diff options
author | Philip Withnall <pwithnall@endlessos.org> | 2021-06-17 13:55:14 +0100 |
---|---|---|
committer | Philip Withnall <pwithnall@endlessos.org> | 2021-06-17 14:56:11 +0100 |
commit | 8eecbd9012986dce266eacdb9d280d9df1933147 (patch) | |
tree | 394a98fdb28835f91e0132d206bfa95c72a5f293 /demos | |
parent | b0460823bfd19fb46dee9982e221ca2eeba3bc4a (diff) | |
download | libgdata-8eecbd9012986dce266eacdb9d280d9df1933147.tar.gz |
core: Drop ClientLogin authorizer
It’s been deprecated by Google for a number of years, and is completely
unsupported in all of their newer REST APIs. Its main flaws are that it
requires the user’s password to be passed to potentially untrusted code
(normalising the user typing their password into any old text entry),
and that it can’t support the interactive authentication required for
2FA.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Diffstat (limited to 'demos')
-rw-r--r-- | demos/scrapbook/scrapbook.c | 102 | ||||
-rw-r--r-- | demos/scrapbook/scrapbook.h | 11 |
2 files changed, 57 insertions, 56 deletions
diff --git a/demos/scrapbook/scrapbook.c b/demos/scrapbook/scrapbook.c index d909ab05..9e330cb8 100644 --- a/demos/scrapbook/scrapbook.c +++ b/demos/scrapbook/scrapbook.c @@ -425,26 +425,62 @@ start_new_youtube_search (GtkWidget *widget, ScrapData *first) /* *first is a po /* everything else is implemented somewhere else */ } - -static void -properties_set (GtkWidget *widget, ScrapProps *self) +static GDataAuthorizer * +create_authorizer (GError **error) { - GDataClientLoginAuthorizer *authorizer; + GDataOAuth2Authorizer *authorizer = NULL; /* owned */ GList *domains = NULL; /* list of GDataAuthorizationDomains */ - GError *error = NULL; - - /* Get the username and password to use */ - self->main_data->username = g_strdup (gtk_entry_get_text (GTK_ENTRY (self->username_entry))); - self->main_data->password = g_strdup (gtk_entry_get_text (GTK_ENTRY (self->password_entry))); + gchar *uri = NULL; + gchar code[100]; + GError *child_error = NULL; /* Domains we need to be authorised for */ domains = g_list_prepend (domains, gdata_youtube_service_get_primary_authorization_domain ()); domains = g_list_prepend (domains, gdata_picasaweb_service_get_primary_authorization_domain ()); - /* Authenticate */ - authorizer = gdata_client_login_authorizer_new_for_authorization_domains (CLIENT_ID, domains); + /* Go through the interactive OAuth dance. */ + authorizer = gdata_oauth2_authorizer_new_for_authorization_domains (CLIENT_ID, CLIENT_SECRET, + REDIRECT_URI, + domains); + + /* Get an authentication URI */ + uri = gdata_oauth2_authorizer_build_authentication_uri (authorizer, + NULL, FALSE); + + /* Wait for the user to retrieve and enter the verifier. */ + g_print ("Please navigate to the following URI and grant access:\n" + " %s\n", uri); + g_print ("Enter verifier (EOF to abort): "); + + g_free (uri); + + if (scanf ("%100s", code) != 1) { + /* User chose to abort. */ + g_print ("\n"); + g_clear_object (&authorizer); + return NULL; + } + + /* Authorise the token. */ + gdata_oauth2_authorizer_request_authorization (authorizer, code, NULL, + &child_error); + + if (child_error != NULL) { + g_propagate_error (error, child_error); + g_clear_object (&authorizer); + return NULL; + } + + return GDATA_AUTHORIZER (authorizer); +} + +static void +properties_set (GtkWidget *widget, ScrapProps *self) +{ + GDataAuthorizer *authorizer; + GError *error = NULL; - gdata_client_login_authorizer_authenticate (authorizer, self->main_data->username, self->main_data->password, NULL, &error); + authorizer = create_authorizer (&error); if (error != NULL) { /* we show this to the user in case they mistyped their password */ GtkWidget *label; @@ -458,8 +494,8 @@ properties_set (GtkWidget *widget, ScrapProps *self) g_error_free (error); } - gdata_service_set_authorizer (GDATA_SERVICE (self->main_data->youtube_service), GDATA_AUTHORIZER (authorizer)); - gdata_service_set_authorizer (GDATA_SERVICE (self->main_data->picasaweb_service), GDATA_AUTHORIZER (authorizer)); + gdata_service_set_authorizer (GDATA_SERVICE (self->main_data->youtube_service), authorizer); + gdata_service_set_authorizer (GDATA_SERVICE (self->main_data->picasaweb_service), authorizer); gtk_widget_destroy (self->window); g_object_unref (authorizer); @@ -469,7 +505,7 @@ static void properties_show (GtkWidget *widget, ScrapData *first) { ScrapProps *self; - GtkWidget *label, *button, *box2; + GtkWidget *button; self = g_slice_new (struct _ScrapProps); self->main_data = first; @@ -479,42 +515,6 @@ properties_show (GtkWidget *widget, ScrapData *first) self->box1 = gtk_box_new (GTK_ORIENTATION_VERTICAL, 3); - /* Username/Password labels box */ - box2 = gtk_box_new (GTK_ORIENTATION_HORIZONTAL, 10); - - label = gtk_label_new ("Username"); - gtk_widget_show (label); - gtk_box_pack_start (GTK_BOX (box2), label, TRUE, TRUE, 0); - - label = gtk_label_new ("Password"); - gtk_widget_show (label); - gtk_box_pack_start (GTK_BOX (box2), label, TRUE, TRUE, 0); - - gtk_widget_show (box2); - gtk_box_pack_start (GTK_BOX (self->box1), box2, FALSE, FALSE, 0); - - /* Username/Password entries box */ - box2 = gtk_box_new (GTK_ORIENTATION_HORIZONTAL, 10); - self->username_entry = gtk_entry_new (); - - if (self->main_data->username != NULL) - gtk_entry_set_text (GTK_ENTRY(self->username_entry), self->main_data->username); - - gtk_widget_show (self->username_entry); - gtk_box_pack_start (GTK_BOX (box2), self->username_entry, TRUE, TRUE, 0); - - self->password_entry = gtk_entry_new (); - gtk_entry_set_visibility (GTK_ENTRY (self->password_entry), FALSE); - - if (self->main_data->password != NULL) - gtk_entry_set_text (GTK_ENTRY(self->password_entry), self->main_data->password); - - gtk_widget_show (self->password_entry); - gtk_box_pack_start (GTK_BOX (box2), self->password_entry, TRUE, TRUE, 0); - - gtk_box_pack_start (GTK_BOX (self->box1), box2, FALSE, FALSE, 0); - gtk_widget_show (box2); - /* OK button */ button = gtk_button_new_with_label ("_OK"); g_signal_connect (button, "clicked", (GCallback) properties_set, self); diff --git a/demos/scrapbook/scrapbook.h b/demos/scrapbook/scrapbook.h index 802e7369..032cb770 100644 --- a/demos/scrapbook/scrapbook.h +++ b/demos/scrapbook/scrapbook.h @@ -23,8 +23,12 @@ #include <gdata/gdata.h> #include <glib.h> #include <glib-object.h> -#define DEVELOPER_KEY "AI39si5MkSF-0bzTmP5WETk1D-Z7inHaQJzX13PeG_5Uzeu8mz3vo40cFoqnxjejB-UqzYFrqzOSlsqJvHuPNEGqdycqnPo30A" -#define CLIENT_ID "ytapi-GNOME-libgdata-444fubtt-0" + +#define DEVELOPER_KEY "AI39si7Me3Q7zYs6hmkFvpRBD2nrkVjYYsUO5lh_3HdOkGRc9g6Z4nzxZatk_aAo2EsA21k7vrda0OO6oFg2rnhMedZXPyXoEw" +#define CLIENT_ID "352818697630-nqu2cmt5quqd6lr17ouoqmb684u84l1f.apps.googleusercontent.com" +#define CLIENT_SECRET "-fA4pHQJxR3zJ-FyAMPQsikg" +#define REDIRECT_URI "urn:ietf:wg:oauth:2.0:oob" + #define THUMBNAIL_WIDTH 180 #define MAX_RESULTS 10 @@ -73,8 +77,6 @@ typedef struct _ScrapData { ScrapPicSearch *pic_search; ScrapPUpload *p_upload; gint max_rows; - gchar *username; - gchar *password; GtkListStore *lStore; GDataYouTubeService *youtube_service; @@ -131,7 +133,6 @@ struct _ScrapPSearch { /* for finding albums */ typedef struct _ScrapProps { GtkWidget *window; GtkWidget *box1; - GtkWidget *username_entry, *password_entry; ScrapData *main_data; } ScrapProps; |