From 5d3bba65e262ee0a8625816cb2255be9f298637c Mon Sep 17 00:00:00 2001
From: davigonz <dgonzalez@solidgear.es>
Date: Mon, 1 Oct 2018 10:16:12 +0200
Subject: [PATCH] Fix SAML with new cookies handling

---
 .../android/lib/common/OwnCloudClient.java    |  4 ----
 .../lib/common/SingleSessionManager.java      | 23 ++++++++++++-------
 .../android/lib/common/http/HttpClient.java   | 16 +++++++++++++
 .../common/http/methods/HttpBaseMethod.java   |  8 ++++---
 .../common/operations/RemoteOperation.java    |  1 -
 5 files changed, 36 insertions(+), 16 deletions(-)

diff --git a/src/com/owncloud/android/lib/common/OwnCloudClient.java b/src/com/owncloud/android/lib/common/OwnCloudClient.java
index a6ed730b..3dd193af 100644
--- a/src/com/owncloud/android/lib/common/OwnCloudClient.java
+++ b/src/com/owncloud/android/lib/common/OwnCloudClient.java
@@ -115,10 +115,6 @@ public class OwnCloudClient extends HttpClient {
         mCredentials.applyTo(this);
     }
 
-    public void applyCookies() {
-        AccountUtils.restoreCookies(this.getAccount().getSavedAccount(), this, getContext());
-    }
-
     public int executeHttpMethod (HttpBaseMethod method) throws Exception {
 
         boolean repeatWithFreshCredentials;
diff --git a/src/com/owncloud/android/lib/common/SingleSessionManager.java b/src/com/owncloud/android/lib/common/SingleSessionManager.java
index 7e3096c1..b786c55d 100644
--- a/src/com/owncloud/android/lib/common/SingleSessionManager.java
+++ b/src/com/owncloud/android/lib/common/SingleSessionManager.java
@@ -43,6 +43,7 @@ import android.util.Log;
 import com.owncloud.android.lib.common.accounts.AccountUtils;
 import com.owncloud.android.lib.common.accounts.AccountUtils.AccountNotFoundException;
 import com.owncloud.android.lib.common.authentication.OwnCloudCredentials;
+import com.owncloud.android.lib.common.authentication.OwnCloudSamlSsoCredentials;
 import com.owncloud.android.lib.common.utils.Log_OC;
 
 import okhttp3.Cookie;
@@ -55,6 +56,7 @@ import okhttp3.Cookie;
  * @author David A. Velasco
  * @author masensio
  * @author Christian Schabesberger
+ * @author David González Verdugo
  */
 
 public class SingleSessionManager implements OwnCloudClientManager {
@@ -124,10 +126,12 @@ public class SingleSessionManager implements OwnCloudClientManager {
             client.setContext(context);
             client.setOwnCloudClientManager(this);
 
-            // enable cookie tracking
-            AccountUtils.restoreCookies(account.getSavedAccount(), client, context);
-
             client.setCredentials(account.getCredentials());
+
+            if (client.getCredentials() instanceof OwnCloudSamlSsoCredentials) {
+                client.disableAutomaticCookiesHandling();
+            }
+
             if (accountName != null) {
                 mClientsWithKnownUsername.put(accountName, client);
                 if (Log.isLoggable(TAG, Log.VERBOSE)) {
@@ -144,6 +148,7 @@ public class SingleSessionManager implements OwnCloudClientManager {
             if (!reusingKnown && Log.isLoggable(TAG, Log.VERBOSE)) {
                 Log_OC.v(TAG, "reusing client for session " + sessionName);
             }
+
             keepCredentialsUpdated(account, client);
             keepCookiesUpdated(context, account, client);
             keepUriUpdated(account, client);
@@ -189,7 +194,6 @@ public class SingleSessionManager implements OwnCloudClientManager {
             Log_OC.d(TAG, "removeClientFor finishing ");
         }
         return null;
-
     }
 
 
@@ -224,15 +228,18 @@ public class SingleSessionManager implements OwnCloudClientManager {
         if (recentCredentials != null && !recentCredentials.getAuthToken().equals(
             reusedClient.getCredentials().getAuthToken())) {
             reusedClient.setCredentials(recentCredentials);
+            reusedClient.applyCredentials();
         }
     }
 
     private void keepCookiesUpdated(Context context, OwnCloudAccount account, OwnCloudClient reusedClient) {
         AccountManager am = AccountManager.get(context.getApplicationContext());
-        String currentCookies = am.getUserData(account.getSavedAccount(), AccountUtils.Constants.KEY_COOKIES);
-        String previousCookies = reusedClient.getCookiesString();
-        if (currentCookies != null && previousCookies != "" && !currentCookies.equals(previousCookies)) {
-            AccountUtils.restoreCookies(account.getSavedAccount(), reusedClient, context);
+        if (am != null && account.getSavedAccount() != null) {
+            String recentCookies = am.getUserData(account.getSavedAccount(), AccountUtils.Constants.KEY_COOKIES);
+            String previousCookies = reusedClient.getCookiesString();
+            if (recentCookies != null && previousCookies != "" && !recentCookies.equals(previousCookies)) {
+                AccountUtils.restoreCookies(account.getSavedAccount(), reusedClient, context);
+            }
         }
     }
 
diff --git a/src/com/owncloud/android/lib/common/http/HttpClient.java b/src/com/owncloud/android/lib/common/http/HttpClient.java
index a29a95af..4820fc1d 100644
--- a/src/com/owncloud/android/lib/common/http/HttpClient.java
+++ b/src/com/owncloud/android/lib/common/http/HttpClient.java
@@ -135,6 +135,22 @@ public class HttpClient {
         sOkHttpClient = clientBuilder.build();
     }
 
+    public void disableAutomaticCookiesHandling() {
+        OkHttpClient.Builder clientBuilder = getOkHttpClient().newBuilder();
+        clientBuilder.cookieJar(new CookieJar() {
+            @Override
+            public void saveFromResponse(HttpUrl url, List<Cookie> cookies) {
+                // DO NOTHING
+            }
+
+            @Override
+            public List<Cookie> loadForRequest(HttpUrl url) {
+                return new ArrayList<>();
+            }
+        });
+        sOkHttpClient = clientBuilder.build();
+    }
+
     /**
      * Add header that will be included for all the requests from now on
      * @param headerName
diff --git a/src/com/owncloud/android/lib/common/http/methods/HttpBaseMethod.java b/src/com/owncloud/android/lib/common/http/methods/HttpBaseMethod.java
index cbb44a64..4444b964 100644
--- a/src/com/owncloud/android/lib/common/http/methods/HttpBaseMethod.java
+++ b/src/com/owncloud/android/lib/common/http/methods/HttpBaseMethod.java
@@ -51,6 +51,7 @@ public abstract class HttpBaseMethod {
     protected Request mRequest;
     protected RequestBody mRequestBody;
     protected Response mResponse;
+    protected String mResponseBodyString;
     protected Call mCall;
 
     protected HttpBaseMethod(URL url) {
@@ -103,10 +104,11 @@ public abstract class HttpBaseMethod {
     }
 
     public String getResponseBodyAsString() throws IOException {
-        if (mResponse.body() != null) {
-            return mResponse.body().string();
+        if (mResponseBodyString == null && mResponse.body() != null) {
+            mResponseBodyString = mResponse.body().string();
         }
-        return null;
+
+        return mResponseBodyString;
     }
 
     public InputStream getResponseBodyAsStream() {
diff --git a/src/com/owncloud/android/lib/common/operations/RemoteOperation.java b/src/com/owncloud/android/lib/common/operations/RemoteOperation.java
index 2dc5487e..9c769aee 100644
--- a/src/com/owncloud/android/lib/common/operations/RemoteOperation.java
+++ b/src/com/owncloud/android/lib/common/operations/RemoteOperation.java
@@ -145,7 +145,6 @@ public abstract class RemoteOperation<T extends Object> implements Runnable {
                 OwnCloudAccount ocAccount = new OwnCloudAccount(mAccount, mContext);
                 mClient = OwnCloudClientManagerFactory.getDefaultSingleton().
                         getClientFor(ocAccount, mContext);
-                mClient.applyCredentials();
             } else {
                 throw new IllegalStateException("Trying to run a remote operation " +
                         "asynchronously with no client and no chance to create one (no account)");