Пример #1
0
func parseForm(m map[string][]string, query string) (err os.Error) {
	data := make(map[string]*vector.StringVector)
	for _, kv := range strings.Split(query, "&", 0) {
		kvPair := strings.Split(kv, "=", 2)

		var key, value string
		var e os.Error
		key, e = http.URLUnescape(kvPair[0])
		if e == nil && len(kvPair) > 1 {
			value, e = http.URLUnescape(kvPair[1])
		}
		if e != nil {
			err = e
		}

		vec, ok := data[key]
		if !ok {
			vec = new(vector.StringVector)
			data[key] = vec
		}
		vec.Push(value)
	}

	for k, vec := range data {
		m[k] = vec.Data()
	}

	return
}
Пример #2
0
func AuthHandler(c http.ResponseWriter, r *http.Request) {
	var o = new(openid.OpenID)
	o.ParseRPUrl(r.RawURL)
	grant, e := o.Verify()
	if e != nil {
		emsg := fmt.Sprintln("Error in openid auth handler:", e)
		fmt.Println(emsg)
		fmt.Fprintln(c, emsg)
		return
	}
	if !grant {
		fmt.Println("Permission denied!")
		fmt.Fprintln(c, "Access denied by user or internal error.")
		return
	}
	s := session.Get(c, r)
	fmt.Println("Permission granted!")
	fmt.Println(o)
	wantedValues := []string{"value.email", "value.first", "value.last", "value.country", "value.lang"}
	for _, wantedValue := range wantedValues {
		value, _ := http.URLUnescape(o.Params["openid.ext1."+wantedValue])
		s.Set("openid-"+wantedValue[len("value."):], value)
	}
	id, _ := http.URLUnescape(o.Params["openid.ext1.value.email"])
	continueURL := s.Get("openid-continue-url")
	if continueURL == "" {
		continueURL = "/"
	}
	fmt.Println(c, r, continueURL)
	http.Redirect(c, r, continueURL, 307)
	fmt.Fprintln(c, "Authenticated as", id)
	return
}
Пример #3
0
// Given the path componennt of the request URL and the request method, find
// the handler and path parameters.
func (router *Router) find(path string, method string) (Handler, []string, []string) {
	for i := 0; i < router.routes.Len(); i++ {
		r := router.routes.At(i).(*route)
		values := r.regexp.FindStringSubmatch(path)
		if len(values) == 0 {
			continue
		}
		if r.addSlash && path[len(path)-1] != '/' {
			return HandlerFunc(addSlash), nil, nil
		}
		values = values[1:]
		for j := 0; j < len(values); j++ {
			if value, e := http.URLUnescape(values[j]); e != nil {
				return &routerError{400, "Bad request."}, nil, nil
			} else {
				values[j] = value
			}
		}
		if handler := r.handlers[method]; handler != nil {
			return handler, r.names, values
		}
		if method == "HEAD" {
			if handler := r.handlers["GET"]; handler != nil {
				return handler, r.names, values
			}
		}
		if handler := r.handlers["*"]; handler != nil {
			return handler, r.names, values
		}
		return &routerError{405, "Method not supported."}, nil, nil
	}
	return &routerError{404, "Not found."}, nil, nil
}
Пример #4
0
func (o *OpenID) VerifyDirect() (grant bool, err os.Error) {
	grant = false
	err = nil

	o.Params["openid.mode"] = "check_authentication"

	headers := make(http.Header, 1)
	headers.Add("Content-Type", "application/x-www-form-urlencoded")

	url, _ := http.URLUnescape(o.Params["openid.op_endpoint"])
	fmt.Printf("Verification: %s\nParams: %s\n", url, mapToUrlEnc(o.Params))
	r, error := post(url,
		headers,
		bytes.NewBuffer([]byte(mapToUrlEnc(o.Params))))
	if error != nil {
		fmt.Printf("erreur: %s\n", error.String())
		err = error
		return
	}
	fmt.Printf("Post done\n")
	if r != nil {
		buffer := make([]byte, 1024)
		fmt.Printf("Buffer created\n")
		io.ReadFull(r.Body, buffer)
		fmt.Printf("Body extracted: %s\n", buffer)
		grant, err = regexp.Match("is_valid:true", buffer)
		fmt.Printf("Response: %v\n", grant)
	} else {
		err = os.ErrorString("No response from POST verification")
		return
	}

	return
}
Пример #5
0
// For login authentication from picasa.
// TODO: Add error handling.
func AuthHandler(c http.ResponseWriter, r *http.Request) {
	// Get the token supplied in the URL.
	picasaLen := len("token=")
	url, _ := http.URLUnescape(r.URL.RawQuery)
	token := url[picasaLen:]
	fmt.Println(token, r.URL.RawQuery)

	// Try to upgrade the token to a multi-use one. See
	// http://code.google.com/apis/accounts/docs/AuthSub.html
	req := picasa.NewRequest("https://www.google.com/accounts/accounts/AuthSubSessionToken", token, "GET")
	resp, e := picasa.Send(req)

	// Get the upgraded token value
	body, e := ioutil.ReadAll(resp.Body)
	if e != nil {
		fmt.Println(e)
	}
	resp.Body.Close()
	if len(body) <= picasaLen {
		dlog.Println("Invalid or missing token! Response received was:", body)
		template.Error500(c, r, nil)
	}
	upgradedToken := body[picasaLen:]
	fmt.Println("Upgraded Token: ", string(upgradedToken))

	// Finally, save the upgraded token in the server-side session.
	u, _ := user.Get(c, r)
	u.Set("picasa-authsub-token", string(upgradedToken))
	http.Redirect(c, r, "/photos/upload", http.StatusFound)
}
Пример #6
0
// find the handler and path parameters given the path component of the request
// URL and the request method.
func (router *Router) find(path string, method string) (Handler, []string, []string) {
	for _, r := range router.routes {
		values := r.regexp.FindStringSubmatch(path)
		if len(values) == 0 {
			continue
		}
		if r.addSlash && path[len(path)-1] != '/' {
			return HandlerFunc(addSlash), nil, nil
		}
		values = values[1:]
		for j := 0; j < len(values); j++ {
			if value, e := http.URLUnescape(values[j]); e != nil {
				return routerError(StatusNotFound), nil, nil
			} else {
				values[j] = value
			}
		}
		if handler := r.handlers[method]; handler != nil {
			return handler, r.names, values
		}
		if method == "HEAD" {
			if handler := r.handlers["GET"]; handler != nil {
				return handler, r.names, values
			}
		}
		if handler := r.handlers["*"]; handler != nil {
			return handler, r.names, values
		}
		return routerError(StatusMethodNotAllowed), nil, nil
	}
	return routerError(StatusNotFound), nil, nil
}
Пример #7
0
func tfquery(req *http.Request) {
	query := strings.Split(req.URL.RawQuery, "&", 0)

	//fmt.Printf("path : %v\n", path)
	//fmt.Printf("query: %v\n", query)

	for i := 0; i < len(query); i++ {
		nv := strings.Split(query[i], "=", 2)
		if len(nv) == 2 {
			switch nv[0] {
			case "b":
				begindate = nv[1]
			case "e":
				enddate = nv[1]
			case "t":
				title, _ = http.URLUnescape(nv[1])
			case "c":
				tcount, _ = strconv.Atoi(nv[1])
			case "l":
				lineheight, _ = strconv.Atoi64(nv[1])
			case "p":
				picwidth, _ = strconv.Atoi64(nv[1])
			case "s":
				spacing, _ = strconv.Atoi(nv[1])
			case "m":
				markerwidth, _ = strconv.Atoi64(nv[1])
			}
		}
		//fmt.Printf("nv: %v\n", nv)
		//showparams("Using  ")
	}
}
Пример #8
0
// credentials returns oauth credentials stored in cookie with name key.
func credentials(req *web.Request, key string) (*oauth.Credentials, os.Error) {
	s := req.Cookie.Get(key)
	if s == "" {
		return nil, os.NewError("main: missing cookie")
	}
	a := strings.Split(s, "/", -1)
	if len(a) != 2 {
		return nil, os.NewError("main: bad credential cookie")
	}
	token, err := http.URLUnescape(a[0])
	if err != nil {
		return nil, os.NewError("main: bad credential cookie")
	}
	secret, err := http.URLUnescape(a[1])
	if err != nil {
		return nil, os.NewError("main: bad credential cookie")
	}
	return &oauth.Credentials{token, secret}, nil
}
Пример #9
0
func login(w http.ResponseWriter, r *http.Request) {
	c := appengine.NewContext(r)
	u := user.Current(c)
	if u == nil {
		url, err := user.LoginURL(c, "/")
		if err != nil {
			http.Error(w, err.String(), http.StatusInternalServerError)
			return
		}
		// Temporary band-aid for development
		url, err = http.URLUnescape(url)
		if err != nil {
			http.Error(w, err.String(), http.StatusInternalServerError)
			return
		}
		url = strings.Replace(url, "http://localhost:8080", "", 1)
		http.Redirect(w, r, url, http.StatusFound)
		return
	}
	http.Redirect(w, r, "/", http.StatusFound)
}
Пример #10
0
// readCookies parses all "Cookie" values from
// the header h, removes the successfully parsed values from the
// "Cookie" key in h and returns the parsed Cookies.
func readCookies(h http.Header) []*http.Cookie {
	cookies := []*http.Cookie{}
	lines, ok := h["Cookie"]
	if !ok {
		return cookies
	}
	unparsedLines := []string{}
	for _, line := range lines {
		parts := strings.Split(strings.TrimSpace(line), ";")
		if len(parts) == 1 && parts[0] == "" {
			continue
		}
		// Per-line attributes
		var lineCookies = make(map[string]string)
		var path string
		var domain string
		var httponly bool
		for i := 0; i < len(parts); i++ {
			parts[i] = strings.TrimSpace(parts[i])
			if len(parts[i]) == 0 {
				continue
			}
			attr, val := parts[i], ""
			var err os.Error
			if j := strings.Index(attr, "="); j >= 0 {
				attr, val = attr[:j], attr[j+1:]
				val, err = http.URLUnescape(val)
				if err != nil {
					continue
				}
			}
			switch strings.ToLower(attr) {
			case "$httponly":
				httponly = true
			case "$domain":
				domain = val
				// TODO: Add domain parsing
			case "$path":
				path = val
				// TODO: Add path parsing
			default:
				lineCookies[attr] = val
			}
		}
		if len(lineCookies) == 0 {
			unparsedLines = append(unparsedLines, line)
		}
		for n, v := range lineCookies {
			cookies = append(cookies, &http.Cookie{
				Name:     n,
				Value:    v,
				Path:     path,
				Domain:   domain,
				HttpOnly: httponly,
				MaxAge:   -1,
				Raw:      line,
			})
		}
	}
	h["Cookie"] = unparsedLines, len(unparsedLines) > 0
	return cookies
}