From 761a83d9e7408d0e47e8c279052b93f8d9edb511 Mon Sep 17 00:00:00 2001

From: Xavier Claessens <xavier.claessens@collabora.co.uk>

Date: Thu, 31 Oct 2013 13:39:21 -0400

Subject: [PATCH] SASL: fix facebook mechanism

libsoup was escaping '_' and '.' in the challenge response but the

facebook server is not expecting that.

https://bugzilla.gnome.org/show_bug.cgi?id=707747

---

 libempathy/empathy-sasl-mechanisms.c | 33 +++++++++++++++++----------------

 1 file changed, 17 insertions(+), 16 deletions(-)

diff --git a/libempathy/empathy-sasl-mechanisms.c b/libempathy/empathy-sasl-mechanisms.c

index ffb3aa4..05a2de9 100644

--- a/libempathy/empathy-sasl-mechanisms.c

+++ b/libempathy/empathy-sasl-mechanisms.c

@@ -156,8 +156,7 @@ facebook_new_challenge_cb (TpChannel *channel,

   GSimpleAsyncResult *result = user_data;

   FacebookData *data;

   GHashTable *h;

-  GHashTable *params;

-  gchar *response;

+  GString *response_string;

   GArray *response_array;

   DEBUG ("new challenge: %s", challenge->data);

@@ -166,27 +165,29 @@ facebook_new_challenge_cb (TpChannel *channel,

   h = soup_form_decode (challenge->data);

-  /* See https://developers.facebook.com/docs/chat/#platauth */

-  params = g_hash_table_new (g_str_hash, g_str_equal);

-  g_hash_table_insert (params, "method", g_hash_table_lookup (h, "method"));

-  g_hash_table_insert (params, "nonce", g_hash_table_lookup (h, "nonce"));

-  g_hash_table_insert (params, "access_token", data->access_token);

-  g_hash_table_insert (params, "api_key", data->client_id);

-  g_hash_table_insert (params, "call_id", "0");

-  g_hash_table_insert (params, "v", "1.0");

-

-  response = soup_form_encode_hash (params);

-  DEBUG ("Response: %s", response);

+  /* See https://developers.facebook.com/docs/chat/#platauth.

+   * We don't use soup_form_encode() here because it would escape parameters

+   * and facebook server is not expecting that and would reject the response. */

+  response_string = g_string_new ("v=1.0&call_id=0");

+  g_string_append (response_string, "&access_token=");

+  g_string_append_uri_escaped (response_string, data->access_token, NULL, TRUE);

+  g_string_append (response_string, "&api_key=");

+  g_string_append_uri_escaped (response_string, data->client_id, NULL, TRUE);

+  g_string_append (response_string, "&method=");

+  g_string_append_uri_escaped (response_string, g_hash_table_lookup (h, "method"), NULL, TRUE);

+  g_string_append (response_string, "&nonce=");

+  g_string_append_uri_escaped (response_string, g_hash_table_lookup (h, "nonce"), NULL, TRUE);

+

+  DEBUG ("Response: %s", response_string->str);

   response_array = g_array_new (FALSE, FALSE, sizeof (gchar));

-  g_array_append_vals (response_array, response, strlen (response));

+  g_array_append_vals (response_array, response_string->str, response_string->len);

   tp_cli_channel_interface_sasl_authentication_call_respond (data->channel, -1,

       response_array, generic_cb, g_object_ref (result), g_object_unref, NULL);

   g_hash_table_unref (h);

-  g_hash_table_unref (params);

-  g_free (response);

+  g_string_free (response_string, TRUE);

   g_array_unref (response_array);

 }

-- 

1.8.3.2