OLD | NEW |
(Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 package org.chromium.net; |
| 6 |
| 7 import android.accounts.AccountManager; |
| 8 import android.accounts.AccountManagerCallback; |
| 9 import android.accounts.AccountManagerFuture; |
| 10 import android.accounts.AuthenticatorException; |
| 11 import android.accounts.OperationCanceledException; |
| 12 import android.app.Activity; |
| 13 import android.os.Bundle; |
| 14 import android.os.Handler; |
| 15 |
| 16 import org.chromium.base.ApplicationStatus; |
| 17 import org.chromium.base.CalledByNative; |
| 18 import org.chromium.base.JNINamespace; |
| 19 import org.chromium.base.ThreadUtils; |
| 20 import org.chromium.base.VisibleForTesting; |
| 21 |
| 22 import java.io.IOException; |
| 23 |
| 24 /** |
| 25 * Class to get Auth Tokens for HTTP Negotiate authentication (typically used fo
r Kerberos) An |
| 26 * instance of this class is created for each separate negotiation. |
| 27 */ |
| 28 @JNINamespace("net::android") |
| 29 public class HttpNegotiateAuthenticator { |
| 30 private Bundle mSpnegoContext = null; |
| 31 private final String mAccountType; |
| 32 private AccountManagerFuture<Bundle> mFuture; |
| 33 |
| 34 private HttpNegotiateAuthenticator(String accountType) { |
| 35 assert !android.text.TextUtils.isEmpty(accountType); |
| 36 mAccountType = accountType; |
| 37 } |
| 38 |
| 39 /** |
| 40 * @param accountType The Android account type to use. |
| 41 */ |
| 42 @VisibleForTesting |
| 43 @CalledByNative |
| 44 static HttpNegotiateAuthenticator create(String accountType) { |
| 45 return new HttpNegotiateAuthenticator(accountType); |
| 46 } |
| 47 |
| 48 /** |
| 49 * @param nativeResultObject The C++ object used to return the result. For c
orrect C++ memory |
| 50 * management we must call nativeSetResult precisely once with th
is object. |
| 51 * @param principal The principal (must be host based). |
| 52 * @param authToken The incoming auth token. |
| 53 * @param canDelegate True if we can delegate. |
| 54 */ |
| 55 @VisibleForTesting |
| 56 @CalledByNative |
| 57 void getNextAuthToken(final long nativeResultObject, final String principal,
String authToken, |
| 58 boolean canDelegate) { |
| 59 assert principal != null; |
| 60 String authTokenType = HttpNegotiateConstants.SPNEGO_TOKEN_TYPE_BASE + p
rincipal; |
| 61 Activity activity = ApplicationStatus.getLastTrackedFocusedActivity(); |
| 62 if (activity == null) { |
| 63 nativeSetResult(nativeResultObject, NetError.ERR_UNEXPECTED, null); |
| 64 return; |
| 65 } |
| 66 AccountManager am = AccountManager.get(activity); |
| 67 String features[] = {HttpNegotiateConstants.SPNEGO_FEATURE}; |
| 68 |
| 69 Bundle options = new Bundle(); |
| 70 |
| 71 if (authToken != null) { |
| 72 options.putString(HttpNegotiateConstants.KEY_INCOMING_AUTH_TOKEN, au
thToken); |
| 73 } |
| 74 if (mSpnegoContext != null) { |
| 75 options.putBundle(HttpNegotiateConstants.KEY_SPNEGO_CONTEXT, mSpnego
Context); |
| 76 } |
| 77 options.putBoolean(HttpNegotiateConstants.KEY_CAN_DELEGATE, canDelegate)
; |
| 78 |
| 79 mFuture = am.getAuthTokenByFeatures(mAccountType, authTokenType, feature
s, activity, null, |
| 80 options, new AccountManagerCallback<Bundle>() { |
| 81 |
| 82 @Override |
| 83 public void run(AccountManagerFuture<Bundle> future) { |
| 84 try { |
| 85 Bundle result = future.getResult(); |
| 86 mSpnegoContext = |
| 87 result.getBundle(HttpNegotiateConstants.KEY_
SPNEGO_CONTEXT); |
| 88 int status; |
| 89 switch (result.getInt(HttpNegotiateConstants.KEY_SPN
EGO_RESULT, |
| 90 HttpNegotiateConstants.ERR_UNEXPECTED)) { |
| 91 case HttpNegotiateConstants.OK: |
| 92 status = 0; |
| 93 break; |
| 94 case HttpNegotiateConstants.ERR_UNEXPECTED: |
| 95 status = NetError.ERR_UNEXPECTED; |
| 96 break; |
| 97 case HttpNegotiateConstants.ERR_ABORTED: |
| 98 status = NetError.ERR_ABORTED; |
| 99 break; |
| 100 case HttpNegotiateConstants.ERR_UNEXPECTED_SECUR
ITY_LIBRARY_STATUS: |
| 101 status = NetError.ERR_UNEXPECTED_SECURITY_LI
BRARY_STATUS; |
| 102 break; |
| 103 case HttpNegotiateConstants.ERR_INVALID_RESPONSE
: |
| 104 status = NetError.ERR_INVALID_RESPONSE; |
| 105 break; |
| 106 case HttpNegotiateConstants.ERR_INVALID_AUTH_CRE
DENTIALS: |
| 107 status = NetError.ERR_INVALID_AUTH_CREDENTIA
LS; |
| 108 break; |
| 109 case HttpNegotiateConstants.ERR_UNSUPPORTED_AUTH
_SCHEME: |
| 110 status = NetError.ERR_UNSUPPORTED_AUTH_SCHEM
E; |
| 111 break; |
| 112 case HttpNegotiateConstants.ERR_MISSING_AUTH_CRE
DENTIALS: |
| 113 status = NetError.ERR_MISSING_AUTH_CREDENTIA
LS; |
| 114 break; |
| 115 case HttpNegotiateConstants |
| 116 .ERR_UNDOCUMENTED_SECURITY_LIBRARY_STATU
S: |
| 117 status = NetError.ERR_UNDOCUMENTED_SECURITY_
LIBRARY_STATUS; |
| 118 break; |
| 119 case HttpNegotiateConstants.ERR_MALFORMED_IDENTI
TY: |
| 120 status = NetError.ERR_MALFORMED_IDENTITY; |
| 121 break; |
| 122 default: |
| 123 status = NetError.ERR_UNEXPECTED; |
| 124 } |
| 125 nativeSetResult(nativeResultObject, status, |
| 126 result.getString(AccountManager.KEY_AUTHTOKE
N)); |
| 127 } catch (OperationCanceledException | AuthenticatorExcep
tion |
| 128 | IOException e) { |
| 129 nativeSetResult(nativeResultObject, NetError.ERR_ABO
RTED, null); |
| 130 } |
| 131 } |
| 132 |
| 133 }, new Handler(ThreadUtils.getUiThreadLooper())); |
| 134 } |
| 135 |
| 136 @VisibleForTesting |
| 137 native void nativeSetResult( |
| 138 long nativeJavaNegotiateResultWrapper, int status, String authToken)
; |
| 139 } |
OLD | NEW |