[evolution-data-server/evolution-data-server-3-12] Bug 735311 - Adapt to new Google HTTP restriction
- From: Matthew Barnes <mbarnes src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [evolution-data-server/evolution-data-server-3-12] Bug 735311 - Adapt to new Google HTTP restriction
- Date: Mon, 25 Aug 2014 15:26:32 +0000 (UTC)
commit 5e9d80092b19f9bd2c02712ab0a50fa70b052c74
Author: Matthew Barnes <mbarnes redhat com>
Date: Mon Aug 25 11:01:20 2014 -0400
Bug 735311 - Adapt to new Google HTTP restriction
Google has recently imposed a limit on the number of unauthorized HTTP
requests to its OAuth2-based interfaces.
The normal operation of SoupSession is to issue the first HTTP request
unauthorized and see if the server issues a "401 Unauthorized" response
(since not all HTTP services require authorization).
On a "401 Unauthorized" response, SoupSession emits an "authenticate"
signal, which the application is supposed to handle. Once credentials
are in hand, SoupSession resends the same HTTP request and subsequent
requests with an Authenticate header while the socket connection holds.
Google's unauthorized request limit breaks this logic flow. Once the
limit is exceeded, the Google server issues a "403 Forbidden" response
instead of "401 Unauthorized" to an unauthorized HTTP request. This
breaks error handling in the E-D-S CalDAV backend.
The workaround is to preload the SoupAuthManager with a pre-configured
SoupAuth when using OAuth 2.0 authentication. This avoids the initial
unauthorized HTTP round-trip.
The backend implements the GInitable interface for this since obtaining
a valid access token is a failable step.
(cherry picked from commit 00a465670ef3d8adbaf011b3e697ba5befb00623)
calendar/backends/caldav/e-cal-backend-caldav.c | 99 ++++++++++++++++++++---
libedataserver/e-source-webdav.c | 4 +-
2 files changed, 89 insertions(+), 14 deletions(-)
---
diff --git a/calendar/backends/caldav/e-cal-backend-caldav.c b/calendar/backends/caldav/e-cal-backend-caldav.c
index f189126..686020e 100644
--- a/calendar/backends/caldav/e-cal-backend-caldav.c
+++ b/calendar/backends/caldav/e-cal-backend-caldav.c
@@ -133,6 +133,8 @@ struct _ECalBackendCalDAVPrivate {
};
/* Forward Declarations */
+static void e_caldav_backend_initable_init
+ (GInitableIface *interface);
static void caldav_source_authenticator_init
(ESourceAuthenticatorInterface *iface);
@@ -141,6 +143,9 @@ G_DEFINE_TYPE_WITH_CODE (
e_cal_backend_caldav,
E_TYPE_CAL_BACKEND_SYNC,
G_IMPLEMENT_INTERFACE (
+ G_TYPE_INITABLE,
+ e_caldav_backend_initable_init)
+ G_IMPLEMENT_INTERFACE (
E_TYPE_SOURCE_AUTHENTICATOR,
caldav_source_authenticator_init))
@@ -5238,11 +5243,83 @@ e_cal_backend_caldav_finalize (GObject *object)
G_OBJECT_CLASS (parent_class)->finalize (object);
}
-static void
-e_cal_backend_caldav_init (ECalBackendCalDAV *cbdav)
+static gboolean
+caldav_backend_initable_init (GInitable *initable,
+ GCancellable *cancellable,
+ GError **error)
{
+ ECalBackendCalDAVPrivate *priv;
SoupSessionFeature *feature;
+ ESource *source;
+ const gchar *extension_name;
+ gchar *auth_method = NULL;
+ gboolean success = TRUE;
+
+ priv = E_CAL_BACKEND_CALDAV_GET_PRIVATE (initable);
+
+ feature = soup_session_get_feature (
+ priv->session, SOUP_TYPE_AUTH_MANAGER);
+
+ /* Add the "Bearer" auth type to support OAuth 2.0. */
+ soup_session_feature_add_feature (feature, E_TYPE_SOUP_AUTH_BEARER);
+ g_mutex_init (&priv->bearer_auth_error_lock);
+
+ /* Preload the SoupAuthManager with a valid "Bearer" token
+ * when using OAuth 2.0. This avoids an extra unauthorized
+ * HTTP round-trip, which apparently Google doesn't like. */
+
+ source = e_backend_get_source (E_BACKEND (initable));
+
+ extension_name = E_SOURCE_EXTENSION_AUTHENTICATION;
+ if (e_source_has_extension (source, extension_name)) {
+ ESourceAuthentication *extension;
+
+ extension = e_source_get_extension (source, extension_name);
+ auth_method = e_source_authentication_dup_method (extension);
+ }
+
+ if (g_strcmp0 (auth_method, "OAuth2") == 0) {
+ ESourceWebdav *extension;
+ SoupAuth *soup_auth;
+ SoupURI *soup_uri;
+ gchar *access_token = NULL;
+ gint expires_in_seconds = -1;
+
+ extension_name = E_SOURCE_EXTENSION_WEBDAV_BACKEND;
+ extension = e_source_get_extension (source, extension_name);
+ soup_uri = e_source_webdav_dup_soup_uri (extension);
+ soup_auth = g_object_new (
+ E_TYPE_SOUP_AUTH_BEARER,
+ SOUP_AUTH_HOST, soup_uri->host, NULL);
+
+ success = e_source_get_oauth2_access_token_sync (
+ source, cancellable, &access_token,
+ &expires_in_seconds, error);
+
+ if (success) {
+ e_soup_auth_bearer_set_access_token (
+ E_SOUP_AUTH_BEARER (soup_auth),
+ access_token, expires_in_seconds);
+
+ soup_auth_manager_use_auth (
+ SOUP_AUTH_MANAGER (feature),
+ soup_uri, soup_auth);
+ }
+
+ g_free (access_token);
+ g_object_unref (soup_auth);
+ soup_uri_free (soup_uri);
+ }
+
+ g_free (auth_method);
+
+ return success;
+}
+
+static void
+e_cal_backend_caldav_init (ECalBackendCalDAV *cbdav)
+{
cbdav->priv = E_CAL_BACKEND_CALDAV_GET_PRIVATE (cbdav);
cbdav->priv->session = soup_session_sync_new ();
g_object_set (
@@ -5257,17 +5334,6 @@ e_cal_backend_caldav_init (ECalBackendCalDAV *cbdav)
cbdav->priv->session, "proxy-resolver",
G_BINDING_SYNC_CREATE);
- /* XXX SoupAuthManager is public API as of libsoup 2.42, but
- * this isn't worth bumping our libsoup requirement over.
- * So get the SoupAuthManager GType by its type name. */
- feature = soup_session_get_feature (
- cbdav->priv->session,
- g_type_from_name ("SoupAuthManager"));
-
- /* Add the "Bearer" auth type to support OAuth 2.0. */
- soup_session_feature_add_feature (feature, E_TYPE_SOUP_AUTH_BEARER);
- g_mutex_init (&cbdav->priv->bearer_auth_error_lock);
-
if (G_UNLIKELY (caldav_debug_show (DEBUG_MESSAGE)))
caldav_debug_setup (cbdav->priv->session);
@@ -5337,3 +5403,10 @@ e_cal_backend_caldav_class_init (ECalBackendCalDAVClass *class)
backend_class->start_view = caldav_start_view;
}
+
+static void
+e_caldav_backend_initable_init (GInitableIface *interface)
+{
+ interface->init = caldav_backend_initable_init;
+}
+
diff --git a/libedataserver/e-source-webdav.c b/libedataserver/e-source-webdav.c
index eda83d5..9ddbbc0 100644
--- a/libedataserver/e-source-webdav.c
+++ b/libedataserver/e-source-webdav.c
@@ -244,7 +244,9 @@ source_webdav_update_soup_uri_from_properties (ESourceWebdav *webdav_extension)
soup_uri_set_user (soup_uri, user);
soup_uri_set_host (soup_uri, host);
- soup_uri_set_port (soup_uri, port);
+
+ if (port > 0)
+ soup_uri_set_port (soup_uri, port);
/* SoupURI doesn't like NULL paths. */
soup_uri_set_path (soup_uri, (path != NULL) ? path : "");
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]