tdf#87938 google 2FA fix, new pin code page

Updated libcmis 2FA patch: + changed challenge page parser + handled abort in the auth code provider Change-Id: I2bbb102ec735788132e094d3908ac12432e9508c Reviewed-on: https://gerrit.libreoffice.org/25372Reviewed-by: David Tardon <dtardon@redhat.com> Tested-by: David Tardon <dtardon@redhat.com>

tdf#87938 google 2FA fix, new pin code page
Updated libcmis 2FA patch: + changed challenge page parser + handled abort in the auth code provider Change-Id: I2bbb102ec735788132e094d3908ac12432e9508c Reviewed-on: https://gerrit.libreoffice.org/25372Reviewed-by: David Tardon <dtardon@redhat.com> Tested-by: David Tardon <dtardon@redhat.com>
aea4fdb6 · Szymon Kłos · David Tardon · 2d2a3393 · aea4fdb6
Kaydet (Commit) aea4fdb6 authored May 23, 2016 tarafından Szymon Kłos Kaydeden (comit) David Tardon Haz 09, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 9 deletions

libcmis-google-2FA-implementation.patch external/libcmis/libcmis-google-2FA-implementation.patch +30 -9

No files found.
--- a/external/libcmis/libcmis-google-2FA-implementation.patch
+++ b/external/libcmis/libcmis-google-2FA-implementation.patch
 diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
 --- a/src/libcmis/oauth2-providers.cxx
 +++ b/src/libcmis/oauth2-providers.cxx
-@@ -29,6 +29,7 @@
+@@ -29,9 +29,15 @@
 #include <libxml/HTMLparser.h>
 #include <libxml/xmlreader.h>
 
@@ -9,6 +9,14 @@ diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
 #include "oauth2-providers.hxx"
 #include "http-session.hxx"
 
+#define CHALLENGE_PAGE_ACTION "/signin"
+#define CHALLENGE_PAGE_ACTION_LEN sizeof( CHALLENGE_PAGE_ACTION ) - 1
+#define PIN_FORM_ACTION "/signin/challenge/ipp"
+#define PIN_FORM_ACTION_LEN sizeof( PIN_FORM_ACTION ) - 1
+
+ using namespace std;
+ 
+ #if LIBXML_VERSION < 20621
 @@ -51,10 +52,23 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
      * 4) subsequent post to send a consent for the application
      *    receive a single-use authorization code
@@ -52,7 +60,7 @@ diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
     string loginPasswdPost, loginPasswdLink;
     if ( !parseResponse( loginEmailRes.c_str( ), loginPasswdPost, loginPasswdLink ) )
         return string( );
-@@ -106,10 +124,53 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
+@@ -106,10 +124,60 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
         return string( );
     }
 
@@ -72,6 +80,13 @@ diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
 +        libcmis::OAuth2AuthCodeProvider fallbackProvider = libcmis::SessionFactory::getOAuth2AuthCodeProvider( );
 +        string pin( fallbackProvider( "", "", "" ) );
 +
+        if( pin.empty() )
+        {
+            // unset OAuth2AuthCode Provider to avoid showing pin request again in the HttpSession::oauth2Authenticate
+            libcmis::SessionFactory::setOAuth2AuthCodeProvider( NULL );
+            return string( );
+        }
+
 +        loginChallengeLink = "https://accounts.google.com" + loginChallengeLink;
 +        loginChallengePost += "Pin=";
 +        loginChallengePost += string( pin );
@@ -126,24 +141,30 @@ diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
     while ( true )
     {
         // Go to the next node, quit if not found
-@@ -227,15 +291,24 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
+@@ -227,15 +291,30 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
         {
             xmlChar* action = xmlTextReaderGetAttribute( reader, 
                                                          BAD_CAST( "action" ));
 +
-+            // GDrive pin code page contains 3 forms.
-+            // First form resends pin code, we need to omit its input fields.
-+            // Also we mustn't parse action field from the 'select challenge' form.
+            // GDrive pin code page contains many forms.
+            // We have to parse only the form with pin field.
             if ( action != NULL )
             {
 -                if ( xmlStrlen(action) > 0)
-+                if ( ( strcmp( (char*)action, "/signin/challenge" ) != 0 )
-+                   && ( strcmp( (char*)action, "/signin/selectchallenge" ) != 0 )
-+                   && xmlStrlen(action) > 0 )
+                bool bChallengePage = ( strncmp( (char*)action,
+                                                 CHALLENGE_PAGE_ACTION,
+                                                 CHALLENGE_PAGE_ACTION_LEN ) == 0 );
+                bool bIsRightForm = ( strncmp( (char*)action,
+                                                 PIN_FORM_ACTION,
+                                                 PIN_FORM_ACTION_LEN ) == 0 );
+                if ( ( xmlStrlen( action ) > 0 )
+                    && ( ( bChallengePage && bIsRightForm ) || !bChallengePage ) )
 +                {
                     link = string ( (char*) action);
 +                    readInputField = true;
 +                }
+                else
+                    readInputField = false;
                 xmlFree (action);
             }
         }