From 5e63268dd1f50c9be088d45b47f002d8c3529cc5 Mon Sep 17 00:00:00 2001 From: John Brooks Date: Mon, 23 Sep 2013 23:07:21 -0600 Subject: [PATCH] [telepathy-sasl-signon] Build Facebook authentication responses without libsoup libsoup would escape parameters too much, resulting in authentication failures with some recent server-side changes by Facebook. The response string is simple to build and escaping is unnecessary for all feasible inputs. --- rpm/telepathy-accounts-signon.spec | 1 - .../empathy-sasl-mechanisms.c | 35 +++++++++---------- .../telepathy-sasl-signon.pro | 2 +- 3 files changed, 18 insertions(+), 20 deletions(-) diff --git a/rpm/telepathy-accounts-signon.spec b/rpm/telepathy-accounts-signon.spec index b40952f..81ab025 100644 --- a/rpm/telepathy-accounts-signon.spec +++ b/rpm/telepathy-accounts-signon.spec @@ -13,7 +13,6 @@ BuildRequires: pkgconfig(gobject-2.0) BuildRequires: pkgconfig(libsignon-glib) BuildRequires: pkgconfig(telepathy-glib) BuildRequires: pkgconfig(libaccounts-glib) -BuildRequires: pkgconfig(libsoup-2.4) BuildRequires: pkgconfig(mission-control-plugins) BuildRequires: pkgconfig(libsailfishkeyprovider) diff --git a/telepathy-sasl-signon/empathy-sasl-mechanisms.c b/telepathy-sasl-signon/empathy-sasl-mechanisms.c index 78f6ed1..6e7475e 100644 --- a/telepathy-sasl-signon/empathy-sasl-mechanisms.c +++ b/telepathy-sasl-signon/empathy-sasl-mechanisms.c @@ -18,7 +18,6 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ -#include #include #include "empathy-debug.h" @@ -135,38 +134,38 @@ facebook_new_challenge_cb (TpChannel *channel, { GSimpleAsyncResult *result = user_data; FacebookData *data; - GHashTable *h; - GHashTable *params; gchar *response; GArray *response_array; + gchar **challenge_data; + GString *response_string; + gchar **d; DEBUG ("new challenge: %s", challenge->data); data = g_simple_async_result_get_op_res_gpointer (result); - h = soup_form_decode (challenge->data); - /* See https://developers.facebook.com/docs/chat/#platauth */ - params = g_hash_table_new (g_str_hash, g_str_equal); - g_hash_table_insert (params, "method", g_hash_table_lookup (h, "method")); - g_hash_table_insert (params, "nonce", g_hash_table_lookup (h, "nonce")); - g_hash_table_insert (params, "access_token", data->access_token); - g_hash_table_insert (params, "api_key", data->client_id); - g_hash_table_insert (params, "call_id", "0"); - g_hash_table_insert (params, "v", "1.0"); + response_string = g_string_new ("v=1.0&call_id=0"); + g_string_append_printf (response_string, "&access_token=%s&api_key=%s", data->access_token, data->client_id); + + challenge_data = g_strsplit (challenge->data, "&", 0); + for (d = challenge_data; *d; d++) { + if (strncmp (*d, "method=", 7) == 0 || strncmp (*d, "nonce=", 6) == 0) { + g_string_append_c (response_string, '&'); + g_string_append (response_string, *d); + } + } - response = soup_form_encode_hash (params); - DEBUG ("Response: %s", response); + DEBUG ("Response: %s", response_string->str); response_array = g_array_new (FALSE, FALSE, sizeof (gchar)); - g_array_append_vals (response_array, response, strlen (response)); + g_array_append_vals (response_array, response_string->str, response_string->len); tp_cli_channel_interface_sasl_authentication_call_respond (data->channel, -1, response_array, generic_cb, g_object_ref (result), g_object_unref, NULL); - g_hash_table_unref (h); - g_hash_table_unref (params); - g_free (response); + g_string_free (response_string, TRUE); + g_strfreev (challenge_data); g_array_unref (response_array); } diff --git a/telepathy-sasl-signon/telepathy-sasl-signon.pro b/telepathy-sasl-signon/telepathy-sasl-signon.pro index f1ea74a..2afcc48 100644 --- a/telepathy-sasl-signon/telepathy-sasl-signon.pro +++ b/telepathy-sasl-signon/telepathy-sasl-signon.pro @@ -2,7 +2,7 @@ TEMPLATE = app CONFIG -= qt CONFIG += link_pkgconfig -PKGCONFIG += libsignon-glib telepathy-glib libaccounts-glib libsoup-2.4 +PKGCONFIG += libsignon-glib telepathy-glib libaccounts-glib PKGCONFIG += libsailfishkeyprovider DEFINES += HAVE_UOA \