sebse/android-fuplanner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

New KVV login preparation (works only via VPN or internal)

Browse Source
This commit is contained in:
Caesar2011
2019-01-09 01:22:13 +01:00
parent 57853eccf1
commit 21d247052d
2 changed files with 105 additions and 140 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
app/src/main/java/de/sebse/fuplanner/services/fulogin/UserLoginTask.java
View File

@@ -62,8 +62,14 @@ public class UserLoginTask extends AsyncTask<Void, Void, String> {
mVolleyLogin.testLoginToken(success, success1 -> { mVolleyLogin.testLoginToken(success, success1 -> {
login.set(success); login.set(success);
latch.countDown(); latch.countDown();
}, error -> latch.countDown()); }, error -> {
}, error -> latch.countDown()); log.e(error);
latch.countDown();
});
}, error -> {
log.e(error);
latch.countDown();
});
try { try {
latch.await(); latch.await();
} catch (InterruptedException e) { } catch (InterruptedException e) {

233
app/src/main/java/de/sebse/fuplanner/services/kvv/sync/Login.java
View File

@@ -56,56 +56,35 @@ public class Login extends HTTPService {
public void doLogin(String username, String password, NetworkCallback<LoginToken> callback, NetworkErrorCallback error) { public void doLogin(String username, String password, NetworkCallback<LoginToken> callback, NetworkErrorCallback error) {
startKVVSession(success -> { step1(success1 -> {
String kvvJSESSIONID = success.get("JSESSIONID"); String samlLocation = success1.get("Location");
getSAMLRequest(kvvJSESSIONID, success1 -> startIdentSession(success1.get("Location"), success11 -> { step2(samlLocation, success2 -> {
String identJSESSIONID = success11.get("JSESSIONID"); String fuJSESSIONID = success2.get("JSESSIONID");
String ident_idp_authn_lc_key = success11.get("_idp_authn_lc_key"); step3(fuJSESSIONID, success3 -> {
String identROUTEID = success11.get("ROUTEID"); step4(username, password, fuJSESSIONID, success4 -> {
loginIdent(true, username, password, identJSESSIONID, ident_idp_authn_lc_key, identROUTEID, success111 -> loginIdent(false, username, password, identJSESSIONID, ident_idp_authn_lc_key, identROUTEID, success11112 -> { String fuSHIBSession = success4.get("shib_idp_session");
String ident_idp_session = success11112.get("_idp_session"); String samlResponse = success4.get("SAMLResponse");
getSAMLResponse(identJSESSIONID, ident_idp_authn_lc_key, identROUTEID, ident_idp_session, success1111 -> loginKVV(success1111.get("RelayState"), success1111.get("SAMLResponse"), kvvJSESSIONID, success111112 -> { step5(samlResponse, success5 -> {
LoginToken token = new LoginToken(username, success111112.get("shibsessionKey"), success111112.get("shibsessionName"), kvvJSESSIONID); String shibsessionKey = success5.get("shibsessionKey");
finishKVVlogin(token, success11111 -> callback.onResponse(token), error); String shibsessionName = success5.get("shibsessionName");
}, error), error); step6(shibsessionKey, shibsessionName, success6 -> {
}, error), error); String kvvJSESSIONID = success6.get("JSESSIONID");
}, error), error); LoginToken token = new LoginToken(username, shibsessionKey, shibsessionName, kvvJSESSIONID);
callback.onResponse(token);
}, error);
}, error);
}, error);
}, error);
}, error);
}, error); }, error);
} }
/* /*
GET https://kvv.imp.fu-berlin.de/portal/login 1= GET https://kvv.imp.fu-berlin.de/Shibboleth.sso/Login?entityID=https://identity.fu-berlin.de/idp-fub-qa
-> JSESSIONID 5c10406f-588c-4c16-96e9-c80d115417de.tomcat1 -> Location-Header: https://identity.fu-berlin.de:9443/idp-fub-qa/profile/SAML2/Redirect/SSO?SAMLResponse=[SAMLResponse]&RelayState=[RelayState]
*/ */
private void startKVVSession(final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) { private void step1(final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) {
get("https://kvv.imp.fu-berlin.de/portal/login", null, response -> { get("https://kvv.imp.fu-berlin.de/Shibboleth.sso/Login?entityID=https://identity.fu-berlin.de/idp-fub-qa", null, response -> {
String cookies = response.getHeaders().get("Set-Cookie");
if (cookies==null) {
errorCallback.onError(new NetworkError(100101, -1, "Error on starting KVV session!"));
return;
}
HashMap<String, String> object;
try {
object = getCookie(cookies, new String[]{"JSESSIONID"});
} catch (NoSuchFieldException e) {
errorCallback.onError(new NetworkError(100102, -1, "Error on starting KVV session!"));
return;
}
callback.onResponse(object);
}, error -> errorCallback.onError(new NetworkError(100100, error.networkResponse.statusCode, "Error on starting KVV session!")));
}
/*
GET https://kvv.imp.fu-berlin.de/sakai-login-tool/container
<- JSESSIONID
-> (Location-Header) https://identity.fu-berlin.de/idp-fub/profile/SAML2/Redirect/SSO
?SAMLRequest=fZLLb.....Q8yre3X1IHwkJKE0Mnpy/V9TH4A
&RelayState=ss:mem:7ea01e29157b8bd906f7002176.....0d1a505f2c8bf
*/
private void getSAMLRequest(String JSESSIONID, final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) {
HashMap<String, String> cookies = new HashMap<>();
cookies.put("JSESSIONID", JSESSIONID);
get("https://kvv.imp.fu-berlin.de/sakai-login-tool/container", cookies, response -> {
String location = response.getHeaders().get("Location"); String location = response.getHeaders().get("Location");
if (location==null) { if (location==null) {
errorCallback.onError(new NetworkError(100111, -1, "Error on getting SAML request!")); errorCallback.onError(new NetworkError(100111, -1, "Error on getting SAML request!"));
@@ -118,133 +97,98 @@ public class Login extends HTTPService {
} }
/* /*
GET https://identity.fu-berlin.de/idp-fub/profile/SAML2/Redirect/SSO 2= GET [Location-Header 1]
?SAMLRequest=fZLLbsIwEEV/JfI+cWJAUIsgpbAoEi2IpF10UznxUKw6dupxaPn7hkdb2LD29bkzRzNGUeuGZ63fmjV8toA++K61QX58SEnrDLcCFXIjakDuK55njwvOopg3znpbWU2CDBGcV9ZMrcG2BpeD26kKnteLlGy9b5BT+rHbRapuok0bluC0MpEEmm9VWVoNfhshWnpgM7pa5gUJZt0wyogD9h+iJBiv/P6aomQTbtqSdhNtlIYzZg1SOag8zfMlCeazlLyNqpHsy1gO2V1fVsNBMuqJoUyAJaxXDUaiiyG2MDfohfEpYXEyDJM4ZKxgCe/FPI5fSbA6L36vjFTm/bal8hRC/lAUq/C02gs4PK7VBchkfHDNj8Xuwv5trPhVTiY3BeOf4DG96DmVNvypA89nK6tVtQ8yre3X1IHwkJKE0Mnpy/V9TH4A -> Set-Cookie: JSESSIONID=[JSESSION-FU]
&RelayState=ss:mem:7ea01e29157b8bd906f7002176213b6db5e1f45ebb88716a9820d1a505f2c8bf -> Location: /idp-fub-qa/profile/SAML2/Redirect/SSO?execution=e1s1
-> JSESSIONID C4B6A428BA1F50746235D03F5D107A57
-> _idp_authn_lc_key 57a6ae26067f374cc3d0ccfc47e27b04b47752d2a3d4eb2782af0d3994535395
-> ROUTEID .1
*/ */
private void startIdentSession(String url, final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) { private void step2(String url, final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) {
get(url, null, response -> { get(url, null, response -> {
String cookies = response.getHeaders().get("Set-Cookie"); String cookies = response.getHeaders().get("Set-Cookie");
if (cookies==null) { if (cookies==null) {
errorCallback.onError(new NetworkError(100121, -1, "Error on starting Ident session!")); errorCallback.onError(new NetworkError(100121, -1, "Error on starting FU session!"));
return; return;
} }
HashMap<String, String> object; HashMap<String, String> object;
try { try {
object = getCookie(cookies, new String[]{"JSESSIONID", "_idp_authn_lc_key", "ROUTEID"}); object = getCookie(cookies, new String[]{"JSESSIONID"});
} catch (NoSuchFieldException e) { } catch (NoSuchFieldException e) {
errorCallback.onError(new NetworkError(100122, -1, "Error on starting Ident session!")); errorCallback.onError(new NetworkError(100122, -1, "Error on starting FU session!"));
return; return;
} }
callback.onResponse(object); callback.onResponse(object);
}, error -> errorCallback.onError(new NetworkError(100120, error.networkResponse.statusCode, "Error on starting Ident session!"))); }, error -> errorCallback.onError(new NetworkError(100120, error.networkResponse.statusCode, "Error on starting FU session!")));
} }
/* /*
POST https://identity.fu-berlin.de/idp-fub/Authn/UserPassword 3= GET [Location-Header 2]
<- j_username seedorf96 + Cookie: JSESSIONID=[JSESSION-FU]
<- j_password neinhieristpatrick
<- (Header-"Content-Type") application/x-www-form-urlencoded
<- JSESSIONID
<- _idp_authn_lc_key
<- ROUTEID
-> _idp_session OTMuMTkzLjg1LjMz|LQ==|OGYxOWI4MjA2NTQ4YWUwYzJkOWM4Mjk4YzcwZDMwZmJiZjBmMTdmMzkyZGU2OWIwY2JkNmZlNjlmNTRmNzBlMQ==|wLlzQal7VqyntmG2vLNn06wt8wQ=
*/ */
private void loginIdent(final boolean first, String username, String password, String JSESSIONID, String _idp_authn_lc_key, String ROUTEID, final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) { private void step3(String JSESSIONID_FU, final NetworkCallback<Boolean> callback, final NetworkErrorCallback errorCallback) {
HashMap<String, String> cookies = new HashMap<>(); HashMap<String, String> cookies = new HashMap<>();
cookies.put("JSESSIONID", JSESSIONID); cookies.put("JSESSIONID", JSESSIONID_FU);
cookies.put("_idp_authn_lc_key", _idp_authn_lc_key); get("https://identity.fu-berlin.de:9443/idp-fub-qa/profile/SAML2/Redirect/SSO?execution=e1s1", cookies, response -> {
cookies.put("ROUTEID", ROUTEID); callback.onResponse(true);
}, error -> errorCallback.onError(new NetworkError(100130, error.networkResponse.statusCode, "Error starting login page!")));
}
/*
4= POST [Location-Header 2]
+ Body: j_username=[USERNAME]&j_password=[PASSWORD]&_eventId_proceed=
+ Header: Content-Type: application/x-www-form-urlencoded
+ Header: Referer: [Location-Header 2]
+ Cookie: JSESSIONID=[JSESSION-FU]
-> Set-Cookie: shib_idp_session=[SHIB-IDP-SESSION]
-> Body SAMLResponse-Input-value
*/
private void step4(String username, String password, String JSESSIONID_FU, final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) {
HashMap<String, String> cookies = new HashMap<>();
cookies.put("JSESSIONID", JSESSIONID_FU);
HashMap<String, String> body = new HashMap<>(); HashMap<String, String> body = new HashMap<>();
body.put("j_username", username); body.put("j_username", username);
body.put("j_password", password); body.put("j_password", password);
post("https://identity.fu-berlin.de/idp-fub/Authn/UserPassword", cookies, body, response -> { body.put("_eventId_proceed", "");
if (first) { post("https://identity.fu-berlin.de:9443/idp-fub-qa/profile/SAML2/Redirect/SSO?execution=e1s1", cookies, body, response -> {
callback.onResponse(new HashMap<>());
return;
}
String cookies1 = response.getHeaders().get("Set-Cookie"); String cookies1 = response.getHeaders().get("Set-Cookie");
if (cookies1 ==null) { if (cookies1 ==null) {
errorCallback.onError(new NetworkError(100131, -1, "Error on logging in to Identity Server!")); errorCallback.onError(new NetworkError(100141, -1, "Error on logging in to FU Identity Server!"));
return; return;
} }
HashMap<String, String> object; HashMap<String, String> object;
try { try {
object = getCookie(cookies1, new String[]{"_idp_session"}); object = getCookie(cookies1, new String[]{"shib_idp_session"});
} catch (NoSuchFieldException e) { } catch (NoSuchFieldException e) {
errorCallback.onError(new NetworkError(100132, -1, "Error on logging in to Identity Server!")); errorCallback.onError(new NetworkError(100142, -1, "Error on logging in to FU Identity Server!"));
return; return;
} }
callback.onResponse(object);
}, error -> errorCallback.onError(new NetworkError(100130, error.networkResponse.statusCode, "Error on logging in to Identity Server!")));
}
/* String content = response.getParsed();
GET https://identity.fu-berlin.de/idp-fub/profile/SAML2/Redirect/SSO if (content == null) {
<- JSESSIONID
<- _idp_authn_lc_key
<- ROUTEID
<- _idp_session
-> (BODY) RelayState 7ea01e29157b8bd906f7002176213b6db5e1f45ebb88716a9820d1a505f2c8bf
-> (BODY) SAMLResponse PD94bWwgdmVyc2lvbj0...........wvc2FtbDJwOlJlc3BvbnNlPg==
*/
private void getSAMLResponse(String JSESSIONID, String _idp_authn_lc_key, String ROUTEID, String _idp_session, final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) {
HashMap<String, String> cookies = new HashMap<>();
cookies.put("JSESSIONID", JSESSIONID);
cookies.put("_idp_authn_lc_key", _idp_authn_lc_key);
cookies.put("ROUTEID", ROUTEID);
cookies.put("_idp_session", _idp_session);
get("https://identity.fu-berlin.de/idp-fub/profile/SAML2/Redirect/SSO", cookies, response -> {
String body = response.getParsed();
if (body == null) {
errorCallback.onError(new NetworkError(100143, -1, "Error on getting SAML response!")); errorCallback.onError(new NetworkError(100143, -1, "Error on getting SAML response!"));
return; return;
} }
Pattern pattern = Pattern.compile("name=\"SAMLResponse\" value=\"([0-9a-zA-Z+]+=*)");
HashMap<String, String> object = new HashMap<>(); Matcher matcher = pattern.matcher(content);
Pattern pattern = Pattern.compile("ss&#x3a;mem&#x3a;([0-9a-f]+)");
Matcher matcher = pattern.matcher(body);
if (!matcher.find()) { if (!matcher.find()) {
errorCallback.onError(new NetworkError(100142, -1, "Error on getting SAML response!")); errorCallback.onError(new NetworkError(100144, -1, "Error on getting SAML response!"));
return;
}
object.put("RelayState", "ss:mem:"+matcher.group(1));
pattern = Pattern.compile("name=\"SAMLResponse\" value=\"([0-9a-zA-Z+]+=*)");
matcher = pattern.matcher(body);
if (!matcher.find()) {
errorCallback.onError(new NetworkError(100141, -1, "Error on getting SAML response!"));
return; return;
} }
object.put("SAMLResponse", matcher.group(1)); object.put("SAMLResponse", matcher.group(1));
callback.onResponse(object); callback.onResponse(object);
}, error -> errorCallback.onError(new NetworkError(100140, error.networkResponse.statusCode, "Error on getting SAML response!"))); }, error -> errorCallback.onError(new NetworkError(100145, error.networkResponse.statusCode, "Error on logging in to FU Identity Server!")));
} }
/* /*
POST https://kvv.imp.fu-berlin.de/Shibboleth.sso/SAML2/POST 5= POST https://kvv.imp.fu-berlin.de/Shibboleth.sso/SAML2/POST
<- RelayState 7ea01e29157b8bd906f7002176213b6db5e1f45ebb88716a9820d1a505f2c8bf + Body: SAMLResponse=[SAML-RESPONSE]
<- SAMLResponse PD94bWwgdmVyc2lvbj0...........wvc2FtbDJwOlJlc3BvbnNlPg== + Header: Content-Type: application/x-www-form-urlencoded
<- JSESSIONID -> Set-Cookie: _shibsession_[SESS-NR]: [SESS-VALUE]
-> _shibsession_64656661756c7468747470733a2f2f6b76762e696d702e66752d6265726c696e2e64652f73686962626f6c657468
_b1912c5a03d733a80bd3fee772bf68d4
*/ */
private void loginKVV(String RelayState, String SAMLResponse, String JSESSIONID, final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) { private void step5(String SAMLResponse, final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) {
HashMap<String, String> cookies = new HashMap<>();
cookies.put("JSESSIONID", JSESSIONID);
HashMap<String, String> body = new HashMap<>(); HashMap<String, String> body = new HashMap<>();
body.put("RelayState", RelayState);
body.put("SAMLResponse", SAMLResponse); body.put("SAMLResponse", SAMLResponse);
post("https://kvv.imp.fu-berlin.de/Shibboleth.sso/SAML2/POST", cookies, body, response -> { post("https://kvv.imp.fu-berlin.de/Shibboleth.sso/SAML2/POST", null, body, response -> {
String cookies1 = response.getHeaders().get("Set-Cookie"); String cookies = response.getHeaders().get("Set-Cookie");
if (cookies1 ==null) { if (cookies ==null) {
errorCallback.onError(new NetworkError(100151, -1, "Error on starting KVV session!")); errorCallback.onError(new NetworkError(100151, -1, "Error on starting KVV session!"));
return; return;
} }
@@ -252,26 +196,41 @@ public class Login extends HTTPService {
Pattern pattern = Pattern.compile("(_shibsession_[0-9a-f]+)=([^;]+);"); Pattern pattern = Pattern.compile("(_shibsession_[0-9a-f]+)=([^;]+);");
Matcher matcher = pattern.matcher(cookies1); Matcher matcher = pattern.matcher(cookies);
if (!matcher.find()) { if (!matcher.find()) {
errorCallback.onError(new NetworkError(100152, -1, "Error on starting Ident session!")); errorCallback.onError(new NetworkError(100152, -1, "Error on starting KVV session!"));
} }
object.put("shibsessionKey", matcher.group(1)); object.put("shibsessionKey", matcher.group(1));
object.put("shibsessionName", matcher.group(2)); object.put("shibsessionName", matcher.group(2));
callback.onResponse(object); callback.onResponse(object);
}, error -> errorCallback.onError(new NetworkError(100150, error.networkResponse.statusCode, "Error on starting Ident session!"))); }, error -> errorCallback.onError(new NetworkError(100150, error.networkResponse.statusCode, "Error on starting KVV session!")));
} }
/* /*
GET https://kvv.imp.fu-berlin.de/sakai-login-tool/container 6= https://kvv.imp.fu-berlin.de/sakai-login-tool/container
<- JSESSIONID + Cookie: _shibsession_[SESS-NR]: [SESS-VALUE]
<- _shibsession_64656661756c7468747470733a2f2f6b76762e696d702e66752d6265726c696e2e64652f73686962626f6c657468 -> Set-Cookie: JSESSIONID: [JSESSION-KVV]
_b1912c5a03d733a80bd3fee772bf68d4
*/ */
private void finishKVVlogin(LoginToken loginToken, final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) { private void step6(String shibsessionKey, String shibsessionName, final NetworkCallback<HashMap<String, String>> callback, final NetworkErrorCallback errorCallback) {
get("https://kvv.imp.fu-berlin.de/sakai-login-tool/container", loginToken.getCookies(), response -> callback.onResponse(new HashMap<>()), error -> errorCallback.onError(new NetworkError(100160, error.networkResponse.statusCode, "Cannot finish login process!"))); HashMap<String, String> cookies = new HashMap<>();
cookies.put(shibsessionKey, shibsessionName);
get("https://kvv.imp.fu-berlin.de/sakai-login-tool/container", cookies, response -> {
String cookies1 = response.getHeaders().get("Set-Cookie");
if (cookies1 ==null) {
errorCallback.onError(new NetworkError(100161, -1, "Cannot finish login process!"));
return;
}
HashMap<String, String> object;
try {
object = getCookie(cookies1, new String[]{"JSESSIONID"});
} catch (NoSuchFieldException e) {
errorCallback.onError(new NetworkError(100162, -1, "Cannot finish login process!"));
return;
}
callback.onResponse(object);
}, error -> errorCallback.onError(new NetworkError(100160, error.networkResponse.statusCode, "Cannot finish login process!")));
} }