Add support for Exchange 2003 provisioning
* Provisioning for Exchange 2003 and Exchange 2007 now supported
* Added end-to-end test of Exchange 2003 provisioning parser
Change-Id: I1f86f2909351a8220b963551cd33fecdf59a7e26
diff --git a/src/com/android/exchange/EasSyncService.java b/src/com/android/exchange/EasSyncService.java
index 36c6aae..e0e0ed2 100644
--- a/src/com/android/exchange/EasSyncService.java
+++ b/src/com/android/exchange/EasSyncService.java
@@ -116,6 +116,9 @@
static private final String AUTO_DISCOVER_PAGE = "/autodiscover/autodiscover.xml";
static private final int AUTO_DISCOVER_REDIRECT_CODE = 451;
+ static public final String EAS_12_POLICY_TYPE = "MS-EAS-Provisioning-WBXML";
+ static public final String EAS_2_POLICY_TYPE = "MS-WAP-Provisioning-XML";
+
/**
* We start with an 8 minute timeout, and increase/decrease by 3 minutes at a time. There's
* no point having a timeout shorter than 5 minutes, I think; at that point, we can just let
@@ -972,6 +975,10 @@
return false;
}
+ private String getPolicyType() {
+ return (mProtocolVersionDouble >= 12.0) ? EAS_12_POLICY_TYPE : EAS_2_POLICY_TYPE;
+ }
+
// TODO This is Exchange 2007 only at this point
/**
* Obtain a set of policies from the server and determine whether those policies are supported
@@ -983,7 +990,7 @@
private ProvisionParser canProvision() throws IOException {
Serializer s = new Serializer();
s.start(Tags.PROVISION_PROVISION).start(Tags.PROVISION_POLICIES);
- s.start(Tags.PROVISION_POLICY).data(Tags.PROVISION_POLICY_TYPE, "MS-EAS-Provisioning-WBXML")
+ s.start(Tags.PROVISION_POLICY).data(Tags.PROVISION_POLICY_TYPE, getPolicyType())
.end().end().end().done();
HttpResponse resp = sendHttpClientPost("Provision", s.toByteArray());
int code = resp.getStatusLine().getStatusCode();
@@ -1024,7 +1031,10 @@
Serializer s = new Serializer();
s.start(Tags.PROVISION_PROVISION).start(Tags.PROVISION_POLICIES);
s.start(Tags.PROVISION_POLICY);
- s.data(Tags.PROVISION_POLICY_TYPE, "MS-EAS-Provisioning-WBXML");
+
+ // Use the proper policy type, depending on EAS version
+ s.data(Tags.PROVISION_POLICY_TYPE, getPolicyType());
+
s.data(Tags.PROVISION_POLICY_KEY, tempKey);
s.data(Tags.PROVISION_STATUS, "1");
if (remoteWipe) {
diff --git a/src/com/android/exchange/adapter/ProvisionParser.java b/src/com/android/exchange/adapter/ProvisionParser.java
index 513279a..ee947f2 100644
--- a/src/com/android/exchange/adapter/ProvisionParser.java
+++ b/src/com/android/exchange/adapter/ProvisionParser.java
@@ -19,6 +19,11 @@
import com.android.email.SecurityPolicy.PolicySet;
import com.android.exchange.EasSyncService;
+import org.xmlpull.v1.XmlPullParser;
+import org.xmlpull.v1.XmlPullParserException;
+import org.xmlpull.v1.XmlPullParserFactory;
+
+import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
@@ -51,7 +56,7 @@
return mRemoteWipe;
}
- public void parseProvisionDoc() throws IOException {
+ public void parseProvisionDocWbxml() throws IOException {
int minPasswordLength = 0;
int passwordMode = PolicySet.PASSWORD_MODE_NONE;
int maxPasswordFails = 0;
@@ -114,10 +119,149 @@
}
}
+ class ShadowPolicySet {
+ int mMinPasswordLength = 0;
+ int mPasswordMode = PolicySet.PASSWORD_MODE_NONE;
+ int mMaxPasswordFails = 0;
+ int mMaxScreenLockTime = 0;
+ }
+
+ public void parseProvisionDocXml(String doc) throws IOException {
+ ShadowPolicySet sps = new ShadowPolicySet();
+
+ try {
+ XmlPullParserFactory factory = XmlPullParserFactory.newInstance();
+ XmlPullParser parser = factory.newPullParser();
+ parser.setInput(new ByteArrayInputStream(doc.getBytes()), "UTF-8");
+ int type = parser.getEventType();
+ if (type == XmlPullParser.START_DOCUMENT) {
+ type = parser.next();
+ if (type == XmlPullParser.START_TAG) {
+ String tagName = parser.getName();
+ if (tagName.equals("wap-provisioningdoc")) {
+ parseWapProvisioningDoc(parser, sps);
+ }
+ }
+ }
+ } catch (XmlPullParserException e) {
+ throw new IOException();
+ }
+
+ mPolicySet = new PolicySet(sps.mMinPasswordLength, sps.mPasswordMode, sps.mMaxPasswordFails,
+ sps.mMaxScreenLockTime, true);
+ }
+
+ /**
+ * Return true if password is required; otherwise false.
+ */
+ boolean parseSecurityPolicy(XmlPullParser parser, ShadowPolicySet sps)
+ throws XmlPullParserException, IOException {
+ boolean passwordRequired = true;
+ while (true) {
+ int type = parser.nextTag();
+ if (type == XmlPullParser.END_TAG && parser.getName().equals("characteristic")) {
+ break;
+ } else if (type == XmlPullParser.START_TAG) {
+ String tagName = parser.getName();
+ if (tagName.equals("parm")) {
+ String name = parser.getAttributeValue(null, "name");
+ if (name.equals("4131")) {
+ String value = parser.getAttributeValue(null, "value");
+ if (value.equals("1")) {
+ passwordRequired = false;
+ }
+ }
+ }
+ }
+ }
+ return passwordRequired;
+ }
+
+ void parseCharacteristic(XmlPullParser parser, ShadowPolicySet sps)
+ throws XmlPullParserException, IOException {
+ boolean enforceInactivityTimer = true;
+ while (true) {
+ int type = parser.nextTag();
+ if (type == XmlPullParser.END_TAG && parser.getName().equals("characteristic")) {
+ break;
+ } else if (type == XmlPullParser.START_TAG) {
+ if (parser.getName().equals("parm")) {
+ String name = parser.getAttributeValue(null, "name");
+ String value = parser.getAttributeValue(null, "value");
+ if (name.equals("AEFrequencyValue")) {
+ if (enforceInactivityTimer) {
+ if (value.equals("0")) {
+ sps.mMaxScreenLockTime = 1;
+ } else {
+ sps.mMaxScreenLockTime = 60*Integer.parseInt(value);
+ }
+ }
+ } else if (name.equals("AEFrequencyType")) {
+ // "0" here means we don't enforce an inactivity timeout
+ if (value.equals("0")) {
+ enforceInactivityTimer = false;
+ }
+ } else if (name.equals("DeviceWipeThreshold")) {
+ sps.mMaxPasswordFails = Integer.parseInt(value);
+ } else if (name.equals("CodewordFrequency")) {
+ // Ignore; has no meaning for us
+ } else if (name.equals("MinimumPasswordLength")) {
+ sps.mMinPasswordLength = Integer.parseInt(value);
+ } else if (name.equals("PasswordComplexity")) {
+ if (value.equals("0")) {
+ sps.mPasswordMode = PolicySet.PASSWORD_MODE_STRONG;
+ } else {
+ sps.mPasswordMode = PolicySet.PASSWORD_MODE_SIMPLE;
+ }
+ }
+ }
+ }
+ }
+ }
+
+ void parseRegistry(XmlPullParser parser, ShadowPolicySet sps)
+ throws XmlPullParserException, IOException {
+ while (true) {
+ int type = parser.nextTag();
+ if (type == XmlPullParser.END_TAG && parser.getName().equals("characteristic")) {
+ break;
+ } else if (type == XmlPullParser.START_TAG) {
+ String name = parser.getName();
+ if (name.equals("characteristic")) {
+ parseCharacteristic(parser, sps);
+ }
+ }
+ }
+ }
+
+ void parseWapProvisioningDoc(XmlPullParser parser, ShadowPolicySet sps)
+ throws XmlPullParserException, IOException {
+ while (true) {
+ int type = parser.nextTag();
+ if (type == XmlPullParser.END_TAG && parser.getName().equals("wap-provisioningdoc")) {
+ break;
+ } else if (type == XmlPullParser.START_TAG) {
+ String name = parser.getName();
+ if (name.equals("characteristic")) {
+ String atype = parser.getAttributeValue(null, "type");
+ if (atype.equals("SecurityPolicy")) {
+ // If a password isn't required, stop here
+ if (!parseSecurityPolicy(parser, sps)) {
+ return;
+ }
+ } else if (atype.equals("Registry")) {
+ parseRegistry(parser, sps);
+ return;
+ }
+ }
+ }
+ }
+ }
+
public void parseProvisionData() throws IOException {
while (nextTag(Tags.PROVISION_DATA) != END) {
if (tag == Tags.PROVISION_EAS_PROVISION_DOC) {
- parseProvisionDoc();
+ parseProvisionDocWbxml();
} else {
skipTag();
}
@@ -125,10 +269,12 @@
}
public void parsePolicy() throws IOException {
+ String policyType = null;
while (nextTag(Tags.PROVISION_POLICY) != END) {
switch (tag) {
case Tags.PROVISION_POLICY_TYPE:
- mService.userLog("Policy type: ", getValue());
+ policyType = getValue();
+ mService.userLog("Policy type: ", policyType);
break;
case Tags.PROVISION_POLICY_KEY:
mPolicyKey = getValue();
@@ -137,7 +283,13 @@
mService.userLog("Policy status: ", getValue());
break;
case Tags.PROVISION_DATA:
- parseProvisionData();
+ if (policyType.equalsIgnoreCase(EasSyncService.EAS_2_POLICY_TYPE)) {
+ // Parse the old style XML document
+ parseProvisionDocXml(getValue());
+ } else {
+ // Parse the newer WBXML data
+ parseProvisionData();
+ }
break;
default:
skipTag();
diff --git a/tests/src/com/android/exchange/adapter/ProvisionParserTests.java b/tests/src/com/android/exchange/adapter/ProvisionParserTests.java
new file mode 100644
index 0000000..09a9d96
--- /dev/null
+++ b/tests/src/com/android/exchange/adapter/ProvisionParserTests.java
@@ -0,0 +1,144 @@
+/*
+ * Copyright (C) 2010 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.exchange.adapter;
+
+import com.android.email.SecurityPolicy.PolicySet;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+
+/**
+ * You can run this entire test case with:
+ * runtest -c com.android.exchange.adapter.ProvisionParserTests email
+ */
+public class ProvisionParserTests extends SyncAdapterTestCase {
+ private final ByteArrayInputStream mTestInputStream =
+ new ByteArrayInputStream("ABCDEFG".getBytes());
+
+ // A good sample of an Exchange 2003 (WAP) provisioning document for end-to-end testing
+ private String mWapProvisioningDoc1 =
+ "<wap-provisioningdoc>" +
+ "<characteristic type=\"SecurityPolicy\"><parm name=\"4131\" value=\"0\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"Registry\">" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\AE\\" +
+ "{50C13377-C66D-400C-889E-C316FC4AB374}\">" +
+ "<parm name=\"AEFrequencyType\" value=\"1\"/>" +
+ "<parm name=\"AEFrequencyValue\" value=\"5\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\">" +
+ "<parm name=\"DeviceWipeThreshold\" value=\"20\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\">" +
+ "<parm name=\"CodewordFrequency\" value=\"5\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\LAP\\lap_pw\">" +
+ "<parm name=\"MinimumPasswordLength\" value=\"8\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\LAP\\lap_pw\">" +
+ "<parm name=\"PasswordComplexity\" value=\"0\"/>" +
+ "</characteristic>" +
+ "</characteristic>" +
+ "</wap-provisioningdoc>";
+
+ // Provisioning document with passwords turned off
+ private String mWapProvisioningDoc2 =
+ "<wap-provisioningdoc>" +
+ "<characteristic type=\"SecurityPolicy\"><parm name=\"4131\" value=\"1\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"Registry\">" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\AE\\" +
+ "{50C13377-C66D-400C-889E-C316FC4AB374}\">" +
+ "<parm name=\"AEFrequencyType\" value=\"0\"/>" +
+ "<parm name=\"AEFrequencyValue\" value=\"5\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\">" +
+ "<parm name=\"DeviceWipeThreshold\" value=\"20\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\">" +
+ "<parm name=\"CodewordFrequency\" value=\"5\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\LAP\\lap_pw\">" +
+ "<parm name=\"MinimumPasswordLength\" value=\"8\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\LAP\\lap_pw\">" +
+ "<parm name=\"PasswordComplexity\" value=\"0\"/>" +
+ "</characteristic>" +
+ "</characteristic>" +
+ "</wap-provisioningdoc>";
+
+ // Provisioning document with simple password, 4 chars, 5 failures
+ private String mWapProvisioningDoc3 =
+ "<wap-provisioningdoc>" +
+ "<characteristic type=\"SecurityPolicy\"><parm name=\"4131\" value=\"0\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"Registry\">" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\AE\\" +
+ "{50C13377-C66D-400C-889E-C316FC4AB374}\">" +
+ "<parm name=\"AEFrequencyType\" value=\"1\"/>" +
+ "<parm name=\"AEFrequencyValue\" value=\"2\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\">" +
+ "<parm name=\"DeviceWipeThreshold\" value=\"5\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\">" +
+ "<parm name=\"CodewordFrequency\" value=\"5\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\LAP\\lap_pw\">" +
+ "<parm name=\"MinimumPasswordLength\" value=\"4\"/>" +
+ "</characteristic>" +
+ "<characteristic type=\"HKLM\\Comm\\Security\\Policy\\LASSD\\LAP\\lap_pw\">" +
+ "<parm name=\"PasswordComplexity\" value=\"1\"/>" +
+ "</characteristic>" +
+ "</characteristic>" +
+ "</wap-provisioningdoc>";
+
+ public void testWapProvisionParser1() throws IOException {
+ ProvisionParser parser = new ProvisionParser(mTestInputStream, getTestService());
+ parser.parseProvisionDocXml(mWapProvisioningDoc1);
+ PolicySet ps = parser.getPolicySet();
+ assertNotNull(ps);
+ // Check the settings to make sure they were parsed correctly
+ assertEquals(5*60, ps.mMaxScreenLockTime); // Screen lock time is in seconds
+ assertEquals(8, ps.mMinPasswordLength);
+ assertEquals(PolicySet.PASSWORD_MODE_STRONG, ps.mPasswordMode);
+ assertEquals(20, ps.mMaxPasswordFails);
+ assertTrue(ps.mRequireRemoteWipe);
+ }
+
+ public void testWapProvisionParser2() throws IOException {
+ ProvisionParser parser = new ProvisionParser(mTestInputStream, getTestService());
+ parser.parseProvisionDocXml(mWapProvisioningDoc2);
+ PolicySet ps = parser.getPolicySet();
+ assertNotNull(ps);
+ // Password should be set to none; others are ignored in this case.
+ assertEquals(PolicySet.PASSWORD_MODE_NONE, ps.mPasswordMode);
+ }
+
+ public void testWapProvisionParser3() throws IOException {
+ ProvisionParser parser = new ProvisionParser(mTestInputStream, getTestService());
+ parser.parseProvisionDocXml(mWapProvisioningDoc3);
+ PolicySet ps = parser.getPolicySet();
+ assertNotNull(ps);
+ // Password should be set to simple
+ assertEquals(2*60, ps.mMaxScreenLockTime); // Screen lock time is in seconds
+ assertEquals(4, ps.mMinPasswordLength);
+ assertEquals(PolicySet.PASSWORD_MODE_SIMPLE, ps.mPasswordMode);
+ assertEquals(5, ps.mMaxPasswordFails);
+ assertTrue(ps.mRequireRemoteWipe);
+ }
+}
