Changes to invalidate SAML credentials properly

2025-06-07 16:06:08 +00:00 · 2017-08-17 11:16:32 +02:00 · 2017-08-17 11:16:32 +02:00 · 75821de7a3
commit 75821de7a3
parent 12d04bb63c
2 changed files with 23 additions and 12 deletions
--- a/src/com/owncloud/android/lib/common/OwnCloudClient.java
+++ b/src/com/owncloud/android/lib/common/OwnCloudClient.java
@ -1,5 +1,5 @@
 /* ownCloud Android Library is available under MIT license
- *   Copyright (C) 2016 ownCloud GmbH.
+ *   Copyright (C) 2017 ownCloud GmbH.
 *   Copyright (C) 2012  Bartek Przybylski
 *   
 *   Permission is hereby granted, free of charge, to any person obtaining a copy
@ -229,6 +229,8 @@ public class OwnCloudClient extends HttpClient {

            status = super.executeMethod(method);

+            checkFirstRedirection(method);
+
            if (mFollowRedirects) {
                status = followRedirection(method).getLastStatus();
            }
@ -247,6 +249,18 @@ public class OwnCloudClient extends HttpClient {
        return status;
    }

+    private void checkFirstRedirection(HttpMethod method) {
+        Header[] httpHeaders = method.getResponseHeaders();
+
+        for (Header httpHeader : httpHeaders) {
+
+            if ("location".equals(httpHeader.getName().toLowerCase())) {
+                mRedirectedLocation = httpHeader.getValue();
+                break;
+            }
+        }
+    }
+
    /**
     * Fix for https://github.com/owncloud/android/issues/1847#issuecomment-267558274
     *
@ -290,13 +304,12 @@ public class OwnCloudClient extends HttpClient {
                location = method.getResponseHeader("location");
            }
            if (location != null) {
-                Log_OC.d(TAG + " #" + mInstanceNumber,
-                    "Location to redirect: " + location.getValue());
-
                String locationStr = location.getValue();
-                result.addLocation(locationStr);

-                mRedirectedLocation = locationStr;
+                Log_OC.d(TAG + " #" + mInstanceNumber,
+                    "Location to redirect: " + locationStr);
+
+                result.addLocation(locationStr);

                // Release the connection to avoid reach the max number of connections per host
                // due to it will be set a different url
--- a/src/com/owncloud/android/lib/common/operations/RemoteOperationResult.java
+++ b/src/com/owncloud/android/lib/common/operations/RemoteOperationResult.java
@ -313,15 +313,13 @@ public class RemoteOperationResult implements Serializable {
    public RemoteOperationResult(boolean success, int httpCode, String httpPhrase, Header[] httpHeaders) {
        this(success, httpCode, httpPhrase);
        if (httpHeaders != null) {
-            Header current;
            for (Header httpHeader : httpHeaders) {
-                current = httpHeader;
-                if ("location".equals(current.getName().toLowerCase())) {
-                    mRedirectedLocation = current.getValue();
+                if ("location".equals(httpHeader.getName().toLowerCase())) {
+                    mRedirectedLocation = httpHeader.getValue();
                    continue;
                }
-                if ("www-authenticate".equals(current.getName().toLowerCase())) {
-                    mAuthenticate.add(current.getValue().toLowerCase());
+                if ("www-authenticate".equals(httpHeader.getName().toLowerCase())) {
+                    mAuthenticate.add(httpHeader.getValue().toLowerCase());
                }
            }
        }