package com.fsck.k9.mail.store;
import android.util.Log;
import com.fsck.k9.Account;
import com.fsck.k9.K9;
import com.fsck.k9.R;
import com.fsck.k9.controller.MessageRetrievalListener;
import com.fsck.k9.helper.Utility;
import com.fsck.k9.mail.*;
import com.fsck.k9.mail.Folder.OpenMode;
import com.fsck.k9.mail.filter.EOLConvertingOutputStream;
import com.fsck.k9.mail.internet.MimeMessage;
import com.fsck.k9.mail.transport.TrustedSocketFactory;
import org.apache.http.*;
import org.apache.http.client.CookieStore;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.protocol.ClientContext;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.BasicCookieStore;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.protocol.BasicHttpContext;
import org.apache.http.protocol.HttpContext;
import org.xml.sax.Attributes;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xml.sax.XMLReader;
import org.xml.sax.helpers.DefaultHandler;
import javax.net.ssl.SSLException;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.parsers.SAXParser;
import javax.xml.parsers.SAXParserFactory;
import java.io.*;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Stack;
import java.util.zip.GZIPInputStream;
/**
*
* Uses WebDAV formatted HTTP calls to an MS Exchange server to fetch email
* and email information.
*
*/
public class WebDavStore extends Store {
// Security options
private static final short CONNECTION_SECURITY_NONE = 0;
private static final short CONNECTION_SECURITY_TLS_OPTIONAL = 1;
private static final short CONNECTION_SECURITY_TLS_REQUIRED = 2;
private static final short CONNECTION_SECURITY_SSL_OPTIONAL = 3;
private static final short CONNECTION_SECURITY_SSL_REQUIRED = 4;
// Authentication types
private static final short AUTH_TYPE_NONE = 0;
private static final short AUTH_TYPE_BASIC = 1;
private static final short AUTH_TYPE_FORM_BASED = 2;
private static final Flag[] PERMANENT_FLAGS = { Flag.DELETED, Flag.SEEN, Flag.ANSWERED };
private static final String[] EMPTY_STRING_ARRAY = new String[0];
private static final Message[] EMPTY_MESSAGE_ARRAY = new Message[0];
private static final String DAV_MAIL_SEND_FOLDER = "##DavMailSubmissionURI##";
private static final String DAV_MAIL_TMP_FOLDER = "drafts";
private short mConnectionSecurity;
private String mUsername; /* Stores the username for authentications */
private String mAlias; /* Stores the alias for the user's mailbox */
private String mPassword; /* Stores the password for authentications */
private String mUrl; /* Stores the base URL for the server */
private String mHost; /* Stores the host name for the server */
private String mPath; /* Stores the path for the server */
private String mAuthPath; /* Stores the path off of the server to post data to for form based authentication */
private String mMailboxPath; /* Stores the user specified path to the mailbox */
private URI mUri; /* Stores the Uniform Resource Indicator with all connection info */
private boolean mSecure;
private WebDavHttpClient mHttpClient = null;
private HttpContext mContext = null;
private String mAuthString;
private CookieStore mAuthCookies = null;
private short mAuthentication = AUTH_TYPE_NONE;
private String mCachedLoginUrl;
private HashMap mFolderList = new HashMap();
/**
* webdav://user:password@server:port CONNECTION_SECURITY_NONE
* webdav+tls://user:password@server:port CONNECTION_SECURITY_TLS_OPTIONAL
* webdav+tls+://user:password@server:port CONNECTION_SECURITY_TLS_REQUIRED
* webdav+ssl+://user:password@server:port CONNECTION_SECURITY_SSL_REQUIRED
* webdav+ssl://user:password@server:port CONNECTION_SECURITY_SSL_OPTIONAL
*/
public WebDavStore(Account account) throws MessagingException {
super(account);
try {
mUri = new URI(mAccount.getStoreUri());
} catch (URISyntaxException use) {
throw new MessagingException("Invalid WebDavStore URI", use);
}
String scheme = mUri.getScheme();
if (scheme.equals("webdav")) {
mConnectionSecurity = CONNECTION_SECURITY_NONE;
} else if (scheme.equals("webdav+ssl")) {
mConnectionSecurity = CONNECTION_SECURITY_SSL_OPTIONAL;
} else if (scheme.equals("webdav+ssl+")) {
mConnectionSecurity = CONNECTION_SECURITY_SSL_REQUIRED;
} else if (scheme.equals("webdav+tls")) {
mConnectionSecurity = CONNECTION_SECURITY_TLS_OPTIONAL;
} else if (scheme.equals("webdav+tls+")) {
mConnectionSecurity = CONNECTION_SECURITY_TLS_REQUIRED;
} else {
throw new MessagingException("Unsupported protocol");
}
mHost = mUri.getHost();
if (mHost.startsWith("http")) {
String[] hostParts = mHost.split("://", 2);
if (hostParts.length > 1) {
mHost = hostParts[1];
}
}
if (mUri.getUserInfo() != null) {
try {
String[] userInfoParts = mUri.getUserInfo().split(":");
mUsername = URLDecoder.decode(userInfoParts[0], "UTF-8");
String userParts[] = mUsername.split("\\\\", 2);
if (userParts.length > 1) {
mAlias = userParts[1];
} else {
mAlias = mUsername;
}
if (userInfoParts.length > 1) {
mPassword = URLDecoder.decode(userInfoParts[1], "UTF-8");
}
} catch (UnsupportedEncodingException enc) {
// This shouldn't happen since the encoding is hardcoded to UTF-8
Log.e(K9.LOG_TAG, "Couldn't urldecode username or password.", enc);
}
}
String[] pathParts = mUri.getPath().split("\\|");
for (int i = 0, count = pathParts.length; i < count; i++) {
if (i == 0) {
if (pathParts[0] != null &&
pathParts[0].length() > 1) {
mPath = pathParts[0];
}
} else if (i == 1) {
if (pathParts[1] != null &&
pathParts[1].length() > 1) {
mAuthPath = pathParts[1];
}
} else if (i == 2) {
if (pathParts[2] != null &&
pathParts[2].length() > 1) {
mMailboxPath = pathParts[2];
}
}
}
if (mPath == null || mPath.equals("")) {
mPath = "/Exchange";
} else if (!mPath.startsWith("/")) {
mPath = "/" + mPath;
}
if (mMailboxPath == null || mMailboxPath.equals("")) {
mMailboxPath = "/" + mAlias;
} else if (!mMailboxPath.startsWith("/")) {
mMailboxPath = "/" + mMailboxPath;
}
if (mAuthPath != null &&
!mAuthPath.equals("") &&
!mAuthPath.startsWith("/")) {
mAuthPath = "/" + mAuthPath;
}
// The URL typically looks like the following: "https://mail.domain.com/Exchange/alias".
// The inbox path would look like: "https://mail.domain.com/Exchange/alias/Inbox".
mUrl = getRoot() + mPath + mMailboxPath;
mSecure = mConnectionSecurity == CONNECTION_SECURITY_SSL_REQUIRED;
mAuthString = "Basic " + Utility.base64Encode(mUsername + ":" + mPassword);
}
private String getRoot() {
String root;
if (mConnectionSecurity == CONNECTION_SECURITY_TLS_REQUIRED ||
mConnectionSecurity == CONNECTION_SECURITY_SSL_REQUIRED ||
mConnectionSecurity == CONNECTION_SECURITY_TLS_OPTIONAL ||
mConnectionSecurity == CONNECTION_SECURITY_SSL_OPTIONAL) {
root = "https";
} else {
root = "http";
}
root += "://" + mHost + ":" + mUri.getPort();
return root;
}
@Override
public void checkSettings() throws MessagingException {
authenticate();
}
@Override
public List extends Folder > getPersonalNamespaces(boolean forceListAll) throws MessagingException {
LinkedList folderList = new LinkedList();
HashMap headers = new HashMap();
DataSet dataset = new DataSet();
String messageBody;
String[] folderUrls;
int urlLength;
String translatedInbox = K9.app.getString(R.string.special_mailbox_name_inbox);
/**
* We have to check authentication here so we have the proper URL stored
*/
getHttpClient();
messageBody = getFolderListXml();
headers.put("Brief", "t");
dataset = processRequest(this.mUrl, "SEARCH", messageBody, headers);
folderUrls = dataset.getHrefs();
urlLength = folderUrls.length;
for (int i = 0; i < urlLength; i++) {
String[] urlParts = folderUrls[i].split("/");
String folderName = urlParts[urlParts.length - 1];
String fullPathName = "";
WebDavFolder wdFolder;
// Check each Exchange folder name to see if it is the user's inbox.
// We will check for the default English inbox ("Inbox"), and the user's
// translation for "Inbox", in case the user is using a non-English
// version of Exchange.
if (folderName.equalsIgnoreCase("Inbox") ||
folderName.equalsIgnoreCase(translatedInbox)) {
folderName = K9.INBOX;
} else {
for (int j = 5, count = urlParts.length; j < count; j++) {
if (j != 5) {
fullPathName = fullPathName + "/" + urlParts[j];
} else {
fullPathName = urlParts[j];
}
}
try {
folderName = java.net.URLDecoder.decode(fullPathName, "UTF-8");
} catch (UnsupportedEncodingException uee) {
/** If we don't support UTF-8 there's a problem, don't decode it then */
folderName = fullPathName;
}
}
wdFolder = new WebDavFolder(this, folderName);
wdFolder.setUrl(folderUrls[i]);
folderList.add(wdFolder);
this.mFolderList.put(folderName, wdFolder);
}
return folderList;
}
@Override
public Folder getFolder(String name) {
WebDavFolder folder;
if ((folder = this.mFolderList.get(name)) == null) {
folder = new WebDavFolder(this, name);
}
return folder;
}
public Folder getSendSpoolFolder() throws MessagingException {
return getFolder(DAV_MAIL_SEND_FOLDER);
}
@Override
public boolean isMoveCapable() {
return true;
}
@Override
public boolean isCopyCapable() {
return true;
}
/***************************************************************
* WebDAV XML Request body retrieval functions
*/
private String getFolderListXml() {
StringBuffer buffer = new StringBuffer(200);
buffer.append("");
buffer.append("\r\n");
buffer.append("SELECT \"DAV:uid\", \"DAV:ishidden\"\r\n");
buffer.append(" FROM SCOPE('hierarchical traversal of \"").append(this.mUrl).append("\"')\r\n");
buffer.append(" WHERE \"DAV:ishidden\"=False AND \"DAV:isfolder\"=True\r\n");
buffer.append("\r\n");
return buffer.toString();
}
private String getMessageCountXml(String messageState) {
StringBuffer buffer = new StringBuffer(200);
buffer.append("");
buffer.append("\r\n");
buffer.append("SELECT \"DAV:visiblecount\"\r\n");
buffer.append(" FROM \"\"\r\n");
buffer.append(" WHERE \"DAV:ishidden\"=False AND \"DAV:isfolder\"=False AND \"urn:schemas:httpmail:read\"=")
.append(messageState).append("\r\n");
buffer.append(" GROUP BY \"DAV:ishidden\"\r\n");
buffer.append("\r\n");
return buffer.toString();
}
private String getMessageEnvelopeXml(String[] uids) {
StringBuffer buffer = new StringBuffer(200);
buffer.append("");
buffer.append("\r\n");
buffer.append("SELECT \"DAV:uid\", \"DAV:getcontentlength\",");
buffer.append(" \"urn:schemas:mailheader:mime-version\",");
buffer.append(" \"urn:schemas:mailheader:content-type\",");
buffer.append(" \"urn:schemas:mailheader:subject\",");
buffer.append(" \"urn:schemas:mailheader:date\",");
buffer.append(" \"urn:schemas:mailheader:thread-topic\",");
buffer.append(" \"urn:schemas:mailheader:thread-index\",");
buffer.append(" \"urn:schemas:mailheader:from\",");
buffer.append(" \"urn:schemas:mailheader:to\",");
buffer.append(" \"urn:schemas:mailheader:in-reply-to\",");
buffer.append(" \"urn:schemas:mailheader:cc\",");
buffer.append(" \"urn:schemas:httpmail:read\"");
buffer.append(" \r\n");
buffer.append(" FROM \"\"\r\n");
buffer.append(" WHERE \"DAV:ishidden\"=False AND \"DAV:isfolder\"=False AND ");
for (int i = 0, count = uids.length; i < count; i++) {
if (i != 0) {
buffer.append(" OR ");
}
buffer.append(" \"DAV:uid\"='").append(uids[i]).append("' ");
}
buffer.append("\r\n");
buffer.append("\r\n");
return buffer.toString();
}
private String getMessagesXml() {
StringBuffer buffer = new StringBuffer(200);
buffer.append("");
buffer.append("\r\n");
buffer.append("SELECT \"DAV:uid\"\r\n");
buffer.append(" FROM \"\"\r\n");
buffer.append(" WHERE \"DAV:ishidden\"=False AND \"DAV:isfolder\"=False\r\n");
buffer.append("\r\n");
return buffer.toString();
}
private String getMessageUrlsXml(String[] uids) {
StringBuffer buffer = new StringBuffer(600);
buffer.append("");
buffer.append("\r\n");
buffer.append("SELECT \"urn:schemas:httpmail:read\", \"DAV:uid\"\r\n");
buffer.append(" FROM \"\"\r\n");
buffer.append(" WHERE \"DAV:ishidden\"=False AND \"DAV:isfolder\"=False AND ");
for (int i = 0, count = uids.length; i < count; i++) {
if (i != 0) {
buffer.append(" OR ");
}
buffer.append(" \"DAV:uid\"='").append(uids[i]).append("' ");
}
buffer.append("\r\n");
buffer.append("\r\n");
return buffer.toString();
}
private String getMessageFlagsXml(String[] uids) throws MessagingException {
if (uids.length == 0) {
throw new MessagingException("Attempt to get flags on 0 length array for uids");
}
StringBuffer buffer = new StringBuffer(200);
buffer.append("");
buffer.append("\r\n");
buffer.append("SELECT \"urn:schemas:httpmail:read\", \"DAV:uid\"\r\n");
buffer.append(" FROM \"\"\r\n");
buffer.append(" WHERE \"DAV:ishidden\"=False AND \"DAV:isfolder\"=False AND ");
for (int i = 0, count = uids.length; i < count; i++) {
if (i != 0) {
buffer.append(" OR ");
}
buffer.append(" \"DAV:uid\"='").append(uids[i]).append("' ");
}
buffer.append("\r\n");
buffer.append("\r\n");
return buffer.toString();
}
private String getMarkMessagesReadXml(String[] urls, boolean read) {
StringBuffer buffer = new StringBuffer(600);
buffer.append("\r\n");
buffer.append("\r\n");
buffer.append("\r\n");
for (String url : urls) {
buffer.append(" ").append(url).append("\r\n");
}
buffer.append("\r\n");
buffer.append("\r\n");
buffer.append(" \r\n");
buffer.append(" ").append(read ? "1" : "0").append("\r\n");
buffer.append(" \r\n");
buffer.append("\r\n");
buffer.append("\r\n");
return buffer.toString();
}
// For flag:
// http://www.devnewsgroups.net/group/microsoft.public.exchange.development/topic27175.aspx
// "1" & _
private String getMoveOrCopyMessagesReadXml(String[] urls, boolean isMove) {
String action = (isMove ? "move" : "copy");
StringBuffer buffer = new StringBuffer(600);
buffer.append("\r\n");
buffer.append("\r\n");
buffer.append("\r\n");
for (String url : urls) {
buffer.append(" ").append(url).append("\r\n");
}
buffer.append("\r\n");
buffer.append("\r\n");
return buffer.toString();
}
/***************************************************************
* Authentication related methods
*/
/**
* Determines which type of authentication Exchange is using and authenticates appropriately.
*
* @throws MessagingException
*/
public boolean authenticate()
throws MessagingException {
try {
if (mAuthentication == AUTH_TYPE_NONE) {
ConnectionInfo info = doInitialConnection();
if (info.requiredAuthType == AUTH_TYPE_BASIC) {
HttpGeneric request = new HttpGeneric(mUrl);
request.setMethod("GET");
request.setHeader("Authorization", mAuthString);
WebDavHttpClient httpClient = new WebDavHttpClient();
HttpResponse response = httpClient.executeOverride(request, mContext);
int statusCode = response.getStatusLine().getStatusCode();
if (statusCode >= 200 && statusCode < 300) {
mAuthentication = AUTH_TYPE_BASIC;
} else if (statusCode == 401) {
throw new MessagingException("Invalid username or password for authentication.");
} else {
throw new MessagingException("Error with code " + response.getStatusLine().getStatusCode() +
" during request processing: " + response.getStatusLine().toString());
}
} else if (info.requiredAuthType == AUTH_TYPE_FORM_BASED) {
doFBA(info);
}
} else if (mAuthentication == AUTH_TYPE_BASIC) {
// Nothing to do, we authenticate with every request when
// using basic authentication.
} else if (mAuthentication == AUTH_TYPE_FORM_BASED) {
// Our cookie expired, re-authenticate.
doFBA(null);
}
} catch (IOException ioe) {
Log.e(K9.LOG_TAG, "Error during authentication: " + ioe + "\nStack: " + processException(ioe));
throw new MessagingException("Error during authentication", ioe);
}
return mAuthentication != AUTH_TYPE_NONE;
}
/**
* Makes the initial connection to Exchange for authentication. Determines the type of authentication necessary for
* the server.
*
* @throws MessagingException
*/
private ConnectionInfo doInitialConnection()
throws MessagingException {
// For our initial connection we are sending an empty GET request to
// the configured URL, which should be in the following form:
// https://mail.server.com/Exchange/alias
//
// Possible status codes include:
// 401 - the server uses basic authentication
// 30x - the server is trying to redirect us to an OWA login
// 20x - success
//
// The latter two indicate form-based authentication.
ConnectionInfo info = new ConnectionInfo();
WebDavHttpClient httpClient = getHttpClient();
HttpGeneric request = new HttpGeneric(mUrl);
request.setMethod("GET");
try {
HttpResponse response = httpClient.executeOverride(request, mContext);
info.statusCode = response.getStatusLine().getStatusCode();
if (info.statusCode == 401) {
// 401 is the "Unauthorized" status code, meaning the server wants
// an authentication header for basic authentication.
info.requiredAuthType = AUTH_TYPE_BASIC;
} else if ((info.statusCode >= 200 && info.statusCode < 300) || // Success
(info.statusCode >= 300 && info.statusCode < 400) || // Redirect
(info.statusCode == 440)) { // Unauthorized
// We will handle all 3 situations the same. First we take an educated
// guess at where the authorization DLL is located. If this is this
// doesn't work, then we'll use the redirection URL for OWA login given
// to us by exchange. We can use this to scrape the location of the
// authorization URL.
info.requiredAuthType = AUTH_TYPE_FORM_BASED;
if (mAuthPath != null && !mAuthPath.equals("")) {
// The user specified their own authentication path, use that.
info.guessedAuthUrl = getRoot() + mAuthPath;
} else {
// Use the default path to the authentication dll.
info.guessedAuthUrl = getRoot() + "/exchweb/bin/auth/owaauth.dll";
}
// Determine where the server is trying to redirect us.
Header location = response.getFirstHeader("Location");
if (location != null) {
info.redirectUrl = location.getValue();
}
} else {
throw new IOException("Error with code " + info.statusCode + " during request processing: " +
response.getStatusLine().toString());
}
} catch (SSLException e) {
throw new CertificateValidationException(e.getMessage(), e);
} catch (IOException ioe) {
Log.e(K9.LOG_TAG, "IOException: " + ioe + "\nTrace: " + processException(ioe));
throw new MessagingException("IOException", ioe);
}
return info;
}
/**
* Performs form-based authentication.
*
* @throws MessagingException
*/
public void doFBA(ConnectionInfo info)
throws IOException, MessagingException {
// Clear out cookies from any previous authentication.
mAuthCookies.clear();
WebDavHttpClient httpClient = getHttpClient();
String loginUrl;
if (info != null) {
loginUrl = info.guessedAuthUrl;
} else if (mCachedLoginUrl != null && !mCachedLoginUrl.equals("")) {
loginUrl = mCachedLoginUrl;
} else {
throw new MessagingException("No valid login URL available for form-based authentication.");
}
HttpGeneric request = new HttpGeneric(loginUrl);
request.setMethod("POST");
// Build the POST data.
ArrayList pairs = new ArrayList();
pairs.add(new BasicNameValuePair("destination", mUrl));
pairs.add(new BasicNameValuePair("username", mUsername));
pairs.add(new BasicNameValuePair("password", mPassword));
pairs.add(new BasicNameValuePair("flags", "0"));
pairs.add(new BasicNameValuePair("SubmitCreds", "Log+On"));
pairs.add(new BasicNameValuePair("forcedownlevel", "0"));
pairs.add(new BasicNameValuePair("trusted", "0"));
UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(pairs);
request.setEntity(formEntity);
HttpResponse response = httpClient.executeOverride(request, mContext);
boolean authenticated = testAuthenticationResponse(response);
if (!authenticated) {
// Check the response from the authentication request above for a form action.
String formAction = findFormAction(WebDavHttpClient.getUngzippedContent(response.getEntity()));
if (formAction == null) {
// If there is no form action, try using our redirect URL from the initial connection.
if (info != null && info.redirectUrl != null && !info.redirectUrl.equals("")) {
loginUrl = info.redirectUrl;
request = new HttpGeneric(loginUrl);
request.setMethod("GET");
response = httpClient.executeOverride(request, mContext);
formAction = findFormAction(WebDavHttpClient.getUngzippedContent(response.getEntity()));
}
}
if (formAction != null) {
try {
URI formActionUri = new URI(formAction);
URI loginUri = new URI(loginUrl);
if (formActionUri.isAbsolute()) {
// The form action is an absolute URL, just use it.
loginUrl = formAction;
} else {
// Append the form action to our current URL, minus the file name.
String urlPath;
if (formAction.startsWith("/")) {
urlPath = formAction;
} else {
urlPath = loginUri.getPath();
int lastPathPos = urlPath.lastIndexOf('/');
if (lastPathPos > -1) {
urlPath = urlPath.substring(0, lastPathPos + 1);
urlPath = urlPath.concat(formAction);
}
}
// Reconstruct the login URL based on the original login URL and the form action.
URI finalUri = new URI(loginUri.getScheme(),
loginUri.getUserInfo(),
loginUri.getHost(),
loginUri.getPort(),
urlPath,
null,
null);
loginUrl = finalUri.toString();
}
// Retry the login using our new URL.
request = new HttpGeneric(loginUrl);
request.setMethod("POST");
request.setEntity(formEntity);
response = httpClient.executeOverride(request, mContext);
authenticated = testAuthenticationResponse(response);
} catch (URISyntaxException e) {
Log.e(K9.LOG_TAG, "URISyntaxException caught " + e + "\nTrace: " + processException(e));
throw new MessagingException("URISyntaxException caught", e);
}
} else {
throw new MessagingException("A valid URL for Exchange authentication could not be found.");
}
}
if (authenticated) {
mAuthentication = AUTH_TYPE_FORM_BASED;
mCachedLoginUrl = loginUrl;
} else {
throw new MessagingException("Invalid credentials provided for authentication.");
}
}
/**
* Searches the specified stream for an HTML form and returns the form's action target.
*
* @throws IOException
*/
private String findFormAction(InputStream istream)
throws IOException {
String formAction = null;
BufferedReader reader = new BufferedReader(new InputStreamReader(istream), 4096);
String tempText;
// Read line by line until we find something like: