diff options
-rw-r--r-- | libempathy/Makefile.am | 2 | ||||
-rw-r--r-- | libempathy/empathy-auth-factory.c | 1 | ||||
-rw-r--r-- | libempathy/empathy-goa-auth-handler.c | 171 | ||||
-rw-r--r-- | libempathy/empathy-goa-auth-handler.h | 2 | ||||
-rw-r--r-- | libempathy/empathy-sasl-mechanisms.c | 293 | ||||
-rw-r--r-- | libempathy/empathy-sasl-mechanisms.h | 57 | ||||
-rw-r--r-- | libempathy/empathy-utils.c | 15 | ||||
-rw-r--r-- | libempathy/empathy-utils.h | 3 |
8 files changed, 393 insertions, 151 deletions
diff --git a/libempathy/Makefile.am b/libempathy/Makefile.am index cfa525508..67e64a9f6 100644 --- a/libempathy/Makefile.am +++ b/libempathy/Makefile.am @@ -49,6 +49,7 @@ libempathy_headers = \ empathy-message.h \ empathy-pkg-kit.h \ empathy-request-util.h \ + empathy-sasl-mechanisms.h \ empathy-server-sasl-handler.h \ empathy-server-tls-handler.h \ empathy-status-presets.h \ @@ -83,6 +84,7 @@ libempathy_handwritten_source = \ empathy-message.c \ empathy-pkg-kit.c \ empathy-request-util.c \ + empathy-sasl-mechanisms.c \ empathy-server-sasl-handler.c \ empathy-server-tls-handler.c \ empathy-status-presets.c \ diff --git a/libempathy/empathy-auth-factory.c b/libempathy/empathy-auth-factory.c index fb178216d..922528577 100644 --- a/libempathy/empathy-auth-factory.c +++ b/libempathy/empathy-auth-factory.c @@ -27,6 +27,7 @@ #define DEBUG_FLAG EMPATHY_DEBUG_TLS #include "empathy-debug.h" #include "empathy-keyring.h" +#include "empathy-sasl-mechanisms.h" #include "empathy-server-sasl-handler.h" #include "empathy-server-tls-handler.h" #include "empathy-utils.h" diff --git a/libempathy/empathy-goa-auth-handler.c b/libempathy/empathy-goa-auth-handler.c index a439c72c2..260ba1264 100644 --- a/libempathy/empathy-goa-auth-handler.c +++ b/libempathy/empathy-goa-auth-handler.c @@ -1,5 +1,5 @@ /* - * empathy-auth-goa.c - Source for Goa SASL authentication + * empathy-goa-auth-handler.c - Source for Goa SASL authentication * Copyright (C) 2011 Collabora Ltd. * @author Xavier Claessens <xavier.claessens@collabora.co.uk> * @@ -23,21 +23,11 @@ #define GOA_API_IS_SUBJECT_TO_CHANGE /* awesome! */ #include <goa/goa.h> -#include <libsoup/soup.h> -#include <string.h> - #define DEBUG_FLAG EMPATHY_DEBUG_SASL #include "empathy-debug.h" #include "empathy-utils.h" #include "empathy-goa-auth-handler.h" - -#define MECH_FACEBOOK "X-FACEBOOK-PLATFORM" -#define MECH_MSN "X-MESSENGER-OAUTH2" - -static const gchar *supported_mechanisms[] = { - MECH_FACEBOOK, - MECH_MSN, - NULL}; +#include "empathy-sasl-mechanisms.h" struct _EmpathyGoaAuthHandlerPriv { @@ -118,77 +108,25 @@ fail_auth (AuthData *data) } static void -sasl_status_changed_cb (TpChannel *channel, - guint status, - const gchar *reason, - GHashTable *details, - gpointer user_data, - GObject *self) -{ - switch (status) - { - case TP_SASL_STATUS_SERVER_SUCCEEDED: - tp_cli_channel_interface_sasl_authentication_call_accept_sasl (channel, - -1, NULL, NULL, NULL, NULL); - break; - - case TP_SASL_STATUS_SUCCEEDED: - case TP_SASL_STATUS_SERVER_FAILED: - case TP_SASL_STATUS_CLIENT_FAILED: - tp_cli_channel_call_close (channel, -1, NULL, NULL, NULL, NULL); - break; - - default: - break; - } -} - -static void -facebook_new_challenge_cb (TpChannel *channel, - const GArray *challenge, - gpointer user_data, - GObject *weak_object) +auth_cb (GObject *source, + GAsyncResult *result, + gpointer user_data) { + TpChannel *channel = (TpChannel *) source; AuthData *data = user_data; - GoaOAuth2Based *oauth2; - const gchar *client_id; - GHashTable *h; - GHashTable *params; - gchar *response; - GArray *response_array; - - DEBUG ("new challenge for %s:\n%s", - tp_proxy_get_object_path (data->account), - challenge->data); - - h = soup_form_decode (challenge->data); - - oauth2 = goa_object_get_oauth2_based (data->goa_object); - client_id = goa_oauth2_based_get_client_id (oauth2); - - /* See https://developers.facebook.com/docs/chat/#platauth */ - params = g_hash_table_new (g_str_hash, g_str_equal); - g_hash_table_insert (params, "method", g_hash_table_lookup (h, "method")); - g_hash_table_insert (params, "nonce", g_hash_table_lookup (h, "nonce")); - g_hash_table_insert (params, "access_token", data->access_token); - g_hash_table_insert (params, "api_key", (gpointer) client_id); - g_hash_table_insert (params, "call_id", "0"); - g_hash_table_insert (params, "v", "1.0"); - - response = soup_form_encode_hash (params); - DEBUG ("Response: %s", response); - - response_array = g_array_new (FALSE, FALSE, sizeof (gchar)); - g_array_append_vals (response_array, response, strlen (response)); + GError *error = NULL; - tp_cli_channel_interface_sasl_authentication_call_respond (data->channel, -1, - response_array, NULL, NULL, NULL, NULL); + if (!empathy_sasl_auth_finish (channel, result, &error)) + { + DEBUG ("SASL Mechanism error: %s", error->message); + fail_auth (data); + g_clear_error (&error); + return; + } - g_hash_table_unref (h); - g_hash_table_unref (params); - g_object_unref (oauth2); - g_free (response); - g_array_unref (response_array); + /* Success! */ + tp_channel_close_async (channel, NULL, NULL); + auth_data_free (data); } static void @@ -198,11 +136,12 @@ got_oauth2_access_token_cb (GObject *source, { GoaOAuth2Based *oauth2 = (GoaOAuth2Based *) source; AuthData *data = user_data; + gchar *access_token; gint expires_in; GError *error = NULL; if (!goa_oauth2_based_call_get_access_token_finish (oauth2, - &data->access_token, &expires_in, result, &error)) + &access_token, &expires_in, result, &error)) { DEBUG ("Failed to get access token: %s", error->message); fail_auth (data); @@ -212,55 +151,27 @@ got_oauth2_access_token_cb (GObject *source, DEBUG ("Got access token for %s:\n%s", tp_proxy_get_object_path (data->account), - data->access_token); - - tp_cli_channel_interface_sasl_authentication_connect_to_sasl_status_changed ( - data->channel, sasl_status_changed_cb, NULL, NULL, NULL, NULL); - g_assert_no_error (error); + access_token); - if (empathy_sasl_channel_supports_mechanism (data->channel, MECH_FACEBOOK)) + switch (empathy_sasl_channel_select_mechanism (data->channel)) { - /* Give ownership of data to signal connection */ - tp_cli_channel_interface_sasl_authentication_connect_to_new_challenge ( - data->channel, facebook_new_challenge_cb, - data, (GDestroyNotify) auth_data_free, - NULL, NULL); + case EMPATHY_SASL_MECHANISM_FACEBOOK: + empathy_sasl_auth_facebook_async (data->channel, + goa_oauth2_based_get_client_id (oauth2), access_token, + auth_cb, NULL); + break; - DEBUG ("Start %s mechanism for account %s", MECH_FACEBOOK, - tp_proxy_get_object_path (data->account)); + case EMPATHY_SASL_MECHANISM_WLM: + empathy_sasl_auth_wlm_async (data->channel, + access_token, + auth_cb, NULL); + break; - tp_cli_channel_interface_sasl_authentication_call_start_mechanism ( - data->channel, -1, MECH_FACEBOOK, NULL, NULL, NULL, NULL); - } - else if (empathy_sasl_channel_supports_mechanism (data->channel, MECH_MSN)) - { - guchar *token_decoded; - gsize token_decoded_len; - GArray *token_decoded_array; - - /* Wocky will base64 encode, but token actually already is base64, so we - * decode now and it will be re-encoded. */ - token_decoded = g_base64_decode (data->access_token, &token_decoded_len); - token_decoded_array = g_array_new (FALSE, FALSE, sizeof (guchar)); - g_array_append_vals (token_decoded_array, token_decoded, token_decoded_len); - - DEBUG ("Start %s mechanism for account %s", MECH_MSN, - tp_proxy_get_object_path (data->account)); - - tp_cli_channel_interface_sasl_authentication_call_start_mechanism_with_data ( - data->channel, -1, MECH_MSN, token_decoded_array, - NULL, NULL, NULL, NULL); - - g_array_unref (token_decoded_array); - g_free (token_decoded); - auth_data_free (data); - } - else - { - /* We already checked it supports one of supported_mechanisms, so this - * can't happen */ - g_assert_not_reached (); + default: + g_assert_not_reached (); } + + g_free (access_token); } static void @@ -417,7 +328,7 @@ empathy_goa_auth_handler_supports (EmpathyGoaAuthHandler *self, TpAccount *account) { const gchar *provider; - const gchar * const *iter; + EmpathySaslMechanism mech; g_return_val_if_fail (TP_IS_CHANNEL (channel), FALSE); g_return_val_if_fail (TP_IS_ACCOUNT (account), FALSE); @@ -426,11 +337,7 @@ empathy_goa_auth_handler_supports (EmpathyGoaAuthHandler *self, if (tp_strdiff (provider, EMPATHY_GOA_PROVIDER)) return FALSE; - for (iter = supported_mechanisms; *iter != NULL; iter++) - { - if (empathy_sasl_channel_supports_mechanism (channel, *iter)) - return TRUE; - } - - return FALSE; + mech = empathy_sasl_channel_select_mechanism (channel); + return mech == EMPATHY_SASL_MECHANISM_FACEBOOK || + mech == EMPATHY_SASL_MECHANISM_WLM; } diff --git a/libempathy/empathy-goa-auth-handler.h b/libempathy/empathy-goa-auth-handler.h index 5b7c08774..9e7d110ca 100644 --- a/libempathy/empathy-goa-auth-handler.h +++ b/libempathy/empathy-goa-auth-handler.h @@ -1,5 +1,5 @@ /* - * empathy-auth-goa.h - Header for Goa SASL authentication + * empathy-goa-auth-handler.h - Header for Goa SASL authentication * Copyright (C) 2011 Collabora Ltd. * @author Xavier Claessens <xavier.claessens@collabora.co.uk> * diff --git a/libempathy/empathy-sasl-mechanisms.c b/libempathy/empathy-sasl-mechanisms.c new file mode 100644 index 000000000..5bdc7590f --- /dev/null +++ b/libempathy/empathy-sasl-mechanisms.c @@ -0,0 +1,293 @@ +/* + * empathy-sasl-mechanisms.h - Header for SASL authentication mechanisms + * Copyright (C) 2012 Collabora Ltd. + * @author Xavier Claessens <xavier.claessens@collabora.co.uk> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#include "config.h" + +#include <libsoup/soup.h> +#include <string.h> + +#define DEBUG_FLAG EMPATHY_DEBUG_SASL +#include "empathy-debug.h" +#include "empathy-utils.h" +#include "empathy-sasl-mechanisms.h" + +#define MECH_FACEBOOK "X-FACEBOOK-PLATFORM" +#define MECH_WLM "X-MESSENGER-OAUTH2" + +typedef struct +{ + EmpathySaslMechanism id; + const gchar *name; +} SupportedMech; + +static SupportedMech supported_mechanisms[] = { + { EMPATHY_SASL_MECHANISM_FACEBOOK, MECH_FACEBOOK }, + { EMPATHY_SASL_MECHANISM_WLM, MECH_WLM }, +}; + +static void +generic_cb (TpChannel *proxy, + const GError *error, + gpointer user_data, + GObject *weak_object) +{ + GSimpleAsyncResult *result = user_data; + + if (error != NULL) + { + g_simple_async_result_set_from_error (result, error); + g_simple_async_result_complete (result); + } +} + +static void +sasl_status_changed_cb (TpChannel *channel, + guint status, + const gchar *dbus_error, + GHashTable *details, + gpointer user_data, + GObject *self) +{ + GSimpleAsyncResult *result = user_data; + + switch (status) + { + case TP_SASL_STATUS_SERVER_SUCCEEDED: + tp_cli_channel_interface_sasl_authentication_call_accept_sasl (channel, + -1, generic_cb, g_object_ref (result), g_object_unref, NULL); + break; + + case TP_SASL_STATUS_SERVER_FAILED: + case TP_SASL_STATUS_CLIENT_FAILED: + { + GError *error = NULL; + + tp_proxy_dbus_error_to_gerror (channel, dbus_error, + tp_asv_get_string (details, "debug-message"), &error); + + g_simple_async_result_take_error (result, error); + } + break; + + case TP_SASL_STATUS_SUCCEEDED: + g_simple_async_result_complete (result); + break; + + default: + break; + } +} + +static GSimpleAsyncResult * +empathy_sasl_auth_common_async (TpChannel *channel, + GAsyncReadyCallback callback, + gpointer user_data) +{ + GSimpleAsyncResult *result; + GError *error = NULL; + + g_return_val_if_fail (TP_IS_CHANNEL (channel), NULL); + g_return_val_if_fail (tp_proxy_has_interface_by_id (channel, + TP_IFACE_QUARK_CHANNEL_INTERFACE_SASL_AUTHENTICATION), NULL); + + result = g_simple_async_result_new ((GObject *) channel, + callback, user_data, empathy_sasl_auth_common_async); + + tp_cli_channel_interface_sasl_authentication_connect_to_sasl_status_changed ( + channel, sasl_status_changed_cb, + g_object_ref (result), g_object_unref, NULL, &error); + g_assert_no_error (error); + + return result; +} + +typedef struct +{ + TpChannel *channel; + gchar *client_id; + gchar *access_token; +} FacebookData; + +static void +facebook_data_free (FacebookData *data) +{ + g_object_unref (data->channel); + g_free (data->client_id); + g_free (data->access_token); + g_slice_free (FacebookData, data); +} + +static void +facebook_new_challenge_cb (TpChannel *channel, + const GArray *challenge, + gpointer user_data, + GObject *weak_object) +{ + GSimpleAsyncResult *result = user_data; + FacebookData *data; + GHashTable *h; + GHashTable *params; + gchar *response; + GArray *response_array; + + DEBUG ("new challenge: %s", challenge->data); + + data = g_simple_async_result_get_op_res_gpointer (result); + + h = soup_form_decode (challenge->data); + + /* See https://developers.facebook.com/docs/chat/#platauth */ + params = g_hash_table_new (g_str_hash, g_str_equal); + g_hash_table_insert (params, "method", g_hash_table_lookup (h, "method")); + g_hash_table_insert (params, "nonce", g_hash_table_lookup (h, "nonce")); + g_hash_table_insert (params, "access_token", data->access_token); + g_hash_table_insert (params, "api_key", data->client_id); + g_hash_table_insert (params, "call_id", "0"); + g_hash_table_insert (params, "v", "1.0"); + + response = soup_form_encode_hash (params); + DEBUG ("Response: %s", response); + + response_array = g_array_new (FALSE, FALSE, sizeof (gchar)); + g_array_append_vals (response_array, response, strlen (response)); + + tp_cli_channel_interface_sasl_authentication_call_respond (data->channel, -1, + response_array, generic_cb, g_object_ref (result), g_object_unref, NULL); + + g_hash_table_unref (h); + g_hash_table_unref (params); + g_free (response); + g_array_unref (response_array); +} + +void +empathy_sasl_auth_facebook_async (TpChannel *channel, + const gchar *client_id, + const gchar *access_token, + GAsyncReadyCallback callback, + gpointer user_data) +{ + GSimpleAsyncResult *result; + FacebookData *data; + GError *error = NULL; + + result = empathy_sasl_auth_common_async (channel, callback, user_data); + + g_return_if_fail (result != NULL); + g_return_if_fail (empathy_sasl_channel_supports_mechanism (channel, + MECH_FACEBOOK)); + g_return_if_fail (!tp_str_empty (client_id)); + g_return_if_fail (!tp_str_empty (access_token)); + + DEBUG ("Start %s mechanism", MECH_FACEBOOK); + + data = g_slice_new0 (FacebookData); + data->channel = g_object_ref (channel); + data->client_id = g_strdup (client_id); + data->access_token = g_strdup (access_token); + + g_simple_async_result_set_op_res_gpointer (result, data, + (GDestroyNotify) facebook_data_free); + + tp_cli_channel_interface_sasl_authentication_connect_to_new_challenge ( + channel, facebook_new_challenge_cb, + g_object_ref (result), g_object_unref, + NULL, &error); + g_assert_no_error (error); + + tp_cli_channel_interface_sasl_authentication_call_start_mechanism ( + channel, -1, MECH_FACEBOOK, generic_cb, + g_object_ref (result), g_object_unref, NULL); + + g_object_unref (result); +} + +void +empathy_sasl_auth_wlm_async (TpChannel *channel, + const gchar *access_token, + GAsyncReadyCallback callback, + gpointer user_data) +{ + GSimpleAsyncResult *result; + guchar *token_decoded; + gsize token_decoded_len; + GArray *token_decoded_array; + + result = empathy_sasl_auth_common_async (channel, callback, user_data); + + g_return_if_fail (result != NULL); + g_return_if_fail (empathy_sasl_channel_supports_mechanism (channel, + MECH_WLM)); + g_return_if_fail (!tp_str_empty (access_token)); + + DEBUG ("Start %s mechanism", MECH_WLM); + + /* Wocky will base64 encode, but token actually already is base64, so we + * decode now and it will be re-encoded. */ + token_decoded = g_base64_decode (access_token, &token_decoded_len); + token_decoded_array = g_array_new (FALSE, FALSE, sizeof (guchar)); + g_array_append_vals (token_decoded_array, token_decoded, token_decoded_len); + + tp_cli_channel_interface_sasl_authentication_call_start_mechanism_with_data ( + channel, -1, MECH_WLM, token_decoded_array, + generic_cb, g_object_ref (result), g_object_unref, NULL); + + g_array_unref (token_decoded_array); + g_free (token_decoded); + g_object_unref (result); +} + +gboolean +empathy_sasl_auth_finish (TpChannel *channel, + GAsyncResult *result, + GError **error) +{ + empathy_implement_finish_void (channel, empathy_sasl_auth_common_async); +} + +gboolean +empathy_sasl_channel_supports_mechanism (TpChannel *channel, + const gchar *mechanism) +{ + GHashTable *props; + const gchar * const *available_mechanisms; + + props = tp_channel_borrow_immutable_properties (channel); + available_mechanisms = tp_asv_get_boxed (props, + TP_PROP_CHANNEL_INTERFACE_SASL_AUTHENTICATION_AVAILABLE_MECHANISMS, + G_TYPE_STRV); + + return tp_strv_contains (available_mechanisms, mechanism); +} + +EmpathySaslMechanism +empathy_sasl_channel_select_mechanism (TpChannel *channel) +{ + guint i; + + for (i = 0; i < G_N_ELEMENTS (supported_mechanisms); i++) + { + if (empathy_sasl_channel_supports_mechanism (channel, + supported_mechanisms[i].name)) + return supported_mechanisms[i].id; + } + + return EMPATHY_SASL_MECHANISM_UNSUPPORTED; +} diff --git a/libempathy/empathy-sasl-mechanisms.h b/libempathy/empathy-sasl-mechanisms.h new file mode 100644 index 000000000..84165ac70 --- /dev/null +++ b/libempathy/empathy-sasl-mechanisms.h @@ -0,0 +1,57 @@ +/* + * empathy-sasl-mechanisms.h - Header for SASL authentication mechanisms + * Copyright (C) 2012 Collabora Ltd. + * @author Xavier Claessens <xavier.claessens@collabora.co.uk> + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef __EMPATHY_SASL_MECHANISMS_H__ +#define __EMPATHY_SASL_MECHANISMS_H__ + +#include <telepathy-glib/telepathy-glib.h> + +G_BEGIN_DECLS + +typedef enum +{ + EMPATHY_SASL_MECHANISM_UNSUPPORTED, + EMPATHY_SASL_MECHANISM_FACEBOOK, + EMPATHY_SASL_MECHANISM_WLM, +} EmpathySaslMechanism; + +void empathy_sasl_auth_facebook_async (TpChannel *channel, + const gchar *client_id, + const gchar *access_token, + GAsyncReadyCallback callback, + gpointer user_data); + +void empathy_sasl_auth_wlm_async (TpChannel *channel, + const gchar *access_token, + GAsyncReadyCallback callback, + gpointer user_data); + +gboolean empathy_sasl_auth_finish (TpChannel *channel, + GAsyncResult *result, + GError **error); + +gboolean empathy_sasl_channel_supports_mechanism (TpChannel *channel, + const gchar *mechanism); + +EmpathySaslMechanism empathy_sasl_channel_select_mechanism (TpChannel *channel); + +G_END_DECLS + +#endif /* #ifndef __EMPATHY_SASL_MECHANISMS_H__*/ diff --git a/libempathy/empathy-utils.c b/libempathy/empathy-utils.c index ccaf955e4..cc518c0b0 100644 --- a/libempathy/empathy-utils.c +++ b/libempathy/empathy-utils.c @@ -1121,21 +1121,6 @@ while_finish: *can_video_call = can_video; } -gboolean -empathy_sasl_channel_supports_mechanism (TpChannel *channel, - const gchar *mechanism) -{ - GHashTable *props; - const gchar * const *available_mechanisms; - - props = tp_channel_borrow_immutable_properties (channel); - available_mechanisms = tp_asv_get_boxed (props, - TP_PROP_CHANNEL_INTERFACE_SASL_AUTHENTICATION_AVAILABLE_MECHANISMS, - G_TYPE_STRV); - - return tp_strv_contains (available_mechanisms, mechanism); -} - static FolksIndividual * create_individual_from_persona (FolksPersona *persona) { diff --git a/libempathy/empathy-utils.h b/libempathy/empathy-utils.h index 088c39236..c3a5886a3 100644 --- a/libempathy/empathy-utils.h +++ b/libempathy/empathy-utils.h @@ -115,9 +115,6 @@ void empathy_individual_can_audio_video_call (FolksIndividual *individual, gboolean *can_video_call, EmpathyContact **out_contact); -gboolean empathy_sasl_channel_supports_mechanism (TpChannel *channel, - const gchar *mechanism); - FolksIndividual * empathy_create_individual_from_tp_contact ( TpContact *contact); |