rpms/gnome-online-accounts
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Related: RHEL-10492 (Add margin around OAuth2 prompt content)

Browse Source
This commit is contained in:
Milan Crha 2023-11-15 10:46:50 +01:00
parent 37011616b1
commit 0cd854424f
2 changed files with 113 additions and 209 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

317
0003-Drop-dependency-on-WebKitGTK-139.patch
View File

@ -1,51 +1,3 @@
From 2e3a599fd725ce5647f1496c54b66acde436b357 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Wed, 8 Nov 2023 15:49:49 +0100
Subject: [PATCH] 0003-Drop-dependency-on-WebKitGTK-139.patch
---
configure.ac | 20 +-
data/Makefile.am | 15 +
...org.gnome.OnlineAccounts.OAuth2.desktop.in | 6 +
doc/goa-docs.xml | 1 -
doc/goa-sections.txt | 30 -
doc/goa.types | 1 -
po/POTFILES.in | 1 -
src/goabackend/Makefile.am | 48 +-
src/goabackend/goafacebookprovider.c | 26 -
src/goabackend/goaflickrprovider.c | 364 ----
src/goabackend/goaflickrprovider.h | 37 -
src/goabackend/goafoursquareprovider.c | 26 -
src/goabackend/goagoogleprovider.c | 32 -
src/goabackend/goaoauth2handler.c | 173 ++
src/goabackend/goaoauth2provider-priv.h | 17 -
.../goaoauth2provider-web-extension.h | 40 -
src/goabackend/goaoauth2provider-web-view.h | 37 -
src/goabackend/goaoauth2provider.c | 482 +++--
src/goabackend/goaoauthprovider.c | 1638 -----------------
src/goabackend/goaoauthprovider.h | 143 --
src/goabackend/goaprovider.c | 4 -
src/goabackend/goawebextension.c | 268 ---
src/goabackend/goawebextension.h | 37 -
src/goabackend/goawebextensionmain.c | 46 -
src/goabackend/goawebview.c | 515 ------
src/goabackend/goawebview.h | 38 -
src/goabackend/goawindowsliveprovider.c | 34 +-
27 files changed, 453 insertions(+), 3626 deletions(-)
create mode 100644 data/org.gnome.OnlineAccounts.OAuth2.desktop.in
delete mode 100644 src/goabackend/goaflickrprovider.c
delete mode 100644 src/goabackend/goaflickrprovider.h
create mode 100644 src/goabackend/goaoauth2handler.c
delete mode 100644 src/goabackend/goaoauth2provider-web-extension.h
delete mode 100644 src/goabackend/goaoauth2provider-web-view.h
delete mode 100644 src/goabackend/goaoauthprovider.c
delete mode 100644 src/goabackend/goaoauthprovider.h
delete mode 100644 src/goabackend/goawebextension.c
delete mode 100644 src/goabackend/goawebextension.h
delete mode 100644 src/goabackend/goawebextensionmain.c
delete mode 100644 src/goabackend/goawebview.c
delete mode 100644 src/goabackend/goawebview.h
diff --git a/configure.ac b/configure.ac
index 332a0bf..70962d6 100644
--- a/configure.ac
@ -93,10 +45,10 @@ index 332a0bf..70962d6 100644
# IMAP/SMTP
AC_DEFINE(GOA_IMAP_SMTP_NAME, ["imap_smtp"], [ProviderType and extension point name])
diff --git a/data/Makefile.am b/data/Makefile.am
index e3608a1..f778935 100644
index e3608a1..c3f1009 100644
--- a/data/Makefile.am
+++ b/data/Makefile.am
@@ -19,17 +19,32 @@ endif
@@ -19,17 +19,33 @@ endif
service_DATA = $(service_in_files:.service.in=.service)
%.service: %.service.in Makefile
@sed -e "s|\@libexecdir\@|$(libexecdir)|" $< > $@
@ -106,9 +58,10 @@ index e3608a1..f778935 100644
+desktopdir = $(datadir)/applications
+desktop_in_files = org.gnome.OnlineAccounts.OAuth2.desktop.in
+desktop_DATA = $(desktop_in_files:.desktop.in=.desktop)
+oauth2_schemes=x-scheme-handler/goa-oauth2;
+if GOOGLE_ENABLED
+ oauth2_schemes+=x-scheme-handler/com.googleusercontent.apps.44438659992-7kgjeitenc16ssihbtdjbgguch7ju55s;
+ oauth2_schemes=x-scheme-handler/com.googleusercontent.apps.44438659992-7kgjeitenc16ssihbtdjbgguch7ju55s;
+else
+ oauth2_schemes=
endif
+%.desktop: %.desktop.in Makefile
@ -131,7 +84,7 @@ index e3608a1..f778935 100644
diff --git a/data/org.gnome.OnlineAccounts.OAuth2.desktop.in b/data/org.gnome.OnlineAccounts.OAuth2.desktop.in
new file mode 100644
index 0000000..c3bd4d7
index 0000000..d0478aa
--- /dev/null
+++ b/data/org.gnome.OnlineAccounts.OAuth2.desktop.in
@@ -0,0 +1,6 @@
@ -139,9 +92,8 @@ index 0000000..c3bd4d7
+Name=GNOME OAuth2 Handler
+Exec=@libexecdir@/goa-oauth2-handler %u
+Type=Application
+MimeType=@oauth2_schemes@
+MimeType=x-scheme-handler/goa-oauth2;@oauth2_schemes@
+NoDisplay=true
\ No newline at end of file
diff --git a/doc/goa-docs.xml b/doc/goa-docs.xml
index 0abb53a..a9d45e1 100644
--- a/doc/goa-docs.xml
@ -825,10 +777,72 @@ index c1e4146..def21cb 100644
oauth2_class->add_account_key_values = add_account_key_values;
}
diff --git a/src/goabackend/goagoogleprovider.c b/src/goabackend/goagoogleprovider.c
index b3c0f8f..52c09a8 100644
index b3c0f8f..0fb40c3 100644
--- a/src/goabackend/goagoogleprovider.c
+++ b/src/goabackend/goagoogleprovider.c
@@ -228,37 +228,6 @@ get_identity_sync (GoaOAuth2Provider *oauth2_provider,
@@ -32,6 +32,7 @@
struct _GoaGoogleProvider
{
GoaOAuth2Provider parent_instance;
+ gchar *redirect_uri;
};
G_DEFINE_TYPE_WITH_CODE (GoaGoogleProvider, goa_google_provider, GOA_TYPE_OAUTH2_PROVIDER,
@@ -76,19 +77,50 @@ get_provider_features (GoaProvider *provider)
static const gchar *
get_authorization_uri (GoaOAuth2Provider *oauth2_provider)
{
- return "https://accounts.google.com/o/oauth2/auth";
+ return "https://accounts.google.com/o/oauth2/v2/auth";
}
static const gchar *
get_token_uri (GoaOAuth2Provider *oauth2_provider)
{
- return "https://accounts.google.com/o/oauth2/token";
+ return "https://oauth2.googleapis.com/token";
}
static const gchar *
get_redirect_uri (GoaOAuth2Provider *oauth2_provider)
{
- return "http://localhost";
+ G_LOCK_DEFINE_STATIC (redirect_uri);
+ GoaGoogleProvider *self = GOA_GOOGLE_PROVIDER (oauth2_provider);
+
+ G_LOCK (redirect_uri);
+
+ if (!self->redirect_uri) {
+ GPtrArray *array;
+ gchar **strv;
+ gchar *joinstr;
+ guint ii;
+
+ strv = g_strsplit (GOA_GOOGLE_CLIENT_ID, ".", -1);
+ array = g_ptr_array_new ();
+
+ for (ii = 0; strv[ii]; ii++) {
+ g_ptr_array_insert (array, 0, strv[ii]);
+ }
+
+ g_ptr_array_add (array, NULL);
+
+ joinstr = g_strjoinv (".", (gchar **) array->pdata);
+ /* Use reverse-DNS of the client ID with the below path */
+ self->redirect_uri = g_strconcat (joinstr, ":/oauth2redirect", NULL);
+
+ g_ptr_array_free (array, TRUE);
+ g_strfreev (strv);
+ g_free (joinstr);
+ }
+
+ G_UNLOCK (redirect_uri);
+
+ return self->redirect_uri;
}
static const gchar *
@@ -228,37 +260,6 @@ get_identity_sync (GoaOAuth2Provider *oauth2_provider,
/* ---------------------------------------------------------------------------------------------------- */
@ -866,7 +880,35 @@ index b3c0f8f..52c09a8 100644
static gboolean
build_object (GoaProvider *provider,
GoaObjectSkeleton *object,
@@ -426,7 +395,6 @@ goa_google_provider_class_init (GoaGoogleProviderClass *klass)
@@ -400,6 +401,16 @@ add_account_key_values (GoaOAuth2Provider *oauth2_provider,
/* ---------------------------------------------------------------------------------------------------- */
+static void
+goa_google_finalize (GObject *object)
+{
+ GoaGoogleProvider *self = GOA_GOOGLE_PROVIDER (object);
+
+ g_free (self->redirect_uri);
+
+ G_OBJECT_CLASS (goa_google_provider_parent_class)->finalize (object);
+}
+
static void
goa_google_provider_init (GoaGoogleProvider *self)
{
@@ -410,6 +421,10 @@ goa_google_provider_class_init (GoaGoogleProviderClass *klass)
{
GoaProviderClass *provider_class;
GoaOAuth2ProviderClass *oauth2_class;
+ GObjectClass *object_class;
+
+ object_class = G_OBJECT_CLASS (klass);
+ object_class->finalize = goa_google_finalize;
provider_class = GOA_PROVIDER_CLASS (klass);
provider_class->get_provider_type = get_provider_type;
@@ -426,7 +441,6 @@ goa_google_provider_class_init (GoaGoogleProviderClass *klass)
oauth2_class->get_identity_sync = get_identity_sync;
oauth2_class->get_redirect_uri = get_redirect_uri;
oauth2_class->get_scope = get_scope;
@ -1187,7 +1229,7 @@ index f2dae5e..0000000
-
-#endif /* __GOA_OAUTH2_PROVIDER_WEB_VIEW_H__ */
diff --git a/src/goabackend/goaoauth2provider.c b/src/goabackend/goaoauth2provider.c
index 3715431..9359489 100644
index 3715431..e7d5d2e 100644
--- a/src/goabackend/goaoauth2provider.c
+++ b/src/goabackend/goaoauth2provider.c
@@ -22,16 +22,13 @@
@ -1717,7 +1759,7 @@ index 3715431..9359489 100644
/* TODO: use oauth2_proxy_build_login_url_full() */
escaped_redirect_uri = g_uri_escape_string (goa_oauth2_provider_get_redirect_uri (self), NULL, TRUE);
@@ -946,40 +910,70 @@ get_tokens_and_identity (GoaOAuth2Provider *self,
@@ -946,40 +910,71 @@ get_tokens_and_identity (GoaOAuth2Provider *self,
escaped_scope = g_uri_escape_string (goa_oauth2_provider_get_scope (self), NULL, TRUE);
else
escaped_scope = NULL;
@ -1744,6 +1786,7 @@ index 3715431..9359489 100644
+ "hexpand", TRUE,
+ "valign", GTK_ALIGN_CENTER,
+ "vexpand", TRUE,
+ "margin", 12,
+ NULL);
gtk_container_add (GTK_CONTAINER (vbox), grid);
@ -1814,7 +1857,7 @@ index 3715431..9359489 100644
/* We can have either the auth code, with which we'll obtain the token, or
* the token directly if we are using a client side flow, since we don't
@@ -1038,12 +1032,14 @@ get_tokens_and_identity (GoaOAuth2Provider *self,
@@ -1038,12 +1033,14 @@ get_tokens_and_identity (GoaOAuth2Provider *self,
}
ret = TRUE;
@ -1830,7 +1873,7 @@ index 3715431..9359489 100644
return ret;
}
@@ -1107,6 +1103,7 @@ goa_oauth2_provider_add_account (GoaProvider *provider,
@@ -1107,6 +1104,7 @@ goa_oauth2_provider_add_account (GoaProvider *provider,
g_return_val_if_fail (error == NULL || *error == NULL, NULL);
priv = goa_oauth2_provider_get_instance_private (self);
@ -1838,7 +1881,7 @@ index 3715431..9359489 100644
if (!get_tokens_and_identity (self, TRUE, NULL, dialog, vbox))
goto out;
@@ -1141,7 +1138,6 @@ goa_oauth2_provider_add_account (GoaProvider *provider,
@@ -1141,7 +1139,6 @@ goa_oauth2_provider_add_account (GoaProvider *provider,
NULL, /* GCancellable* */
(GAsyncReadyCallback) add_account_cb,
self);
@ -1846,7 +1889,7 @@ index 3715431..9359489 100644
g_main_loop_run (priv->loop);
if (priv->error != NULL)
goto out;
@@ -1191,6 +1187,7 @@ goa_oauth2_provider_refresh_account (GoaProvider *provider,
@@ -1191,6 +1188,7 @@ goa_oauth2_provider_refresh_account (GoaProvider *provider,
g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
priv = goa_oauth2_provider_get_instance_private (self);
@ -1854,7 +1897,7 @@ index 3715431..9359489 100644
dialog = gtk_dialog_new_with_buttons (NULL,
parent,
@@ -1601,6 +1598,8 @@ goa_oauth2_provider_finalize (GObject *object)
@@ -1601,6 +1599,8 @@ goa_oauth2_provider_finalize (GObject *object)
g_free (priv->authorization_code);
g_free (priv->access_token);
g_free (priv->refresh_token);
@ -1863,7 +1906,7 @@ index 3715431..9359489 100644
G_OBJECT_CLASS (goa_oauth2_provider_parent_class)->finalize (object);
}
@@ -1626,12 +1625,9 @@ goa_oauth2_provider_class_init (GoaOAuth2ProviderClass *klass)
@@ -1626,12 +1626,9 @@ goa_oauth2_provider_class_init (GoaOAuth2ProviderClass *klass)
provider_class->ensure_credentials_sync = goa_oauth2_provider_ensure_credentials_sync;
klass->build_authorization_uri = goa_oauth2_provider_build_authorization_uri_default;
@ -4683,145 +4726,3 @@ index be35746..0ac5efb 100644
- oauth2_class->is_identity_node = is_identity_node;
oauth2_class->add_account_key_values = add_account_key_values;
}
--
2.39.3
diff --git a/src/goabackend/goagoogleprovider.c b/src/goabackend/goagoogleprovider.c
index 52c09a8..0fb40c3 100644
--- a/src/goabackend/goagoogleprovider.c
+++ b/src/goabackend/goagoogleprovider.c
@@ -32,6 +32,7 @@
struct _GoaGoogleProvider
{
GoaOAuth2Provider parent_instance;
+ gchar *redirect_uri;
};
G_DEFINE_TYPE_WITH_CODE (GoaGoogleProvider, goa_google_provider, GOA_TYPE_OAUTH2_PROVIDER,
@@ -76,19 +77,50 @@ get_provider_features (GoaProvider *provider)
static const gchar *
get_authorization_uri (GoaOAuth2Provider *oauth2_provider)
{
- return "https://accounts.google.com/o/oauth2/auth";
+ return "https://accounts.google.com/o/oauth2/v2/auth";
}
static const gchar *
get_token_uri (GoaOAuth2Provider *oauth2_provider)
{
- return "https://accounts.google.com/o/oauth2/token";
+ return "https://oauth2.googleapis.com/token";
}
static const gchar *
get_redirect_uri (GoaOAuth2Provider *oauth2_provider)
{
- return "http://localhost";
+ G_LOCK_DEFINE_STATIC (redirect_uri);
+ GoaGoogleProvider *self = GOA_GOOGLE_PROVIDER (oauth2_provider);
+
+ G_LOCK (redirect_uri);
+
+ if (!self->redirect_uri) {
+ GPtrArray *array;
+ gchar **strv;
+ gchar *joinstr;
+ guint ii;
+
+ strv = g_strsplit (GOA_GOOGLE_CLIENT_ID, ".", -1);
+ array = g_ptr_array_new ();
+
+ for (ii = 0; strv[ii]; ii++) {
+ g_ptr_array_insert (array, 0, strv[ii]);
+ }
+
+ g_ptr_array_add (array, NULL);
+
+ joinstr = g_strjoinv (".", (gchar **) array->pdata);
+ /* Use reverse-DNS of the client ID with the below path */
+ self->redirect_uri = g_strconcat (joinstr, ":/oauth2redirect", NULL);
+
+ g_ptr_array_free (array, TRUE);
+ g_strfreev (strv);
+ g_free (joinstr);
+ }
+
+ G_UNLOCK (redirect_uri);
+
+ return self->redirect_uri;
}
static const gchar *
@@ -369,6 +401,16 @@ add_account_key_values (GoaOAuth2Provider *oauth2_provider,
/* ---------------------------------------------------------------------------------------------------- */
+static void
+goa_google_finalize (GObject *object)
+{
+ GoaGoogleProvider *self = GOA_GOOGLE_PROVIDER (object);
+
+ g_free (self->redirect_uri);
+
+ G_OBJECT_CLASS (goa_google_provider_parent_class)->finalize (object);
+}
+
static void
goa_google_provider_init (GoaGoogleProvider *self)
{
@@ -379,6 +421,10 @@ goa_google_provider_class_init (GoaGoogleProviderClass *klass)
{
GoaProviderClass *provider_class;
GoaOAuth2ProviderClass *oauth2_class;
+ GObjectClass *object_class;
+
+ object_class = G_OBJECT_CLASS (klass);
+ object_class->finalize = goa_google_finalize;
provider_class = GOA_PROVIDER_CLASS (klass);
provider_class->get_provider_type = get_provider_type;
diff --git a/data/Makefile.am b/data/Makefile.am
index f778935..33794ed 100644
--- a/data/Makefile.am
+++ b/data/Makefile.am
@@ -25,9 +25,9 @@ endif
desktopdir = $(datadir)/applications
desktop_in_files = org.gnome.OnlineAccounts.OAuth2.desktop.in
desktop_DATA = $(desktop_in_files:.desktop.in=.desktop)
-oauth2_schemes=x-scheme-handler/goa-oauth2;
+oauth2_schemes=
if GOOGLE_ENABLED
- oauth2_schemes+=x-scheme-handler/com.googleusercontent.apps.44438659992-7kgjeitenc16ssihbtdjbgguch7ju55s;
+ oauth2_schemes=x-scheme-handler/com.googleusercontent.apps.44438659992-7kgjeitenc16ssihbtdjbgguch7ju55s;
endif
%.desktop: %.desktop.in Makefile
diff --git a/data/org.gnome.OnlineAccounts.OAuth2.desktop.in b/data/org.gnome.OnlineAccounts.OAuth2.desktop.in
index c3bd4d7..d0478aa 100644
--- a/data/org.gnome.OnlineAccounts.OAuth2.desktop.in
+++ b/data/org.gnome.OnlineAccounts.OAuth2.desktop.in
@@ -2,5 +2,5 @@
Name=GNOME OAuth2 Handler
Exec=@libexecdir@/goa-oauth2-handler %u
Type=Application
-MimeType=@oauth2_schemes@
-NoDisplay=true
\ No newline at end of file
+MimeType=x-scheme-handler/goa-oauth2;@oauth2_schemes@
+NoDisplay=true
diff --git a/data/Makefile.am b/data/Makefile.am
index 33794ed..c3f1009 100644
--- a/data/Makefile.am
+++ b/data/Makefile.am
@@ -25,9 +25,10 @@ endif
desktopdir = $(datadir)/applications
desktop_in_files = org.gnome.OnlineAccounts.OAuth2.desktop.in
desktop_DATA = $(desktop_in_files:.desktop.in=.desktop)
-oauth2_schemes=
if GOOGLE_ENABLED
oauth2_schemes=x-scheme-handler/com.googleusercontent.apps.44438659992-7kgjeitenc16ssihbtdjbgguch7ju55s;
+else
+ oauth2_schemes=
endif
%.desktop: %.desktop.in Makefile

5
gnome-online-accounts.spec
View File

@ -5,7 +5,7 @@
Name: gnome-online-accounts
Version: 3.40.0
Release: 5%{?dist}
Release: 6%{?dist}
Summary: Single sign-on framework for GNOME
License: LGPLv2+
@ -135,6 +135,9 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
%{_datadir}/vala/
%changelog
* Wed Nov 15 2023 Milan Crha <mcrha@redhat.com> - 3.40.0-6
- Related: RHEL-10492 (Add margin around OAuth2 prompt content)
* Wed Nov 08 2023 Milan Crha <mcrha@redhat.com> - 3.40.0-5
- Resolves: RHEL-10492 (Move account types that depend on WebKitGTK into separate optional subpackage)
- backport upstream fix to use external browser for OAuth2