author | Michael Krelin <hacker@klever.net> | 2008-05-18 17:19:49 (UTC) |
---|---|---|
committer | Michael Krelin <hacker@klever.net> | 2008-05-18 17:19:49 (UTC) |
commit | 575d19f96c275d8b77642f20a8975e1cf0100eb5 (patch) (unidiff) | |
tree | d67837d29c7cd09f2774c294e462ef9535ed544d /lib | |
parent | 2123686e53a99cd32af754d861d71ff61c026732 (diff) | |
download | libopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.zip libopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.tar.gz libopkele-575d19f96c275d8b77642f20a8975e1cf0100eb5.tar.bz2 |
more checks on response validity during token acquisition
Signed-off-by: Michael Krelin <hacker@klever.net>
-rw-r--r-- | lib/oauth-consumer.cc | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/oauth-consumer.cc b/lib/oauth-consumer.cc index bb4e89b..0d31ec7 100644 --- a/lib/oauth-consumer.cc +++ b/lib/oauth-consumer.cc | |||
@@ -121,47 +121,54 @@ namespace opkele { | |||
121 | case oauth_url_query: | 121 | case oauth_url_query: |
122 | break; | 122 | break; |
123 | default: | 123 | default: |
124 | throw opkele::exception(OPKELE_CP_ /* TODO: specialize */ | 124 | throw opkele::exception(OPKELE_CP_ /* TODO: specialize */ |
125 | "invalid oauth_method for request_token endpoint"); | 125 | "invalid oauth_method for request_token endpoint"); |
126 | }; | 126 | }; |
127 | if(r) | 127 | if(r) |
128 | throw exception_curl(OPKELE_CP_ "failed to set curly options",r); | 128 | throw exception_curl(OPKELE_CP_ "failed to set curly options",r); |
129 | if( (r=curl.easy_setopt(CURLOPT_URL,hr.url.c_str())) ) | 129 | if( (r=curl.easy_setopt(CURLOPT_URL,hr.url.c_str())) ) |
130 | throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r); | 130 | throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r); |
131 | if( (r=curl.easy_perform()) ) | 131 | if( (r=curl.easy_perform()) ) |
132 | throw exception_curl(OPKELE_CP_ "failed to perform curly request",r); | 132 | throw exception_curl(OPKELE_CP_ "failed to perform curly request",r); |
133 | long response_code; | ||
134 | if( (r=curl.easy_getinfo(CURLINFO_RESPONSE_CODE,&response_code)) ) | ||
135 | throw exception_curl(OPKELE_CP_ "failed to retrieve curl response code",r); | ||
136 | if(response_code!=200) /* TODO: specialize exception */ | ||
137 | throw exception(OPKELE_CP_ "invalid response from the OAuth provider"); | ||
133 | token_t rv; | 138 | token_t rv; |
134 | string::size_type p=0; | 139 | string::size_type p=0; |
135 | while(p!=string::npos) { | 140 | while(p!=string::npos) { |
136 | string::size_type np = curl.response.find('&',p); | 141 | string::size_type np = curl.response.find('&',p); |
137 | string part; | 142 | string part; |
138 | if(np==string::npos) { | 143 | if(np==string::npos) { |
139 | part.assign(curl.response.c_str()+p); p = string::npos; | 144 | part.assign(curl.response.c_str()+p); p = string::npos; |
140 | }else{ | 145 | }else{ |
141 | part.assign(curl.response,p,np-p); p = np+1; | 146 | part.assign(curl.response,p,np-p); p = np+1; |
142 | } | 147 | } |
143 | string::size_type eq = part.find('='); | 148 | string::size_type eq = part.find('='); |
144 | if(eq==string::npos) continue; | 149 | if(eq==string::npos) continue; |
145 | string n(part,0,eq); | 150 | string n(part,0,eq); |
146 | if(n=="oauth_token") { | 151 | if(n=="oauth_token") { |
147 | if(!rv.key.empty()) /* TODO: specialize */ | 152 | if(!rv.key.empty()) /* TODO: specialize */ |
148 | throw opkele::exception(OPKELE_CP_ "found oauth_token twice"); | 153 | throw opkele::exception(OPKELE_CP_ "found oauth_token twice"); |
149 | rv.key = util::url_decode(part.substr(eq+1)); | 154 | rv.key = util::url_decode(part.substr(eq+1)); |
150 | }else if(n=="oauth_token_secret") { | 155 | }else if(n=="oauth_token_secret") { |
151 | if(!rv.secret.empty()) /* TODO: specialize */ | 156 | if(!rv.secret.empty()) /* TODO: specialize */ |
152 | throw opkele::exception(OPKELE_CP_ "found oauth_secret twice"); | 157 | throw opkele::exception(OPKELE_CP_ "found oauth_secret twice"); |
153 | rv.secret = util::url_decode(part.substr(eq+1)); | 158 | rv.secret = util::url_decode(part.substr(eq+1)); |
154 | } | 159 | } |
155 | } | 160 | } |
161 | if(rv.empty()) /* TODO: specialize */ | ||
162 | throw exception(OPKELE_CP_ "failed to retrieve token from OAuth provider response"); | ||
156 | return rv; | 163 | return rv; |
157 | } | 164 | } |
158 | 165 | ||
159 | http_request_t& basic_consumer::prepare_request( | 166 | http_request_t& basic_consumer::prepare_request( |
160 | http_request_t& req, | 167 | http_request_t& req, |
161 | const basic_fields& qf,const basic_fields& pf, | 168 | const basic_fields& qf,const basic_fields& pf, |
162 | oauth_method_t om,const string& sm, | 169 | oauth_method_t om,const string& sm, |
163 | const token_t *t,const string& realm) { | 170 | const token_t *t,const string& realm) { |
164 | fields_t op; | 171 | fields_t op; |
165 | op.set_field("oauth_consumer_key",consumer_token.key); | 172 | op.set_field("oauth_consumer_key",consumer_token.key); |
166 | if(t) op.set_field("oauth_token",t->key); | 173 | if(t) op.set_field("oauth_token",t->key); |
167 | op.set_field("oauth_signature_method",sm); | 174 | op.set_field("oauth_signature_method",sm); |