func parseForm(m map[string][]string, query string) (err os.Error) {
data := make(map[string]*vector.StringVector)
for _, kv := range strings.Split(query, "&", 0) {
kvPair := strings.Split(kv, "=", 2)
var key, value string
var e os.Error
key, e = http.URLUnescape(kvPair[0])
if e == nil && len(kvPair) > 1 {
value, e = http.URLUnescape(kvPair[1])
}
if e != nil {
err = e
}
vec, ok := data[key]
if !ok {
vec = new(vector.StringVector)
data[key] = vec
}
vec.Push(value)
}
for k, vec := range data {
m[k] = vec.Data()
}
return
}
func AuthHandler(c http.ResponseWriter, r *http.Request) {
var o = new(openid.OpenID)
o.ParseRPUrl(r.RawURL)
grant, e := o.Verify()
if e != nil {
emsg := fmt.Sprintln("Error in openid auth handler:", e)
fmt.Println(emsg)
fmt.Fprintln(c, emsg)
return
}
if !grant {
fmt.Println("Permission denied!")
fmt.Fprintln(c, "Access denied by user or internal error.")
return
}
s := session.Get(c, r)
fmt.Println("Permission granted!")
fmt.Println(o)
wantedValues := []string{"value.email", "value.first", "value.last", "value.country", "value.lang"}
for _, wantedValue := range wantedValues {
value, _ := http.URLUnescape(o.Params["openid.ext1."+wantedValue])
s.Set("openid-"+wantedValue[len("value."):], value)
}
id, _ := http.URLUnescape(o.Params["openid.ext1.value.email"])
continueURL := s.Get("openid-continue-url")
if continueURL == "" {
continueURL = "/"
}
fmt.Println(c, r, continueURL)
http.Redirect(c, r, continueURL, 307)
fmt.Fprintln(c, "Authenticated as", id)
return
}
// Given the path componennt of the request URL and the request method, find
// the handler and path parameters.
func (router *Router) find(path string, method string) (Handler, []string, []string) {
for i := 0; i < router.routes.Len(); i++ {
r := router.routes.At(i).(*route)
values := r.regexp.FindStringSubmatch(path)
if len(values) == 0 {
continue
}
if r.addSlash && path[len(path)-1] != '/' {
return HandlerFunc(addSlash), nil, nil
}
values = values[1:]
for j := 0; j < len(values); j++ {
if value, e := http.URLUnescape(values[j]); e != nil {
return &routerError{400, "Bad request."}, nil, nil
} else {
values[j] = value
}
}
if handler := r.handlers[method]; handler != nil {
return handler, r.names, values
}
if method == "HEAD" {
if handler := r.handlers["GET"]; handler != nil {
return handler, r.names, values
}
}
if handler := r.handlers["*"]; handler != nil {
return handler, r.names, values
}
return &routerError{405, "Method not supported."}, nil, nil
}
return &routerError{404, "Not found."}, nil, nil
}
func (o *OpenID) VerifyDirect() (grant bool, err os.Error) {
grant = false
err = nil
o.Params["openid.mode"] = "check_authentication"
headers := make(http.Header, 1)
headers.Add("Content-Type", "application/x-www-form-urlencoded")
url, _ := http.URLUnescape(o.Params["openid.op_endpoint"])
fmt.Printf("Verification: %s\nParams: %s\n", url, mapToUrlEnc(o.Params))
r, error := post(url,
headers,
bytes.NewBuffer([]byte(mapToUrlEnc(o.Params))))
if error != nil {
fmt.Printf("erreur: %s\n", error.String())
err = error
return
}
fmt.Printf("Post done\n")
if r != nil {
buffer := make([]byte, 1024)
fmt.Printf("Buffer created\n")
io.ReadFull(r.Body, buffer)
fmt.Printf("Body extracted: %s\n", buffer)
grant, err = regexp.Match("is_valid:true", buffer)
fmt.Printf("Response: %v\n", grant)
} else {
err = os.ErrorString("No response from POST verification")
return
}
return
}
// For login authentication from picasa.
// TODO: Add error handling.
func AuthHandler(c http.ResponseWriter, r *http.Request) {
// Get the token supplied in the URL.
picasaLen := len("token=")
url, _ := http.URLUnescape(r.URL.RawQuery)
token := url[picasaLen:]
fmt.Println(token, r.URL.RawQuery)
// Try to upgrade the token to a multi-use one. See
// http://code.google.com/apis/accounts/docs/AuthSub.html
req := picasa.NewRequest("https://www.google.com/accounts/accounts/AuthSubSessionToken", token, "GET")
resp, e := picasa.Send(req)
// Get the upgraded token value
body, e := ioutil.ReadAll(resp.Body)
if e != nil {
fmt.Println(e)
}
resp.Body.Close()
if len(body) <= picasaLen {
dlog.Println("Invalid or missing token! Response received was:", body)
template.Error500(c, r, nil)
}
upgradedToken := body[picasaLen:]
fmt.Println("Upgraded Token: ", string(upgradedToken))
// Finally, save the upgraded token in the server-side session.
u, _ := user.Get(c, r)
u.Set("picasa-authsub-token", string(upgradedToken))
http.Redirect(c, r, "/photos/upload", http.StatusFound)
}
// find the handler and path parameters given the path component of the request
// URL and the request method.
func (router *Router) find(path string, method string) (Handler, []string, []string) {
for _, r := range router.routes {
values := r.regexp.FindStringSubmatch(path)
if len(values) == 0 {
continue
}
if r.addSlash && path[len(path)-1] != '/' {
return HandlerFunc(addSlash), nil, nil
}
values = values[1:]
for j := 0; j < len(values); j++ {
if value, e := http.URLUnescape(values[j]); e != nil {
return routerError(StatusNotFound), nil, nil
} else {
values[j] = value
}
}
if handler := r.handlers[method]; handler != nil {
return handler, r.names, values
}
if method == "HEAD" {
if handler := r.handlers["GET"]; handler != nil {
return handler, r.names, values
}
}
if handler := r.handlers["*"]; handler != nil {
return handler, r.names, values
}
return routerError(StatusMethodNotAllowed), nil, nil
}
return routerError(StatusNotFound), nil, nil
}
func tfquery(req *http.Request) {
query := strings.Split(req.URL.RawQuery, "&", 0)
//fmt.Printf("path : %v\n", path)
//fmt.Printf("query: %v\n", query)
for i := 0; i < len(query); i++ {
nv := strings.Split(query[i], "=", 2)
if len(nv) == 2 {
switch nv[0] {
case "b":
begindate = nv[1]
case "e":
enddate = nv[1]
case "t":
title, _ = http.URLUnescape(nv[1])
case "c":
tcount, _ = strconv.Atoi(nv[1])
case "l":
lineheight, _ = strconv.Atoi64(nv[1])
case "p":
picwidth, _ = strconv.Atoi64(nv[1])
case "s":
spacing, _ = strconv.Atoi(nv[1])
case "m":
markerwidth, _ = strconv.Atoi64(nv[1])
}
}
//fmt.Printf("nv: %v\n", nv)
//showparams("Using ")
}
}
// credentials returns oauth credentials stored in cookie with name key.
func credentials(req *web.Request, key string) (*oauth.Credentials, os.Error) {
s := req.Cookie.Get(key)
if s == "" {
return nil, os.NewError("main: missing cookie")
}
a := strings.Split(s, "/", -1)
if len(a) != 2 {
return nil, os.NewError("main: bad credential cookie")
}
token, err := http.URLUnescape(a[0])
if err != nil {
return nil, os.NewError("main: bad credential cookie")
}
secret, err := http.URLUnescape(a[1])
if err != nil {
return nil, os.NewError("main: bad credential cookie")
}
return &oauth.Credentials{token, secret}, nil
}
func login(w http.ResponseWriter, r *http.Request) {
c := appengine.NewContext(r)
u := user.Current(c)
if u == nil {
url, err := user.LoginURL(c, "/")
if err != nil {
http.Error(w, err.String(), http.StatusInternalServerError)
return
}
// Temporary band-aid for development
url, err = http.URLUnescape(url)
if err != nil {
http.Error(w, err.String(), http.StatusInternalServerError)
return
}
url = strings.Replace(url, "http://localhost:8080", "", 1)
http.Redirect(w, r, url, http.StatusFound)
return
}
http.Redirect(w, r, "/", http.StatusFound)
}
// readCookies parses all "Cookie" values from
// the header h, removes the successfully parsed values from the
// "Cookie" key in h and returns the parsed Cookies.
func readCookies(h http.Header) []*http.Cookie {
cookies := []*http.Cookie{}
lines, ok := h["Cookie"]
if !ok {
return cookies
}
unparsedLines := []string{}
for _, line := range lines {
parts := strings.Split(strings.TrimSpace(line), ";")
if len(parts) == 1 && parts[0] == "" {
continue
}
// Per-line attributes
var lineCookies = make(map[string]string)
var path string
var domain string
var httponly bool
for i := 0; i < len(parts); i++ {
parts[i] = strings.TrimSpace(parts[i])
if len(parts[i]) == 0 {
continue
}
attr, val := parts[i], ""
var err os.Error
if j := strings.Index(attr, "="); j >= 0 {
attr, val = attr[:j], attr[j+1:]
val, err = http.URLUnescape(val)
if err != nil {
continue
}
}
switch strings.ToLower(attr) {
case "$httponly":
httponly = true
case "$domain":
domain = val
// TODO: Add domain parsing
case "$path":
path = val
// TODO: Add path parsing
default:
lineCookies[attr] = val
}
}
if len(lineCookies) == 0 {
unparsedLines = append(unparsedLines, line)
}
for n, v := range lineCookies {
cookies = append(cookies, &http.Cookie{
Name: n,
Value: v,
Path: path,
Domain: domain,
HttpOnly: httponly,
MaxAge: -1,
Raw: line,
})
}
}
h["Cookie"] = unparsedLines, len(unparsedLines) > 0
return cookies
}