From b81ba97dfb5a570f4fa7554441fae0e6c1f5c833 Mon Sep 17 00:00:00 2001 From: David Tardon Date: Wed, 4 May 2016 09:28:37 +0200 Subject: [PATCH] fix Google Drive login --- ...ogle-Drive-OAuth-2.0-login-procedure.patch | 122 ++++++++++++++++++ 0002-Add-new-mokup-login-pages.patch | 70 ++++++++++ 0003-Fix-test-in-test-factory.patch | 113 ++++++++++++++++ 0004-Fix-test-in-test-gdrive.patch | 74 +++++++++++ 0005-Fix-test-in-test-onedrive.patch | 42 ++++++ libcmis.spec | 11 +- 6 files changed, 431 insertions(+), 1 deletion(-) create mode 100644 0001-Add-new-Google-Drive-OAuth-2.0-login-procedure.patch create mode 100644 0002-Add-new-mokup-login-pages.patch create mode 100644 0003-Fix-test-in-test-factory.patch create mode 100644 0004-Fix-test-in-test-gdrive.patch create mode 100644 0005-Fix-test-in-test-onedrive.patch diff --git a/0001-Add-new-Google-Drive-OAuth-2.0-login-procedure.patch b/0001-Add-new-Google-Drive-OAuth-2.0-login-procedure.patch new file mode 100644 index 0000000..810280b --- /dev/null +++ b/0001-Add-new-Google-Drive-OAuth-2.0-login-procedure.patch @@ -0,0 +1,122 @@ +From 32aecffb5517dfc3b3674a8f7db418456bd877ed Mon Sep 17 00:00:00 2001 +From: Giuseppe Castagno +Date: Sat, 30 Apr 2016 14:29:56 +0200 +Subject: [PATCH 1/5] Add new Google Drive OAuth 2.0 login procedure. + +The new Google login sequence uses two html pages: first page for user email +the second page for password. + +The older sequence used only one page for both user email and user password. +--- + src/libcmis/oauth2-providers.cxx | 67 +++++++++++++++++++++++++++++++--------- + 1 file changed, 52 insertions(+), 15 deletions(-) + +diff --git a/src/libcmis/oauth2-providers.cxx b/src/libcmis/oauth2-providers.cxx +index 5e7f3bf..68a6aa5 100644 +--- a/src/libcmis/oauth2-providers.cxx ++++ b/src/libcmis/oauth2-providers.cxx +@@ -37,11 +37,28 @@ using namespace std; + string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUrl, + const string& username, const string& password ) + { ++ /* This member function implements 'Google OAuth 2.0' ++ * ++ * The interaction is carried out by libcmis, with no web browser involved. ++ * ++ * Normal sequence (without 2FA) is: ++ * 1) a get to activate login page ++ * receive first login page, html format ++ * 2) subsequent post to sent email ++ * receive html page for password input ++ * 3) subsequent post to send password ++ * receive html page for application consent ++ * 4) subsequent post to send a consent for the application ++ * receive a single-use authorization code ++ * this code is returned as a string ++ */ ++ + static const string CONTENT_TYPE( "application/x-www-form-urlencoded" ); + // STEP 1: Log in + string res; + try + { ++ // send the first get, receive the html login page + res = session->httpGetRequest( authUrl )->getStream( )->str( ); + } + catch ( const CurlException& e ) +@@ -49,20 +66,39 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr + return string( ); + } + +- string loginPost, loginLink; +- if ( !parseResponse( res.c_str( ), loginPost, loginLink ) ) ++ string loginEmailPost, loginEmailLink; ++ if ( !parseResponse( res.c_str( ), loginEmailPost, loginEmailLink ) ) + return string( ); +- +- loginPost += "Email="; +- loginPost += string( username ); +- loginPost += "&Passwd="; +- loginPost += string( password ); +- +- istringstream loginIs( loginPost ); +- string loginRes; +- try ++ ++ loginEmailPost += "Email="; ++ loginEmailPost += string( username ); ++ ++ istringstream loginEmailIs( loginEmailPost ); ++ string loginEmailRes; ++ try ++ { ++ // send a post with user email, receive the html page for password input ++ loginEmailRes = session->httpPostRequest ( loginEmailLink, loginEmailIs, CONTENT_TYPE ) ++ ->getStream( )->str( ); ++ } ++ catch ( const CurlException& e ) ++ { ++ return string( ); ++ } ++ ++ string loginPasswdPost, loginPasswdLink; ++ if ( !parseResponse( loginEmailRes.c_str( ), loginPasswdPost, loginPasswdLink ) ) ++ return string( ); ++ ++ loginPasswdPost += "Passwd="; ++ loginPasswdPost += string( password ); ++ ++ istringstream loginPasswdIs( loginPasswdPost ); ++ string loginPasswdRes; ++ try + { +- loginRes = session->httpPostRequest ( loginLink, loginIs, CONTENT_TYPE ) ++ // send a post with user password, receive the application consent page ++ loginPasswdRes = session->httpPostRequest ( loginPasswdLink, loginPasswdIs, CONTENT_TYPE ) + ->getStream( )->str( ); + } + catch ( const CurlException& e ) +@@ -71,8 +107,8 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr + } + + // STEP 2: allow libcmis to access google drive +- string approvalPost, approvalLink; +- if ( !parseResponse( loginRes. c_str( ), approvalPost, approvalLink) ) ++ string approvalPost, approvalLink; ++ if ( !parseResponse( loginPasswdRes. c_str( ), approvalPost, approvalLink) ) + return string( ); + approvalPost += "submit_access=true"; + +@@ -80,7 +116,8 @@ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUr + string approvalRes; + try + { +- approvalRes = session->httpPostRequest ( approvalLink, approvalIs, ++ // send a post with application consent ++ approvalRes = session->httpPostRequest ( approvalLink, approvalIs, + CONTENT_TYPE) ->getStream( )->str( ); + } + catch ( const CurlException& e ) +-- +2.7.4 + diff --git a/0002-Add-new-mokup-login-pages.patch b/0002-Add-new-mokup-login-pages.patch new file mode 100644 index 0000000..32aab37 --- /dev/null +++ b/0002-Add-new-mokup-login-pages.patch @@ -0,0 +1,70 @@ +From 0490c023cd14cbb3d1ba2bc1b648b216f848a648 Mon Sep 17 00:00:00 2001 +From: Giuseppe Castagno +Date: Tue, 3 May 2016 08:35:57 +0200 +Subject: [PATCH 2/5] Add new mokup login pages + +--- + qa/libcmis/data/gdrive/login.html | 12 ------------ + qa/libcmis/data/gdrive/login1.html | 12 ++++++++++++ + qa/libcmis/data/gdrive/login2.html | 11 +++++++++++ + 3 files changed, 23 insertions(+), 12 deletions(-) + delete mode 100644 qa/libcmis/data/gdrive/login.html + create mode 100644 qa/libcmis/data/gdrive/login1.html + create mode 100644 qa/libcmis/data/gdrive/login2.html + +diff --git a/qa/libcmis/data/gdrive/login.html b/qa/libcmis/data/gdrive/login.html +deleted file mode 100644 +index eae53bf..0000000 +--- a/qa/libcmis/data/gdrive/login.html ++++ /dev/null +@@ -1,12 +0,0 @@ +- +- +- +-
+- +- +- +- +- +-
+- +- +diff --git a/qa/libcmis/data/gdrive/login1.html b/qa/libcmis/data/gdrive/login1.html +new file mode 100644 +index 0000000..eae53bf +--- /dev/null ++++ b/qa/libcmis/data/gdrive/login1.html +@@ -0,0 +1,12 @@ ++ ++ ++ ++
++ ++ ++ ++ ++ ++
++ ++ +diff --git a/qa/libcmis/data/gdrive/login2.html b/qa/libcmis/data/gdrive/login2.html +new file mode 100644 +index 0000000..198f816 +--- /dev/null ++++ b/qa/libcmis/data/gdrive/login2.html +@@ -0,0 +1,11 @@ ++ ++ ++ ++
++ ++ ++ ++ ++
++ ++ +-- +2.7.4 + diff --git a/0003-Fix-test-in-test-factory.patch b/0003-Fix-test-in-test-factory.patch new file mode 100644 index 0000000..509a968 --- /dev/null +++ b/0003-Fix-test-in-test-factory.patch @@ -0,0 +1,113 @@ +From 04297298ad9659c949beb7ccd0f75cfd440a4fb8 Mon Sep 17 00:00:00 2001 +From: Giuseppe Castagno +Date: Tue, 3 May 2016 11:47:43 +0200 +Subject: [PATCH 3/5] Fix test in test-factory + +--- + qa/libcmis/data/gdrive/login1.html | 4 ++-- + qa/libcmis/data/gdrive/login2.html | 2 +- + qa/libcmis/test-factory.cxx | 10 ++++++++-- + qa/mockup/mockup-config.cxx | 3 +++ + qa/mockup/mockup-config.h | 6 +++--- + 5 files changed, 17 insertions(+), 8 deletions(-) + +diff --git a/qa/libcmis/data/gdrive/login1.html b/qa/libcmis/data/gdrive/login1.html +index eae53bf..b6da338 100644 +--- a/qa/libcmis/data/gdrive/login1.html ++++ b/qa/libcmis/data/gdrive/login1.html +@@ -1,12 +1,12 @@ + + + +-
++ ++ + + + + +- +
+ + +diff --git a/qa/libcmis/data/gdrive/login2.html b/qa/libcmis/data/gdrive/login2.html +index 198f816..6425091 100644 +--- a/qa/libcmis/data/gdrive/login2.html ++++ b/qa/libcmis/data/gdrive/login2.html +@@ -1,7 +1,7 @@ + + + +-
++ + + + +diff --git a/qa/libcmis/test-factory.cxx b/qa/libcmis/test-factory.cxx +index c0bcb4c..3779e5a 100644 +--- a/qa/libcmis/test-factory.cxx ++++ b/qa/libcmis/test-factory.cxx +@@ -64,6 +64,7 @@ + + #define GDRIVE_AUTH_URL string ( "https://auth/url" ) + #define GDRIVE_LOGIN_URL string ("https://login/url" ) ++#define GDRIVE_LOGIN_URL2 string ("https://login2/url" ) + #define GDRIVE_APPROVAL_URL string ("https://approval/url" ) + #define GDRIVE_TOKEN_URL string ( "https://token/url" ) + +@@ -101,10 +102,15 @@ namespace + string("&redirect_uri=") + OAUTH_REDIRECT_URI + + string("&response_type=code") + + string("&client_id=") + OAUTH_CLIENT_ID; ++ + curl_mockup_addResponse ( GDRIVE_AUTH_URL.c_str(), loginIdentifier.c_str( ), +- "GET", DATA_DIR "/gdrive/login.html", 200, true); ++ "GET", DATA_DIR "/gdrive/login1.html", 200, true); ++ ++ //authentication email ++ curl_mockup_addResponse( GDRIVE_LOGIN_URL2.c_str( ), "", "POST", ++ DATA_DIR "/gdrive/login2.html", 200, true); + +- //authentication response ++ //authentication password, + curl_mockup_addResponse( GDRIVE_LOGIN_URL.c_str( ), "", "POST", + DATA_DIR "/gdrive/approve.html", 200, true); + +diff --git a/qa/mockup/mockup-config.cxx b/qa/mockup/mockup-config.cxx +index f6b84ad..fb19927 100644 +--- a/qa/mockup/mockup-config.cxx ++++ b/qa/mockup/mockup-config.cxx +@@ -117,6 +117,9 @@ namespace mockup + return !m_username.empty( ) && !m_password.empty( ); + } + ++ /** Find a suitable response ++ * using the request as a search key ++ */ + CURLcode Configuration::writeResponse( CurlHandle* handle ) + { + CURLcode code = CURLE_OK; +diff --git a/qa/mockup/mockup-config.h b/qa/mockup/mockup-config.h +index 6b94706..d0fc3bb 100644 +--- a/qa/mockup/mockup-config.h ++++ b/qa/mockup/mockup-config.h +@@ -41,13 +41,13 @@ void curl_mockup_reset( ); + the base URL of the request without parameters + \param matchParam + a string to find in the parameters part of the URL to match ++ \param method ++ HTTP method to match like PUT, GET, POST or DELETE. An empty ++ string matches any method. + \param response + a string corresponding either to the file path of the request + body to send or directly the content to send. This value has + a different meaning depending on isFilePath parameter. +- \param method +- HTTP method to match like PUT, GET, POST or DELETE. An empty +- string matches any method. + \param status + the HTTP status to return. 0 means HTTP OK (200). + \param isFilePath +-- +2.7.4 + diff --git a/0004-Fix-test-in-test-gdrive.patch b/0004-Fix-test-in-test-gdrive.patch new file mode 100644 index 0000000..899148a --- /dev/null +++ b/0004-Fix-test-in-test-gdrive.patch @@ -0,0 +1,74 @@ +From 73662089059eb2e272a4c5eb245a497af044ccf6 Mon Sep 17 00:00:00 2001 +From: Giuseppe Castagno +Date: Tue, 3 May 2016 15:35:57 +0200 +Subject: [PATCH 4/5] Fix test in test-gdrive + +--- + qa/libcmis/test-gdrive.cxx | 32 ++++++++++++++++++++++++-------- + 1 file changed, 24 insertions(+), 8 deletions(-) + +diff --git a/qa/libcmis/test-gdrive.cxx b/qa/libcmis/test-gdrive.cxx +index 0cd9577..6323099 100644 +--- a/qa/libcmis/test-gdrive.cxx ++++ b/qa/libcmis/test-gdrive.cxx +@@ -51,6 +51,7 @@ static const string CLIENT_SECRET ( "mock-secret" ); + static const string USERNAME( "mock-user" ); + static const string PASSWORD( "mock-password" ); + static const string LOGIN_URL ("https://login/url" ); ++static const string LOGIN_URL2 ("https://login2/url" ); + static const string APPROVAL_URL ("https://approval/url" ); + static const string AUTH_URL ( "https://auth/url" ); + static const string TOKEN_URL ( "https://token/url" ); +@@ -149,10 +150,15 @@ GDriveSession GDriveTest::getTestSession( string username, string password ) + string("&redirect_uri=") + REDIRECT_URI + + string("&response_type=code") + + string("&client_id=") + CLIENT_ID; ++ + curl_mockup_addResponse ( AUTH_URL.c_str(), loginIdentifier.c_str( ), +- "GET", DATA_DIR "/gdrive/login.html", 200, true); ++ "GET", DATA_DIR "/gdrive/login1.html", 200, true); ++ ++ //authentication email ++ curl_mockup_addResponse( LOGIN_URL2.c_str( ), empty.c_str( ), "POST", ++ DATA_DIR "/gdrive/login2.html", 200, true); + +- //authentication response ++ //authentication password, + curl_mockup_addResponse( LOGIN_URL.c_str( ), empty.c_str( ), "POST", + DATA_DIR "/gdrive/approve.html", 200, true); + +@@ -171,15 +177,25 @@ void GDriveTest::sessionAuthenticationTest( ) + GDriveSession session = getTestSession( USERNAME, PASSWORD ); + string empty; + +- // Check authentication request +- string authRequest( curl_mockup_getRequestBody( LOGIN_URL.c_str(), empty.c_str( ), ++ // Check authentication request for email ++ string authRequestEmail( curl_mockup_getRequestBody( LOGIN_URL2.c_str(), empty.c_str( ), ++ "POST" ) ); ++ string expectedAuthRequestEmail = ++ string ( "Page=PasswordSeparationSignIn&continue=redirectLink&scope=Scope&service=lso&GALX=cookie" ++ "&Email=") + USERNAME; ++ ++ CPPUNIT_ASSERT_EQUAL_MESSAGE( "Wrong authentication request for Email", ++ expectedAuthRequestEmail, authRequestEmail ); ++ ++ // Check authentication request for password ++ string authRequestPassword( curl_mockup_getRequestBody( LOGIN_URL.c_str(), empty.c_str( ), + "POST" ) ); +- string expectedAuthRequest = ++ string expectedAuthRequestPassword = + string ( "continue=redirectLink&scope=Scope&service=lso&GALX=cookie" +- "&Email=") + USERNAME + string("&Passwd=") + PASSWORD; ++ "&Passwd=") + PASSWORD; + +- CPPUNIT_ASSERT_EQUAL_MESSAGE( "Wrong authentication request", +- expectedAuthRequest, authRequest ); ++ CPPUNIT_ASSERT_EQUAL_MESSAGE( "Wrong authentication request for Password", ++ expectedAuthRequestPassword, authRequestPassword ); + + // Check code request + string codeRequest( curl_mockup_getRequestBody( APPROVAL_URL.c_str(), +-- +2.7.4 + diff --git a/0005-Fix-test-in-test-onedrive.patch b/0005-Fix-test-in-test-onedrive.patch new file mode 100644 index 0000000..c2dc0f0 --- /dev/null +++ b/0005-Fix-test-in-test-onedrive.patch @@ -0,0 +1,42 @@ +From 3ebc3d9fe6a9806de2bcdf79ac6398f0c14c3246 Mon Sep 17 00:00:00 2001 +From: Giuseppe Castagno +Date: Tue, 3 May 2016 15:41:52 +0200 +Subject: [PATCH 5/5] Fix test in test-onedrive + +--- + qa/libcmis/test-onedrive.cxx | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/qa/libcmis/test-onedrive.cxx b/qa/libcmis/test-onedrive.cxx +index b88751b..5da8918 100644 +--- a/qa/libcmis/test-onedrive.cxx ++++ b/qa/libcmis/test-onedrive.cxx +@@ -51,6 +51,7 @@ static const string CLIENT_SECRET ( "mock-secret" ); + static const string USERNAME( "mock-user" ); + static const string PASSWORD( "mock-password" ); + static const string LOGIN_URL ("https://login/url" ); ++static const string LOGIN_URL2 ("https://login2/url" ); + static const string APPROVAL_URL ("https://approval/url" ); + static const string AUTH_URL ( "https://auth/url" ); + static const string TOKEN_URL ( "https://token/url" ); +@@ -123,10 +124,15 @@ OneDriveSession OneDriveTest::getTestSession( string username, string password ) + string("&redirect_uri=") + REDIRECT_URI + + string("&response_type=code") + + string("&client_id=") + CLIENT_ID; ++ + curl_mockup_addResponse ( AUTH_URL.c_str(), loginIdentifier.c_str( ), +- "GET", DATA_DIR "/gdrive/login.html", 200, true); ++ "GET", DATA_DIR "/gdrive/login1.html", 200, true); ++ ++ //authentication email ++ curl_mockup_addResponse( LOGIN_URL2.c_str( ), empty.c_str( ), "POST", ++ DATA_DIR "/gdrive/login2.html", 200, true); + +- //authentication response ++ //authentication password + curl_mockup_addResponse( LOGIN_URL.c_str( ), empty.c_str( ), "POST", + DATA_DIR "/gdrive/approve.html", 200, true); + +-- +2.7.4 + diff --git a/libcmis.spec b/libcmis.spec index b28659c..6d2e414 100644 --- a/libcmis.spec +++ b/libcmis.spec @@ -2,7 +2,7 @@ Name: libcmis Version: 0.5.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: A C++ client library for CM interfaces License: GPLv2+ or LGPLv2+ or MPLv1.1 @@ -15,6 +15,12 @@ BuildRequires: pkgconfig(libcurl) BuildRequires: pkgconfig(libxml-2.0) BuildRequires: xmlto +Patch0: 0001-Add-new-Google-Drive-OAuth-2.0-login-procedure.patch +Patch1: 0002-Add-new-mokup-login-pages.patch +Patch2: 0003-Fix-test-in-test-factory.patch +Patch3: 0004-Fix-test-in-test-gdrive.patch +Patch4: 0005-Fix-test-in-test-onedrive.patch + %description LibCMIS is a C++ client library for working with CM (content management) interfaces. The primary supported interface (which gave the library its @@ -81,6 +87,9 @@ make %{?_smp_mflags} check %{_mandir}/man1/cmis-client.1* %changelog +* Wed May 04 2016 David Tardon - 0.5.1-2 +- fix Google Drive login + * Fri Mar 04 2016 David Tardon - 0.5.1-1 - new upstream release