static gchar* _make_base_string( GSignondSessionData *session_data, SoupURI* uri, gchar* nonce, gchar* timestamp) { GString* base_string = g_string_new("POST&"); gchar* base_uri; if (soup_uri_uses_default_port(uri)) base_uri = g_strdup_printf("https://%s%s", soup_uri_get_host(uri), soup_uri_get_path(uri)); else base_uri = g_strdup_printf("https://%s:%u%s", soup_uri_get_host(uri), soup_uri_get_port(uri), soup_uri_get_path(uri)); gchar* base_uri_e = _percent_encode(base_uri); g_string_append(base_string, base_uri_e); g_string_append(base_string, "&"); g_free(base_uri); g_free(base_uri_e); GTree* parameters = g_tree_new((GCompareFunc)g_strcmp0); const gchar* query_s = soup_uri_get_query(uri); GHashTable* query; if (query_s != NULL) query = soup_form_decode(query_s); else query = soup_form_decode(""); g_hash_table_foreach(query, _insert_into_tree, parameters); const gchar* callback_uri = gsignond_dictionary_get_string(session_data, "Callback"); if (callback_uri != NULL) g_tree_insert(parameters, "oauth_callback", (gchar*)callback_uri); const gchar* oauth_verifier = gsignond_dictionary_get_string(session_data, "_OauthVerifier"); if (oauth_verifier != NULL) g_tree_insert(parameters, "oauth_verifier", (gchar*)oauth_verifier); g_tree_insert(parameters, "oauth_consumer_key", (gchar*)gsignond_dictionary_get_string(session_data, "ConsumerKey")); const gchar* oauth_temp_token = gsignond_dictionary_get_string(session_data, "_OauthTemporaryToken"); if (oauth_temp_token != NULL) g_tree_insert(parameters, "oauth_token", (gchar*)oauth_temp_token); g_tree_insert(parameters, "oauth_signature_method", (gchar*)gsignond_dictionary_get_string(session_data, "SignatureMethod")); g_tree_insert(parameters, "oauth_nonce", nonce); g_tree_insert(parameters, "oauth_timestamp", timestamp); g_tree_insert(parameters, "oauth_version", "1.0"); GString* parameters_string = g_string_new(NULL); g_tree_foreach(parameters, _make_parameters_string, parameters_string); gchar* parameters_s = g_string_free(parameters_string, FALSE); parameters_s[strlen(parameters_s)-1] = '\0'; //remove trailing '&' gchar* parameters_encoded = _percent_encode(parameters_s); g_string_append(base_string, parameters_encoded); g_free(parameters_encoded); g_free(parameters_s); g_tree_destroy(parameters); g_hash_table_destroy(query); return g_string_free(base_string, FALSE); }
static void append_query_headers (GDataService *self, GDataAuthorizationDomain *domain, SoupMessage *message) { GDataFreebaseServicePrivate *priv = GDATA_FREEBASE_SERVICE (self)->priv; const gchar *query; GString *new_query; SoupURI *uri; g_assert (message != NULL); if (priv->developer_key) { uri = soup_message_get_uri (message); query = soup_uri_get_query (uri); /* Set the key on every request, as per * https://developers.google.com/freebase/v1/parameters */ if (query) { new_query = g_string_new (query); g_string_append (new_query, "&key="); g_string_append_uri_escaped (new_query, priv->developer_key, NULL, FALSE); soup_uri_set_query (uri, new_query->str); g_string_free (new_query, TRUE); } } /* Chain up to the parent class */ GDATA_SERVICE_CLASS (gdata_freebase_service_parent_class)->append_query_headers (self, domain, message); }
ScLocalStorageManager* sc_local_storage_manager_new(const gchar *url) { ScLocalStorageManager *manager = g_new0(ScLocalStorageManager, 1); SoupURI *uri = soup_uri_new(url); GString *filename = g_string_new(NULL); const gchar *host = soup_uri_get_host(uri); const gchar *path = soup_uri_get_path(uri); const gchar *query = soup_uri_get_query(uri); const gchar *fragment = soup_uri_get_fragment(uri); GFile *parent = NULL; GError *error = NULL; g_string_append_printf(filename, "%s/%s", host, path); if(url[strlen(url) - 1] == '/' || g_strcmp0("/", path) == 0) g_string_append(filename, "/index.html"); if(query) g_string_append_printf(filename, "/%s\n", query); if(fragment) g_string_append_printf(filename, "#%s\n", fragment); manager->file = g_file_new_for_commandline_arg(filename->str); g_string_free(filename, TRUE); if(g_file_query_exists(manager->file, NULL)) { g_file_delete(manager->file, NULL, &error); if(error && !g_error_matches(error, G_IO_ERROR,G_IO_ERROR_EXISTS)) { g_critical(G_STRLOC ": %d : %s", error->code, error->message); g_error_free(error); g_object_unref(parent); g_object_unref(manager->file); g_free(manager); return NULL; } } parent = g_file_get_parent(manager->file); g_file_make_directory_with_parents(parent, NULL, &error); if(error && !g_error_matches(error, G_IO_ERROR,G_IO_ERROR_EXISTS)) { g_critical(G_STRLOC ": %d : %s", error->code, error->message); g_error_free(error); g_object_unref(parent); g_object_unref(manager->file); g_free(manager); return NULL; } error = NULL; manager->ostream = g_file_create(manager->file, G_FILE_CREATE_NONE, NULL, &error); if(error) { g_critical(G_STRLOC ": %d : %s", error->code, error->message); g_error_free(error); g_object_unref(parent); g_object_unref(manager->file); g_free(manager); return NULL; } return manager; }
/** * ephy_remove_tracking_from_uri: * @uri_string: a uri * * Sanitize @uri to make sure it does not contain analytics tracking * information. Inspired by the Firefox PureURL add-on: * https://addons.mozilla.org/fr/firefox/addon/pure-url/ * * Returns: the sanitized uri, or %NULL on error or when the URI did * not change. */ char * ephy_remove_tracking_from_uri (const char *uri_string) { SoupURI *uri; GList *items, *new_items, *l; const char *query, *host; gboolean has_garbage = FALSE; char *ret = NULL; uri = soup_uri_new (uri_string); if (!uri) return ret; host = soup_uri_get_host (uri); query = soup_uri_get_query (uri); if (!query) goto bail; items = query_split (query); if (!items) goto bail; new_items = NULL; for (l = items; l != NULL; l = l->next) { QueryItem *item = l->data; if (!is_garbage (item->decoded_name, host)) new_items = g_list_prepend (new_items, item); else has_garbage = TRUE; } if (has_garbage) { char *new_query; new_items = g_list_reverse (new_items); new_query = query_concat (new_items); soup_uri_set_query (uri, new_query); g_free (new_query); ret = soup_uri_to_string (uri, FALSE); } g_list_free_full (items, (GDestroyNotify) query_item_free); g_list_free (new_items); bail: soup_uri_free (uri); return ret; }
void get_url_mocked (GrlNetWc *self, const char *url, GHashTable *headers, GAsyncResult *result, GCancellable *cancellable) { char *data_file, *full_path; GError *error = NULL; GStatBuf stat_buf; char *new_url; if (ignored_parameters) { SoupURI *uri = soup_uri_new (url); const char *query = soup_uri_get_query (uri); if (query) { char *new_query = g_regex_replace (ignored_parameters, query, -1, 0, "", 0, NULL); soup_uri_set_query (uri, *new_query ? new_query : NULL); new_url = soup_uri_to_string (uri, FALSE); soup_uri_free (uri); g_free (new_query); } else { new_url = g_strdup (url); } } else { new_url = g_strdup (url); } if (!config) { g_simple_async_result_set_error (G_SIMPLE_ASYNC_RESULT (result), GRL_NET_WC_ERROR, GRL_NET_WC_ERROR_NETWORK_ERROR, "%s", _("No mock definition found")); g_free (new_url); g_simple_async_result_complete_in_idle (G_SIMPLE_ASYNC_RESULT (result)); g_object_unref (result); return; } data_file = g_key_file_get_value (config, new_url, "data", &error); if (error) { g_simple_async_result_set_error (G_SIMPLE_ASYNC_RESULT (result), GRL_NET_WC_ERROR, GRL_NET_WC_ERROR_NOT_FOUND, _("Could not find mock content %s"), error->message); g_error_free (error); g_free (new_url); g_simple_async_result_complete_in_idle (G_SIMPLE_ASYNC_RESULT (result)); g_object_unref (result); return; } if (data_file[0] != '/') { full_path = g_build_filename (base_path, data_file, NULL); } else { full_path = g_strdup (data_file); } if (g_stat (full_path, &stat_buf) < 0) { g_simple_async_result_set_error (G_SIMPLE_ASYNC_RESULT (result), GRL_NET_WC_ERROR, GRL_NET_WC_ERROR_NOT_FOUND, _("Could not access mock content: %s"), data_file); g_simple_async_result_complete_in_idle (G_SIMPLE_ASYNC_RESULT (result)); g_object_unref (result); g_free (new_url); g_clear_pointer (&data_file, g_free); g_clear_pointer (&full_path, g_free); return; } g_clear_pointer (&data_file, g_free); g_clear_pointer (&full_path, g_free); g_simple_async_result_set_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result), new_url, NULL); g_simple_async_result_complete_in_idle (G_SIMPLE_ASYNC_RESULT (result)); g_object_unref (result); }
static void do_soup_uri_null_tests (void) { SoupURI *uri, *uri2; char *uri_string; debug_printf (1, "\nsoup_uri_new (NULL)\n"); uri = soup_uri_new (NULL); if (SOUP_URI_IS_VALID (uri) || SOUP_URI_VALID_FOR_HTTP (uri)) { debug_printf (1, " ERROR: soup_uri_new(NULL) returns valid URI?\n"); errors++; } /* This implicitly also verifies that none of these methods g_warn */ if (soup_uri_get_scheme (uri) || soup_uri_get_user (uri) || soup_uri_get_password (uri) || soup_uri_get_host (uri) || soup_uri_get_port (uri) || soup_uri_get_path (uri) || soup_uri_get_query (uri) || soup_uri_get_fragment (uri)) { debug_printf (1, " ERROR: soup_uri_new(NULL) returns non-empty URI?\n"); errors++; } expect_warning = TRUE; uri2 = soup_uri_new_with_base (uri, "/path"); if (uri2 || expect_warning) { debug_printf (1, " ERROR: soup_uri_new_with_base didn't fail on NULL URI?\n"); errors++; expect_warning = FALSE; } expect_warning = TRUE; uri_string = soup_uri_to_string (uri, FALSE); if (expect_warning) { debug_printf (1, " ERROR: soup_uri_to_string didn't fail on NULL URI?\n"); errors++; expect_warning = FALSE; } else if (*uri_string) { debug_printf (1, " ERROR: soup_uri_to_string on NULL URI returned '%s'\n", uri_string); errors++; } g_free (uri_string); soup_uri_set_scheme (uri, SOUP_URI_SCHEME_HTTP); if (SOUP_URI_IS_VALID (uri) || SOUP_URI_VALID_FOR_HTTP (uri)) { debug_printf (1, " ERROR: setting scheme on NULL URI makes it valid?\n"); errors++; } expect_warning = TRUE; uri_string = soup_uri_to_string (uri, FALSE); if (expect_warning) { debug_printf (1, " ERROR: soup_uri_to_string didn't fail on scheme-only URI?\n"); errors++; expect_warning = FALSE; } else if (strcmp (uri_string, "http:") != 0) { debug_printf (1, " ERROR: soup_uri_to_string returned '%s' instead of 'http:'\n", uri_string); errors++; } g_free (uri_string); soup_uri_set_host (uri, "localhost"); if (SOUP_URI_IS_VALID (uri)) { debug_printf (1, " ERROR: setting scheme+host on NULL URI makes it valid?\n"); errors++; } if (SOUP_URI_VALID_FOR_HTTP (uri)) { debug_printf (1, " ERROR: setting scheme+host on NULL URI makes it valid for http?\n"); errors++; } expect_warning = TRUE; uri_string = soup_uri_to_string (uri, FALSE); if (expect_warning) { debug_printf (1, " ERROR: soup_uri_to_string didn't fail on scheme+host URI?\n"); errors++; expect_warning = FALSE; } else if (strcmp (uri_string, "http://localhost/") != 0) { debug_printf (1, " ERROR: soup_uri_to_string with NULL path returned '%s' instead of 'http://localhost/'\n", uri_string); errors++; } g_free (uri_string); expect_warning = TRUE; uri2 = soup_uri_new_with_base (uri, "/path"); if (expect_warning) { debug_printf (1, " ERROR: soup_uri_new_with_base didn't warn on NULL+scheme URI?\n"); errors++; expect_warning = FALSE; } else if (!uri2) { debug_printf (1, " ERROR: soup_uri_new_with_base didn't fix path on NULL+scheme URI\n"); errors++; } if (uri2) { uri_string = soup_uri_to_string (uri2, FALSE); if (!uri_string) { debug_printf (1, " ERROR: soup_uri_to_string failed on uri2?\n"); errors++; } else if (strcmp (uri_string, "http://localhost/path") != 0) { debug_printf (1, " ERROR: soup_uri_to_string returned '%s' instead of 'http://localhost/path'\n", uri_string); errors++; } g_free (uri_string); soup_uri_free (uri2); } expect_warning = TRUE; soup_uri_set_path (uri, NULL); if (expect_warning) { debug_printf (1, " ERROR: setting path to NULL doesn't warn\n"); errors++; expect_warning = FALSE; } if (!uri->path || *uri->path) { debug_printf (1, " ERROR: setting path to NULL != \"\"\n"); errors++; soup_uri_set_path (uri, ""); } uri_string = soup_uri_to_string (uri, FALSE); if (!uri_string) { debug_printf (1, " ERROR: soup_uri_to_string failed on complete URI?\n"); errors++; } else if (strcmp (uri_string, "http://localhost/") != 0) { debug_printf (1, " ERROR: soup_uri_to_string with empty path returned '%s' instead of 'http://localhost/'\n", uri_string); errors++; } g_free (uri_string); if (!SOUP_URI_IS_VALID (uri)) { debug_printf (1, " ERROR: setting scheme+path on NULL URI doesn't make it valid?\n"); errors++; } if (!SOUP_URI_VALID_FOR_HTTP (uri)) { debug_printf (1, " ERROR: setting scheme+host+path on NULL URI doesn't make it valid for http?\n"); errors++; } soup_uri_free (uri); }
void _process_oauth1_user_action_finished(GSignondOauthPlugin *self, GSignondSignonuiData *ui_data) { GError* error = NULL; GSignondSignonuiError query_error; gboolean res = gsignond_signonui_data_get_query_error(ui_data, &query_error); if (res == FALSE) { error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_USER_INTERACTION, "userActionFinished did not return an error value"); goto out; } if (query_error == SIGNONUI_ERROR_CANCELED) { error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_SESSION_CANCELED, "Session canceled"); goto out; } else if (query_error != SIGNONUI_ERROR_NONE) { error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_USER_INTERACTION, "userActionFinished error: %d", query_error); goto out; } const gchar* response_url = gsignond_signonui_data_get_url_response(ui_data); const gchar* callback_uri = gsignond_dictionary_get_string( self->oauth1_request, "Callback"); if (response_url == NULL || callback_uri == NULL || g_str_has_prefix(response_url, callback_uri) == FALSE) { error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_NOT_AUTHORIZED, "Callback URI and URI supplied by UI don't match"); goto out; } SoupURI* response = soup_uri_new(response_url); const gchar* query = soup_uri_get_query(response); if (query == NULL) { soup_uri_free(response); error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_NOT_AUTHORIZED, "No query in returned redirect URI"); goto out; } GHashTable* params = soup_form_decode(query); soup_uri_free(response); const gchar* oauth_token_response = g_hash_table_lookup(params, "oauth_token"); if (g_strcmp0(oauth_token_response, gsignond_dictionary_get_string(self->oauth1_request, "_OauthTemporaryToken")) != 0) { g_hash_table_destroy(params); error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_NOT_AUTHORIZED, "Token returned by callback URI and temporary token don't match"); goto out; } const gchar* oauth_verifier = g_hash_table_lookup(params, "oauth_verifier"); if (oauth_verifier == NULL) { g_hash_table_destroy(params); error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_NOT_AUTHORIZED, "No oauth_verifier in callback URI"); goto out; } gsignond_dictionary_set_string(self->oauth1_request, "_OauthVerifier", oauth_verifier); gsignond_dictionary_remove(self->oauth1_request, "Callback"); g_hash_table_destroy(params); _request_access_token(self, self->oauth1_request, &error); out: if (error != NULL) { _do_reset_oauth1(self); gsignond_plugin_error (GSIGNOND_PLUGIN(self), error); g_error_free(error); } }
static void _temporary_token_callback (SoupSession *session, SoupMessage *msg, gpointer user_data) { GError* error = NULL; GSignondOauthPlugin *self = GSIGNOND_OAUTH_PLUGIN(user_data); if (msg->status_code != SOUP_STATUS_OK) { error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_NOT_AUTHORIZED, "Temporary token endpoint returned an error: %d %s", msg->status_code, msg->reason_phrase); goto out; } SoupBuffer* response_s = soup_message_body_flatten(msg->response_body); GHashTable* response = soup_form_decode(response_s->data); soup_buffer_free(response_s); const gchar* callback_confirmed = g_hash_table_lookup(response, "oauth_callback_confirmed"); const gchar* token = g_hash_table_lookup(response, "oauth_token"); const gchar* token_secret = g_hash_table_lookup(response, "oauth_token_secret"); if (token == NULL || token_secret == NULL || g_strcmp0(callback_confirmed, "true") != 0) { g_hash_table_destroy(response); error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_NOT_AUTHORIZED, "Temporary token endpoint returned an invalid response"); goto out; } const gchar* callback_url = gsignond_dictionary_get_string(self->oauth1_request, "Callback"); if (callback_url == NULL) { g_hash_table_destroy(response); error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_NOT_AUTHORIZED, "Client did not supply Callback"); goto out; } const gchar* authorization_url_s = gsignond_dictionary_get_string(self->oauth1_request, "AuthorizationEndpoint"); if (authorization_url_s == NULL) { g_hash_table_destroy(response); error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_NOT_AUTHORIZED, "Client did not supply AuthorizationEndpoint"); goto out; } SoupURI* authorization_url = soup_uri_new(authorization_url_s); if (authorization_url == NULL) { g_hash_table_destroy(response); error = g_error_new(GSIGNOND_ERROR, GSIGNOND_ERROR_NOT_AUTHORIZED, "Client did not supply a valid AuthorizationEndpoint"); goto out; } gsignond_oauth_plugin_check_host(soup_uri_get_host(authorization_url), gsignond_session_data_get_allowed_realms (self->oauth1_request), &error); if (error != NULL) { soup_uri_free(authorization_url); g_hash_table_destroy(response); return; } GHashTable* query = g_hash_table_new((GHashFunc)g_str_hash, (GEqualFunc)g_str_equal); const gchar* authorization_query_s = soup_uri_get_query(authorization_url); GHashTable *auth_query = NULL; if (authorization_query_s != NULL) { auth_query = soup_form_decode(authorization_query_s); g_hash_table_foreach(auth_query, _insert_key_value, query); } g_hash_table_insert(query, "oauth_token", (gchar*)token); soup_uri_set_query_from_form(authorization_url, query); if (auth_query) g_hash_table_destroy(auth_query); g_hash_table_destroy(query); gchar* open_url = soup_uri_to_string(authorization_url, FALSE); soup_uri_free(authorization_url); gsignond_dictionary_set_string(self->oauth1_request, "_OauthTemporaryToken", token); gsignond_dictionary_set_string(self->oauth1_request, "_OauthTemporaryTokenSecret", token_secret); GSignondSignonuiData* ui_request = gsignond_dictionary_new(); gsignond_signonui_data_set_open_url(ui_request, open_url); g_free(open_url); if (g_strcmp0(callback_url, "oob") != 0) gsignond_signonui_data_set_final_url(ui_request, callback_url); /* add username and password, for fields initialization (the * decision on whether to actually use them is up to the signon UI */ const gchar* username = gsignond_session_data_get_username(self->oauth1_request); if (username != NULL) gsignond_signonui_data_set_username(ui_request, username); const gchar* secret = gsignond_session_data_get_secret(self->oauth1_request); if (secret != NULL) gsignond_signonui_data_set_password(ui_request, secret); gsignond_plugin_user_action_required(GSIGNOND_PLUGIN(self), ui_request); gsignond_dictionary_unref(ui_request); g_hash_table_destroy(response); out: if (error != NULL) { _do_reset_oauth1(self); gsignond_plugin_error (GSIGNOND_PLUGIN(self), error); g_error_free(error); } }