mirror of
https://github.com/owncloud/android-library.git
synced 2025-06-07 16:06:08 +00:00
clean up credentials stuff from owncloudclient
This commit is contained in:
Christian Schabesberger
parent
5582097ca1
commit
c59d1540c7
@ -25,8 +25,6 @@
|
|||||||
|
|
||||||
package com.owncloud.android.lib.common;
|
package com.owncloud.android.lib.common;
|
||||||
|
|
||||||
import android.accounts.AccountManager;
|
|
||||||
import android.accounts.AccountsException;
|
|
||||||
import android.net.Uri;
|
import android.net.Uri;
|
||||||
|
|
||||||
import at.bitfire.dav4jvm.exception.HttpException;
|
import at.bitfire.dav4jvm.exception.HttpException;
|
||||||
@ -47,7 +45,6 @@ import timber.log.Timber;
|
|||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
import static com.owncloud.android.lib.common.http.HttpConstants.AUTHORIZATION_HEADER;
|
import static com.owncloud.android.lib.common.http.HttpConstants.AUTHORIZATION_HEADER;
|
||||||
@ -143,13 +140,6 @@ public class OwnCloudClient extends HttpClient {
|
|||||||
status = followRedirection(method).getLastStatus();
|
status = followRedirection(method).getLastStatus();
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
repeatWithFreshCredentials = checkUnauthorizedAccess(status, repeatCounter);
|
|
||||||
if (repeatWithFreshCredentials) {
|
|
||||||
repeatCounter++;
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
} while (retry && repeatCounter < MAX_RETRY_COUNT);
|
} while (retry && repeatCounter < MAX_RETRY_COUNT);
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
@ -178,29 +168,18 @@ public class OwnCloudClient extends HttpClient {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private int executeRedirectedHttpMethod(HttpBaseMethod method) throws Exception {
|
private int executeRedirectedHttpMethod(HttpBaseMethod method) throws Exception {
|
||||||
boolean repeatWithFreshCredentials;
|
|
||||||
int repeatCounter = 0;
|
|
||||||
int status;
|
int status;
|
||||||
|
String requestId = RandomUtils.generateRandomUUID();
|
||||||
|
|
||||||
do {
|
// Header to allow tracing requests in apache and ownCloud logs
|
||||||
String requestId = RandomUtils.generateRandomUUID();
|
Timber.d("Executing in request with id %s", requestId);
|
||||||
|
method.setRequestHeader(OC_X_REQUEST_ID, requestId);
|
||||||
// Header to allow tracing requests in apache and ownCloud logs
|
method.setRequestHeader(HttpConstants.USER_AGENT_HEADER, SingleSessionManager.getUserAgent());
|
||||||
Timber.d("Executing in request with id %s", requestId);
|
method.setRequestHeader(HttpConstants.ACCEPT_ENCODING_HEADER, HttpConstants.ACCEPT_ENCODING_IDENTITY);
|
||||||
method.setRequestHeader(OC_X_REQUEST_ID, requestId);
|
if (mCredentials.getHeaderAuth() != null) {
|
||||||
method.setRequestHeader(HttpConstants.USER_AGENT_HEADER, SingleSessionManager.getUserAgent());
|
method.setRequestHeader(AUTHORIZATION_HEADER, mCredentials.getHeaderAuth());
|
||||||
method.setRequestHeader(HttpConstants.ACCEPT_ENCODING_HEADER, HttpConstants.ACCEPT_ENCODING_IDENTITY);
|
}
|
||||||
if (mCredentials.getHeaderAuth() != null) {
|
status = method.execute();
|
||||||
method.setRequestHeader(AUTHORIZATION_HEADER, mCredentials.getHeaderAuth());
|
|
||||||
}
|
|
||||||
status = method.execute();
|
|
||||||
|
|
||||||
repeatWithFreshCredentials = checkUnauthorizedAccess(status, repeatCounter);
|
|
||||||
if (repeatWithFreshCredentials) {
|
|
||||||
repeatCounter++;
|
|
||||||
}
|
|
||||||
} while (repeatWithFreshCredentials);
|
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -365,86 +344,6 @@ public class OwnCloudClient extends HttpClient {
|
|||||||
this.mAccount = account;
|
this.mAccount = account;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Checks the status code of an execution and decides if should be repeated with fresh credentials.
|
|
||||||
* <p>
|
|
||||||
* Invalidates current credentials if the request failed as anauthorized.
|
|
||||||
* <p>
|
|
||||||
* Refresh current credentials if possible, and marks a retry.
|
|
||||||
*
|
|
||||||
* @param status
|
|
||||||
* @param repeatCounter
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
private boolean checkUnauthorizedAccess(int status, int repeatCounter) {
|
|
||||||
boolean credentialsWereRefreshed = false;
|
|
||||||
|
|
||||||
if (shouldInvalidateAccountCredentials(status)) {
|
|
||||||
invalidateAccountCredentials();
|
|
||||||
|
|
||||||
if (getCredentials().authTokenCanBeRefreshed() &&
|
|
||||||
repeatCounter < 1) {
|
|
||||||
try {
|
|
||||||
mAccount.loadCredentials(getContext());
|
|
||||||
// if mAccount.getCredentials().length() == 0 --> refresh failed
|
|
||||||
setCredentials(mAccount.getCredentials());
|
|
||||||
credentialsWereRefreshed = true;
|
|
||||||
|
|
||||||
} catch (AccountsException | IOException e) {
|
|
||||||
Timber.e(e, "Error while trying to refresh auth token for %s",
|
|
||||||
mAccount.getSavedAccount().name
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!credentialsWereRefreshed && mSingleSessionManager != null) {
|
|
||||||
// if credentials are not refreshed, client must be removed
|
|
||||||
// from the OwnCloudClientManager to prevent it is reused once and again
|
|
||||||
mSingleSessionManager.removeClientFor(mAccount);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// else: onExecute will finish with status 401
|
|
||||||
}
|
|
||||||
|
|
||||||
return credentialsWereRefreshed;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Determines if credentials should be invalidated according the to the HTTPS status
|
|
||||||
* of a network request just performed.
|
|
||||||
*
|
|
||||||
* @param httpStatusCode Result of the last request ran with the 'credentials' belows.
|
|
||||||
* @return 'True' if credentials should and might be invalidated, 'false' if shouldn't or
|
|
||||||
* cannot be invalidated with the given arguments.
|
|
||||||
*/
|
|
||||||
private boolean shouldInvalidateAccountCredentials(int httpStatusCode) {
|
|
||||||
boolean shouldInvalidateAccountCredentials =
|
|
||||||
(httpStatusCode == HttpConstants.HTTP_UNAUTHORIZED);
|
|
||||||
|
|
||||||
shouldInvalidateAccountCredentials &= (mCredentials != null && // real credentials
|
|
||||||
!(mCredentials instanceof OwnCloudCredentialsFactory.OwnCloudAnonymousCredentials));
|
|
||||||
|
|
||||||
// test if have all the needed to effectively invalidate ...
|
|
||||||
shouldInvalidateAccountCredentials &= (mAccount != null && mAccount.getSavedAccount() != null && getContext() != null);
|
|
||||||
|
|
||||||
return shouldInvalidateAccountCredentials;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Invalidates credentials stored for the given account in the system {@link AccountManager} and in
|
|
||||||
* current {@link SingleSessionManager#getDefaultSingleton()} instance.
|
|
||||||
* <p>
|
|
||||||
* {@link #shouldInvalidateAccountCredentials(int)} should be called first.
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
private void invalidateAccountCredentials() {
|
|
||||||
AccountManager am = AccountManager.get(getContext());
|
|
||||||
am.invalidateAuthToken(
|
|
||||||
mAccount.getSavedAccount().type,
|
|
||||||
mCredentials.getAuthToken()
|
|
||||||
);
|
|
||||||
am.clearPassword(mAccount.getSavedAccount()); // being strict, only needed for Basic Auth credentials
|
|
||||||
}
|
|
||||||
|
|
||||||
public boolean getFollowRedirects() {
|
public boolean getFollowRedirects() {
|
||||||
return mFollowRedirects;
|
return mFollowRedirects;
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user