,32 @@@
      
      }
      
 +    /** Show auth_message 
 +     * 
 +     * @param message
 +     */
 +    private void showAuthMessage(String message) {
 +       mAuthMessage.setVisibility(View.VISIBLE);
 +       mAuthMessage.setText(message);
 +    }
 +    
 +    private void hideAuthMessage() {
 +        mAuthMessage.setVisibility(View.GONE);
 +    }
  
-     
      private void syncAccount(){
          /// immediately request for the synchronization of the new account
          Bundle bundle = new Bundle();
          bundle.putBoolean(ContentResolver.SYNC_EXTRAS_MANUAL, true);
          ContentResolver.requestSync(mAccount, AccountAuthenticator.AUTHORITY, bundle);
      }
+     
+     @Override
+     public boolean onTouchEvent(MotionEvent event) {
+         if (AccountAuthenticator.AUTH_TOKEN_TYPE_SAML_WEB_SSO_SESSION_COOKIE.equals(mAuthTokenType) &&
+                 mHostUrlInput.hasFocus() && event.getAction() == MotionEvent.ACTION_DOWN) {
+             checkOcServer();
+         }
+         return super.onTouchEvent(event);
+     }
  }