int
u1db__get_oauth_authorization(u1db_sync_target *st,
const char *http_method, const char *url,
char **oauth_authorization)
{
int status = U1DB_OK;
struct _http_state *state;
char *oauth_data = NULL;
char *http_hdr = NULL;
int argc = 0;
int hdr_size = 0, oauth_size = 0;
char **argv = NULL;
status = impl_as_http_state(st->implementation, &state);
if (status != U1DB_OK) {
return status;
}
if (state->consumer_key == NULL || state->consumer_secret == NULL
|| state->token_key == NULL || state->token_secret == NULL)
{
return U1DB_INVALID_PARAMETER;
}
argc = oauth_split_url_parameters(url, &argv);
oauth_sign_array2_process(&argc, &argv, NULL, OA_HMAC, http_method,
state->consumer_key, state->consumer_secret,
state->token_key, state->token_secret);
oauth_data = oauth_serialize_url_sep(argc, 1, argv, ", ", 6);
if (oauth_data == NULL) {
status = U1DB_INTERNAL_ERROR;
goto finish;
}
oauth_size = strlen(oauth_data);
// sizeof(auth_header_prefix) includes the trailing null, so we don't
// need to add 1
hdr_size = sizeof(auth_header_prefix) + oauth_size;
http_hdr = (char *)calloc(hdr_size, 1);
if (http_hdr == NULL) {
status = U1DB_NOMEM;
goto finish;
}
memcpy(http_hdr, auth_header_prefix, sizeof(auth_header_prefix));
memcpy(http_hdr + sizeof(auth_header_prefix)-1, oauth_data, oauth_size);
finish:
if (oauth_data != NULL) {
free(oauth_data);
}
oauth_free_array(&argc, &argv);
if (status == U1DB_OK) {
*oauth_authorization = http_hdr;
} else if (http_hdr != NULL) {
free(http_hdr);
}
return status;
}
int unim_oauth_request(struct unim_login_info *login_info)
{
char *req_url, *reply;
int rc = -1;
int argc = 0;
char **argv = NULL;
int i;
argc = oauth_split_url_parameters(login_info->request_token_uri, &argv);
if (login_info->request_added_argc) {
for (i = 0; i < login_info->request_added_argc; i++) {
oauth_add_param_to_array(&argc, &argv,
login_info->request_added_argv[i]);
}
}
req_url = oauth_sign_array2(&argc, &argv,
NULL, OA_HMAC, NULL,
login_info->consumer_key, login_info->consumer_secret,
NULL, NULL);
reply = oauth_http_get(req_url, NULL);
if (reply) {
char **rv = NULL;
printf("HTTP-reply:\n\t%s\n", reply);
rc = oauth_split_url_parameters(reply, &rv);
qsort(rv, rc, sizeof(char *), oauth_cmpstringp);
if (rc >= 2) {
for (i = 0; i < rc; i++) {
if (!strncmp(rv[i], "oauth_token=", 12)) {
login_info->res_token_key = strdup(&(rv[i][12]));
} else if (!strncmp(rv[i], "oauth_token_secret=", 19)) {
login_info->res_token_secret = strdup(&(rv[i][19]));
}
}
rc = 0;
}
if (rv)
free(rv);
}
if (req_url)
free(req_url);
if (reply)
free(reply);
if (argc)
oauth_free_array(&argc, &argv);
return rc;
}
gboolean drop_oauth_from_file(gchar **appname,
gchar **consumer_key,
gchar **consumer_secret,
gchar **access_key,
gchar **access_secret)
{
gchar *response = NULL;
gint argc = 0;
gchar **argv = NULL;
gchar **pair = NULL;
gboolean result = FALSE;
gchar *oauthfile = NULL;
oauthfile = drop_oauth_expandfilename(OAUTHFILE);
if(g_file_get_contents(oauthfile, &response, NULL, NULL))
{
argc = oauth_split_post_paramters(response, &argv, 0);
while(argc)
{
pair = g_strsplit(argv[argc - 1], "=", 0);
if(g_strcmp0(pair[0], "appname") == 0)
*appname = g_strdup(pair[1]);
if(g_strcmp0(pair[0], "consumer_key") == 0)
*consumer_key = g_strdup(pair[1]);
if(g_strcmp0(pair[0], "consumer_secret") == 0)
*consumer_secret = g_strdup(pair[1]);
if(g_strcmp0(pair[0], "access_key") == 0)
*access_key = g_strdup(pair[1]);
if(g_strcmp0(pair[0], "access_secret") == 0)
*access_secret = g_strdup(pair[1]);
argc--;
g_strfreev(pair);
}
if(*appname &&
*consumer_key &&
*consumer_secret &&
*access_key &&
*access_secret)
result = TRUE;
oauth_free_array(&argc, &argv);
}
g_free(response);
g_free(oauthfile);
return result;
}
void drop_oauth_access_token(gchar *consumer_key,
gchar *consumer_secret,
gchar *request_key,
gchar *request_secret,
gchar **access_key,
gchar **access_secret,
GError **error)
{
gchar *response = NULL;
gint argc = 0;
gchar **argv = NULL;
gchar *postarg = NULL;
gchar **token = NULL;
oauth_sign_url2(ACCESS_TOKEN_URL,
&postarg,
OA_HMAC,
NULL,
consumer_key,
consumer_secret,
request_key,
request_secret);
response = drop_soup_sync(ACCESS_TOKEN_URL, postarg, DROP_SOUP_OAUTH, error);
argc = oauth_split_post_paramters(response, &argv, 0);
while(argc)
{
token = g_strsplit(argv[argc - 1], "=", 0);
if(g_strcmp0(token[0], "oauth_token") == 0)
*access_key = g_strdup(token[1]);
if(g_strcmp0(token[0], "oauth_token_secret") == 0)
*access_secret = g_strdup(token[1]);
argc--;
}
if(access_key == NULL || access_secret == NULL)
{
g_print("things went wrong!! not able to get access_{key,secret}!!\n");
exit(EXIT_FAILURE);
}
g_free(postarg);
g_free(response);
g_strfreev(token);
oauth_free_array(&argc, &argv);
}
void drop_oauth_request_token(gchar *consumer_key,
gchar *consumer_secret,
gchar **request_key,
gchar **request_secret,
GError **error)
{
gchar *request = NULL;
gchar *response = NULL;
gchar **token = NULL;
gint argc = 0;
gchar **argv = NULL;
gchar *postarg = NULL;
request = g_strdup_printf("%s", REQ_TOKEN_URL);
oauth_sign_url2(request,
&postarg,
OA_HMAC,
NULL,
consumer_key,
consumer_secret,
NULL,
NULL);
response = drop_soup_sync(REQ_TOKEN_URL, postarg, 0, error);
argc = oauth_split_post_paramters(response, &argv, 0);
while(argc)
{
token = g_strsplit(argv[argc - 1], "=", 0);
if(g_strcmp0(token[0], "oauth_token") == 0)
*request_key = g_strdup(token[1]);
if(g_strcmp0(token[0], "oauth_token_secret") == 0)
*request_secret = g_strdup(token[1]);
argc--;
}
g_free(request);
g_free(postarg);
g_free(response);
g_strfreev(token);
oauth_free_array(&argc, &argv);
}
static void
sign_message (SoupMessage *message, OAuthMethod method,
GsAuth *auth)
{
g_autofree gchar *url = NULL, *oauth_authorization_parameters = NULL, *authorization_text = NULL;
gchar **url_parameters = NULL;
int url_parameters_length;
const gchar *consumer_key;
const gchar *consumer_secret;
const gchar *token_key;
const gchar *token_secret;
if (auth == NULL)
return;
consumer_key = gs_auth_get_metadata_item (auth, "consumer-key");
consumer_secret = gs_auth_get_metadata_item (auth, "consumer-secret");
token_key = gs_auth_get_metadata_item (auth, "token-key");
token_secret = gs_auth_get_metadata_item (auth, "token-secret");
if (consumer_key == NULL || consumer_secret == NULL || token_key == NULL || token_secret == NULL)
return;
url = soup_uri_to_string (soup_message_get_uri (message), FALSE);
url_parameters_length = oauth_split_url_parameters(url, &url_parameters);
oauth_sign_array2_process (&url_parameters_length, &url_parameters,
NULL,
method,
message->method,
consumer_key, consumer_secret,
token_key, token_secret);
oauth_authorization_parameters = oauth_serialize_url_sep (url_parameters_length, 1, url_parameters, ", ", 6);
oauth_free_array (&url_parameters_length, &url_parameters);
authorization_text = g_strdup_printf ("OAuth realm=\"Ratings and Reviews\", %s",
oauth_authorization_parameters);
soup_message_headers_append (message->request_headers, "Authorization", authorization_text);
}
static void knh_freeArgs(Args_t *args)
{
oauth_free_array(&args->argc, &args->argv);
}
/*
* a example requesting and parsing a request-token from an OAuth service-provider
* using OAuth HTTP Authorization header:
* see http://oauth.net/core/1.0a/#auth_header
* and http://oauth.net/core/1.0a/#consumer_req_param
*/
void request_token_example_get(void) {
#if 0
const char *request_token_uri = "http://localhost/oauthtest.php?test=test";
const char *req_c_key = "17b09ea4c9a4121145936f0d7d8daa28047583796"; //< consumer key
const char *req_c_secret = "942295b08ffce77b399419ee96ac65be"; //< consumer secret
#else
const char *request_token_uri = "http://term.ie/oauth/example/request_token.php";
const char *req_c_key = "key"; //< consumer key
const char *req_c_secret = "secret"; //< consumer secret
#endif
char *res_t_key = NULL; //< replied key
char *res_t_secret = NULL; //< replied secret
char *req_url = NULL;
char *req_hdr = NULL;
char *http_hdr= NULL;
char *reply;
//req_url = oauth_sign_url2(request_token_uri, NULL, OA_HMAC, NULL, req_c_key, req_c_secret, NULL, NULL);
// oauth_sign_url2 (see oauth.h) in steps
int argc;
char **argv = NULL;
argc = oauth_split_url_parameters(request_token_uri, &argv);
oauth_sign_array2_process(&argc, &argv,
NULL, //< postargs (unused)
OA_HMAC,
NULL, //< HTTP method (defaults to "GET")
req_c_key, req_c_secret, NULL, NULL);
// 'default' oauth_sign_url2 would do:
// req_url = oauth_serialize_url(argc, 0, argv);
// we split [x_]oauth_ parameters (for use in HTTP Authorization header)
req_hdr = oauth_serialize_url_sep(argc, 1, argv, ", ", 6);
// and other URL parameters
req_url = oauth_serialize_url_sep(argc, 0, argv, "&", 1);
oauth_free_array(&argc, &argv);
// done with OAuth stuff, now perform the HTTP request.
http_hdr = malloc(strlen(req_hdr) + 55);
// Note that (optional) 'realm' is not to be
// included in the oauth signed parameters and thus only added here.
// see 9.1.1 in http://oauth.net/core/1.0/#anchor14
sprintf(http_hdr, "Authorization: OAuth realm=\"http://example.org/\", %s", req_hdr);
printf("request URL=%s\n", req_url);
printf("request header=%s\n\n", http_hdr);
reply = oauth_http_get2(req_url,NULL, http_hdr);
if (!reply)
printf("HTTP request for an oauth request-token failed.\n");
else {
// parse reply - example:
//"oauth_token=2a71d1c73d2771b00f13ca0acb9836a10477d3c56&oauth_token_secret=a1b5c00c1f3e23fb314a0aa22e990266"
int rc;
char **rv = NULL;
printf("HTTP-reply: %s\n", reply);
rc = oauth_split_url_parameters(reply, &rv);
qsort(rv, rc, sizeof(char *), oauth_cmpstringp);
if( rc==2
&& !strncmp(rv[0],"oauth_token=",11)
&& !strncmp(rv[1],"oauth_token_secret=",18) ){
res_t_key=strdup(&(rv[0][12]));
res_t_secret=strdup(&(rv[1][19]));
printf("key: '%s'\nsecret: '%s'\n",res_t_key, res_t_secret);
}
if(rv) free(rv);
}
if(req_url) free(req_url);
if(req_hdr) free(req_hdr);
if(http_hdr)free(http_hdr);
if(reply) free(reply);
if(res_t_key) free(res_t_key);
if(res_t_secret) free(res_t_secret);
}
int plurk_api( key_pair* request
,key_pair* permanent
,const char* api_uri
,const char* invoke_method
,int arg_count, ...
)
{
char* request_uri = s_concate(&(plurk_url), &(plurk_uri_request));
char* api_url = s_concate( &(plurk_url) ,&(api_uri));
int argc = 0;
int i = 0;
char** argv = NULL;
char* req_hdr = NULL;
char* req_url = NULL;
char* http_hdr = NULL;
char* reply = NULL;
char* postarg = NULL;
argc = oauth_split_url_parameters(api_url, &argv);
#if SAMUEL_DEBUG
printf("SAMUEL_DEBUG, before add parameters to array\n");
for (i=0;i<argc; i++)
printf("%d:%s\n",i,argv[i]);
#endif
int arg_index;
char* arg_from_valist;
va_list vaarg;
va_start(vaarg, arg_count);
for (arg_index = 0; arg_index < arg_count; arg_index++) {
arg_from_valist = va_arg(vaarg, char*);
oauth_add_param_to_array(&argc, &argv, arg_from_valist);
#if SAMUEL_DEBUG
printf("SAMUEL_DEBUG, arg_from_valist: %s\n", arg_from_valist);
printf("SAMUEL_DEBUG, argc:%d\n", argc);
#endif
}
va_end(vaarg);
#if SAMUEL_DEBUG
printf("SAMUEL_DEBUG, before add parameters to array\n");
for (i=0;i<argc; i++)
printf("%d:%s\n",i,argv[i]);
#endif
oauth_sign_array2_process(&argc, &argv,
NULL, //< postargs (unused)
OA_HMAC,
"POST", //< HTTP method (defaults to "GET")
request->key, request->secret,//NULL, NULL);
permanent->key, permanent->secret);
req_hdr = oauth_serialize_url_sep(argc, 1, argv, ", ", 100);
req_url = oauth_serialize_url_sep(argc, 0, argv, "&", 1);
oauth_free_array(&argc, &argv);
#if SAMUEL_DEBUG
printf("SAMUEL_DEBUG, req_hdr: %s\n", req_hdr);
printf("SAMUEL_DEBUG, req_url: %s\n", req_url);
#endif
http_hdr = malloc(strlen(req_hdr) + 200);
memset(http_hdr,0,100);
sprintf(http_hdr, "Authorization: OAuth realm=\"\", %s", req_hdr);
#if SAMUEL_DEBUG
printf("request URL=%s\n", req_url);
printf("request header=%s\n\n", http_hdr);
#endif
reply = oauth_http_post2(req_url, &postarg, http_hdr);
if(!reply){
printf("SAMUEL_DEBUG, HTTP request for an oauth request-token failed.\n");
}
else
printf("SAMUEL_DEBUG, reply: %s\n", reply);
if (reply) free(reply);
if (req_hdr) free(req_hdr);
if (req_url) free(req_url);
if (http_hdr) free(http_hdr);
if (postarg) free(postarg);
if (api_url) free(api_url);
return 0;
}
/**
* @brief Use API key, response key-pair and verification code
* to retrive the permanent key-pair
*
* @param req_key API key
* @param req_secret API secret key
* @param res_key the address of the response key
* @param res_secret the address of the response secret key
* @param verifier verification code
*
* @return error on 1
*/
inline static int get_access_token(char* req_key,
char* req_secret,
char** res_key,
char** res_secret,
char* verifier){
int fail = 0;
char *request_token_uri = s_concate(&(plurk_url), &(plurk_uri_access));
char *postarg = NULL;
char *req_url;
char *reply;
int verifier_len = strlen(verifier);
char *verifier_perm = malloc(sizeof(char)*(15 + verifier_len + 1));
memset(verifier_perm, 0, 15 + verifier_len + 1);
verifier_perm = memcpy(verifier_perm, "oauth_verifier=", 15);
verifier_perm = strncat(verifier_perm, verifier, verifier_len);
//req_url = oauth_sign_url2(request_token_uri, // const char *url
// &postarg, // char **postarg
// OA_HMAC, // OAuthMethod method
// "POST", // const char *http_method
// req_key, // const char *key
// req_secret, // const char *secret
// res_t_key, // const char *t_key
// res_t_secret // char *t_secret
// );
// transfer oauth_sign_url2() in steps
// example edited from:
// http://liboauth.sourceforge.net/tests_2oauthtest2_8c-example.html#a0
int argc=0;
int i;
char **argv=NULL;
char *req_hdr = NULL;
char *http_hdr= NULL;
argc = oauth_split_url_parameters(request_token_uri, &argv);
#if SAMUEL_DEBUG
printf("SAMUEL_DEBUG, before add parameters to array\n");
for (i=0;i<argc; i++)
printf("%d:%s\n",i,argv[i]);
#endif
// the most important step here!! add parameter
oauth_add_param_to_array(&argc, &argv, verifier_perm);
#if SAMUEL_DEBUG
printf("====\nSAMUEL_DEBUG, after add parameters to array\n");
for (i=0;i<argc; i++)
printf("%d:%s\n",i,argv[i]);
#endif
//do something important here??
oauth_sign_array2_process(&argc, &argv,
NULL, //< postargs (unused)
OA_HMAC,
"POST", //< HTTP method (defaults to "GET")
req_key, req_secret,//NULL, NULL);
*res_key, *res_secret);
req_hdr = oauth_serialize_url_sep(argc, 1, argv, ", ", 6);
req_url = oauth_serialize_url_sep(argc, 0, argv, "&", 1);
oauth_free_array(&argc, &argv);
#if SAMUEL_DEBUG
printf("SAMUEL_DEBUG, req_hdr: %s\n",req_hdr);
printf("SAMUEL_DEBUG, req_url: %s\n",req_url);
#endif
http_hdr = malloc(strlen(req_hdr) + 100);
memset(http_hdr,0,100);
sprintf(http_hdr, "Authorization: OAuth realm=\"\", %s", req_hdr);
#if SAMUEL_DEBUG
printf("request URL=%s\n", req_url);
printf("request header=%s\n\n", http_hdr);
#endif
// POST HTTPMethod
reply = oauth_http_post2(req_url,&postarg,http_hdr);
// GET HTTPMethod
//reply = oauth_http_get2(req_url,postarg,http_hdr);
if(!reply){
printf("SAMUEL_DEBUG, HTTP request for an oauth request-token failed.\n");
return (fail = 1);
}
else
fail = get_keysecret(reply, res_key, res_secret);
#if SAMUEL_DEBUG
printf("SAMUEL_DEBUG, res_key: '%s'\t res_secret: '%s'\n", *res_key, *res_secret);
printf("Samuel_DEBUG, final %x\n",res_key);
printf("SAMUEL_DEBUG, postarg: %s\n",postarg);
#endif
if(http_hdr) free(http_hdr);
if(req_hdr) free(req_hdr);
if(verifier_perm) free(verifier_perm);
if(reply) free(reply);
if(req_url) free(req_url);
if(postarg) free(postarg);
if(request_token_uri) free(request_token_uri);
return fail;
}
static int ckl_transport_run(ckl_transport_t *t, ckl_conf_t *conf, ckl_msg_t* m)
{
long httprc = -1;
CURLcode res;
char *url = strdup(conf->endpoint);
if (t->append_url) {
free(url);
url = strappend(conf->endpoint, t->append_url);
}
if (conf->oauth_key && conf->oauth_secret) {
int i;
int argc;
char **argv = NULL;
char *url2;
struct curl_httppost *tmp;
argc = oauth_split_post_paramters(url, &argv, 0);
for (tmp = t->formpost; tmp != NULL; tmp = tmp->next) {
char *p = NULL;
if (asprintf(&p, "%s=%s", tmp->name, tmp->contents) < 0) {
fprintf(stderr, "Broken asprintf: %s = %s\n",
tmp->name, tmp->contents);
return -1;
}
oauth_add_param_to_array(&argc, &argv, p);
free(p);
}
url2 = oauth_sign_array2(&argc, &argv, NULL,
OA_HMAC, "POST",
conf->oauth_key, conf->oauth_secret,
"", "");
//fprintf(stderr, "url = %s\n", url2);
free(url2);
curl_formfree(t->formpost);
t->formpost = NULL;
t->lastptr = NULL;
for (i = 1; i < argc; i++) {
char *s = strdup(argv[i]);
char *p = strchr(s, '=');
if (p == NULL) {
fprintf(stderr, "Broken argv: %s = %s\n",
tmp->name, tmp->contents);
return -1;
}
*p = '\0';
p++;
//fprintf(stderr, "argv[%d]: %s = %s\n", i, s, p);
curl_formadd(&t->formpost,
&t->lastptr,
CURLFORM_COPYNAME, s,
CURLFORM_COPYCONTENTS, p,
CURLFORM_END);
}
oauth_free_array(&argc, &argv);
}
if (m && m->script_log != NULL) {
curl_formadd(&t->formpost,
&t->lastptr,
CURLFORM_COPYNAME, "scriptlog",
CURLFORM_FILE, m->script_log,
CURLFORM_FILENAME, "script.log",
CURLFORM_CONTENTTYPE, "text/plain", CURLFORM_END);
}
curl_easy_setopt(t->curl, CURLOPT_HTTPPOST, t->formpost);
curl_easy_setopt(t->curl, CURLOPT_URL, url);
res = curl_easy_perform(t->curl);
if (res != 0) {
fprintf(stderr, "Failed talking to endpoint %s: (%d) %s\n\n",
conf->endpoint, res, curl_easy_strerror(res));
return -1;
}
curl_easy_getinfo(t->curl, CURLINFO_RESPONSE_CODE, &httprc);
if (httprc >299 || httprc <= 199) {
fprintf(stderr, "Endpoint %s returned HTTP %d\n",
conf->endpoint, (int)httprc);
if (httprc == 403) {
fprintf(stderr, "Are you sure your secret is correct?\n");
}
return -1;
}
free(url);
return 0;
}
