Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit 4c99c8c5 authored by Tobias Kaminsky's avatar Tobias Kaminsky Committed by GitHub
Browse files

Merge pull request #245 from nextcloud/readme-security 

update readme with infos about security
parents 88f318a4 1a5de5ec

NextcloudSingleSignOn.png

deleted100644 → 0
−274 KiB
Loading image diff...

NextcloudSingleSignOn.xml

deleted100644 → 0
+0 −1
Original line number Diff line number Diff line 
<mxfile userAgent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36" version="8.6.5" editor="www.draw.io" type="device"><diagram name="Page-1" id="9361dd3d-8414-5efd-6122-117bd74ce7a7">7VxZc9s4Ev41qso8iEUcvB7lazNVySQ1Tu3uPFIUJHFMERoSiu399QvwxkGJlqGMJ+VUSiabJCD2+XU3oBm63j39q4j32890RbIZdFdPM3QzgxAAGPE/gvLcUNwQ1JRNka4aWk+4T/9H2hsb6iFdkVK6kVGasXQvExOa5yRhEi0uCvoo37ammTzrPt40M7o94T6Js/Z7OF5P/0+6YtuaHkK/p38k6Wbbzg385p2XcfKwKeghb2acQbSu/tWXd3E7VjNzuY1X9HFAQrczdF1Qyuqj3dM1yQR7W8bVz92NXO1esCA5m/QADupHvsfZoXn9j3G+yshKvM0z/7hP801G5vfpJp9/yTnhU7os4kJc4jfyz9/IE0syehDHi/1+Bv2Mz321LPjRRhy9U94p75R3yjvFOiXe7flBviz31XkVUthzG8iqQESEq3f55cdtysj9Pk7E1Uceuzlty3YZPwP8cJ1m2TXNaFE9i1YxCdcJp5esoA9kcMVPQrJcd/N9JwUjT6PxB3RRjQMGQneEVaGjeQAGTSBssMK8DYyPfdj1w4a2lUIuaqhxE+033eB9vOMHTcgbCX+ur4W/ls/lPs47TqPFdZbyd5oPAhwfXLpH5T6P7XtxeNhln9I1ydKcn13tSZHy70kEM7OG/LWnnZISxzws5o8U3XmWxfsyXVazCjEXJDkUZfqd/E7KGloJKj0wMdN1B5lcXeQLeI2vIzuCBZ4nCdbX5Qpcg1xDaEWsOqrRxDNg6p6mOavm865m3o0iJVqwLd3QPM6GclJ4d7vwr3zfZC7L0MOeO5mrtUaO8hXLbI1MbNW5Cq0YCzAZy4/h6iV4h8NpzEPAAvOQzrprOFvwkf2/DgLtX32imzTvTzXOkhVPUprTnFa+RPAj5XnLp3hJsq+0TFlKc36Z0f3g6iLj0J1Tl5QxuuMXMuX2jKzFjHFzX1G9utneoSu+xlEHcMrCO6KJnc1wX4XqDJ2JHCUAjuQhSnooEtI8NUx3lIGgqw3U5nrtUCwuNoSdHgrIyjRXvhFdr0sijVBpSMeniX4MHDMw8pSy/wpX7nggaM7/ENcc18XiPF8tRDosZJ/R5KEm3aVZO8CfhLHnJv+OD4yKONGZ5ScqtKibaGClN703U7TBqDG1cFof0gigZrPkrnVVKkgWMx7J5Ax/stog7DkI4xAGXujDNia01o9dh1t2dx2dqVEAOB5nP8QABREfUPExKHSi4TSTlO0sVYGahykIOxQiYy8PSULKUtMl7kyZDC8KgRniHkzoPrz1EgkXc+WyVTezS1cr8XztZq66gsjArTclkSNuvSntNN9kNqjUDN39cQjiOhx1+LK912ev1CuoYFagjGDF9iNNnCXJOEsWScK5yT78csEAwVlcPAvPMne5K/Fayh+Vr3Fd0BLMPuF00FDMv/UJkqMY8wmtDBQhRNAQy+1Enw4UtEoUaEFjqrdA+ORQFl2CjjmSLaUlEbPVWjQTXLyrPrmhCKDDM4qCxEzck5PH4Z0X07ZVXG6rJBUMVY9brxsMNW9+EdXDozFqVPVQ6DnY8yD2I4C80IWyy+eZqRPx9MeNoFf9xxfTTOTL6gRdxRNN1UsPQKeLYDxWReqwjh9GfhvnQnwplY1acRzFOxzfIDzEO28V6+BRZ2cd63DROO5ASFiSIEJgiIR8FYdM9l8eNMGZbhbX8Ydg6HJ64o2DHS7crWA6z8Lznwzx1OZxDPC4gZKWQCuIB0B51FCNWlYgTwA0qQ57S3UjqjrYCEF/0cXbFzyriibNWRuiDBXOu7ubyFCyqYLZmH1rghsVhioHQ63BMxUbrJS/dPA4UtW8v/8yr/t9xXtZc4JUkVJAmFrWjCIrBTjXINc3VYCLjnJPKcABk1GYkFFggXlRpLFqCGF7btz21Cuuct87dzJEIrbQxhRk0Vrz6TrKpbAFcirQ0IILGVvA0HeGBRB0Zm50fBbkAUMt5wSy4DKKnwe3NQYx+qKRAqeRe/Qbq7f70u38oJ7//JKObu4lowX5WdHNcech8j/U1tFblltBN1hGNwpqtVPJBX9fR+oSrhsF01y3b6WdB3RgaMIzi3xVUP6Q1hYfATZjHXZpzK5Q8jnO4807TJoEk3BwHkxCx2og09UFv3FbAye4p8AkPNHWbKAkQ5/SYBU3abnPqtDaNywXWUZFwbBaIcEDFP84VLXGzoT61qZ7k8YZ3Uy1pX8IUAPTi0DHE3ke6hAOQkkL5h3key2aw040+BfIbTHgBQ6MMI9XPjdiLzyz0XpikjBy+NihqCeJuUIoz2IJzoWu8mrH4Zx6e3gEzulNAqUfoRTYLIGIULPOXfxAKp3460BKvUo/MIUj3R6DjfQNILGqQmoAQXSiCn+i5B6MRBPVcEYWc7y2eadUyDw15Iyo+DnygoZ8HS2k9dItZKnd5juG6AXlo/MwRIRtYAhogpxvCUPAkVy/xRAy89DEhWKeZ4V5enlej+m910myuCzTRIncL4v5nccCDvAi2WEhGI05rEFLCbfdn8bLBegV3aBuf8fQoxnd4YRlVKY6sWcHDCgNRE/FkJPjvZJCR8o3uUxE9/CLIrrXNBisFWigviDy31xZ1tUrHdiW6wOPuFUX/Ocs2TSWfqQj5QJXLtkgO3orA8o58C7SkQKt45KW4VS7njrE5X54TPuOo74s57UQjCMwBX/hYMydjbgmg8OZgL8usyjPVzoonlohsom/9D6Y1FAkPIAUpjrQOw4bOFFl+RP2gQFKmIo5NgoS3TaPtwvEXtbzCiID93TmgfCIZU1nno5iyRPXKnbJnNGV3NVEr4RM0cXglcaU9ZVeKfCVrNCf1sU6a1meHlO6xSurmMWvFQjdc5yhLatr91mHA9QrWip4uHJcLJl94SIoSTpHpDgJ9FqWoo+nwdCzpKjnOMuUc5nHlDQhhuW5lnFAtRwSvhAITIv5L89QQjvZCFI2jWF9e8bUhASjk0PZVAbDam1WkHj3w02aa0kYShbte5aXNbZGbqjqWbfoUKljBOGZCWrgnxjIojZgPep2Dv72KSH7JiP8cJdW69lyKr7ouvrViHZBtuP8ogPTNRU9lv6nGXiGyT8/fvv2lf/5Nd8f2H2jdSc2Bl9S/STlw9iu7h2pKNtf9qKqjLo2b7IvCk8MZFP3DAnrW/FEURj9gz2R7zt9xyrw5aXPgR84g4v43PXVvtw3C18yiU0t0tvAjuNounNW8erAaJPNgkEtq9mDqqpgvXWk5El0mm++Vd3YObaT13qRjBCCQN+ogQyZmZUVLe3qNlOIYM/7ysX/aHOFSirg+9CuuRrR5YXafOpOq/Bc562WyLWBbJqdXk8+5BfJKl4lwR+TCij7+9Q1wFPl57e7CrpfI1MbvjYFqDfoNYkNpNHsmxvIcKpc/q5+EXDVauDE9nk/0tiDNsWgp2P33LuKdUmLke2Meigz7AqRS4UNaXo3xlQQln+ip9qx0gRHb6buYHl9zFOE150Pi5H4UjGvVcGBVD7Xq1d+I+yRFg/86Pe6Jmlpq7oVqLFKC5I0O1kfRb308mJSqljtSrBTe4fOkBI/7X9ssDa1/kcd0e3/AQ==</diagram></mxfile>
 
 No newline at end of file

README.md

+38 −31
Original line number Diff line number Diff line 
# Nextcloud Single Sign On

[![Codacy Badge](https://api.codacy.com/project/badge/Grade/8aa66fac0af94ef2836d386fad69f199)](https://www.codacy.com/app/Nextcloud/Android-SingleSignOn?utm_source=github.com&amp;utm_medium=referral&amp;utm_content=nextcloud/Android-SingleSignOn&amp;utm_campaign=Badge_Grade)



[![](https://jitpack.io/v/nextcloud/Android-SingleSignOn.svg)](https://jitpack.io/#nextcloud/Android-SingleSignOn)

[![Codacy Badge](https://api.codacy.com/project/badge/Grade/8aa66fac0af94ef2836d386fad69f199)](https://www.codacy.com/app/Nextcloud/Android-SingleSignOn?utm_source=github.com&utm_medium=referral&utm_content=nextcloud/Android-SingleSignOn&utm_campaign=Badge_Grade)



[![](https://jitpack.io/v/nextcloud/Android-SingleSignOn.svg)](https://jitpack.io/#nextcloud/Android-SingleSignOn)



This library allows you to use accounts as well as the network stack provided by the [nextcloud files app](https://play.google.com/store/apps/details?id=com.nextcloud.client). Therefore you as a developer don't need to worry about asking the user for credentials as well as you don't need to worry about self-signed ssl certificates, two factor authentication, save credential storage etc.



*Please note that the user needs to install the [nextcloud files app](https://play.google.com/store/apps/details?id=com.nextcloud.client) in order to use those features.* While this might seem like a "no-go" for some developers, we still think that using this library is worth consideration as it makes the account handling much faster and safer.

_Please note that the user needs to install the [nextcloud files app](https://play.google.com/store/apps/details?id=com.nextcloud.client) in order to use those features._ While this might seem like a "no-go" for some developers, we still think that using this library is worth consideration as it makes the account handling much faster and safer.



## How to use this library
@@ -44,6 +44,7 @@ private void openAccountChooser() { 
    }

}

```



From a Fragment



```java
@@ -55,6 +56,7 @@ private void openAccountChooser() { 
    }

}

```



### 3) To handle the result of the Account Chooser, include the following:



From an Activity
@@ -139,6 +141,7 @@ public void onActivityResult(int requestCode, int resultCode, Intent data) { 
    });

}

```



From both an Activity and Fragment



```java
@@ -304,8 +307,7 @@ public class MyActivity extends AppCompatActivity { 
}

```





6) WebDAV

6. WebDAV



The following WebDAV Methods are supported: `PROPFIND` / `MKCOL`
@@ -335,6 +337,14 @@ if (VersionCheckHelper.verifyMinVersion(context, MIN_NEXTCLOUD_FILES_APP_VERSION 
}

```



## Security



Once the user clicks on "Allow" in the login dialog, the Nextcloud Files App will generate a token for your app. Only your app is allowed to use that token. Even if another app will get a hold of that token, it won't be able to make any requests to the nextcloud server as the nextcloud files app matches that token against the namespace of your app.



![](doc/NextcloudSSO.png)



![](doc/NextcloudSSOHacker.png)



## Nextcloud Conference 2018 Talk (5min)



[![Nextcloud Single Sign On for Android David Luhmer](https://img.youtube.com/vi/gnLOwmrJLUw/0.jpg)](https://www.youtube.com/watch?v=gnLOwmrJLUw)
@@ -343,7 +353,6 @@ if (VersionCheckHelper.verifyMinVersion(context, MIN_NEXTCLOUD_FILES_APP_VERSION 


![](https://user-images.githubusercontent.com/4489723/41563281-75cbc196-734f-11e8-8b22-7b906363e34a.gif)





## Examples



- [Nextcloud News app](https://github.com/nextcloud/news-android)
@@ -357,9 +366,6 @@ if (VersionCheckHelper.verifyMinVersion(context, MIN_NEXTCLOUD_FILES_APP_VERSION 
  - [API](https://github.com/stefan-niedermann/nextcloud-deck/blob/master/app/src/main/java/it/niedermann/nextcloud/deck/api/DeckAPI.java)

  - [Login](https://github.com/stefan-niedermann/nextcloud-deck/blob/master/app/src/main/java/it/niedermann/nextcloud/deck/ui/ImportAccountActivity.java#L76)









## Flow Diagram



Note that the "Make network request" section in the diagram only shows the workflow if you use the "retrofit" api.
@@ -367,4 +373,5 @@ Note that the "Make network request" section in the diagram only shows the workf 
![Flow Diagram](doc/NextcloudSingleSignOn.png)



# Translations



We manage translations via [Transifex](https://www.transifex.com/nextcloud/nextcloud/android-singlesignon/). So just request joining the translation team for Android on the site and start translating. All translations will then be automatically pushed to this repository, there is no need for any pull request for translations.

doc/NextcloudSSO.drawio

0 → 100644
+1 −0

File added.

Preview size limit exceeded, changes collapsed.

doc/NextcloudSSO.png

0 → 100644
+156 KiB
Loading image diff...