| author | Michael Krelin <hacker@klever.net> | 2008-05-18 17:19:49 (UTC) |
|---|---|---|
| committer | Michael Krelin <hacker@klever.net> | 2008-05-18 17:19:49 (UTC) |
| commit | 575d19f96c275d8b77642f20a8975e1cf0100eb5 (patch) (unidiff) | |
| tree | d67837d29c7cd09f2774c294e462ef9535ed544d /lib/oauth-consumer.cc | |
| parent | 2123686e53a99cd32af754d861d71ff61c026732 (diff) | |
| download | libopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.zip libopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.tar.gz libopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.tar.bz2 | |
more checks on response validity during token acquisition
Signed-off-by: Michael Krelin <hacker@klever.net>
| -rw-r--r-- | lib/oauth-consumer.cc | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/oauth-consumer.cc b/lib/oauth-consumer.cc index bb4e89b..0d31ec7 100644 --- a/lib/oauth-consumer.cc +++ b/lib/oauth-consumer.cc | |||
| @@ -121,47 +121,54 @@ namespace opkele { | |||
| 121 | case oauth_url_query: | 121 | case oauth_url_query: |
| 122 | break; | 122 | break; |
| 123 | default: | 123 | default: |
| 124 | throw opkele::exception(OPKELE_CP_ /* TODO: specialize */ | 124 | throw opkele::exception(OPKELE_CP_ /* TODO: specialize */ |
| 125 | "invalid oauth_method for request_token endpoint"); | 125 | "invalid oauth_method for request_token endpoint"); |
| 126 | }; | 126 | }; |
| 127 | if(r) | 127 | if(r) |
| 128 | throw exception_curl(OPKELE_CP_ "failed to set curly options",r); | 128 | throw exception_curl(OPKELE_CP_ "failed to set curly options",r); |
| 129 | if( (r=curl.easy_setopt(CURLOPT_URL,hr.url.c_str())) ) | 129 | if( (r=curl.easy_setopt(CURLOPT_URL,hr.url.c_str())) ) |
| 130 | throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r); | 130 | throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r); |
| 131 | if( (r=curl.easy_perform()) ) | 131 | if( (r=curl.easy_perform()) ) |
| 132 | throw exception_curl(OPKELE_CP_ "failed to perform curly request",r); | 132 | throw exception_curl(OPKELE_CP_ "failed to perform curly request",r); |
| 133 | long response_code; | ||
| 134 | if( (r=curl.easy_getinfo(CURLINFO_RESPONSE_CODE,&response_code)) ) | ||
| 135 | throw exception_curl(OPKELE_CP_ "failed to retrieve curl response code",r); | ||
| 136 | if(response_code!=200) /* TODO: specialize exception */ | ||
| 137 | throw exception(OPKELE_CP_ "invalid response from the OAuth provider"); | ||
| 133 | token_t rv; | 138 | token_t rv; |
| 134 | string::size_type p=0; | 139 | string::size_type p=0; |
| 135 | while(p!=string::npos) { | 140 | while(p!=string::npos) { |
| 136 | string::size_type np = curl.response.find('&',p); | 141 | string::size_type np = curl.response.find('&',p); |
| 137 | string part; | 142 | string part; |
| 138 | if(np==string::npos) { | 143 | if(np==string::npos) { |
| 139 | part.assign(curl.response.c_str()+p); p = string::npos; | 144 | part.assign(curl.response.c_str()+p); p = string::npos; |
| 140 | }else{ | 145 | }else{ |
| 141 | part.assign(curl.response,p,np-p); p = np+1; | 146 | part.assign(curl.response,p,np-p); p = np+1; |
| 142 | } | 147 | } |
| 143 | string::size_type eq = part.find('='); | 148 | string::size_type eq = part.find('='); |
| 144 | if(eq==string::npos) continue; | 149 | if(eq==string::npos) continue; |
| 145 | string n(part,0,eq); | 150 | string n(part,0,eq); |
| 146 | if(n=="oauth_token") { | 151 | if(n=="oauth_token") { |
| 147 | if(!rv.key.empty()) /* TODO: specialize */ | 152 | if(!rv.key.empty()) /* TODO: specialize */ |
| 148 | throw opkele::exception(OPKELE_CP_ "found oauth_token twice"); | 153 | throw opkele::exception(OPKELE_CP_ "found oauth_token twice"); |
| 149 | rv.key = util::url_decode(part.substr(eq+1)); | 154 | rv.key = util::url_decode(part.substr(eq+1)); |
| 150 | }else if(n=="oauth_token_secret") { | 155 | }else if(n=="oauth_token_secret") { |
| 151 | if(!rv.secret.empty()) /* TODO: specialize */ | 156 | if(!rv.secret.empty()) /* TODO: specialize */ |
| 152 | throw opkele::exception(OPKELE_CP_ "found oauth_secret twice"); | 157 | throw opkele::exception(OPKELE_CP_ "found oauth_secret twice"); |
| 153 | rv.secret = util::url_decode(part.substr(eq+1)); | 158 | rv.secret = util::url_decode(part.substr(eq+1)); |
| 154 | } | 159 | } |
| 155 | } | 160 | } |
| 161 | if(rv.empty()) /* TODO: specialize */ | ||
| 162 | throw exception(OPKELE_CP_ "failed to retrieve token from OAuth provider response"); | ||
| 156 | return rv; | 163 | return rv; |
| 157 | } | 164 | } |
| 158 | 165 | ||
| 159 | http_request_t& basic_consumer::prepare_request( | 166 | http_request_t& basic_consumer::prepare_request( |
| 160 | http_request_t& req, | 167 | http_request_t& req, |
| 161 | const basic_fields& qf,const basic_fields& pf, | 168 | const basic_fields& qf,const basic_fields& pf, |
| 162 | oauth_method_t om,const string& sm, | 169 | oauth_method_t om,const string& sm, |
| 163 | const token_t *t,const string& realm) { | 170 | const token_t *t,const string& realm) { |
| 164 | fields_t op; | 171 | fields_t op; |
| 165 | op.set_field("oauth_consumer_key",consumer_token.key); | 172 | op.set_field("oauth_consumer_key",consumer_token.key); |
| 166 | if(t) op.set_field("oauth_token",t->key); | 173 | if(t) op.set_field("oauth_token",t->key); |
| 167 | op.set_field("oauth_signature_method",sm); | 174 | op.set_field("oauth_signature_method",sm); |