Clear session cookies before attempting pre-login.

If ClientLogin issues session cookies, we do not want to clear them immediately after getting them from login. If we are not going to restore tabs, go ahead and clear the cookies before attempting pre-login. Keep track of the tab to restore so that we don't need to figure it out again. Requires a change in frameworks/base that exposes the CookieManager api. If we receive a 403 from IssueTokenAuth, inval the auth tokens and try again. Bug: 3421214 Change-Id: I5dd4cc0eba365a20a731ac43dd2571ef6274eaa9
author: Patrick Scott <phanna@android.com> 2011-02-04 09:27:26 -0500
committer: Patrick Scott <phanna@android.com> 2011-02-04 13:22:01 -0500
commit: 7d50a9364107c21e3358e1dbc51a06359a5287fb (patch)
tree: 77912ffefe7bfd6fbcccf956adfba8e39fe592ff /src/com/android/browser/GoogleAccountLogin.java
parent: 18793490c4a4fe1a9979218c7b3f2c88bc04e128 (diff)
download: packages_apps_Browser-7d50a9364107c21e3358e1dbc51a06359a5287fb.tar.gz
packages_apps_Browser-7d50a9364107c21e3358e1dbc51a06359a5287fb.tar.bz2
packages_apps_Browser-7d50a9364107c21e3358e1dbc51a06359a5287fb.zip
1 files changed, 32 insertions, 5 deletions
diff --git a/src/com/android/browser/GoogleAccountLogin.java b/src/com/android/browser/GoogleAccountLogin.java
index f019b52a6..eaf45ea23 100644
--- a/src/com/android/browser/GoogleAccountLogin.java
+++ b/src/com/android/browser/GoogleAccountLogin.java
@@ -46,7 +46,7 @@ import android.webkit.WebViewClient;
 
 import java.util.StringTokenizer;
 
-public class GoogleAccountLogin extends Thread implements
+public class GoogleAccountLogin implements Runnable,
         AccountManagerCallback<Bundle>, OnCancelListener {
 
     private static final String LOGTAG = "BrowserLogin";
@@ -77,6 +77,7 @@ public class GoogleAccountLogin extends Thread implements
     private String mSid;
     private String mLsid;
     private int mState;  // {NONE(0), SID(1), LSID(2)}
+    private boolean mTokensInvalidated;
 
     private GoogleAccountLogin(Activity activity, String name,
             Runnable runnable) {
@@ -105,7 +106,7 @@ public class GoogleAccountLogin extends Thread implements
         ed.apply();
     }
 
-    // Thread
+    // Runnable
     @Override
     public void run() {
         String url = ISSUE_AUTH_TOKEN_URL.buildUpon()
@@ -128,10 +129,22 @@ public class GoogleAccountLogin extends Thread implements
         String result = null;
         try {
             HttpResponse response = client.execute(request);
-            if (response.getStatusLine().getStatusCode() != HttpStatus.SC_OK) {
+            int status = response.getStatusLine().getStatusCode();
+            if (status != HttpStatus.SC_OK) {
                 Log.d(LOGTAG, "LOGIN_FAIL: Bad status from auth url "
-                      + response.getStatusLine().getStatusCode() + ": "
+                      + status + ": "
                       + response.getStatusLine().getReasonPhrase());
+                // Invalidate the tokens once just in case the 403 was for other
+                // reasons.
+                if (status == HttpStatus.SC_FORBIDDEN && !mTokensInvalidated) {
+                    Log.d(LOGTAG, "LOGIN_FAIL: Invalidating tokens...");
+                    // Need to regenerate the auth tokens and try again.
+                    invalidateTokens();
+                    // XXX: Do not touch any more member variables from this
+                    // thread as a second thread will handle the next login
+                    // attempt.
+                    return;
+                }
                 done();
                 return;
             }
@@ -171,6 +184,15 @@ public class GoogleAccountLogin extends Thread implements
         });
     }
 
+    private void invalidateTokens() {
+        AccountManager am = AccountManager.get(mActivity);
+        am.invalidateAuthToken(GOOGLE, mSid);
+        am.invalidateAuthToken(GOOGLE, mLsid);
+        mTokensInvalidated = true;
+        mState = 1;  // SID
+        am.getAuthToken(mAccount, "SID", null, mActivity, this, null);
+    }
+
     // AccountManager callbacks.
     @Override
     public void run(AccountManagerFuture<Bundle> value) {
@@ -190,7 +212,7 @@ public class GoogleAccountLogin extends Thread implements
                     break;
                 case 2:
                     mLsid = id;
-                    this.start();
+                    new Thread(this).start();
                     break;
             }
         } catch (Exception e) {
@@ -280,6 +302,11 @@ public class GoogleAccountLogin extends Thread implements
             return false;
         }
 
+        // This will potentially block the UI thread but we have to have the
+        // most updated cookies.
+        // FIXME: Figure out how to avoid waiting to clear session cookies.
+        CookieManager.getInstance().waitForCookieOperationsToComplete();
+
         // Use /a/ to grab hosted cookies as well as the base set of google.com
         // cookies.
         String cookies = CookieManager.getInstance().getCookie(
author	Patrick Scott <phanna@android.com>	2011-02-04 09:27:26 -0500
committer	Patrick Scott <phanna@android.com>	2011-02-04 13:22:01 -0500
commit	7d50a9364107c21e3358e1dbc51a06359a5287fb (patch)
tree	77912ffefe7bfd6fbcccf956adfba8e39fe592ff /src/com/android/browser/GoogleAccountLogin.java
parent	18793490c4a4fe1a9979218c7b3f2c88bc04e128 (diff)
download	packages_apps_Browser-7d50a9364107c21e3358e1dbc51a06359a5287fb.tar.gz packages_apps_Browser-7d50a9364107c21e3358e1dbc51a06359a5287fb.tar.bz2 packages_apps_Browser-7d50a9364107c21e3358e1dbc51a06359a5287fb.zip