rpms
/
gnome-online-accounts
20
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a1f288ad57'
${ noResults }
gnome-online-accounts/SOURCES/0002-Drop-dependency-on-Web...

4923 lines
181 KiB
Raw Normal View History Unescape

import gnome-online-accounts-3.28.2-7.el8
8 months ago
diff --git a/configure.ac b/configure.ac
index ddf98f1..f997d36 100644
--- a/configure.ac
+++ b/configure.ac
@@ -124,10 +124,6 @@ if test "$enable_backend" != "no"; then
AC_SUBST(GTK_CFLAGS)
AC_SUBST(GTK_LIBS)
- PKG_CHECK_MODULES(WEBKIT_GTK, [webkit2gtk-4.0 >= 2.12.0])
- AC_SUBST(WEBKIT_GTK_CFLAGS)
- AC_SUBST(WEBKIT_GTK_LIBS)
-
PKG_CHECK_MODULES(LIBSOUP, [libsoup-2.4 >= 2.42])
AC_SUBST(LIBSOUP_CFLAGS)
AC_SUBST(LIBSOUP_LIBS)
@@ -176,14 +172,6 @@ if test "$enable_backend" != "no"; then
fi
fi
-AC_ARG_ENABLE([inspector],
- [AS_HELP_STRING([--enable-inspector], [Enable a WebKitWebInspector for the embedded web view])],
- [],
- [enable_inspector=no])
-if test "$enable_inspector" != "no"; then
- AC_DEFINE(GOA_INSPECTOR_ENABLED, 1, [Enable a WebKitWebInspector for the embedded web view])
-fi
-
AC_ARG_WITH(template-file,
[AS_HELP_STRING([--with-template-file], [Path to the template file])],
[],
@@ -271,7 +259,11 @@ AC_DEFINE_UNQUOTED(GOA_GOOGLE_CLIENT_ID, ["$with_google_client_id"], [Google OAu
AC_DEFINE_UNQUOTED(GOA_GOOGLE_CLIENT_SECRET, ["$with_google_client_secret"], [Google OAuth 2.0 client secret])
if test "$enable_google" != "no"; then
AC_DEFINE(GOA_GOOGLE_ENABLED, 1, [Enable Google data provider])
+ if test "$with_google_client_id" != "44438659992-7kgjeitenc16ssihbtdjbgguch7ju55s.apps.googleusercontent.com"; then
+ AC_MSG_ERROR([Unexpected Google OAuth2 Client ID, correct it here and in data/Makefile.am in oauth2_schemes, to be reverse-DNS of the new Client ID])
+ fi
fi
+AM_CONDITIONAL(GOOGLE_ENABLED, [test x$enable_google != xno])
# IMAP/SMTP
AC_DEFINE(GOA_IMAP_SMTP_NAME, ["imap_smtp"], [ProviderType and extension point name])
diff --git a/data/Makefile.am b/data/Makefile.am
index 286dcd0..61b69e1 100644
--- a/data/Makefile.am
+++ b/data/Makefile.am
@@ -20,16 +20,30 @@ service_DATA = $(service_in_files:.service.in=.service)
@sed -e "s|\@libexecdir\@|$(libexecdir)|" $< > $@
endif
+desktopdir = $(datadir)/applications
+desktop_in_files = org.gnome.OnlineAccounts.OAuth2.desktop.in
+desktop_DATA = $(desktop_in_files:.desktop.in=.desktop)
+if GOOGLE_ENABLED
+ oauth2_schemes=x-scheme-handler/com.googleusercontent.apps.44438659992-7kgjeitenc16ssihbtdjbgguch7ju55s;
+else
+ oauth2_schemes=
+endif
+
+%.desktop: %.desktop.in Makefile
+ @sed -e "s|\@libexecdir\@|$(libexecdir)|" -e "s|\@oauth2_schemes\@|$(oauth2_schemes)|" $< > $@
+
EXTRA_DIST = \
$(gsettings_SCHEMAS) \
dbus-interfaces.xml \
org.gnome.Identity.service.in \
org.gnome.OnlineAccounts.service.in \
+ org.gnome.OnlineAccounts.OAuth2.desktop.in \
$(NULL)
CLEANFILES = \
org.gnome.OnlineAccounts.service \
org.gnome.Identity.service \
+ org.gnome.OnlineAccounts.OAuth2.desktop \
$(NULL)
clean-local :
diff --git a/data/org.gnome.OnlineAccounts.OAuth2.desktop.in b/data/org.gnome.OnlineAccounts.OAuth2.desktop.in
new file mode 100644
index 0000000..d0478aa
--- /dev/null
+++ b/data/org.gnome.OnlineAccounts.OAuth2.desktop.in
@@ -0,0 +1,6 @@
+[Desktop Entry]
+Name=GNOME OAuth2 Handler
+Exec=@libexecdir@/goa-oauth2-handler %u
+Type=Application
+MimeType=x-scheme-handler/goa-oauth2;@oauth2_schemes@
+NoDisplay=true
diff --git a/doc/goa-docs.xml b/doc/goa-docs.xml
index 0abb53a..a9d45e1 100644
--- a/doc/goa-docs.xml
+++ b/doc/goa-docs.xml
@@ -171,7 +171,6 @@
<title>Core</title>
<xi:include href="xml/goautil.xml"/>
<xi:include href="xml/goaprovider.xml"/>
- <xi:include href="xml/goaoauthprovider.xml"/>
<xi:include href="xml/goaoauth2provider.xml"/>
</chapter>
</part>
diff --git a/doc/goa-sections.txt b/doc/goa-sections.txt
index 306846e..a27d942 100644
--- a/doc/goa-sections.txt
+++ b/doc/goa-sections.txt
@@ -498,36 +498,6 @@ GoaOAuth2ProviderPrivate
goa_oauth2_provider_get_type
</SECTION>
-<SECTION>
-<FILE>goaoauthprovider</FILE>
-GoaOAuthProvider
-GoaOAuthProviderClass
-goa_oauth_provider_get_request_uri
-goa_oauth_provider_get_request_uri_params
-goa_oauth_provider_get_authorization_uri
-goa_oauth_provider_get_token_uri
-goa_oauth_provider_get_callback_uri
-goa_oauth_provider_get_consumer_key
-goa_oauth_provider_get_consumer_secret
-goa_oauth_provider_build_authorization_uri
-goa_oauth_provider_get_use_mobile_browser
-goa_oauth_provider_is_deny_node
-goa_oauth_provider_is_identity_node
-goa_oauth_provider_is_password_node
-goa_oauth_provider_add_account_key_values
-goa_oauth_provider_get_identity_sync
-goa_oauth_provider_get_access_token_sync
-goa_oauth_provider_parse_request_token_error
-<SUBSECTION Standard>
-GOA_OAUTH_PROVIDER
-GOA_OAUTH_PROVIDER_CLASS
-GOA_OAUTH_PROVIDER_GET_CLASS
-GOA_IS_OAUTH_PROVIDER
-GOA_IS_OAUTH_PROVIDER_CLASS
-GOA_TYPE_OAUTH_PROVIDER
-goa_oauth_provider_get_type
-</SECTION>
-
<SECTION>
<FILE>GoaMail</FILE>
GoaMail
diff --git a/doc/goa.types b/doc/goa.types
index 56ba3c4..d8d7325 100644
--- a/doc/goa.types
+++ b/doc/goa.types
@@ -62,5 +62,4 @@ goa_printers_proxy_get_type
goa_printers_skeleton_get_type
goa_provider_get_type
-goa_oauth_provider_get_type
goa_oauth2_provider_get_type
diff --git a/po/POTFILES.in b/po/POTFILES.in
index b65650c..8ee89ae 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -22,7 +22,6 @@ src/goabackend/goasmtpauth.c
src/goabackend/goatelepathyprovider.c
src/goabackend/goatodoistprovider.c
src/goabackend/goautils.c
-src/goabackend/goawebview.c
src/goabackend/goawindowsliveprovider.c
src/goaidentity/goaidentityservice.c
src/goaidentity/goakerberosidentity.c
diff --git a/src/goabackend/Makefile.am b/src/goabackend/Makefile.am
index c254594..7f15518 100644
--- a/src/goabackend/Makefile.am
+++ b/src/goabackend/Makefile.am
@@ -19,7 +19,6 @@ AM_CPPFLAGS = \
-DPACKAGE_LOCALSTATE_DIR=\""$(localstatedir)"\" \
-DPACKAGE_LOCALE_DIR=\""$(localedir)"\" \
-DPACKAGE_LIB_DIR=\""$(libdir)"\" \
- -DPACKAGE_WEB_EXTENSIONS_DIR=\""$(libdir)/goa-1.0/web-extensions"\" \
-D_POSIX_PTHREAD_SEMANTICS -D_REENTRANT \
$(WARN_CFLAGS) \
$(NULL)
@@ -81,17 +80,13 @@ libgoa_backend_1_0_la_SOURCES = \
goasouplogger.h goasouplogger.c \
goamailclient.h goamailclient.c \
goaexchangeprovider.h goaexchangeprovider.c \
- goaoauthprovider.h goaoauthprovider.c \
goaoauth2provider.h goaoauth2provider-priv.h \
- goaoauth2provider-web-extension.h \
- goaoauth2provider-web-view.h \
goaoauth2provider.c \
goagoogleprovider.h goagoogleprovider.c \
goafacebookprovider.h goafacebookprovider.c \
goaimapsmtpprovider.h goaimapsmtpprovider.c \
goamediaserverprovider.h goamediaserverprovider.c \
goaowncloudprovider.h goaowncloudprovider.c \
- goaflickrprovider.h goaflickrprovider.c \
goafoursquareprovider.h goafoursquareprovider.c \
goawindowsliveprovider.h goawindowsliveprovider.c \
goapocketprovider.h goapocketprovider.c \
@@ -99,7 +94,6 @@ libgoa_backend_1_0_la_SOURCES = \
goatodoistprovider.h goatodoistprovider.c \
goaobjectskeletonutils.h goaobjectskeletonutils.c \
goautils.h goautils.c \
- goawebview.h goawebview.c \
nautilus-floating-bar.h nautilus-floating-bar.c \
$(top_builddir)/src/goaidentity/org.gnome.Identity.c \
$(top_srcdir)/src/goaidentity/goaidentitymanagererror.c \
@@ -119,7 +113,6 @@ libgoa_backend_1_0_la_SOURCES += \
endif
libgoa_backend_1_0_la_CFLAGS = \
- $(WEBKIT_GTK_CFLAGS) \
$(JSON_GLIB_CFLAGS) \
$(GCR_CFLAGS) \
$(GLIB_CFLAGS) \
@@ -134,7 +127,6 @@ libgoa_backend_1_0_la_CFLAGS = \
libgoa_backend_1_0_la_LIBADD = \
$(top_builddir)/src/goa/libgoa-1.0.la \
- $(WEBKIT_GTK_LIBS) \
$(JSON_GLIB_LIBS) \
$(GCR_LIBS) \
$(GLIB_LIBS) \
@@ -154,39 +146,29 @@ libgoa_backend_1_0_la_LDFLAGS = \
# ----------------------------------------------------------------------------------------------------
-webextension_LTLIBRARIES = libgoawebextension.la
+libexec_PROGRAMS = goa-oauth2-handler
-webextensiondir = $(libdir)/goa-1.0/web-extensions
-
-libgoawebextension_la_SOURCES = \
- goawebextension.h goawebextension.c \
- goawebextensionmain.c \
+goa_oauth2_handler_SOURCES = \
+ goaoauth2handler.c \
$(NULL)
-libgoawebextension_la_CFLAGS = \
- $(REST_CFLAGS) \
- $(WEBKIT_GTK_CFLAGS) \
+goa_oauth2_handler_CFLAGS = \
+ $(GLIB_CFLAGS) \
+ $(LIBSOUP_CFLAGS) \
+ $(SECRET_CFLAGS) \
+ -DG_LOG_DOMAIN=\"goa-oauth2-handler\" \
$(NULL)
-libgoawebextension_la_LIBADD = \
- libgoa-backend-1.0.la \
- $(REST_LIBS) \
- $(WEBKIT_GTK_LIBS) \
+goa_oauth2_handler_LDADD = \
+ $(GLIB_LIBS) \
+ $(LIBSOUP_LIBS) \
+ $(SECRET_LIBS) \
$(NULL)
-libgoawebextension_la_LDFLAGS = \
- -avoid-version \
- -module \
- -no-undefined \
+goa_oauth2_handler_LDFLAGS = \
+ $(WARN_LDFLAGS) \
$(NULL)
-# Force installation order: libgoa-backend-1.0 must be installed first, othwerwise
-# libtool will incorrectly relink libgoawebextension.la under parallel make install.
-# Requires ugly automake syntax - see http://debbugs.gnu.org/cgi/bugreport.cgi?bug=7328
-
-installwebextensionLTLIBRARIES = install-webextensionLTLIBRARIES
-$(installwebextensionLTLIBRARIES): install-libLTLIBRARIES
-
# ----------------------------------------------------------------------------------------------------
BUILT_SOURCES = \
diff --git a/src/goabackend/goafacebookprovider.c b/src/goabackend/goafacebookprovider.c
index c6033fb..c1d35d0 100644
--- a/src/goabackend/goafacebookprovider.c
+++ b/src/goabackend/goafacebookprovider.c
@@ -243,31 +243,6 @@ get_identity_sync (GoaOAuth2Provider *oauth2_provider,
/* ---------------------------------------------------------------------------------------------------- */
-static gboolean
-is_identity_node (GoaOAuth2Provider *oauth2_provider, WebKitDOMHTMLInputElement *element)
-{
- gboolean ret = FALSE;
- gchar *element_type = NULL;
- gchar *name = NULL;
-
- g_object_get (element, "type", &element_type, NULL);
- if (g_strcmp0 (element_type, "text") != 0)
- goto out;
-
- name = webkit_dom_html_input_element_get_name (element);
- if (g_strcmp0 (name, "email") != 0)
- goto out;
-
- ret = TRUE;
-
- out:
- g_free (element_type);
- g_free (name);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
static gboolean
build_object (GoaProvider *provider,
GoaObjectSkeleton *object,
@@ -367,6 +342,5 @@ goa_facebook_provider_class_init (GoaFacebookProviderClass *klass)
oauth2_class->get_client_id = get_client_id;
oauth2_class->get_client_secret = get_client_secret;
oauth2_class->get_identity_sync = get_identity_sync;
- oauth2_class->is_identity_node = is_identity_node;
oauth2_class->add_account_key_values = add_account_key_values;
}
diff --git a/src/goabackend/goaflickrprovider.c b/src/goabackend/goaflickrprovider.c
deleted file mode 100644
index 702ed1e..0000000
--- a/src/goabackend/goaflickrprovider.c
+++ /dev/null
@@ -1,364 +0,0 @@
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
-/*
- * Copyright (C) 2011 Willem van Engen <gnome@willem.engen.nl>
- * Copyright © 2012 2017 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "config.h"
-#include <glib/gi18n-lib.h>
-
-#include <rest/oauth-proxy.h>
-#include <json-glib/json-glib.h>
-
-#include "goaprovider.h"
-#include "goaprovider-priv.h"
-#include "goaflickrprovider.h"
-#include "goaobjectskeletonutils.h"
-#include "goasouplogger.h"
-
-struct _GoaFlickrProvider
-{
- GoaOAuthProvider parent_instance;
-};
-
-G_DEFINE_TYPE_WITH_CODE (GoaFlickrProvider, goa_flickr_provider, GOA_TYPE_OAUTH_PROVIDER,
- goa_provider_ensure_extension_points_registered ();
- g_io_extension_point_implement (GOA_PROVIDER_EXTENSION_POINT_NAME,
- g_define_type_id,
- GOA_FLICKR_NAME,
- 0));
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static const gchar *
-get_provider_type (GoaProvider *provider)
-{
- return GOA_FLICKR_NAME;
-}
-
-static gchar *
-get_provider_name (GoaProvider *provider,
- GoaObject *object)
-{
- return g_strdup (_("Flickr"));
-}
-
-static GoaProviderGroup
-get_provider_group (GoaProvider *provider)
-{
- return GOA_PROVIDER_GROUP_BRANDED;
-}
-
-static GoaProviderFeatures
-get_provider_features (GoaProvider *provider)
-{
- return GOA_PROVIDER_FEATURE_BRANDED | GOA_PROVIDER_FEATURE_PHOTOS;
-}
-
-static const gchar *
-get_consumer_key (GoaOAuthProvider *oauth_provider)
-{
- return GOA_FLICKR_CONSUMER_KEY;
-}
-
-static const gchar *
-get_consumer_secret (GoaOAuthProvider *oauth_provider)
-{
- return GOA_FLICKR_CONSUMER_SECRET;
-}
-
-static const gchar *
-get_request_uri (GoaOAuthProvider *oauth_provider)
-{
- return "https://www.flickr.com/services/oauth/request_token";
-}
-
-static const gchar *
-get_authorization_uri (GoaOAuthProvider *oauth_provider)
-{
- return "https://www.flickr.com/services/oauth/authorize";
-}
-
-static const gchar *
-get_token_uri (GoaOAuthProvider *oauth_provider)
-{
- return "https://www.flickr.com/services/oauth/access_token";
-}
-
-static const gchar *
-get_callback_uri (GoaOAuthProvider *oauth_provider)
-{
- /* Should match the URI specified in the Flickr App
- * Garden in order to detect when the user denied access via
- * the OAuth1 web page.
- */
- return "https://www.gnome.org/";
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gchar *
-get_identity_sync (GoaOAuthProvider *oauth_provider,
- const gchar *access_token,
- const gchar *access_token_secret,
- gchar **out_presentation_identity,
- GCancellable *cancellable,
- GError **error)
-{
- GError *identity_error = NULL;
- RestProxy *proxy = NULL;
- RestProxyCall *call = NULL;
- JsonParser *parser = NULL;
- JsonObject *json_object;
- SoupLogger *logger = NULL;
- gchar *ret = NULL;
- gchar *id = NULL;
- gchar *presentation_identity = NULL;
-
- /* TODO: cancellable */
-
- proxy = oauth_proxy_new_with_token (goa_oauth_provider_get_consumer_key (oauth_provider),
- goa_oauth_provider_get_consumer_secret (oauth_provider),
- access_token,
- access_token_secret,
- "https://api.flickr.com/services/rest",
- FALSE);
- logger = goa_soup_logger_new (SOUP_LOGGER_LOG_BODY, -1);
- rest_proxy_add_soup_feature (proxy, SOUP_SESSION_FEATURE (logger));
-
- call = rest_proxy_new_call (proxy);
- rest_proxy_call_add_param (call, "method", "flickr.test.login");
- rest_proxy_call_add_param (call, "format", "json");
- rest_proxy_call_add_param (call, "nojsoncallback", "1");
- rest_proxy_call_set_method (call, "GET");
-
- if (!rest_proxy_call_sync (call, error))
- goto out;
- if (rest_proxy_call_get_status_code (call) != 200)
- {
- g_set_error (error,
- GOA_ERROR,
- GOA_ERROR_FAILED,
- _("Expected status 200 when requesting your identity, instead got status %d (%s)"),
- rest_proxy_call_get_status_code (call),
- rest_proxy_call_get_status_message (call));
- goto out;
- }
-
- parser = json_parser_new ();
- if (!json_parser_load_from_data (parser,
- rest_proxy_call_get_payload (call),
- rest_proxy_call_get_payload_length (call),
- &identity_error))
- {
- g_warning ("json_parser_load_from_data() failed: %s (%s, %d)",
- identity_error->message,
- g_quark_to_string (identity_error->domain),
- identity_error->code);
- g_set_error (error,
- GOA_ERROR,
- GOA_ERROR_FAILED,
- _("Could not parse response"));
- goto out;
- }
-
- json_object = json_node_get_object (json_parser_get_root (parser));
- if (!json_object_has_member (json_object, "user"))
- {
- g_warning ("Did not find user in JSON data");
- g_set_error (error,
- GOA_ERROR,
- GOA_ERROR_FAILED,
- _("Could not parse response"));
- goto out;
- }
-
- json_object = json_object_get_object_member (json_object, "user");
- if (!json_object_has_member (json_object, "id"))
- {
- g_warning ("Did not find user.id in JSON data");
- g_set_error (error,
- GOA_ERROR,
- GOA_ERROR_FAILED,
- _("Could not parse response"));
- goto out;
- }
- if (!json_object_has_member (json_object, "username"))
- {
- g_warning ("Did not find user.username in JSON data");
- g_set_error (error,
- GOA_ERROR,
- GOA_ERROR_FAILED,
- _("Could not parse response"));
- goto out;
- }
-
- id = g_strdup (json_object_get_string_member (json_object, "id"));
-
- json_object = json_object_get_object_member (json_object, "username");
- if (!json_object_has_member (json_object, "_content"))
- {
- g_warning ("Did not find user.username._content in JSON data");
- g_set_error (error,
- GOA_ERROR,
- GOA_ERROR_FAILED,
- _("Could not parse response"));
- goto out;
- }
-
- presentation_identity = g_strdup (json_object_get_string_member (json_object, "_content"));
-
- ret = id;
- id = NULL;
- if (out_presentation_identity != NULL)
- {
- *out_presentation_identity = presentation_identity;
- presentation_identity = NULL;
- }
-
- out:
- g_clear_object (&parser);
- g_clear_error (&identity_error);
- g_clear_object (&call);
- g_clear_object (&proxy);
- g_clear_object (&logger);
- g_free (id);
- g_free (presentation_identity);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gboolean
-is_identity_node (GoaOAuthProvider *oauth_provider, WebKitDOMHTMLInputElement *element)
-{
- /* Flickr does not provide a way to query the string used by the
- * user to log in via the web interface. The user id and username
- * returned by flickr.test.login [1] are not what we are looking
- * for.
- *
- * [1] http://www.flickr.com/services/api/flickr.test.login.html
- */
- return FALSE;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gchar *
-parse_request_token_error (GoaOAuthProvider *oauth_provider, RestProxyCall *call)
-{
- const gchar *payload;
- gchar *msg = NULL;
- guint status;
-
- payload = rest_proxy_call_get_payload (call);
- status = rest_proxy_call_get_status_code (call);
-
- if (status == 401 && g_strcmp0 (payload, "oauth_problem=timestamp_refused") == 0)
- msg = g_strdup (_("Your system time is invalid. Check your date and time settings."));
-
- return msg;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gboolean
-build_object (GoaProvider *provider,
- GoaObjectSkeleton *object,
- GKeyFile *key_file,
- const gchar *group,
- GDBusConnection *connection,
- gboolean just_added,
- GError **error)
-{
- GoaAccount *account = NULL;
- gboolean photos_enabled;
- gboolean ret = FALSE;
-
- /* Chain up */
- if (!GOA_PROVIDER_CLASS (goa_flickr_provider_parent_class)->build_object (provider,
- object,
- key_file,
- group,
- connection,
- just_added,
- error))
- goto out;
-
- account = goa_object_get_account (GOA_OBJECT (object));
-
- /* Photos */
- photos_enabled = g_key_file_get_boolean (key_file, group, "PhotosEnabled", NULL);
- goa_object_skeleton_attach_photos (object, photos_enabled);
-
- if (just_added)
- {
- goa_account_set_photos_disabled (account, !photos_enabled);
-
- g_signal_connect (account,
- "notify::photos-disabled",
- G_CALLBACK (goa_util_account_notify_property_cb),
- (gpointer) "PhotosEnabled");
- }
-
- ret = TRUE;
-
- out:
- g_clear_object (&account);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
-add_account_key_values (GoaOAuthProvider *oauth_provider,
- GVariantBuilder *builder)
-{
- g_variant_builder_add (builder, "{ss}", "PhotosEnabled", "true");
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
-goa_flickr_provider_init (GoaFlickrProvider *self)
-{
-}
-
-static void
-goa_flickr_provider_class_init (GoaFlickrProviderClass *klass)
-{
- GoaProviderClass *provider_class;
- GoaOAuthProviderClass *oauth_class;
-
- provider_class = GOA_PROVIDER_CLASS (klass);
- provider_class->get_provider_type = get_provider_type;
- provider_class->get_provider_name = get_provider_name;
- provider_class->get_provider_group = get_provider_group;
- provider_class->get_provider_features = get_provider_features;
- provider_class->build_object = build_object;
-
- oauth_class = GOA_OAUTH_PROVIDER_CLASS (klass);
- oauth_class->get_identity_sync = get_identity_sync;
- oauth_class->is_identity_node = is_identity_node;
- oauth_class->get_consumer_key = get_consumer_key;
- oauth_class->get_consumer_secret = get_consumer_secret;
- oauth_class->get_request_uri = get_request_uri;
- oauth_class->get_authorization_uri = get_authorization_uri;
- oauth_class->get_token_uri = get_token_uri;
- oauth_class->get_callback_uri = get_callback_uri;
- oauth_class->parse_request_token_error = parse_request_token_error;
- oauth_class->add_account_key_values = add_account_key_values;
-}
diff --git a/src/goabackend/goaflickrprovider.h b/src/goabackend/goaflickrprovider.h
deleted file mode 100644
index f08a8a6..0000000
--- a/src/goabackend/goaflickrprovider.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
-/*
- * Copyright © 2012 Willem van Engen <gnome@willem.engen.nl>
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#if !defined (__GOA_BACKEND_INSIDE_GOA_BACKEND_H__) && !defined (GOA_BACKEND_COMPILATION)
-#error "Only <goabackend/goabackend.h> can be included directly."
-#endif
-
-#ifndef __GOA_FLICKR_PROVIDER_H__
-#define __GOA_FLICKR_PROVIDER_H__
-
-#include <glib-object.h>
-
-#include "goaoauthprovider.h"
-
-G_BEGIN_DECLS
-
-#define GOA_TYPE_FLICKR_PROVIDER (goa_flickr_provider_get_type ())
-G_DECLARE_FINAL_TYPE (GoaFlickrProvider, goa_flickr_provider, GOA, FLICKR_PROVIDER, GoaOAuthProvider);
-
-G_END_DECLS
-
-#endif /* __GOA_FLICKR_PROVIDER_H__ */
diff --git a/src/goabackend/goafoursquareprovider.c b/src/goabackend/goafoursquareprovider.c
index c1e4146..def21cb 100644
--- a/src/goabackend/goafoursquareprovider.c
+++ b/src/goabackend/goafoursquareprovider.c
@@ -251,31 +251,6 @@ get_identity_sync (GoaOAuth2Provider *oauth2_provider,
/* ---------------------------------------------------------------------------------------------------- */
-static gboolean
-is_identity_node (GoaOAuth2Provider *oauth2_provider, WebKitDOMHTMLInputElement *element)
-{
- gboolean ret = FALSE;
- gchar *element_type = NULL;
- gchar *name = NULL;
-
- g_object_get (element, "type", &element_type, NULL);
- if (g_strcmp0 (element_type, "email") != 0)
- goto out;
-
- name = webkit_dom_html_input_element_get_name (element);
- if (g_strcmp0 (name, "emailOrPhone") != 0)
- goto out;
-
- ret = TRUE;
-
- out:
- g_free (element_type);
- g_free (name);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
static gboolean
build_object (GoaProvider *provider,
GoaObjectSkeleton *object,
@@ -366,6 +341,5 @@ goa_foursquare_provider_class_init (GoaFoursquareProviderClass *klass)
oauth2_class->get_client_secret = get_client_secret;
oauth2_class->get_use_mobile_browser = get_use_mobile_browser;
oauth2_class->get_identity_sync = get_identity_sync;
- oauth2_class->is_identity_node = is_identity_node;
oauth2_class->add_account_key_values = add_account_key_values;
}
diff --git a/src/goabackend/goagoogleprovider.c b/src/goabackend/goagoogleprovider.c
index 6e4ace2..6f951e5 100644
--- a/src/goabackend/goagoogleprovider.c
+++ b/src/goabackend/goagoogleprovider.c
@@ -32,6 +32,7 @@
struct _GoaGoogleProvider
{
GoaOAuth2Provider parent_instance;
+ gchar *redirect_uri;
};
G_DEFINE_TYPE_WITH_CODE (GoaGoogleProvider, goa_google_provider, GOA_TYPE_OAUTH2_PROVIDER,
@@ -81,19 +82,50 @@ get_provider_features (GoaProvider *provider)
static const gchar *
get_authorization_uri (GoaOAuth2Provider *oauth2_provider)
{
- return "https://accounts.google.com/o/oauth2/auth";
+ return "https://accounts.google.com/o/oauth2/v2/auth";
}
static const gchar *
get_token_uri (GoaOAuth2Provider *oauth2_provider)
{
- return "https://accounts.google.com/o/oauth2/token";
+ return "https://oauth2.googleapis.com/token";
}
static const gchar *
get_redirect_uri (GoaOAuth2Provider *oauth2_provider)
{
- return "http://localhost";
+ G_LOCK_DEFINE_STATIC (redirect_uri);
+ GoaGoogleProvider *self = GOA_GOOGLE_PROVIDER (oauth2_provider);
+
+ G_LOCK (redirect_uri);
+
+ if (!self->redirect_uri) {
+ GPtrArray *array;
+ gchar **strv;
+ gchar *joinstr;
+ guint ii;
+
+ strv = g_strsplit (GOA_GOOGLE_CLIENT_ID, ".", -1);
+ array = g_ptr_array_new ();
+
+ for (ii = 0; strv[ii]; ii++) {
+ g_ptr_array_insert (array, 0, strv[ii]);
+ }
+
+ g_ptr_array_add (array, NULL);
+
+ joinstr = g_strjoinv (".", (gchar **) array->pdata);
+ /* Use reverse-DNS of the client ID with the below path */
+ self->redirect_uri = g_strconcat (joinstr, ":/oauth2redirect", NULL);
+
+ g_ptr_array_free (array, TRUE);
+ g_strfreev (strv);
+ g_free (joinstr);
+ }
+
+ G_UNLOCK (redirect_uri);
+
+ return self->redirect_uri;
}
static const gchar *
@@ -241,37 +273,6 @@ get_identity_sync (GoaOAuth2Provider *oauth2_provider,
/* ---------------------------------------------------------------------------------------------------- */
-static gboolean
-is_identity_node (GoaOAuth2Provider *oauth2_provider, WebKitDOMHTMLInputElement *element)
-{
- gboolean ret = FALSE;
- gchar *element_type = NULL;
- gchar *id = NULL;
- gchar *name = NULL;
-
- g_object_get (element, "type", &element_type, NULL);
- if (g_strcmp0 (element_type, "email") != 0)
- goto out;
-
- id = webkit_dom_element_get_id (WEBKIT_DOM_ELEMENT (element));
- if (g_strcmp0 (id, "identifierId") != 0)
- goto out;
-
- name = webkit_dom_html_input_element_get_name (element);
- if (g_strcmp0 (name, "identifier") != 0)
- goto out;
-
- ret = TRUE;
-
- out:
- g_free (element_type);
- g_free (id);
- g_free (name);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
static gboolean
build_object (GoaProvider *provider,
GoaObjectSkeleton *object,
@@ -446,6 +447,16 @@ add_account_key_values (GoaOAuth2Provider *oauth2_provider,
/* ---------------------------------------------------------------------------------------------------- */
+static void
+goa_google_finalize (GObject *object)
+{
+ GoaGoogleProvider *self = GOA_GOOGLE_PROVIDER (object);
+
+ g_free (self->redirect_uri);
+
+ G_OBJECT_CLASS (goa_google_provider_parent_class)->finalize (object);
+}
+
static void
goa_google_provider_init (GoaGoogleProvider *self)
{
@@ -456,6 +467,10 @@ goa_google_provider_class_init (GoaGoogleProviderClass *klass)
{
GoaProviderClass *provider_class;
GoaOAuth2ProviderClass *oauth2_class;
+ GObjectClass *object_class;
+
+ object_class = G_OBJECT_CLASS (klass);
+ object_class->finalize = goa_google_finalize;
provider_class = GOA_PROVIDER_CLASS (klass);
provider_class->get_provider_type = get_provider_type;
@@ -472,7 +487,6 @@ goa_google_provider_class_init (GoaGoogleProviderClass *klass)
oauth2_class->get_identity_sync = get_identity_sync;
oauth2_class->get_redirect_uri = get_redirect_uri;
oauth2_class->get_scope = get_scope;
- oauth2_class->is_identity_node = is_identity_node;
oauth2_class->get_token_uri = get_token_uri;
oauth2_class->add_account_key_values = add_account_key_values;
}
diff --git a/src/goabackend/goaoauth2handler.c b/src/goabackend/goaoauth2handler.c
new file mode 100644
index 0000000..c5a86cb
--- /dev/null
+++ b/src/goabackend/goaoauth2handler.c
@@ -0,0 +1,173 @@
+/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
+/*
+ * Copyright © 2023 GNOME Foundation Inc.
+ * Contributor: Andy Holmes <andyholmes@gnome.org>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "config.h"
+
+#include <glib.h>
+#include <libsoup/soup.h>
+#include <libsecret/secret.h>
+
+
+static const SecretSchema oauth2_schema =
+{
+ .name = "org.gnome.OnlineAccounts.OAuth2",
+ .flags = SECRET_SCHEMA_NONE,
+ .attributes = {
+ {
+ .name = "goa-oauth2-client",
+ .type = SECRET_SCHEMA_ATTRIBUTE_STRING,
+ },
+ {
+ .name = "goa-oauth2-provider",
+ .type = SECRET_SCHEMA_ATTRIBUTE_STRING,
+ },
+ { "NULL", 0 }
+ }
+};
+
+static struct
+{
+ const char *client_id;
+ const char *provider;
+}
+oauth2_providers[] =
+{
+#ifdef GOA_GOOGLE_ENABLED
+ {
+ .client_id = GOA_GOOGLE_CLIENT_ID,
+ .provider = GOA_GOOGLE_NAME,
+ },
+#endif
+#ifdef GOA_WINDOWS_LIVE_ENABLED
+ {
+ .client_id = GOA_WINDOWS_LIVE_CLIENT_ID,
+ .provider = GOA_WINDOWS_LIVE_NAME,
+ },
+#endif
+ { NULL, NULL },
+};
+
+static gboolean
+get_oauth2_provider (const char *needle,
+ const char **client_out,
+ const char **provider_out)
+{
+ g_return_val_if_fail (needle != NULL, FALSE);
+
+ for (unsigned int i = 0; oauth2_providers[i].client_id != NULL; i++)
+ {
+ if (g_str_equal (needle, oauth2_providers[i].client_id))
+ {
+ if (client_out)
+ *client_out = oauth2_providers[i].client_id;
+
+ if (provider_out)
+ *provider_out = oauth2_providers[i].provider;
+
+ return TRUE;
+ }
+ }
+
+ return FALSE;
+}
+
+int
+main (int argc,
+ char **argv)
+{
+ SoupURI *uri = NULL;
+ const char *scheme = NULL;
+ const char *path = NULL;
+ const char *client_id = NULL;
+ const char *provider_type = NULL;
+ GError *error = NULL;
+
+ if (argc < 2)
+ {
+ g_printerr ("%s: Missing URI\n", argv[0]);
+ return EXIT_FAILURE;
+ }
+
+ uri = soup_uri_new (argv[1]);
+ if (uri == NULL)
+ {
+ g_printerr ("%s: Invalid URI: %s\n", argv[0], argv[1]);
+ return EXIT_FAILURE;
+ }
+
+ /* Google apps may use a reverse-DNS form of the client ID as the URI scheme
+ * See: https://developers.google.com/identity/protocols/oauth2/native-app
+ */
+ scheme = soup_uri_get_scheme (uri);
+ if (scheme != NULL)
+ {
+ g_auto (GStrv) strv = g_strsplit (scheme, ".", -1);
+ g_autoptr (GString) tmp = g_string_new ("");
+
+ for (unsigned int i = 0; strv[i] != NULL; i++)
+ {
+ if (i > 0)
+ g_string_prepend_c (tmp, '.');
+ g_string_prepend (tmp, strv[i]);
+ }
+
+ get_oauth2_provider (tmp->str, &client_id, &provider_type);
+ }
+
+ /* Windows Live uses goa-oauth2:// with the client ID as the first path segment
+ */
+ if (client_id == NULL)
+ {
+ path = soup_uri_get_path (uri);
+ if (path != NULL && *path != '\0')
+ {
+ g_auto (GStrv) strv = NULL;
+
+ strv = g_strsplit (*path == '/' ? path +1 : path, "/", 1);
+ get_oauth2_provider (strv[0], &client_id, &provider_type);
+ }
+ }
+
+ if (client_id == NULL)
+ {
+ g_printerr ("%s: Unknown provider\n", argv[0]);
+ soup_uri_free (uri);
+ return EXIT_FAILURE;
+ }
+
+ if (!secret_password_store_sync (&oauth2_schema,
+ SECRET_COLLECTION_SESSION,
+ "GNOME Online Accounts OAuth2 URI",
+ argv[1], /* Secret */
+ NULL,
+ &error,
+ "goa-oauth2-client", client_id,
+ "goa-oauth2-provider", provider_type,
+ NULL))
+ {
+ if (error != NULL)
+ g_printerr ("%s: Failed to store OAuth2 URI: %s\n", argv[0], error->message);
+
+ soup_uri_free (uri);
+ g_clear_error (&error);
+ return EXIT_FAILURE;
+ }
+
+ return EXIT_SUCCESS;
+}
diff --git a/src/goabackend/goaoauth2provider-priv.h b/src/goabackend/goaoauth2provider-priv.h
index de1b808..4b00a24 100644
--- a/src/goabackend/goaoauth2provider-priv.h
+++ b/src/goabackend/goaoauth2provider-priv.h
@@ -26,8 +26,6 @@
#include <gio/gio.h>
#include <goabackend/goaoauth2provider.h>
#include <goabackend/goaprovider-priv.h>
-#include <webkit2/webkit2.h>
-#include <webkitdom/webkitdom.h>
G_BEGIN_DECLS
@@ -51,11 +49,7 @@ G_BEGIN_DECLS
* @build_authorization_uri: Virtual function for goa_oauth2_provider_build_authorization_uri().
* @get_use_mobile_browser: Virtual function for goa_oauth2_provider_get_use_mobile_browser().
* @add_account_key_values: Virtual function for goa_oauth2_provider_add_account_key_values().
- * @decide_navigation_policy: Virtual function for goa_oauth2_provider_decide_navigation_policy().
* @process_redirect_url: Virtual function for goa_oauth2_provider_process_redirect_url().
- * @is_deny_node: Virtual function for goa_oauth2_provider_is_deny_node().
- * @is_identity_node: Virtual function for goa_oauth2_provider_is_identity_node().
- * @is_password_node: Virtual function for goa_oauth2_provider_is_password_node().
*
* Class structure for #GoaOAuth2Provider.
*/
@@ -86,18 +80,7 @@ struct _GoaOAuth2ProviderClass
void (*add_account_key_values) (GoaOAuth2Provider *provider,
GVariantBuilder *builder);
- /* pure virtual */
- gboolean (*is_identity_node) (GoaOAuth2Provider *provider,
- WebKitDOMHTMLInputElement *element);
-
/* virtual but with default implementation */
- gboolean (*is_deny_node) (GoaOAuth2Provider *provider,
- WebKitDOMNode *node);
- gboolean (*is_password_node) (GoaOAuth2Provider *provider,
- WebKitDOMHTMLInputElement *element);
- gboolean (*decide_navigation_policy) (GoaOAuth2Provider *provider,
- WebKitWebView *web_view,
- WebKitNavigationPolicyDecision *decision);
gboolean (*process_redirect_url) (GoaOAuth2Provider *provider,
const gchar *redirect_url,
gchar **access_token,
diff --git a/src/goabackend/goaoauth2provider-web-extension.h b/src/goabackend/goaoauth2provider-web-extension.h
deleted file mode 100644
index baac005..0000000
--- a/src/goabackend/goaoauth2provider-web-extension.h
+++ /dev/null
@@ -1,40 +0,0 @@
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
-/*
- * Copyright © 2016 2017 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#if !defined (__GOA_BACKEND_INSIDE_GOA_BACKEND_H__) && !defined (GOA_BACKEND_COMPILATION)
-#error "Only <goabackend/goabackend.h> can be included directly."
-#endif
-
-#ifndef __GOA_OAUTH2_PROVIDER_WEB_EXTENSION_H__
-#define __GOA_OAUTH2_PROVIDER_WEB_EXTENSION_H__
-
-#include <goabackend/goaoauth2provider.h>
-#include <webkitdom/webkitdom.h>
-
-G_BEGIN_DECLS
-
-gboolean goa_oauth2_provider_is_deny_node (GoaOAuth2Provider *provider,
- WebKitDOMNode *node);
-gboolean goa_oauth2_provider_is_identity_node (GoaOAuth2Provider *provider,
- WebKitDOMHTMLInputElement *element);
-gboolean goa_oauth2_provider_is_password_node (GoaOAuth2Provider *provider,
- WebKitDOMHTMLInputElement *element);
-
-G_END_DECLS
-
-#endif /* __GOA_OAUTH2_PROVIDER_WEB_EXTENSION_H__ */
diff --git a/src/goabackend/goaoauth2provider-web-view.h b/src/goabackend/goaoauth2provider-web-view.h
deleted file mode 100644
index f2dae5e..0000000
--- a/src/goabackend/goaoauth2provider-web-view.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
-/*
- * Copyright © 2016 2017 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#if !defined (__GOA_BACKEND_INSIDE_GOA_BACKEND_H__) && !defined (GOA_BACKEND_COMPILATION)
-#error "Only <goabackend/goabackend.h> can be included directly."
-#endif
-
-#ifndef __GOA_OAUTH2_PROVIDER_WEB_VIEW_H__
-#define __GOA_OAUTH2_PROVIDER_WEB_VIEW_H__
-
-#include <goabackend/goaoauth2provider.h>
-#include <webkit2/webkit2.h>
-
-G_BEGIN_DECLS
-
-gboolean goa_oauth2_provider_decide_navigation_policy (GoaOAuth2Provider *provider,
- WebKitWebView *web_view,
- WebKitNavigationPolicyDecision *decision);
-
-G_END_DECLS
-
-#endif /* __GOA_OAUTH2_PROVIDER_WEB_VIEW_H__ */
diff --git a/src/goabackend/goaoauth2provider.c b/src/goabackend/goaoauth2provider.c
index 9092605..1ceacb5 100644
--- a/src/goabackend/goaoauth2provider.c
+++ b/src/goabackend/goaoauth2provider.c
@@ -22,16 +22,13 @@
#include <rest/oauth2-proxy.h>
#include <libsoup/soup.h>
+#include <libsecret/secret.h>
#include <json-glib/json-glib.h>
-#include <webkit2/webkit2.h>
#include "goaprovider.h"
#include "goautils.h"
-#include "goawebview.h"
#include "goaoauth2provider.h"
#include "goaoauth2provider-priv.h"
-#include "goaoauth2provider-web-extension.h"
-#include "goaoauth2provider-web-view.h"
#include "goarestproxy.h"
/**
@@ -81,6 +78,8 @@ struct _GoaOAuth2ProviderPrivate
gchar *identity;
gchar *presentation_identity;
gchar *password;
+ gchar *request_uri;
+ SecretCollection *session;
};
G_LOCK_DEFINE_STATIC (provider_lock);
@@ -134,70 +133,6 @@ goa_oauth2_provider_get_use_mobile_browser (GoaOAuth2Provider *self)
/* ---------------------------------------------------------------------------------------------------- */
-static gboolean
-goa_oauth2_provider_is_deny_node_default (GoaOAuth2Provider *self, WebKitDOMNode *node)
-{
- return FALSE;
-}
-
-/**
- * goa_oauth2_provider_is_deny_node:
- * @self: A #GoaOAuth2Provider.
- * @node: A WebKitDOMNode.
- *
- * Checks whether @node is the HTML UI element that the user can use
- * to deny permission to access his account. Usually they are either a
- * WebKitDOMHTMLButtonElement or a WebKitDOMHTMLInputElement.
- *
- * Please note that providers may have multiple such elements in their
- * UI and this method should catch all of them.
- *
- * This is a virtual method where the default implementation returns
- * %FALSE.
- *
- * Returns: %TRUE if the @node can be used to deny permission.
- */
-gboolean
-goa_oauth2_provider_is_deny_node (GoaOAuth2Provider *self, WebKitDOMNode *node)
-{
- g_return_val_if_fail (GOA_IS_OAUTH2_PROVIDER (self), FALSE);
- return GOA_OAUTH2_PROVIDER_GET_CLASS (self)->is_deny_node (self, node);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gboolean
-goa_oauth2_provider_is_password_node_default (GoaOAuth2Provider *self, WebKitDOMHTMLInputElement *element)
-{
- return FALSE;
-}
-
-/**
- * goa_oauth2_provider_is_password_node:
- * @self: A #GoaOAuth2Provider.
- * @element: A WebKitDOMHTMLInputElement
- *
- * Checks whether @element is the HTML UI element that the user can
- * use to enter her password. This can be used to offer a
- * #GoaPasswordBased interface by saving the user's
- * password. Providers usually frown upon doing this, so this is not
- * recommended.
- *
- * This is a virtual method where the default implementation returns
- * %FALSE.
- *
- * Returns: %TRUE if @element can be used to enter the password.
- */
-gboolean
-goa_oauth2_provider_is_password_node (GoaOAuth2Provider *self, WebKitDOMHTMLInputElement *element)
-{
- g_return_val_if_fail (GOA_IS_OAUTH2_PROVIDER (self), FALSE);
- g_return_val_if_fail (WEBKIT_DOM_IS_HTML_INPUT_ELEMENT (element), FALSE);
- return GOA_OAUTH2_PROVIDER_GET_CLASS (self)->is_password_node (self, element);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
static void
goa_oauth2_provider_add_account_key_values_default (GoaOAuth2Provider *self,
GVariantBuilder *builder)
@@ -287,45 +222,6 @@ goa_oauth2_provider_build_authorization_uri (GoaOAuth2Provider *self,
/* ---------------------------------------------------------------------------------------------------- */
-static gboolean
-goa_oauth2_provider_decide_navigation_policy_default (GoaOAuth2Provider *self,
- WebKitWebView *web_view,
- WebKitNavigationPolicyDecision *decision)
-{
- return FALSE;
-}
-
-/*
- * goa_oauth2_provider_decide_navigation_policy_default:
- * @self: A #GoaOAuth2Provider.
- * @decision: A #WebKitNavigationPolicyDecision
- *
- * Certain OAuth2-like, but not exactly <ulink
- * url="http://tools.ietf.org/html/draft-ietf-oauth-v2-15">OAuth2</ulink>,
- * providers may not send us to the redirect URI, as expected. They
- * might need some special handling for that. This is a provider
- * specific hook to accommodate them.
- *
- * This is a virtual method where the default implementation returns
- * %FALSE.
- *
- * Returns: %TRUE if @provider decided what to do with @decision,
- * %FALSE otherwise.
- */
-gboolean
-goa_oauth2_provider_decide_navigation_policy (GoaOAuth2Provider *self,
- WebKitWebView *web_view,
- WebKitNavigationPolicyDecision *decision)
-{
- g_return_val_if_fail (GOA_IS_OAUTH2_PROVIDER (self), FALSE);
- g_return_val_if_fail (WEBKIT_IS_WEB_VIEW (web_view), FALSE);
- g_return_val_if_fail (WEBKIT_IS_NAVIGATION_POLICY_DECISION (decision), FALSE);
-
- return GOA_OAUTH2_PROVIDER_GET_CLASS (self)->decide_navigation_policy (self, web_view, decision);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
/**
* goa_oauth2_provider_process_redirect_url:
* @self: A #GoaOAuth2Provider.
@@ -551,26 +447,6 @@ goa_oauth2_provider_get_identity_sync (GoaOAuth2Provider *self,
error);
}
-/**
- * goa_oauth2_provider_is_identity_node:
- * @self: A #GoaOAuth2Provider.
- * @element: A WebKitDOMHTMLInputElement.
- *
- * Checks whether @element is the HTML UI element that the user can
- * use to identify herself at the provider.
- *
- * This is a pure virtual method - a subclass must provide an
- * implementation.
- *
- * Returns: %TRUE if the @element can be used to deny permission.
- */
-gboolean
-goa_oauth2_provider_is_identity_node (GoaOAuth2Provider *self, WebKitDOMHTMLInputElement *element)
-{
- g_return_val_if_fail (GOA_IS_OAUTH2_PROVIDER (self), FALSE);
- return GOA_OAUTH2_PROVIDER_GET_CLASS (self)->is_identity_node (self, element);
-}
-
/* ---------------------------------------------------------------------------------------------------- */
static gchar *
@@ -730,72 +606,42 @@ get_tokens_sync (GoaOAuth2Provider *self,
/* ---------------------------------------------------------------------------------------------------- */
-static void
-on_web_view_deny_click (GoaWebView *web_view, gpointer user_data)
-{
- GoaOAuth2Provider *self = GOA_OAUTH2_PROVIDER (user_data);
- GoaOAuth2ProviderPrivate *priv;
-
- priv = goa_oauth2_provider_get_instance_private (self);
- gtk_dialog_response (priv->dialog, GTK_RESPONSE_CANCEL);
-}
-
-static void
-on_web_view_password_submit (GoaWebView *web_view, const gchar *password, gpointer user_data)
-{
- GoaOAuth2Provider *self = GOA_OAUTH2_PROVIDER (user_data);
- GoaOAuth2ProviderPrivate *priv;
-
- priv = goa_oauth2_provider_get_instance_private (self);
-
- g_free (priv->password);
- priv->password = g_strdup (password);
-}
-
static gboolean
-on_web_view_decide_policy (WebKitWebView *web_view,
- WebKitPolicyDecision *decision,
- WebKitPolicyDecisionType decision_type,
- gpointer user_data)
+parse_requested_uri (GoaOAuth2Provider *self,
+ const char *requested_uri)
{
- GoaOAuth2Provider *self = GOA_OAUTH2_PROVIDER (user_data);
- GoaOAuth2ProviderPrivate *priv;
+ GoaOAuth2ProviderPrivate *priv = goa_oauth2_provider_get_instance_private (self);
GHashTable *key_value_pairs;
- WebKitNavigationAction *action;
- WebKitURIRequest *request;
SoupURI *uri;
const gchar *fragment;
const gchar *oauth2_error;
const gchar *query;
const gchar *redirect_uri;
- const gchar *requested_uri;
- gint response_id = GTK_RESPONSE_NONE;
-
- priv = goa_oauth2_provider_get_instance_private (self);
-
- if (decision_type != WEBKIT_POLICY_DECISION_TYPE_NAVIGATION_ACTION)
- goto default_behaviour;
-
- if (goa_oauth2_provider_decide_navigation_policy (self,
- web_view,
- WEBKIT_NAVIGATION_POLICY_DECISION (decision)))
- {
- response_id = 0;
- goto ignore_request;
- }
/* TODO: use oauth2_proxy_extract_access_token() */
+ g_assert (priv->error == NULL);
- action = webkit_navigation_policy_decision_get_navigation_action (WEBKIT_NAVIGATION_POLICY_DECISION (decision));
- request = webkit_navigation_action_get_request (action);
- requested_uri = webkit_uri_request_get_uri (request);
redirect_uri = goa_oauth2_provider_get_redirect_uri (self);
if (!g_str_has_prefix (requested_uri, redirect_uri))
- goto default_behaviour;
+ {
+ g_set_error (&priv->error,
+ GOA_ERROR,
+ GOA_ERROR_FAILED,
+ "Invalid URI: %s",
+ requested_uri);
+ return FALSE;
+ }
uri = soup_uri_new (requested_uri);
- fragment = soup_uri_get_fragment (uri);
- query = soup_uri_get_query (uri);
+ if (uri == NULL)
+ {
+ g_set_error (&priv->error,
+ GOA_ERROR,
+ GOA_ERROR_FAILED,
+ "Invalid URI: %s",
+ requested_uri);
+ return FALSE;
+ }
/* Three cases:
* 1) we can either have the backend handle the URI for us, or
@@ -806,23 +652,23 @@ on_web_view_decide_policy (WebKitWebView *web_view,
*/
if (GOA_OAUTH2_PROVIDER_GET_CLASS (self)->process_redirect_url)
{
- gchar *url;
+ g_autofree char *url = NULL;
url = soup_uri_to_string (uri, FALSE);
+ soup_uri_free (uri);
if (!goa_oauth2_provider_process_redirect_url (self, url, &priv->access_token, &priv->error))
{
g_prefix_error (&priv->error, _("Authorization response: "));
priv->error->domain = GOA_ERROR;
priv->error->code = GOA_ERROR_NOT_AUTHORIZED;
- response_id = GTK_RESPONSE_CLOSE;
+
+ return FALSE;
}
- else
- response_id = GTK_RESPONSE_OK;
- g_free (url);
- goto ignore_request;
+ return TRUE;
}
+ fragment = soup_uri_get_fragment (uri);
if (fragment != NULL)
{
/* fragment is encoded into a key/value pairs for the token and
@@ -846,57 +692,175 @@ on_web_view_decide_policy (WebKitWebView *web_view,
priv->access_token_expires_in = atoi (expires_in_str);
priv->refresh_token = g_strdup (g_hash_table_lookup (key_value_pairs, "refresh_token"));
-
- response_id = GTK_RESPONSE_OK;
}
g_hash_table_unref (key_value_pairs);
- }
- if (priv->access_token != NULL)
- goto ignore_request;
+ if (priv->access_token != NULL)
+ {
+ soup_uri_free (uri);
+ return TRUE;
+ }
+ }
+ query = soup_uri_get_query (uri);
if (query != NULL)
{
key_value_pairs = soup_form_decode (query);
priv->authorization_code = g_strdup (g_hash_table_lookup (key_value_pairs, "code"));
- if (priv->authorization_code != NULL)
- response_id = GTK_RESPONSE_OK;
-
g_hash_table_unref (key_value_pairs);
+ if (priv->authorization_code != NULL)
+ {
+ soup_uri_free (uri);
+ return TRUE;
+ }
}
- if (priv->authorization_code != NULL)
- goto ignore_request;
-
/* In case we don't find the access_token or auth code, then look
* for the error in the query part of the URI.
*/
key_value_pairs = soup_form_decode (query);
oauth2_error = (const gchar *) g_hash_table_lookup (key_value_pairs, "error");
if (g_strcmp0 (oauth2_error, GOA_OAUTH2_ACCESS_DENIED) == 0)
- response_id = GTK_RESPONSE_CANCEL;
- else
{
g_set_error (&priv->error,
GOA_ERROR,
GOA_ERROR_NOT_AUTHORIZED,
_("Authorization response: %s"),
oauth2_error);
- response_id = GTK_RESPONSE_CLOSE;
+ }
+ else
+ {
+ g_set_error_literal (&priv->error,
+ GOA_ERROR,
+ GOA_ERROR_FAILED,
+ _("Failed to authenticate"));
}
g_hash_table_unref (key_value_pairs);
- goto ignore_request;
+ soup_uri_free (uri);
+ return FALSE;
+}
- ignore_request:
- g_assert (response_id != GTK_RESPONSE_NONE);
- if (response_id < 0)
- gtk_dialog_response (priv->dialog, response_id);
- webkit_policy_decision_ignore (decision);
- return TRUE;
+/* ---------------------------------------------------------------------------------------------------- */
- default_behaviour:
- return FALSE;
+static const SecretSchema oauth2_schema =
+{
+ .name = "org.gnome.OnlineAccounts.OAuth2",
+ .flags = SECRET_SCHEMA_NONE,
+ .attributes = {
+ {
+ .name = "goa-oauth2-client",
+ .type = SECRET_SCHEMA_ATTRIBUTE_STRING,
+ },
+ {
+ .name = "goa-oauth2-provider",
+ .type = SECRET_SCHEMA_ATTRIBUTE_STRING,
+ },
+ { "NULL", 0 }
+ }
+};
+
+static void
+on_secrets_changed (SecretCollection *collection,
+ GParamSpec *pspec,
+ GoaOAuth2Provider *self)
+{
+ GoaOAuth2ProviderPrivate *priv = goa_oauth2_provider_get_instance_private (self);
+ const char *client_id = NULL;
+ const char *provider_type = NULL;
+ g_autofree char *requested_uri = NULL;
+ GtkResponseType response_id = GTK_RESPONSE_NONE;
+
+ client_id = goa_oauth2_provider_get_client_id (self);
+ provider_type = goa_provider_get_provider_type (GOA_PROVIDER (self));
+ requested_uri = secret_password_lookup_sync (&oauth2_schema, NULL, NULL,
+ "goa-oauth2-client", client_id,
+ "goa-oauth2-provider", provider_type,
+ NULL);
+
+ if (requested_uri != NULL)
+ {
+ if (parse_requested_uri (self, requested_uri))
+ response_id = GTK_RESPONSE_OK;
+ else
+ response_id = GTK_RESPONSE_CANCEL;
+ }
+
+ if (response_id != GTK_RESPONSE_NONE)
+ {
+ g_signal_handlers_disconnect_by_func (collection, on_secrets_changed, self);
+ gtk_dialog_response (priv->dialog, response_id);
+ }
+}
+
+static void
+secret_service_get_cb (GObject *object,
+ GAsyncResult *result,
+ GoaOAuth2Provider *self)
+{
+ GoaOAuth2ProviderPrivate *priv = goa_oauth2_provider_get_instance_private (self);
+ SecretService *service = NULL;
+ GList *collections = NULL;
+
+ service = secret_service_get_finish (result, &priv->error);
+ if (service == NULL)
+ goto out;
+
+ collections = secret_service_get_collections (service);
+ for (const GList *iter = collections; iter != NULL; iter = iter->next)
+ {
+ g_autofree char *label = secret_collection_get_label (iter->data);
+
+ /* The session collection is an empty string (?) */
+ if (g_strcmp0 (label, "") == 0)
+ {
+ const char *client_id = NULL;
+ const char *provider_type = NULL;
+
+ /* Ensure there's no dangling entry */
+ client_id = goa_oauth2_provider_get_client_id (self);
+ provider_type = goa_provider_get_provider_type (GOA_PROVIDER (self));
+ secret_password_clear_sync (&oauth2_schema, NULL, NULL,
+ "goa-oauth2-client", client_id,
+ "goa-oauth2-provider", provider_type,
+ NULL);
+
+ /* Watch the session collection for the requested URI */
+ priv->session = g_object_ref (iter->data);
+ g_signal_connect_object (priv->session,
+ "notify::items",
+ G_CALLBACK (on_secrets_changed),
+ self,
+ 0);
+ goto out;
+ }
+ }
+
+ if (priv->session == NULL && priv->error == NULL)
+ {
+ g_set_error (&priv->error,
+ GOA_ERROR,
+ GOA_ERROR_FAILED,
+ "Failed to connect to session keyring");
+ goto out;
+ }
+
+out:
+ g_clear_object (&service);
+ g_list_free_full (collections, g_object_unref);
+ g_main_loop_quit (priv->loop);
+}
+
+static void
+on_continue_in_browser (GtkButton *button,
+ GoaOAuth2Provider *self)
+{
+ GoaOAuth2ProviderPrivate *priv = goa_oauth2_provider_get_instance_private (self);
+
+ if (!g_app_info_launch_default_for_uri (priv->request_uri, NULL, &priv->error))
+ gtk_dialog_response (priv->dialog, GTK_RESPONSE_CANCEL);
+ else
+ gtk_widget_set_sensitive (GTK_WIDGET (button), FALSE);
}
static gboolean
@@ -906,12 +870,13 @@ get_tokens_and_identity (GoaOAuth2Provider *self,
GtkDialog *dialog,
GtkBox *vbox)
{
- GoaOAuth2ProviderPrivate *priv;
+ GoaOAuth2ProviderPrivate *priv = goa_oauth2_provider_get_instance_private (self);
gboolean ret = FALSE;
- gchar *url;
- GtkWidget *embed;
+ int response_id = GTK_RESPONSE_NONE;
GtkWidget *grid;
- GtkWidget *web_view;
+ GtkWidget *image;
+ GtkWidget *label;
+ GtkWidget *button;
const gchar *scope;
gchar *escaped_redirect_uri = NULL;
gchar *escaped_client_id = NULL;
@@ -923,7 +888,6 @@ get_tokens_and_identity (GoaOAuth2Provider *self,
g_return_val_if_fail (GTK_IS_DIALOG (dialog), FALSE);
g_return_val_if_fail (GTK_IS_BOX (vbox), FALSE);
- priv = goa_oauth2_provider_get_instance_private (self);
g_return_val_if_fail (priv->error == NULL, FALSE);
/* TODO: check with NM whether we're online, if not - return error */
@@ -937,6 +901,8 @@ get_tokens_and_identity (GoaOAuth2Provider *self,
g_clear_pointer (&priv->authorization_code, g_free);
g_clear_pointer (&priv->access_token, g_free);
g_clear_pointer (&priv->refresh_token, g_free);
+ g_clear_pointer (&priv->request_uri, g_free);
+ g_clear_object (&priv->session);
/* TODO: use oauth2_proxy_build_login_url_full() */
escaped_redirect_uri = g_uri_escape_string (goa_oauth2_provider_get_redirect_uri (self), NULL, TRUE);
@@ -946,40 +912,71 @@ get_tokens_and_identity (GoaOAuth2Provider *self,
escaped_scope = g_uri_escape_string (goa_oauth2_provider_get_scope (self), NULL, TRUE);
else
escaped_scope = NULL;
- url = goa_oauth2_provider_build_authorization_uri (self,
- goa_oauth2_provider_get_authorization_uri (self),
- escaped_redirect_uri,
- escaped_client_id,
- escaped_scope);
+ priv->request_uri = goa_oauth2_provider_build_authorization_uri (self,
+ goa_oauth2_provider_get_authorization_uri (self),
+ escaped_redirect_uri,
+ escaped_client_id,
+ escaped_scope);
goa_utils_set_dialog_title (GOA_PROVIDER (self), dialog, add_account);
- grid = gtk_grid_new ();
- gtk_orientable_set_orientation (GTK_ORIENTABLE (grid), GTK_ORIENTATION_VERTICAL);
- gtk_grid_set_row_spacing (GTK_GRID (grid), 12);
+ grid = g_object_new (GTK_TYPE_BOX,
+ "orientation", GTK_ORIENTATION_VERTICAL,
+ "spacing", 18,
+ "halign", GTK_ALIGN_CENTER,
+ "hexpand", TRUE,
+ "valign", GTK_ALIGN_CENTER,
+ "vexpand", TRUE,
+ "margin", 12,
+ NULL);
gtk_container_add (GTK_CONTAINER (vbox), grid);
- web_view = goa_web_view_new (GOA_PROVIDER (self), existing_identity);
- gtk_widget_set_hexpand (web_view, TRUE);
- gtk_widget_set_vexpand (web_view, TRUE);
- embed = goa_web_view_get_view (GOA_WEB_VIEW (web_view));
-
- if (goa_oauth2_provider_get_use_mobile_browser (self))
- goa_web_view_fake_mobile (GOA_WEB_VIEW (web_view));
-
- webkit_web_view_load_uri (WEBKIT_WEB_VIEW (embed), url);
- g_signal_connect (embed,
- "decide-policy",
- G_CALLBACK (on_web_view_decide_policy),
- self);
- g_signal_connect (web_view, "deny-click", G_CALLBACK (on_web_view_deny_click), self);
- g_signal_connect (web_view, "password-submit", G_CALLBACK (on_web_view_password_submit), self);
+ image = g_object_new (GTK_TYPE_IMAGE,
+ "icon-name", "web-browser-symbolic",
+ "pixel-size", 128,
+ NULL);
+ gtk_style_context_add_class (gtk_widget_get_style_context (image), "dim-label");
+ gtk_container_add (GTK_CONTAINER (grid), image);
+
+ label = gtk_label_new (_("Sign in with your browser to setup an account."));
+ gtk_style_context_add_class (gtk_widget_get_style_context (label), "heading");
+ gtk_container_add (GTK_CONTAINER (grid), label);
+
+ button = gtk_button_new_with_label (_("Continue"));
+ gtk_widget_set_halign (button, GTK_ALIGN_CENTER);
+ gtk_style_context_add_class (gtk_widget_get_style_context (button), "suggested-action");
+ g_signal_connect_object (button,
+ "clicked",
+ G_CALLBACK (on_continue_in_browser),
+ self, 0);
+ gtk_container_add (GTK_CONTAINER (grid), button);
+ gtk_dialog_add_button (priv->dialog, _("_Cancel"), GTK_RESPONSE_CANCEL);
- gtk_container_add (GTK_CONTAINER (grid), web_view);
+ gtk_widget_show_all (GTK_WIDGET (vbox));
gtk_window_set_default_size (GTK_WINDOW (dialog), -1, -1);
- gtk_widget_show_all (GTK_WIDGET (vbox));
- gtk_dialog_run (GTK_DIALOG (dialog));
+ /* Watch the session secret collection for the OAuth2 URI */
+ secret_service_get (SECRET_SERVICE_LOAD_COLLECTIONS | SECRET_SERVICE_OPEN_SESSION,
+ NULL,
+ (GAsyncReadyCallback) secret_service_get_cb,
+ self);
+ g_main_loop_run (priv->loop);
+ if (priv->error != NULL)
+ goto out;
+
+ /* Inform the user authentication should be completed in the browser */
+ response_id = gtk_dialog_run (GTK_DIALOG (dialog));
+ if (response_id != GTK_RESPONSE_OK)
+ {
+ if (priv->error == NULL)
+ {
+ g_set_error (&priv->error,
+ GOA_ERROR,
+ GOA_ERROR_DIALOG_DISMISSED,
+ _("Dialog was dismissed"));
+ }
+ goto out;
+ }
/* We can have either the auth code, with which we'll obtain the token, or
* the token directly if we are using a client side flow, since we don't
@@ -1038,12 +1035,14 @@ get_tokens_and_identity (GoaOAuth2Provider *self,
}
ret = TRUE;
+ gtk_dialog_response (dialog, GTK_RESPONSE_OK);
out:
- g_free (url);
g_free (escaped_redirect_uri);
g_free (escaped_client_id);
g_free (escaped_scope);
+ g_clear_pointer (&priv->request_uri, g_free);
+ g_clear_object (&priv->session);
return ret;
}
@@ -1131,6 +1130,7 @@ goa_oauth2_provider_add_account (GoaProvider *provider,
g_return_val_if_fail (error == NULL || *error == NULL, NULL);
priv = goa_oauth2_provider_get_instance_private (self);
+ priv->loop = g_main_loop_new (NULL, FALSE);
if (!get_tokens_and_identity (self, TRUE, NULL, dialog, vbox))
goto out;
@@ -1165,7 +1165,6 @@ goa_oauth2_provider_add_account (GoaProvider *provider,
NULL, /* GCancellable* */
(GAsyncReadyCallback) add_account_cb,
self);
- priv->loop = g_main_loop_new (NULL, FALSE);
g_main_loop_run (priv->loop);
if (priv->error != NULL)
goto out;
@@ -1215,6 +1214,7 @@ goa_oauth2_provider_refresh_account (GoaProvider *provider,
g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
priv = goa_oauth2_provider_get_instance_private (self);
+ priv->loop = g_main_loop_new (NULL, FALSE);
dialog = gtk_dialog_new_with_buttons (NULL,
parent,
@@ -1625,6 +1625,8 @@ goa_oauth2_provider_finalize (GObject *object)
g_free (priv->authorization_code);
g_free (priv->access_token);
g_free (priv->refresh_token);
+ g_clear_pointer (&priv->request_uri, g_free);
+ g_clear_object (&priv->session);
G_OBJECT_CLASS (goa_oauth2_provider_parent_class)->finalize (object);
}
@@ -1650,12 +1652,9 @@ goa_oauth2_provider_class_init (GoaOAuth2ProviderClass *klass)
provider_class->ensure_credentials_sync = goa_oauth2_provider_ensure_credentials_sync;
klass->build_authorization_uri = goa_oauth2_provider_build_authorization_uri_default;
- klass->decide_navigation_policy = goa_oauth2_provider_decide_navigation_policy_default;
klass->get_token_uri = goa_oauth2_provider_get_token_uri_default;
klass->get_scope = goa_oauth2_provider_get_scope_default;
klass->get_use_mobile_browser = goa_oauth2_provider_get_use_mobile_browser_default;
- klass->is_deny_node = goa_oauth2_provider_is_deny_node_default;
- klass->is_password_node = goa_oauth2_provider_is_password_node_default;
klass->add_account_key_values = goa_oauth2_provider_add_account_key_values_default;
}
diff --git a/src/goabackend/goaoauthprovider.c b/src/goabackend/goaoauthprovider.c
deleted file mode 100644
index 71bcad6..0000000
--- a/src/goabackend/goaoauthprovider.c
+++ /dev/null
@@ -1,1662 +0,0 @@
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
-/*
- * Copyright © 2011 2017 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "config.h"
-#include <glib/gi18n-lib.h>
-#include <stdlib.h>
-
-#include <rest/oauth-proxy.h>
-#include <libsoup/soup.h>
-#include <json-glib/json-glib.h>
-#include <webkit2/webkit2.h>
-
-#include "goaprovider.h"
-#include "goautils.h"
-#include "goawebview.h"
-#include "goaoauthprovider.h"
-#include "goasouplogger.h"
-
-/**
- * SECTION:goaoauthprovider
- * @title: GoaOAuthProvider
- * @short_description: Abstract base class for OAuth 1.0a providers
- *
- * #GoaOAuthProvider is an abstract base class for OAuth 1.0a
- * compliant implementations as defined by <ulink
- * url="http://tools.ietf.org/html/rfc5849">RFC
- * 5849</ulink>. Additionally, the code works with providers
- * implementing <ulink
- * url="http://oauth.googlecode.com/svn/spec/ext/session/1.0/drafts/1/spec.html">OAuth
- * Session 1.0 Draft 1</ulink> for refreshing access tokens.
- *
- * Subclasses must implement
- * #GoaOAuthProviderClass.get_consumer_key,
- * #GoaOAuthProviderClass.get_consumer_secret,
- * #GoaOAuthProviderClass.get_request_uri,
- * #GoaOAuthProviderClass.get_authorization_uri,
- * #GoaOAuthProviderClass.get_token_uri,
- * #GoaOAuthProviderClass.get_callback_uri and
- * #GoaOAuthProviderClass.get_identity_sync methods.
- *
- * Additionally, the
- * #GoaProviderClass.get_provider_type,
- * #GoaProviderClass.get_provider_name,
- * #GoaProviderClass.build_object (this should chain up to its
- * parent class) methods must be implemented.
- *
- * Note that the #GoaProviderClass.add_account,
- * #GoaProviderClass.refresh_account and
- * #GoaProviderClass.ensure_credentials_sync methods do not
- * need to be implemented - this type implements these methods.
- */
-
-G_LOCK_DEFINE_STATIC (provider_lock);
-
-G_DEFINE_ABSTRACT_TYPE (GoaOAuthProvider, goa_oauth_provider, GOA_TYPE_PROVIDER);
-
-static gboolean
-is_authorization_error (GError *error)
-{
- gboolean ret;
-
- g_return_val_if_fail (error != NULL, FALSE);
-
- ret = FALSE;
- if (error->domain == REST_PROXY_ERROR || error->domain == SOUP_HTTP_ERROR)
- {
- if (SOUP_STATUS_IS_CLIENT_ERROR (error->code))
- ret = TRUE;
- }
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gboolean
-goa_oauth_provider_get_use_mobile_browser_default (GoaOAuthProvider *provider)
-{
- return FALSE;
-}
-
-/**
- * goa_oauth_provider_get_use_mobile_browser:
- * @provider: A #GoaOAuthProvider.
- *
- * Returns whether there is a need for the embedded browser to identify
- * itself as running on a mobile phone in order to get a more compact
- * version of the approval page.
- *
- * This is a virtual method where the default implementation returns
- * %FALSE.
- *
- * Returns: %TRUE if the embedded browser should identify itself as
- * running on a mobile platform, %FALSE otherwise.
- */
-gboolean
-goa_oauth_provider_get_use_mobile_browser (GoaOAuthProvider *provider)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), FALSE);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->get_use_mobile_browser (provider);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gboolean
-goa_oauth_provider_is_deny_node_default (GoaOAuthProvider *provider, WebKitDOMNode *node)
-{
- return FALSE;
-}
-
-/**
- * goa_oauth_provider_is_deny_node:
- * @provider: A #GoaOAuthProvider.
- * @node: A WebKitDOMNode.
- *
- * Checks whether @node is the HTML UI element that the user can use
- * to deny permission to access his account. Usually they are either a
- * WebKitDOMHTMLButtonElement or a WebKitDOMHTMLInputElement.
- *
- * Please note that providers may have multiple such elements in their
- * UI and this method should catch all of them.
- *
- * This is a virtual method where the default implementation returns
- * %FALSE.
- *
- * Returns: %TRUE if the @node can be used to deny permission.
- */
-gboolean
-goa_oauth_provider_is_deny_node (GoaOAuthProvider *provider, WebKitDOMNode *node)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), FALSE);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->is_deny_node (provider, node);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gboolean
-goa_oauth_provider_is_password_node_default (GoaOAuthProvider *provider, WebKitDOMHTMLInputElement *element)
-{
- return FALSE;
-}
-
-/**
- * goa_oauth_provider_is_password_node:
- * @provider: A #GoaOAuthProvider.
- * @element: A WebKitDOMHTMLInputElement
- *
- * Checks whether @element is the HTML UI element that the user can
- * use to enter her password. This can be used to offer a
- * #GoaPasswordBased interface by saving the user's
- * password. Providers usually frown upon doing this, so this is not
- * recommended.
- *
- * This is a virtual method where the default implementation returns
- * %FALSE.
- *
- * Returns: %TRUE if @element can be used to enter the password.
- */
-gboolean
-goa_oauth_provider_is_password_node (GoaOAuthProvider *provider, WebKitDOMHTMLInputElement *element)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), FALSE);
- g_return_val_if_fail (WEBKIT_DOM_IS_HTML_INPUT_ELEMENT (element), FALSE);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->is_password_node (provider, element);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
-goa_oauth_provider_add_account_key_values_default (GoaOAuthProvider *provider,
- GVariantBuilder *builder)
-{
- /* do nothing */
-}
-
-/**
- * goa_oauth_provider_add_account_key_values:
- * @provider: A #GoaProvider.
- * @builder: A #GVariantBuilder for a <literal>a{ss}</literal> variant.
- *
- * Hook for implementations to add key/value pairs to the key-file
- * when creating an account.
- *
- * This is a virtual method where the default implementation does nothing.
- */
-void
-goa_oauth_provider_add_account_key_values (GoaOAuthProvider *provider,
- GVariantBuilder *builder)
-{
- g_return_if_fail (GOA_IS_OAUTH_PROVIDER (provider));
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->add_account_key_values (provider, builder);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gchar *
-goa_oauth_provider_build_authorization_uri_default (GoaOAuthProvider *provider,
- const gchar *authorization_uri,
- const gchar *escaped_oauth_token)
-{
- return g_strdup_printf ("%s"
- "?oauth_token=%s",
- authorization_uri,
- escaped_oauth_token);
-}
-
-/**
- * goa_oauth_provider_build_authorization_uri:
- * @provider: A #GoaOAuthProvider.
- * @authorization_uri: An authorization URI.
- * @escaped_oauth_token: An escaped oauth token.
- *
- * Builds the URI that can be opened in a web browser (or embedded web
- * browser widget) to start authenticating an user.
- *
- * The default implementation just returns the expected URI
- * (e.g. <literal>http://example.com/dialog/oauth?auth_token=1234567890</literal>)
- * - override (and chain up) if you e.g. need to to pass additional
- * parameters.
- *
- * The @authorization_uri parameter originate from the result of the
- * the goa_oauth_provider_get_authorization_uri() method. The
- * @escaped_oauth_token parameter is the temporary credentials identifier
- * escaped using g_uri_escape_string().
- *
- * Returns: (transfer full): An authorization URI that must be freed with g_free().
- */
-gchar *
-goa_oauth_provider_build_authorization_uri (GoaOAuthProvider *provider,
- const gchar *authorization_uri,
- const gchar *escaped_oauth_token)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- g_return_val_if_fail (authorization_uri != NULL, NULL);
- g_return_val_if_fail (escaped_oauth_token != NULL, NULL);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->build_authorization_uri (provider,
- authorization_uri,
- escaped_oauth_token);
-}
-
-/**
- * goa_oauth_provider_get_consumer_key:
- * @provider: A #GoaOAuthProvider.
- *
- * Gets the consumer key identifying the client.
- *
- * This is a pure virtual method - a subclass must provide an
- * implementation.
- *
- * Returns: (transfer none): A string owned by @provider - do not free.
- */
-const gchar *
-goa_oauth_provider_get_consumer_key (GoaOAuthProvider *provider)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->get_consumer_key (provider);
-}
-
-/**
- * goa_oauth_provider_get_consumer_secret:
- * @provider: A #GoaOAuthProvider.
- *
- * Gets the consumer secret identifying the client.
- *
- * This is a pure virtual method - a subclass must provide an
- * implementation.
- *
- * Returns: (transfer none): A string owned by @provider - do not free.
- */
-const gchar *
-goa_oauth_provider_get_consumer_secret (GoaOAuthProvider *provider)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->get_consumer_secret (provider);
-}
-
-/**
- * goa_oauth_provider_get_request_uri:
- * @provider: A #GoaOAuthProvider.
- *
- * Gets the request uri.
- *
- * http://tools.ietf.org/html/rfc5849#section-2.1
- *
- * This is a pure virtual method - a subclass must provide an
- * implementation.
- *
- * Returns: (transfer none): A string owned by @provider - do not free.
- */
-const gchar *
-goa_oauth_provider_get_request_uri (GoaOAuthProvider *provider)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->get_request_uri (provider);
-}
-
-/**
- * goa_oauth_provider_get_request_uri_params:
- * @provider: A #GoaOAuthProvider.
- *
- * Gets additional parameters for the request URI.
- *
- * http://tools.ietf.org/html/rfc5849#section-2.1
- *
- * This is a virtual method where the default implementation returns
- * %NULL.
- *
- * Returns: (transfer full): %NULL (for no parameters) or a
- * %NULL-terminated array of (key, value) pairs that will be added to
- * the URI. The caller will free the returned value with g_strfreev().
- */
-gchar **
-goa_oauth_provider_get_request_uri_params (GoaOAuthProvider *provider)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->get_request_uri_params (provider);
-}
-
-static gchar **
-goa_oauth_provider_get_request_uri_params_default (GoaOAuthProvider *provider)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- return NULL;
-}
-
-/**
- * goa_oauth_provider_get_authorization_uri:
- * @provider: A #GoaOAuthProvider.
- *
- * Gets the authorization uri.
- *
- * http://tools.ietf.org/html/rfc5849#section-2.2
- *
- * This is a pure virtual method - a subclass must provide an
- * implementation.
- *
- * Returns: (transfer none): A string owned by @provider - do not free.
- */
-const gchar *
-goa_oauth_provider_get_authorization_uri (GoaOAuthProvider *provider)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->get_authorization_uri (provider);
-}
-
-/**
- * goa_oauth_provider_get_token_uri:
- * @provider: A #GoaOAuthProvider.
- *
- * Gets the token uri.
- *
- * http://tools.ietf.org/html/rfc5849#section-2.3
- *
- * This is a pure virtual method - a subclass must provide an
- * implementation.
- *
- * Returns: (transfer none): A string owned by @provider - do not free.
- */
-const gchar *
-goa_oauth_provider_get_token_uri (GoaOAuthProvider *provider)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->get_token_uri (provider);
-}
-
-/**
- * goa_oauth_provider_get_callback_uri:
- * @provider: A #GoaOAuthProvider.
- *
- * Gets the callback uri.
- *
- * http://tools.ietf.org/html/rfc5849#section-2.1
- *
- * This is a pure virtual method - a subclass must provide an
- * implementation.
- *
- * Returns: (transfer none): A string owned by @provider - do not free.
- */
-const gchar *
-goa_oauth_provider_get_callback_uri (GoaOAuthProvider *provider)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->get_callback_uri (provider);
-}
-
-/**
- * goa_oauth_provider_get_identity_sync:
- * @provider: A #GoaOAuthProvider.
- * @access_token: A valid OAuth 1.0 access token.
- * @access_token_secret: The valid secret for @access_token.
- * @out_presentation_identity: (out): Return location for presentation identity or %NULL.
- * @cancellable: (allow-none): A #GCancellable or %NULL.
- * @error: Return location for error or %NULL.
- *
- * Method that returns the identity corresponding to @access_token and
- * @access_token_secret.
- *
- * The identity is needed because all authentication happens out of
- * band. In addition to the identity, an implementation also returns a
- * <emphasis>presentation identity</emphasis> that is more suitable
- * for presentation (the identity could be a GUID for example).
- *
- * The calling thread is blocked while the identity is obtained.
- *
- * This is a pure virtual method - a subclass must provide an
- * implementation.
- *
- * Returns: The identity or %NULL if error is set. The returned string
- * must be freed with g_free().
- */
-gchar *
-goa_oauth_provider_get_identity_sync (GoaOAuthProvider *provider,
- const gchar *access_token,
- const gchar *access_token_secret,
- gchar **out_presentation_identity,
- GCancellable *cancellable,
- GError **error)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- g_return_val_if_fail (access_token != NULL, NULL);
- g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
- g_return_val_if_fail (error == NULL || *error == NULL, NULL);
-
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->get_identity_sync (provider,
- access_token,
- access_token_secret,
- out_presentation_identity,
- cancellable,
- error);
-}
-
-/**
- * goa_oauth_provider_is_identity_node:
- * @provider: A #GoaOAuthProvider.
- * @element: A WebKitDOMHTMLInputElement.
- *
- * Checks whether @element is the HTML UI element that the user can
- * use to identify herself at the provider.
- *
- * This is a pure virtual method - a subclass must provide an
- * implementation.
- *
- * Returns: %TRUE if the @element can be used to deny permission.
- */
-gboolean
-goa_oauth_provider_is_identity_node (GoaOAuthProvider *provider, WebKitDOMHTMLInputElement *element)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), FALSE);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->is_identity_node (provider, element);
-}
-
-/**
- * goa_oauth_provider_parse_request_token_error:
- * @provider: A #GoaOAuthProvider.
- * @call: The #RestProxyCall that was used to fetch the request token.
- *
- * Tries to parse the headers and payload within @call to provide a
- * human readable error message in case the request token could not
- * be fetched.
- *
- * This is a pure virtual method - a subclass must provide an
- * implementation.
- *
- * Returns: A human readable error message or %NULL if the cause of the
- * error could not be determined. The returned string must be freed with
- * g_free().
- */
-gchar *
-goa_oauth_provider_parse_request_token_error (GoaOAuthProvider *provider, RestProxyCall *call)
-{
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- return GOA_OAUTH_PROVIDER_GET_CLASS (provider)->parse_request_token_error (provider, call);
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gchar *
-get_tokens_sync (GoaOAuthProvider *provider,
- const gchar *token,
- const gchar *token_secret,
- const gchar *session_handle, /* may be NULL */
- const gchar *verifier, /* may be NULL */
- gchar **out_access_token_secret,
- gint *out_access_token_expires_in,
- gchar **out_session_handle,
- gint *out_session_handle_expires_in,
- GCancellable *cancellable,
- GError **error)
-{
- RestProxy *proxy;
- RestProxyCall *call;
- SoupLogger *logger = NULL;
- gchar *ret = NULL;
- guint status_code;
- GHashTable *f;
- const gchar *expires_in_str;
- gchar *ret_access_token = NULL;
- gchar *ret_access_token_secret = NULL;
- gint ret_access_token_expires_in = 0;
- gchar *ret_session_handle = NULL;
- gint ret_session_handle_expires_in = 0;
-
- proxy = oauth_proxy_new (goa_oauth_provider_get_consumer_key (provider),
- goa_oauth_provider_get_consumer_secret (provider),
- goa_oauth_provider_get_token_uri (provider),
- FALSE);
- logger = goa_soup_logger_new (SOUP_LOGGER_LOG_BODY, -1);
- rest_proxy_add_soup_feature (proxy, SOUP_SESSION_FEATURE (logger));
- oauth_proxy_set_token (OAUTH_PROXY (proxy), token);
- oauth_proxy_set_token_secret (OAUTH_PROXY (proxy), token_secret);
- call = rest_proxy_new_call (proxy);
- rest_proxy_call_set_method (call, "POST");
- if (verifier != NULL)
- rest_proxy_call_add_param (call, "oauth_verifier", verifier);
- if (session_handle != NULL)
- rest_proxy_call_add_param (call, "oauth_session_handle", session_handle);
- /* TODO: cancellable support? */
- if (!rest_proxy_call_sync (call, error))
- goto out;
-
- status_code = rest_proxy_call_get_status_code (call);
- if (status_code != 200)
- {
- g_set_error (error,
- GOA_ERROR,
- GOA_ERROR_FAILED,
- /* Translators: the %d is a HTTP status code and the %s is a textual description of it */
- _("Expected status 200 when requesting access token, instead got status %d (%s)"),
- status_code,
- rest_proxy_call_get_status_message (call));
- goto out;
- }
-
- f = soup_form_decode (rest_proxy_call_get_payload (call));
- ret_access_token = g_strdup (g_hash_table_lookup (f, "oauth_token"));
- ret_access_token_secret = g_strdup (g_hash_table_lookup (f, "oauth_token_secret"));
- ret_session_handle = g_strdup (g_hash_table_lookup (f, "oauth_session_handle"));
- expires_in_str = g_hash_table_lookup (f, "oauth_expires_in");
- if (expires_in_str != NULL)
- ret_access_token_expires_in = atoi (expires_in_str);
- expires_in_str = g_hash_table_lookup (f, "oauth_authorization_expires_in");
- if (expires_in_str != NULL)
- ret_session_handle_expires_in = atoi (expires_in_str);
- g_hash_table_unref (f);
-
- if (ret_access_token == NULL || ret_access_token_secret == NULL)
- {
- g_set_error (error,
- GOA_ERROR,
- GOA_ERROR_FAILED,
- _("Missing access_token or access_token_secret headers in response"));
- goto out;
- }
-
- ret = ret_access_token; ret_access_token = NULL;
- if (out_access_token_secret != NULL)
- {
- *out_access_token_secret = ret_access_token_secret;
- ret_access_token_secret = NULL;
- }
- if (out_access_token_expires_in != NULL)
- *out_access_token_expires_in = ret_access_token_expires_in;
- if (out_session_handle != NULL)
- {
- *out_session_handle = ret_session_handle;
- ret_session_handle = NULL;
- }
- if (out_session_handle_expires_in != NULL)
- *out_session_handle_expires_in = ret_session_handle_expires_in;
-
- out:
- g_free (ret_access_token);
- g_free (ret_access_token_secret);
- g_free (ret_session_handle);
- g_clear_object (&call);
- g_clear_object (&proxy);
- g_clear_object (&logger);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-typedef struct
-{
- GoaOAuthProvider *provider;
- GtkDialog *dialog;
- GError *error;
- GMainLoop *loop;
-
- gchar *password;
-
- gchar *oauth_verifier;
-
- const gchar *existing_identity;
-
- gchar *identity;
- gchar *presentation_identity;
-
- gchar *request_token;
- gchar *request_token_secret;
- gchar *access_token;
- gchar *access_token_secret;
- gint access_token_expires_in;
- gchar *session_handle;
- gint session_handle_expires_in;
-} IdentifyData;
-
-static void
-on_web_view_deny_click (GoaWebView *web_view, gpointer user_data)
-{
- IdentifyData *data = user_data;
- gtk_dialog_response (data->dialog, GTK_RESPONSE_CANCEL);
-}
-
-static void
-on_web_view_password_submit (GoaWebView *web_view, const gchar *password, gpointer user_data)
-{
- IdentifyData *data = user_data;
-
- g_free (data->password);
- data->password = g_strdup (password);
-}
-
-static gboolean
-on_web_view_decide_policy (WebKitWebView *web_view,
- WebKitPolicyDecision *decision,
- WebKitPolicyDecisionType decision_type,
- gpointer user_data)
-{
- GHashTable *key_value_pairs;
- IdentifyData *data = user_data;
- SoupURI *uri;
- WebKitNavigationAction *action;
- WebKitURIRequest *request;
- const gchar *query;
- const gchar *redirect_uri;
- const gchar *requested_uri;
- gint response_id = GTK_RESPONSE_NONE;
-
- if (decision_type != WEBKIT_POLICY_DECISION_TYPE_NAVIGATION_ACTION)
- return FALSE;
-
- /* TODO: use oauth_proxy_extract_access_token() */
-
- action = webkit_navigation_policy_decision_get_navigation_action (WEBKIT_NAVIGATION_POLICY_DECISION (decision));
- request = webkit_navigation_action_get_request (action);
- requested_uri = webkit_uri_request_get_uri (request);
- redirect_uri = goa_oauth_provider_get_callback_uri (data->provider);
-
- if (!g_str_has_prefix (requested_uri, redirect_uri))
- goto default_behaviour;
-
- uri = soup_uri_new (requested_uri);
- query = soup_uri_get_query (uri);
-
- if (query != NULL)
- {
- key_value_pairs = soup_form_decode (query);
-
- data->oauth_verifier = g_strdup (g_hash_table_lookup (key_value_pairs, "oauth_verifier"));
- if (data->oauth_verifier != NULL)
- response_id = GTK_RESPONSE_OK;
-
- g_hash_table_unref (key_value_pairs);
- }
-
- if (data->oauth_verifier != NULL)
- goto ignore_request;
-
- /* TODO: The only OAuth1 provider is Flickr. It doesn't send any
- * error code and only redirects to the URI specified in the Flickr
- * App Garden. Re-evaluate when the situation changes.
- */
- response_id = GTK_RESPONSE_CANCEL;
- goto ignore_request;
-
- ignore_request:
- g_assert (response_id != GTK_RESPONSE_NONE);
- gtk_dialog_response (data->dialog, response_id);
- webkit_policy_decision_ignore (decision);
- return TRUE;
-
- default_behaviour:
- return FALSE;
-}
-
-static void
-rest_proxy_call_cb (RestProxyCall *call, const GError *error, GObject *weak_object, gpointer user_data)
-{
- IdentifyData *data = user_data;
- g_main_loop_quit (data->loop);
-}
-
-static gboolean
-get_tokens_and_identity (GoaOAuthProvider *provider,
- gboolean add_account,
- const gchar *existing_identity,
- GtkDialog *dialog,
- GtkBox *vbox,
- gchar **out_access_token,
- gchar **out_access_token_secret,
- gint *out_access_token_expires_in,
- gchar **out_session_handle,
- gint *out_session_handle_expires_in,
- gchar **out_identity,
- gchar **out_presentation_identity,
- gchar **out_password,
- GError **error)
-{
- gboolean ret = FALSE;
- gchar *url = NULL;
- IdentifyData data;
- gchar *escaped_request_token = NULL;
- RestProxy *proxy = NULL;
- RestProxyCall *call = NULL;
- SoupLogger *logger = NULL;
- GHashTable *f;
- GtkWidget *embed;
- GtkWidget *grid;
- GtkWidget *spinner;
- GtkWidget *web_view;
- gchar **request_params = NULL;
- guint n;
-
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), FALSE);
- g_return_val_if_fail ((!add_account && existing_identity != NULL && existing_identity[0] != '\0')
- || (add_account && existing_identity == NULL), FALSE);
- g_return_val_if_fail (GTK_IS_DIALOG (dialog), FALSE);
- g_return_val_if_fail (GTK_IS_BOX (vbox), FALSE);
- g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
-
- /* TODO: check with NM whether we're online, if not - return error */
-
- memset (&data, '\0', sizeof (IdentifyData));
- data.provider = provider;
- data.dialog = dialog;
- data.loop = g_main_loop_new (NULL, FALSE);
- data.existing_identity = existing_identity;
-
- proxy = oauth_proxy_new (goa_oauth_provider_get_consumer_key (provider),
- goa_oauth_provider_get_consumer_secret (provider),
- goa_oauth_provider_get_request_uri (provider), FALSE);
- logger = goa_soup_logger_new (SOUP_LOGGER_LOG_BODY, -1);
- rest_proxy_add_soup_feature (proxy, SOUP_SESSION_FEATURE (logger));
-
- call = rest_proxy_new_call (proxy);
- rest_proxy_call_set_method (call, "POST");
- rest_proxy_call_add_param (call, "oauth_callback", goa_oauth_provider_get_callback_uri (provider));
-
- request_params = goa_oauth_provider_get_request_uri_params (provider);
- if (request_params != NULL)
- {
- g_assert (g_strv_length (request_params) % 2 == 0);
- for (n = 0; request_params[n] != NULL; n += 2)
- rest_proxy_call_add_param (call, request_params[n], request_params[n+1]);
- }
- if (!rest_proxy_call_async (call, rest_proxy_call_cb, NULL, &data, &data.error))
- {
- g_prefix_error (&data.error, _("Error getting a Request Token: "));
- goto out;
- }
-
- goa_utils_set_dialog_title (GOA_PROVIDER (provider), dialog, add_account);
-
- grid = gtk_grid_new ();
- gtk_orientable_set_orientation (GTK_ORIENTABLE (grid), GTK_ORIENTATION_VERTICAL);
- gtk_grid_set_row_spacing (GTK_GRID (grid), 12);
- gtk_container_add (GTK_CONTAINER (vbox), grid);
-
- spinner = gtk_spinner_new ();
- gtk_widget_set_hexpand (spinner, TRUE);
- gtk_widget_set_halign (spinner, GTK_ALIGN_CENTER);
- gtk_widget_set_vexpand (spinner, TRUE);
- gtk_widget_set_valign (spinner, GTK_ALIGN_CENTER);
- gtk_widget_set_size_request (GTK_WIDGET (spinner), 24, 24);
- gtk_spinner_start (GTK_SPINNER (spinner));
- gtk_container_add (GTK_CONTAINER (grid), spinner);
- gtk_widget_show_all (GTK_WIDGET (vbox));
-
- g_main_loop_run (data.loop);
- gtk_container_remove (GTK_CONTAINER (grid), spinner);
-
- if (rest_proxy_call_get_status_code (call) != 200)
- {
- gchar *msg;
-
- msg = goa_oauth_provider_parse_request_token_error (provider, call);
- if (msg == NULL)
- /* Translators: the %d is a HTTP status code and the %s is a textual description of it */
- msg = g_strdup_printf (_("Expected status 200 for getting a Request Token, instead got status %d (%s)"),
- rest_proxy_call_get_status_code (call),
- rest_proxy_call_get_status_message (call));
-
- g_set_error_literal (&data.error, GOA_ERROR, GOA_ERROR_FAILED, msg);
- g_free (msg);
- goto out;
- }
- f = soup_form_decode (rest_proxy_call_get_payload (call));
- data.request_token = g_strdup (g_hash_table_lookup (f, "oauth_token"));
- data.request_token_secret = g_strdup (g_hash_table_lookup (f, "oauth_token_secret"));
- g_hash_table_unref (f);
- if (data.request_token == NULL || data.request_token_secret == NULL)
- {
- g_set_error (&data.error,
- GOA_ERROR,
- GOA_ERROR_FAILED,
- _("Missing request_token or request_token_secret headers in response"));
- goto out;
- }
-
- escaped_request_token = g_uri_escape_string (data.request_token, NULL, TRUE);
- url = goa_oauth_provider_build_authorization_uri (provider,
- goa_oauth_provider_get_authorization_uri (provider),
- escaped_request_token);
-
- web_view = goa_web_view_new (GOA_PROVIDER (provider), existing_identity);
- gtk_widget_set_hexpand (web_view, TRUE);
- gtk_widget_set_vexpand (web_view, TRUE);
- embed = goa_web_view_get_view (GOA_WEB_VIEW (web_view));
-
- if (goa_oauth_provider_get_use_mobile_browser (provider))
- goa_web_view_fake_mobile (GOA_WEB_VIEW (web_view));
-
- webkit_web_view_load_uri (WEBKIT_WEB_VIEW (embed), url);
- g_signal_connect (embed,
- "decide-policy",
- G_CALLBACK (on_web_view_decide_policy),
- &data);
- g_signal_connect (web_view, "deny-click", G_CALLBACK (on_web_view_deny_click), &data);
- g_signal_connect (web_view, "password-submit", G_CALLBACK (on_web_view_password_submit), &data);
-
- gtk_container_add (GTK_CONTAINER (grid), web_view);
- gtk_window_set_default_size (GTK_WINDOW (dialog), -1, -1);
-
- gtk_widget_show_all (GTK_WIDGET (vbox));
- gtk_dialog_run (GTK_DIALOG (dialog));
-
- if (data.oauth_verifier == NULL)
- {
- if (data.error == NULL)
- {
- g_set_error (&data.error,
- GOA_ERROR,
- GOA_ERROR_DIALOG_DISMISSED,
- _("Dialog was dismissed"));
- }
- goto out;
- }
- g_assert (data.error == NULL);
-
- /* OK, we are done interacting with the user ... but before we can
- * make up our mind, there are two more RPC calls to make and these
- * call may take some time. So hide the dialog immediately.
- */
- gtk_widget_hide (GTK_WIDGET (dialog));
-
- /* OK, we now have the request token... we can exchange that for a
- * (short-lived) access token and session_handle (used to refresh the
- * access token)..
- */
-
- /* TODO: run in worker thread */
- data.access_token = get_tokens_sync (provider,
- data.request_token,
- data.request_token_secret,
- NULL, /* session_handle */
- data.oauth_verifier,
- &data.access_token_secret,
- &data.access_token_expires_in,
- &data.session_handle,
- &data.session_handle_expires_in,
- NULL, /* GCancellable */
- &data.error);
- if (data.access_token == NULL)
- {
- g_prefix_error (&data.error, _("Error getting an Access Token: "));
- goto out;
- }
-
- /* TODO: run in worker thread */
- data.identity = goa_oauth_provider_get_identity_sync (provider,
- data.access_token,
- data.access_token_secret,
- &data.presentation_identity,
- NULL, /* TODO: GCancellable */
- &data.error);
- if (data.identity == NULL)
- {
- g_prefix_error (&data.error, _("Error getting identity: "));
- goto out;
- }
-
- ret = TRUE;
-
- out:
- g_clear_object (&call);
-
- if (ret)
- {
- g_warn_if_fail (data.error == NULL);
- if (out_access_token != NULL)
- *out_access_token = g_strdup (data.access_token);
- if (out_access_token_secret != NULL)
- *out_access_token_secret = g_strdup (data.access_token_secret);
- if (out_access_token_expires_in != NULL)
- *out_access_token_expires_in = data.access_token_expires_in;
- if (out_session_handle != NULL)
- *out_session_handle = g_strdup (data.session_handle);
- if (out_session_handle_expires_in != NULL)
- *out_session_handle_expires_in = data.session_handle_expires_in;
- if (out_identity != NULL)
- *out_identity = g_strdup (data.identity);
- if (out_presentation_identity != NULL)
- *out_presentation_identity = g_strdup (data.presentation_identity);
- if (out_password != NULL)
- *out_password = g_strdup (data.password);
- }
- else
- {
- g_warn_if_fail (data.error != NULL);
- g_propagate_error (error, data.error);
- }
-
- g_free (data.password);
- g_free (data.presentation_identity);
- g_free (data.identity);
- g_free (url);
-
- g_free (data.oauth_verifier);
- g_clear_pointer (&data.loop, (GDestroyNotify) g_main_loop_unref);
- g_free (data.access_token);
- g_free (data.access_token_secret);
- g_free (escaped_request_token);
-
- g_free (data.request_token);
- g_free (data.request_token_secret);
-
- g_strfreev (request_params);
- g_clear_object (&proxy);
- g_clear_object (&logger);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-typedef struct
-{
- GError *error;
- GMainLoop *loop;
- gchar *account_object_path;
-} AddData;
-
-static void
-add_account_cb (GoaManager *manager,
- GAsyncResult *res,
- gpointer user_data)
-{
- AddData *data = user_data;
- goa_manager_call_add_account_finish (manager,
- &data->account_object_path,
- res,
- &data->error);
- g_main_loop_quit (data->loop);
-}
-
-static gint64
-duration_to_abs_usec (gint duration_sec)
-{
- gint64 ret;
- GTimeVal now;
-
- g_get_current_time (&now);
- ret = ((gint64) now.tv_sec) * 1000L * 1000L + ((gint64) now.tv_usec);
- ret += ((gint64) duration_sec) * 1000L * 1000L;
- return ret;
-}
-
-static gint
-abs_usec_to_duration (gint64 abs_usec)
-{
- gint64 ret;
- GTimeVal now;
-
- g_get_current_time (&now);
- ret = abs_usec - (((gint64) now.tv_sec) * 1000L * 1000L + ((gint64) now.tv_usec));
- ret /= 1000L * 1000L;
- return ret;
-}
-
-static GoaObject *
-goa_oauth_provider_add_account (GoaProvider *_provider,
- GoaClient *client,
- GtkDialog *dialog,
- GtkBox *vbox,
- GError **error)
-{
- GoaOAuthProvider *provider = GOA_OAUTH_PROVIDER (_provider);
- GoaObject *ret = NULL;
- gchar *access_token = NULL;
- gchar *access_token_secret = NULL;
- gint access_token_expires_in;
- gchar *session_handle = NULL;
- gint session_handle_expires_in;
- gchar *identity = NULL;
- gchar *presentation_identity = NULL;
- gchar *password = NULL;
- AddData data;
- GVariantBuilder credentials;
- GVariantBuilder details;
-
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- g_return_val_if_fail (GOA_IS_CLIENT (client), NULL);
- g_return_val_if_fail (GTK_IS_DIALOG (dialog), NULL);
- g_return_val_if_fail (GTK_IS_BOX (vbox), NULL);
- g_return_val_if_fail (error == NULL || *error == NULL, NULL);
-
- memset (&data, '\0', sizeof (AddData));
- data.loop = g_main_loop_new (NULL, FALSE);
-
- if (!get_tokens_and_identity (provider,
- TRUE,
- NULL,
- dialog,
- vbox,
- &access_token,
- &access_token_secret,
- &access_token_expires_in,
- &session_handle,
- &session_handle_expires_in,
- &identity,
- &presentation_identity,
- &password,
- &data.error))
- goto out;
-
- /* OK, got the identity... see if there's already an account
- * of this type with the given identity
- */
- if (!goa_utils_check_duplicate (client,
- identity,
- presentation_identity,
- goa_provider_get_provider_type (GOA_PROVIDER (provider)),
- (GoaPeekInterfaceFunc) goa_object_peek_oauth_based,
- &data.error))
- goto out;
-
- g_variant_builder_init (&credentials, G_VARIANT_TYPE_VARDICT);
- g_variant_builder_add (&credentials, "{sv}", "access_token", g_variant_new_string (access_token));
- g_variant_builder_add (&credentials, "{sv}", "access_token_secret", g_variant_new_string (access_token_secret));
- if (access_token_expires_in > 0)
- g_variant_builder_add (&credentials, "{sv}", "access_token_expires_at",
- g_variant_new_int64 (duration_to_abs_usec (access_token_expires_in)));
- if (session_handle != NULL)
- g_variant_builder_add (&credentials, "{sv}", "session_handle", g_variant_new_string (session_handle));
- if (session_handle_expires_in > 0)
- g_variant_builder_add (&credentials, "{sv}", "session_handle_expires_at",
- g_variant_new_int64 (duration_to_abs_usec (session_handle_expires_in)));
- if (password != NULL)
- g_variant_builder_add (&credentials, "{sv}", "password", g_variant_new_string (password));
-
- g_variant_builder_init (&details, G_VARIANT_TYPE ("a{ss}"));
- goa_oauth_provider_add_account_key_values (provider, &details);
-
- /* we want the GoaClient to update before this method returns (so it
- * can create a proxy for the new object) so run the mainloop while
- * waiting for this to complete
- */
- goa_manager_call_add_account (goa_client_get_manager (client),
- goa_provider_get_provider_type (GOA_PROVIDER (provider)),
- identity,
- presentation_identity,
- g_variant_builder_end (&credentials),
- g_variant_builder_end (&details),
- NULL, /* GCancellable* */
- (GAsyncReadyCallback) add_account_cb,
- &data);
- g_main_loop_run (data.loop);
- if (data.error != NULL)
- goto out;
-
- ret = GOA_OBJECT (g_dbus_object_manager_get_object (goa_client_get_object_manager (client),
- data.account_object_path));
-
- out:
- /* We might have an object even when data.error is set.
- * eg., if we failed to store the credentials in the keyring.
- */
- if (data.error != NULL)
- g_propagate_error (error, data.error);
- else
- g_assert (ret != NULL);
-
- g_free (identity);
- g_free (presentation_identity);
- g_free (password);
- g_free (access_token);
- g_free (access_token_secret);
- g_free (session_handle);
- g_free (data.account_object_path);
- g_clear_pointer (&data.loop, (GDestroyNotify) g_main_loop_unref);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gboolean
-goa_oauth_provider_refresh_account (GoaProvider *_provider,
- GoaClient *client,
- GoaObject *object,
- GtkWindow *parent,
- GError **error)
-{
- GoaOAuthProvider *provider = GOA_OAUTH_PROVIDER (_provider);
- GoaAccount *account;
- GtkWidget *dialog;
- gchar *access_token = NULL;
- gchar *access_token_secret = NULL;
- gchar *password = NULL;
- gint access_token_expires_in;
- gchar *session_handle = NULL;
- gint session_handle_expires_in;
- gchar *identity = NULL;
- const gchar *existing_identity;
- const gchar *existing_presentation_identity;
- GVariantBuilder builder;
- gboolean ret = FALSE;
-
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), FALSE);
- g_return_val_if_fail (GOA_IS_CLIENT (client), FALSE);
- g_return_val_if_fail (GOA_IS_OBJECT (object), FALSE);
- g_return_val_if_fail (parent == NULL || GTK_IS_WINDOW (parent), FALSE);
- g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
-
- dialog = gtk_dialog_new_with_buttons (NULL,
- parent,
- GTK_DIALOG_MODAL
- | GTK_DIALOG_DESTROY_WITH_PARENT
- | GTK_DIALOG_USE_HEADER_BAR,
- NULL,
- NULL);
- gtk_container_set_border_width (GTK_CONTAINER (dialog), 12);
- gtk_window_set_resizable (GTK_WINDOW (dialog), FALSE);
- gtk_widget_show_all (dialog);
-
- account = goa_object_peek_account (object);
-
- /* We abuse presentation identity here because for some providers
- * identity can be a machine readable ID, which can not be used to
- * log in via the provider's web interface.
- */
- existing_presentation_identity = goa_account_get_presentation_identity (account);
- if (!get_tokens_and_identity (provider,
- FALSE,
- existing_presentation_identity,
- GTK_DIALOG (dialog),
- GTK_BOX (gtk_dialog_get_content_area (GTK_DIALOG (dialog))),
- &access_token,
- &access_token_secret,
- &access_token_expires_in,
- &session_handle,
- &session_handle_expires_in,
- &identity,
- NULL, /* out_presentation_identity */
- &password,
- error))
- goto out;
-
- /* Changes made to the web interface by the providers can break our
- * DOM parsing. So we should still query and check the identity
- * afterwards.
- */
- existing_identity = goa_account_get_identity (account);
- if (g_strcmp0 (identity, existing_identity) != 0)
- {
- g_set_error (error,
- GOA_ERROR,
- GOA_ERROR_FAILED,
- _("Was asked to log in as %s, but logged in as %s"),
- existing_identity,
- identity);
- goto out;
- }
-
- g_variant_builder_init (&builder, G_VARIANT_TYPE_VARDICT);
- g_variant_builder_add (&builder, "{sv}", "access_token", g_variant_new_string (access_token));
- g_variant_builder_add (&builder, "{sv}", "access_token_secret", g_variant_new_string (access_token_secret));
- if (access_token_expires_in > 0)
- g_variant_builder_add (&builder, "{sv}", "access_token_expires_at",
- g_variant_new_int64 (duration_to_abs_usec (access_token_expires_in)));
- if (session_handle != NULL)
- g_variant_builder_add (&builder, "{sv}", "session_handle", g_variant_new_string (session_handle));
- if (session_handle_expires_in > 0)
- g_variant_builder_add (&builder, "{sv}", "session_handle_expires_at",
- g_variant_new_int64 (duration_to_abs_usec (session_handle_expires_in)));
- if (password != NULL)
- g_variant_builder_add (&builder, "{sv}", "password", g_variant_new_string (password));
- /* TODO: run in worker thread */
- if (!goa_utils_store_credentials_for_object_sync (GOA_PROVIDER (provider),
- object,
- g_variant_builder_end (&builder),
- NULL, /* GCancellable */
- error))
- goto out;
-
- goa_account_call_ensure_credentials (goa_object_peek_account (object),
- NULL, /* GCancellable */
- NULL, NULL); /* callback, user_data */
-
- ret = TRUE;
-
- out:
- gtk_widget_destroy (dialog);
-
- g_free (identity);
- g_free (access_token);
- g_free (access_token_secret);
- g_free (password);
- g_free (session_handle);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
-free_mutex (GMutex *mutex)
-{
- g_mutex_clear (mutex);
- g_slice_free (GMutex, mutex);
-}
-
-/**
- * goa_oauth_provider_get_access_token_sync:
- * @provider: A #GoaOAuthProvider.
- * @object: A #GoaObject.
- * @force_refresh: If set to %TRUE, forces a refresh of the access token, if possible.
- * @out_access_token_secret: (out): The secret for the return access token.
- * @out_access_token_expires_in: (out): Return location for how many seconds the returned token is valid for (0 if unknown) or %NULL.
- * @cancellable: (allow-none): A #GCancellable or %NULL.
- * @error: Return location for error or %NULL.
- *
- * Synchronously gets an access token for @object. The calling thread
- * is blocked while the operation is pending.
- *
- * The resulting token is typically read from the local cache so most
- * of the time only a local roundtrip to the storage for the token
- * cache (e.g. <command>gnome-keyring-daemon</command>) is
- * needed. However, the operation may involve refreshing the token
- * with the service provider so a full network round-trip may be
- * needed.
- *
- * Note that multiple calls are serialized to avoid multiple
- * outstanding requests to the service provider.
- *
- * This operation may fail if e.g. unable to refresh the credentials
- * or if network connectivity is not available. Note that even if a
- * token is returned, the returned token isn't guaranteed to work -
- * use goa_provider_ensure_credentials_sync() if you need
- * stronger guarantees.
- *
- * Returns: The access token or %NULL if error is set. The returned
- * string must be freed with g_free().
- */
-gchar *
-goa_oauth_provider_get_access_token_sync (GoaOAuthProvider *provider,
- GoaObject *object,
- gboolean force_refresh,
- gchar **out_access_token_secret,
- gint *out_access_token_expires_in,
- GCancellable *cancellable,
- GError **error)
-{
- GVariant *credentials = NULL;
- GVariantIter iter;
- const gchar *key;
- GVariant *value;
- gchar *access_token = NULL;
- gchar *access_token_secret = NULL;
- gchar *session_handle = NULL;
- gchar *access_token_for_refresh = NULL;
- gchar *access_token_secret_for_refresh = NULL;
- gchar *session_handle_for_refresh = NULL;
- gchar *password = NULL;
- gint access_token_expires_in = 0;
- gint session_handle_expires_in = 0;
- gboolean success = FALSE;
- GVariantBuilder builder;
- gchar *ret = NULL;
- GMutex *lock;
-
- g_return_val_if_fail (GOA_IS_OAUTH_PROVIDER (provider), NULL);
- g_return_val_if_fail (GOA_IS_OBJECT (object), NULL);
- g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL);
- g_return_val_if_fail (error == NULL || *error == NULL, NULL);
-
- /* provider_lock is too coarse, use a per-object lock instead */
- G_LOCK (provider_lock);
- lock = g_object_get_data (G_OBJECT (object), "-goa-oauth-provider-get-access-token-lock");
- if (lock == NULL)
- {
- lock = g_slice_new0 (GMutex);
- g_mutex_init (lock);
- g_object_set_data_full (G_OBJECT (object),
- "-goa-oauth-provider-get-access-token-lock",
- lock,
- (GDestroyNotify) free_mutex);
- }
- G_UNLOCK (provider_lock);
-
- g_mutex_lock (lock);
-
- /* First, get the credentials from the keyring */
- credentials = goa_utils_lookup_credentials_sync (GOA_PROVIDER (provider),
- object,
- cancellable,
- error);
- if (credentials == NULL)
- {
- if (error != NULL)
- {
- (*error)->domain = GOA_ERROR;
- (*error)->code = GOA_ERROR_NOT_AUTHORIZED;
- }
- goto out;
- }
-
- g_variant_iter_init (&iter, credentials);
- while (g_variant_iter_next (&iter, "{&sv}", &key, &value))
- {
- if (g_strcmp0 (key, "access_token") == 0)
- access_token = g_variant_dup_string (value, NULL);
- else if (g_strcmp0 (key, "access_token_secret") == 0)
- access_token_secret = g_variant_dup_string (value, NULL);
- else if (g_strcmp0 (key, "access_token_expires_at") == 0)
- access_token_expires_in = abs_usec_to_duration (g_variant_get_int64 (value));
- else if (g_strcmp0 (key, "session_handle") == 0)
- session_handle = g_variant_dup_string (value, NULL);
- else if (g_strcmp0 (key, "session_handle_expires_at") == 0)
- session_handle_expires_in = abs_usec_to_duration (g_variant_get_int64 (value));
- else if (g_strcmp0 (key, "password") == 0)
- password = g_variant_dup_string (value, NULL);
- g_variant_unref (value);
- }
-
- if (access_token == NULL || access_token_secret == NULL)
- {
- g_set_error (error,
- GOA_ERROR,
- GOA_ERROR_NOT_AUTHORIZED,
- _("Credentials do not contain access_token or access_token_secret"));
- goto out;
- }
-
- /* if we can't refresh the token, just return it no matter what */
- if (session_handle == NULL)
- {
- g_debug ("Returning locally cached credentials that cannot be refreshed");
- success = TRUE;
- goto out;
- }
-
- /* If access_token is still "fresh enough" (e.g. more than ten
- * minutes of life left in it), just return it unless we've been
- * asked to forcibly refresh it
- */
- if (!force_refresh && access_token_expires_in > 10*60)
- {
- g_debug ("Returning locally cached credentials (expires in %d seconds)", access_token_expires_in);
- success = TRUE;
- goto out;
- }
-
- g_debug ("Refreshing locally cached credentials (expires in %d seconds, force_refresh=%d)", access_token_expires_in, force_refresh);
-
- /* Otherwise, refresh it */
- access_token_for_refresh = access_token; access_token = NULL;
- access_token_secret_for_refresh = access_token_secret; access_token_secret = NULL;
- session_handle_for_refresh = session_handle; session_handle = NULL;
- access_token = get_tokens_sync (provider,
- access_token_for_refresh,
- access_token_secret_for_refresh,
- session_handle_for_refresh,
- NULL, /* verifier */
- &access_token_secret,
- &access_token_expires_in,
- &session_handle,
- &session_handle_expires_in,
- cancellable,
- error);
- if (access_token == NULL)
- {
- if (error != NULL)
- {
- g_prefix_error (error, _("Failed to refresh access token (%s, %d): "),
- g_quark_to_string ((*error)->domain), (*error)->code);
- (*error)->code = is_authorization_error (*error) ? GOA_ERROR_NOT_AUTHORIZED : GOA_ERROR_FAILED;
- (*error)->domain = GOA_ERROR;
- }
- goto out;
- }
-
- /* Good. Now update the keyring with the refreshed credentials */
- g_variant_builder_init (&builder, G_VARIANT_TYPE_VARDICT);
- g_variant_builder_add (&builder, "{sv}", "access_token", g_variant_new_string (access_token));
- g_variant_builder_add (&builder, "{sv}", "access_token_secret", g_variant_new_string (access_token_secret));
- if (access_token_expires_in > 0)
- g_variant_builder_add (&builder, "{sv}", "access_token_expires_at",
- g_variant_new_int64 (duration_to_abs_usec (access_token_expires_in)));
- if (session_handle != NULL)
- g_variant_builder_add (&builder, "{sv}", "session_handle", g_variant_new_string (session_handle));
- if (session_handle_expires_in > 0)
- g_variant_builder_add (&builder, "{sv}", "session_handle_expires_at",
- g_variant_new_int64 (duration_to_abs_usec (session_handle_expires_in)));
- if (password != NULL)
- g_variant_builder_add (&builder, "{sv}", "password", g_variant_new_string (password));
-
- /* TODO: run in worker thread */
- if (!goa_utils_store_credentials_for_object_sync (GOA_PROVIDER (provider),
- object,
- g_variant_builder_end (&builder),
- cancellable,
- error))
- {
- if (error != NULL)
- {
- (*error)->domain = GOA_ERROR;
- (*error)->code = GOA_ERROR_NOT_AUTHORIZED;
- }
- goto out;
- }
-
- success = TRUE;
-
- out:
- if (success)
- {
- ret = access_token; access_token = NULL;
- g_assert (ret != NULL);
- if (out_access_token_secret != NULL)
- {
- *out_access_token_secret = access_token_secret; access_token_secret = NULL;
- }
- if (out_access_token_expires_in != NULL)
- *out_access_token_expires_in = access_token_expires_in;
- }
- g_free (access_token);
- g_free (access_token_secret);
- g_free (session_handle);
- g_free (access_token_for_refresh);
- g_free (access_token_secret_for_refresh);
- g_free (session_handle_for_refresh);
- g_free (password);
- g_clear_pointer (&credentials, (GDestroyNotify) g_variant_unref);
-
- g_mutex_unlock (lock);
-
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gboolean on_handle_get_access_token (GoaOAuthBased *object,
- GDBusMethodInvocation *invocation,
- gpointer user_data);
-
-static gboolean
-goa_oauth_provider_build_object (GoaProvider *provider,
- GoaObjectSkeleton *object,
- GKeyFile *key_file,
- const gchar *group,
- GDBusConnection *connection,
- gboolean just_added,
- GError **error)
-{
- GoaOAuthBased *oauth_based;
- gchar *identity;
-
- identity = NULL;
-
- oauth_based = goa_object_get_oauth_based (GOA_OBJECT (object));
- if (oauth_based != NULL)
- goto out;
-
- oauth_based = goa_oauth_based_skeleton_new ();
- goa_oauth_based_set_consumer_key (oauth_based,
- goa_oauth_provider_get_consumer_key (GOA_OAUTH_PROVIDER (provider)));
- goa_oauth_based_set_consumer_secret (oauth_based,
- goa_oauth_provider_get_consumer_secret (GOA_OAUTH_PROVIDER (provider)));
- /* Ensure D-Bus method invocations run in their own thread */
- g_dbus_interface_skeleton_set_flags (G_DBUS_INTERFACE_SKELETON (oauth_based),
- G_DBUS_INTERFACE_SKELETON_FLAGS_HANDLE_METHOD_INVOCATIONS_IN_THREAD);
- goa_object_skeleton_set_oauth_based (object, oauth_based);
- g_signal_connect (oauth_based,
- "handle-get-access-token",
- G_CALLBACK (on_handle_get_access_token),
- NULL);
-
- out:
- g_object_unref (oauth_based);
- g_free (identity);
- return TRUE;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gboolean
-goa_oauth_provider_ensure_credentials_sync (GoaProvider *_provider,
- GoaObject *object,
- gint *out_expires_in,
- GCancellable *cancellable,
- GError **error)
-{
- GoaOAuthProvider *provider = GOA_OAUTH_PROVIDER (_provider);
- gboolean ret = FALSE;
- gchar *access_token = NULL;
- gchar *access_token_secret = NULL;
- gint access_token_expires_in;
- gchar *identity = NULL;
- gboolean force_refresh = FALSE;
-
- again:
- access_token = goa_oauth_provider_get_access_token_sync (provider,
- object,
- force_refresh,
- &access_token_secret,
- &access_token_expires_in,
- cancellable,
- error);
- if (access_token == NULL)
- goto out;
-
- identity = goa_oauth_provider_get_identity_sync (provider,
- access_token,
- access_token_secret,
- NULL, /* out_presentation_identity */
- cancellable,
- error);
- if (identity == NULL)
- {
- /* OK, try again, with forcing the locally cached credentials to be refreshed */
- if (!force_refresh)
- {
- force_refresh = TRUE;
- g_free (access_token); access_token = NULL;
- g_free (access_token_secret); access_token_secret = NULL;
- g_clear_error (error);
- goto again;
- }
- else
- {
- goto out;
- }
- }
-
- /* TODO: maybe check with the identity we have */
- ret = TRUE;
- if (out_expires_in != NULL)
- *out_expires_in = access_token_expires_in;
-
- out:
- g_free (identity);
- g_free (access_token);
- g_free (access_token_secret);
- return ret;
-}
-
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static void
-goa_oauth_provider_init (GoaOAuthProvider *client)
-{
-}
-
-static void
-goa_oauth_provider_class_init (GoaOAuthProviderClass *klass)
-{
- GoaProviderClass *provider_class;
-
- provider_class = GOA_PROVIDER_CLASS (klass);
- provider_class->add_account = goa_oauth_provider_add_account;
- provider_class->refresh_account = goa_oauth_provider_refresh_account;
- provider_class->build_object = goa_oauth_provider_build_object;
- provider_class->ensure_credentials_sync = goa_oauth_provider_ensure_credentials_sync;
-
- klass->build_authorization_uri = goa_oauth_provider_build_authorization_uri_default;
- klass->get_use_mobile_browser = goa_oauth_provider_get_use_mobile_browser_default;
- klass->is_deny_node = goa_oauth_provider_is_deny_node_default;
- klass->is_password_node = goa_oauth_provider_is_password_node_default;
- klass->get_request_uri_params = goa_oauth_provider_get_request_uri_params_default;
- klass->add_account_key_values = goa_oauth_provider_add_account_key_values_default;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-/* runs in a thread dedicated to handling @invocation */
-static gboolean
-on_handle_get_access_token (GoaOAuthBased *interface,
- GDBusMethodInvocation *invocation,
- gpointer user_data)
-{
- GoaObject *object;
- GoaAccount *account;
- GoaProvider *provider;
- GError *error;
- const gchar *id;
- const gchar *method_name;
- const gchar *provider_type;
- gchar *access_token = NULL;
- gchar *access_token_secret = NULL;
- gint access_token_expires_in;
-
- /* TODO: maybe log what app is requesting access */
-
- object = GOA_OBJECT (g_dbus_interface_get_object (G_DBUS_INTERFACE (interface)));
- account = goa_object_peek_account (object);
-
- id = goa_account_get_id (account);
- provider_type = goa_account_get_provider_type (account);
- method_name = g_dbus_method_invocation_get_method_name (invocation);
- g_debug ("Handling %s for account (%s, %s)", method_name, provider_type, id);
-
- provider = goa_provider_get_for_provider_type (provider_type);
-
- error = NULL;
- access_token = goa_oauth_provider_get_access_token_sync (GOA_OAUTH_PROVIDER (provider),
- object,
- FALSE, /* force_refresh */
- &access_token_secret,
- &access_token_expires_in,
- NULL, /* GCancellable* */
- &error);
- if (access_token == NULL)
- {
- g_dbus_method_invocation_take_error (invocation, error);
- }
- else
- {
- goa_oauth_based_complete_get_access_token (interface,
- invocation,
- access_token,
- access_token_secret,
- access_token_expires_in);
- }
- g_free (access_token);
- g_free (access_token_secret);
- g_object_unref (provider);
- return TRUE; /* invocation was handled */
-}
diff --git a/src/goabackend/goaoauthprovider.h b/src/goabackend/goaoauthprovider.h
deleted file mode 100644
index d4ffa3c..0000000
--- a/src/goabackend/goaoauthprovider.h
+++ /dev/null
@@ -1,143 +0,0 @@
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
-/*
- * Copyright © 2011 2017 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#if !defined (__GOA_BACKEND_INSIDE_GOA_BACKEND_H__) && !defined (GOA_BACKEND_COMPILATION)
-#error "Only <goabackend/goabackend.h> can be included directly."
-#endif
-
-#ifndef __GOA_OAUTH_PROVIDER_H__
-#define __GOA_OAUTH_PROVIDER_H__
-
-#include <goabackend/goaprovider.h>
-#include <goabackend/goaprovider-priv.h>
-#include <rest/rest-proxy-call.h>
-#include <webkitdom/webkitdom.h>
-
-G_BEGIN_DECLS
-
-#define GOA_TYPE_OAUTH_PROVIDER (goa_oauth_provider_get_type ())
-G_DECLARE_DERIVABLE_TYPE (GoaOAuthProvider, goa_oauth_provider, GOA, OAUTH_PROVIDER, GoaProvider);
-
-/**
- * GoaOAuthProvider:
- *
- * The #GoaOAuthProvider structure contains only private data and should
- * only be accessed using the provided API.
- */
-
-/**
- * GoaOAuthProviderClass:
- * @parent_class: The parent class.
- * @get_consumer_key: Virtual function for goa_oauth_provider_get_consumer_key().
- * @get_consumer_secret: Virtual function for goa_oauth_provider_get_consumer_secret().
- * @get_request_uri: Virtual function for goa_oauth_provider_get_request_uri().
- * @get_authorization_uri: Virtual function for goa_oauth_provider_get_authorization_uri().
- * @get_token_uri: Virtual function for goa_oauth_provider_get_token_uri().
- * @get_callback_uri: Virtual function for goa_oauth_provider_get_callback_uri().
- * @get_identity_sync: Virtual function for goa_oauth_provider_get_identity_sync().
- * @parse_request_token_error: Virtual function for goa_oauth_provider_parse_request_token_error().
- * @build_authorization_uri: Virtual function for goa_oauth_provider_build_authorization_uri().
- * @get_use_mobile_browser: Virtual function for goa_oauth_provider_get_use_mobile_browser().
- * @get_request_uri_params: Virtual function for goa_oauth_provider_get_request_uri_params().
- * @add_account_key_values: Virtual function for goa_oauth_provider_add_account_key_values().
- * @is_deny_node: Virtual function for goa_oauth_provider_is_deny_node().
- * @is_identity_node: Virtual function for goa_oauth_provider_is_identity_node().
- * @is_password_node: Virtual function for goa_oauth_provider_is_password_node().
- *
- * Class structure for #GoaOAuthProvider.
- */
-struct _GoaOAuthProviderClass
-{
- GoaProviderClass parent_class;
-
- /* pure virtual */
- const gchar *(*get_consumer_key) (GoaOAuthProvider *provider);
- const gchar *(*get_consumer_secret) (GoaOAuthProvider *provider);
- const gchar *(*get_request_uri) (GoaOAuthProvider *provider);
- const gchar *(*get_authorization_uri) (GoaOAuthProvider *provider);
- const gchar *(*get_token_uri) (GoaOAuthProvider *provider);
- const gchar *(*get_callback_uri) (GoaOAuthProvider *provider);
-
- gchar *(*get_identity_sync) (GoaOAuthProvider *provider,
- const gchar *access_token,
- const gchar *access_token_secret,
- gchar **out_presentation_identity,
- GCancellable *cancellable,
- GError **error);
-
- gchar *(*parse_request_token_error) (GoaOAuthProvider *provider,
- RestProxyCall *call);
-
- /* virtual but with default implementation */
- gchar *(*build_authorization_uri) (GoaOAuthProvider *provider,
- const gchar *authorization_uri,
- const gchar *escaped_oauth_token);
- gboolean (*get_use_mobile_browser) (GoaOAuthProvider *provider);
- gchar **(*get_request_uri_params) (GoaOAuthProvider *provider);
- void (*add_account_key_values) (GoaOAuthProvider *provider,
- GVariantBuilder *builder);
-
- /* pure virtual */
- gboolean (*is_identity_node) (GoaOAuthProvider *provider,
- WebKitDOMHTMLInputElement *element);
-
- /* virtual but with default implementation */
- gboolean (*is_deny_node) (GoaOAuthProvider *provider,
- WebKitDOMNode *node);
- gboolean (*is_password_node) (GoaOAuthProvider *provider,
- WebKitDOMHTMLInputElement *element);
-};
-
-const gchar *goa_oauth_provider_get_consumer_key (GoaOAuthProvider *provider);
-const gchar *goa_oauth_provider_get_consumer_secret (GoaOAuthProvider *provider);
-const gchar *goa_oauth_provider_get_request_uri (GoaOAuthProvider *provider);
-gchar **goa_oauth_provider_get_request_uri_params (GoaOAuthProvider *provider);
-const gchar *goa_oauth_provider_get_authorization_uri (GoaOAuthProvider *provider);
-const gchar *goa_oauth_provider_get_token_uri (GoaOAuthProvider *provider);
-const gchar *goa_oauth_provider_get_callback_uri (GoaOAuthProvider *provider);
-gchar *goa_oauth_provider_get_identity_sync (GoaOAuthProvider *provider,
- const gchar *access_token,
- const gchar *access_token_secret,
- gchar **out_presentation_identity,
- GCancellable *cancellable,
- GError **error);
-gboolean goa_oauth_provider_is_deny_node (GoaOAuthProvider *provider,
- WebKitDOMNode *node);
-gboolean goa_oauth_provider_is_identity_node (GoaOAuthProvider *provider,
- WebKitDOMHTMLInputElement *element);
-gboolean goa_oauth_provider_is_password_node (GoaOAuthProvider *provider,
- WebKitDOMHTMLInputElement *element);
-gchar *goa_oauth_provider_parse_request_token_error (GoaOAuthProvider *provider,
- RestProxyCall *call);
-gchar *goa_oauth_provider_get_access_token_sync (GoaOAuthProvider *provider,
- GoaObject *object,
- gboolean force_refresh,
- gchar **out_access_token_secret,
- gint *out_access_token_expires_in,
- GCancellable *cancellable,
- GError **error);
-gchar *goa_oauth_provider_build_authorization_uri (GoaOAuthProvider *provider,
- const gchar *authorization_uri,
- const gchar *escaped_oauth_token);
-gboolean goa_oauth_provider_get_use_mobile_browser (GoaOAuthProvider *provider);
-void goa_oauth_provider_add_account_key_values (GoaOAuthProvider *provider,
- GVariantBuilder *builder);
-
-G_END_DECLS
-
-#endif /* __GOA_OAUTH_PROVIDER_H__ */
diff --git a/src/goabackend/goapocketprovider.c b/src/goabackend/goapocketprovider.c
index 38f9863..0d1a8ce 100644
--- a/src/goabackend/goapocketprovider.c
+++ b/src/goabackend/goapocketprovider.c
@@ -185,32 +185,6 @@ build_authorization_uri (GoaOAuth2Provider *oauth2_provider,
return url;
}
-static gboolean
-decide_navigation_policy (GoaOAuth2Provider *oauth2_provider,
- WebKitWebView *web_view,
- WebKitNavigationPolicyDecision *decision)
-{
- GoaPocketProvider *self = GOA_POCKET_PROVIDER (oauth2_provider);
- WebKitNavigationAction *action;
- WebKitURIRequest *request;
- gboolean ret = FALSE;
- const gchar *uri;
-
- action = webkit_navigation_policy_decision_get_navigation_action (decision);
- request = webkit_navigation_action_get_request (action);
- uri = webkit_uri_request_get_uri (request);
- if (!g_str_has_prefix (uri, "https://getpocket.com/a/"))
- goto out;
-
- webkit_uri_request_set_uri (request, self->authorization_uri);
- webkit_web_view_load_request (web_view, request);
-
- ret = TRUE;
-
- out:
- return ret;
-}
-
static gboolean
process_redirect_url (GoaOAuth2Provider *oauth2_provider,
const gchar *redirect_url,
@@ -279,68 +253,6 @@ get_identity_sync (GoaOAuth2Provider *oauth2_provider,
/* ---------------------------------------------------------------------------------------------------- */
-static gboolean
-is_deny_node (GoaOAuth2Provider *oauth2_provider, WebKitDOMNode *node)
-{
- WebKitDOMElement *element;
- gboolean ret = FALSE;
- gchar *id = NULL;
- gchar *class = NULL;
- gchar *text = NULL;
-
- if (!WEBKIT_DOM_IS_ELEMENT (node))
- goto out;
-
- element = WEBKIT_DOM_ELEMENT (node);
-
- /* Desktop version */
- id = webkit_dom_element_get_id (element);
- if (g_strcmp0 (id, "denyButton") == 0)
- {
- ret = TRUE;
- goto out;
- }
-
- /* Mobile version */
- class = webkit_dom_element_get_class_name (element);
- if (g_strcmp0 (class, "toolbarButton") != 0)
- goto out;
-
- /* FIXME: This only seems to work if we don't click on the "Sign Up"
- * button, does the check need to be done again? */
- text = webkit_dom_node_get_text_content (node);
- if (g_strcmp0 (text, "Cancel") != 0)
- goto out;
-
- ret = TRUE;
-
- out:
- g_free (id);
- g_free (class);
- g_free (text);
- return ret;
-}
-
-static gboolean
-is_identity_node (GoaOAuth2Provider *oauth2_provider, WebKitDOMHTMLInputElement *element)
-{
- gboolean ret = FALSE;
- gchar *name;
-
- name = webkit_dom_html_input_element_get_name (element);
- if (g_strcmp0 (name, "feed_id") != 0)
- goto out;
-
- ret = TRUE;
-
-out:
- g_free (name);
- return ret;
-
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
static gboolean
build_object (GoaProvider *provider,
GoaObjectSkeleton *object,
@@ -431,15 +343,12 @@ goa_pocket_provider_class_init (GoaPocketProviderClass *klass)
provider_class->build_object = build_object;
oauth2_class->build_authorization_uri = build_authorization_uri;
- oauth2_class->decide_navigation_policy = decide_navigation_policy;
oauth2_class->get_authorization_uri = get_authorization_uri;
oauth2_class->get_token_uri = get_token_uri;
oauth2_class->get_redirect_uri = get_redirect_uri;
oauth2_class->get_client_id = get_client_id;
oauth2_class->get_client_secret = get_client_secret;
oauth2_class->get_identity_sync = get_identity_sync;
- oauth2_class->is_deny_node = is_deny_node;
- oauth2_class->is_identity_node = is_identity_node;
oauth2_class->add_account_key_values = add_account_key_values;
oauth2_class->process_redirect_url = process_redirect_url;
}
diff --git a/src/goabackend/goaprovider.c b/src/goabackend/goaprovider.c
index c8f7f0d..fe8ce22 100644
--- a/src/goabackend/goaprovider.c
+++ b/src/goabackend/goaprovider.c
@@ -28,7 +28,6 @@
#include "goafacebookprovider.h"
#include "goaimapsmtpprovider.h"
#include "goaowncloudprovider.h"
-#include "goaflickrprovider.h"
#include "goafoursquareprovider.h"
#include "goawindowsliveprovider.h"
#include "goatelepathyfactory.h"
@@ -968,9 +967,6 @@ static struct
#ifdef GOA_WINDOWS_LIVE_ENABLED
{ GOA_WINDOWS_LIVE_NAME, goa_windows_live_provider_get_type },
#endif
-#ifdef GOA_FLICKR_ENABLED
- { GOA_FLICKR_NAME, goa_flickr_provider_get_type },
-#endif
#ifdef GOA_POCKET_ENABLED
{ GOA_POCKET_NAME, goa_pocket_provider_get_type },
#endif
diff --git a/src/goabackend/goatodoistprovider.c b/src/goabackend/goatodoistprovider.c
index d97c33c..7f17a59 100644
--- a/src/goabackend/goatodoistprovider.c
+++ b/src/goabackend/goatodoistprovider.c
@@ -133,33 +133,6 @@ build_authorization_uri (GoaOAuth2Provider *oauth2_provider,
/* ---------------------------------------------------------------------------------------------------- */
-static gboolean
-is_identity_node (GoaOAuth2Provider *oauth2_provider, WebKitDOMHTMLInputElement *element)
-{
- gboolean ret = FALSE;
- gchar *element_type = NULL;
- gchar *id = NULL;
- gchar *name = NULL;
-
- g_object_get (element, "type", &element_type, NULL);
- if (g_strcmp0 (element_type, "email") != 0)
- goto out;
-
- id = webkit_dom_element_get_id (WEBKIT_DOM_ELEMENT (element));
- if (g_strcmp0 (id, "email") != 0)
- goto out;
-
- ret = TRUE;
-
- out:
- g_free (element_type);
- g_free (id);
- g_free (name);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
static gchar *
get_identity_sync (GoaOAuth2Provider *oauth2_provider,
const gchar *access_token,
@@ -337,6 +310,5 @@ goa_todoist_provider_class_init (GoaTodoistProviderClass *klass)
oauth2_class->get_client_secret = get_client_secret;
oauth2_class->get_scope = get_scope;
oauth2_class->get_identity_sync = get_identity_sync;
- oauth2_class->is_identity_node = is_identity_node;
oauth2_class->add_account_key_values = add_account_key_values;
}
diff --git a/src/goabackend/goawebextension.c b/src/goabackend/goawebextension.c
deleted file mode 100644
index 6a25ab9..0000000
--- a/src/goabackend/goawebextension.c
+++ /dev/null
@@ -1,273 +0,0 @@
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
-/*
- * Copyright © 2015 Damián Nohales
- * Copyright © 2015 2017 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "config.h"
-
-#include <webkitdom/webkitdom.h>
-
-#include "goaoauthprovider.h"
-#include "goaoauth2provider.h"
-#include "goaoauth2provider-web-extension.h"
-#include "goaprovider.h"
-#include "goawebextension.h"
-
-struct _GoaWebExtension
-{
- GObject parent;
- GoaProvider *provider;
- WebKitWebExtension *wk_extension;
- gchar *existing_identity;
- gchar *provider_type;
-};
-
-struct _GoaWebExtensionClass
-{
- GObjectClass parent;
-};
-
-enum
-{
- PROP_0,
- PROP_EXISTING_IDENTITY,
- PROP_PROVIDER_TYPE,
- PROP_WK_EXTENSION
-};
-
-G_DEFINE_TYPE (GoaWebExtension, goa_web_extension, G_TYPE_OBJECT)
-
-static void
-web_extension_dom_node_deny_click_cb (WebKitDOMNode *element, WebKitDOMEvent *event, gpointer user_data)
-{
- WebKitDOMDOMWindow *dom_window = WEBKIT_DOM_DOM_WINDOW (user_data);
- webkit_dom_dom_window_webkit_message_handlers_post_message (dom_window, "deny-click", "");
-}
-
-static void
-web_extension_dom_node_password_submit_cb (WebKitDOMNode *element, WebKitDOMEvent *event, gpointer user_data)
-{
- WebKitDOMDOMWindow *dom_window = WEBKIT_DOM_DOM_WINDOW (user_data);
- WebKitDOMHTMLInputElement *password_node;
- gchar *password;
-
- password_node = WEBKIT_DOM_HTML_INPUT_ELEMENT (g_object_get_data (G_OBJECT (dom_window), "goa-password-node"));
- password = webkit_dom_html_input_element_get_value (password_node);
- webkit_dom_dom_window_webkit_message_handlers_post_message (dom_window, "password-submit", password);
- g_free (password);
-}
-
-static void
-web_extension_document_loaded_cb (WebKitWebPage *web_page, gpointer user_data)
-{
- GoaWebExtension *self = GOA_WEB_EXTENSION (user_data);
- WebKitDOMDocument *document;
- WebKitDOMDOMWindow *dom_window;
- WebKitDOMHTMLCollection *elements = NULL;
- gulong element_count;
- gulong i;
-
- document = webkit_web_page_get_dom_document (web_page);
- elements = webkit_dom_document_get_elements_by_tag_name_as_html_collection (document, "*");
- element_count = webkit_dom_html_collection_get_length (elements);
-
- dom_window = webkit_dom_document_get_default_view (document);
-
- for (i = 0; i < element_count; i++)
- {
- WebKitDOMNode *element = webkit_dom_html_collection_item (elements, i);
-
- if ((GOA_IS_OAUTH_PROVIDER (self->provider)
- && goa_oauth_provider_is_deny_node (GOA_OAUTH_PROVIDER (self->provider), element))
- || (GOA_IS_OAUTH2_PROVIDER (self->provider)
- && goa_oauth2_provider_is_deny_node (GOA_OAUTH2_PROVIDER (self->provider), element)))
- {
- webkit_dom_event_target_add_event_listener (WEBKIT_DOM_EVENT_TARGET (element),
- "click",
- G_CALLBACK (web_extension_dom_node_deny_click_cb),
- FALSE,
- dom_window);
- }
- else if (self->existing_identity != NULL
- && self->existing_identity[0] != '\0'
- && WEBKIT_DOM_IS_HTML_INPUT_ELEMENT (element)
- && ((GOA_IS_OAUTH_PROVIDER (self->provider)
- && goa_oauth_provider_is_identity_node (GOA_OAUTH_PROVIDER (self->provider),
- WEBKIT_DOM_HTML_INPUT_ELEMENT (element)))
- || (GOA_IS_OAUTH2_PROVIDER (self->provider)
- && goa_oauth2_provider_is_identity_node (GOA_OAUTH2_PROVIDER (self->provider),
- WEBKIT_DOM_HTML_INPUT_ELEMENT (element)))))
- {
- webkit_dom_html_input_element_set_value (WEBKIT_DOM_HTML_INPUT_ELEMENT (element),
- self->existing_identity);
- webkit_dom_html_input_element_set_read_only (WEBKIT_DOM_HTML_INPUT_ELEMENT (element), TRUE);
- }
- else if (WEBKIT_DOM_IS_HTML_INPUT_ELEMENT (element)
- && ((GOA_IS_OAUTH_PROVIDER (self->provider)
- && goa_oauth_provider_is_password_node (GOA_OAUTH_PROVIDER (self->provider),
- WEBKIT_DOM_HTML_INPUT_ELEMENT (element)))
- || (GOA_IS_OAUTH2_PROVIDER (self->provider)
- && goa_oauth2_provider_is_password_node (GOA_OAUTH2_PROVIDER (self->provider),
- WEBKIT_DOM_HTML_INPUT_ELEMENT (element)))))
- {
- WebKitDOMHTMLFormElement *form;
-
- form = webkit_dom_html_input_element_get_form (WEBKIT_DOM_HTML_INPUT_ELEMENT (element));
- if (form != NULL)
- {
- g_object_set_data_full (G_OBJECT (dom_window),
- "goa-password-node",
- g_object_ref (element),
- g_object_unref);
- webkit_dom_event_target_add_event_listener (WEBKIT_DOM_EVENT_TARGET (form),
- "submit",
- G_CALLBACK (web_extension_dom_node_password_submit_cb),
- FALSE,
- dom_window);
- }
- }
- }
-
- g_clear_object (&elements);
-}
-
-static void
-web_extension_page_created_cb (GoaWebExtension *self, WebKitWebPage *web_page)
-{
- g_signal_connect_object (web_page, "document-loaded", G_CALLBACK (web_extension_document_loaded_cb), self, 0);
-}
-
-static void
-goa_web_extension_constructed (GObject *object)
-{
- GoaWebExtension *self = GOA_WEB_EXTENSION (object);
-
- G_OBJECT_CLASS (goa_web_extension_parent_class)->constructed (object);
-
- self->provider = goa_provider_get_for_provider_type (self->provider_type);
-
- g_signal_connect_object (self->wk_extension,
- "page-created",
- G_CALLBACK (web_extension_page_created_cb),
- self,
- G_CONNECT_SWAPPED);
-}
-
-static void
-goa_web_extension_dispose (GObject *object)
-{
- GoaWebExtension *self = GOA_WEB_EXTENSION (object);
-
- g_clear_object (&self->provider);
- g_clear_object (&self->wk_extension);
-
- G_OBJECT_CLASS (goa_web_extension_parent_class)->dispose (object);
-}
-
-static void
-goa_web_extension_finalize (GObject *object)
-{
- GoaWebExtension *self = GOA_WEB_EXTENSION (object);
-
- g_free (self->existing_identity);
- g_free (self->provider_type);
-
- G_OBJECT_CLASS (goa_web_extension_parent_class)->finalize (object);
-}
-
-static void
-goa_web_extension_set_property (GObject *object, guint prop_id, const GValue *value, GParamSpec *pspec)
-{
- GoaWebExtension *self = GOA_WEB_EXTENSION (object);
-
- switch (prop_id)
- {
- case PROP_EXISTING_IDENTITY:
- self->existing_identity = g_value_dup_string (value);
- break;
-
- case PROP_PROVIDER_TYPE:
- self->provider_type = g_value_dup_string (value);
- break;
-
- case PROP_WK_EXTENSION:
- self->wk_extension = WEBKIT_WEB_EXTENSION (g_value_dup_object (value));
- break;
-
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
-}
-
-static void
-goa_web_extension_class_init (GoaWebExtensionClass *klass)
-{
- GObjectClass *object_class = G_OBJECT_CLASS (klass);
-
- object_class->constructed = goa_web_extension_constructed;
- object_class->dispose = goa_web_extension_dispose;
- object_class->finalize = goa_web_extension_finalize;
- object_class->set_property = goa_web_extension_set_property;
-
- g_object_class_install_property (object_class,
- PROP_EXISTING_IDENTITY,
- g_param_spec_string ("existing-identity",
- "A GoaAccount identity",
- "The user name with which we want to prefill the form",
- NULL,
- G_PARAM_WRITABLE |
- G_PARAM_CONSTRUCT_ONLY |
- G_PARAM_STATIC_STRINGS));
-
- g_object_class_install_property (object_class,
- PROP_PROVIDER_TYPE,
- g_param_spec_string ("provider-type",
- "A GoaProvider type",
- "The provider type that is represented by this view",
- NULL,
- G_PARAM_WRITABLE |
- G_PARAM_CONSTRUCT_ONLY |
- G_PARAM_STATIC_STRINGS));
-
- g_object_class_install_property (object_class,
- PROP_WK_EXTENSION,
- g_param_spec_object ("wk-extension",
- "A WebKitWebExtension",
- "The associated WebKitWebExtension",
- WEBKIT_TYPE_WEB_EXTENSION,
- G_PARAM_WRITABLE |
- G_PARAM_CONSTRUCT_ONLY |
- G_PARAM_STATIC_STRINGS));
-}
-
-static void
-goa_web_extension_init (GoaWebExtension *self)
-{
-}
-
-GoaWebExtension *
-goa_web_extension_new (WebKitWebExtension *wk_extension,
- const gchar *provider_type,
- const gchar *existing_identity)
-{
- return g_object_new (GOA_TYPE_WEB_EXTENSION,
- "existing-identity", existing_identity,
- "provider-type", provider_type,
- "wk-extension", wk_extension,
- NULL);
-}
diff --git a/src/goabackend/goawebextension.h b/src/goabackend/goawebextension.h
deleted file mode 100644
index 4a8cf8f..0000000
--- a/src/goabackend/goawebextension.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
-/*
- * Copyright © 2015 Damián Nohales
- * Copyright © 2015 2017 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef __GOA_WEB_EXTENSION_H__
-#define __GOA_WEB_EXTENSION_H__
-
-#include <glib-object.h>
-#include <webkit2/webkit-web-extension.h>
-
-G_BEGIN_DECLS
-
-#define GOA_TYPE_WEB_EXTENSION (goa_web_extension_get_type())
-#define GOA_WEB_EXTENSION(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GOA_TYPE_WEB_EXTENSION, GoaWebExtension))
-#define GOA_IS_WEB_EXTENSION(obj) (G_TYPE_CHECK_INSTANCE_TYPE ((obj), GOA_TYPE_WEB_EXTENSION))
-
-typedef struct _GoaWebExtension GoaWebExtension;
-typedef struct _GoaWebExtensionClass GoaWebExtensionClass;
-
-GType goa_web_extension_get_type (void);
-GoaWebExtension *goa_web_extension_new (WebKitWebExtension *wk_extension,
- const gchar *provider_type,
- const gchar *existing_identity);
-
-G_END_DECLS
-
-#endif /* __GOA_WEB_EXTENSION_H__ */
diff --git a/src/goabackend/goawebextensionmain.c b/src/goabackend/goawebextensionmain.c
deleted file mode 100644
index 4fc91e5..0000000
--- a/src/goabackend/goawebextensionmain.c
+++ /dev/null
@@ -1,53 +0,0 @@
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
-/*
- * Copyright © 2015 Damián Nohales
- * Copyright © 2015 2017 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "config.h"
-
-#include <gmodule.h>
-#include <webkit2/webkit-web-extension.h>
-
-#include "goawebextension.h"
-
-static GoaWebExtension *the_extension;
-
-/* Silence -Wmissing-prototypes */
-void webkit_web_extension_initialize (WebKitWebExtension *wk_extension);
-void webkit_web_extension_initialize_with_user_data (WebKitWebExtension *wk_extension, GVariant *user_data);
-
-G_MODULE_EXPORT void
-webkit_web_extension_initialize (WebKitWebExtension *wk_extension)
-{
- g_warning ("Error initializing web extension: user data not set");
-}
-
-G_MODULE_EXPORT void
-webkit_web_extension_initialize_with_user_data (WebKitWebExtension *wk_extension, GVariant *user_data)
-{
- const gchar *existing_identity;
- const gchar *provider_type;
-
- g_variant_get (user_data, "(&s&s)", &provider_type, &existing_identity);
- the_extension = goa_web_extension_new (wk_extension, provider_type, existing_identity);
-}
-
-static void __attribute__((destructor))
-goa_web_extension_shutdown (void)
-{
- g_clear_object (&the_extension);
-}
diff --git a/src/goabackend/goawebview.c b/src/goabackend/goawebview.c
deleted file mode 100644
index b7af122..0000000
--- a/src/goabackend/goawebview.c
+++ /dev/null
@@ -1,501 +0,0 @@
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*-
- *
- * Copyright © 2015 Damián Nohales
- * Copyright © 2012 2017 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-/* Based on code by the Epiphany team.
- */
-
-#include "config.h"
-
-#include <glib.h>
-#include <glib/gi18n-lib.h>
-#include <JavaScriptCore/JavaScript.h>
-#include <libsoup/soup.h>
-#include <webkit2/webkit2.h>
-
-#include "goawebview.h"
-#include "nautilus-floating-bar.h"
-
-struct _GoaWebView
-{
- GtkOverlay parent_instance;
- GoaProvider *provider;
- GtkWidget *floating_bar;
- GtkWidget *progress_bar;
- GtkWidget *web_view;
- WebKitUserContentManager *user_content_manager;
- WebKitWebContext *context;
- gchar *existing_identity;
- gulong clear_notify_progress_id;
- gulong notify_load_status_id;
- gulong notify_progress_id;
-};
-
-struct _GoaWebViewClass
-{
- GtkOverlayClass parent_class;
-};
-
-enum
-{
- PROP_0,
- PROP_EXISTING_IDENTITY,
- PROP_PROVIDER
-};
-
-enum
-{
- DENY_CLICK,
- PASSWORD_SUBMIT,
- LAST_SIGNAL
-};
-
-static guint signals[LAST_SIGNAL] = { 0 };
-
-G_DEFINE_TYPE (GoaWebView, goa_web_view, GTK_TYPE_OVERLAY)
-
-static gboolean
-web_view_clear_notify_progress_cb (gpointer user_data)
-{
- GoaWebView *self = GOA_WEB_VIEW (user_data);
-
- gtk_widget_hide (self->progress_bar);
- self->clear_notify_progress_id = 0;
- return FALSE;
-}
-
-static char *
-web_view_create_loading_title (const gchar *url)
-{
- SoupURI *uri;
- const gchar *hostname;
- gchar *title;
-
- g_return_val_if_fail (url != NULL && url[0] != '\0', NULL);
-
- uri = soup_uri_new (url);
- hostname = soup_uri_get_host (uri);
- /* translators: %s here is the address of the web page */
- title = g_strdup_printf (_("Loading “%s”…"), hostname);
- soup_uri_free (uri);
-
- return title;
-}
-
-static void
-web_view_floating_bar_update (GoaWebView *self, const gchar *text)
-{
- nautilus_floating_bar_set_label (NAUTILUS_FLOATING_BAR (self->floating_bar), text);
-
- if (text == NULL || text[0] == '\0')
- {
- gtk_widget_hide (self->floating_bar);
- gtk_widget_set_halign (self->floating_bar, GTK_ALIGN_START);
- }
- else
- gtk_widget_show (self->floating_bar);
-}
-
-static void
-web_view_initialize_web_extensions_cb (GoaWebView *self)
-{
- GVariant *data;
- const gchar *existing_identity;
- const gchar *provider_type;
-
- webkit_web_context_set_web_extensions_directory (self->context, PACKAGE_WEB_EXTENSIONS_DIR);
-
- if (self->provider == NULL)
- return;
-
- provider_type = goa_provider_get_provider_type (self->provider);
- existing_identity = (self->existing_identity == NULL) ? "" : self->existing_identity;
- data = g_variant_new ("(ss)", provider_type, existing_identity);
- webkit_web_context_set_web_extensions_initialization_user_data (self->context, data);
-}
-
-#ifdef GOA_INSPECTOR_ENABLED
-static void
-web_view_inspector_closed_cb (WebKitWebInspector *inspector)
-{
- GtkWidget *window;
- WebKitWebViewBase *inspector_web_view;
-
- inspector_web_view = webkit_web_inspector_get_web_view (inspector);
- window = gtk_widget_get_toplevel (GTK_WIDGET (inspector_web_view));
- if (gtk_widget_is_toplevel (window))
- gtk_widget_destroy (window);
-}
-
-static gboolean
-web_view_inspector_open_window_cb (WebKitWebInspector *inspector)
-{
- GtkWidget *window;
- GtkWindowGroup *group;
- WebKitWebViewBase *inspector_web_view;
-
- group = gtk_window_group_new ();
-
- window = gtk_window_new (GTK_WINDOW_TOPLEVEL);
- gtk_window_resize (GTK_WINDOW (window), 800, 600);
- gtk_window_group_add_window (group, GTK_WINDOW (window));
- g_object_unref (group);
-
- inspector_web_view = webkit_web_inspector_get_web_view (inspector);
- gtk_container_add (GTK_CONTAINER (window), GTK_WIDGET (inspector_web_view));
-
- gtk_widget_show_all (window);
- gtk_window_present (GTK_WINDOW (window));
-
- return GDK_EVENT_STOP;
-}
-#endif /* GOA_INSPECTOR_ENABLED */
-
-static void
-web_view_load_changed_cb (WebKitWebView *web_view,
- WebKitLoadEvent load_event,
- gpointer user_data)
-{
- GoaWebView *self = GOA_WEB_VIEW (user_data);
-
- switch (load_event)
- {
- case WEBKIT_LOAD_STARTED:
- case WEBKIT_LOAD_COMMITTED:
- {
- const gchar *uri;
- gchar *title;
-
- uri = webkit_web_view_get_uri (web_view);
- title = web_view_create_loading_title (uri);
-
- web_view_floating_bar_update (self, title);
- g_free (title);
- break;
- }
-
- case WEBKIT_LOAD_REDIRECTED:
- /* TODO: Update the loading uri */
- break;
-
- case WEBKIT_LOAD_FINISHED:
- web_view_floating_bar_update (self, NULL);
- break;
-
- default:
- break;
- }
-}
-
-static void
-web_view_notify_estimated_load_progress_cb (GObject *object,
- GParamSpec *pspec,
- gpointer user_data)
-{
- GoaWebView *self = GOA_WEB_VIEW (user_data);
- WebKitWebView *web_view = WEBKIT_WEB_VIEW (object);
- gboolean loading;
- const gchar *uri;
- gdouble progress;
-
- if (self->clear_notify_progress_id != 0)
- {
- g_source_remove (self->clear_notify_progress_id);
- self->clear_notify_progress_id = 0;
- }
-
- uri = webkit_web_view_get_uri (web_view);
- if (!uri || g_str_equal (uri, "about:blank"))
- return;
-
- progress = webkit_web_view_get_estimated_load_progress (web_view);
- loading = webkit_web_view_is_loading (web_view);
-
- if (progress == 1.0 || !loading)
- self->clear_notify_progress_id = g_timeout_add (500, web_view_clear_notify_progress_cb, self);
- else
- gtk_widget_show (self->progress_bar);
-
- gtk_progress_bar_set_fraction (GTK_PROGRESS_BAR (self->progress_bar),
- (loading || progress == 1.0) ? progress : 0.0);
-}
-
-static void
-web_view_script_message_received_deny_click_cb (GoaWebView *self)
-{
- g_signal_emit (self, signals[DENY_CLICK], 0);
-}
-
-static void
-web_view_script_message_received_password_submit_cb (GoaWebView *self, WebKitJavascriptResult *js_result)
-{
- JSGlobalContextRef js_context;
- JSStringRef js_string;
- JSValueRef js_value;
- gsize max_size;
-
- js_value = webkit_javascript_result_get_value (js_result);
- js_context = webkit_javascript_result_get_global_context (js_result);
- js_string = JSValueToStringCopy (js_context, js_value, NULL);
- max_size = JSStringGetMaximumUTF8CStringSize (js_string);
- if (max_size > 0)
- {
- gchar *password;
-
- password = g_malloc0 (max_size);
- JSStringGetUTF8CString (js_string, password, max_size);
- g_signal_emit (self, signals[PASSWORD_SUBMIT], 0, password);
- g_free (password);
- }
-
- JSStringRelease (js_string);
-}
-
-static void
-goa_web_view_constructed (GObject *object)
-{
- GoaWebView *self = GOA_WEB_VIEW (object);
- const gchar *const *language_names;
-
- G_OBJECT_CLASS (goa_web_view_parent_class)->constructed (object);
-
- self->context = webkit_web_context_new ();
- language_names = g_get_language_names ();
- webkit_web_context_set_preferred_languages (self->context, language_names);
- g_signal_connect_swapped (self->context,
- "initialize-web-extensions",
- G_CALLBACK (web_view_initialize_web_extensions_cb),
- self);
-
- self->user_content_manager = webkit_user_content_manager_new ();
- g_signal_connect_swapped (self->user_content_manager,
- "script-message-received::deny-click",
- G_CALLBACK (web_view_script_message_received_deny_click_cb),
- self);
- g_signal_connect_swapped (self->user_content_manager,
- "script-message-received::password-submit",
- G_CALLBACK (web_view_script_message_received_password_submit_cb),
- self);
- webkit_user_content_manager_register_script_message_handler (self->user_content_manager, "deny-click");
- webkit_user_content_manager_register_script_message_handler (self->user_content_manager, "password-submit");
-
- self->web_view = GTK_WIDGET (g_object_new (WEBKIT_TYPE_WEB_VIEW,
- "user-content-manager", self->user_content_manager,
- "web-context", self->context,
- NULL));
- gtk_widget_set_size_request (self->web_view, 500, 400);
- gtk_container_add (GTK_CONTAINER (self), self->web_view);
-
-#ifdef GOA_INSPECTOR_ENABLED
- {
- WebKitSettings *settings;
- WebKitWebInspector *inspector;
-
- /* Setup the inspector */
- settings = webkit_web_view_get_settings (WEBKIT_WEB_VIEW (self->web_view));
- g_object_set (settings, "enable-developer-extras", TRUE, NULL);
-
- inspector = webkit_web_view_get_inspector (WEBKIT_WEB_VIEW (self->web_view));
- g_signal_connect (inspector, "closed", G_CALLBACK (web_view_inspector_closed_cb), NULL);
- g_signal_connect (inspector, "open-window", G_CALLBACK (web_view_inspector_open_window_cb), NULL);
- }
-#endif /* GOA_INSPECTOR_ENABLED */
-
- /* statusbar is hidden by default */
- self->floating_bar = nautilus_floating_bar_new (NULL, FALSE);
- gtk_widget_set_halign (self->floating_bar, GTK_ALIGN_START);
- gtk_widget_set_valign (self->floating_bar, GTK_ALIGN_END);
- gtk_widget_set_no_show_all (self->floating_bar, TRUE);
- gtk_overlay_add_overlay (GTK_OVERLAY (self), self->floating_bar);
-
- self->progress_bar = gtk_progress_bar_new ();
- gtk_style_context_add_class (gtk_widget_get_style_context (self->progress_bar),
- GTK_STYLE_CLASS_OSD);
- gtk_widget_set_halign (self->progress_bar, GTK_ALIGN_FILL);
- gtk_widget_set_valign (self->progress_bar, GTK_ALIGN_START);
- gtk_overlay_add_overlay (GTK_OVERLAY (self), self->progress_bar);
-
- self->notify_progress_id = g_signal_connect (self->web_view,
- "notify::estimated-load-progress",
- G_CALLBACK (web_view_notify_estimated_load_progress_cb),
- self);
- self->notify_load_status_id = g_signal_connect (self->web_view,
- "load_changed",
- G_CALLBACK (web_view_load_changed_cb),
- self);
-}
-
-static void
-goa_web_view_dispose (GObject *object)
-{
- GoaWebView *self = GOA_WEB_VIEW (object);
-
- g_clear_object (&self->user_content_manager);
- g_clear_object (&self->context);
-
- if (self->clear_notify_progress_id != 0)
- {
- g_source_remove (self->clear_notify_progress_id);
- self->clear_notify_progress_id = 0;
- }
-
- if (self->notify_load_status_id != 0)
- {
- g_signal_handler_disconnect (self->web_view, self->notify_load_status_id);
- self->notify_load_status_id = 0;
- }
-
- if (self->notify_progress_id != 0)
- {
- g_signal_handler_disconnect (self->web_view, self->notify_progress_id);
- self->notify_progress_id = 0;
- }
-
- G_OBJECT_CLASS (goa_web_view_parent_class)->dispose (object);
-}
-
-static void
-goa_web_view_finalize (GObject *object)
-{
- GoaWebView *self = GOA_WEB_VIEW (object);
-
- g_free (self->existing_identity);
-
- if (self->provider != NULL)
- g_object_remove_weak_pointer (G_OBJECT (self->provider), (gpointer *) &self->provider);
-
- G_OBJECT_CLASS (goa_web_view_parent_class)->finalize (object);
-}
-
-static void
-goa_web_view_set_property (GObject *object, guint prop_id, const GValue *value, GParamSpec *pspec)
-{
- GoaWebView *self = GOA_WEB_VIEW (object);
-
- switch (prop_id)
- {
- case PROP_EXISTING_IDENTITY:
- self->existing_identity = g_value_dup_string (value);
- break;
-
- case PROP_PROVIDER:
- self->provider = GOA_PROVIDER (g_value_get_object (value));
- if (self->provider != NULL)
- g_object_add_weak_pointer (G_OBJECT (self->provider), (gpointer *) &self->provider);
- break;
-
- default:
- G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
- break;
- }
-}
-
-static void
-goa_web_view_init (GoaWebView *self)
-{
-}
-
-static void
-goa_web_view_class_init (GoaWebViewClass *klass)
-{
- GObjectClass *object_class;
-
- object_class = G_OBJECT_CLASS (klass);
- object_class->constructed = goa_web_view_constructed;
- object_class->dispose = goa_web_view_dispose;
- object_class->finalize = goa_web_view_finalize;
- object_class->set_property = goa_web_view_set_property;
-
- g_object_class_install_property (object_class,
- PROP_EXISTING_IDENTITY,
- g_param_spec_string ("existing-identity",
- "A GoaAccount identity",
- "The user name with which we want to prefill the form",
- NULL,
- G_PARAM_WRITABLE |
- G_PARAM_CONSTRUCT_ONLY |
- G_PARAM_STATIC_STRINGS));
-
- g_object_class_install_property (object_class,
- PROP_PROVIDER,
- g_param_spec_object ("provider",
- "A GoaProvider",
- "The provider that is represented by this view",
- GOA_TYPE_PROVIDER,
- G_PARAM_WRITABLE |
- G_PARAM_CONSTRUCT_ONLY |
- G_PARAM_STATIC_STRINGS));
-
- signals[DENY_CLICK] = g_signal_new ("deny-click",
- G_TYPE_FROM_CLASS (klass),
- G_SIGNAL_RUN_LAST,
- 0,
- NULL,
- NULL,
- g_cclosure_marshal_VOID__VOID,
- G_TYPE_NONE,
- 0);
-
- signals[PASSWORD_SUBMIT] = g_signal_new ("password-submit",
- G_TYPE_FROM_CLASS (klass),
- G_SIGNAL_RUN_LAST,
- 0,
- NULL,
- NULL,
- g_cclosure_marshal_VOID__STRING,
- G_TYPE_NONE,
- 1,
- G_TYPE_STRING);
-}
-
-GtkWidget *
-goa_web_view_new (GoaProvider *provider, const gchar *existing_identity)
-{
- return g_object_new (GOA_TYPE_WEB_VIEW, "provider", provider, "existing-identity", existing_identity, NULL);
-}
-
-GtkWidget *
-goa_web_view_get_view (GoaWebView *self)
-{
- return self->web_view;
-}
-
-void
-goa_web_view_fake_mobile (GoaWebView *self)
-{
- WebKitSettings *settings;
-
- settings = webkit_web_view_get_settings (WEBKIT_WEB_VIEW (self->web_view));
-
- /* This is based on the HTC Wildfire's user agent. Some
- * providers, like Google, refuse to provide the mobile
- * version of their authentication pages otherwise. eg.,
- * in Google's case, passing btmpl=mobile does not help.
- *
- * The actual user agent used by a HTC Wildfire is:
- * Mozilla/5.0 (Linux; U; Android 2.2.1; en-us; HTC Wildfire
- * Build/FRG83D) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0
- * Mobile Safari/533.1
- *
- * Also note that the user agents of some mobile browsers may
- * not work. eg., Nokia N9.
- */
- webkit_settings_set_user_agent (settings,
- "Mozilla/5.0 (GNOME; not Android) "
- "AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile");
-}
diff --git a/src/goabackend/goawebview.h b/src/goabackend/goawebview.h
deleted file mode 100644
index 4b415cd..0000000
--- a/src/goabackend/goawebview.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*-
- *
- * Copyright © 2012 2017 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef __GOA_WEB_VIEW_H__
-#define __GOA_WEB_VIEW_H__
-
-#include <gtk/gtk.h>
-
-#include "goaprovider.h"
-
-G_BEGIN_DECLS
-
-#define GOA_TYPE_WEB_VIEW (goa_web_view_get_type ())
-#define GOA_WEB_VIEW(object) (G_TYPE_CHECK_INSTANCE_CAST ((object), GOA_TYPE_WEB_VIEW, GoaWebView))
-#define GOA_IS_WEB_VIEW(object) (G_TYPE_CHECK_INSTANCE_TYPE ((object), GOA_TYPE_WEB_VIEW))
-
-typedef struct _GoaWebView GoaWebView;
-typedef struct _GoaWebViewClass GoaWebViewClass;
-
-GType goa_web_view_get_type (void) G_GNUC_CONST;
-GtkWidget *goa_web_view_new (GoaProvider *provider,
- const gchar *existing_identity);
-GtkWidget *goa_web_view_get_view (GoaWebView *self);
-void goa_web_view_fake_mobile (GoaWebView *self);
-
-G_END_DECLS
-
-#endif /* __GOA_WEB_VIEW_H__ */
diff --git a/src/goabackend/goawindowsliveprovider.c b/src/goabackend/goawindowsliveprovider.c
index 10c2dcf..2135fbd 100644
--- a/src/goabackend/goawindowsliveprovider.c
+++ b/src/goabackend/goawindowsliveprovider.c
@@ -94,7 +94,8 @@ get_token_uri (GoaOAuth2Provider *oauth2_provider)
static const gchar *
get_redirect_uri (GoaOAuth2Provider *oauth2_provider)
{
- return "https://login.live.com/oauth20_desktop.srf";
+ /* See: https://learn.microsoft.com/en-us/entra/identity-platform/reply-url */
+ return "goa-oauth2://localhost/"GOA_WINDOWS_LIVE_CLIENT_ID;
}
static const gchar *
@@ -234,36 +235,6 @@ get_identity_sync (GoaOAuth2Provider *oauth2_provider,
/* ---------------------------------------------------------------------------------------------------- */
-static gboolean
-is_identity_node (GoaOAuth2Provider *oauth2_provider, WebKitDOMHTMLInputElement *element)
-{
- gboolean ret = FALSE;
- gchar *element_type = NULL;
- gchar *name = NULL;
-
- /* FIXME: This does not show up in
- * webkit_dom_document_get_elements_by_tag_name, but can be
- * seen in the inspector. Needs further investigation.
- */
-
- g_object_get (element, "type", &element_type, NULL);
- if (g_strcmp0 (element_type, "email") != 0)
- goto out;
-
- name = webkit_dom_html_input_element_get_name (element);
- if (g_strcmp0 (name, "login") != 0)
- goto out;
-
- ret = TRUE;
-
- out:
- g_free (element_type);
- g_free (name);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
static gboolean
build_object (GoaProvider *provider,
GoaObjectSkeleton *object,
@@ -390,6 +361,5 @@ goa_windows_live_provider_class_init (GoaWindowsLiveProviderClass *klass)
oauth2_class->get_client_id = get_client_id;
oauth2_class->get_client_secret = get_client_secret;
oauth2_class->get_identity_sync = get_identity_sync;
- oauth2_class->is_identity_node = is_identity_node;
oauth2_class->add_account_key_values = add_account_key_values;
}