Mercurial > pidgin

comparison libpurple/protocols/oscar/clientlogin.c @ 27425:4813810ea7d4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Allow UIs to specify their own AOL client key
author Mark Doliner <mark@kingant.net>
date Wed, 08 Jul 2009 19:02:40 +0000
parents f541583e31bd
children 4f24d5da4cb3
comparison
equal deleted inserted replaced
27424:8368e4fb7d3a 27425:4813810ea7d4
43 43
44 #define URL_CLIENT_LOGIN "https://api.screenname.aol.com/auth/clientLogin" 44 #define URL_CLIENT_LOGIN "https://api.screenname.aol.com/auth/clientLogin"
45 #define URL_START_OSCAR_SESSION "http://api.oscar.aol.com/aim/startOSCARSession" 45 #define URL_START_OSCAR_SESSION "http://api.oscar.aol.com/aim/startOSCARSession"
46 46
47 /* 47 /*
48 * Using clientLogin requires a developer ID. This dev ID is owned by 48 * Using clientLogin requires a developer ID. This key is for libpurple.
49 * the AIM account "markdoliner" 49 * It is the default key for all libpurple-based clients. AOL encourages
50 */ 50 * UIs (especially ones with lots of users) to override this with their
51 #define CLIENT_KEY "ma15d7JTxbmVG-RP" 51 * own key. This key is owned by the AIM account "markdoliner"
52 *
53 * Keys can be managed at http://developer.aim.com/manageKeys.jsp
54 */
55 #define DEFAULT_CLIENT_KEY "ma15d7JTxbmVG-RP"
56
57 static const char *get_client_key(OscarData *od)
58 {
59 GHashTable *ui_info;
60 const char *client_key = NULL;
61
62 ui_info = purple_core_get_ui_info();
63 if (ui_info != NULL)
64 client_key = g_hash_table_lookup(ui_info,
65 od->icq ? "prpl-icq-clientkey" : "prpl-aim-clientkey");
66 if (client_key == NULL)
67 client_key = DEFAULT_CLIENT_KEY;
68
69 return client_key;
70 }
52 71
53 /** 72 /**
54 * This is similar to purple_url_encode() except that it follows 73 * This is similar to purple_url_encode() except that it follows
55 * RFC3986 a little more closely by not encoding - . _ and ~ 74 * RFC3986 a little more closely by not encoding - . _ and ~
56 * It also uses capital letters as hex characters because capital 75 * It also uses capital letters as hex characters because capital
274 char *query_string, *signature, *url; 293 char *query_string, *signature, *url;
275 294
276 /* Construct the GET parameters */ 295 /* Construct the GET parameters */
277 query_string = g_strdup_printf("a=%s" 296 query_string = g_strdup_printf("a=%s"
278 "&f=xml" 297 "&f=xml"
279 "&k=" CLIENT_KEY 298 "&k=%s"
280 "&ts=%zu" 299 "&ts=%zu"
281 "&useTLS=0", 300 "&useTLS=0",
282 oscar_auth_url_encode(token), hosttime); 301 oscar_auth_url_encode(token), get_client_key(od), hosttime);
283 signature = generate_signature("GET", URL_START_OSCAR_SESSION, 302 signature = generate_signature("GET", URL_START_OSCAR_SESSION,
284 query_string, session_key); 303 query_string, session_key);
285 url = g_strdup_printf(URL_START_OSCAR_SESSION "?%s&sig_sha256=%s", 304 url = g_strdup_printf(URL_START_OSCAR_SESSION "?%s&sig_sha256=%s",
286 query_string, signature); 305 query_string, signature);
287 g_free(query_string); 306 g_free(query_string);
503 password_len = strlen(tmp); 522 password_len = strlen(tmp);
504 password = g_strndup(tmp, od->icq ? MIN(password_len, MAXICQPASSLEN) : password_len); 523 password = g_strndup(tmp, od->icq ? MIN(password_len, MAXICQPASSLEN) : password_len);
505 524
506 /* Construct the body of the HTTP POST request */ 525 /* Construct the body of the HTTP POST request */
507 body = g_string_new(""); 526 body = g_string_new("");
508 g_string_append_printf(body, "devId=" CLIENT_KEY); 527 g_string_append_printf(body, "devId=%s", get_client_key(od));
509 g_string_append_printf(body, "&f=xml"); 528 g_string_append_printf(body, "&f=xml");
510 g_string_append_printf(body, "&pwd=%s", oscar_auth_url_encode(password)); 529 g_string_append_printf(body, "&pwd=%s", oscar_auth_url_encode(password));
511 g_string_append_printf(body, "&s=%s", oscar_auth_url_encode(username)); 530 g_string_append_printf(body, "&s=%s", oscar_auth_url_encode(username));
512 g_free(password); 531 g_free(password);
513 532