rpms
/
libcmis
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix Google Drive login

This commit is contained in:
David Tardon 2016-05-04 09:28:37 +02:00
parent aa648fcb07
commit b81ba97dfb
6 changed files with 431 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

122
0001-Add-new-Google-Drive-OAuth-2.0-login-procedure.patch Normal file
View File

@ -0,0 +1,122 @@
From 32aecffb5517dfc3b3674a8f7db418456bd877ed Mon Sep 17 00:00:00 2001
From: Giuseppe Castagno <giuseppe.castagno@acca-esse.eu>
Date: Sat, 30 Apr 2016 14:29:56 +0200
Subject: [PATCH 1/5] Add new Google Drive OAuth 2.0 login procedure.
The new Google login sequence uses two html pages: first page for user email
the second page for password.
The older sequence used only one page for both user email and user password.
---
src/libcmis/oauth2-providers.cxx | 67 +++++++++++++++++++++++++++++++---------
1 file changed, 52 insertions(+), 15 deletions(-)
diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
index 5e7f3bf..68a6aa5 100644
--- a/src/libcmis/oauth2-providers.cxx
+++ b/src/libcmis/oauth2-providers.cxx
@@ -37,11 +37,28 @@ using namespace std;
string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUrl,
const string& username, const string& password )
{
+ /* This member function implements 'Google OAuth 2.0'
+ *
+ * The interaction is carried out by libcmis, with no web browser involved.
+ *
+ * Normal sequence (without 2FA) is:
+ * 1) a get to activate login page
+ * receive first login page, html format
+ * 2) subsequent post to sent email
+ * receive html page for password input
+ * 3) subsequent post to send password
+ * receive html page for application consent
+ * 4) subsequent post to send a consent for the application
+ * receive a single-use authorization code
+ * this code is returned as a string
+ */
+
static const string CONTENT_TYPE( "application/x-www-form-urlencoded" );
// STEP 1: Log in
string res;
try
{
+ // send the first get, receive the html login page
res = session->httpGetRequest( authUrl )->getStream( )->str( );
}
catch ( const CurlException& e )
@@ -49,20 +66,39 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
return string( );
}
- string loginPost, loginLink;
- if ( !parseResponse( res.c_str( ), loginPost, loginLink ) )
+ string loginEmailPost, loginEmailLink;
+ if ( !parseResponse( res.c_str( ), loginEmailPost, loginEmailLink ) )
return string( );
-
- loginPost += "Email=";
- loginPost += string( username );
- loginPost += "&Passwd=";
- loginPost += string( password );
-
- istringstream loginIs( loginPost );
- string loginRes;
- try
+
+ loginEmailPost += "Email=";
+ loginEmailPost += string( username );
+
+ istringstream loginEmailIs( loginEmailPost );
+ string loginEmailRes;
+ try
+ {
+ // send a post with user email, receive the html page for password input
+ loginEmailRes = session->httpPostRequest ( loginEmailLink, loginEmailIs, CONTENT_TYPE )
+ ->getStream( )->str( );
+ }
+ catch ( const CurlException& e )
+ {
+ return string( );
+ }
+
+ string loginPasswdPost, loginPasswdLink;
+ if ( !parseResponse( loginEmailRes.c_str( ), loginPasswdPost, loginPasswdLink ) )
+ return string( );
+
+ loginPasswdPost += "Passwd=";
+ loginPasswdPost += string( password );
+
+ istringstream loginPasswdIs( loginPasswdPost );
+ string loginPasswdRes;
+ try
{
- loginRes = session->httpPostRequest ( loginLink, loginIs, CONTENT_TYPE )
+ // send a post with user password, receive the application consent page
+ loginPasswdRes = session->httpPostRequest ( loginPasswdLink, loginPasswdIs, CONTENT_TYPE )
->getStream( )->str( );
}
catch ( const CurlException& e )
@@ -71,8 +107,8 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
}
// STEP 2: allow libcmis to access google drive
- string approvalPost, approvalLink;
- if ( !parseResponse( loginRes. c_str( ), approvalPost, approvalLink) )
+ string approvalPost, approvalLink;
+ if ( !parseResponse( loginPasswdRes. c_str( ), approvalPost, approvalLink) )
return string( );
approvalPost += "submit_access=true";
@@ -80,7 +116,8 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
string approvalRes;
try
{
- approvalRes = session->httpPostRequest ( approvalLink, approvalIs,
+ // send a post with application consent
+ approvalRes = session->httpPostRequest ( approvalLink, approvalIs,
CONTENT_TYPE) ->getStream( )->str( );
}
catch ( const CurlException& e )
--
2.7.4

70
0002-Add-new-mokup-login-pages.patch Normal file
View File

@ -0,0 +1,70 @@
From 0490c023cd14cbb3d1ba2bc1b648b216f848a648 Mon Sep 17 00:00:00 2001
From: Giuseppe Castagno <giuseppe.castagno@acca-esse.eu>
Date: Tue, 3 May 2016 08:35:57 +0200
Subject: [PATCH 2/5] Add new mokup login pages
---
qa/libcmis/data/gdrive/login.html | 12 ------------
qa/libcmis/data/gdrive/login1.html | 12 ++++++++++++
qa/libcmis/data/gdrive/login2.html | 11 +++++++++++
3 files changed, 23 insertions(+), 12 deletions(-)
delete mode 100644 qa/libcmis/data/gdrive/login.html
create mode 100644 qa/libcmis/data/gdrive/login1.html
create mode 100644 qa/libcmis/data/gdrive/login2.html
diff --git a/qa/libcmis/data/gdrive/login.html b/qa/libcmis/data/gdrive/login.html
deleted file mode 100644
index eae53bf..0000000
--- a/qa/libcmis/data/gdrive/login.html
+++ /dev/null
@@ -1,12 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<body>
-<form novalidate="" id="gaia_loginform" action="https://login/url" method="post">
- <input name="continue" id="continue" value="redirectLink&amp;scope=Scope" type="hidden">
- <input name="service" id="service" value="lso" type="hidden">
- <input name="GALX" value="cookie" type="hidden">
- <input spellcheck="false" name="Email" id="Email" value="" type="email">
- <input name="Passwd" id="Passwd" type="password">
-</form>
-</body>
-</html>
diff --git a/qa/libcmis/data/gdrive/login1.html b/qa/libcmis/data/gdrive/login1.html
new file mode 100644
index 0000000..eae53bf
--- /dev/null
+++ b/qa/libcmis/data/gdrive/login1.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html lang="en">
+<body>
+<form novalidate="" id="gaia_loginform" action="https://login/url" method="post">
+ <input name="continue" id="continue" value="redirectLink&amp;scope=Scope" type="hidden">
+ <input name="service" id="service" value="lso" type="hidden">
+ <input name="GALX" value="cookie" type="hidden">
+ <input spellcheck="false" name="Email" id="Email" value="" type="email">
+ <input name="Passwd" id="Passwd" type="password">
+</form>
+</body>
+</html>
diff --git a/qa/libcmis/data/gdrive/login2.html b/qa/libcmis/data/gdrive/login2.html
new file mode 100644
index 0000000..198f816
--- /dev/null
+++ b/qa/libcmis/data/gdrive/login2.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html lang="en">
+<body>
+<form novalidate="" id="gaia_loginform" action="https://auth/url" method="post">
+ <input name="continue" id="continue" value="redirectLink&amp;scope=Scope" type="hidden">
+ <input name="service" id="service" value="lso" type="hidden">
+ <input name="GALX" value="cookie" type="hidden">
+ <input name="Passwd" id="Passwd" type="password">
+</form>
+</body>
+</html>
--
2.7.4

113
0003-Fix-test-in-test-factory.patch Normal file
View File

@ -0,0 +1,113 @@
From 04297298ad9659c949beb7ccd0f75cfd440a4fb8 Mon Sep 17 00:00:00 2001
From: Giuseppe Castagno <giuseppe.castagno@acca-esse.eu>
Date: Tue, 3 May 2016 11:47:43 +0200
Subject: [PATCH 3/5] Fix test in test-factory
---
qa/libcmis/data/gdrive/login1.html | 4 ++--
qa/libcmis/data/gdrive/login2.html | 2 +-
qa/libcmis/test-factory.cxx | 10 ++++++++--
qa/mockup/mockup-config.cxx | 3 +++
qa/mockup/mockup-config.h | 6 +++---
5 files changed, 17 insertions(+), 8 deletions(-)
diff --git a/qa/libcmis/data/gdrive/login1.html b/qa/libcmis/data/gdrive/login1.html
index eae53bf..b6da338 100644
--- a/qa/libcmis/data/gdrive/login1.html
+++ b/qa/libcmis/data/gdrive/login1.html
@@ -1,12 +1,12 @@
<!DOCTYPE html>
<html lang="en">
<body>
-<form novalidate="" id="gaia_loginform" action="https://login/url" method="post">
+<form novalidate="" id="gaia_loginform" action="https://login2/url" method="post">
+ <input name="Page" type="hidden" value="PasswordSeparationSignIn">
<input name="continue" id="continue" value="redirectLink&amp;scope=Scope" type="hidden">
<input name="service" id="service" value="lso" type="hidden">
<input name="GALX" value="cookie" type="hidden">
<input spellcheck="false" name="Email" id="Email" value="" type="email">
- <input name="Passwd" id="Passwd" type="password">
</form>
</body>
</html>
diff --git a/qa/libcmis/data/gdrive/login2.html b/qa/libcmis/data/gdrive/login2.html
index 198f816..6425091 100644
--- a/qa/libcmis/data/gdrive/login2.html
+++ b/qa/libcmis/data/gdrive/login2.html
@@ -1,7 +1,7 @@
<!DOCTYPE html>
<html lang="en">
<body>
-<form novalidate="" id="gaia_loginform" action="https://auth/url" method="post">
+<form novalidate="" id="gaia_loginform" action="https://login/url" method="post">
<input name="continue" id="continue" value="redirectLink&amp;scope=Scope" type="hidden">
<input name="service" id="service" value="lso" type="hidden">
<input name="GALX" value="cookie" type="hidden">
diff --git a/qa/libcmis/test-factory.cxx b/qa/libcmis/test-factory.cxx
index c0bcb4c..3779e5a 100644
--- a/qa/libcmis/test-factory.cxx
+++ b/qa/libcmis/test-factory.cxx
@@ -64,6 +64,7 @@
#define GDRIVE_AUTH_URL string ( "https://auth/url" )
#define GDRIVE_LOGIN_URL string ("https://login/url" )
+#define GDRIVE_LOGIN_URL2 string ("https://login2/url" )
#define GDRIVE_APPROVAL_URL string ("https://approval/url" )
#define GDRIVE_TOKEN_URL string ( "https://token/url" )
@@ -101,10 +102,15 @@ namespace
string("&redirect_uri=") + OAUTH_REDIRECT_URI +
string("&response_type=code") +
string("&client_id=") + OAUTH_CLIENT_ID;
+
curl_mockup_addResponse ( GDRIVE_AUTH_URL.c_str(), loginIdentifier.c_str( ),
- "GET", DATA_DIR "/gdrive/login.html", 200, true);
+ "GET", DATA_DIR "/gdrive/login1.html", 200, true);
+
+ //authentication email
+ curl_mockup_addResponse( GDRIVE_LOGIN_URL2.c_str( ), "", "POST",
+ DATA_DIR "/gdrive/login2.html", 200, true);
- //authentication response
+ //authentication password,
curl_mockup_addResponse( GDRIVE_LOGIN_URL.c_str( ), "", "POST",
DATA_DIR "/gdrive/approve.html", 200, true);
diff --git a/qa/mockup/mockup-config.cxx b/qa/mockup/mockup-config.cxx
index f6b84ad..fb19927 100644
--- a/qa/mockup/mockup-config.cxx
+++ b/qa/mockup/mockup-config.cxx
@@ -117,6 +117,9 @@ namespace mockup
return !m_username.empty( ) && !m_password.empty( );
}
+ /** Find a suitable response
+ * using the request as a search key
+ */
CURLcode Configuration::writeResponse( CurlHandle* handle )
{
CURLcode code = CURLE_OK;
diff --git a/qa/mockup/mockup-config.h b/qa/mockup/mockup-config.h
index 6b94706..d0fc3bb 100644
--- a/qa/mockup/mockup-config.h
+++ b/qa/mockup/mockup-config.h
@@ -41,13 +41,13 @@ void curl_mockup_reset( );
the base URL of the request without parameters
\param matchParam
a string to find in the parameters part of the URL to match
+ \param method
+ HTTP method to match like PUT, GET, POST or DELETE. An empty
+ string matches any method.
\param response
a string corresponding either to the file path of the request
body to send or directly the content to send. This value has
a different meaning depending on isFilePath parameter.
- \param method
- HTTP method to match like PUT, GET, POST or DELETE. An empty
- string matches any method.
\param status
the HTTP status to return. 0 means HTTP OK (200).
\param isFilePath
--
2.7.4

74
0004-Fix-test-in-test-gdrive.patch Normal file
View File

@ -0,0 +1,74 @@
From 73662089059eb2e272a4c5eb245a497af044ccf6 Mon Sep 17 00:00:00 2001
From: Giuseppe Castagno <giuseppe.castagno@acca-esse.eu>
Date: Tue, 3 May 2016 15:35:57 +0200
Subject: [PATCH 4/5] Fix test in test-gdrive
---
qa/libcmis/test-gdrive.cxx | 32 ++++++++++++++++++++++++--------
1 file changed, 24 insertions(+), 8 deletions(-)
diff --git a/qa/libcmis/test-gdrive.cxx b/qa/libcmis/test-gdrive.cxx
index 0cd9577..6323099 100644
--- a/qa/libcmis/test-gdrive.cxx
+++ b/qa/libcmis/test-gdrive.cxx
@@ -51,6 +51,7 @@ static const string CLIENT_SECRET ( "mock-secret" );
static const string USERNAME( "mock-user" );
static const string PASSWORD( "mock-password" );
static const string LOGIN_URL ("https://login/url" );
+static const string LOGIN_URL2 ("https://login2/url" );
static const string APPROVAL_URL ("https://approval/url" );
static const string AUTH_URL ( "https://auth/url" );
static const string TOKEN_URL ( "https://token/url" );
@@ -149,10 +150,15 @@ GDriveSession GDriveTest::getTestSession( string username, string password )
string("&redirect_uri=") + REDIRECT_URI +
string("&response_type=code") +
string("&client_id=") + CLIENT_ID;
+
curl_mockup_addResponse ( AUTH_URL.c_str(), loginIdentifier.c_str( ),
- "GET", DATA_DIR "/gdrive/login.html", 200, true);
+ "GET", DATA_DIR "/gdrive/login1.html", 200, true);
+
+ //authentication email
+ curl_mockup_addResponse( LOGIN_URL2.c_str( ), empty.c_str( ), "POST",
+ DATA_DIR "/gdrive/login2.html", 200, true);
- //authentication response
+ //authentication password,
curl_mockup_addResponse( LOGIN_URL.c_str( ), empty.c_str( ), "POST",
DATA_DIR "/gdrive/approve.html", 200, true);
@@ -171,15 +177,25 @@ void GDriveTest::sessionAuthenticationTest( )
GDriveSession session = getTestSession( USERNAME, PASSWORD );
string empty;
- // Check authentication request
- string authRequest( curl_mockup_getRequestBody( LOGIN_URL.c_str(), empty.c_str( ),
+ // Check authentication request for email
+ string authRequestEmail( curl_mockup_getRequestBody( LOGIN_URL2.c_str(), empty.c_str( ),
+ "POST" ) );
+ string expectedAuthRequestEmail =
+ string ( "Page=PasswordSeparationSignIn&continue=redirectLink&scope=Scope&service=lso&GALX=cookie"
+ "&Email=") + USERNAME;
+
+ CPPUNIT_ASSERT_EQUAL_MESSAGE( "Wrong authentication request for Email",
+ expectedAuthRequestEmail, authRequestEmail );
+
+ // Check authentication request for password
+ string authRequestPassword( curl_mockup_getRequestBody( LOGIN_URL.c_str(), empty.c_str( ),
"POST" ) );
- string expectedAuthRequest =
+ string expectedAuthRequestPassword =
string ( "continue=redirectLink&scope=Scope&service=lso&GALX=cookie"
- "&Email=") + USERNAME + string("&Passwd=") + PASSWORD;
+ "&Passwd=") + PASSWORD;
- CPPUNIT_ASSERT_EQUAL_MESSAGE( "Wrong authentication request",
- expectedAuthRequest, authRequest );
+ CPPUNIT_ASSERT_EQUAL_MESSAGE( "Wrong authentication request for Password",
+ expectedAuthRequestPassword, authRequestPassword );
// Check code request
string codeRequest( curl_mockup_getRequestBody( APPROVAL_URL.c_str(),
--
2.7.4

42
0005-Fix-test-in-test-onedrive.patch Normal file
View File

@ -0,0 +1,42 @@
From 3ebc3d9fe6a9806de2bcdf79ac6398f0c14c3246 Mon Sep 17 00:00:00 2001
From: Giuseppe Castagno <giuseppe.castagno@acca-esse.eu>
Date: Tue, 3 May 2016 15:41:52 +0200
Subject: [PATCH 5/5] Fix test in test-onedrive
---
qa/libcmis/test-onedrive.cxx | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/qa/libcmis/test-onedrive.cxx b/qa/libcmis/test-onedrive.cxx
index b88751b..5da8918 100644
--- a/qa/libcmis/test-onedrive.cxx
+++ b/qa/libcmis/test-onedrive.cxx
@@ -51,6 +51,7 @@ static const string CLIENT_SECRET ( "mock-secret" );
static const string USERNAME( "mock-user" );
static const string PASSWORD( "mock-password" );
static const string LOGIN_URL ("https://login/url" );
+static const string LOGIN_URL2 ("https://login2/url" );
static const string APPROVAL_URL ("https://approval/url" );
static const string AUTH_URL ( "https://auth/url" );
static const string TOKEN_URL ( "https://token/url" );
@@ -123,10 +124,15 @@ OneDriveSession OneDriveTest::getTestSession( string username, string password )
string("&redirect_uri=") + REDIRECT_URI +
string("&response_type=code") +
string("&client_id=") + CLIENT_ID;
+
curl_mockup_addResponse ( AUTH_URL.c_str(), loginIdentifier.c_str( ),
- "GET", DATA_DIR "/gdrive/login.html", 200, true);
+ "GET", DATA_DIR "/gdrive/login1.html", 200, true);
+
+ //authentication email
+ curl_mockup_addResponse( LOGIN_URL2.c_str( ), empty.c_str( ), "POST",
+ DATA_DIR "/gdrive/login2.html", 200, true);
- //authentication response
+ //authentication password
curl_mockup_addResponse( LOGIN_URL.c_str( ), empty.c_str( ), "POST",
DATA_DIR "/gdrive/approve.html", 200, true);
--
2.7.4

11
libcmis.spec
View File

@ -2,7 +2,7 @@
Name: libcmis
Version: 0.5.1
Release: 1%{?dist}
Release: 2%{?dist}
Summary: A C++ client library for CM interfaces
License: GPLv2+ or LGPLv2+ or MPLv1.1
@ -15,6 +15,12 @@ BuildRequires: pkgconfig(libcurl)
BuildRequires: pkgconfig(libxml-2.0)
BuildRequires: xmlto
Patch0: 0001-Add-new-Google-Drive-OAuth-2.0-login-procedure.patch
Patch1: 0002-Add-new-mokup-login-pages.patch
Patch2: 0003-Fix-test-in-test-factory.patch
Patch3: 0004-Fix-test-in-test-gdrive.patch
Patch4: 0005-Fix-test-in-test-onedrive.patch
%description
LibCMIS is a C++ client library for working with CM (content management)
interfaces. The primary supported interface (which gave the library its
@ -81,6 +87,9 @@ make %{?_smp_mflags} check
%{_mandir}/man1/cmis-client.1*
%changelog
* Wed May 04 2016 David Tardon <dtardon@redhat.com> - 0.5.1-2
- fix Google Drive login
* Fri Mar 04 2016 David Tardon <dtardon@redhat.com> - 0.5.1-1
- new upstream release