Fix code challenge in tidal oauth

This commit is contained in:
Jonas Kvinge 2019-06-10 02:29:57 +02:00
parent c0c1457073
commit 56ffb0deb1
4 changed files with 34 additions and 16 deletions

View File

@ -731,6 +731,11 @@ QString GetRandomStringWithCharsAndNumbers(const int len) {
return GetRandomString(len, UseCharacters);
}
QString CryptographicRandomString(const int len) {
const QString UseCharacters("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~");
return GetRandomString(len, UseCharacters);
}
QString GetRandomString(const int len, const QString &UseCharacters) {
QString randstr;

View File

@ -150,6 +150,7 @@ bool IsLaptop();
QString GetRandomStringWithChars(const int len);
QString GetRandomStringWithCharsAndNumbers(const int len);
QString CryptographicRandomString(const int len);
QString GetRandomString(const int len, const QString &UseCharacters);
QString DesktopEnvironment();

View File

@ -25,6 +25,7 @@
#include <QObject>
#include <QStandardPaths>
#include <QDesktopServices>
#include <QCryptographicHash>
#include <QByteArray>
#include <QPair>
#include <QList>
@ -47,6 +48,7 @@
#include "core/network.h"
#include "core/database.h"
#include "core/song.h"
#include "core/utilities.h"
#include "internet/internetsearch.h"
#include "collection/collectionbackend.h"
#include "collection/collectionmodel.h"
@ -241,14 +243,19 @@ void TidalService::StartAuthorisation() {
timer_login_attempt_->setInterval(kTimeResetLoginAttempts);
timer_login_attempt_->start();
const ParamList params = ParamList()
//<< Param("response_type", "token")
<< Param("response_type", "code")
<< Param("code_challenge", "T36p0vieh1pnvNNsG-0kNNpZIk4ZuP8vna5ZAtooxqo")
<< Param("code_challenge_method", "S256")
<< Param("redirect_uri", kOAuthRedirectUrl)
<< Param("client_id", client_id_)
<< Param("scope", "r_usr w_usr");
code_verifier_ = Utilities::CryptographicRandomString(44);
code_challenge_ = QString(QCryptographicHash::hash(code_verifier_.toUtf8(), QCryptographicHash::Sha256).toBase64(QByteArray::Base64UrlEncoding));
if (code_challenge_.lastIndexOf(QChar('=')) == code_challenge_.length() - 1) {
code_challenge_.chop(1);
}
const ParamList params = ParamList() << Param("response_type", "code")
<< Param("code_challenge", code_challenge_)
<< Param("code_challenge_method", "S256")
<< Param("redirect_uri", kOAuthRedirectUrl)
<< Param("client_id", client_id_)
<< Param("scope", "r_usr w_usr");
QUrlQuery url_query;
for (const Param &param : params) {
@ -296,11 +303,11 @@ void TidalService::AuthorisationUrlReceived(const QUrl &url) {
QString state = url_query.queryItemValue("state");
const ParamList params = ParamList() << Param("code", code)
<< Param("client_id", client_id_)
<< Param("grant_type", "authorization_code")
<< Param("redirect_uri", kOAuthRedirectUrl)
<< Param("scope", "r_usr w_usr")
<< Param("code_verifier", "128,113,65,59,36,187,64,14,99,32,149,202,178,5,165,106,14,184,157,42,5,198,243,245,75,115,227,169,183,199,216,67,42,202,105,33,1");
<< Param("client_id", client_id_)
<< Param("grant_type", "authorization_code")
<< Param("redirect_uri", kOAuthRedirectUrl)
<< Param("scope", "r_usr w_usr")
<< Param("code_verifier", code_verifier_);
QUrlQuery url_query;
for (const Param &param : params) {
@ -344,9 +351,11 @@ void TidalService::AccessTokenRequestFinished(QNetworkReply *reply) {
QString failure_reason;
if (json_error.error == QJsonParseError::NoError && !json_doc.isNull() && !json_doc.isEmpty() && json_doc.isObject()) {
QJsonObject json_obj = json_doc.object();
if (!json_obj.isEmpty() && json_obj.contains("redirectUri")) {
QString redirect_uri = json_obj["redirectUri"].toString();
failure_reason = QString("Authentication failure: %1").arg(redirect_uri);
if (!json_obj.isEmpty() && json_obj.contains("status") && json_obj.contains("userMessage")) {
int status = json_obj["status"].toInt();
int sub_status = json_obj["subStatus"].toInt();
QString user_message = json_obj["userMessage"].toString();
failure_reason = QString("Authentication failure: %1 (%2) (%3)").arg(user_message).arg(status).arg(sub_status);
}
}
if (failure_reason.isEmpty()) {

View File

@ -229,6 +229,9 @@ class TidalService : public InternetService {
bool login_sent_;
int login_attempts_;
QString code_verifier_;
QString code_challenge_;
QList<TidalStreamURLRequest*> stream_url_requests_;
};