flywithu/android-library
1
0
Fork 0
mirror of https://github.com/owncloud/android-library.git synced 2025-06-08 16:36:13 +00:00
Code Issues Releases Wiki Activity

Merge pull request #151 from owncloud/prevent_access_to_accounts_of_other_apps

Browse Source 
Prevent access to accounts of other apps with the same name as an OC …
This commit is contained in:
David González 2017-02-21 10:41:10 +01:00 committed by GitHub
commit f0b8cf1b66
3 changed files with 140 additions and 163 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
AndroidManifest.xml
View File

@ -28,6 +28,11 @@
android:versionCode="1" android:versionCode="1"
android:versionName="1.0" > android:versionName="1.0" >
<!-- USE_CREDENTIALS, MANAGE_ACCOUNTS and AUTHENTICATE_ACCOUNTS are needed for API < 23.
In API >= 23 the do not exist anymore -->
<uses-permission android:name="android.permission.USE_CREDENTIALS" />
<uses-permission android:name="android.permission.AUTHENTICATE_ACCOUNTS" />
<uses-sdk <uses-sdk
android:minSdkVersion="8" android:minSdkVersion="8"
android:targetSdkVersion="24" /> android:targetSdkVersion="24" />

195
src/com/owncloud/android/lib/common/SingleSessionManager.java
View File

@ -25,9 +25,7 @@
package com.owncloud.android.lib.common; package com.owncloud.android.lib.common;
import java.io.IOException; import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator; import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap; import java.util.concurrent.ConcurrentMap;
@ -46,7 +44,7 @@ import com.owncloud.android.lib.common.utils.Log_OC;
/** /**
* Implementation of {@link OwnCloudClientManager} * Implementation of {@link OwnCloudClientManager}
* * <p>
* TODO check multithreading safety * TODO check multithreading safety
* *
* @author David A. Velasco * @author David A. Velasco
@ -55,159 +53,158 @@ import com.owncloud.android.lib.common.utils.Log_OC;
public class SingleSessionManager implements OwnCloudClientManager { public class SingleSessionManager implements OwnCloudClientManager {
private static final String TAG = SingleSessionManager.class.getSimpleName(); private static final String TAG = SingleSessionManager.class.getSimpleName();
private ConcurrentMap<String, OwnCloudClient> mClientsWithKnownUsername = private ConcurrentMap<String, OwnCloudClient> mClientsWithKnownUsername =
new ConcurrentHashMap<String, OwnCloudClient>(); new ConcurrentHashMap<String, OwnCloudClient>();
private ConcurrentMap<String, OwnCloudClient> mClientsWithUnknownUsername = private ConcurrentMap<String, OwnCloudClient> mClientsWithUnknownUsername =
new ConcurrentHashMap<String, OwnCloudClient>(); new ConcurrentHashMap<String, OwnCloudClient>();
@Override @Override
public OwnCloudClient getClientFor(OwnCloudAccount account, Context context) public OwnCloudClient getClientFor(OwnCloudAccount account, Context context)
throws AccountNotFoundException, OperationCanceledException, AuthenticatorException, throws AccountNotFoundException, OperationCanceledException, AuthenticatorException,
IOException { IOException {
if (Log.isLoggable(TAG, Log.DEBUG)) { if (Log.isLoggable(TAG, Log.DEBUG)) {
Log_OC.d(TAG, "getClientFor starting "); Log_OC.d(TAG, "getClientFor starting ");
} }
if (account == null) { if (account == null) {
throw new IllegalArgumentException("Cannot get an OwnCloudClient for a null account"); throw new IllegalArgumentException("Cannot get an OwnCloudClient for a null account");
} }
OwnCloudClient client = null; OwnCloudClient client = null;
String accountName = account.getName(); String accountName = account.getName();
String sessionName = account.getCredentials() == null ? "" : String sessionName = account.getCredentials() == null ? "" :
AccountUtils.buildAccountName ( AccountUtils.buildAccountName(
account.getBaseUri(), account.getBaseUri(),
account.getCredentials().getAuthToken() account.getCredentials().getAuthToken()
) );
;
if (accountName != null) { if (accountName != null) {
client = mClientsWithKnownUsername.get(accountName); client = mClientsWithKnownUsername.get(accountName);
} }
boolean reusingKnown = false; // just for logs boolean reusingKnown = false; // just for logs
if (client == null) { if (client == null) {
if (accountName != null) { if (accountName != null) {
client = mClientsWithUnknownUsername.remove(sessionName); client = mClientsWithUnknownUsername.remove(sessionName);
if (client != null) { if (client != null) {
if (Log.isLoggable(TAG, Log.VERBOSE)) { if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log_OC.v(TAG, "reusing client for session " + sessionName); Log_OC.v(TAG, "reusing client for session " + sessionName);
} }
mClientsWithKnownUsername.put(accountName, client); mClientsWithKnownUsername.put(accountName, client);
if (Log.isLoggable(TAG, Log.VERBOSE)) { if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log_OC.v(TAG, "moved client to account " + accountName); Log_OC.v(TAG, "moved client to account " + accountName);
} }
} }
} else { } else {
client = mClientsWithUnknownUsername.get(sessionName); client = mClientsWithUnknownUsername.get(sessionName);
} }
} else { } else {
if (Log.isLoggable(TAG, Log.VERBOSE)) { if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log_OC.v(TAG, "reusing client for account " + accountName); Log_OC.v(TAG, "reusing client for account " + accountName);
} }
reusingKnown = true; reusingKnown = true;
} }
if (client == null) { if (client == null) {
// no client to reuse - create a new one // no client to reuse - create a new one
client = OwnCloudClientFactory.createOwnCloudClient( client = OwnCloudClientFactory.createOwnCloudClient(
account.getBaseUri(), account.getBaseUri(),
context.getApplicationContext(), context.getApplicationContext(),
true); // TODO remove dependency on OwnCloudClientFactory true); // TODO remove dependency on OwnCloudClientFactory
client.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY); client.getParams().setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY);
// enable cookie tracking // enable cookie tracking
AccountUtils.restoreCookies(accountName, client, context); AccountUtils.restoreCookies(account.getSavedAccount(), client, context);
account.loadCredentials(context); account.loadCredentials(context);
client.setCredentials(account.getCredentials()); client.setCredentials(account.getCredentials());
if (accountName != null) { if (accountName != null) {
mClientsWithKnownUsername.put(accountName, client); mClientsWithKnownUsername.put(accountName, client);
if (Log.isLoggable(TAG, Log.VERBOSE)) { if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log_OC.v(TAG, "new client for account " + accountName); Log_OC.v(TAG, "new client for account " + accountName);
} }
} else { } else {
mClientsWithUnknownUsername.put(sessionName, client); mClientsWithUnknownUsername.put(sessionName, client);
if (Log.isLoggable(TAG, Log.VERBOSE)) { if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log_OC.v(TAG, "new client for session " + sessionName); Log_OC.v(TAG, "new client for session " + sessionName);
} }
} }
} else { } else {
if (!reusingKnown && Log.isLoggable(TAG, Log.VERBOSE)) { if (!reusingKnown && Log.isLoggable(TAG, Log.VERBOSE)) {
Log_OC.v(TAG, "reusing client for session " + sessionName); Log_OC.v(TAG, "reusing client for session " + sessionName);
} }
keepCredentialsUpdated(account, client); keepCredentialsUpdated(account, client);
keepUriUpdated(account, client); keepUriUpdated(account, client);
} }
if (Log.isLoggable(TAG, Log.DEBUG)) { if (Log.isLoggable(TAG, Log.DEBUG)) {
Log_OC.d(TAG, "getClientFor finishing "); Log_OC.d(TAG, "getClientFor finishing ");
} }
return client; return client;
} }
@Override @Override
public OwnCloudClient removeClientFor(OwnCloudAccount account) { public OwnCloudClient removeClientFor(OwnCloudAccount account) {
if (Log.isLoggable(TAG, Log.DEBUG)) { if (Log.isLoggable(TAG, Log.DEBUG)) {
Log_OC.d(TAG, "removeClientFor starting "); Log_OC.d(TAG, "removeClientFor starting ");
} }
if (account == null) { if (account == null) {
return null; return null;
} }
OwnCloudClient client = null; OwnCloudClient client;
String accountName = account.getName(); String accountName = account.getName();
if (accountName != null) { if (accountName != null) {
client = mClientsWithKnownUsername.remove(accountName); client = mClientsWithKnownUsername.remove(accountName);
if (client != null) { if (client != null) {
if (Log.isLoggable(TAG, Log.VERBOSE)) { if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log_OC.v(TAG, "Removed client for account " + accountName); Log_OC.v(TAG, "Removed client for account " + accountName);
} }
return client; return client;
} else { } else {
if (Log.isLoggable(TAG, Log.VERBOSE)) { if (Log.isLoggable(TAG, Log.VERBOSE)) {
Log_OC.v(TAG, "No client tracked for account " + accountName); Log_OC.v(TAG, "No client tracked for account " + accountName);
} }
} }
} }
mClientsWithUnknownUsername.clear(); mClientsWithUnknownUsername.clear();
if (Log.isLoggable(TAG, Log.DEBUG)) { if (Log.isLoggable(TAG, Log.DEBUG)) {
Log_OC.d(TAG, "removeClientFor finishing "); Log_OC.d(TAG, "removeClientFor finishing ");
} }
return null; return null;
} }
@Override @Override
public void saveAllClients(Context context, String accountType) public void saveAllClients(Context context, String accountType)
throws AccountNotFoundException, AuthenticatorException, IOException, throws AccountNotFoundException, AuthenticatorException, IOException,
OperationCanceledException { OperationCanceledException {
if (Log.isLoggable(TAG, Log.DEBUG)) { if (Log.isLoggable(TAG, Log.DEBUG)) {
Log_OC.d(TAG, "Saving sessions... "); Log_OC.d(TAG, "Saving sessions... ");
} }
Iterator<String> accountNames = mClientsWithKnownUsername.keySet().iterator(); Iterator<String> accountNames = mClientsWithKnownUsername.keySet().iterator();
String accountName = null; String accountName;
Account account = null; Account account;
while (accountNames.hasNext()) { while (accountNames.hasNext()) {
accountName = accountNames.next(); accountName = accountNames.next();
account = new Account(accountName, accountType); account = new Account(accountName, accountType);
AccountUtils.saveClient( AccountUtils.saveClient(
mClientsWithKnownUsername.get(accountName), mClientsWithKnownUsername.get(accountName),
account, account,
context); context);
} }
if (Log.isLoggable(TAG, Log.DEBUG)) { if (Log.isLoggable(TAG, Log.DEBUG)) {
Log_OC.d(TAG, "All sessions saved"); Log_OC.d(TAG, "All sessions saved");
@ -215,24 +212,24 @@ public class SingleSessionManager implements OwnCloudClientManager {
} }
private void keepCredentialsUpdated(OwnCloudAccount account, OwnCloudClient reusedClient) { private void keepCredentialsUpdated(OwnCloudAccount account, OwnCloudClient reusedClient) {
OwnCloudCredentials recentCredentials = account.getCredentials(); OwnCloudCredentials recentCredentials = account.getCredentials();
if (recentCredentials != null && !recentCredentials.getAuthToken().equals( if (recentCredentials != null && !recentCredentials.getAuthToken().equals(
reusedClient.getCredentials().getAuthToken())) { reusedClient.getCredentials().getAuthToken())) {
reusedClient.setCredentials(recentCredentials); reusedClient.setCredentials(recentCredentials);
} }
} }
// this method is just a patch; we need to distinguish accounts in the same host but // this method is just a patch; we need to distinguish accounts in the same host but
// different paths; but that requires updating the accountNames for apps upgrading // different paths; but that requires updating the accountNames for apps upgrading
private void keepUriUpdated(OwnCloudAccount account, OwnCloudClient reusedClient) { private void keepUriUpdated(OwnCloudAccount account, OwnCloudClient reusedClient) {
Uri recentUri = account.getBaseUri(); Uri recentUri = account.getBaseUri();
if (!recentUri.equals(reusedClient.getBaseUri())) { if (!recentUri.equals(reusedClient.getBaseUri())) {
reusedClient.setBaseUri(recentUri); reusedClient.setBaseUri(recentUri);
} }
} }
} }

75
src/com/owncloud/android/lib/common/accounts/AccountUtils.java
View File

@ -282,68 +282,43 @@ public class AccountUtils {
/** /**
* Restore the client cookies * Restore the client cookies persisted in an account stored in the system AccountManager.
* *
* @param account * @param account Stored account.
* @param client * @param client Client to restore cookies in.
* @param context * @param context Android context used to access the system AccountManager.
*/ */
public static void restoreCookies(Account account, OwnCloudClient client, Context context) { public static void restoreCookies(Account account, OwnCloudClient client, Context context) {
if (account == null) {
Log_OC.d(TAG, "Cannot restore cookie for null account");
Log_OC.d(TAG, "Restoring cookies for " + account.name); } else {
Log_OC.d(TAG, "Restoring cookies for " + account.name);
// Account Manager // Account Manager
AccountManager am = AccountManager.get(context.getApplicationContext()); AccountManager am = AccountManager.get(context.getApplicationContext());
Uri serverUri = (client.getBaseUri() != null) ? client.getBaseUri() : client.getWebdavUri(); Uri serverUri = (client.getBaseUri() != null) ? client.getBaseUri() : client.getWebdavUri();
String cookiesString = am.getUserData(account, Constants.KEY_COOKIES); String cookiesString = am.getUserData(account, Constants.KEY_COOKIES);
if (cookiesString != null) { if (cookiesString != null) {
String[] cookies = cookiesString.split(";"); String[] cookies = cookiesString.split(";");
if (cookies.length > 0) { if (cookies.length > 0) {
for (int i = 0; i < cookies.length; i++) { for (int i = 0; i < cookies.length; i++) {
Cookie cookie = new Cookie(); Cookie cookie = new Cookie();
int equalPos = cookies[i].indexOf('='); int equalPos = cookies[i].indexOf('=');
cookie.setName(cookies[i].substring(0, equalPos)); cookie.setName(cookies[i].substring(0, equalPos));
cookie.setValue(cookies[i].substring(equalPos + 1)); cookie.setValue(cookies[i].substring(equalPos + 1));
cookie.setDomain(serverUri.getHost()); // VERY IMPORTANT cookie.setDomain(serverUri.getHost()); // VERY IMPORTANT
cookie.setPath(serverUri.getPath()); // VERY IMPORTANT cookie.setPath(serverUri.getPath()); // VERY IMPORTANT
client.getState().addCookie(cookie); client.getState().addCookie(cookie);
}
} }
} }
} }
} }
/**
* Restore the client cookies from accountName
*
* @param accountName
* @param client
* @param context
*/
public static void restoreCookies(String accountName, OwnCloudClient client, Context context) {
Log_OC.d(TAG, "Restoring cookies for " + accountName);
// Account Manager
AccountManager am = AccountManager.get(context.getApplicationContext());
// Get account
Account account = null;
Account accounts[] = am.getAccounts();
for (Account a : accounts) {
if (a.name.equals(accountName)) {
account = a;
break;
}
}
// Restoring cookies
if (account != null) {
restoreCookies(account, client, context);
}
}
public static class AccountNotFoundException extends AccountsException { public static class AccountNotFoundException extends AccountsException {
/** /**
@ -368,7 +343,7 @@ public class AccountUtils {
/** /**
* Value under this key should handle path to webdav php script. Will be * Value under this key should handle path to webdav php script. Will be
* removed and usage should be replaced by combining * removed and usage should be replaced by combining
* {@link com.owncloud.android.authentication.AuthenticatorActivity.KEY_OC_BASE_URL} and * {@link #KEY_OC_BASE_URL } and
* {@link com.owncloud.android.lib.resources.status.OwnCloudVersion} * {@link com.owncloud.android.lib.resources.status.OwnCloudVersion}
* *
* @deprecated * @deprecated