OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 package org.chromium.net; | |
6 | |
7 import android.accounts.AccountManager; | |
8 import android.accounts.AccountManagerCallback; | |
9 import android.accounts.AccountManagerFuture; | |
10 import android.accounts.AuthenticatorException; | |
11 import android.accounts.OperationCanceledException; | |
12 import android.app.Activity; | |
13 import android.os.Bundle; | |
14 import android.os.Handler; | |
15 | |
16 import org.chromium.base.ApplicationStatus; | |
17 import org.chromium.base.CalledByNative; | |
18 import org.chromium.base.JNINamespace; | |
19 import org.chromium.base.ThreadUtils; | |
20 import org.chromium.base.VisibleForTesting; | |
21 | |
22 import java.io.IOException; | |
23 | |
24 /** | |
25 * Class to get Auth Tokens for HTTP Negotiate authentication (typically used fo r Kerberos) An | |
26 * instance of this class is created for each separate negotiation. | |
27 */ | |
28 @JNINamespace("net::android") | |
29 public class HttpNegotiateAuthenticator { | |
30 private Bundle mSpnegoContext = null; | |
31 private final String mAccountType; | |
32 private AccountManagerFuture<Bundle> mFuture; | |
33 | |
34 private HttpNegotiateAuthenticator(String accountType) { | |
35 assert !android.text.TextUtils.isEmpty(accountType); | |
36 mAccountType = accountType; | |
37 } | |
38 | |
39 /** | |
40 * @param nativeObject The corresponding HttpAuthNegotiateAndroid C++ object | |
cbentzel
2015/06/30 12:53:55
nativeObject is not passed in.
aberent
2015/07/02 21:13:35
Done.
| |
41 * @param accountType The Android account type to use. | |
42 */ | |
43 @VisibleForTesting | |
44 @CalledByNative | |
45 static HttpNegotiateAuthenticator create(String accountType) { | |
46 return new HttpNegotiateAuthenticator(accountType); | |
47 } | |
48 | |
49 /** | |
50 * @param principal The principal (must be host based). | |
51 * @param authToken The previous auth token, if any. | |
52 * @return false for immediate failure, true otherwise. | |
53 */ | |
54 @VisibleForTesting | |
55 @CalledByNative | |
56 void getNextAuthToken(final long nativeResultObject, final String principal, String authToken, | |
57 boolean canDelegate) { | |
58 assert principal != null; | |
59 String authTokenType = HttpNegotiateConstants.SPNEGO_TOKEN_TYPE_BASE + p rincipal; | |
60 Activity activity = ApplicationStatus.getLastTrackedFocusedActivity(); | |
61 if (activity == null) { | |
62 nativeSetResult(nativeResultObject, NetError.ERR_UNEXPECTED, null); | |
63 return; | |
64 } | |
65 AccountManager am = AccountManager.get(activity); | |
66 String features[] = {HttpNegotiateConstants.SPNEGO_FEATURE}; | |
67 | |
68 Bundle options = new Bundle(); | |
69 | |
70 if (authToken != null) { | |
71 options.putString(HttpNegotiateConstants.KEY_INCOMING_AUTH_TOKEN, au thToken); | |
72 } | |
73 if (mSpnegoContext != null) { | |
74 options.putBundle(HttpNegotiateConstants.KEY_SPNEGO_CONTEXT, mSpnego Context); | |
75 } | |
76 options.putBoolean(HttpNegotiateConstants.KEY_CAN_DELEGATE, canDelegate) ; | |
77 | |
78 mFuture = am.getAuthTokenByFeatures(mAccountType, authTokenType, feature s, activity, null, | |
79 options, new AccountManagerCallback<Bundle>() { | |
80 | |
81 @Override | |
82 public void run(AccountManagerFuture<Bundle> future) { | |
83 try { | |
84 Bundle result = future.getResult(); | |
85 mSpnegoContext = | |
cbentzel
2015/06/30 12:53:55
Do you know if this gets cleared when KEY_SPNEGO_R
aberent
2015/07/02 21:13:35
I don't, it depends on the Keberos authenication a
| |
86 result.getBundle(HttpNegotiateConstants.KEY_ SPNEGO_CONTEXT); | |
87 int status; | |
88 switch (result.getInt(HttpNegotiateConstants.KEY_SPN EGO_RESULT)) { | |
cbentzel
2015/06/30 12:53:55
This will go to OK if KEY_SPNEGO_RESULT is not pre
aberent
2015/07/02 21:13:35
Done. Changed to return ERR_UNEXPECTED.
| |
89 case HttpNegotiateConstants.OK: | |
90 status = 0; | |
91 break; | |
92 case HttpNegotiateConstants.ERR_UNEXPECTED: | |
93 status = NetError.ERR_UNEXPECTED; | |
94 break; | |
95 case HttpNegotiateConstants.ERR_ABORTED: | |
96 status = NetError.ERR_ABORTED; | |
97 break; | |
98 case HttpNegotiateConstants.ERR_UNEXPECTED_SECUR ITY_LIBRARY_STATUS: | |
99 status = NetError.ERR_UNEXPECTED_SECURITY_LI BRARY_STATUS; | |
100 break; | |
101 case HttpNegotiateConstants.ERR_INVALID_RESPONSE : | |
102 status = NetError.ERR_INVALID_RESPONSE; | |
103 break; | |
104 case HttpNegotiateConstants.ERR_INVALID_AUTH_CRE DENTIALS: | |
105 status = NetError.ERR_INVALID_AUTH_CREDENTIA LS; | |
106 break; | |
107 case HttpNegotiateConstants.ERR_UNSUPPORTED_AUTH _SCHEME: | |
108 status = NetError.ERR_UNSUPPORTED_AUTH_SCHEM E; | |
109 break; | |
110 case HttpNegotiateConstants.ERR_MISSING_AUTH_CRE DENTIALS: | |
111 status = NetError.ERR_MISSING_AUTH_CREDENTIA LS; | |
112 break; | |
113 case HttpNegotiateConstants | |
114 .ERR_UNDOCUMENTED_SECURITY_LIBRARY_STATU S: | |
115 status = NetError.ERR_UNDOCUMENTED_SECURITY_ LIBRARY_STATUS; | |
116 break; | |
117 case HttpNegotiateConstants.ERR_MALFORMED_IDENTI TY: | |
118 status = NetError.ERR_MALFORMED_IDENTITY; | |
119 break; | |
120 default: | |
121 status = NetError.ERR_UNEXPECTED; | |
122 } | |
123 nativeSetResult(nativeResultObject, status, | |
124 result.getString(AccountManager.KEY_AUTHTOKE N)); | |
cbentzel
2015/06/30 12:53:55
What happens when KEY_AUTHTOKEN is called for non-
aberent
2015/07/02 21:13:35
The value returned will be whatever the Kerberos A
| |
125 } catch (OperationCanceledException | AuthenticatorExcep tion | |
126 | IOException e) { | |
127 nativeSetResult(nativeResultObject, NetError.ERR_ABO RTED, null); | |
128 } | |
129 } | |
130 | |
131 }, new Handler(ThreadUtils.getUiThreadLooper())); | |
132 } | |
133 | |
134 @VisibleForTesting | |
135 native void nativeSetResult( | |
136 long nativeJavaNegotiateResultWrapper, int status, String authToken) ; | |
137 } | |
OLD | NEW |