Merged in chriadam/base-sociald (pull request #19)

[sociald] Don't hardcode OAuth2 keys - JB#5003
sailfishos · Jun 12, 2013 · fa94f2b · fa94f2b
2 parents b0b3d75 + 617af6c
commit fa94f2b
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 5 deletions.
diff --git a/rpm/sociald.spec b/rpm/sociald.spec
@@ -1,6 +1,6 @@
 Name:       sociald
 Summary:    Syncs device data from social services
-Version:    0.0.8
+Version:    0.0.11
 Release:    1
 Group:      System/Applications
 License:    TBD
@@ -18,6 +18,7 @@ BuildRequires:  pkgconfig(systemd)
 BuildRequires:  pkgconfig(QJson)
 BuildRequires:  pkgconfig(libsignon-qt)
 BuildRequires:  pkgconfig(accounts-qt)
+BuildRequires:  pkgconfig(libsailfishkeyprovider)
 BuildRequires:  nemo-qml-plugin-notifications-devel
 BuildRequires:  eventfeed-devel
 BuildRequires:  libmeegotouchevents-devel

diff --git a/src/twitter/twitter.pri b/src/twitter/twitter.pri
@@ -1,5 +1,5 @@
 CONFIG += link_pkgconfig
-PKGCONFIG += accounts-qt libsignon-qt nemonotifications
+PKGCONFIG += accounts-qt libsignon-qt nemonotifications libsailfishkeyprovider
 lessThan(QT_MAJOR_VERSION, 5) {
     PKGCONFIG += QJson
 }

diff --git a/src/twitter/twitterdatatypesyncadaptor.cpp b/src/twitter/twitterdatatypesyncadaptor.cpp
@@ -49,6 +49,9 @@
 #include <QJsonDocument>
 #endif
 
+//libsailfishkeyprovider
+#include <sailfishkeyprovider.h>
+
 //libaccounts-qt
 #include <Accounts/Manager>
 #include <Accounts/Service>
@@ -272,9 +275,19 @@ static QString hmacSha1(const QString &signingKey, const QString &baseString)
 QString TwitterDataTypeSyncAdaptor::authorizationHeader(int accountId, const QString &oauthToken, const QString &oauthTokenSecret, const QString &requestMethod, const QString &requestUrl, const QList<QPair<QString, QString> > &parameters)
 {
     // Twitter requires all requests to be signed with an authorization header.
-    // XXX TODO: get the consumer key from the secure storage / dynamic library containing our keys!
-    QString consumerSecret = QLatin1String("yxfwTU17VXcrtYPqWD941bQRsaHvgKdje6RlqOq07yA");
-    QString oauthConsumerKey = QLatin1String("FxVs00m3hPvdC4tpla1yHA");
+    char *cConsumerKey = NULL;
+    char *cConsumerSecret = NULL;
+    int ckSuccess = SailfishKeyProvider_storedKey("twitter", "twitter-sync", "consumer_key", &cConsumerKey);
+    int csSuccess = SailfishKeyProvider_storedKey("twitter", "twitter-sync", "consumer_secret", &cConsumerSecret);
+
+    if (ckSuccess != 0 || cConsumerKey == NULL || csSuccess != 0 || cConsumerSecret == NULL) {
+        qWarning() << Q_FUNC_INFO << "No valid OAuth2 keys found";
+        return QString();
+    }
+
+    QString consumerSecret = QLatin1String(cConsumerSecret);
+    QString oauthConsumerKey = QLatin1String(cConsumerKey);
+
     QString oauthNonce = QString::fromLatin1(QUuid::createUuid().toByteArray().toBase64());
     QString oauthSignature;
     QString oauthSigMethod = QLatin1String("HMAC-SHA1");