pastk/organicmaps
1
Fork 0
forked from organicmaps/organicmaps
Code Pull requests Activity

[editor] Fix OSM authentication

Browse source
This commit is contained in:
Ilya Zverev 2018-07-04 14:31:31 +03:00 committed by Vlad Mihaylenko
parent 4b23ae166c
commit 444cea88ae
2 changed files with 9 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
editor/osm_auth.cpp
View file

@ -118,10 +118,11 @@ TKeySecret const & OsmOAuth::GetKeySecret() const noexcept { return m_tokenKeySe
bool OsmOAuth::IsAuthorized() const noexcept{ return IsValid(m_tokenKeySecret); }
// Opens a login page and extract a cookie and a secret token.
OsmOAuth::SessionID OsmOAuth::FetchSessionId(string const & subUrl) const
OsmOAuth::SessionID OsmOAuth::FetchSessionId(string const & subUrl, string const & cookies) const
{
string const url = m_baseUrl + subUrl + "?cookie_test=true";
string const url = m_baseUrl + subUrl + (cookies.empty() ? "?cookie_test=true" : "");
HttpClient request(url);
request.SetCookies(cookies);
if (!request.RunHttpRequest())
MYTHROW(NetworkError, ("FetchSessionId Network error while connecting to", url));
if (request.WasRedirected())
@ -203,8 +204,11 @@ bool OsmOAuth::LoginSocial(string const & callbackPart, string const & socialTok
}
// Fakes a buttons press to automatically accept requested permissions.
string OsmOAuth::SendAuthRequest(string const & requestTokenKey, SessionID const & sid) const
string OsmOAuth::SendAuthRequest(string const & requestTokenKey, SessionID const & lastSid) const
{
// We have to get a new CSRF token, using existing cookies to open the correct page.
SessionID const & sid =
FetchSessionId("/oauth/authorize?oauth_token=" + requestTokenKey, lastSid.m_cookies);
map<string, string> const params =
{
{"oauth_token", requestTokenKey},

4
editor/osm_auth.hpp
View file

@ -116,7 +116,7 @@ private:
/// Key and secret to sign every OAuth request.
TKeySecret m_tokenKeySecret;
SessionID FetchSessionId(string const & subUrl = "/login") const;
SessionID FetchSessionId(string const & subUrl = "/login", string const & cookies = "") const;
/// Log a user out.
void LogoutUser(SessionID const & sid) const;
/// Signs a user id using login and password.
@ -126,7 +126,7 @@ private:
/// @returns false if the social token is invalid.
bool LoginSocial(string const & callbackPart, string const & socialToken, SessionID const & sid) const;
/// @returns non-empty string with oauth_verifier value.
string SendAuthRequest(string const & requestTokenKey, SessionID const & sid) const;
string SendAuthRequest(string const & requestTokenKey, SessionID const & lastSid) const;
/// @returns valid key and secret or throws otherwise.
TRequestToken FetchRequestToken() const;
TKeySecret FetchAccessToken(SessionID const & sid) const;