summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSzymon Kłos <eszkadev@gmail.com>2016-05-23 17:09:42 +0200
committerDavid Tardon <dtardon@redhat.com>2016-06-10 07:49:41 +0000
commit90674312290bb8436a3e7b2ea99ada8ca1e73721 (patch)
treee8ea771b44ebe4f6c000f997a259088b0831785f
parent6c782fe1568d1b3a5f968b3696ba1bf8ad6d914c (diff)
tdf#87938 google 2FA fix, new pin code page
Updated libcmis 2FA patch: + changed challenge page parser + handled abort in the auth code provider Change-Id: I2bbb102ec735788132e094d3908ac12432e9508c Reviewed-on: https://gerrit.libreoffice.org/25372 Reviewed-by: David Tardon <dtardon@redhat.com> Tested-by: David Tardon <dtardon@redhat.com> Reviewed-on: https://gerrit.libreoffice.org/26148
-rwxr-xr-xexternal/libcmis/libcmis-google-2FA-implementation.patch39
1 files changed, 30 insertions, 9 deletions
diff --git a/external/libcmis/libcmis-google-2FA-implementation.patch b/external/libcmis/libcmis-google-2FA-implementation.patch
index 23f9775f6f59..efa7f0310191 100755
--- a/external/libcmis/libcmis-google-2FA-implementation.patch
+++ b/external/libcmis/libcmis-google-2FA-implementation.patch
@@ -1,7 +1,7 @@
diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
--- a/src/libcmis/oauth2-providers.cxx
+++ b/src/libcmis/oauth2-providers.cxx
-@@ -29,6 +29,7 @@
+@@ -29,9 +29,15 @@
#include <libxml/HTMLparser.h>
#include <libxml/xmlreader.h>
@@ -9,6 +9,14 @@ diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
#include "oauth2-providers.hxx"
#include "http-session.hxx"
++#define CHALLENGE_PAGE_ACTION "/signin"
++#define CHALLENGE_PAGE_ACTION_LEN sizeof( CHALLENGE_PAGE_ACTION ) - 1
++#define PIN_FORM_ACTION "/signin/challenge/ipp"
++#define PIN_FORM_ACTION_LEN sizeof( PIN_FORM_ACTION ) - 1
++
+ using namespace std;
+
+ #if LIBXML_VERSION < 20621
@@ -51,10 +52,23 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
* 4) subsequent post to send a consent for the application
* receive a single-use authorization code
@@ -52,7 +60,7 @@ diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
string loginPasswdPost, loginPasswdLink;
if ( !parseResponse( loginEmailRes.c_str( ), loginPasswdPost, loginPasswdLink ) )
return string( );
-@@ -106,10 +124,53 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
+@@ -106,10 +124,60 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
return string( );
}
@@ -72,6 +80,13 @@ diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
+ libcmis::OAuth2AuthCodeProvider fallbackProvider = libcmis::SessionFactory::getOAuth2AuthCodeProvider( );
+ string pin( fallbackProvider( "", "", "" ) );
+
++ if( pin.empty() )
++ {
++ // unset OAuth2AuthCode Provider to avoid showing pin request again in the HttpSession::oauth2Authenticate
++ libcmis::SessionFactory::setOAuth2AuthCodeProvider( NULL );
++ return string( );
++ }
++
+ loginChallengeLink = "https://accounts.google.com" + loginChallengeLink;
+ loginChallengePost += "Pin=";
+ loginChallengePost += string( pin );
@@ -126,24 +141,30 @@ diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
while ( true )
{
// Go to the next node, quit if not found
-@@ -227,15 +291,24 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
+@@ -227,15 +291,30 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
{
xmlChar* action = xmlTextReaderGetAttribute( reader,
BAD_CAST( "action" ));
+
-+ // GDrive pin code page contains 3 forms.
-+ // First form resends pin code, we need to omit its input fields.
-+ // Also we mustn't parse action field from the 'select challenge' form.
++ // GDrive pin code page contains many forms.
++ // We have to parse only the form with pin field.
if ( action != NULL )
{
- if ( xmlStrlen(action) > 0)
-+ if ( ( strcmp( (char*)action, "/signin/challenge" ) != 0 )
-+ && ( strcmp( (char*)action, "/signin/selectchallenge" ) != 0 )
-+ && xmlStrlen(action) > 0 )
++ bool bChallengePage = ( strncmp( (char*)action,
++ CHALLENGE_PAGE_ACTION,
++ CHALLENGE_PAGE_ACTION_LEN ) == 0 );
++ bool bIsRightForm = ( strncmp( (char*)action,
++ PIN_FORM_ACTION,
++ PIN_FORM_ACTION_LEN ) == 0 );
++ if ( ( xmlStrlen( action ) > 0 )
++ && ( ( bChallengePage && bIsRightForm ) || !bChallengePage ) )
+ {
link = string ( (char*) action);
+ readInputField = true;
+ }
++ else
++ readInputField = false;
xmlFree (action);
}
}