1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
diff -aru old-src/src/libcmis/oauth2-providers.cxx new-src/src/libcmis/oauth2-providers.cxx
--- old-src/src/libcmis/oauth2-providers.cxx 2016-03-01 17:14:26.000000000 +0100
+++ new-src/src/libcmis/oauth2-providers.cxx 2016-04-28 11:28:25.233803971 +0200
@@ -37,11 +37,28 @@
string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUrl,
const string& username, const string& password )
{
+ /* This member function implements 'Google OAuth 2.0'
+ *
+ * The interaction is carried out by libcmis, with no web browser involved.
+ *
+ * Normal sequence (without 2FA) is:
+ * 1) a get to activate login page
+ * receive first login page, html format
+ * 2) subsequent post to sent email
+ * receive html page for password input
+ * 3) subsequent post to send password
+ * receive html page for application consent
+ * 4) subsequent post to send a consent for the application
+ * receive a single-use authorization code
+ * this code is returned as a string
+ */
+
static const string CONTENT_TYPE( "application/x-www-form-urlencoded" );
// STEP 1: Log in
string res;
try
{
+ // send the first get, receive the html login page
res = session->httpGetRequest( authUrl )->getStream( )->str( );
}
catch ( const CurlException& e )
@@ -49,20 +66,39 @@
return string( );
}
- string loginPost, loginLink;
- if ( !parseResponse( res.c_str( ), loginPost, loginLink ) )
+ string loginEmailPost, loginEmailLink;
+ if ( !parseResponse( res.c_str( ), loginEmailPost, loginEmailLink ) )
+ return string( );
+
+ loginEmailPost += "Email=";
+ loginEmailPost += string( username );
+
+ istringstream loginEmailIs( loginEmailPost );
+ string loginEmailRes;
+ try
+ {
+ // send a post with user email, receive the html page for password input
+ loginEmailRes = session->httpPostRequest ( loginEmailLink, loginEmailIs, CONTENT_TYPE )
+ ->getStream( )->str( );
+ }
+ catch ( const CurlException& e )
+ {
+ return string( );
+ }
+
+ string loginPasswdPost, loginPasswdLink;
+ if ( !parseResponse( loginEmailRes.c_str( ), loginPasswdPost, loginPasswdLink ) )
return string( );
-
- loginPost += "Email=";
- loginPost += string( username );
- loginPost += "&Passwd=";
- loginPost += string( password );
-
- istringstream loginIs( loginPost );
- string loginRes;
- try
+
+ loginPasswdPost += "&Passwd=";
+ loginPasswdPost += string( password );
+
+ istringstream loginPasswdIs( loginPasswdPost );
+ string loginPasswdRes;
+ try
{
- loginRes = session->httpPostRequest ( loginLink, loginIs, CONTENT_TYPE )
+ // send a post with user password, receive the application consent page
+ loginPasswdRes = session->httpPostRequest ( loginPasswdLink, loginPasswdIs, CONTENT_TYPE )
->getStream( )->str( );
}
catch ( const CurlException& e )
@@ -71,8 +107,8 @@
}
// STEP 2: allow libcmis to access google drive
- string approvalPost, approvalLink;
- if ( !parseResponse( loginRes. c_str( ), approvalPost, approvalLink) )
+ string approvalPost, approvalLink;
+ if ( !parseResponse( loginPasswdRes. c_str( ), approvalPost, approvalLink) )
return string( );
approvalPost += "submit_access=true";
@@ -80,7 +116,8 @@
string approvalRes;
try
{
- approvalRes = session->httpPostRequest ( approvalLink, approvalIs,
+ // send a post with application consent
+ approvalRes = session->httpPostRequest ( approvalLink, approvalIs,
CONTENT_TYPE) ->getStream( )->str( );
}
catch ( const CurlException& e )
Only in new-src/src/libcmis: oauth2-providers.cxx~
|
