From 44967be4e3a2d0dded868927478517633ff98218 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Abel=20Garci=CC=81a=20de=20Prada?= Date: Tue, 22 Dec 2020 15:39:39 +0100 Subject: [PATCH] First draft of request token implementation --- .../android/lib/common/OwnCloudClient.java | 10 +- .../OwnCloudCredentialsFactory.java | 4 - .../lib/common/http/HttpConstants.java | 6 + .../oauth/TokenRequestRemoteOperation.kt | 104 ++++++++++++++++++ .../oauth/params/TokenRequestParams.kt | 33 ++++++ .../oauth/responses/TokenResponse.kt | 45 ++++++++ .../resources/oauth/services/OIDCService.kt | 7 ++ .../services/implementation/OCOIDCService.kt | 11 +- 8 files changed, 210 insertions(+), 10 deletions(-) create mode 100644 owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt create mode 100644 owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt create mode 100644 owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java index 331ad7a0..8d27c34a 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/OwnCloudClient.java @@ -48,15 +48,15 @@ import java.io.IOException; import java.io.InputStream; import java.util.List; +import static com.owncloud.android.lib.common.http.HttpConstants.AUTHORIZATION_HEADER; import static com.owncloud.android.lib.common.http.HttpConstants.OC_X_REQUEST_ID; public class OwnCloudClient extends HttpClient { public static final String WEBDAV_FILES_PATH_4_0 = "/remote.php/dav/files/"; public static final String WEBDAV_PATH_4_0_AND_LATER = "/remote.php/dav"; - private static final String WEBDAV_UPLOADS_PATH_4_0 = "/remote.php/dav/uploads/"; public static final String STATUS_PATH = "/status.php"; - + private static final String WEBDAV_UPLOADS_PATH_4_0 = "/remote.php/dav/uploads/"; private static final int MAX_REDIRECTIONS_COUNT = 3; private static final int MAX_REPEAT_COUNT_WITH_FRESH_CREDENTIALS = 1; @@ -104,8 +104,8 @@ public class OwnCloudClient extends HttpClient { method.setRequestHeader(HttpConstants.OC_X_REQUEST_ID, requestId); method.setRequestHeader(HttpConstants.USER_AGENT_HEADER, SingleSessionManager.getUserAgent()); method.setRequestHeader(HttpConstants.ACCEPT_ENCODING_HEADER, HttpConstants.ACCEPT_ENCODING_IDENTITY); - if (mCredentials.getHeaderAuth() != null) { - method.setRequestHeader(HttpConstants.AUTHORIZATION_HEADER, mCredentials.getHeaderAuth()); + if (mCredentials.getHeaderAuth() != null && method.getRequestHeader(AUTHORIZATION_HEADER) == null) { + method.setRequestHeader(AUTHORIZATION_HEADER, mCredentials.getHeaderAuth()); } status = method.execute(); @@ -136,7 +136,7 @@ public class OwnCloudClient extends HttpClient { method.setRequestHeader(HttpConstants.USER_AGENT_HEADER, SingleSessionManager.getUserAgent()); method.setRequestHeader(HttpConstants.ACCEPT_ENCODING_HEADER, HttpConstants.ACCEPT_ENCODING_IDENTITY); if (mCredentials.getHeaderAuth() != null) { - method.setRequestHeader(HttpConstants.AUTHORIZATION_HEADER, mCredentials.getHeaderAuth()); + method.setRequestHeader(AUTHORIZATION_HEADER, mCredentials.getHeaderAuth()); } status = method.execute(); diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/authentication/OwnCloudCredentialsFactory.java b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/authentication/OwnCloudCredentialsFactory.java index 3d5dae91..621a5c75 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/authentication/OwnCloudCredentialsFactory.java +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/authentication/OwnCloudCredentialsFactory.java @@ -24,10 +24,6 @@ package com.owncloud.android.lib.common.authentication; -import com.owncloud.android.lib.common.OwnCloudClient; -import com.owncloud.android.lib.common.http.HttpClient; -import com.owncloud.android.lib.common.http.HttpConstants; - public class OwnCloudCredentialsFactory { public static final String CREDENTIAL_CHARSET = "UTF-8"; diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java index b86534a3..4a2eb327 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/common/http/HttpConstants.java @@ -51,6 +51,12 @@ public class HttpConstants { public static final String ACCEPT_ENCODING_IDENTITY = "identity"; public static final String OC_FILE_REMOTE_ID = "OC-FileId"; + // OAuth + public static final String HEADER_AUTHORIZATION_CODE = "code"; + public static final String HEADER_GRANT_TYPE = "grant_type"; + public static final String HEADER_REDIRECT_URI = "redirect_uri"; + public static final String HEADER_CODE_VERIFIER = "code_verifier"; + /*********************************************************************************************************** ************************************************ CONTENT TYPES ******************************************** ***********************************************************************************************************/ diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt new file mode 100644 index 00000000..3f96d3fd --- /dev/null +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/TokenRequestRemoteOperation.kt @@ -0,0 +1,104 @@ +/* ownCloud Android Library is available under MIT license + * + * @author Abel García de Prada + * + * Copyright (C) 2020 ownCloud GmbH. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + */ +package com.owncloud.android.lib.resources.oauth + +import com.owncloud.android.lib.common.OwnCloudClient +import com.owncloud.android.lib.common.http.HttpConstants.AUTHORIZATION_HEADER +import com.owncloud.android.lib.common.http.HttpConstants.HEADER_AUTHORIZATION_CODE +import com.owncloud.android.lib.common.http.HttpConstants.HEADER_CODE_VERIFIER +import com.owncloud.android.lib.common.http.HttpConstants.HEADER_GRANT_TYPE +import com.owncloud.android.lib.common.http.HttpConstants.HEADER_REDIRECT_URI +import com.owncloud.android.lib.common.http.HttpConstants.HTTP_OK +import com.owncloud.android.lib.common.http.methods.nonwebdav.PostMethod +import com.owncloud.android.lib.common.operations.RemoteOperation +import com.owncloud.android.lib.common.operations.RemoteOperationResult +import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams +import com.owncloud.android.lib.resources.oauth.responses.TokenResponse +import com.squareup.moshi.JsonAdapter +import com.squareup.moshi.Moshi +import okhttp3.FormBody +import okio.ByteString.Companion.encodeUtf8 +import timber.log.Timber +import java.net.URL + +/** + * Get OIDC Discovery + * + * @author Abel García de Prada + */ +class TokenRequestRemoteOperation( + private val tokenRequestParams: TokenRequestParams +) : RemoteOperation() { + + override fun run(client: OwnCloudClient): RemoteOperationResult { + var result: RemoteOperationResult + + try { + val uriBuilder = client.baseUri.buildUpon().apply { + appendEncodedPath(tokenRequestParams.tokenEndpoint) + }.build() + + val requestBody = FormBody.Builder() + .add(HEADER_AUTHORIZATION_CODE, tokenRequestParams.authorizationCode) + .add(HEADER_GRANT_TYPE, tokenRequestParams.grantType) + .add(HEADER_REDIRECT_URI, tokenRequestParams.redirectUri) + .add(HEADER_CODE_VERIFIER, tokenRequestParams.codeVerifier) + .build() + + val postMethod = PostMethod(URL(uriBuilder.toString()), requestBody) + + postMethod.addRequestHeader(AUTHORIZATION_HEADER, tokenRequestParams.clientAuth) + + val status = client.executeHttpMethod(postMethod) + + val responseBody = postMethod.getResponseBodyAsString() + + if (status == HTTP_OK && responseBody != null) { + Timber.d("Successful response $responseBody") + + // Parse the response + val moshi: Moshi = Moshi.Builder().build() + val jsonAdapter: JsonAdapter = moshi.adapter(TokenResponse::class.java) + val tokenResponse: TokenResponse? = jsonAdapter.fromJson(responseBody) + + result = RemoteOperationResult(RemoteOperationResult.ResultCode.OK) + result.data = tokenResponse + + Timber.d("Get tokens completed and parsed to $tokenResponse") + } else { + result = RemoteOperationResult(postMethod) + Timber.e("Failed response while getting tokens from the server status code: $status; response message: $responseBody") + } + + } catch (e: Exception) { + result = RemoteOperationResult(e) + Timber.e(e, "Exception while getting tokens") + } + + return result + } +} diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt new file mode 100644 index 00000000..3ac743be --- /dev/null +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/params/TokenRequestParams.kt @@ -0,0 +1,33 @@ +/* ownCloud Android Library is available under MIT license + * + * Copyright (C) 2020 ownCloud GmbH. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ +package com.owncloud.android.lib.resources.oauth.params + +class TokenRequestParams( + val tokenEndpoint: String, + val authorizationCode: String, + val grantType: String, + val redirectUri: String, + val codeVerifier: String, + val clientAuth: String +) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt new file mode 100644 index 00000000..05b0ea8c --- /dev/null +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/responses/TokenResponse.kt @@ -0,0 +1,45 @@ +/* ownCloud Android Library is available under MIT license + * + * Copyright (C) 2020 ownCloud GmbH. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + */ + +package com.owncloud.android.lib.resources.oauth.responses + +import com.squareup.moshi.Json +import com.squareup.moshi.JsonClass + +@JsonClass(generateAdapter = true) +data class TokenResponse( + @Json(name = "access_token") + val accessToken: String, + @Json(name = "expires_in") + val expiresIn: Int, + @Json(name = "refresh_token") + val refreshToken: String, + @Json(name = "token_type") + val tokenType: String, + @Json(name = "user_id") + val userId: String?, + val scope: String?, + @Json(name = "additional_parameters") + val additionalParameters: Map? +) diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt index d877370f..8955e6ba 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/OIDCService.kt @@ -25,10 +25,17 @@ package com.owncloud.android.lib.resources.oauth.services import com.owncloud.android.lib.common.OwnCloudClient import com.owncloud.android.lib.common.operations.RemoteOperationResult +import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse +import com.owncloud.android.lib.resources.oauth.responses.TokenResponse interface OIDCService { fun getOIDCServerDiscovery(ownCloudClient: OwnCloudClient): RemoteOperationResult + fun performTokenRequest( + ownCloudClient: OwnCloudClient, + tokenRequest: TokenRequestParams + ): RemoteOperationResult + } diff --git a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt index ab74ba4b..abc069af 100644 --- a/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt +++ b/owncloudComLibrary/src/main/java/com/owncloud/android/lib/resources/oauth/services/implementation/OCOIDCService.kt @@ -26,14 +26,23 @@ package com.owncloud.android.lib.resources.oauth.services.implementation import com.owncloud.android.lib.common.OwnCloudClient import com.owncloud.android.lib.common.operations.RemoteOperationResult import com.owncloud.android.lib.resources.oauth.GetOIDCDiscoveryRemoteOperation +import com.owncloud.android.lib.resources.oauth.TokenRequestRemoteOperation +import com.owncloud.android.lib.resources.oauth.params.TokenRequestParams import com.owncloud.android.lib.resources.oauth.responses.OIDCDiscoveryResponse +import com.owncloud.android.lib.resources.oauth.responses.TokenResponse import com.owncloud.android.lib.resources.oauth.services.OIDCService -class OCOIDCService() : OIDCService { +class OCOIDCService : OIDCService { override fun getOIDCServerDiscovery( ownCloudClient: OwnCloudClient ): RemoteOperationResult = GetOIDCDiscoveryRemoteOperation().execute(ownCloudClient) + override fun performTokenRequest( + ownCloudClient: OwnCloudClient, + tokenRequest: TokenRequestParams + ): RemoteOperationResult = + TokenRequestRemoteOperation(tokenRequest).execute(ownCloudClient) + }