/* Copyright 2012 BJA Electronics * Copyright 2017 Jens Georg * Author: Jeroen Arnoldus (b.j.arnoldus@bja-electronics.nl) * Author: Jens Georg * * This software is licensed under the GNU Lesser General Public License * (version 2.1 or later). See the COPYING file in this distribution. */ namespace Publishing.Authenticator.Shotwell.Tumblr { internal const string ENDPOINT_URL = "https://www.tumblr.com/"; internal const string API_KEY = "NdXvXQuKVccOsCOj0H4k9HUJcbcjDBYSo2AkaHzXFECHGNuP9k"; internal const string API_SECRET = "BN0Uoig0MwbeD27OgA0IwYlp3Uvonyfsrl9pf1cnnMj1QoEUvi"; internal const string ENCODE_RFC_3986_EXTRA = "!*'();:@&=+$,/?%#[] \\"; /** * The authentication pane used when asking service URL, user name and password * from the user. */ internal class AuthenticationPane : Spit.Publishing.DialogPane, Object { public enum Mode { INTRO, FAILED_RETRY_USER } private static string INTRO_MESSAGE = _("Enter the username and password associated with your Tumblr account."); private static string FAILED_RETRY_USER_MESSAGE = _("Username and/or password invalid. Please try again"); private Gtk.Box pane_widget = null; private Gtk.Builder builder; private Gtk.Entry username_entry; private Gtk.Entry password_entry; private Gtk.Button login_button; public signal void login(string user, string password); public AuthenticationPane(Mode mode = Mode.INTRO) { this.pane_widget = new Gtk.Box(Gtk.Orientation.VERTICAL, 0); try { builder = new Gtk.Builder(); builder.add_from_resource (Resources.RESOURCE_PATH + "/tumblr_authentication_pane.ui"); builder.connect_signals(null); var content = builder.get_object ("content") as Gtk.Widget; Gtk.Label message_label = builder.get_object("message_label") as Gtk.Label; switch (mode) { case Mode.INTRO: message_label.set_text(INTRO_MESSAGE); break; case Mode.FAILED_RETRY_USER: message_label.set_markup("%s\n\n%s".printf(_( "Invalid User Name or Password"), FAILED_RETRY_USER_MESSAGE)); break; } username_entry = builder.get_object ("username_entry") as Gtk.Entry; password_entry = builder.get_object ("password_entry") as Gtk.Entry; login_button = builder.get_object("login_button") as Gtk.Button; username_entry.changed.connect(on_user_changed); password_entry.changed.connect(on_password_changed); login_button.clicked.connect(on_login_button_clicked); content.parent.remove (content); pane_widget.add (content); } catch (Error e) { warning(_("Could not load UI: %s"), e.message); } } public Gtk.Widget get_default_widget() { return login_button; } private void on_login_button_clicked() { login(username_entry.get_text(), password_entry.get_text()); } private void on_user_changed() { update_login_button_sensitivity(); } private void on_password_changed() { update_login_button_sensitivity(); } private void update_login_button_sensitivity() { login_button.set_sensitive(username_entry.text_length > 0 && password_entry.text_length > 0); } public Gtk.Widget get_widget() { return pane_widget; } public Spit.Publishing.DialogPane.GeometryOptions get_preferred_geometry() { return Spit.Publishing.DialogPane.GeometryOptions.NONE; } public void on_pane_installed() { username_entry.grab_focus(); password_entry.set_activates_default(true); login_button.can_default = true; update_login_button_sensitivity(); } public void on_pane_uninstalled() { } } internal class AccessTokenFetchTransaction : Publishing.RESTSupport.OAuth1.Transaction { public AccessTokenFetchTransaction(Publishing.RESTSupport.OAuth1.Session session, string username, string password) { base.with_uri(session, "https://www.tumblr.com/oauth/access_token", Publishing.RESTSupport.HttpMethod.POST); add_argument("x_auth_username", Soup.URI.encode(username, ENCODE_RFC_3986_EXTRA)); add_argument("x_auth_password", password); add_argument("x_auth_mode", "client_auth"); } } internal class Tumblr : Publishing.Authenticator.Shotwell.OAuth1.Authenticator { public Tumblr(Spit.Publishing.PluginHost host) { base(API_KEY, API_SECRET, host); } public override void authenticate() { if (is_persistent_session_valid()) { debug("attempt start: a persistent session is available; using it"); session.authenticate_from_persistent_credentials(get_persistent_access_phase_token(), get_persistent_access_phase_token_secret(), "unused"); } else { debug("attempt start: no persistent session available; showing login welcome pane"); do_show_authentication_pane(); } } public override bool can_logout() { return true; } public override void logout() { this.session.deauthenticate(); invalidate_persistent_session(); } public override void refresh() { // No-op with Tumblr } /** * Action that shows the authentication pane. * * This action method shows the authentication pane. It is shown at the * very beginning of the interaction when no persistent parameters are found * or after a failed login attempt using persisted parameters. It can be * given a mode flag to specify whether it should be displayed in initial * mode or in any of the error modes that it supports. * * @param mode the mode for the authentication pane */ private void do_show_authentication_pane(AuthenticationPane.Mode mode = AuthenticationPane.Mode.INTRO) { debug("ACTION: installing authentication pane"); host.set_service_locked(false); AuthenticationPane authentication_pane = new AuthenticationPane(mode); authentication_pane.login.connect(on_authentication_pane_login_clicked); host.install_dialog_pane(authentication_pane, Spit.Publishing.PluginHost.ButtonMode.CLOSE); host.set_dialog_default_widget(authentication_pane.get_default_widget()); } /** * Event triggered when the login button in the authentication panel is * clicked. * * This event is triggered when the login button in the authentication * panel is clicked. It then triggers a network login interaction. * * @param username the name of the Tumblr user as entered in the dialog * @param password the password of the Tumblr as entered in the dialog */ private void on_authentication_pane_login_clicked( string username, string password ) { debug("EVENT: on_authentication_pane_login_clicked"); do_network_login(username, password); } /** * Action to perform a network login to a Tumblr blog. * * This action performs a network login a Tumblr blog specified the given user name and password as credentials. * * @param username the name of the Tumblr user used to login * @param password the password of the Tumblr user used to login */ private void do_network_login(string username, string password) { debug("ACTION: logging in"); host.set_service_locked(true); host.install_login_wait_pane(); AccessTokenFetchTransaction txn = new AccessTokenFetchTransaction(session,username,password); txn.completed.connect(on_auth_request_txn_completed); txn.network_error.connect(on_auth_request_txn_error); try { txn.execute(); } catch (Spit.Publishing.PublishingError err) { host.post_error(err); } } private void on_auth_request_txn_completed(Publishing.RESTSupport.Transaction txn) { txn.completed.disconnect(on_auth_request_txn_completed); txn.network_error.disconnect(on_auth_request_txn_error); debug("EVENT: OAuth authentication request transaction completed; response = '%s'", txn.get_response()); do_parse_token_info_from_auth_request(txn.get_response()); } private void on_auth_request_txn_error(Publishing.RESTSupport.Transaction txn, Spit.Publishing.PublishingError err) { txn.completed.disconnect(on_auth_request_txn_completed); txn.network_error.disconnect(on_auth_request_txn_error); debug("EVENT: OAuth authentication request transaction caused a network error"); host.post_error(err); } private void do_parse_token_info_from_auth_request(string response) { debug("ACTION: extracting access phase credentials from '%s'", response); string? token = null; string? token_secret = null; var data = Soup.Form.decode(response); data.lookup_extended("oauth_token", null, out token); data.lookup_extended("oauth_token_secret", null, out token_secret); debug("access phase credentials: { token = '%s'; token_secret = '%s' }", token, token_secret); if (token == null || token_secret == null) { host.post_error(new Spit.Publishing.PublishingError.MALFORMED_RESPONSE("Expected " + "access phase credentials to contain token and token secret but at " + "least one of these is absent")); this.authentication_failed(); } else { session.set_access_phase_credentials(token, token_secret, ""); } } } }