From 12d04bb63c7960469aeed51f3613adf181ab6c80 Mon Sep 17 00:00:00 2001
From: davigonz <dgonzalez@solidgear.es>
Date: Thu, 17 Aug 2017 10:45:01 +0200
Subject: [PATCH] Ensure that SAML credentials will be invalidated if
 appropriate

---
 .../android/lib/common/OwnCloudClient.java       | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/com/owncloud/android/lib/common/OwnCloudClient.java b/src/com/owncloud/android/lib/common/OwnCloudClient.java
index 99433d2c..1ff53fd4 100644
--- a/src/com/owncloud/android/lib/common/OwnCloudClient.java
+++ b/src/com/owncloud/android/lib/common/OwnCloudClient.java
@@ -93,7 +93,7 @@ public class OwnCloudClient extends HttpClient {
      */
     private boolean mSilentRefreshOfAccountCredentials = true;
 
-
+    private String mRedirectedLocation;
 
     /**
      * Constructor
@@ -278,6 +278,7 @@ public class OwnCloudClient extends HttpClient {
         int redirectionsCount = 0;
         int status = method.getStatusCode();
         RedirectionPath result = new RedirectionPath(status, MAX_REDIRECTIONS_COUNT);
+
         while (redirectionsCount < MAX_REDIRECTIONS_COUNT &&
             (status == HttpStatus.SC_MOVED_PERMANENTLY ||
                 status == HttpStatus.SC_MOVED_TEMPORARILY ||
@@ -295,6 +296,8 @@ public class OwnCloudClient extends HttpClient {
                 String locationStr = location.getValue();
                 result.addLocation(locationStr);
 
+                mRedirectedLocation = locationStr;
+
                 // Release the connection to avoid reach the max number of connections per host
                 // due to it will be set a different url
                 exhaustResponse(method.getResponseBodyAsStream());
@@ -568,7 +571,7 @@ public class OwnCloudClient extends HttpClient {
      */
     private boolean shouldInvalidateAccountCredentials(int httpStatusCode) {
 
-        boolean should = (httpStatusCode == HttpStatus.SC_UNAUTHORIZED);   // invalid credentials
+        boolean should = (httpStatusCode == HttpStatus.SC_UNAUTHORIZED || isIdPRedirection());   // invalid credentials
 
         should &= (mCredentials != null &&         // real credentials
             !(mCredentials instanceof OwnCloudCredentialsFactory.OwnCloudAnonymousCredentials));
@@ -605,4 +608,13 @@ public class OwnCloudClient extends HttpClient {
         mOwnCloudClientManager = clientManager;
     }
 
+    /**
+     * Check if the redirection is to an identity provider such as SAML or wayf
+     * @return true if the redirection location includes SAML or wayf, false otherwise
+     */
+    private boolean isIdPRedirection() {
+        return (mRedirectedLocation != null &&
+                (mRedirectedLocation.toUpperCase().contains("SAML") ||
+                        mRedirectedLocation.toLowerCase().contains("wayf")));
+    }
 }