23 |
23 |
24 import com.nokia.mj.impl.rt.ui.ConfirmData; |
24 import com.nokia.mj.impl.rt.ui.ConfirmData; |
25 import com.nokia.mj.impl.rt.ui.RuntimeUi; |
25 import com.nokia.mj.impl.rt.ui.RuntimeUi; |
26 import com.nokia.mj.impl.rt.ui.RuntimeUiFactory; |
26 import com.nokia.mj.impl.rt.ui.RuntimeUiFactory; |
27 |
27 |
28 import com.nokia.mj.impl.rt.midp.SchemeHandlerBase; |
|
29 |
|
30 import com.nokia.mj.impl.rt.support.ApplicationInfo; |
28 import com.nokia.mj.impl.rt.support.ApplicationInfo; |
31 |
29 |
32 import com.nokia.mj.impl.security.midp.authorization.AccessControllerFactoryImpl; |
30 import com.nokia.mj.impl.security.midp.authorization.AccessControllerFactoryImpl; |
33 import com.nokia.mj.impl.security.midp.authorization.AccessControllerImpl; |
31 import com.nokia.mj.impl.security.midp.authorization.AccessControllerImpl; |
34 import com.nokia.mj.impl.security.utils.SecurityPromptMessage; |
32 import com.nokia.mj.impl.security.utils.SecurityPromptMessage; |
35 |
33 |
36 import com.nokia.mj.impl.utils.Id; |
|
37 import com.nokia.mj.impl.utils.Logger; |
34 import com.nokia.mj.impl.utils.Logger; |
38 |
|
39 |
35 |
40 /** |
36 /** |
41 * A class to be extended by the MIDlet applcation. See MIDP spec for |
37 * A class to be extended by the MIDlet applcation. See MIDP spec for |
42 * further details. |
38 * further details. |
43 */ |
39 */ |
57 /** |
53 /** |
58 * For allowing of MIDlet constructor to be called only once. |
54 * For allowing of MIDlet constructor to be called only once. |
59 */ |
55 */ |
60 private static boolean mConstructionAllowed = true; |
56 private static boolean mConstructionAllowed = true; |
61 |
57 |
62 private static final int DOMAIN_MANUFACTURER_OR_OPERATOR = 1; |
|
63 |
|
64 /*** ----------------------------- PUBLIC ------------------------------ */ |
58 /*** ----------------------------- PUBLIC ------------------------------ */ |
65 |
59 |
66 /** |
60 /** |
67 * For checking if MIDlet is allowed to do some protected action. |
61 * For checking if MIDlet is allowed to do some protected action. |
68 * @see MIDP spec for further details. |
62 * @see MIDP spec for further details. |
142 public final boolean platformRequest(String url) |
136 public final boolean platformRequest(String url) |
143 throws ConnectionNotFoundException |
137 throws ConnectionNotFoundException |
144 { |
138 { |
145 Logger.PLOG(Logger.EJavaRuntime, |
139 Logger.PLOG(Logger.EJavaRuntime, |
146 "MIDlet.platformRequest(): " + url); |
140 "MIDlet.platformRequest(): " + url); |
147 |
|
148 if (null == url) |
141 if (null == url) |
149 { |
142 { |
150 throw new NullPointerException( |
143 throw new NullPointerException( |
151 "URL is null"); |
144 "URL is null"); |
152 } |
145 } |
157 if (true == url.equals("")) |
150 if (true == url.equals("")) |
158 { |
151 { |
159 return false; |
152 return false; |
160 } |
153 } |
161 |
154 |
162 ApplicationInfo appInfo = ApplicationInfo.getInstance(); |
|
163 String domain = appInfo.getProtectionDomain(); |
|
164 |
|
165 // Handling for java scheme. |
|
166 /*if (url.startsWith("java://")) |
|
167 { |
|
168 String handlerName = parseHandlerName(url); |
|
169 |
|
170 if (handlerName.equals("taskmanager")) |
|
171 { |
|
172 // Check application is bound either Manufacturer or Operator domain. |
|
173 enforceSecurityDomain(DOMAIN_MANUFACTURER_OR_OPERATOR, domain); |
|
174 } |
|
175 |
|
176 return invokeSchemeHandler(handlerName, url); |
|
177 }*/ |
|
178 |
|
179 // If the platform request is used to start arbitrary native application, |
155 // If the platform request is used to start arbitrary native application, |
180 // check that MIDlet is in manufacturer or operator domain |
156 // check that MIDlet is in manufacturer or operator domain |
181 if (startsArbitraryNativeApp(url)) |
157 if (startsArbitraryNativeApp(url)) |
182 { |
158 { |
183 enforceSecurityDomain(DOMAIN_MANUFACTURER_OR_OPERATOR, domain); |
159 ApplicationInfo appInfo = ApplicationInfo.getInstance(); |
184 } |
160 String domain = appInfo.getProtectionDomain(); |
|
161 if ((ApplicationInfo.MANUFACTURER_DOMAIN.equals(domain) != true) && |
|
162 (ApplicationInfo.OPERATOR_DOMAIN.equals(domain) != true)) |
|
163 { |
|
164 Logger.WLOG(Logger.EJavaRuntime, |
|
165 "Only manufacturer or operator domain MIDlets can start arbitrary native apps."); |
|
166 |
|
167 throw new ConnectionNotFoundException( |
|
168 "Request allowed only for manufacturer or operator MIDlets"); |
|
169 } |
|
170 } |
|
171 |
185 |
172 |
186 Logger.ILOG(Logger.EJavaRuntime, |
173 Logger.ILOG(Logger.EJavaRuntime, |
187 "Before handleConfirmationNote()"); |
174 "Before handleConfirmationNote()"); |
188 |
175 |
189 // Ask from the user if it is allowed to do the request. |
176 // Ask from the user if it is allowed to do the request. |
293 return showNote(appName, |
280 return showNote(appName, |
294 SecurityPromptMessage.QUESTION_ID_APP_LAUNCH_VIA_PLAT_REQ); |
281 SecurityPromptMessage.QUESTION_ID_APP_LAUNCH_VIA_PLAT_REQ); |
295 } |
282 } |
296 |
283 |
297 |
284 |
298 private boolean showNote(String aAppName, Id aConfirmationQueryId) |
285 private boolean showNote(String aAppName,String aConfirmationQueryId) |
299 { |
286 { |
300 SecurityPromptMessage msg = SecurityPromptMessage.getInstance(); |
287 SecurityPromptMessage msg = SecurityPromptMessage.getInstance(); |
301 String queryTxt = msg.getText(aConfirmationQueryId,null); |
288 String queryTxt = msg.getText(aConfirmationQueryId,null); |
302 String[] buttons = new String[2]; |
289 String[] buttons = new String[2]; |
303 buttons[0] = msg.getText(SecurityPromptMessage.ANSWER_ID_ALLOW,null); |
290 buttons[0] = msg.getText(SecurityPromptMessage.ANSWER_ID_ALLOW,null); |
333 // These schemes start applications that ask user for |
320 // These schemes start applications that ask user for |
334 // confirmation before any real action is done. |
321 // confirmation before any real action is done. |
335 mNoPromptSchemes = new Hashtable(); |
322 mNoPromptSchemes = new Hashtable(); |
336 mNoPromptSchemes.put("cti:",""); |
323 mNoPromptSchemes.put("cti:",""); |
337 mNoPromptSchemes.put("mailto:",""); |
324 mNoPromptSchemes.put("mailto:",""); |
|
325 mNoPromptSchemes.put("mms:",""); |
338 mNoPromptSchemes.put("mmsto:",""); |
326 mNoPromptSchemes.put("mmsto:",""); |
|
327 mNoPromptSchemes.put("rtsp:",""); |
339 mNoPromptSchemes.put("sms:",""); |
328 mNoPromptSchemes.put("sms:",""); |
340 mNoPromptSchemes.put("tel:",""); |
329 mNoPromptSchemes.put("tel:",""); |
341 } |
330 } |
342 } |
331 } |
343 |
332 |
372 } |
361 } |
373 |
362 |
374 return false; |
363 return false; |
375 } |
364 } |
376 |
365 |
377 private String parseHandlerName(String url) throws ConnectionNotFoundException |
|
378 { |
|
379 // Parse handler name from URL. Remove java:// prefix. |
|
380 String handlerName = url.substring(7).trim(); |
|
381 |
|
382 // name format: handlername?query |
|
383 int nameEndIndex = handlerName.indexOf('?'); |
|
384 |
|
385 if (nameEndIndex != -1) |
|
386 { |
|
387 handlerName = handlerName.substring(0, nameEndIndex); |
|
388 return handlerName; |
|
389 } |
|
390 else |
|
391 { |
|
392 throw new ConnectionNotFoundException("Handler not found for URL"); |
|
393 } |
|
394 } |
|
395 |
|
396 private boolean invokeSchemeHandler(String handlerName, String url) |
|
397 throws ConnectionNotFoundException |
|
398 { |
|
399 try |
|
400 { |
|
401 // Avoid loading whatever class from the system using handler |
|
402 // as package name. |
|
403 Class clazz = Class.forName("com.nokia.mj.impl.rt." + handlerName + ".SchemeHandler"); |
|
404 |
|
405 SchemeHandlerBase handler = (SchemeHandlerBase)clazz.newInstance(); |
|
406 |
|
407 handler.execute(url); |
|
408 return false; // No need to close MIDlet. |
|
409 } |
|
410 catch (Throwable t) |
|
411 { |
|
412 Logger.ELOG(Logger.EJavaRuntime, "Cannot invoke scheme handler: " + t.toString()); |
|
413 // ClassNotFoundException, IllegalAccessException or InstantionException. |
|
414 throw new ConnectionNotFoundException("Handler not found for URL"); |
|
415 } |
|
416 } |
|
417 |
|
418 private void enforceSecurityDomain(int type, String domain) |
|
419 throws ConnectionNotFoundException |
|
420 { |
|
421 if (DOMAIN_MANUFACTURER_OR_OPERATOR == type) |
|
422 { |
|
423 if ((ApplicationInfo.MANUFACTURER_DOMAIN.equals(domain) != true) && |
|
424 (ApplicationInfo.OPERATOR_DOMAIN.equals(domain) != true)) |
|
425 { |
|
426 Logger.WLOG(Logger.EJavaRuntime, |
|
427 "Only manufacturer or operator domain MIDlets can invoke scheme"); |
|
428 |
|
429 throw new ConnectionNotFoundException( |
|
430 "Request allowed only for manufacturer or operator MIDlets"); |
|
431 } |
|
432 } |
|
433 else |
|
434 { |
|
435 Logger.ELOG(Logger.EJavaRuntime, |
|
436 "Security enforcement failed: unknown domain category"); |
|
437 |
|
438 throw new ConnectionNotFoundException( |
|
439 "Security enforcement failed: unknown domain category"); |
|
440 } |
|
441 } |
|
442 |
|
443 /*** ----------------------------- NATIVE ----------------------------- */ |
366 /*** ----------------------------- NATIVE ----------------------------- */ |
444 |
367 |
445 private native void _managePlatformRequest(String url); |
368 private native void _managePlatformRequest(String url); |
446 } |
369 } |