Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/dev-cpp/libcmis/files/libcmis-0.5.2-oauth2-encode.patch
blob: c6a99074c502cf25440bc6f544edba61679d66d9 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

From 33f7485dedea90e0f80c6348fa8ac5f27c5052e0 Mon Sep 17 00:00:00 2001
From: Stephan Bergmann <sbergman@redhat.com>
Date: Tue, 4 Sep 2018 16:45:00 +0200
Subject: Properly encode OAuth2 credentials

Change-Id: Ic3edeae035262309e91fb01e3aca5c2f905bc3e5
Reviewed-on: https://gerrit.libreoffice.org/59986
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>

--- a/src/libcmis/oauth2-providers.cxx
+++ b/src/libcmis/oauth2-providers.cxx
@@ -26,6 +26,8 @@
  * instead of those above.
  */
 
+#include <cassert>
+
 #include <libxml/HTMLparser.h>
 #include <libxml/xmlreader.h>
 
@@ -45,6 +47,29 @@
 #define HTML_PARSE_RECOVER 0
 #endif
 
+namespace {
+
+// See <https://url.spec.whatwg.org/#concept-urlencoded-byte-serializer>:
+void addXWwwFormUrlencoded(std::string * buffer, std::string const & data) {
+    assert(buffer);
+    for (string::const_iterator i = data.begin(); i != data.end(); ++i) {
+        unsigned char c = static_cast<unsigned char>(*i);
+        if (c == ' ' || c == '*' || c == '-' || c == '.' || (c >= '0' && c <= '9')
+            || (c >= 'A' && c <= 'Z') || c == '_' || (c >= 'a' && c <= 'z'))
+        {
+            *buffer += static_cast<char>(c);
+        } else {
+            static const char hex[16] = {
+                '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
+            *buffer += '%';
+            *buffer += hex[c >> 4];
+            *buffer += hex[c & 0xF];
+        }
+    }
+}
+
+}
+
 string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUrl,
                                       const string& username, const string& password )
 {
@@ -97,7 +120,7 @@
         return string( );
 
     loginEmailPost += "Email=";
-    loginEmailPost += string( username );
+    addXWwwFormUrlencoded(&loginEmailPost, username);
 
     istringstream loginEmailIs( loginEmailPost );
     string loginEmailRes;
@@ -119,7 +142,7 @@
         return string( );
 
     loginPasswdPost += "Passwd=";
-    loginPasswdPost += string( password );
+    addXWwwFormUrlencoded(&loginPasswdPost, password);
 
     istringstream loginPasswdIs( loginPasswdPost );
     string loginPasswdRes;