external/libcmis/libcmis-fix-google-drive-2.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125

diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
index 74c0fec..30fedb0 100644
--- a/src/libcmis/oauth2-providers.cxx
+++ b/src/libcmis/oauth2-providers.cxx
@@ -41,6 +41,7 @@
 #define CHALLENGE_PAGE_ACTION_LEN sizeof( CHALLENGE_PAGE_ACTION ) - 1
 #define PIN_FORM_ACTION "/signin/challenge/ipp"
 #define PIN_FORM_ACTION_LEN sizeof( PIN_FORM_ACTION ) - 1
+#define PIN_INPUT_NAME "Pin"
 
 using namespace std;
 
@@ -80,7 +81,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
         // send the first get, receive the html login page
         res = session->httpGetRequest( authUrl )->getStream( )->str( );
     }
-    catch ( const CurlException& e )
+    catch ( const CurlException& )
     {
         return string( );
     }
@@ -102,7 +103,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
         loginEmailRes = session->httpPostRequest ( loginEmailLink, loginEmailIs, CONTENT_TYPE )
                         ->getStream( )->str( );
     }
-    catch ( const CurlException& e )
+    catch ( const CurlException& )
     {
         return string( );
     }
@@ -113,7 +114,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
     if ( !parseResponse( loginEmailRes.c_str( ), loginPasswdPost, loginPasswdLink ) )
         return string( );
 
-    loginPasswdPost += "&Passwd=";
+    loginPasswdPost += "Passwd=";
     loginPasswdPost += string( password );
 
     istringstream loginPasswdIs( loginPasswdPost );
@@ -124,7 +125,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
         loginPasswdRes = session->httpPostRequest ( loginPasswdLink, loginPasswdIs, CONTENT_TYPE )
                         ->getStream( )->str( );
     }
-    catch ( const CurlException& e )
+    catch ( const CurlException& )
     {
         return string( );
     }
@@ -152,7 +153,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
         }
 
         loginChallengeLink = "https://accounts.google.com" + loginChallengeLink;
-        loginChallengePost += "Pin=";
+        loginChallengePost += string( PIN_INPUT_NAME ) + "=";
         loginChallengePost += string( pin );
 
         istringstream loginChallengeIs( loginChallengePost );
@@ -163,7 +164,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
             loginChallengeRes = session->httpPostRequest ( loginChallengeLink, loginChallengeIs, CONTENT_TYPE )
                             ->getStream( )->str( );
         }
-        catch ( const CurlException& e )
+        catch ( const CurlException& )
         {
             return string( );
         }
@@ -221,7 +222,7 @@ string OAuth2Providers::OAuth2Alfresco( HttpSession* session, const string& auth
     {
         res = session->httpGetRequest( authUrl )->getStream( )->str( );
     }
-    catch ( const CurlException& e )
+    catch ( const CurlException& )
     {
         return string( );
     }
@@ -247,7 +248,7 @@ string OAuth2Providers::OAuth2Alfresco( HttpSession* session, const string& auth
         // Alfresco code is in the redirect link
         resp = session->httpPostRequest( loginLink, loginIs, CONTENT_TYPE, false ); 
     }
-    catch ( const CurlException& e )
+    catch ( const CurlException& )
     {
         return string( );
     }
@@ -291,6 +292,8 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
     if ( reader == NULL ) return 0;
 
     bool readInputField = false;
+    bool bIsRightForm = false;
+    bool bHasPinField = false;
 
     while ( true )
     {
@@ -301,6 +304,12 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
         // Find the redirect link
         if ( xmlStrEqual( nodeName, BAD_CAST( "form" ) ) )
         {
+            // 2FA: Don't add fields form other forms not having pin field
+            if ( bIsRightForm && !bHasPinField )
+                post = string( "" );
+            if ( bIsRightForm && bHasPinField )
+                break;
+
             xmlChar* action = xmlTextReaderGetAttribute( reader, 
                                                          BAD_CAST( "action" ));
 
@@ -311,7 +320,7 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
                 bool bChallengePage = ( strncmp( (char*)action,
                                                  CHALLENGE_PAGE_ACTION,
                                                  CHALLENGE_PAGE_ACTION_LEN ) == 0 );
-                bool bIsRightForm = ( strncmp( (char*)action,
+                bIsRightForm = ( strncmp( (char*)action,
                                                  PIN_FORM_ACTION,
                                                  PIN_FORM_ACTION_LEN ) == 0 );
                 if ( ( xmlStrlen( action ) > 0 )
@@ -332,6 +341,8 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
                                                        BAD_CAST( "name" ));
             xmlChar* value = xmlTextReaderGetAttribute( reader, 
                                                         BAD_CAST( "value" ));
+            if ( name != NULL && strcmp( (char*)name, PIN_INPUT_NAME ) == 0 )
+                bHasPinField = true;
             if ( ( name != NULL ) && ( value!= NULL ) )
             {
                 if ( ( xmlStrlen( name ) > 0) && ( xmlStrlen( value ) > 0) )