From e9bb20a403828d1917033c7594df2d74aa84f027 Mon Sep 17 00:00:00 2001

From: Giuseppe Castagno <giuseppe.castagno@acca-esse.eu>

Date: Tue, 15 Mar 2016 17:33:29 +0100

Subject: [PATCH] Related tdf#98416 Libcmis: add a patch to fix Google Drive

 login

The new Google login sequence uses two html pages: one for user email

the other for password.

The older sequence used only one page for both user email and

user password.

Change-Id: If875ba3ec9680d7e8c700a269873e427ac037a8e

Reviewed-on: https://gerrit.libreoffice.org/24513

Tested-by: Jenkins <ci@libreoffice.org>

Reviewed-by: David Tardon <dtardon@redhat.com>

---

 external/libcmis/UnpackedTarball_cmis.mk        |   1 +

 external/libcmis/libcmis-fix-google-drive.patch | 106 ++++++++++++++++++++++++

 2 files changed, 107 insertions(+)

 create mode 100644 external/libcmis/libcmis-fix-google-drive.patch

diff --git a/external/libcmis/UnpackedTarball_cmis.mk b/external/libcmis/UnpackedTarball_cmis.mk

index 16d4400..24bbda5 100644

--- a/external/libcmis/UnpackedTarball_cmis.mk

+++ b/external/libcmis/UnpackedTarball_cmis.mk

@@ -15,6 +15,7 @@ $(eval $(call gb_UnpackedTarball_set_patchlevel,cmis,0))

 $(eval $(call gb_UnpackedTarball_add_patches,cmis, \

 						external/libcmis/libcmis-libxml2_compatibility.patch \

+						external/libcmis/libcmis-fix-google-drive.patch \

 ))

 ifeq ($(OS)$(COM),WNTMSC)

diff --git a/external/libcmis/libcmis-fix-google-drive.patch b/external/libcmis/libcmis-fix-google-drive.patch

new file mode 100644

index 0000000..07bb4f3

--- /dev/null

+++ b/external/libcmis/libcmis-fix-google-drive.patch

@@ -0,0 +1,106 @@

+diff -aru src/libcmis/oauth2-providers.cxx src/libcmis/oauth2-providers.cxx

+--- src/libcmis/oauth2-providers.cxx	2016-03-01 17:14:26.000000000 +0100

++++ src/libcmis/oauth2-providers.cxx	2016-04-28 11:28:25.233803971 +0200

+@@ -37,11 +37,28 @@

+ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUrl,

+                                       const string& username, const string& password )

+ {

++    /* This member function implements 'Google OAuth 2.0'

++     *

++     * The interaction is carried out by libcmis, with no web browser involved.

++     *

++     * Normal sequence (without 2FA) is:

++     * 1) a get to activate login page

++     *    receive first login page, html format

++     * 2) subsequent post to sent email

++     *    receive html page for password input

++     * 3) subsequent post to send password

++     *    receive html page for application consent

++     * 4) subsequent post to send a consent for the application

++     *    receive a single-use authorization code

++     *    this code is returned as a string

++     */

++

+     static const string CONTENT_TYPE( "application/x-www-form-urlencoded" );

+     // STEP 1: Log in

+     string res;

+     try

+     {

++        // send the first get, receive the html login page

+         res = session->httpGetRequest( authUrl )->getStream( )->str( );

+     }

+     catch ( const CurlException& e )

+@@ -49,20 +66,39 @@

+         return string( );

+     }

+ 

+-    string loginPost, loginLink; 

+-    if ( !parseResponse( res.c_str( ), loginPost, loginLink ) ) 

++    string loginEmailPost, loginEmailLink;

++    if ( !parseResponse( res.c_str( ), loginEmailPost, loginEmailLink ) )

++        return string( );

++

++    loginEmailPost += "Email=";

++    loginEmailPost += string( username );

++

++    istringstream loginEmailIs( loginEmailPost );

++    string loginEmailRes;

++    try

++    {

++        // send a post with user email, receive the html page for password input

++        loginEmailRes = session->httpPostRequest ( loginEmailLink, loginEmailIs, CONTENT_TYPE )

++                        ->getStream( )->str( );

++    }

++    catch ( const CurlException& e )

++    {

++        return string( );

++    }

++

++    string loginPasswdPost, loginPasswdLink;

++    if ( !parseResponse( loginEmailRes.c_str( ), loginPasswdPost, loginPasswdLink ) )

+         return string( );

+-    

+-    loginPost += "Email=";  

+-    loginPost += string( username );

+-    loginPost += "&Passwd=";

+-    loginPost += string( password );

+-    

+-    istringstream loginIs( loginPost );

+-    string loginRes;

+-    try 

++

++    loginPasswdPost += "&Passwd=";

++    loginPasswdPost += string( password );

++

++    istringstream loginPasswdIs( loginPasswdPost );

++    string loginPasswdRes;

++    try

+     {

+-        loginRes = session->httpPostRequest ( loginLink, loginIs, CONTENT_TYPE )

++        // send a post with user password, receive the application consent page

++        loginPasswdRes = session->httpPostRequest ( loginPasswdLink, loginPasswdIs, CONTENT_TYPE )

+                         ->getStream( )->str( );

+     }

+     catch ( const CurlException& e )

+@@ -71,8 +107,8 @@

+     }

+ 

+     // STEP 2: allow libcmis to access google drive

+-    string approvalPost, approvalLink; 

+-    if ( !parseResponse( loginRes. c_str( ), approvalPost, approvalLink) )

++    string approvalPost, approvalLink;

++    if ( !parseResponse( loginPasswdRes. c_str( ), approvalPost, approvalLink) )

+         return string( );

+     approvalPost += "submit_access=true";

+ 

+@@ -80,7 +116,8 @@

+     string approvalRes;

+     try

+     {

+-        approvalRes = session->httpPostRequest ( approvalLink, approvalIs, 

++        // send a post with application consent

++        approvalRes = session->httpPostRequest ( approvalLink, approvalIs,

+                             CONTENT_TYPE) ->getStream( )->str( );

+     }

+     catch ( const CurlException& e )

+Only in new-src/src/libcmis: oauth2-providers.cxx~

-- 

2.7.3