diff options
author | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2010-09-08 07:27:06 +0000 |
---|---|---|
committer | jsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68> | 2010-09-08 07:27:06 +0000 |
commit | fdc2b81893d01dd50de436c4238cc5d8c657a74a (patch) | |
tree | f1adc589aa415b8a669698b481826de3cc08e1f7 /sca-cpp/trunk/modules | |
parent | 8a34bbab4753a11146ce0d76b4f1391c474ff61f (diff) |
Add some error checking to the OAuth support.
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@993641 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'sca-cpp/trunk/modules')
-rw-r--r-- | sca-cpp/trunk/modules/oauth/mod-oauth.cpp | 47 |
1 files changed, 40 insertions, 7 deletions
diff --git a/sca-cpp/trunk/modules/oauth/mod-oauth.cpp b/sca-cpp/trunk/modules/oauth/mod-oauth.cpp index 9a93e6fb20..e7158c14b0 100644 --- a/sca-cpp/trunk/modules/oauth/mod-oauth.cpp +++ b/sca-cpp/trunk/modules/oauth/mod-oauth.cpp @@ -128,20 +128,27 @@ const failable<int> authenticated(const list<list<value> >& info, request_rec* r debug(info, "modoauth::authenticated::info"); const list<value> id = assoc<value>("id", info); + if (isNil(id) || isNil(cdr(id))) + return mkfailure<int>("Couldn't retrieve user id"); r->user = apr_pstrdup(r->pool, c_str(cadr(id))); const list<value> email = assoc<value>("email", info); - apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "EMAIL"), apr_pstrdup(r->pool, c_str(cadr(email)))); + if (!isNil(email) && !isNil(cdr(email))) + apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "EMAIL"), apr_pstrdup(r->pool, c_str(cadr(email)))); const list<value> fullname = assoc<value>("name", info); - apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "NICKNAME"), apr_pstrdup(r->pool, c_str(cadr(fullname)))); - apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "FULLNAME"), apr_pstrdup(r->pool, c_str(cadr(fullname)))); + if (!isNil(fullname) && !isNil(cdr(fullname))) { + apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "NICKNAME"), apr_pstrdup(r->pool, c_str(cadr(fullname)))); + apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "FULLNAME"), apr_pstrdup(r->pool, c_str(cadr(fullname)))); + } const list<value> firstname = assoc<value>("first_name", info); - apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "FIRSTNAME"), apr_pstrdup(r->pool, c_str(cadr(firstname)))); + if (!isNil(firstname) && !isNil(cdr(firstname))) + apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "FIRSTNAME"), apr_pstrdup(r->pool, c_str(cadr(firstname)))); const list<value> lastname = assoc<value>("last_name", info); - apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "LASTNAME"), apr_pstrdup(r->pool, c_str(cadr(lastname)))); + if (!isNil(lastname) && !isNil(cdr(lastname))) + apr_table_set(r->subprocess_env, apr_pstrdup(r->pool, "LASTNAME"), apr_pstrdup(r->pool, c_str(cadr(lastname)))); if(r->ap_auth_type == NULL) r->ap_auth_type = const_cast<char*>("OAuth"); @@ -162,11 +169,19 @@ const failable<int> login(const string& page, request_rec* r) { * Handle an authorize request. */ const failable<int> authorize(const list<list<value> >& args, request_rec* r) { - // Extract authorize URI, access_token URI and client ID + // Extract authorize, access_token, client ID and info URIs const list<value> auth = assoc<value>("mod_oauth_authorize", args); + if (isNil(auth) || isNil(cdr(auth))) + return mkfailure<int>("Missing mod_oauth_authorize parameter"); const list<value> tok = assoc<value>("mod_oauth_access_token", args); + if (isNil(tok) || isNil(cdr(tok))) + return mkfailure<int>("Missing mod_oauth_access_token parameter"); const list<value> cid = assoc<value>("mod_oauth_client_id", args); + if (isNil(cid) || isNil(cdr(cid))) + return mkfailure<int>("Missing mod_oauth_client_id parameter"); const list<value> info = assoc<value>("mod_oauth_info", args); + if (isNil(info) || isNil(cdr(info))) + return mkfailure<int>("Missing mod_oauth_info parameter"); // Build the redirect URI const list<list<value> > rargs = mklist<list<value> >(mklist<value>("mod_oauth_step", "access_token"), tok, cid, info); @@ -198,12 +213,22 @@ const string cookie(const string& sid) { const failable<int> access_token(const list<list<value> >& args, request_rec* r, const ServerConf& sc) { // Extract access_token URI, client ID and authorization code const list<value> tok = assoc<value>("mod_oauth_access_token", args); + if (isNil(tok) || isNil(cdr(tok))) + return mkfailure<int>("Missing mod_oauth_access_token parameter"); const list<value> cid = assoc<value>("mod_oauth_client_id", args); + if (isNil(cid) || isNil(cdr(cid))) + return mkfailure<int>("Missing mod_oauth_client_id parameter"); const list<value> info = assoc<value>("mod_oauth_info", args); + if (isNil(info) || isNil(cdr(info))) + return mkfailure<int>("Missing mod_oauth_info parameter"); const list<value> code = assoc<value>("code", args); + if (isNil(code) || isNil(cdr(code))) + return mkfailure<int>("Missing code parameter"); // Lookup client app configuration const list<value> app = assoc<value>(cadr(cid), sc.apps); + if (isNil(app) || isNil(cdr(app))) + return mkfailure<int>(string("client id not found: ") + cadr(cid)); // Build the redirect URI const list<list<value> > rargs = mklist<list<value> >(mklist<value>("mod_oauth_step", "access_token"), tok, cid, info); @@ -215,8 +240,12 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r, const string turi = httpd::unescape(cadr(tok)) + string("?") + httpd::queryString(targs); debug(turi, "modoauth::access_token::tokenuri"); const failable<value> tr = http::get(turi, sc.cs); + if (!hasContent(tr)) + return mkfailure<int>(reason(tr)); debug(tr, "modoauth::access_token::response"); const list<value> tv = assoc<value>("access_token", httpd::queryArgs(join("", convertValues<string>(content(tr))))); + if (isNil(app) || isNil(cdr(app))) + return mkfailure<int>("Couldn't retrieve access_token"); debug(tv, "modoauth::access_token::token"); // Request user info @@ -225,11 +254,15 @@ const failable<int> access_token(const list<list<value> >& args, request_rec* r, const string iuri = httpd::unescape(cadr(info)) + string("?") + httpd::queryString(iargs); debug(iuri, "modoauth::access_token::infouri"); const failable<value> iv = http::get(iuri, sc.cs); + if (isNil(app) || isNil(cdr(app))) + return mkfailure<int>("Couldn't retrieve user info"); debug(iv, "modoauth::access_token::info"); // Store user info in memcached keyed by session ID const value sid = string("OAuth_") + mkrand(); - memcache::put(mklist<value>("tuscanyOpenAuth", sid), content(iv), sc.mc); + const failable<bool> prc = memcache::put(mklist<value>("tuscanyOpenAuth", sid), content(iv), sc.mc); + if (!hasContent(prc)) + return mkfailure<int>(reason(prc)); // Send session ID to the client in a cookie apr_table_set(r->err_headers_out, "Set-Cookie", c_str(cookie(sid))); |