Mercurial > pidgin.yaz
comparison libpurple/protocols/msn/nexus.h @ 23521:9fdf0accd4aa
Finally got MSN token updating working (I think).
So it seems after creating the signature, the xmlnode_to_str must have
added some xmlns attributes which were sent to the server. I thought that
CanonicalizationMethod stuff the XML specified meant the server would
normalize everything nicely, but apparently not.
I added the xmlns to the XML string before creating the signature and
it looks like things work now. It just needs a full 8-hour test to be
certain.
Did a bit of re-factoring to the token response parsing, as well. It
should now fail the first time something shows up that isn't expected,
or if something is missing, instead of blindly going forward with half
the tokens we requested.
References #4875.
author | Elliott Sales de Andrade <qulogic@pidgin.im> |
---|---|
date | Sun, 15 Jun 2008 06:22:25 +0000 |
parents | 1b98e2090a71 |
children | 711773577380 |
comparison
equal
deleted
inserted
replaced
23520:f85450504940 | 23521:9fdf0accd4aa |
---|---|
40 | 40 |
41 #define MSN_SSO_SERVER "login.live.com" | 41 #define MSN_SSO_SERVER "login.live.com" |
42 #define SSO_POST_URL "/RST.srf" | 42 #define SSO_POST_URL "/RST.srf" |
43 | 43 |
44 #define MSN_SSO_RST_TEMPLATE \ | 44 #define MSN_SSO_RST_TEMPLATE \ |
45 "<wst:RequestSecurityToken Id=\"RST%d\">"\ | 45 "<wst:RequestSecurityToken xmlns=\"http://schemas.xmlsoap.org/ws/2004/04/trust\" Id=\"RST%d\">"\ |
46 "<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>"\ | 46 "<wst:RequestType>http://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</wst:RequestType>"\ |
47 "<wsp:AppliesTo>"\ | 47 "<wsp:AppliesTo xmlns=\"http://schemas.xmlsoap.org/ws/2002/12/policy\">"\ |
48 "<wsa:EndpointReference>"\ | 48 "<wsa:EndpointReference xmlns=\"http://schemas.xmlsoap.org/ws/2004/03/addressing\">"\ |
49 "<wsa:Address>%s</wsa:Address>"\ | 49 "<wsa:Address>%s</wsa:Address>"\ |
50 "</wsa:EndpointReference>"\ | 50 "</wsa:EndpointReference>"\ |
51 "</wsp:AppliesTo>"\ | 51 "</wsp:AppliesTo>"\ |
52 "<wsse:PolicyReference URI=\"%s\"></wsse:PolicyReference>"\ | 52 "<wsse:PolicyReference xmlns=\"http://schemas.xmlsoap.org/ws/2003/06/secext\" URI=\"%s\"></wsse:PolicyReference>"\ |
53 "</wst:RequestSecurityToken>" | 53 "</wst:RequestSecurityToken>" |
54 | 54 |
55 #define MSN_SSO_TEMPLATE "<?xml version='1.0' encoding='utf-8'?>"\ | 55 #define MSN_SSO_TEMPLATE "<?xml version='1.0' encoding='utf-8'?>"\ |
56 "<Envelope xmlns=\"http://schemas.xmlsoap.org/soap/envelope/\""\ | 56 "<Envelope xmlns=\"http://schemas.xmlsoap.org/soap/envelope/\""\ |
57 " xmlns:wsse=\"http://schemas.xmlsoap.org/ws/2003/06/secext\""\ | 57 " xmlns:wsse=\"http://schemas.xmlsoap.org/ws/2003/06/secext\""\ |
105 "</ps:AuthInfo>" | 105 "</ps:AuthInfo>" |
106 /* Not sure what's editable here, so I'll just hard-code the SHA1 hash */ | 106 /* Not sure what's editable here, so I'll just hard-code the SHA1 hash */ |
107 #define MSN_SSO_AUTHINFO_SHA1_BASE64 "d2IeTF4DAkPEa/tVETHznsivEpc=" | 107 #define MSN_SSO_AUTHINFO_SHA1_BASE64 "d2IeTF4DAkPEa/tVETHznsivEpc=" |
108 | 108 |
109 #define MSN_SSO_TIMESTAMP_TEMPLATE \ | 109 #define MSN_SSO_TIMESTAMP_TEMPLATE \ |
110 "<wsu:Timestamp Id=\"Timestamp\">"\ | 110 "<wsu:Timestamp xmlns=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\" Id=\"Timestamp\">"\ |
111 "<wsu:Created>%s</wsu:Created>"\ | 111 "<wsu:Created>%s</wsu:Created>"\ |
112 "<wsu:Expires>%s</wsu:Expires>"\ | 112 "<wsu:Expires>%s</wsu:Expires>"\ |
113 "</wsu:Timestamp>" | 113 "</wsu:Timestamp>" |
114 | 114 |
115 #define MSN_SSO_SIGNEDINFO_TEMPLATE \ | 115 #define MSN_SSO_SIGNEDINFO_TEMPLATE \ |
116 "<SignedInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">"\ | 116 "<SignedInfo xmlns=\"http://www.w3.org/2000/09/xmldsig#\">"\ |
117 "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></CanonicalizationMethod>"\ | 117 "<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></CanonicalizationMethod>"\ |
118 "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#hmac-sha1\"></SignatureMethod>"\ | 118 "<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#hmac-sha1\"></SignatureMethod>"\ |
119 "<Reference URI=\"#RST0\">"\ | 119 "<Reference URI=\"#RST%d\">"\ |
120 "<Transforms>"\ | 120 "<Transforms>"\ |
121 "<Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></Transform>"\ | 121 "<Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></Transform>"\ |
122 "</Transforms>"\ | 122 "</Transforms>"\ |
123 "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"></DigestMethod>"\ | 123 "<DigestMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"></DigestMethod>"\ |
124 "<DigestValue>%s</DigestValue>"\ | 124 "<DigestValue>%s</DigestValue>"\ |