/** * Verifies the broker related app and AD-Authenticator in Account Manager ADAL directs call to * AccountManager if component is valid and present. It does not direct call if the caller is from * Authenticator itself. */ @Override public boolean canSwitchToBroker() { String packageName = mContext.getPackageName(); // ADAL switches broker for following conditions: // 1- app is not skipping the broker // 2- permissions are set in the manifest, // 3- if package is not broker itself for both company portal and azure // authenticator // 4- signature of the broker is valid // 5- account exists return !AuthenticationSettings.INSTANCE.getSkipBroker() && verifyManifestPermissions() && checkAccount(mAcctManager, "", "") && !packageName.equalsIgnoreCase(AuthenticationSettings.INSTANCE.getBrokerPackageName()) && !packageName.equalsIgnoreCase( AuthenticationConstants.Broker.AZURE_AUTHENTICATOR_APP_PACKAGE_NAME) && verifyAuthenticator(mAcctManager); }
private boolean checkAccount(final AccountManager am, String username, String uniqueId) { AuthenticatorDescription[] authenticators = am.getAuthenticatorTypes(); for (AuthenticatorDescription authenticator : authenticators) { if (authenticator.type.equals(AuthenticationConstants.Broker.BROKER_ACCOUNT_TYPE)) { Account[] accountList = mAcctManager.getAccountsByType(AuthenticationConstants.Broker.BROKER_ACCOUNT_TYPE); // Authenticator installed from Company portal // This supports only one account if (authenticator.packageName.equalsIgnoreCase( AuthenticationConstants.Broker.PACKAGE_NAME)) { // Adal should not connect if given username does not match if (accountList != null && accountList.length > 0) { return verifyAccount(accountList, username, uniqueId); } return false; // Check azure authenticator and allow calls for test // versions } else if (authenticator.packageName.equalsIgnoreCase( AuthenticationConstants.Broker.AZURE_AUTHENTICATOR_APP_PACKAGE_NAME) || authenticator.packageName.equalsIgnoreCase( AuthenticationSettings.INSTANCE.getBrokerPackageName())) { // Existing broker logic only connects to broker for token // requests if account exists. New version can allow to // add accounts through Adal. if (hasSupportToAddUserThroughBroker()) { Logger.v(TAG, "Broker supports to add user through app"); return true; } else if (accountList != null && accountList.length > 0) { return verifyAccount(accountList, username, uniqueId); } } } } return false; }
public BrokerProxy(final Context ctx) { mContext = ctx; mAcctManager = AccountManager.get(mContext); mHandler = new Handler(mContext.getMainLooper()); mBrokerTag = AuthenticationSettings.INSTANCE.getBrokerSignature(); }
public BrokerProxy() { mBrokerTag = AuthenticationSettings.INSTANCE.getBrokerSignature(); }