From e9bb20a403828d1917033c7594df2d74aa84f027 Mon Sep 17 00:00:00 2001
From: Giuseppe Castagno <giuseppe.castagno@acca-esse.eu>
Date: Tue, 15 Mar 2016 17:33:29 +0100
Subject: [PATCH] Related tdf#98416 Libcmis: add a patch to fix Google Drive
 login

The new Google login sequence uses two html pages: one for user email
the other for password.

The older sequence used only one page for both user email and
user password.

Change-Id: If875ba3ec9680d7e8c700a269873e427ac037a8e
Reviewed-on: https://gerrit.libreoffice.org/24513
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: David Tardon <dtardon@redhat.com>
---
 external/libcmis/UnpackedTarball_cmis.mk        |   1 +
 external/libcmis/libcmis-fix-google-drive.patch | 106 ++++++++++++++++++++++++
 2 files changed, 107 insertions(+)
 create mode 100644 external/libcmis/libcmis-fix-google-drive.patch

diff --git a/external/libcmis/UnpackedTarball_cmis.mk b/external/libcmis/UnpackedTarball_cmis.mk
index 16d4400..24bbda5 100644
--- a/external/libcmis/UnpackedTarball_cmis.mk
+++ b/external/libcmis/UnpackedTarball_cmis.mk
@@ -15,6 +15,7 @@ $(eval $(call gb_UnpackedTarball_set_patchlevel,cmis,0))
 
 $(eval $(call gb_UnpackedTarball_add_patches,cmis, \
 						external/libcmis/libcmis-libxml2_compatibility.patch \
+						external/libcmis/libcmis-fix-google-drive.patch \
 ))
 
 ifeq ($(OS)$(COM),WNTMSC)
diff --git a/external/libcmis/libcmis-fix-google-drive.patch b/external/libcmis/libcmis-fix-google-drive.patch
new file mode 100644
index 0000000..07bb4f3
--- /dev/null
+++ b/external/libcmis/libcmis-fix-google-drive.patch
@@ -0,0 +1,106 @@
+diff -aru src/libcmis/oauth2-providers.cxx src/libcmis/oauth2-providers.cxx
+--- src/libcmis/oauth2-providers.cxx	2016-03-01 17:14:26.000000000 +0100
++++ src/libcmis/oauth2-providers.cxx	2016-04-28 11:28:25.233803971 +0200
+@@ -37,11 +37,28 @@
+ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUrl,
+                                       const string& username, const string& password )
+ {
++    /* This member function implements 'Google OAuth 2.0'
++     *
++     * The interaction is carried out by libcmis, with no web browser involved.
++     *
++     * Normal sequence (without 2FA) is:
++     * 1) a get to activate login page
++     *    receive first login page, html format
++     * 2) subsequent post to sent email
++     *    receive html page for password input
++     * 3) subsequent post to send password
++     *    receive html page for application consent
++     * 4) subsequent post to send a consent for the application
++     *    receive a single-use authorization code
++     *    this code is returned as a string
++     */
++
+     static const string CONTENT_TYPE( "application/x-www-form-urlencoded" );
+     // STEP 1: Log in
+     string res;
+     try
+     {
++        // send the first get, receive the html login page
+         res = session->httpGetRequest( authUrl )->getStream( )->str( );
+     }
+     catch ( const CurlException& e )
+@@ -49,20 +66,39 @@
+         return string( );
+     }
+ 
+-    string loginPost, loginLink; 
+-    if ( !parseResponse( res.c_str( ), loginPost, loginLink ) ) 
++    string loginEmailPost, loginEmailLink;
++    if ( !parseResponse( res.c_str( ), loginEmailPost, loginEmailLink ) )
++        return string( );
++
++    loginEmailPost += "Email=";
++    loginEmailPost += string( username );
++
++    istringstream loginEmailIs( loginEmailPost );
++    string loginEmailRes;
++    try
++    {
++        // send a post with user email, receive the html page for password input
++        loginEmailRes = session->httpPostRequest ( loginEmailLink, loginEmailIs, CONTENT_TYPE )
++                        ->getStream( )->str( );
++    }
++    catch ( const CurlException& e )
++    {
++        return string( );
++    }
++
++    string loginPasswdPost, loginPasswdLink;
++    if ( !parseResponse( loginEmailRes.c_str( ), loginPasswdPost, loginPasswdLink ) )
+         return string( );
+-    
+-    loginPost += "Email=";  
+-    loginPost += string( username );
+-    loginPost += "&Passwd=";
+-    loginPost += string( password );
+-    
+-    istringstream loginIs( loginPost );
+-    string loginRes;
+-    try 
++
++    loginPasswdPost += "&Passwd=";
++    loginPasswdPost += string( password );
++
++    istringstream loginPasswdIs( loginPasswdPost );
++    string loginPasswdRes;
++    try
+     {
+-        loginRes = session->httpPostRequest ( loginLink, loginIs, CONTENT_TYPE )
++        // send a post with user password, receive the application consent page
++        loginPasswdRes = session->httpPostRequest ( loginPasswdLink, loginPasswdIs, CONTENT_TYPE )
+                         ->getStream( )->str( );
+     }
+     catch ( const CurlException& e )
+@@ -71,8 +107,8 @@
+     }
+ 
+     // STEP 2: allow libcmis to access google drive
+-    string approvalPost, approvalLink; 
+-    if ( !parseResponse( loginRes. c_str( ), approvalPost, approvalLink) )
++    string approvalPost, approvalLink;
++    if ( !parseResponse( loginPasswdRes. c_str( ), approvalPost, approvalLink) )
+         return string( );
+     approvalPost += "submit_access=true";
+ 
+@@ -80,7 +116,8 @@
+     string approvalRes;
+     try
+     {
+-        approvalRes = session->httpPostRequest ( approvalLink, approvalIs, 
++        // send a post with application consent
++        approvalRes = session->httpPostRequest ( approvalLink, approvalIs,
+                             CONTENT_TYPE) ->getStream( )->str( );
+     }
+     catch ( const CurlException& e )
+Only in new-src/src/libcmis: oauth2-providers.cxx~
-- 
2.7.3