Merge pull request #4000 from owncloud/feature/auth_webfinger_flow

Update WebFinger flow

Author: JuancaG05

CHANGELOG.md

@@ -14,6 +14,7 @@ Summary
 * Enhancement - Authenticated WebFinger: [#3943](https://github.com/owncloud/android/issues/3943)
 * Enhancement - Link in drawer menu: [#3949](https://github.com/owncloud/android/pull/3949)
 * Enhancement - Send language header in all requests: [#3980](https://github.com/owncloud/android/issues/3980)
+* Enhancement - Updated WebFinger flow: [#3998](https://github.com/owncloud/android/issues/3998)
 
 Details
 -------
@@ -71,6 +72,16 @@ Details
    https://github.com/owncloud/android/pull/3982
    https://github.com/owncloud/android-library/pull/551
 
+* Enhancement - Updated WebFinger flow: [#3998](https://github.com/owncloud/android/issues/3998)
+
+   WebFinger call won't follow redirections. WebFinger will be requested first and will skip
+   status.php in case it's successful, and in case the lookup server is not directly accessible,
+   we will continue the authentication flow with the regular status.php.
+
+   https://github.com/owncloud/android/issues/3998
+   https://github.com/owncloud/android/pull/4000
+   https://github.com/owncloud/android-library/pull/555
+
 Changelog for ownCloud Android Client [3.0.4] (2023-03-07)
 =======================================
 The following sections list the changes in ownCloud Android Client 3.0.4 relevant to

changelog/unreleased/4000

@@ -0,0 +1,9 @@
+Enhancement: Updated WebFinger flow
+
+WebFinger call won't follow redirections. WebFinger will be requested first and will skip status.php
+in case it's successful, and in case the lookup server is not directly accessible, we will continue
+the authentication flow with the regular status.php.
+
+https://github.com/owncloud/android/issues/3998
+https://github.com/owncloud/android/pull/4000
+https://github.com/owncloud/android-library/pull/555

owncloud-android-library

@@ -2,8 +2,9 @@
  * ownCloud Android client application
  *
  * @author Abel García de Prada
+ * @author Juan Carlos Garrote Gascón
  *
- * Copyright (C) 2020 ownCloud GmbH.
+ * Copyright (C) 2023 ownCloud GmbH.
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2,
@@ -23,6 +24,7 @@ package com.owncloud.android.authentication
 import android.accounts.AccountManager.KEY_ACCOUNT_NAME
 import android.accounts.AccountManager.KEY_ACCOUNT_TYPE
 import android.app.Activity.RESULT_OK
+import android.app.Instrumentation
 import android.content.Context
 import android.content.Intent
 import androidx.lifecycle.MutableLiveData
@@ -33,6 +35,7 @@ import androidx.test.espresso.Espresso.onView
 import androidx.test.espresso.action.ViewActions.click
 import androidx.test.espresso.intent.Intents
 import androidx.test.espresso.intent.Intents.intended
+import androidx.test.espresso.intent.matcher.IntentMatchers
 import androidx.test.espresso.intent.matcher.IntentMatchers.hasComponent
 import androidx.test.espresso.matcher.ViewMatchers.Visibility
 import androidx.test.espresso.matcher.ViewMatchers.withId
@@ -41,7 +44,6 @@ import com.owncloud.android.domain.exceptions.NoNetworkConnectionException
 import com.owncloud.android.domain.exceptions.OwncloudVersionNotSupportedException
 import com.owncloud.android.domain.exceptions.ServerNotReachableException
 import com.owncloud.android.domain.exceptions.UnauthorizedException
-import com.owncloud.android.domain.server.model.AuthenticationMethod
 import com.owncloud.android.domain.server.model.ServerInfo
 import com.owncloud.android.domain.utils.Event
 import com.owncloud.android.extensions.parseError
@@ -64,7 +66,9 @@ import com.owncloud.android.testutil.OC_ACCOUNT
 import com.owncloud.android.testutil.OC_AUTH_TOKEN_TYPE
 import com.owncloud.android.testutil.OC_BASIC_PASSWORD
 import com.owncloud.android.testutil.OC_BASIC_USERNAME
-import com.owncloud.android.testutil.OC_SERVER_INFO
+import com.owncloud.android.testutil.OC_INSECURE_SERVER_INFO_BASIC_AUTH
+import com.owncloud.android.testutil.OC_SECURE_SERVER_INFO_BASIC_AUTH
+import com.owncloud.android.testutil.OC_SECURE_SERVER_INFO_BEARER_AUTH
 import com.owncloud.android.utils.CONFIGURATION_SERVER_URL
 import com.owncloud.android.utils.CONFIGURATION_SERVER_URL_INPUT_VISIBILITY
 import com.owncloud.android.utils.NO_MDM_RESTRICTION_YET
@@ -81,6 +85,7 @@ import io.mockk.every
 import io.mockk.mockk
 import io.mockk.unmockkAll
 import io.mockk.verify
+import org.hamcrest.Matchers.allOf
 import org.junit.After
 import org.junit.Assert.assertEquals
 import org.junit.Assert.assertNotNull
@@ -199,14 +204,14 @@ class LoginActivityTest {
 
     @Test
     fun initialViewStatus_brandedOptions_webfinger() {
-        launchTest(webfingerLookupServer = OC_SERVER_INFO.baseUrl)
+        launchTest(webfingerLookupServer = OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl)
 
         assertWebfingerFlowDisplayed(webfingerEnabled = true)
     }
 
     @Test
     fun initialViewStatus_brandedOptions_serverInfoInSetup() {
-        launchTest(showServerUrlInput = false, serverUrl = OC_SERVER_INFO.baseUrl)
+        launchTest(showServerUrlInput = false, serverUrl = OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl)
 
         assertViewsDisplayed(
             showHostUrlFrame = false,
@@ -215,21 +220,21 @@ class LoginActivityTest {
             showEmbeddedCheckServerButton = false
         )
 
-        verify(exactly = 1) { authenticationViewModel.getServerInfo(OC_SERVER_INFO.baseUrl) }
+        verify(exactly = 1) { authenticationViewModel.getServerInfo(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl, true) }
     }
 
     @Test
     fun initialViewStatus_brandedOptions_serverInfoInSetup_connectionFails() {
 
-        launchTest(showServerUrlInput = false, serverUrl = OC_SERVER_INFO.baseUrl)
+        launchTest(showServerUrlInput = false, serverUrl = OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl)
 
         serverInfoLiveData.postValue(Event(UIResult.Error(NoNetworkConnectionException())))
 
         R.id.centeredRefreshButton.isDisplayed(true)
         R.id.centeredRefreshButton.scrollAndClick()
 
-        verify(exactly = 2) { authenticationViewModel.getServerInfo(OC_SERVER_INFO.baseUrl) }
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BASIC.copy(isSecureConnection = true))))
+        verify(exactly = 2) { authenticationViewModel.getServerInfo(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl, true) }
+        serverInfoLiveData.postValue(Event(UIResult.Success(SECURE_SERVER_INFO_BASIC)))
 
         R.id.centeredRefreshButton.isDisplayed(false)
     }
@@ -270,21 +275,21 @@ class LoginActivityTest {
     fun checkServerInfo_clickButton_callGetServerInfo() {
         launchTest()
 
-        R.id.hostUrlInput.typeText(OC_SERVER_INFO.baseUrl)
+        R.id.hostUrlInput.typeText(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl)
 
         R.id.embeddedCheckServerButton.scrollAndClick()
 
-        verify(exactly = 1) { authenticationViewModel.getServerInfo(OC_SERVER_INFO.baseUrl) }
+        verify(exactly = 1) { authenticationViewModel.getServerInfo(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl, true) }
     }
 
     @Test
     fun checkServerInfo_clickLogo_callGetServerInfo() {
         launchTest()
-        R.id.hostUrlInput.typeText(OC_SERVER_INFO.baseUrl)
+        R.id.hostUrlInput.typeText(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl)
 
         R.id.thumbnail.scrollAndClick()
 
-        verify(exactly = 1) { authenticationViewModel.getServerInfo(OC_SERVER_INFO.baseUrl) }
+        verify(exactly = 1) { authenticationViewModel.getServerInfo(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl, true) }
     }
 
     @Test
@@ -303,15 +308,15 @@ class LoginActivityTest {
         launchTest()
         R.id.hostUrlInput.typeText("demo.owncloud.com")
 
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BASIC.copy(isSecureConnection = true))))
+        serverInfoLiveData.postValue(Event(UIResult.Success(SECURE_SERVER_INFO_BASIC)))
 
-        R.id.hostUrlInput.withText(SERVER_INFO_BASIC.baseUrl)
+        R.id.hostUrlInput.withText(SECURE_SERVER_INFO_BASIC.baseUrl)
     }
 
     @Test
     fun checkServerInfo_isSuccess_Secure() {
         launchTest()
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BASIC.copy(isSecureConnection = true))))
+        serverInfoLiveData.postValue(Event(UIResult.Success(SECURE_SERVER_INFO_BASIC)))
 
         with(R.id.server_status_text) {
             isDisplayed(true)
@@ -323,7 +328,7 @@ class LoginActivityTest {
     @Test
     fun checkServerInfo_isSuccess_NotSecure() {
         launchTest()
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BASIC.copy(isSecureConnection = false))))
+        serverInfoLiveData.postValue(Event(UIResult.Success(INSECURE_SERVER_INFO_BASIC)))
 
         with(R.id.server_status_text) {
             isDisplayed(true)
@@ -336,34 +341,28 @@ class LoginActivityTest {
     fun checkServerInfo_isSuccess_Basic() {
         launchTest()
 
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BASIC)))
+        serverInfoLiveData.postValue(Event(UIResult.Success(SECURE_SERVER_INFO_BASIC)))
 
         checkBasicFieldsVisibility(loginButtonShouldBeVisible = false)
     }
 
     @Test
     fun checkServerInfo_isSuccess_Bearer() {
+        Intents.init()
         launchTest()
+        avoidOpeningChromeCustomTab()
 
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BEARER)))
+        serverInfoLiveData.postValue(Event(UIResult.Success(SECURE_SERVER_INFO_BEARER)))
 
         checkBearerFieldsVisibility()
-    }
-
-    @Test
-    fun checkServerInfo_isSuccess_None() {
-        launchTest()
-
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BASIC.copy(authenticationMethod = AuthenticationMethod.NONE))))
-
-        assertNoneFieldsVisibility()
+        Intents.release()
     }
 
     @Test
     fun checkServerInfo_isSuccess_basicModifyUrlInput() {
         launchTest()
 
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BASIC)))
+        serverInfoLiveData.postValue(Event(UIResult.Success(SECURE_SERVER_INFO_BASIC)))
 
         checkBasicFieldsVisibility()
 
@@ -388,15 +387,18 @@ class LoginActivityTest {
 
     @Test
     fun checkServerInfo_isSuccess_bearerModifyUrlInput() {
+        Intents.init()
         launchTest()
+        avoidOpeningChromeCustomTab()
 
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BEARER)))
+        serverInfoLiveData.postValue(Event(UIResult.Success(SECURE_SERVER_INFO_BEARER)))
 
         checkBearerFieldsVisibility()
 
         R.id.hostUrlInput.typeText("anything")
 
         R.id.auth_status_text.assertVisibility(Visibility.GONE)
+        Intents.release()
     }
 
     @Test
@@ -459,7 +461,7 @@ class LoginActivityTest {
     fun loginBasic_callLoginBasic() {
         launchTest()
 
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BASIC)))
+        serverInfoLiveData.postValue(Event(UIResult.Success(SECURE_SERVER_INFO_BASIC)))
 
         R.id.account_username.typeText(OC_BASIC_USERNAME)
 
@@ -477,7 +479,7 @@ class LoginActivityTest {
     fun loginBasic_callLoginBasic_trimUsername() {
         launchTest()
 
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BASIC)))
+        serverInfoLiveData.postValue(Event(UIResult.Success(SECURE_SERVER_INFO_BASIC)))
 
         R.id.account_username.typeText("  $OC_BASIC_USERNAME  ")
 
@@ -495,7 +497,7 @@ class LoginActivityTest {
     fun loginBasic_showOrHideFields() {
         launchTest()
 
-        serverInfoLiveData.postValue(Event(UIResult.Success(SERVER_INFO_BASIC)))
+        serverInfoLiveData.postValue(Event(UIResult.Success(SECURE_SERVER_INFO_BASIC)))
 
         R.id.account_username.typeText(OC_BASIC_USERNAME)
 
@@ -664,17 +666,17 @@ class LoginActivityTest {
 
         launchTest(intent = intentWithAccount)
 
-        baseUrlLiveData.postValue(Event(UIResult.Success(OC_SERVER_INFO.baseUrl)))
+        baseUrlLiveData.postValue(Event(UIResult.Success(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl)))
 
         with(R.id.hostUrlInput) {
-            withText(OC_SERVER_INFO.baseUrl)
+            withText(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl)
             assertVisibility(Visibility.VISIBLE)
             isDisplayed(true)
             isEnabled(false)
             isFocusable(false)
         }
 
-        verify(exactly = 0) { authenticationViewModel.getServerInfo(OC_SERVER_INFO.baseUrl) }
+        verify(exactly = 0) { authenticationViewModel.getServerInfo(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl) }
     }
 
     @Test
@@ -686,17 +688,17 @@ class LoginActivityTest {
 
         launchTest(intent = intentWithAccount)
 
-        baseUrlLiveData.postValue(Event(UIResult.Success(OC_SERVER_INFO.baseUrl)))
+        baseUrlLiveData.postValue(Event(UIResult.Success(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl)))
 
         with(R.id.hostUrlInput) {
-            withText(OC_SERVER_INFO.baseUrl)
+            withText(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl)
             assertVisibility(Visibility.VISIBLE)
             isDisplayed(true)
             isEnabled(false)
             isFocusable(false)
         }
 
-        verify(exactly = 1) { authenticationViewModel.getServerInfo(OC_SERVER_INFO.baseUrl) }
+        verify(exactly = 1) { authenticationViewModel.getServerInfo(OC_SECURE_SERVER_INFO_BASIC_AUTH.baseUrl) }
     }
 
     @Test
@@ -713,6 +715,11 @@ class LoginActivityTest {
         Intents.release()
     }
 
+    private fun avoidOpeningChromeCustomTab() {
+        Intents.intending(allOf(IntentMatchers.hasAction(Intent.ACTION_VIEW)))
+            .respondWith(Instrumentation.ActivityResult(RESULT_OK, null))
+    }
+
     private fun checkBasicFieldsVisibility(
         fieldsShouldBeVisible: Boolean = true,
         loginButtonShouldBeVisible: Boolean = false
@@ -747,19 +754,6 @@ class LoginActivityTest {
         }
     }
 
-    private fun assertNoneFieldsVisibility() {
-        with(R.id.server_status_text) {
-            isDisplayed(true)
-            assertVisibility(Visibility.VISIBLE)
-            withText(R.string.auth_unsupported_auth_method)
-        }
-
-        R.id.account_username.assertVisibility(Visibility.GONE)
-        R.id.account_password.assertVisibility(Visibility.GONE)
-        R.id.loginButton.assertVisibility(Visibility.GONE)
-        R.id.auth_status_text.assertVisibility(Visibility.GONE)
-    }
-
     private fun assertWebfingerFlowDisplayed(
         webfingerEnabled: Boolean,
     ) {
@@ -803,8 +797,9 @@ class LoginActivityTest {
     }
 
     companion object {
-        val SERVER_INFO_BASIC = OC_SERVER_INFO
-        val SERVER_INFO_BEARER = OC_SERVER_INFO.copy(authenticationMethod = AuthenticationMethod.BEARER_TOKEN)
+        val SECURE_SERVER_INFO_BASIC = OC_SECURE_SERVER_INFO_BASIC_AUTH
+        val INSECURE_SERVER_INFO_BASIC = OC_INSECURE_SERVER_INFO_BASIC_AUTH
+        val SECURE_SERVER_INFO_BEARER = OC_SECURE_SERVER_INFO_BEARER_AUTH
         private const val CUSTOM_WELCOME_TEXT = "Welcome to this test"
         private const val BRANDED_APP_NAME = "BrandedAppName"
     }

owncloudApp/src/androidTest/java/com/owncloud/android/authentication/LoginActivityTest.kt

@@ -52,12 +52,12 @@ val repositoryModule = module {
     factory<AuthenticationRepository> { OCAuthenticationRepository(get(), get()) }
     factory<CapabilityRepository> { OCCapabilityRepository(get(), get()) }
     factory<FileRepository> { OCFileRepository(get(), get(), get(), get()) }
-    factory<ServerInfoRepository> { OCServerInfoRepository(get()) }
+    factory<ServerInfoRepository> { OCServerInfoRepository(get(), get(), get()) }
     factory<ShareRepository> { OCShareRepository(get(), get()) }
     factory<ShareeRepository> { OCShareeRepository(get()) }
     factory<SpacesRepository> { OCSpacesRepository(get(), get()) }
     factory<UserRepository> { OCUserRepository(get(), get()) }
-    factory<OAuthRepository> { OCOAuthRepository(get(), get()) }
+    factory<OAuthRepository> { OCOAuthRepository(get()) }
     factory<FolderBackupRepository> { OCFolderBackupRepository(get()) }
     factory<WebFingerRepository> { OCWebFingerRepository(get()) }
     factory<TransferRepository> { OCTransferRepository(get()) }