09425ab9f1
chmod -x for .patch, .pptm, and .vb Change-Id: I98e1221e48df22e8b58aaf305898cbe301f187ce Reviewed-on: https://gerrit.libreoffice.org/52568 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
125 lines
5.4 KiB
Diff
125 lines
5.4 KiB
Diff
diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx
|
|
index 74c0fec..30fedb0 100644
|
|
--- a/src/libcmis/oauth2-providers.cxx
|
|
+++ b/src/libcmis/oauth2-providers.cxx
|
|
@@ -41,6 +41,7 @@
|
|
#define CHALLENGE_PAGE_ACTION_LEN sizeof( CHALLENGE_PAGE_ACTION ) - 1
|
|
#define PIN_FORM_ACTION "/signin/challenge/ipp"
|
|
#define PIN_FORM_ACTION_LEN sizeof( PIN_FORM_ACTION ) - 1
|
|
+#define PIN_INPUT_NAME "Pin"
|
|
|
|
using namespace std;
|
|
|
|
@@ -80,7 +81,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
|
|
// send the first get, receive the html login page
|
|
res = session->httpGetRequest( authUrl )->getStream( )->str( );
|
|
}
|
|
- catch ( const CurlException& e )
|
|
+ catch ( const CurlException& )
|
|
{
|
|
return string( );
|
|
}
|
|
@@ -102,7 +103,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
|
|
loginEmailRes = session->httpPostRequest ( loginEmailLink, loginEmailIs, CONTENT_TYPE )
|
|
->getStream( )->str( );
|
|
}
|
|
- catch ( const CurlException& e )
|
|
+ catch ( const CurlException& )
|
|
{
|
|
return string( );
|
|
}
|
|
@@ -113,7 +114,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
|
|
if ( !parseResponse( loginEmailRes.c_str( ), loginPasswdPost, loginPasswdLink ) )
|
|
return string( );
|
|
|
|
- loginPasswdPost += "&Passwd=";
|
|
+ loginPasswdPost += "Passwd=";
|
|
loginPasswdPost += string( password );
|
|
|
|
istringstream loginPasswdIs( loginPasswdPost );
|
|
@@ -124,7 +125,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
|
|
loginPasswdRes = session->httpPostRequest ( loginPasswdLink, loginPasswdIs, CONTENT_TYPE )
|
|
->getStream( )->str( );
|
|
}
|
|
- catch ( const CurlException& e )
|
|
+ catch ( const CurlException& )
|
|
{
|
|
return string( );
|
|
}
|
|
@@ -152,7 +153,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
|
|
}
|
|
|
|
loginChallengeLink = "https://accounts.google.com" + loginChallengeLink;
|
|
- loginChallengePost += "Pin=";
|
|
+ loginChallengePost += string( PIN_INPUT_NAME ) + "=";
|
|
loginChallengePost += string( pin );
|
|
|
|
istringstream loginChallengeIs( loginChallengePost );
|
|
@@ -163,7 +164,7 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr
|
|
loginChallengeRes = session->httpPostRequest ( loginChallengeLink, loginChallengeIs, CONTENT_TYPE )
|
|
->getStream( )->str( );
|
|
}
|
|
- catch ( const CurlException& e )
|
|
+ catch ( const CurlException& )
|
|
{
|
|
return string( );
|
|
}
|
|
@@ -221,7 +222,7 @@ string OAuth2Providers::OAuth2Alfresco( HttpSession* session, const string& auth
|
|
{
|
|
res = session->httpGetRequest( authUrl )->getStream( )->str( );
|
|
}
|
|
- catch ( const CurlException& e )
|
|
+ catch ( const CurlException& )
|
|
{
|
|
return string( );
|
|
}
|
|
@@ -247,7 +248,7 @@ string OAuth2Providers::OAuth2Alfresco( HttpSession* session, const string& auth
|
|
// Alfresco code is in the redirect link
|
|
resp = session->httpPostRequest( loginLink, loginIs, CONTENT_TYPE, false );
|
|
}
|
|
- catch ( const CurlException& e )
|
|
+ catch ( const CurlException& )
|
|
{
|
|
return string( );
|
|
}
|
|
@@ -291,6 +292,8 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
|
|
if ( reader == NULL ) return 0;
|
|
|
|
bool readInputField = false;
|
|
+ bool bIsRightForm = false;
|
|
+ bool bHasPinField = false;
|
|
|
|
while ( true )
|
|
{
|
|
@@ -301,6 +304,12 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
|
|
// Find the redirect link
|
|
if ( xmlStrEqual( nodeName, BAD_CAST( "form" ) ) )
|
|
{
|
|
+ // 2FA: Don't add fields form other forms not having pin field
|
|
+ if ( bIsRightForm && !bHasPinField )
|
|
+ post = string( "" );
|
|
+ if ( bIsRightForm && bHasPinField )
|
|
+ break;
|
|
+
|
|
xmlChar* action = xmlTextReaderGetAttribute( reader,
|
|
BAD_CAST( "action" ));
|
|
|
|
@@ -311,7 +320,7 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
|
|
bool bChallengePage = ( strncmp( (char*)action,
|
|
CHALLENGE_PAGE_ACTION,
|
|
CHALLENGE_PAGE_ACTION_LEN ) == 0 );
|
|
- bool bIsRightForm = ( strncmp( (char*)action,
|
|
+ bIsRightForm = ( strncmp( (char*)action,
|
|
PIN_FORM_ACTION,
|
|
PIN_FORM_ACTION_LEN ) == 0 );
|
|
if ( ( xmlStrlen( action ) > 0 )
|
|
@@ -332,6 +341,8 @@ int OAuth2Providers::parseResponse ( const char* response, string& post, string&
|
|
BAD_CAST( "name" ));
|
|
xmlChar* value = xmlTextReaderGetAttribute( reader,
|
|
BAD_CAST( "value" ));
|
|
+ if ( name != NULL && strcmp( (char*)name, PIN_INPUT_NAME ) == 0 )
|
|
+ bHasPinField = true;
|
|
if ( ( name != NULL ) && ( value!= NULL ) )
|
|
{
|
|
if ( ( xmlStrlen( name ) > 0) && ( xmlStrlen( value ) > 0) )
|
|
|