/** * On received http auth request. * The method reacts on all registered authentication tokens. There is one and only one authentication token for any host + realm combination */ @Override public void onReceivedHttpAuthRequest(WebView view, HttpAuthHandler handler, String host, String realm) { // Get the authentication token (if specified) AuthenticationToken token = this.getAuthenticationToken(host, realm); if (token != null) { handler.proceed(token.getUserName(), token.getPassword()); return; } // Check if there is some plugin which can resolve this auth challenge PluginManager pluginManager = this.parentEngine.pluginManager; if (pluginManager != null && pluginManager.onReceivedHttpAuthRequest(null, new CordovaHttpAuthHandler(handler), host, realm)) { parentEngine.client.clearLoadTimeoutTimer(); return; } // By default handle 401 like we'd normally do! super.onReceivedHttpAuthRequest(view, handler, host, realm); }
/** * On received http auth request. * The method reacts on all registered authentication tokens. There is one and only one authentication token for any host + realm combination * * @param view * @param handler * @param host * @param realm */ @Override public void onReceivedHttpAuthRequest(WebView view, HttpAuthHandler handler, String host, String realm) { // Get the authentication token (if specified) AuthenticationToken token = this.getAuthenticationToken(host, realm); if (token != null) { handler.proceed(token.getUserName(), token.getPassword()); return; } // Check if there is some plugin which can resolve this auth challenge PluginManager pluginManager = this.appView.pluginManager; if (pluginManager != null && pluginManager.onReceivedHttpAuthRequest(this.appView, new CordovaHttpAuthHandler(handler), host, realm)) { this.appView.loadUrlTimeout++; return; } // By default handle 401 like we'd normally do! super.onReceivedHttpAuthRequest(view, handler, host, realm); }
/** * Create and show dialog for request authentication to the user * @param webView Web view to emebd into the authentication dialog. * @param handler Object responsible for catching and recovering HTTP authentication fails. */ public void createAuthenticationDialog(WebView webView, HttpAuthHandler handler) { // Show a dialog with the certificate info CredentialsDialogFragment dialog = CredentialsDialogFragment.newInstanceForCredentials(webView, handler); FragmentManager fm = getSupportFragmentManager(); FragmentTransaction ft = fm.beginTransaction(); ft.addToBackStack(null); dialog.setCancelable(false); dialog.show(ft, CREDENTIALS_DIALOG_TAG); if (!mIsFirstAuthAttempt) { Toast.makeText( getApplicationContext(), getText(R.string.saml_authentication_wrong_pass), Toast.LENGTH_LONG ).show(); } else { mIsFirstAuthAttempt = false; } }
@Override public void onReceivedHttpAuthRequest(WebView view, HttpAuthHandler handler, String host, String realm) { if (mBlog != null && mBlog.hasValidHTTPAuthCredentials()) { // Check that the HTTP AUth protected domain is the same of the blog. Do not send current blog's HTTP // AUTH credentials to external site. // NOTE: There is still a small security hole here, since the realm is not considered when getting // the password. Unfortunately the real is not stored when setting up the blog, and we cannot compare it // at this point. String domainFromHttpAuthRequest = UrlUtils.getDomainFromUrl(UrlUtils.addUrlSchemeIfNeeded(host, false)); String currentBlogDomain = UrlUtils.getDomainFromUrl(mBlog.getUrl()); if (domainFromHttpAuthRequest.equals(currentBlogDomain)) { handler.proceed(mBlog.getHttpuser(), mBlog.getHttppassword()); return; } } // TODO: If there is no match show the HTTP Auth dialog here. Like a normal browser usually does... super.onReceivedHttpAuthRequest(view, handler, host, realm); }
