From 34b900e7e4aad8b0454649dab0b4ebaaddb2adc4 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <debarshir@gnome.org>
Date: Tue, 11 Jun 2013 16:58:21 +0200
Subject: [PATCH 1/3] google: Bump credentials generation
Access to the following were turned on in the Google APIs Console:
- Calendar API
- Google Calendar CalDAV API
- Google Contacts CardDAV API
Of these, only the last two are new. We were already requesting the
scope for Calendar API, but looks like the APIs Console is the way
to go now. Interestingly the APIs Console does not list all the other
services that we are interested in, or it is does but is not obvious
to me.
In any case we need access to their new CalDAV API which works with
OAuth2 because that would let us work with 2-factor authenticated
accounts again.
See: https://bugzilla.gnome.org/show_bug.cgi?id=686804
https://bugzilla.gnome.org/show_bug.cgi?id=688364
---
src/goabackend/goagoogleprovider.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/goabackend/goagoogleprovider.c b/src/goabackend/goagoogleprovider.c
index b3accdb..1c5c04b 100644
--- a/src/goabackend/goagoogleprovider.c
+++ b/src/goabackend/goagoogleprovider.c
@@ -137,7 +137,7 @@ get_scope (GoaOAuth2Provider *provider)
static guint
get_credentials_generation (GoaProvider *provider)
{
- return 3;
+ return 4;
}
static const gchar *
--
1.8.4.2
From 930a86add739b065b2cc43e2efae7fa30dfeee07 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <debarshir@gnome.org>
Date: Wed, 19 Jun 2013 17:04:38 +0200
Subject: [PATCH 2/3] google: Export CalDAV and CardDAV endpoints
According to:
https://developers.google.com/google-apps/calendar/caldav/v2/guide/
https://developers.google.com/google-apps/carddav/
See: https://bugzilla.gnome.org/show_bug.cgi?id=686804
https://bugzilla.gnome.org/show_bug.cgi?id=688364
---
src/goabackend/goagoogleprovider.c | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/src/goabackend/goagoogleprovider.c b/src/goabackend/goagoogleprovider.c
index 1c5c04b..5b413f7 100644
--- a/src/goabackend/goagoogleprovider.c
+++ b/src/goabackend/goagoogleprovider.c
@@ -355,6 +355,7 @@ build_object (GoaProvider *provider,
gboolean contacts_enabled;
gboolean chat_enabled;
gboolean documents_enabled;
+ const gchar *email_address;
account = NULL;
mail = NULL;
@@ -389,6 +390,7 @@ build_object (GoaProvider *provider,
}
account = goa_object_get_account (GOA_OBJECT (object));
+ email_address = goa_account_get_identity (account);
/* Email */
mail = goa_object_get_mail (GOA_OBJECT (object));
@@ -397,8 +399,6 @@ build_object (GoaProvider *provider,
{
if (mail == NULL)
{
- const gchar *email_address;
- email_address = goa_account_get_identity (account);
mail = goa_mail_skeleton_new ();
g_object_set (G_OBJECT (mail),
"email-address", email_address,
@@ -428,8 +428,19 @@ build_object (GoaProvider *provider,
{
if (calendar == NULL)
{
+ gchar *uri_caldav;
+
+ uri_caldav = g_strconcat ("https://apidata.googleusercontent.com/caldav/v2/",
+ email_address,
+ "/user",
+ NULL);
+
calendar = goa_calendar_skeleton_new ();
+ g_object_set (G_OBJECT (calendar),
+ "uri", uri_caldav,
+ NULL);
goa_object_skeleton_set_calendar (object, calendar);
+ g_free (uri_caldav);
}
}
else
@@ -446,6 +457,9 @@ build_object (GoaProvider *provider,
if (contacts == NULL)
{
contacts = goa_contacts_skeleton_new ();
+ g_object_set (G_OBJECT (contacts),
+ "uri", "https://www.googleapis.com/.well-known/carddav",
+ NULL);
goa_object_skeleton_set_contacts (object, contacts);
}
}
--
1.8.4.2
From e3a72091bca2d48ee3c87530b0d8b30d87c21ff0 Mon Sep 17 00:00:00 2001
From: Debarshi Ray <debarshir@gnome.org>
Date: Fri, 28 Jun 2013 14:22:07 +0200
Subject: [PATCH 3/3] google: Don't offer a PasswordBased interface
This was a temporary measure back when Google did not support OAuth2
for CalDAV. Now that they do, we can drop this.
In any case, the workaround didn't work with accounts using 2-factor
authentication. This will make those people happy.
This reverts 89c335479c1bb8409af8296c99ffea602a28b71f
See: https://bugzilla.gnome.org/show_bug.cgi?id=686804
https://bugzilla.gnome.org/show_bug.cgi?id=688364
---
src/goabackend/goagoogleprovider.c | 215 -------------------------------------
1 file changed, 215 deletions(-)
diff --git a/src/goabackend/goagoogleprovider.c b/src/goabackend/goagoogleprovider.c
index 5b413f7..065845d 100644
--- a/src/goabackend/goagoogleprovider.c
+++ b/src/goabackend/goagoogleprovider.c
@@ -32,8 +32,6 @@
#include "goaprovider-priv.h"
#include "goaoauth2provider.h"
#include "goagoogleprovider.h"
-#include "goahttpclient.h"
-#include "goautils.h"
/**
* GoaGoogleProvider:
@@ -71,8 +69,6 @@ G_DEFINE_TYPE_WITH_CODE (GoaGoogleProvider, goa_google_provider, GOA_TYPE_OAUTH2
/* ---------------------------------------------------------------------------------------------------- */
-static const gchar *CALDAV_ENDPOINT = "https://www.google.com/calendar/dav/%s/events/";
-
static const gchar *
get_provider_type (GoaProvider *_provider)
{
@@ -291,48 +287,8 @@ is_identity_node (GoaOAuth2Provider *provider, WebKitDOMHTMLInputElement *elemen
return ret;
}
-static gboolean
-is_password_node (GoaOAuth2Provider *provider, WebKitDOMHTMLInputElement *element)
-{
- gboolean ret;
- gchar *element_type;
- gchar *id;
- gchar *name;
-
- element_type = NULL;
- id = NULL;
- name = NULL;
-
- ret = FALSE;
-
- g_object_get (element, "type", &element_type, NULL);
- if (g_strcmp0 (element_type, "password") != 0)
- goto out;
-
- id = webkit_dom_html_element_get_id (WEBKIT_DOM_HTML_ELEMENT (element));
- if (g_strcmp0 (id, "Passwd") != 0)
- goto out;
-
- name = webkit_dom_html_input_element_get_name (element);
- if (g_strcmp0 (name, "Passwd") != 0)
- goto out;
-
- ret = TRUE;
-
- out:
- g_free (element_type);
- g_free (id);
- g_free (name);
- return ret;
-}
-
/* ---------------------------------------------------------------------------------------------------- */
-static gboolean on_handle_get_password (GoaPasswordBased *interface,
- GDBusMethodInvocation *invocation,
- const gchar *id,
- gpointer user_data);
-
static gboolean
build_object (GoaProvider *provider,
GoaObjectSkeleton *object,
@@ -348,7 +304,6 @@ build_object (GoaProvider *provider,
GoaContacts *contacts;
GoaChat *chat;
GoaDocuments *documents;
- GoaPasswordBased *password_based;
gboolean ret;
gboolean mail_enabled;
gboolean calendar_enabled;
@@ -375,20 +330,6 @@ build_object (GoaProvider *provider,
error))
goto out;
- password_based = goa_object_get_password_based (GOA_OBJECT (object));
- if (password_based == NULL)
- {
- password_based = goa_password_based_skeleton_new ();
- /* Ensure D-Bus method invocations run in their own thread */
- g_dbus_interface_skeleton_set_flags (G_DBUS_INTERFACE_SKELETON (password_based),
- G_DBUS_INTERFACE_SKELETON_FLAGS_HANDLE_METHOD_INVOCATIONS_IN_THREAD);
- goa_object_skeleton_set_password_based (object, password_based);
- g_signal_connect (password_based,
- "handle-get-password",
- G_CALLBACK (on_handle_get_password),
- NULL);
- }
-
account = goa_object_get_account (GOA_OBJECT (object));
email_address = goa_account_get_identity (account);
@@ -549,103 +490,6 @@ build_object (GoaProvider *provider,
/* ---------------------------------------------------------------------------------------------------- */
static gboolean
-ensure_credentials_sync (GoaProvider *provider,
- GoaObject *object,
- gint *out_expires_in,
- GCancellable *cancellable,
- GError **error)
-{
- GVariant *credentials;
- GoaAccount *account;
- GoaHttpClient *http_client;
- gboolean ret;
- const gchar *username;
- gchar *password;
- gchar *uri_caldav;
-
- credentials = NULL;
- http_client = NULL;
- password = NULL;
- uri_caldav = NULL;
-
- ret = FALSE;
-
- /* Chain up */
- if (!GOA_PROVIDER_CLASS (goa_google_provider_parent_class)->ensure_credentials_sync (provider,
- object,
- out_expires_in,
- cancellable,
- error))
- goto out;
-
- credentials = goa_utils_lookup_credentials_sync (provider,
- object,
- cancellable,
- error);
- if (credentials == NULL)
- {
- if (error != NULL)
- {
- (*error)->domain = GOA_ERROR;
- (*error)->code = GOA_ERROR_NOT_AUTHORIZED;
- }
- goto out;
- }
-
- account = goa_object_peek_account (object);
- username = goa_account_get_presentation_identity (account);
- uri_caldav = g_strdup_printf (CALDAV_ENDPOINT, username);
-
- if (!g_variant_lookup (credentials, "password", "s", &password))
- {
- if (error != NULL)
- {
- *error = g_error_new (GOA_ERROR,
- GOA_ERROR_NOT_AUTHORIZED,
- _("Did not find password with identity `%s' in credentials"),
- username);
- }
- goto out;
- }
-
- http_client = goa_http_client_new ();
- ret = goa_http_client_check_sync (http_client,
- uri_caldav,
- username,
- password,
- FALSE,
- cancellable,
- error);
- if (!ret)
- {
- if (error != NULL)
- {
- g_prefix_error (error,
- /* Translators: the first %s is the username
- * (eg., debarshi.ray@gmail.com or rishi), and the
- * (%s, %d) is the error domain and code.
- */
- _("Invalid password with username `%s' (%s, %d): "),
- username,
- g_quark_to_string ((*error)->domain),
- (*error)->code);
- (*error)->domain = GOA_ERROR;
- (*error)->code = GOA_ERROR_NOT_AUTHORIZED;
- }
- goto out;
- }
-
- out:
- g_clear_object (&http_client);
- g_free (password);
- g_free (uri_caldav);
- g_clear_pointer (&credentials, (GDestroyNotify) g_variant_unref);
- return ret;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gboolean
get_use_mobile_browser (GoaOAuth2Provider *provider)
{
return TRUE;
@@ -726,7 +570,6 @@ goa_google_provider_class_init (GoaGoogleProviderClass *klass)
provider_class->get_provider_name = get_provider_name;
provider_class->get_provider_group = get_provider_group;
provider_class->build_object = build_object;
- provider_class->ensure_credentials_sync = ensure_credentials_sync;
provider_class->show_account = show_account;
provider_class->get_credentials_generation = get_credentials_generation;
@@ -740,65 +583,7 @@ goa_google_provider_class_init (GoaGoogleProviderClass *klass)
oauth2_class->get_scope = get_scope;
oauth2_class->is_deny_node = is_deny_node;
oauth2_class->is_identity_node = is_identity_node;
- oauth2_class->is_password_node = is_password_node;
oauth2_class->get_token_uri = get_token_uri;
oauth2_class->get_use_mobile_browser = get_use_mobile_browser;
oauth2_class->add_account_key_values = add_account_key_values;
}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-/* runs in a thread dedicated to handling @invocation */
-static gboolean
-on_handle_get_password (GoaPasswordBased *interface,
- GDBusMethodInvocation *invocation,
- const gchar *id, /* unused */
- gpointer user_data)
-{
- GoaObject *object;
- GoaAccount *account;
- GoaProvider *provider;
- GError *error;
- GVariant *credentials;
- const gchar *identity;
- gchar *password;
-
- /* TODO: maybe log what app is requesting access */
-
- password = NULL;
- credentials = NULL;
-
- object = GOA_OBJECT (g_dbus_interface_get_object (G_DBUS_INTERFACE (interface)));
- account = goa_object_peek_account (object);
- identity = goa_account_get_identity (account);
- provider = goa_provider_get_for_provider_type (goa_account_get_provider_type (account));
-
- error = NULL;
- credentials = goa_utils_lookup_credentials_sync (provider,
- object,
- NULL, /* GCancellable* */
- &error);
- if (credentials == NULL)
- {
- g_dbus_method_invocation_take_error (invocation, error);
- goto out;
- }
-
- if (!g_variant_lookup (credentials, "password", "s", &password))
- {
- g_dbus_method_invocation_return_error (invocation,
- GOA_ERROR,
- GOA_ERROR_FAILED, /* TODO: more specific */
- _("Did not find password with identity `%s' in credentials"),
- identity);
- goto out;
- }
-
- goa_password_based_complete_get_password (interface, invocation, password);
-
- out:
- g_free (password);
- g_clear_pointer (&credentials, (GDestroyNotify) g_variant_unref);
- g_object_unref (provider);
- return TRUE; /* invocation was handled */
-}
--
1.8.4.2