[empathy/gnome-3-4] SASL: fix facebook mechanism

[Xavier Claessens <xclaesse src gnome org>]

commit 8d18f84d631b3c89879a758f8203b89267b4ac3d
Author: Xavier Claessens <xavier claessens collabora co uk>
Date:   Thu Oct 31 14:19:14 2013 -0400

    SASL: fix facebook mechanism
    
    libsoup was escaping '_' and '.' in the challenge response but the
    facebook server is not expecting that.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=707747

 libempathy/empathy-goa-auth-handler.c |   33 +++++++++++++++++----------------
 1 files changed, 17 insertions(+), 16 deletions(-)
---
diff --git a/libempathy/empathy-goa-auth-handler.c b/libempathy/empathy-goa-auth-handler.c
index a439c72..bae1258 100644
--- a/libempathy/empathy-goa-auth-handler.c
+++ b/libempathy/empathy-goa-auth-handler.c
@@ -153,8 +153,7 @@ facebook_new_challenge_cb (TpChannel *channel,
   GoaOAuth2Based *oauth2;
   const gchar *client_id;
   GHashTable *h;
-  GHashTable *params;
-  gchar *response;
+  GString *response_string;
   GArray *response_array;
 
   DEBUG ("new challenge for %s:\n%s",
@@ -166,28 +165,30 @@ facebook_new_challenge_cb (TpChannel *channel,
   oauth2 = goa_object_get_oauth2_based (data->goa_object);
   client_id = goa_oauth2_based_get_client_id (oauth2);
 
-  /* See https://developers.facebook.com/docs/chat/#platauth */
-  params = g_hash_table_new (g_str_hash, g_str_equal);
-  g_hash_table_insert (params, "method", g_hash_table_lookup (h, "method"));
-  g_hash_table_insert (params, "nonce", g_hash_table_lookup (h, "nonce"));
-  g_hash_table_insert (params, "access_token", data->access_token);
-  g_hash_table_insert (params, "api_key", (gpointer) client_id);
-  g_hash_table_insert (params, "call_id", "0");
-  g_hash_table_insert (params, "v", "1.0");
-
-  response = soup_form_encode_hash (params);
-  DEBUG ("Response: %s", response);
+  /* See https://developers.facebook.com/docs/chat/#platauth.
+   * We don't use soup_form_encode() here because it would escape parameters
+   * and facebook server is not expecting that and would reject the response. */
+  response_string = g_string_new ("v=1.0&call_id=0");
+  g_string_append (response_string, "&access_token=");
+  g_string_append_uri_escaped (response_string, data->access_token, NULL, TRUE);
+  g_string_append (response_string, "&api_key=");
+  g_string_append_uri_escaped (response_string, client_id, NULL, TRUE);
+  g_string_append (response_string, "&method=");
+  g_string_append_uri_escaped (response_string, g_hash_table_lookup (h, "method"), NULL, TRUE);
+  g_string_append (response_string, "&nonce=");
+  g_string_append_uri_escaped (response_string, g_hash_table_lookup (h, "nonce"), NULL, TRUE);
+
+  DEBUG ("Response: %s", response_string->str);
 
   response_array = g_array_new (FALSE, FALSE, sizeof (gchar));
-  g_array_append_vals (response_array, response, strlen (response));
+  g_array_append_vals (response_array, response_string->str, response_string->len);
 
   tp_cli_channel_interface_sasl_authentication_call_respond (data->channel, -1,
       response_array, NULL, NULL, NULL, NULL);
 
   g_hash_table_unref (h);
-  g_hash_table_unref (params);
   g_object_unref (oauth2);
-  g_free (response);
+  g_string_free (response_string, TRUE);
   g_array_unref (response_array);
 }