office-gobmx/external/libcmis/libcmis-fix-google-drive-2.patch
Andrea Gelmini 09425ab9f1 Removed executable permission on data files
chmod -x for .patch, .pptm, and .vb

Change-Id: I98e1221e48df22e8b58aaf305898cbe301f187ce
Reviewed-on: https://gerrit.libreoffice.org/52568
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2018-05-04 03:19:33 +02:00

125 lines
5.4 KiB
Diff

diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
index 74c0fec..30fedb0 100644
--- a/src/libcmis/oauth2-providers.cxx
+++ b/src/libcmis/oauth2-providers.cxx
@@ -41,6 +41,7 @@
#define CHALLENGE_PAGE_ACTION_LEN sizeof( CHALLENGE_PAGE_ACTION ) - 1
#define PIN_FORM_ACTION "/signin/challenge/ipp"
#define PIN_FORM_ACTION_LEN sizeof( PIN_FORM_ACTION ) - 1
+#define PIN_INPUT_NAME "Pin"
using namespace std;
@@ -80,7 +81,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
// send the first get, receive the html login page
res = session->httpGetRequest( authUrl )->getStream( )->str( );
}
- catch ( const CurlException& e )
+ catch ( const CurlException& )
{
return string( );
}
@@ -102,7 +103,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
loginEmailRes = session->httpPostRequest ( loginEmailLink, loginEmailIs, CONTENT_TYPE )
->getStream( )->str( );
}
- catch ( const CurlException& e )
+ catch ( const CurlException& )
{
return string( );
}
@@ -113,7 +114,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
if ( !parseResponse( loginEmailRes.c_str( ), loginPasswdPost, loginPasswdLink ) )
return string( );
- loginPasswdPost += "&Passwd=";
+ loginPasswdPost += "Passwd=";
loginPasswdPost += string( password );
istringstream loginPasswdIs( loginPasswdPost );
@@ -124,7 +125,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
loginPasswdRes = session->httpPostRequest ( loginPasswdLink, loginPasswdIs, CONTENT_TYPE )
->getStream( )->str( );
}
- catch ( const CurlException& e )
+ catch ( const CurlException& )
{
return string( );
}
@@ -152,7 +153,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
}
loginChallengeLink = "https://accounts.google.com" + loginChallengeLink;
- loginChallengePost += "Pin=";
+ loginChallengePost += string( PIN_INPUT_NAME ) + "=";
loginChallengePost += string( pin );
istringstream loginChallengeIs( loginChallengePost );
@@ -163,7 +164,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
loginChallengeRes = session->httpPostRequest ( loginChallengeLink, loginChallengeIs, CONTENT_TYPE )
->getStream( )->str( );
}
- catch ( const CurlException& e )
+ catch ( const CurlException& )
{
return string( );
}
@@ -221,7 +222,7 @@ string OAuth2Providers::OAuth2Alfresco( HttpSession* session, const string& auth
{
res = session->httpGetRequest( authUrl )->getStream( )->str( );
}
- catch ( const CurlException& e )
+ catch ( const CurlException& )
{
return string( );
}
@@ -247,7 +248,7 @@ string OAuth2Providers::OAuth2Alfresco( HttpSession* session, const string& auth
// Alfresco code is in the redirect link
resp = session->httpPostRequest( loginLink, loginIs, CONTENT_TYPE, false );
}
- catch ( const CurlException& e )
+ catch ( const CurlException& )
{
return string( );
}
@@ -291,6 +292,8 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
if ( reader == NULL ) return 0;
bool readInputField = false;
+ bool bIsRightForm = false;
+ bool bHasPinField = false;
while ( true )
{
@@ -301,6 +304,12 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
// Find the redirect link
if ( xmlStrEqual( nodeName, BAD_CAST( "form" ) ) )
{
+ // 2FA: Don't add fields form other forms not having pin field
+ if ( bIsRightForm && !bHasPinField )
+ post = string( "" );
+ if ( bIsRightForm && bHasPinField )
+ break;
+
xmlChar* action = xmlTextReaderGetAttribute( reader,
BAD_CAST( "action" ));
@@ -311,7 +320,7 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
bool bChallengePage = ( strncmp( (char*)action,
CHALLENGE_PAGE_ACTION,
CHALLENGE_PAGE_ACTION_LEN ) == 0 );
- bool bIsRightForm = ( strncmp( (char*)action,
+ bIsRightForm = ( strncmp( (char*)action,
PIN_FORM_ACTION,
PIN_FORM_ACTION_LEN ) == 0 );
if ( ( xmlStrlen( action ) > 0 )
@@ -332,6 +341,8 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
BAD_CAST( "name" ));
xmlChar* value = xmlTextReaderGetAttribute( reader,
BAD_CAST( "value" ));
+ if ( name != NULL && strcmp( (char*)name, PIN_INPUT_NAME ) == 0 )
+ bHasPinField = true;
if ( ( name != NULL ) && ( value!= NULL ) )
{
if ( ( xmlStrlen( name ) > 0) && ( xmlStrlen( value ) > 0) )