summaryrefslogtreecommitdiffabout
authorMichael Krelin <hacker@klever.net>2008-05-18 17:19:49 (UTC)
committer Michael Krelin <hacker@klever.net>2008-05-18 17:19:49 (UTC)
commit575d19f96c275d8b77642f20a8975e1cf0100eb5 (patch) (unidiff)
treed67837d29c7cd09f2774c294e462ef9535ed544d
parent2123686e53a99cd32af754d861d71ff61c026732 (diff)
downloadlibopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.zip
libopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.tar.gz
libopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.tar.bz2
more checks on response validity during token acquisition
Signed-off-by: Michael Krelin <hacker@klever.net>
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/oauth.h2
-rw-r--r--lib/oauth-consumer.cc7
2 files changed, 9 insertions, 0 deletions
diff --git a/include/opkele/oauth.h b/include/opkele/oauth.h
index 14d0586..bc6c2fa 100644
--- a/include/opkele/oauth.h
+++ b/include/opkele/oauth.h
@@ -11,12 +11,14 @@ namespace opkele {
11 string key; 11 string key;
12 string secret; 12 string secret;
13 13
14 token_t() { } 14 token_t() { }
15 token_t(const string& k,const string& s) 15 token_t(const string& k,const string& s)
16 : key(k), secret(s) { } 16 : key(k), secret(s) { }
17
18 bool empty() const { return key.empty() && secret.empty(); }
17 }; 19 };
18 20
19 } 21 }
20} 22}
21 23
22#endif /* __OPKELE_OAUTH_H */ 24#endif /* __OPKELE_OAUTH_H */
diff --git a/lib/oauth-consumer.cc b/lib/oauth-consumer.cc
index bb4e89b..0d31ec7 100644
--- a/lib/oauth-consumer.cc
+++ b/lib/oauth-consumer.cc
@@ -127,12 +127,17 @@ namespace opkele {
127 if(r) 127 if(r)
128 throw exception_curl(OPKELE_CP_ "failed to set curly options",r); 128 throw exception_curl(OPKELE_CP_ "failed to set curly options",r);
129 if( (r=curl.easy_setopt(CURLOPT_URL,hr.url.c_str())) ) 129 if( (r=curl.easy_setopt(CURLOPT_URL,hr.url.c_str())) )
130 throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r); 130 throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r);
131 if( (r=curl.easy_perform()) ) 131 if( (r=curl.easy_perform()) )
132 throw exception_curl(OPKELE_CP_ "failed to perform curly request",r); 132 throw exception_curl(OPKELE_CP_ "failed to perform curly request",r);
133 long response_code;
134 if( (r=curl.easy_getinfo(CURLINFO_RESPONSE_CODE,&response_code)) )
135 throw exception_curl(OPKELE_CP_ "failed to retrieve curl response code",r);
136 if(response_code!=200) /* TODO: specialize exception */
137 throw exception(OPKELE_CP_ "invalid response from the OAuth provider");
133 token_t rv; 138 token_t rv;
134 string::size_type p=0; 139 string::size_type p=0;
135 while(p!=string::npos) { 140 while(p!=string::npos) {
136 string::size_type np = curl.response.find('&',p); 141 string::size_type np = curl.response.find('&',p);
137 string part; 142 string part;
138 if(np==string::npos) { 143 if(np==string::npos) {
@@ -150,12 +155,14 @@ namespace opkele {
150 }else if(n=="oauth_token_secret") { 155 }else if(n=="oauth_token_secret") {
151 if(!rv.secret.empty()) /* TODO: specialize */ 156 if(!rv.secret.empty()) /* TODO: specialize */
152 throw opkele::exception(OPKELE_CP_ "found oauth_secret twice"); 157 throw opkele::exception(OPKELE_CP_ "found oauth_secret twice");
153 rv.secret = util::url_decode(part.substr(eq+1)); 158 rv.secret = util::url_decode(part.substr(eq+1));
154 } 159 }
155 } 160 }
161 if(rv.empty()) /* TODO: specialize */
162 throw exception(OPKELE_CP_ "failed to retrieve token from OAuth provider response");
156 return rv; 163 return rv;
157 } 164 }
158 165
159 http_request_t& basic_consumer::prepare_request( 166 http_request_t& basic_consumer::prepare_request(
160 http_request_t& req, 167 http_request_t& req,
161 const basic_fields& qf,const basic_fields& pf, 168 const basic_fields& qf,const basic_fields& pf,