/*
* Copyright (C) 2011 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.android.emailcommon.provider;
import android.content.ContentValues;
import android.content.Context;
import android.database.Cursor;
import android.net.Uri;
import android.os.Parcel;
import android.os.Parcelable;
import android.text.TextUtils;
import com.android.emailcommon.provider.EmailContent.HostAuthColumns;
import com.android.emailcommon.utility.SSLUtils;
import com.android.emailcommon.utility.Utility;
import java.net.URI;
import java.net.URISyntaxException;
public final class HostAuth extends EmailContent implements HostAuthColumns, Parcelable {
public static final String TABLE_NAME = "HostAuth";
@SuppressWarnings("hiding")
public static final Uri CONTENT_URI = Uri.parse(EmailContent.CONTENT_URI + "/hostauth");
// TODO the three following constants duplicate constants in Store.java; remove those and
// just reference these.
public static final String SCHEME_IMAP = "imap";
public static final String SCHEME_POP3 = "pop3";
public static final String SCHEME_EAS = "eas";
public static final String SCHEME_SMTP = "smtp";
public static final String SCHEME_TRUST_ALL_CERTS = "trustallcerts";
public static final int PORT_UNKNOWN = -1;
public static final int FLAG_NONE = 0x00; // No flags
public static final int FLAG_SSL = 0x01; // Use SSL
public static final int FLAG_TLS = 0x02; // Use TLS
public static final int FLAG_AUTHENTICATE = 0x04; // Use name/password for authentication
public static final int FLAG_TRUST_ALL = 0x08; // Trust all certificates
// Mask of settings directly configurable by the user
public static final int USER_CONFIG_MASK = 0x0b;
public String mProtocol;
public String mAddress;
public int mPort;
public int mFlags;
public String mLogin;
public String mPassword;
public String mDomain;
public String mClientCertAlias = null;
public static final int CONTENT_ID_COLUMN = 0;
public static final int CONTENT_PROTOCOL_COLUMN = 1;
public static final int CONTENT_ADDRESS_COLUMN = 2;
public static final int CONTENT_PORT_COLUMN = 3;
public static final int CONTENT_FLAGS_COLUMN = 4;
public static final int CONTENT_LOGIN_COLUMN = 5;
public static final int CONTENT_PASSWORD_COLUMN = 6;
public static final int CONTENT_DOMAIN_COLUMN = 7;
public static final int CONTENT_CLIENT_CERT_ALIAS_COLUMN = 8;
public static final String[] CONTENT_PROJECTION = new String[] {
RECORD_ID, HostAuthColumns.PROTOCOL, HostAuthColumns.ADDRESS, HostAuthColumns.PORT,
HostAuthColumns.FLAGS, HostAuthColumns.LOGIN,
HostAuthColumns.PASSWORD, HostAuthColumns.DOMAIN, HostAuthColumns.CLIENT_CERT_ALIAS
};
/**
* no public constructor since this is a utility class
*/
public HostAuth() {
mBaseUri = CONTENT_URI;
// other defaults policy)
mPort = PORT_UNKNOWN;
}
/**
* Restore a HostAuth from the database, given its unique id
* @param context
* @param id
* @return the instantiated HostAuth
*/
public static HostAuth restoreHostAuthWithId(Context context, long id) {
return EmailContent.restoreContentWithId(context, HostAuth.class,
HostAuth.CONTENT_URI, HostAuth.CONTENT_PROJECTION, id);
}
/**
* Returns the scheme for the specified flags.
*/
public static String getSchemeString(String protocol, int flags) {
return getSchemeString(protocol, flags, null);
}
/**
* Builds a URI scheme name given the parameters for a {@code HostAuth}.
* If a {@code clientAlias} is provided, this indicates that a secure connection must be used.
*/
public static String getSchemeString(String protocol, int flags, String clientAlias) {
String security = "";
switch (flags & USER_CONFIG_MASK) {
case FLAG_SSL:
security = "+ssl+";
break;
case FLAG_SSL | FLAG_TRUST_ALL:
security = "+ssl+trustallcerts";
break;
case FLAG_TLS:
security = "+tls+";
break;
case FLAG_TLS | FLAG_TRUST_ALL:
security = "+tls+trustallcerts";
break;
}
if (!TextUtils.isEmpty(clientAlias)) {
if (TextUtils.isEmpty(security)) {
throw new IllegalArgumentException(
"Can't specify a certificate alias for a non-secure connection");
}
if (!security.endsWith("+")) {
security += "+";
}
security += SSLUtils.escapeForSchemeName(clientAlias);
}
return protocol + security;
}
/**
* Returns the flags for the specified scheme.
*/
public static int getSchemeFlags(String scheme) {
String[] schemeParts = scheme.split("\\+");
int flags = HostAuth.FLAG_NONE;
if (schemeParts.length >= 2) {
String part1 = schemeParts[1];
if ("ssl".equals(part1)) {
flags |= HostAuth.FLAG_SSL;
} else if ("tls".equals(part1)) {
flags |= HostAuth.FLAG_TLS;
}
if (schemeParts.length >= 3) {
String part2 = schemeParts[2];
if (SCHEME_TRUST_ALL_CERTS.equals(part2)) {
flags |= HostAuth.FLAG_TRUST_ALL;
}
}
}
return flags;
}
@Override
public void restore(Cursor cursor) {
mBaseUri = CONTENT_URI;
mId = cursor.getLong(CONTENT_ID_COLUMN);
mProtocol = cursor.getString(CONTENT_PROTOCOL_COLUMN);
mAddress = cursor.getString(CONTENT_ADDRESS_COLUMN);
mPort = cursor.getInt(CONTENT_PORT_COLUMN);
mFlags = cursor.getInt(CONTENT_FLAGS_COLUMN);
mLogin = cursor.getString(CONTENT_LOGIN_COLUMN);
mPassword = cursor.getString(CONTENT_PASSWORD_COLUMN);
mDomain = cursor.getString(CONTENT_DOMAIN_COLUMN);
mClientCertAlias = cursor.getString(CONTENT_CLIENT_CERT_ALIAS_COLUMN);
}
@Override
public ContentValues toContentValues() {
ContentValues values = new ContentValues();
values.put(HostAuthColumns.PROTOCOL, mProtocol);
values.put(HostAuthColumns.ADDRESS, mAddress);
values.put(HostAuthColumns.PORT, mPort);
values.put(HostAuthColumns.FLAGS, mFlags);
values.put(HostAuthColumns.LOGIN, mLogin);
values.put(HostAuthColumns.PASSWORD, mPassword);
values.put(HostAuthColumns.DOMAIN, mDomain);
values.put(HostAuthColumns.CLIENT_CERT_ALIAS, mClientCertAlias);
values.put(HostAuthColumns.ACCOUNT_KEY, 0); // Need something to satisfy the DB
return values;
}
/**
* Sets the user name and password from URI user info string
*/
public void setLogin(String userInfo) {
String userName = null;
String userPassword = null;
if (!TextUtils.isEmpty(userInfo)) {
String[] userInfoParts = userInfo.split(":", 2);
userName = userInfoParts[0];
if (userInfoParts.length > 1) {
userPassword = userInfoParts[1];
}
}
setLogin(userName, userPassword);
}
/**
* Sets the user name and password
*/
public void setLogin(String userName, String userPassword) {
mLogin = userName;
mPassword = userPassword;
if (mLogin == null) {
mFlags &= ~FLAG_AUTHENTICATE;
} else {
mFlags |= FLAG_AUTHENTICATE;
}
}
/**
* Returns the login information. [0] is the username and [1] is the password. If
* {@link #FLAG_AUTHENTICATE} is not set, {@code null} is returned.
*/
public String[] getLogin() {
if ((mFlags & FLAG_AUTHENTICATE) != 0) {
String trimUser = (mLogin != null) ? mLogin.trim() : "";
String password = (mPassword != null) ? mPassword : "";
return new String[] { trimUser, password };
}
return null;
}
public void setConnection(String protocol, String address, int port, int flags) {
setConnection(protocol, address, port, flags, null);
}
/**
* Sets the internal connection parameters based on the specified parameter values.
* @param protocol the mail protocol to use (e.g. "eas", "imap").
* @param address the address of the server
* @param port the port for the connection
* @param flags flags indicating the security and type of the connection
* @param clientCertAlias an optional alias to use if a client user certificate is to be
* presented during connection establishment. If this is non-empty, it must be the case
* that flags indicates use of a secure connection
*/
public void setConnection(String protocol, String address,
int port, int flags, String clientCertAlias) {
// Set protocol, security, and additional flags based on uri scheme
mProtocol = protocol;
mFlags &= ~(FLAG_SSL | FLAG_TLS | FLAG_TRUST_ALL);
mFlags |= (flags & USER_CONFIG_MASK);
boolean useSecureConnection = (flags & (FLAG_SSL | FLAG_TLS)) != 0;
if (!useSecureConnection && !TextUtils.isEmpty(clientCertAlias)) {
throw new IllegalArgumentException("Can't use client alias on non-secure connections");
}
mAddress = address;
mPort = port;
if (mPort == PORT_UNKNOWN) {
boolean useSSL = ((mFlags & FLAG_SSL) != 0);
// infer port# from protocol + security
// SSL implies a different port - TLS runs in the "regular" port
// NOTE: Although the port should be setup in the various setup screens, this
// block cannot easily be moved because we get process URIs from other sources
// (e.g. for tests, provider templates and account restore) that may or may not
// have a port specified.
if (SCHEME_POP3.equals(mProtocol)) {
mPort = useSSL ? 995 : 110;
} else if (SCHEME_IMAP.equals(mProtocol)) {
mPort = useSSL ? 993 : 143;
} else if (SCHEME_EAS.equals(mProtocol)) {
mPort = useSSL ? 443 : 80;
} else if (SCHEME_SMTP.equals(mProtocol)) {
mPort = useSSL ? 465 : 587;
}
}
mClientCertAlias = clientCertAlias;
}
/** Returns {@code true} if this is an EAS connection; otherwise, {@code false}. */
public boolean isEasConnection() {
return SCHEME_EAS.equals(mProtocol);
}
/** Convenience method to determine if SSL is used. */
public boolean shouldUseSsl() {
return (mFlags & FLAG_SSL) != 0;
}
/** Convenience method to determine if all server certs should be used. */
public boolean shouldTrustAllServerCerts() {
return (mFlags & FLAG_TRUST_ALL) != 0;
}
/**
* Supports Parcelable
*/
@Override
public int describeContents() {
return 0;
}
/**
* Supports Parcelable
*/
public static final Parcelable.Creator<HostAuth> CREATOR
= new Parcelable.Creator<HostAuth>() {
@Override
public HostAuth createFromParcel(Parcel in) {
return new HostAuth(in);
}
@Override
public HostAuth[] newArray(int size) {
return new HostAuth[size];
}
};
/**
* Supports Parcelable
*/
@Override
public void writeToParcel(Parcel dest, int flags) {
// mBaseUri is not parceled
dest.writeLong(mId);
dest.writeString(mProtocol);
dest.writeString(mAddress);
dest.writeInt(mPort);
dest.writeInt(mFlags);
dest.writeString(mLogin);
dest.writeString(mPassword);
dest.writeString(mDomain);
dest.writeString(mClientCertAlias);
}
/**
* Supports Parcelable
*/
public HostAuth(Parcel in) {
mBaseUri = CONTENT_URI;
mId = in.readLong();
mProtocol = in.readString();
mAddress = in.readString();
mPort = in.readInt();
mFlags = in.readInt();
mLogin = in.readString();
mPassword = in.readString();
mDomain = in.readString();
mClientCertAlias = in.readString();
}
@Override
public boolean equals(Object o) {
if (!(o instanceof HostAuth)) {
return false;
}
HostAuth that = (HostAuth)o;
return mPort == that.mPort
&& mFlags == that.mFlags
&& Utility.areStringsEqual(mProtocol, that.mProtocol)
&& Utility.areStringsEqual(mAddress, that.mAddress)
&& Utility.areStringsEqual(mLogin, that.mLogin)
&& Utility.areStringsEqual(mPassword, that.mPassword)
&& Utility.areStringsEqual(mDomain, that.mDomain)
&& Utility.areStringsEqual(mClientCertAlias, that.mClientCertAlias);
}
/**
* The flag, password, and client cert alias are the only items likely to change after a
* HostAuth is created
*/
@Override
public int hashCode() {
int hashCode = 29;
if (mPassword != null) {
hashCode += mPassword.hashCode();
}
if (mClientCertAlias != null) {
hashCode += (mClientCertAlias.hashCode() << 8);
}
return (hashCode << 8) + mFlags;
}
/**
* Legacy URI parser. Used in parsing template from provider.xml
* Example string:
* "eas+ssl+trustallcerts://user:password@server/domain:123"
*
* Note that the use of client certificate is specified in the URI, a secure connection type
* must be used.
*/
public static void setHostAuthFromString(HostAuth auth, String uriString)
throws URISyntaxException {
URI uri = new URI(uriString);
String path = uri.getPath();
String domain = null;
if (!TextUtils.isEmpty(path)) {
// Strip off the leading slash that begins the path.
domain = path.substring(1);
}
auth.mDomain = domain;
auth.setLogin(uri.getUserInfo());
String scheme = uri.getScheme();
auth.setConnection(scheme, uri.getHost(), uri.getPort());
}
/**
* Legacy code for setting connection values from a "scheme" (see above)
*/
public void setConnection(String scheme, String host, int port) {
String[] schemeParts = scheme.split("\\+");
String protocol = schemeParts[0];
String clientCertAlias = null;
int flags = getSchemeFlags(scheme);
// Example scheme: "eas+ssl+trustallcerts" or "eas+tls+trustallcerts+client-cert-alias"
if (schemeParts.length > 3) {
clientCertAlias = schemeParts[3];
} else if (schemeParts.length > 2) {
if (!SCHEME_TRUST_ALL_CERTS.equals(schemeParts[2])) {
mClientCertAlias = schemeParts[2];
}
}
setConnection(protocol, host, port, flags, clientCertAlias);
}
}