OAuth2 application keys shouldn't be in the code.

The GDrive OAuth2 key is now defined at configure time. If either the
client secret or client id is missing, the Google Drive connectivity
will be disabled at runtime.

Tinderboxes can set up a GDrive key, but they need to make sure it's
not persisting in the build log.

Change-Id: I09bc748641ec14eae890f273f05bffe4ed421dbb

ucb/source/ucp/cmis/cmis_oauth2_providers.hxx → config_host/config_oauth2.h.in

@@ -10,23 +10,19 @@
  *
  */
 
-#ifndef CMIS_OAUTH2_PROVIDERS_HXX
-#define CMIS_OAUTH2_PROVIDERS_HXX
+#ifndef CONFIG_OAUTH2_H
+#define CONFIG_OAUTH2_H
 
 
-namespace cmis
-{
-
+/* Google Drive settings */
 #define GDRIVE_BASE_URL "https://www.googleapis.com/drive/v2"
-#define GDRIVE_CLIENT_ID "457862564325.apps.googleusercontent.com"
-#define GDRIVE_CLIENT_SECRET "GYWrDtzyZQZ0_g5YoBCC6F0I"
+#define GDRIVE_CLIENT_ID ""
+#define GDRIVE_CLIENT_SECRET ""
 #define GDRIVE_AUTH_URL "https://accounts.google.com/o/oauth2/auth"
 #define GDRIVE_TOKEN_URL "https://accounts.google.com/o/oauth2/token"
 #define GDRIVE_REDIRECT_URI "urn:ietf:wg:oauth:2.0:oob"
 #define GDRIVE_SCOPE "https://www.googleapis.com/auth/drive"
 
-}
-
 #endif
 
 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */

configure.ac

@@ -2017,6 +2017,20 @@ AC_ARG_WITH(all-tarballs,
     AS_HELP_STRING([--with-all-tarballs],
         [Download all external tarballs unconditionally]))
 
+AC_ARG_WITH(gdrive-client-id,
+    AS_HELP_STRING([--with-drive-client-id],
+        [Provides the client id of the application for OAuth2 authentication
+        on Google Drive. If either this or --with-gdrive-client-secret is
+        empty, the feature will be disabled]),
+)
+
+AC_ARG_WITH(gdrive-client-secret,
+    AS_HELP_STRING([--with-drive-client-secret],
+        [Provides the client secret of the application for OAuth2
+        authentication on Google Drive. If either this or
+        --with-gdrive-client-id is empty, the feature will be disabled]),
+)
+
 dnl ===================================================================
 dnl Do we want to use pre-build binary tarball for recompile
 dnl ===================================================================
@@ -12231,6 +12245,24 @@ AC_SUBST(INSTALLDIR)
 TESTINSTALLDIR="${BUILDDIR}/test-install/${INPATH}"
 AC_SUBST(TESTINSTALLDIR)
 
+
+# ===================================================================
+# OAuth2 id and secrets
+# ===================================================================
+
+AC_MSG_CHECKING([for Google Drive client id and secret])
+GDRIVE_CLIENT_ID="\"$with_gdrive_client_id\""
+GDRIVE_CLIENT_SECRET="\"$with_gdrive_client_secret\""
+if test "$with_gdrive_client_id" = "no" -o -n "$with_driver_client_id"; then
+    GDRIVE_CLIENT_ID="\"\""
+fi
+
+if test "$with_gdrive_client_secret" = "no" -o -n "$with_driver_client_secret"; then
+    GDRIVE_CLIENT_SECRET="\"\""
+fi
+AC_DEFINE_UNQUOTED(GDRIVE_CLIENT_ID, $GDRIVE_CLIENT_ID)
+AC_DEFINE_UNQUOTED(GDRIVE_CLIENT_SECRET, $GDRIVE_CLIENT_SECRET)
+
 # ===================================================================
 # De- or increase default verbosity of build process
 # ===================================================================
@@ -12606,6 +12638,7 @@ AC_CONFIG_HEADERS([config_host/config_telepathy.h])
 AC_CONFIG_HEADERS([config_host/config_typesizes.h])
 AC_CONFIG_HEADERS([config_host/config_vclplug.h])
 AC_CONFIG_HEADERS([config_host/config_version.h])
+AC_CONFIG_HEADERS([config_host/config_oauth2.h])
 AC_OUTPUT
 
 if test "$CROSS_COMPILING" = YES; then

svtools/source/dialogs/ServerDetailsControls.cxx

@@ -22,6 +22,7 @@
 
 #include <svtools/PlaceEditDialog.hxx>
 #include <svtools/ServerDetailsControls.hxx>
+#include <config_oauth2.h>
 
 using namespace std;
 using namespace com::sun::star::lang;
@@ -278,12 +279,19 @@ CmisDetailsContainer::CmisDetailsContainer( VclBuilderContainer* pBuilder ) :
     show( false );
 
     // Load the ServerType entries
+    bool bSkipGDrive = OUString( GDRIVE_CLIENT_ID ).isEmpty() ||
+                       OUString( GDRIVE_CLIENT_SECRET ).isEmpty();
+
     Sequence< OUString > aTypesUrlsList( officecfg::Office::Common::Misc::CmisServersUrls::get( xContext ) );
     Sequence< OUString > aTypesNamesList( officecfg::Office::Common::Misc::CmisServersNames::get( xContext ) );
     for ( sal_Int32 i = 0; i < aTypesUrlsList.getLength( ) && aTypesNamesList.getLength( ); ++i )
     {
-        m_pLBServerType->InsertEntry( aTypesNamesList[i] );
-        m_aServerTypesURLs.push_back( aTypesUrlsList[i] );
+        OUString sUrl = aTypesUrlsList[i];
+        if ( !( sUrl == OUString( GDRIVE_BASE_URL ) && bSkipGDrive ) )
+        {
+            m_pLBServerType->InsertEntry( aTypesNamesList[i] );
+            m_aServerTypesURLs.push_back( sUrl );
+        }
     }
 }
 

ucb/source/ucp/cmis/cmis_content.cxx

@@ -34,6 +34,7 @@
 #include <com/sun/star/ucb/XDynamicResultSet.hpp>
 
 #include <comphelper/processfactory.hxx>
+#include <config_oauth2.h>
 #include <ucbhelper/cancelcommandexecution.hxx>
 #include <ucbhelper/content.hxx>
 #include <ucbhelper/contentidentifier.hxx>
@@ -47,7 +48,6 @@
 #include "cmis_content.hxx"
 #include "cmis_provider.hxx"
 #include "cmis_resultset.hxx"
-#include "cmis_oauth2_providers.hxx"
 #include "cmis_strings.hxx"
 
 #define OUSTR_TO_STDSTR(s) string( OUStringToOString( s, RTL_TEXTENCODING_UTF8 ).getStr() )

ucb/source/ucp/cmis/cmis_url.cxx

@@ -9,10 +9,10 @@
 
 #include <libcmis/libcmis.hxx>
 
+#include <config_oauth2.h>
 #include <rtl/uri.hxx>
 
 #include "cmis_url.hxx"
-#include "cmis_oauth2_providers.hxx"
 
 using namespace std;