summaryrefslogtreecommitdiff
path: root/demos
diff options
context:
space:
mode:
authorPhilip Withnall <pwithnall@endlessos.org>2021-06-17 13:55:14 +0100
committerPhilip Withnall <pwithnall@endlessos.org>2021-06-17 14:56:11 +0100
commit8eecbd9012986dce266eacdb9d280d9df1933147 (patch)
tree394a98fdb28835f91e0132d206bfa95c72a5f293 /demos
parentb0460823bfd19fb46dee9982e221ca2eeba3bc4a (diff)
downloadlibgdata-8eecbd9012986dce266eacdb9d280d9df1933147.tar.gz
core: Drop ClientLogin authorizer
It’s been deprecated by Google for a number of years, and is completely unsupported in all of their newer REST APIs. Its main flaws are that it requires the user’s password to be passed to potentially untrusted code (normalising the user typing their password into any old text entry), and that it can’t support the interactive authentication required for 2FA. Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Diffstat (limited to 'demos')
-rw-r--r--demos/scrapbook/scrapbook.c102
-rw-r--r--demos/scrapbook/scrapbook.h11
2 files changed, 57 insertions, 56 deletions
diff --git a/demos/scrapbook/scrapbook.c b/demos/scrapbook/scrapbook.c
index d909ab05..9e330cb8 100644
--- a/demos/scrapbook/scrapbook.c
+++ b/demos/scrapbook/scrapbook.c
@@ -425,26 +425,62 @@ start_new_youtube_search (GtkWidget *widget, ScrapData *first) /* *first is a po
/* everything else is implemented somewhere else */
}
-
-static void
-properties_set (GtkWidget *widget, ScrapProps *self)
+static GDataAuthorizer *
+create_authorizer (GError **error)
{
- GDataClientLoginAuthorizer *authorizer;
+ GDataOAuth2Authorizer *authorizer = NULL; /* owned */
GList *domains = NULL; /* list of GDataAuthorizationDomains */
- GError *error = NULL;
-
- /* Get the username and password to use */
- self->main_data->username = g_strdup (gtk_entry_get_text (GTK_ENTRY (self->username_entry)));
- self->main_data->password = g_strdup (gtk_entry_get_text (GTK_ENTRY (self->password_entry)));
+ gchar *uri = NULL;
+ gchar code[100];
+ GError *child_error = NULL;
/* Domains we need to be authorised for */
domains = g_list_prepend (domains, gdata_youtube_service_get_primary_authorization_domain ());
domains = g_list_prepend (domains, gdata_picasaweb_service_get_primary_authorization_domain ());
- /* Authenticate */
- authorizer = gdata_client_login_authorizer_new_for_authorization_domains (CLIENT_ID, domains);
+ /* Go through the interactive OAuth dance. */
+ authorizer = gdata_oauth2_authorizer_new_for_authorization_domains (CLIENT_ID, CLIENT_SECRET,
+ REDIRECT_URI,
+ domains);
+
+ /* Get an authentication URI */
+ uri = gdata_oauth2_authorizer_build_authentication_uri (authorizer,
+ NULL, FALSE);
+
+ /* Wait for the user to retrieve and enter the verifier. */
+ g_print ("Please navigate to the following URI and grant access:\n"
+ " %s\n", uri);
+ g_print ("Enter verifier (EOF to abort): ");
+
+ g_free (uri);
+
+ if (scanf ("%100s", code) != 1) {
+ /* User chose to abort. */
+ g_print ("\n");
+ g_clear_object (&authorizer);
+ return NULL;
+ }
+
+ /* Authorise the token. */
+ gdata_oauth2_authorizer_request_authorization (authorizer, code, NULL,
+ &child_error);
+
+ if (child_error != NULL) {
+ g_propagate_error (error, child_error);
+ g_clear_object (&authorizer);
+ return NULL;
+ }
+
+ return GDATA_AUTHORIZER (authorizer);
+}
+
+static void
+properties_set (GtkWidget *widget, ScrapProps *self)
+{
+ GDataAuthorizer *authorizer;
+ GError *error = NULL;
- gdata_client_login_authorizer_authenticate (authorizer, self->main_data->username, self->main_data->password, NULL, &error);
+ authorizer = create_authorizer (&error);
if (error != NULL) { /* we show this to the user in case they mistyped their password */
GtkWidget *label;
@@ -458,8 +494,8 @@ properties_set (GtkWidget *widget, ScrapProps *self)
g_error_free (error);
}
- gdata_service_set_authorizer (GDATA_SERVICE (self->main_data->youtube_service), GDATA_AUTHORIZER (authorizer));
- gdata_service_set_authorizer (GDATA_SERVICE (self->main_data->picasaweb_service), GDATA_AUTHORIZER (authorizer));
+ gdata_service_set_authorizer (GDATA_SERVICE (self->main_data->youtube_service), authorizer);
+ gdata_service_set_authorizer (GDATA_SERVICE (self->main_data->picasaweb_service), authorizer);
gtk_widget_destroy (self->window);
g_object_unref (authorizer);
@@ -469,7 +505,7 @@ static void
properties_show (GtkWidget *widget, ScrapData *first)
{
ScrapProps *self;
- GtkWidget *label, *button, *box2;
+ GtkWidget *button;
self = g_slice_new (struct _ScrapProps);
self->main_data = first;
@@ -479,42 +515,6 @@ properties_show (GtkWidget *widget, ScrapData *first)
self->box1 = gtk_box_new (GTK_ORIENTATION_VERTICAL, 3);
- /* Username/Password labels box */
- box2 = gtk_box_new (GTK_ORIENTATION_HORIZONTAL, 10);
-
- label = gtk_label_new ("Username");
- gtk_widget_show (label);
- gtk_box_pack_start (GTK_BOX (box2), label, TRUE, TRUE, 0);
-
- label = gtk_label_new ("Password");
- gtk_widget_show (label);
- gtk_box_pack_start (GTK_BOX (box2), label, TRUE, TRUE, 0);
-
- gtk_widget_show (box2);
- gtk_box_pack_start (GTK_BOX (self->box1), box2, FALSE, FALSE, 0);
-
- /* Username/Password entries box */
- box2 = gtk_box_new (GTK_ORIENTATION_HORIZONTAL, 10);
- self->username_entry = gtk_entry_new ();
-
- if (self->main_data->username != NULL)
- gtk_entry_set_text (GTK_ENTRY(self->username_entry), self->main_data->username);
-
- gtk_widget_show (self->username_entry);
- gtk_box_pack_start (GTK_BOX (box2), self->username_entry, TRUE, TRUE, 0);
-
- self->password_entry = gtk_entry_new ();
- gtk_entry_set_visibility (GTK_ENTRY (self->password_entry), FALSE);
-
- if (self->main_data->password != NULL)
- gtk_entry_set_text (GTK_ENTRY(self->password_entry), self->main_data->password);
-
- gtk_widget_show (self->password_entry);
- gtk_box_pack_start (GTK_BOX (box2), self->password_entry, TRUE, TRUE, 0);
-
- gtk_box_pack_start (GTK_BOX (self->box1), box2, FALSE, FALSE, 0);
- gtk_widget_show (box2);
-
/* OK button */
button = gtk_button_new_with_label ("_OK");
g_signal_connect (button, "clicked", (GCallback) properties_set, self);
diff --git a/demos/scrapbook/scrapbook.h b/demos/scrapbook/scrapbook.h
index 802e7369..032cb770 100644
--- a/demos/scrapbook/scrapbook.h
+++ b/demos/scrapbook/scrapbook.h
@@ -23,8 +23,12 @@
#include <gdata/gdata.h>
#include <glib.h>
#include <glib-object.h>
-#define DEVELOPER_KEY "AI39si5MkSF-0bzTmP5WETk1D-Z7inHaQJzX13PeG_5Uzeu8mz3vo40cFoqnxjejB-UqzYFrqzOSlsqJvHuPNEGqdycqnPo30A"
-#define CLIENT_ID "ytapi-GNOME-libgdata-444fubtt-0"
+
+#define DEVELOPER_KEY "AI39si7Me3Q7zYs6hmkFvpRBD2nrkVjYYsUO5lh_3HdOkGRc9g6Z4nzxZatk_aAo2EsA21k7vrda0OO6oFg2rnhMedZXPyXoEw"
+#define CLIENT_ID "352818697630-nqu2cmt5quqd6lr17ouoqmb684u84l1f.apps.googleusercontent.com"
+#define CLIENT_SECRET "-fA4pHQJxR3zJ-FyAMPQsikg"
+#define REDIRECT_URI "urn:ietf:wg:oauth:2.0:oob"
+
#define THUMBNAIL_WIDTH 180
#define MAX_RESULTS 10
@@ -73,8 +77,6 @@ typedef struct _ScrapData {
ScrapPicSearch *pic_search;
ScrapPUpload *p_upload;
gint max_rows;
- gchar *username;
- gchar *password;
GtkListStore *lStore;
GDataYouTubeService *youtube_service;
@@ -131,7 +133,6 @@ struct _ScrapPSearch { /* for finding albums */
typedef struct _ScrapProps {
GtkWidget *window;
GtkWidget *box1;
- GtkWidget *username_entry, *password_entry;
ScrapData *main_data;
} ScrapProps;
View Lorry Controller Status