flywithu/android-library
1
0
Fork 0
mirror of https://github.com/owncloud/android-library.git synced 2025-10-31 02:17:41 +00:00
Code Issues Releases Wiki Activity

Ensure that SAML credentials will be invalidated if appropriate

Browse Source
This commit is contained in:
davigonz 2017-08-17 10:45:01 +02:00
parent e466bac6b1
commit 12d04bb63c
1 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/com/owncloud/android/lib/common/OwnCloudClient.java
View File

@ -93,7 +93,7 @@ public class OwnCloudClient extends HttpClient {
*/
private boolean mSilentRefreshOfAccountCredentials = true;
private String mRedirectedLocation;
/**
* Constructor
@ -278,6 +278,7 @@ public class OwnCloudClient extends HttpClient {
int redirectionsCount = 0;
int status = method.getStatusCode();
RedirectionPath result = new RedirectionPath(status, MAX_REDIRECTIONS_COUNT);
while (redirectionsCount < MAX_REDIRECTIONS_COUNT &&
(status == HttpStatus.SC_MOVED_PERMANENTLY ||
status == HttpStatus.SC_MOVED_TEMPORARILY ||
@ -295,6 +296,8 @@ public class OwnCloudClient extends HttpClient {
String locationStr = location.getValue();
result.addLocation(locationStr);
mRedirectedLocation = locationStr;
// Release the connection to avoid reach the max number of connections per host
// due to it will be set a different url
exhaustResponse(method.getResponseBodyAsStream());
@ -568,7 +571,7 @@ public class OwnCloudClient extends HttpClient {
*/
private boolean shouldInvalidateAccountCredentials(int httpStatusCode) {
boolean should = (httpStatusCode == HttpStatus.SC_UNAUTHORIZED); // invalid credentials
boolean should = (httpStatusCode == HttpStatus.SC_UNAUTHORIZED || isIdPRedirection()); // invalid credentials
should &= (mCredentials != null && // real credentials
!(mCredentials instanceof OwnCloudCredentialsFactory.OwnCloudAnonymousCredentials));
@ -605,4 +608,13 @@ public class OwnCloudClient extends HttpClient {
mOwnCloudClientManager = clientManager;
}
/**
* Check if the redirection is to an identity provider such as SAML or wayf
* @return true if the redirection location includes SAML or wayf, false otherwise
*/
private boolean isIdPRedirection() {
return (mRedirectedLocation != null &&
(mRedirectedLocation.toUpperCase().contains("SAML") ||
mRedirectedLocation.toLowerCase().contains("wayf")));
}
}