From 365a5a92909fce8dcdd851b5a2b9caf34e0da926 Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Fri, 28 Jun 2013 12:22:07 +0000 Subject: google: Don't offer a PasswordBased interface This was a temporary measure back when Google did not support OAuth2 for CalDAV. Now that they do, we can drop this. In any case, the workaround didn't work with accounts using 2-factor authentication. This will make those people happy. This reverts 89c335479c1bb8409af8296c99ffea602a28b71f See: https://bugzilla.gnome.org/show_bug.cgi?id=686804 https://bugzilla.gnome.org/show_bug.cgi?id=688364 --- (limited to 'src/goabackend/goagoogleprovider.c') Index: gnome-online-accounts-3.8.2/src/goabackend/goagoogleprovider.c =================================================================== --- gnome-online-accounts-3.8.2.orig/src/goabackend/goagoogleprovider.c 2013-07-10 13:29:35.381448621 -0400 +++ gnome-online-accounts-3.8.2/src/goabackend/goagoogleprovider.c 2013-07-10 13:29:35.377448621 -0400 @@ -32,8 +32,6 @@ #include "goaprovider-priv.h" #include "goaoauth2provider.h" #include "goagoogleprovider.h" -#include "goahttpclient.h" -#include "goautils.h" /** * GoaGoogleProvider: @@ -71,8 +69,6 @@ /* ---------------------------------------------------------------------------------------------------- */ -static const gchar *CALDAV_ENDPOINT = "https://www.google.com/calendar/dav/%s/events/"; - static const gchar * get_provider_type (GoaProvider *_provider) { @@ -310,48 +306,8 @@ return ret; } -static gboolean -is_password_node (GoaOAuth2Provider *provider, WebKitDOMHTMLInputElement *element) -{ - gboolean ret; - gchar *element_type; - gchar *id; - gchar *name; - - element_type = NULL; - id = NULL; - name = NULL; - - ret = FALSE; - - g_object_get (element, "type", &element_type, NULL); - if (g_strcmp0 (element_type, "password") != 0) - goto out; - - id = webkit_dom_html_element_get_id (WEBKIT_DOM_HTML_ELEMENT (element)); - if (g_strcmp0 (id, "Passwd") != 0) - goto out; - - name = webkit_dom_html_input_element_get_name (element); - if (g_strcmp0 (name, "Passwd") != 0) - goto out; - - ret = TRUE; - - out: - g_free (element_type); - g_free (id); - g_free (name); - return ret; -} - /* ---------------------------------------------------------------------------------------------------- */ -static gboolean on_handle_get_password (GoaPasswordBased *interface, - GDBusMethodInvocation *invocation, - const gchar *id, - gpointer user_data); - static gboolean build_object (GoaProvider *provider, GoaObjectSkeleton *object, @@ -367,7 +323,6 @@ GoaContacts *contacts; GoaChat *chat; GoaDocuments *documents; - GoaPasswordBased *password_based; gboolean ret; gboolean mail_enabled; gboolean calendar_enabled; @@ -394,20 +349,6 @@ error)) goto out; - password_based = goa_object_get_password_based (GOA_OBJECT (object)); - if (password_based == NULL) - { - password_based = goa_password_based_skeleton_new (); - /* Ensure D-Bus method invocations run in their own thread */ - g_dbus_interface_skeleton_set_flags (G_DBUS_INTERFACE_SKELETON (password_based), - G_DBUS_INTERFACE_SKELETON_FLAGS_HANDLE_METHOD_INVOCATIONS_IN_THREAD); - goa_object_skeleton_set_password_based (object, password_based); - g_signal_connect (password_based, - "handle-get-password", - G_CALLBACK (on_handle_get_password), - NULL); - } - account = goa_object_get_account (GOA_OBJECT (object)); email_address = goa_account_get_identity (account); @@ -567,103 +508,6 @@ /* ---------------------------------------------------------------------------------------------------- */ static gboolean -ensure_credentials_sync (GoaProvider *provider, - GoaObject *object, - gint *out_expires_in, - GCancellable *cancellable, - GError **error) -{ - GVariant *credentials; - GoaAccount *account; - GoaHttpClient *http_client; - gboolean ret; - const gchar *username; - gchar *password; - gchar *uri_caldav; - - credentials = NULL; - http_client = NULL; - password = NULL; - uri_caldav = NULL; - - ret = FALSE; - - /* Chain up */ - if (!GOA_PROVIDER_CLASS (goa_google_provider_parent_class)->ensure_credentials_sync (provider, - object, - out_expires_in, - cancellable, - error)) - goto out; - - credentials = goa_utils_lookup_credentials_sync (provider, - object, - cancellable, - error); - if (credentials == NULL) - { - if (error != NULL) - { - (*error)->domain = GOA_ERROR; - (*error)->code = GOA_ERROR_NOT_AUTHORIZED; - } - goto out; - } - - account = goa_object_peek_account (object); - username = goa_account_get_presentation_identity (account); - uri_caldav = g_strdup_printf (CALDAV_ENDPOINT, username); - - if (!g_variant_lookup (credentials, "password", "s", &password)) - { - if (error != NULL) - { - *error = g_error_new (GOA_ERROR, - GOA_ERROR_NOT_AUTHORIZED, - _("Did not find password with identity `%s' in credentials"), - username); - } - goto out; - } - - http_client = goa_http_client_new (); - ret = goa_http_client_check_sync (http_client, - uri_caldav, - username, - password, - FALSE, - cancellable, - error); - if (!ret) - { - if (error != NULL) - { - g_prefix_error (error, - /* Translators: the first %s is the username - * (eg., debarshi.ray@gmail.com or rishi), and the - * (%s, %d) is the error domain and code. - */ - _("Invalid password with username `%s' (%s, %d): "), - username, - g_quark_to_string ((*error)->domain), - (*error)->code); - (*error)->domain = GOA_ERROR; - (*error)->code = GOA_ERROR_NOT_AUTHORIZED; - } - goto out; - } - - out: - g_clear_object (&http_client); - g_free (password); - g_free (uri_caldav); - g_clear_pointer (&credentials, (GDestroyNotify) g_variant_unref); - return ret; -} - -/* ---------------------------------------------------------------------------------------------------- */ - -static gboolean get_use_mobile_browser (GoaOAuth2Provider *provider) { return TRUE; @@ -744,7 +588,6 @@ provider_class->get_provider_name = get_provider_name; provider_class->get_provider_group = get_provider_group; provider_class->build_object = build_object; - provider_class->ensure_credentials_sync = ensure_credentials_sync; provider_class->show_account = show_account; provider_class->get_credentials_generation = get_credentials_generation; @@ -758,65 +601,7 @@ oauth2_class->get_scope = get_scope; oauth2_class->is_deny_node = is_deny_node; oauth2_class->is_identity_node = is_identity_node; - oauth2_class->is_password_node = is_password_node; oauth2_class->get_token_uri = get_token_uri; oauth2_class->get_use_mobile_browser = get_use_mobile_browser; oauth2_class->add_account_key_values = add_account_key_values; } - -/* ---------------------------------------------------------------------------------------------------- */ - -/* runs in a thread dedicated to handling @invocation */ -static gboolean -on_handle_get_password (GoaPasswordBased *interface, - GDBusMethodInvocation *invocation, - const gchar *id, /* unused */ - gpointer user_data) -{ - GoaObject *object; - GoaAccount *account; - GoaProvider *provider; - GError *error; - GVariant *credentials; - const gchar *identity; - gchar *password; - - /* TODO: maybe log what app is requesting access */ - - password = NULL; - credentials = NULL; - - object = GOA_OBJECT (g_dbus_interface_get_object (G_DBUS_INTERFACE (interface))); - account = goa_object_peek_account (object); - identity = goa_account_get_identity (account); - provider = goa_provider_get_for_provider_type (goa_account_get_provider_type (account)); - - error = NULL; - credentials = goa_utils_lookup_credentials_sync (provider, - object, - NULL, /* GCancellable* */ - &error); - if (credentials == NULL) - { - g_dbus_method_invocation_take_error (invocation, error); - goto out; - } - - if (!g_variant_lookup (credentials, "password", "s", &password)) - { - g_dbus_method_invocation_return_error (invocation, - GOA_ERROR, - GOA_ERROR_FAILED, /* TODO: more specific */ - _("Did not find password with identity `%s' in credentials"), - identity); - goto out; - } - - goa_password_based_complete_get_password (interface, invocation, password); - - out: - g_free (password); - g_clear_pointer (&credentials, (GDestroyNotify) g_variant_unref); - g_object_unref (provider); - return TRUE; /* invocation was handled */ -}