From 18b271665d84e1596ec813d69e5571e27f081bb4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Garci=CC=81a=20de=20Prada?= Date: Mon, 21 Dec 2020 14:02:10 +0100 Subject: [PATCH 01/10] Get OIDC discovery config --- .../oauth/GetOIDCDiscoveryRemoteOperation.kt | 94 +++++++++++++++++++ .../oauth/responses/OIDCDiscoveryResponse.kt | 43 +++++++++ .../resources/oauth/services/OIDCService.kt | 33 +++++++ .../services/implementation/OCOIDCService.kt | 44 +++++++++ 4 files changed, 214 insertions(+) create mode 100644 owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/GetOIDCDiscoveryRemoteOperation.kt create mode 100644 owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/OIDCDiscoveryResponse.kt create mode 100644 owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt create mode 100644 owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/GetOIDCDiscoveryRemoteOperation.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/GetOIDCDiscoveryRemoteOperation.kt new file mode 100644 index 00000000..204a939e --- /dev/null +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/GetOIDCDiscoveryRemoteOperation.kt @@ -0,0 +1,94 @@ +/* ownCloud Android Library is available under MIT license + * + * @author Abel García de Prada + * + * Copyright (C) 2020 ownCloud GmbH. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + */ +package com.owncloud.android.lib.resources.oauth + +import com.owncloud.android.lib.common.OwnCloudClient +import com.owncloud.android.lib.common.http.HttpConstants +import com.owncloud.android.lib.common.http.methods.nonwebdav.GetMethod +import com.owncloud.android.lib.common.operations.RemoteOperation +import com.owncloud.android.lib.common.operations.RemoteOperationResult +import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse +import com.squareup.moshi.JsonAdapter +import com.squareup.moshi.Moshi +import timber.log.Timber +import java.net.URL + +/** + * Get OIDC Discovery + * + * @author Abel García de Prada + */ +class GetOIDCDiscoveryRemoteOperation : RemoteOperation() { + + override fun run(client: OwnCloudClient): RemoteOperationResult { + var result: RemoteOperationResult + + try { + val uriBuilder = client.baseUri.buildUpon().apply { + appendPath(WELL_KNOWN_PATH) // avoid starting "/" in this method + appendPath(OPENID_CONFIGURATION_RESOURCE) + }.build() + + val getMethod = GetMethod(URL(uriBuilder.toString())).apply { + addRequestHeader(OCS_API_HEADER, OCS_API_HEADER_VALUE) + } + + val status = client.executeHttpMethod(getMethod) + + val responseBody = getMethod.getResponseBodyAsString() + + if (status == HttpConstants.HTTP_OK && responseBody != null) { + Timber.d("Successful response $responseBody") + + // Parse the response + val moshi: Moshi = Moshi.Builder().build() + val jsonAdapter: JsonAdapter = moshi.adapter(OIDCDiscoveryResponse::class.java) + val oidcDiscoveryResponse: OIDCDiscoveryResponse? = jsonAdapter.fromJson(responseBody) + + result = RemoteOperationResult(RemoteOperationResult.ResultCode.OK) + result.data = oidcDiscoveryResponse + + Timber.d("Get OIDC Discovery completed and parsed to $oidcDiscoveryResponse") + } else { + result = RemoteOperationResult(getMethod) + Timber.e("Failed response while getting OIDC server discovery from the server status code: $status; response message: $responseBody") + } + + } catch (e: Exception) { + result = RemoteOperationResult(e) + Timber.e(e, "Exception while getting OIDC server discovery") + } + + return result + } + + companion object { + private const val WELL_KNOWN_PATH = ".well-known" + private const val OPENID_CONFIGURATION_RESOURCE = "openid-configuration" + + } +} diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/OIDCDiscoveryResponse.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/OIDCDiscoveryResponse.kt new file mode 100644 index 00000000..7072bc1f --- /dev/null +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/OIDCDiscoveryResponse.kt @@ -0,0 +1,43 @@ +/* ownCloud Android Library is available under MIT license + * + * @author Abel García de Prada + * + * Copyright (C) 2020 ownCloud GmbH. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + */ +package com.owncloud.android.lib.resources.oauth.responses + +import com.squareup.moshi.JsonClass + +@JsonClass(generateAdapter = true) +data class OIDCDiscoveryResponse( + val authorization_endpoint: String, + val check_session_iframe: String, + val end_session_endpoint: String, + val issuer: String, + val registration_endpoint: String, + val response_types_supported: List, + val scopes_supported: List, + val token_endpoint: String, + val token_endpoint_auth_methods_supported: List, + val userinfo_endpoint: String, +) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt new file mode 100644 index 00000000..6716baf5 --- /dev/null +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt @@ -0,0 +1,33 @@ +/* ownCloud Android Library is available under MIT license + * + * Copyright (C) 2020 ownCloud GmbH. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ +package com.owncloud.android.lib.resources.oauth.services + +import com.owncloud.android.lib.common.operations.RemoteOperationResult +import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse + +interface OIDCService { + + fun getOIDCServerDiscovery(baseUrl: String): RemoteOperationResult + +} diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt new file mode 100644 index 00000000..294f6d5f --- /dev/null +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt @@ -0,0 +1,44 @@ +/* ownCloud Android Library is available under MIT license + * + * Copyright (C) 2020 ownCloud GmbH. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ +package com.owncloud.android.lib.resources.oauth.services.implementation + +import android.net.Uri +import com.owncloud.android.lib.common.OwnCloudClient +import com.owncloud.android.lib.common.authentication.OwnCloudCredentialsFactory +import com.owncloud.android.lib.common.operations.RemoteOperationResult +import com.owncloud.android.lib.resources.oauth.GetOIDCDiscoveryRemoteOperation +import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse +import com.owncloud.android.lib.resources.oauth.services.OIDCService + +class OCOIDCService() : OIDCService { + + override fun getOIDCServerDiscovery(baseUrl: String): RemoteOperationResult = + GetOIDCDiscoveryRemoteOperation().execute(createClientFromPath(baseUrl)) + + private fun createClientFromPath(path: String): OwnCloudClient = + OwnCloudClient(Uri.parse(path)).apply { + credentials = OwnCloudCredentialsFactory.getAnonymousCredentials() + } + +} From 0fc3f7668ddce2af276b0538b80616f03c33f92f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Garci=CC=81a=20de=20Prada?= Date: Thu, 19 Nov 2020 19:05:48 +0100 Subject: [PATCH 02/10] Use the same ownCloudClient across the whole login process --- .../status/services/ServerInfoService.kt | 5 ++-- .../implementation/OCServerInfoService.kt | 24 ++++++++++--------- 2 files changed, 16 insertions(+), 13 deletions(-) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/status/services/ServerInfoService.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/status/services/ServerInfoService.kt index 1efa7f1b..121f617f 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/status/services/ServerInfoService.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/status/services/ServerInfoService.kt @@ -23,11 +23,12 @@ */ package com.owncloud.android.lib.resources.status.services +import com.owncloud.android.lib.common.OwnCloudClient import com.owncloud.android.lib.common.operations.RemoteOperationResult import com.owncloud.android.lib.resources.status.OwnCloudVersion interface ServerInfoService { - fun checkPathExistence(path: String, isUserLogged: Boolean): RemoteOperationResult + fun checkPathExistence(path: String, isUserLogged: Boolean, client: OwnCloudClient): RemoteOperationResult - fun getRemoteStatus(path: String): RemoteOperationResult + fun getRemoteStatus(path: String, client: OwnCloudClient): RemoteOperationResult } diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/status/services/implementation/OCServerInfoService.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/status/services/implementation/OCServerInfoService.kt index 76f82a46..65b85479 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/status/services/implementation/OCServerInfoService.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/status/services/implementation/OCServerInfoService.kt @@ -19,26 +19,28 @@ package com.owncloud.android.lib.resources.status.services.implementation -import android.net.Uri import com.owncloud.android.lib.common.OwnCloudClient -import com.owncloud.android.lib.common.authentication.OwnCloudCredentialsFactory.getAnonymousCredentials import com.owncloud.android.lib.common.operations.RemoteOperationResult -import com.owncloud.android.lib.resources.status.services.ServerInfoService import com.owncloud.android.lib.resources.files.CheckPathExistenceRemoteOperation import com.owncloud.android.lib.resources.status.GetRemoteStatusOperation import com.owncloud.android.lib.resources.status.OwnCloudVersion +import com.owncloud.android.lib.resources.status.services.ServerInfoService class OCServerInfoService : ServerInfoService { - override fun checkPathExistence(path: String, isUserLogged: Boolean): RemoteOperationResult = + + override fun checkPathExistence( + path: String, + isUserLogged: Boolean, + client: OwnCloudClient + ): RemoteOperationResult = CheckPathExistenceRemoteOperation( remotePath = path, isUserLogged = true - ).execute(createClientFromPath(path)) + ).execute(client) - override fun getRemoteStatus(path: String): RemoteOperationResult = - GetRemoteStatusOperation().execute(createClientFromPath(path)) - - private fun createClientFromPath(path: String): OwnCloudClient { - return OwnCloudClient(Uri.parse(path)).apply { credentials = getAnonymousCredentials() } - } + override fun getRemoteStatus( + path: String, + client: OwnCloudClient + ): RemoteOperationResult = + GetRemoteStatusOperation().execute(client) } From f289746c2f2d8db5f644e7f11491869f0eedf0e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Garci=CC=81a=20de=20Prada?= Date: Tue, 22 Dec 2020 09:49:49 +0100 Subject: [PATCH 03/10] Use ownCloud client base url to perform oidc discovery --- .../lib/resources/oauth/services/OIDCService.kt | 3 ++- .../oauth/services/implementation/OCOIDCService.kt | 13 ++++--------- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt index 6716baf5..d877370f 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt @@ -23,11 +23,12 @@ */ package com.owncloud.android.lib.resources.oauth.services +import com.owncloud.android.lib.common.OwnCloudClient import com.owncloud.android.lib.common.operations.RemoteOperationResult import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse interface OIDCService { - fun getOIDCServerDiscovery(baseUrl: String): RemoteOperationResult + fun getOIDCServerDiscovery(ownCloudClient: OwnCloudClient): RemoteOperationResult } diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt index 294f6d5f..ab74ba4b 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt @@ -23,9 +23,7 @@ */ package com.owncloud.android.lib.resources.oauth.services.implementation -import android.net.Uri import com.owncloud.android.lib.common.OwnCloudClient -import com.owncloud.android.lib.common.authentication.OwnCloudCredentialsFactory import com.owncloud.android.lib.common.operations.RemoteOperationResult import com.owncloud.android.lib.resources.oauth.GetOIDCDiscoveryRemoteOperation import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse @@ -33,12 +31,9 @@ import com.owncloud.android.lib.resources.oauth.services.OIDCService class OCOIDCService() : OIDCService { - override fun getOIDCServerDiscovery(baseUrl: String): RemoteOperationResult = - GetOIDCDiscoveryRemoteOperation().execute(createClientFromPath(baseUrl)) - - private fun createClientFromPath(path: String): OwnCloudClient = - OwnCloudClient(Uri.parse(path)).apply { - credentials = OwnCloudCredentialsFactory.getAnonymousCredentials() - } + override fun getOIDCServerDiscovery( + ownCloudClient: OwnCloudClient + ): RemoteOperationResult = + GetOIDCDiscoveryRemoteOperation().execute(ownCloudClient) } From 44967be4e3a2d0dded868927478517633ff98218 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Garci=CC=81a=20de=20Prada?= Date: Tue, 22 Dec 2020 15:39:39 +0100 Subject: [PATCH 04/10] First draft of request token implementation --- .../android/lib/common/OwnCloudClient.java | 10 +- .../OwnCloudCredentialsFactory.java | 4 - .../lib/common/http/HttpConstants.java | 6 + .../oauth/TokenRequestRemoteOperation.kt | 104 ++++++++++++++++++ .../oauth/params/TokenRequestParams.kt | 33 ++++++ .../oauth/responses/TokenResponse.kt | 45 ++++++++ .../resources/oauth/services/OIDCService.kt | 7 ++ .../services/implementation/OCOIDCService.kt | 11 +- 8 files changed, 210 insertions(+), 10 deletions(-) create mode 100644 owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt create mode 100644 owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt create mode 100644 owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java index 331ad7a0..8d27c34a 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java @@ -48,15 +48,15 @@ import java.io.IOException; import java.io.InputStream; import java.util.List; +import static com.owncloud.android.lib.common.http.HttpConstants.AUTHORIZATION_HEADER; import static com.owncloud.android.lib.common.http.HttpConstants.OC_X_REQUEST_ID; public class OwnCloudClient extends HttpClient { public static final String WEBDAV_FILES_PATH_4_0 = "/remote.php/dav/files/"; public static final String WEBDAV_PATH_4_0_AND_LATER = "/remote.php/dav"; - private static final String WEBDAV_UPLOADS_PATH_4_0 = "/remote.php/dav/uploads/"; public static final String STATUS_PATH = "/status.php"; - + private static final String WEBDAV_UPLOADS_PATH_4_0 = "/remote.php/dav/uploads/"; private static final int MAX_REDIRECTIONS_COUNT = 3; private static final int MAX_REPEAT_COUNT_WITH_FRESH_CREDENTIALS = 1; @@ -104,8 +104,8 @@ public class OwnCloudClient extends HttpClient { method.setRequestHeader(HttpConstants.OC_X_REQUEST_ID, requestId); method.setRequestHeader(HttpConstants.USER_AGENT_HEADER, SingleSessionManager.getUserAgent()); method.setRequestHeader(HttpConstants.ACCEPT_ENCODING_HEADER, HttpConstants.ACCEPT_ENCODING_IDENTITY); - if (mCredentials.getHeaderAuth() != null) { - method.setRequestHeader(HttpConstants.AUTHORIZATION_HEADER, mCredentials.getHeaderAuth()); + if (mCredentials.getHeaderAuth() != null && method.getRequestHeader(AUTHORIZATION_HEADER) == null) { + method.setRequestHeader(AUTHORIZATION_HEADER, mCredentials.getHeaderAuth()); } status = method.execute(); @@ -136,7 +136,7 @@ public class OwnCloudClient extends HttpClient { method.setRequestHeader(HttpConstants.USER_AGENT_HEADER, SingleSessionManager.getUserAgent()); method.setRequestHeader(HttpConstants.ACCEPT_ENCODING_HEADER, HttpConstants.ACCEPT_ENCODING_IDENTITY); if (mCredentials.getHeaderAuth() != null) { - method.setRequestHeader(HttpConstants.AUTHORIZATION_HEADER, mCredentials.getHeaderAuth()); + method.setRequestHeader(AUTHORIZATION_HEADER, mCredentials.getHeaderAuth()); } status = method.execute(); diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/authentication/OwnCloudCredentialsFactory.java b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/authentication/OwnCloudCredentialsFactory.java index 3d5dae91..621a5c75 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/authentication/OwnCloudCredentialsFactory.java +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/authentication/OwnCloudCredentialsFactory.java @@ -24,10 +24,6 @@ package com.owncloud.android.lib.common.authentication; -import com.owncloud.android.lib.common.OwnCloudClient; -import com.owncloud.android.lib.common.http.HttpClient; -import com.owncloud.android.lib.common.http.HttpConstants; - public class OwnCloudCredentialsFactory { public static final String CREDENTIAL_CHARSET = "UTF-8"; diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java index b86534a3..4a2eb327 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java @@ -51,6 +51,12 @@ public class HttpConstants { public static final String ACCEPT_ENCODING_IDENTITY = "identity"; public static final String OC_FILE_REMOTE_ID = "OC-FileId"; + // OAuth + public static final String HEADER_AUTHORIZATION_CODE = "code"; + public static final String HEADER_GRANT_TYPE = "grant_type"; + public static final String HEADER_REDIRECT_URI = "redirect_uri"; + public static final String HEADER_CODE_VERIFIER = "code_verifier"; + /*********************************************************************************************************** ************************************************ CONTENT TYPES ******************************************** ***********************************************************************************************************/ diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt new file mode 100644 index 00000000..3f96d3fd --- /dev/null +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt @@ -0,0 +1,104 @@ +/* ownCloud Android Library is available under MIT license + * + * @author Abel García de Prada + * + * Copyright (C) 2020 ownCloud GmbH. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + */ +package com.owncloud.android.lib.resources.oauth + +import com.owncloud.android.lib.common.OwnCloudClient +import com.owncloud.android.lib.common.http.HttpConstants.AUTHORIZATION_HEADER +import com.owncloud.android.lib.common.http.HttpConstants.HEADER_AUTHORIZATION_CODE +import com.owncloud.android.lib.common.http.HttpConstants.HEADER_CODE_VERIFIER +import com.owncloud.android.lib.common.http.HttpConstants.HEADER_GRANT_TYPE +import com.owncloud.android.lib.common.http.HttpConstants.HEADER_REDIRECT_URI +import com.owncloud.android.lib.common.http.HttpConstants.HTTP_OK +import com.owncloud.android.lib.common.http.methods.nonwebdav.PostMethod +import com.owncloud.android.lib.common.operations.RemoteOperation +import com.owncloud.android.lib.common.operations.RemoteOperationResult +import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams +import com.owncloud.android.lib.resources.oauth.responses.TokenResponse +import com.squareup.moshi.JsonAdapter +import com.squareup.moshi.Moshi +import okhttp3.FormBody +import okio.ByteString.Companion.encodeUtf8 +import timber.log.Timber +import java.net.URL + +/** + * Get OIDC Discovery + * + * @author Abel García de Prada + */ +class TokenRequestRemoteOperation( + private val tokenRequestParams: TokenRequestParams +) : RemoteOperation() { + + override fun run(client: OwnCloudClient): RemoteOperationResult { + var result: RemoteOperationResult + + try { + val uriBuilder = client.baseUri.buildUpon().apply { + appendEncodedPath(tokenRequestParams.tokenEndpoint) + }.build() + + val requestBody = FormBody.Builder() + .add(HEADER_AUTHORIZATION_CODE, tokenRequestParams.authorizationCode) + .add(HEADER_GRANT_TYPE, tokenRequestParams.grantType) + .add(HEADER_REDIRECT_URI, tokenRequestParams.redirectUri) + .add(HEADER_CODE_VERIFIER, tokenRequestParams.codeVerifier) + .build() + + val postMethod = PostMethod(URL(uriBuilder.toString()), requestBody) + + postMethod.addRequestHeader(AUTHORIZATION_HEADER, tokenRequestParams.clientAuth) + + val status = client.executeHttpMethod(postMethod) + + val responseBody = postMethod.getResponseBodyAsString() + + if (status == HTTP_OK && responseBody != null) { + Timber.d("Successful response $responseBody") + + // Parse the response + val moshi: Moshi = Moshi.Builder().build() + val jsonAdapter: JsonAdapter = moshi.adapter(TokenResponse::class.java) + val tokenResponse: TokenResponse? = jsonAdapter.fromJson(responseBody) + + result = RemoteOperationResult(RemoteOperationResult.ResultCode.OK) + result.data = tokenResponse + + Timber.d("Get tokens completed and parsed to $tokenResponse") + } else { + result = RemoteOperationResult(postMethod) + Timber.e("Failed response while getting tokens from the server status code: $status; response message: $responseBody") + } + + } catch (e: Exception) { + result = RemoteOperationResult(e) + Timber.e(e, "Exception while getting tokens") + } + + return result + } +} diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt new file mode 100644 index 00000000..3ac743be --- /dev/null +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt @@ -0,0 +1,33 @@ +/* ownCloud Android Library is available under MIT license + * + * Copyright (C) 2020 ownCloud GmbH. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ +package com.owncloud.android.lib.resources.oauth.params + +class TokenRequestParams( + val tokenEndpoint: String, + val authorizationCode: String, + val grantType: String, + val redirectUri: String, + val codeVerifier: String, + val clientAuth: String +) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt new file mode 100644 index 00000000..05b0ea8c --- /dev/null +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt @@ -0,0 +1,45 @@ +/* ownCloud Android Library is available under MIT license + * + * Copyright (C) 2020 ownCloud GmbH. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +package com.owncloud.android.lib.resources.oauth.responses + +import com.squareup.moshi.Json +import com.squareup.moshi.JsonClass + +@JsonClass(generateAdapter = true) +data class TokenResponse( + @Json(name = "access_token") + val accessToken: String, + @Json(name = "expires_in") + val expiresIn: Int, + @Json(name = "refresh_token") + val refreshToken: String, + @Json(name = "token_type") + val tokenType: String, + @Json(name = "user_id") + val userId: String?, + val scope: String?, + @Json(name = "additional_parameters") + val additionalParameters: Map? +) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt index d877370f..8955e6ba 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt @@ -25,10 +25,17 @@ package com.owncloud.android.lib.resources.oauth.services import com.owncloud.android.lib.common.OwnCloudClient import com.owncloud.android.lib.common.operations.RemoteOperationResult +import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse +import com.owncloud.android.lib.resources.oauth.responses.TokenResponse interface OIDCService { fun getOIDCServerDiscovery(ownCloudClient: OwnCloudClient): RemoteOperationResult + fun performTokenRequest( + ownCloudClient: OwnCloudClient, + tokenRequest: TokenRequestParams + ): RemoteOperationResult + } diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt index ab74ba4b..abc069af 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt @@ -26,14 +26,23 @@ package com.owncloud.android.lib.resources.oauth.services.implementation import com.owncloud.android.lib.common.OwnCloudClient import com.owncloud.android.lib.common.operations.RemoteOperationResult import com.owncloud.android.lib.resources.oauth.GetOIDCDiscoveryRemoteOperation +import com.owncloud.android.lib.resources.oauth.TokenRequestRemoteOperation +import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse +import com.owncloud.android.lib.resources.oauth.responses.TokenResponse import com.owncloud.android.lib.resources.oauth.services.OIDCService -class OCOIDCService() : OIDCService { +class OCOIDCService : OIDCService { override fun getOIDCServerDiscovery( ownCloudClient: OwnCloudClient ): RemoteOperationResult = GetOIDCDiscoveryRemoteOperation().execute(ownCloudClient) + override fun performTokenRequest( + ownCloudClient: OwnCloudClient, + tokenRequest: TokenRequestParams + ): RemoteOperationResult = + TokenRequestRemoteOperation(tokenRequest).execute(ownCloudClient) + } From d683da36020d0d2c4c42c44878b89b3141b07639 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Garci=CC=81a=20de=20Prada?= Date: Wed, 23 Dec 2020 14:01:08 +0100 Subject: [PATCH 05/10] Support refresh token with own idP --- .../com/owncloud/android/lib/common/http/HttpConstants.java | 1 + .../lib/resources/oauth/TokenRequestRemoteOperation.kt | 4 +++- .../android/lib/resources/oauth/params/TokenRequestParams.kt | 1 + .../android/lib/resources/oauth/responses/TokenResponse.kt | 2 +- 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java index 4a2eb327..cab87f26 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java @@ -56,6 +56,7 @@ public class HttpConstants { public static final String HEADER_GRANT_TYPE = "grant_type"; public static final String HEADER_REDIRECT_URI = "redirect_uri"; public static final String HEADER_CODE_VERIFIER = "code_verifier"; + public static final String HEADER_REFRESH_TOKEN = "refresh_token"; /*********************************************************************************************************** ************************************************ CONTENT TYPES ******************************************** diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt index 3f96d3fd..25c18903 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt @@ -32,6 +32,7 @@ import com.owncloud.android.lib.common.http.HttpConstants.HEADER_AUTHORIZATION_C import com.owncloud.android.lib.common.http.HttpConstants.HEADER_CODE_VERIFIER import com.owncloud.android.lib.common.http.HttpConstants.HEADER_GRANT_TYPE import com.owncloud.android.lib.common.http.HttpConstants.HEADER_REDIRECT_URI +import com.owncloud.android.lib.common.http.HttpConstants.HEADER_REFRESH_TOKEN import com.owncloud.android.lib.common.http.HttpConstants.HTTP_OK import com.owncloud.android.lib.common.http.methods.nonwebdav.PostMethod import com.owncloud.android.lib.common.operations.RemoteOperation @@ -46,7 +47,7 @@ import timber.log.Timber import java.net.URL /** - * Get OIDC Discovery + * Perform token request * * @author Abel García de Prada */ @@ -67,6 +68,7 @@ class TokenRequestRemoteOperation( .add(HEADER_GRANT_TYPE, tokenRequestParams.grantType) .add(HEADER_REDIRECT_URI, tokenRequestParams.redirectUri) .add(HEADER_CODE_VERIFIER, tokenRequestParams.codeVerifier) + .add(HEADER_REFRESH_TOKEN, tokenRequestParams.refreshToken.orEmpty()) .build() val postMethod = PostMethod(URL(uriBuilder.toString()), requestBody) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt index 3ac743be..00b34f85 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt @@ -28,6 +28,7 @@ class TokenRequestParams( val authorizationCode: String, val grantType: String, val redirectUri: String, + val refreshToken: String? = null, val codeVerifier: String, val clientAuth: String ) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt index 05b0ea8c..f7fdc87a 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt @@ -34,7 +34,7 @@ data class TokenResponse( @Json(name = "expires_in") val expiresIn: Int, @Json(name = "refresh_token") - val refreshToken: String, + val refreshToken: String?, @Json(name = "token_type") val tokenType: String, @Json(name = "user_id") From 9208af89fe082cca49100346ad5c0983e4fc85d0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Garci=CC=81a=20de=20Prada?= Date: Wed, 23 Dec 2020 15:57:30 +0100 Subject: [PATCH 06/10] Support refresh token with any idP --- .../lib/resources/oauth/TokenRequestRemoteOperation.kt | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt index 25c18903..c927d11b 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt @@ -59,10 +59,6 @@ class TokenRequestRemoteOperation( var result: RemoteOperationResult try { - val uriBuilder = client.baseUri.buildUpon().apply { - appendEncodedPath(tokenRequestParams.tokenEndpoint) - }.build() - val requestBody = FormBody.Builder() .add(HEADER_AUTHORIZATION_CODE, tokenRequestParams.authorizationCode) .add(HEADER_GRANT_TYPE, tokenRequestParams.grantType) @@ -71,7 +67,7 @@ class TokenRequestRemoteOperation( .add(HEADER_REFRESH_TOKEN, tokenRequestParams.refreshToken.orEmpty()) .build() - val postMethod = PostMethod(URL(uriBuilder.toString()), requestBody) + val postMethod = PostMethod(URL(tokenRequestParams.tokenEndpoint), requestBody) postMethod.addRequestHeader(AUTHORIZATION_HEADER, tokenRequestParams.clientAuth) From df8e10fac3e589150c67a1a9a43fea886d2b170d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Garci=CC=81a=20de=20Prada?= Date: Wed, 23 Dec 2020 18:00:11 +0100 Subject: [PATCH 07/10] Polish code. Send only info required for each type of request --- .../oauth/TokenRequestRemoteOperation.kt | 8 +-- .../oauth/params/TokenRequestParams.kt | 55 ++++++++++++++++--- 2 files changed, 48 insertions(+), 15 deletions(-) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt index c927d11b..79bba2e3 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt @@ -59,13 +59,7 @@ class TokenRequestRemoteOperation( var result: RemoteOperationResult try { - val requestBody = FormBody.Builder() - .add(HEADER_AUTHORIZATION_CODE, tokenRequestParams.authorizationCode) - .add(HEADER_GRANT_TYPE, tokenRequestParams.grantType) - .add(HEADER_REDIRECT_URI, tokenRequestParams.redirectUri) - .add(HEADER_CODE_VERIFIER, tokenRequestParams.codeVerifier) - .add(HEADER_REFRESH_TOKEN, tokenRequestParams.refreshToken.orEmpty()) - .build() + val requestBody = tokenRequestParams.toRequestBody() val postMethod = PostMethod(URL(tokenRequestParams.tokenEndpoint), requestBody) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt index 00b34f85..bc1a1293 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt @@ -23,12 +23,51 @@ */ package com.owncloud.android.lib.resources.oauth.params -class TokenRequestParams( +import com.owncloud.android.lib.common.http.HttpConstants +import okhttp3.FormBody +import okhttp3.RequestBody + +sealed class TokenRequestParams( val tokenEndpoint: String, - val authorizationCode: String, - val grantType: String, - val redirectUri: String, - val refreshToken: String? = null, - val codeVerifier: String, - val clientAuth: String -) + val clientAuth: String, + val grantType: String +) { + abstract fun toRequestBody(): RequestBody + + class Authorization( + tokenEndpoint: String, + clientAuth: String, + grantType: String, + val authorizationCode: String, + val redirectUri: String, + val codeVerifier: String + ) : TokenRequestParams(tokenEndpoint, clientAuth, grantType) { + + override fun toRequestBody(): RequestBody { + return FormBody.Builder() + .add(HttpConstants.HEADER_AUTHORIZATION_CODE, authorizationCode) + .add(HttpConstants.HEADER_GRANT_TYPE, grantType) + .add(HttpConstants.HEADER_REDIRECT_URI, redirectUri) + .add(HttpConstants.HEADER_CODE_VERIFIER, codeVerifier) + .build() + } + } + + class RefreshToken( + tokenEndpoint: String, + clientAuth: String, + grantType: String, + val refreshToken: String? = null + ) : TokenRequestParams(tokenEndpoint, clientAuth, grantType) { + + override fun toRequestBody(): RequestBody { + return FormBody.Builder().apply { + add(HttpConstants.HEADER_GRANT_TYPE, grantType) + if (!refreshToken.isNullOrBlank()) { + add(HttpConstants.HEADER_REFRESH_TOKEN, refreshToken) + } + }.build() + + } + } +} From 44a13f98780fa269a7e909c733e507f8c6f370e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Garci=CC=81a=20de=20Prada?= Date: Wed, 13 Jan 2021 15:34:07 +0100 Subject: [PATCH 08/10] Polish a little bit the code --- .../owncloud/android/lib/common/http/HttpConstants.java | 1 - .../lib/resources/oauth/TokenRequestRemoteOperation.kt | 7 ------- .../lib/resources/oauth/params/TokenRequestParams.kt | 4 +--- 3 files changed, 1 insertion(+), 11 deletions(-) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java index cab87f26..63acd52e 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java @@ -55,7 +55,6 @@ public class HttpConstants { public static final String HEADER_AUTHORIZATION_CODE = "code"; public static final String HEADER_GRANT_TYPE = "grant_type"; public static final String HEADER_REDIRECT_URI = "redirect_uri"; - public static final String HEADER_CODE_VERIFIER = "code_verifier"; public static final String HEADER_REFRESH_TOKEN = "refresh_token"; /*********************************************************************************************************** diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt index 79bba2e3..cd3c9763 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt @@ -28,11 +28,6 @@ package com.owncloud.android.lib.resources.oauth import com.owncloud.android.lib.common.OwnCloudClient import com.owncloud.android.lib.common.http.HttpConstants.AUTHORIZATION_HEADER -import com.owncloud.android.lib.common.http.HttpConstants.HEADER_AUTHORIZATION_CODE -import com.owncloud.android.lib.common.http.HttpConstants.HEADER_CODE_VERIFIER -import com.owncloud.android.lib.common.http.HttpConstants.HEADER_GRANT_TYPE -import com.owncloud.android.lib.common.http.HttpConstants.HEADER_REDIRECT_URI -import com.owncloud.android.lib.common.http.HttpConstants.HEADER_REFRESH_TOKEN import com.owncloud.android.lib.common.http.HttpConstants.HTTP_OK import com.owncloud.android.lib.common.http.methods.nonwebdav.PostMethod import com.owncloud.android.lib.common.operations.RemoteOperation @@ -41,8 +36,6 @@ import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams import com.owncloud.android.lib.resources.oauth.responses.TokenResponse import com.squareup.moshi.JsonAdapter import com.squareup.moshi.Moshi -import okhttp3.FormBody -import okio.ByteString.Companion.encodeUtf8 import timber.log.Timber import java.net.URL diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt index bc1a1293..1a1109b0 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt @@ -39,8 +39,7 @@ sealed class TokenRequestParams( clientAuth: String, grantType: String, val authorizationCode: String, - val redirectUri: String, - val codeVerifier: String + val redirectUri: String ) : TokenRequestParams(tokenEndpoint, clientAuth, grantType) { override fun toRequestBody(): RequestBody { @@ -48,7 +47,6 @@ sealed class TokenRequestParams( .add(HttpConstants.HEADER_AUTHORIZATION_CODE, authorizationCode) .add(HttpConstants.HEADER_GRANT_TYPE, grantType) .add(HttpConstants.HEADER_REDIRECT_URI, redirectUri) - .add(HttpConstants.HEADER_CODE_VERIFIER, codeVerifier) .build() } } From 0d09540f9bc4e52706c2f50e4195517b0319537b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Garci=CC=81a=20de=20Prada?= Date: Wed, 13 Jan 2021 15:53:08 +0100 Subject: [PATCH 09/10] Apply suggestions from CR --- .../oauth/GetOIDCDiscoveryRemoteOperation.kt | 17 ++++++++--------- .../oauth/TokenRequestRemoteOperation.kt | 18 ++++++++---------- 2 files changed, 16 insertions(+), 19 deletions(-) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/GetOIDCDiscoveryRemoteOperation.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/GetOIDCDiscoveryRemoteOperation.kt index 204a939e..9cebcf44 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/GetOIDCDiscoveryRemoteOperation.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/GetOIDCDiscoveryRemoteOperation.kt @@ -45,8 +45,6 @@ import java.net.URL class GetOIDCDiscoveryRemoteOperation : RemoteOperation() { override fun run(client: OwnCloudClient): RemoteOperationResult { - var result: RemoteOperationResult - try { val uriBuilder = client.baseUri.buildUpon().apply { appendPath(WELL_KNOWN_PATH) // avoid starting "/" in this method @@ -68,22 +66,23 @@ class GetOIDCDiscoveryRemoteOperation : RemoteOperation() val moshi: Moshi = Moshi.Builder().build() val jsonAdapter: JsonAdapter = moshi.adapter(OIDCDiscoveryResponse::class.java) val oidcDiscoveryResponse: OIDCDiscoveryResponse? = jsonAdapter.fromJson(responseBody) + Timber.d("Get OIDC Discovery completed and parsed to [$oidcDiscoveryResponse]") - result = RemoteOperationResult(RemoteOperationResult.ResultCode.OK) - result.data = oidcDiscoveryResponse + return RemoteOperationResult(RemoteOperationResult.ResultCode.OK).apply { + data = oidcDiscoveryResponse + } - Timber.d("Get OIDC Discovery completed and parsed to $oidcDiscoveryResponse") } else { - result = RemoteOperationResult(getMethod) Timber.e("Failed response while getting OIDC server discovery from the server status code: $status; response message: $responseBody") + + return RemoteOperationResult(getMethod) } } catch (e: Exception) { - result = RemoteOperationResult(e) Timber.e(e, "Exception while getting OIDC server discovery") - } - return result + return RemoteOperationResult(e) + } } companion object { diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt index cd3c9763..67253c4c 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt @@ -49,8 +49,6 @@ class TokenRequestRemoteOperation( ) : RemoteOperation() { override fun run(client: OwnCloudClient): RemoteOperationResult { - var result: RemoteOperationResult - try { val requestBody = tokenRequestParams.toRequestBody() @@ -69,21 +67,21 @@ class TokenRequestRemoteOperation( val moshi: Moshi = Moshi.Builder().build() val jsonAdapter: JsonAdapter = moshi.adapter(TokenResponse::class.java) val tokenResponse: TokenResponse? = jsonAdapter.fromJson(responseBody) - - result = RemoteOperationResult(RemoteOperationResult.ResultCode.OK) - result.data = tokenResponse - Timber.d("Get tokens completed and parsed to $tokenResponse") + + return RemoteOperationResult(RemoteOperationResult.ResultCode.OK).apply { + data = tokenResponse + } + } else { - result = RemoteOperationResult(postMethod) Timber.e("Failed response while getting tokens from the server status code: $status; response message: $responseBody") + return RemoteOperationResult(postMethod) } } catch (e: Exception) { - result = RemoteOperationResult(e) Timber.e(e, "Exception while getting tokens") - } + return RemoteOperationResult(e) - return result + } } } From 9ae720502f42fe7bdbe0d3154f79f8bf3aacc4aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Garci=CC=81a=20de=20Prada?= Date: Wed, 20 Jan 2021 12:42:29 +0100 Subject: [PATCH 10/10] Apply Code Review suggestions --- .../android/lib/common/http/HttpConstants.java | 8 ++++---- .../lib/resources/oauth/params/TokenRequestParams.kt | 10 +++++----- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java index 63acd52e..ad8c6d1c 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java @@ -52,10 +52,10 @@ public class HttpConstants { public static final String OC_FILE_REMOTE_ID = "OC-FileId"; // OAuth - public static final String HEADER_AUTHORIZATION_CODE = "code"; - public static final String HEADER_GRANT_TYPE = "grant_type"; - public static final String HEADER_REDIRECT_URI = "redirect_uri"; - public static final String HEADER_REFRESH_TOKEN = "refresh_token"; + public static final String OAUTH_HEADER_AUTHORIZATION_CODE = "code"; + public static final String OAUTH_HEADER_GRANT_TYPE = "grant_type"; + public static final String OAUTH_HEADER_REDIRECT_URI = "redirect_uri"; + public static final String OAUTH_HEADER_REFRESH_TOKEN = "refresh_token"; /*********************************************************************************************************** ************************************************ CONTENT TYPES ******************************************** diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt index 1a1109b0..eef3823a 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt @@ -44,9 +44,9 @@ sealed class TokenRequestParams( override fun toRequestBody(): RequestBody { return FormBody.Builder() - .add(HttpConstants.HEADER_AUTHORIZATION_CODE, authorizationCode) - .add(HttpConstants.HEADER_GRANT_TYPE, grantType) - .add(HttpConstants.HEADER_REDIRECT_URI, redirectUri) + .add(HttpConstants.OAUTH_HEADER_AUTHORIZATION_CODE, authorizationCode) + .add(HttpConstants.OAUTH_HEADER_GRANT_TYPE, grantType) + .add(HttpConstants.OAUTH_HEADER_REDIRECT_URI, redirectUri) .build() } } @@ -60,9 +60,9 @@ sealed class TokenRequestParams( override fun toRequestBody(): RequestBody { return FormBody.Builder().apply { - add(HttpConstants.HEADER_GRANT_TYPE, grantType) + add(HttpConstants.OAUTH_HEADER_GRANT_TYPE, grantType) if (!refreshToken.isNullOrBlank()) { - add(HttpConstants.HEADER_REFRESH_TOKEN, refreshToken) + add(HttpConstants.OAUTH_HEADER_REFRESH_TOKEN, refreshToken) } }.build()