1*4882a593SmuzhiyunFrom d39fd6d5f4c0a63cc048b84b0f989cb83f31e5fe Mon Sep 17 00:00:00 2001
2*4882a593SmuzhiyunFrom: Carlos Garcia Campos <cgarcia@igalia.com>
3*4882a593SmuzhiyunDate: Tue, 8 Jun 2021 10:57:06 +0200
4*4882a593SmuzhiyunSubject: [PATCH 1/2] Use GUri instead of SoupURI
5*4882a593Smuzhiyun
6*4882a593SmuzhiyunUpstream-Status: Submitted [https://gitlab.gnome.org/GNOME/librest/-/merge_requests/6]
7*4882a593Smuzhiyun---
8*4882a593Smuzhiyun configure.ac               |  2 +-
9*4882a593Smuzhiyun rest-extras/flickr-proxy.c | 19 ++++++++++++++-----
10*4882a593Smuzhiyun rest/oauth-proxy-call.c    | 19 ++++++++++++++-----
11*4882a593Smuzhiyun rest/oauth2-proxy.c        | 22 +++++++++++-----------
12*4882a593Smuzhiyun 4 files changed, 40 insertions(+), 22 deletions(-)
13*4882a593Smuzhiyun
14*4882a593Smuzhiyundiff --git a/configure.ac b/configure.ac
15*4882a593Smuzhiyunindex d15e592..d586e69 100644
16*4882a593Smuzhiyun--- a/configure.ac
17*4882a593Smuzhiyun+++ b/configure.ac
18*4882a593Smuzhiyun@@ -40,7 +40,7 @@ AM_PROG_CC_C_O
19*4882a593Smuzhiyun LT_PREREQ([2.2.6])
20*4882a593Smuzhiyun LT_INIT([disable-static])
21*4882a593Smuzhiyun
22*4882a593Smuzhiyun-PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.44)
23*4882a593Smuzhiyun+PKG_CHECK_MODULES(GLIB, glib-2.0 >= 2.67.4)
24*4882a593Smuzhiyun PKG_CHECK_MODULES(SOUP, libsoup-2.4 >= 2.42)
25*4882a593Smuzhiyun PKG_CHECK_MODULES(XML, libxml-2.0)
26*4882a593Smuzhiyun PKG_CHECK_MODULES(GTHREAD, gthread-2.0)
27*4882a593Smuzhiyundiff --git a/rest-extras/flickr-proxy.c b/rest-extras/flickr-proxy.c
28*4882a593Smuzhiyunindex 3342a4d..7726359 100644
29*4882a593Smuzhiyun--- a/rest-extras/flickr-proxy.c
30*4882a593Smuzhiyun+++ b/rest-extras/flickr-proxy.c
31*4882a593Smuzhiyun@@ -304,13 +304,13 @@ flickr_proxy_build_login_url (FlickrProxy *proxy,
32*4882a593Smuzhiyun                               const char  *frob,
33*4882a593Smuzhiyun                               const char  *perms)
34*4882a593Smuzhiyun {
35*4882a593Smuzhiyun-  SoupURI *uri;
36*4882a593Smuzhiyun+  GUri *uri;
37*4882a593Smuzhiyun   GHashTable *params;
38*4882a593Smuzhiyun   char *sig, *s;
39*4882a593Smuzhiyun+  char *query;
40*4882a593Smuzhiyun
41*4882a593Smuzhiyun   g_return_val_if_fail (FLICKR_IS_PROXY (proxy), NULL);
42*4882a593Smuzhiyun
43*4882a593Smuzhiyun-  uri = soup_uri_new ("http://flickr.com/services/auth/");
44*4882a593Smuzhiyun   params = g_hash_table_new (g_str_hash, g_str_equal);
45*4882a593Smuzhiyun
46*4882a593Smuzhiyun   g_hash_table_insert (params, "api_key", proxy->priv->api_key);
47*4882a593Smuzhiyun@@ -321,14 +321,23 @@ flickr_proxy_build_login_url (FlickrProxy *proxy,
48*4882a593Smuzhiyun
49*4882a593Smuzhiyun   sig = flickr_proxy_sign (proxy, params);
50*4882a593Smuzhiyun   g_hash_table_insert (params, "api_sig", sig);
51*4882a593Smuzhiyun+  query = soup_form_encode_hash (params);
52*4882a593Smuzhiyun
53*4882a593Smuzhiyun-  soup_uri_set_query_from_form (uri, params);
54*4882a593Smuzhiyun+  uri = g_uri_build (G_URI_FLAGS_ENCODED,
55*4882a593Smuzhiyun+                     "http",
56*4882a593Smuzhiyun+                     NULL,
57*4882a593Smuzhiyun+                     "flickr.com",
58*4882a593Smuzhiyun+                     -1,
59*4882a593Smuzhiyun+                     "services/auth/",
60*4882a593Smuzhiyun+                     query,
61*4882a593Smuzhiyun+                     NULL);
62*4882a593Smuzhiyun
63*4882a593Smuzhiyun-  s = soup_uri_to_string (uri, FALSE);
64*4882a593Smuzhiyun+  s = g_uri_to_string (uri);
65*4882a593Smuzhiyun
66*4882a593Smuzhiyun+  g_free (query);
67*4882a593Smuzhiyun   g_free (sig);
68*4882a593Smuzhiyun   g_hash_table_destroy (params);
69*4882a593Smuzhiyun-  soup_uri_free (uri);
70*4882a593Smuzhiyun+  g_uri_unref (uri);
71*4882a593Smuzhiyun
72*4882a593Smuzhiyun   return s;
73*4882a593Smuzhiyun }
74*4882a593Smuzhiyundiff --git a/rest/oauth-proxy-call.c b/rest/oauth-proxy-call.c
75*4882a593Smuzhiyunindex c90c69d..e238c3c 100644
76*4882a593Smuzhiyun--- a/rest/oauth-proxy-call.c
77*4882a593Smuzhiyun+++ b/rest/oauth-proxy-call.c
78*4882a593Smuzhiyun@@ -30,7 +30,7 @@
79*4882a593Smuzhiyun
80*4882a593Smuzhiyun G_DEFINE_TYPE (OAuthProxyCall, oauth_proxy_call, REST_TYPE_PROXY_CALL)
81*4882a593Smuzhiyun
82*4882a593Smuzhiyun-#define OAUTH_ENCODE_STRING(x_) (x_ ? soup_uri_encode( (x_), "!$&'()*+,;=@") : g_strdup (""))
83*4882a593Smuzhiyun+#define OAUTH_ENCODE_STRING(x_) (x_ ? g_uri_escape_string( (x_), NULL, TRUE) : g_strdup (""))
84*4882a593Smuzhiyun
85*4882a593Smuzhiyun static char *
86*4882a593Smuzhiyun sign_plaintext (OAuthProxyPrivate *priv)
87*4882a593Smuzhiyun@@ -136,15 +136,24 @@ sign_hmac (OAuthProxy *proxy, RestProxyCall *call, GHashTable *oauth_params)
88*4882a593Smuzhiyun   if (priv->oauth_echo) {
89*4882a593Smuzhiyun     g_string_append_uri_escaped (text, priv->service_url, NULL, FALSE);
90*4882a593Smuzhiyun   } else if (priv->signature_host != NULL) {
91*4882a593Smuzhiyun-    SoupURI *url = soup_uri_new (url_str);
92*4882a593Smuzhiyun+    GUri *url = g_uri_parse (url_str, G_URI_FLAGS_ENCODED, NULL);
93*4882a593Smuzhiyun+    GUri *new_url;
94*4882a593Smuzhiyun     gchar *signing_url;
95*4882a593Smuzhiyun
96*4882a593Smuzhiyun-    soup_uri_set_host (url, priv->signature_host);
97*4882a593Smuzhiyun-    signing_url = soup_uri_to_string (url, FALSE);
98*4882a593Smuzhiyun+    new_url = g_uri_build (g_uri_get_flags (url),
99*4882a593Smuzhiyun+                           g_uri_get_scheme (url),
100*4882a593Smuzhiyun+                           g_uri_get_userinfo (url),
101*4882a593Smuzhiyun+                           priv->signature_host,
102*4882a593Smuzhiyun+                           g_uri_get_port (url),
103*4882a593Smuzhiyun+                           g_uri_get_path (url),
104*4882a593Smuzhiyun+                           g_uri_get_query (url),
105*4882a593Smuzhiyun+                           g_uri_get_fragment (url));
106*4882a593Smuzhiyun+    signing_url = g_uri_to_string (new_url);
107*4882a593Smuzhiyun
108*4882a593Smuzhiyun     g_string_append_uri_escaped (text, signing_url, NULL, FALSE);
109*4882a593Smuzhiyun
110*4882a593Smuzhiyun-    soup_uri_free (url);
111*4882a593Smuzhiyun+    g_uri_unref (new_url);
112*4882a593Smuzhiyun+    g_uri_unref (url);
113*4882a593Smuzhiyun     g_free (signing_url);
114*4882a593Smuzhiyun   } else {
115*4882a593Smuzhiyun     g_string_append_uri_escaped (text, url_str, NULL, FALSE);
116*4882a593Smuzhiyundiff --git a/rest/oauth2-proxy.c b/rest/oauth2-proxy.c
117*4882a593Smuzhiyunindex 24e5da0..3382f8b 100644
118*4882a593Smuzhiyun--- a/rest/oauth2-proxy.c
119*4882a593Smuzhiyun+++ b/rest/oauth2-proxy.c
120*4882a593Smuzhiyun@@ -37,8 +37,6 @@ oauth2_proxy_error_quark (void)
121*4882a593Smuzhiyun     return g_quark_from_static_string ("rest-oauth2-proxy");
122*4882a593Smuzhiyun }
123*4882a593Smuzhiyun
124*4882a593Smuzhiyun-#define EXTRA_CHARS_ENCODE "!$&'()*+,;=@"
125*4882a593Smuzhiyun-
126*4882a593Smuzhiyun enum {
127*4882a593Smuzhiyun   PROP_0,
128*4882a593Smuzhiyun   PROP_CLIENT_ID,
129*4882a593Smuzhiyun@@ -242,8 +240,8 @@ append_query_param (gpointer key, gpointer value, gpointer user_data)
130*4882a593Smuzhiyun     char *encoded_val, *encoded_key;
131*4882a593Smuzhiyun     char *param;
132*4882a593Smuzhiyun
133*4882a593Smuzhiyun-    encoded_val = soup_uri_encode (value, EXTRA_CHARS_ENCODE);
134*4882a593Smuzhiyun-    encoded_key = soup_uri_encode (key, EXTRA_CHARS_ENCODE);
135*4882a593Smuzhiyun+    encoded_val = g_uri_escape_string (value, NULL, TRUE);
136*4882a593Smuzhiyun+    encoded_key = g_uri_escape_string (key, NULL, TRUE);
137*4882a593Smuzhiyun
138*4882a593Smuzhiyun     param = g_strdup_printf ("%s=%s", encoded_key, encoded_val);
139*4882a593Smuzhiyun     g_free (encoded_key);
140*4882a593Smuzhiyun@@ -295,8 +293,8 @@ oauth2_proxy_build_login_url_full (OAuth2Proxy *proxy,
141*4882a593Smuzhiyun         g_hash_table_foreach (extra_params, append_query_param, params);
142*4882a593Smuzhiyun     }
143*4882a593Smuzhiyun
144*4882a593Smuzhiyun-    encoded_uri = soup_uri_encode (redirect_uri, EXTRA_CHARS_ENCODE);
145*4882a593Smuzhiyun-    encoded_id = soup_uri_encode (proxy->priv->client_id, EXTRA_CHARS_ENCODE);
146*4882a593Smuzhiyun+    encoded_uri = g_uri_escape_string (redirect_uri, NULL, TRUE);
147*4882a593Smuzhiyun+    encoded_id = g_uri_escape_string (proxy->priv->client_id, NULL, TRUE);
148*4882a593Smuzhiyun
149*4882a593Smuzhiyun     url = g_strdup_printf ("%s?client_id=%s&redirect_uri=%s&type=user_agent",
150*4882a593Smuzhiyun                            proxy->priv->auth_endpoint, encoded_id,
151*4882a593Smuzhiyun@@ -378,20 +376,22 @@ oauth2_proxy_extract_access_token (const char *url)
152*4882a593Smuzhiyun {
153*4882a593Smuzhiyun   GHashTable *params;
154*4882a593Smuzhiyun   char *token = NULL;
155*4882a593Smuzhiyun-  SoupURI *soupuri = soup_uri_new (url);
156*4882a593Smuzhiyun+  const char *fragment;
157*4882a593Smuzhiyun+  GUri *uri = g_uri_parse (url, G_URI_FLAGS_ENCODED, NULL);
158*4882a593Smuzhiyun
159*4882a593Smuzhiyun-  if (soupuri->fragment != NULL) {
160*4882a593Smuzhiyun-    params = soup_form_decode (soupuri->fragment);
161*4882a593Smuzhiyun+  fragment = g_uri_get_fragment (uri);
162*4882a593Smuzhiyun+  if (fragment != NULL) {
163*4882a593Smuzhiyun+    params = soup_form_decode (fragment);
164*4882a593Smuzhiyun
165*4882a593Smuzhiyun     if (params) {
166*4882a593Smuzhiyun       char *encoded = g_hash_table_lookup (params, "access_token");
167*4882a593Smuzhiyun       if (encoded)
168*4882a593Smuzhiyun-        token = soup_uri_decode (encoded);
169*4882a593Smuzhiyun+        token = g_uri_unescape_string (encoded, NULL);
170*4882a593Smuzhiyun
171*4882a593Smuzhiyun       g_hash_table_destroy (params);
172*4882a593Smuzhiyun     }
173*4882a593Smuzhiyun   }
174*4882a593Smuzhiyun-  soup_uri_free (soupuri);
175*4882a593Smuzhiyun+  g_uri_unref (uri);
176*4882a593Smuzhiyun
177*4882a593Smuzhiyun   return token;
178*4882a593Smuzhiyun }
179*4882a593Smuzhiyun--
180*4882a593Smuzhiyun2.33.1
181*4882a593Smuzhiyun
182