summaryrefslogtreecommitdiffabout
path: root/lib
authorMichael Krelin <hacker@klever.net>2008-05-18 17:19:49 (UTC)
committer Michael Krelin <hacker@klever.net>2008-05-18 17:19:49 (UTC)
commit575d19f96c275d8b77642f20a8975e1cf0100eb5 (patch) (side-by-side diff)
treed67837d29c7cd09f2774c294e462ef9535ed544d /lib
parent2123686e53a99cd32af754d861d71ff61c026732 (diff)
downloadlibopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.zip
libopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.tar.gz
libopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.tar.bz2
more checks on response validity during token acquisition
Signed-off-by: Michael Krelin <hacker@klever.net>
Diffstat (limited to 'lib') (more/less context) (show whitespace changes)
-rw-r--r--lib/oauth-consumer.cc7
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/oauth-consumer.cc b/lib/oauth-consumer.cc
index bb4e89b..0d31ec7 100644
--- a/lib/oauth-consumer.cc
+++ b/lib/oauth-consumer.cc
@@ -121,47 +121,54 @@ namespace opkele {
case oauth_url_query:
break;
default:
throw opkele::exception(OPKELE_CP_ /* TODO: specialize */
"invalid oauth_method for request_token endpoint");
};
if(r)
throw exception_curl(OPKELE_CP_ "failed to set curly options",r);
if( (r=curl.easy_setopt(CURLOPT_URL,hr.url.c_str())) )
throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r);
if( (r=curl.easy_perform()) )
throw exception_curl(OPKELE_CP_ "failed to perform curly request",r);
+ long response_code;
+ if( (r=curl.easy_getinfo(CURLINFO_RESPONSE_CODE,&response_code)) )
+ throw exception_curl(OPKELE_CP_ "failed to retrieve curl response code",r);
+ if(response_code!=200) /* TODO: specialize exception */
+ throw exception(OPKELE_CP_ "invalid response from the OAuth provider");
token_t rv;
string::size_type p=0;
while(p!=string::npos) {
string::size_type np = curl.response.find('&',p);
string part;
if(np==string::npos) {
part.assign(curl.response.c_str()+p); p = string::npos;
}else{
part.assign(curl.response,p,np-p); p = np+1;
}
string::size_type eq = part.find('=');
if(eq==string::npos) continue;
string n(part,0,eq);
if(n=="oauth_token") {
if(!rv.key.empty()) /* TODO: specialize */
throw opkele::exception(OPKELE_CP_ "found oauth_token twice");
rv.key = util::url_decode(part.substr(eq+1));
}else if(n=="oauth_token_secret") {
if(!rv.secret.empty()) /* TODO: specialize */
throw opkele::exception(OPKELE_CP_ "found oauth_secret twice");
rv.secret = util::url_decode(part.substr(eq+1));
}
}
+ if(rv.empty()) /* TODO: specialize */
+ throw exception(OPKELE_CP_ "failed to retrieve token from OAuth provider response");
return rv;
}
http_request_t& basic_consumer::prepare_request(
http_request_t& req,
const basic_fields& qf,const basic_fields& pf,
oauth_method_t om,const string& sm,
const token_t *t,const string& realm) {
fields_t op;
op.set_field("oauth_consumer_key",consumer_token.key);
if(t) op.set_field("oauth_token",t->key);
op.set_field("oauth_signature_method",sm);