diff options
Diffstat (limited to 'lib/oauth2.c')
| -rw-r--r-- | lib/oauth2.c | 196 |
1 files changed, 196 insertions, 0 deletions
diff --git a/lib/oauth2.c b/lib/oauth2.c new file mode 100644 index 00000000..1af63974 --- /dev/null +++ b/lib/oauth2.c @@ -0,0 +1,196 @@ +/***************************************************************************\ +* * +* BitlBee - An IRC to IM gateway * +* Simple OAuth client (consumer) implementation. * +* * +* Copyright 2010-2011 Wilmer van der Gaast <wilmer@gaast.net> * +* * +* This program is free software; you can redistribute it and/or modify * +* it under the terms of the GNU General Public License as published by * +* the Free Software Foundation; either version 2 of the License, or * +* (at your option) any later version. * +* * +* This program is distributed in the hope that it will be useful, * +* but WITHOUT ANY WARRANTY; without even the implied warranty of * +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * +* GNU General Public License for more details. * +* * +* You should have received a copy of the GNU General Public License along * +* with this program; if not, write to the Free Software Foundation, Inc., * +* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * +* * +\***************************************************************************/ + +#include <glib.h> +#include "http_client.h" +#include "oauth2.h" +#include "oauth.h" +#include "url.h" + +char *oauth2_url( const struct oauth2_service *sp ) +{ + return g_strconcat( sp->auth_url, + "?scope=", sp->scope, + "&response_type=code" + "&redirect_uri=", sp->redirect_url, + "&client_id=", sp->consumer_key, + NULL ); +} + +struct oauth2_access_token_data +{ + oauth2_token_callback func; + gpointer data; +}; + +static char *oauth2_json_dumb_get( const char *json, const char *key ); +static void oauth2_access_token_done( struct http_request *req ); + +int oauth2_access_token( const struct oauth2_service *sp, + const char *auth_type, const char *auth, + oauth2_token_callback func, gpointer data ) +{ + GSList *args = NULL; + char *args_s, *s; + url_t url_p; + struct http_request *req; + struct oauth2_access_token_data *cb_data; + + if( !url_set( &url_p, sp->token_url ) ) + return 0; + + oauth_params_add( &args, "client_id", sp->consumer_key ); + oauth_params_add( &args, "client_secret", sp->consumer_secret ); + oauth_params_add( &args, "grant_type", auth_type ); + if( strcmp( auth_type, OAUTH2_AUTH_CODE ) == 0 ) + { + oauth_params_add( &args, "redirect_uri", sp->redirect_url ); + oauth_params_add( &args, "code", auth ); + } + else + { + oauth_params_add( &args, "refresh_token", auth ); + } + args_s = oauth_params_string( args ); + oauth_params_free( &args ); + + s = g_strdup_printf( "POST %s HTTP/1.0\r\n" + "Host: %s\r\n" + "Content-Type: application/x-www-form-urlencoded\r\n" + "Content-Length: %zd\r\n" + "Connection: close\r\n" + "\r\n" + "%s", url_p.file, url_p.host, strlen( args_s ), args_s ); + g_free( args_s ); + + cb_data = g_new0( struct oauth2_access_token_data, 1 ); + cb_data->func = func; + cb_data->data = data; + + req = http_dorequest( url_p.host, url_p.port, url_p.proto == PROTO_HTTPS, + s, oauth2_access_token_done, cb_data ); + + g_free( s ); + + if( req == NULL ) + g_free( cb_data ); + + return req != NULL; +} + +static void oauth2_access_token_done( struct http_request *req ) +{ + struct oauth2_access_token_data *cb_data = req->data; + char *atoken = NULL, *rtoken = NULL; + const char *content_type; + + if( getenv( "BITLBEE_DEBUG" ) && req->reply_body ) + printf( "%s\n", req->reply_body ); + + content_type = get_rfc822_header( req->reply_headers, "Content-Type", 0 ); + + if( req->status_code != 200 ) + { + } + else if( content_type && strstr( content_type, "application/json" ) ) + { + atoken = oauth2_json_dumb_get( req->reply_body, "access_token" ); + rtoken = oauth2_json_dumb_get( req->reply_body, "refresh_token" ); + } + else + { + /* Facebook use their own odd format here, seems to be URL-encoded. */ + GSList *p_in = NULL; + + oauth_params_parse( &p_in, req->reply_body ); + atoken = g_strdup( oauth_params_get( &p_in, "access_token" ) ); + rtoken = g_strdup( oauth_params_get( &p_in, "refresh_token" ) ); + oauth_params_free( &p_in ); + } + if( getenv( "BITLBEE_DEBUG" ) ) + printf( "Extracted atoken=%s rtoken=%s\n", atoken, rtoken ); + + cb_data->func( cb_data->data, atoken, rtoken ); + g_free( atoken ); + g_free( rtoken ); + g_free( cb_data ); +} + +/* Super dumb. I absolutely refuse to use/add a complete json parser library + (adding a new dependency to BitlBee for the first time in.. 6 years?) just + to parse 100 bytes of data. So I have to do my own parsing because OAuth2 + dropped support for XML. (GRRR!) This is very dumb and for example won't + work for integer values, nor will it strip/handle backslashes. */ +static char *oauth2_json_dumb_get( const char *json, const char *key ) +{ + int is_key; /* 1 == reading key, 0 == reading value */ + int found_key = 0; + + while( json && *json ) + { + /* Grab strings and see if they're what we're looking for. */ + if( *json == '"' || *json == '\'' ) + { + char q = *json; + const char *str_start; + json ++; + str_start = json; + + while( *json ) + { + /* \' and \" are not string terminators. */ + if( *json == '\\' && json[1] == q ) + json ++; + /* But without a \ it is. */ + else if( *json == q ) + break; + json ++; + } + if( *json == '\0' ) + return NULL; + + if( is_key && strncmp( str_start, key, strlen( key ) ) == 0 ) + { + found_key = 1; + } + else if( !is_key && found_key ) + { + char *ret = g_memdup( str_start, json - str_start + 1 ); + ret[json-str_start] = '\0'; + return ret; + } + + } + else if( *json == '{' || *json == ',' ) + { + found_key = 0; + is_key = 1; + } + else if( *json == ':' ) + is_key = 0; + + json ++; + } + + return NULL; +} |