Committer: ssafronova
LJSUP-7762: Mail.ru connectU trunk/cgi-bin/LJ/Identity/MailRU.pm U trunk/htdocs/identity/callback-mailru.bml A trunk/htdocs/identity/callback-mailru.bml.text.local
Modified: trunk/cgi-bin/LJ/Identity/MailRU.pm =================================================================== --- trunk/cgi-bin/LJ/Identity/MailRU.pm 2011-02-21 12:38:56 UTC (rev 10094) +++ trunk/cgi-bin/LJ/Identity/MailRU.pm 2011-02-21 12:58:39 UTC (rev 10095) @@ -16,9 +16,9 @@ my ($class, $errs, %opts) = @_; my $forwhat = $opts{'forwhat'} || 'login'; + my $chal = LJ::challenge_generate(45 * 60); # 45 minutes - my $callback_url = "$LJ::SITEROOT/identity/callback-mailru.bml?" . - 'forwhat=' . $forwhat; + my $callback_url = "$LJ::SITEROOT/identity/callback-mailru.bml?forwhat=$forwhat&chal=$chal"; my $addr = 'https://connect.mail.ru/oauth/authorize?' . "client_id=$LJ::MAILRU_CONNECT_CLIENT_ID&" . @@ -79,10 +79,12 @@ 200 Permission error: the application does not have permission to perform this action. =cut - my $userdata = eval { LJ::JSON->from_json($res->content) }; - die "Strange answer from mail.ru about '$fields{uids}', error: $@, returned: <" . $res->content . ">" + my $result = eval { $res->content }; + my $userdata = eval { LJ::JSON->from_json($result) }; + die "timeout" if $@ and $res and HTTP::Status::is_server_error($res->code) and $result =~ /timeout/i; + die "Strange answer from mail.ru about '$fields{uids}', error: $@, returned: <$result>" if $@; - die "Strange answer rom mail.ru about '$fields{uids}', not an array ref, returned: <" . $res->content . ">" + die "Strange answer rom mail.ru about '$fields{uids}', not an array ref, returned: <$result>" unless ref $userdata eq 'ARRAY'; $userdata = $userdata->[0]; Modified: trunk/htdocs/identity/callback-mailru.bml =================================================================== --- trunk/htdocs/identity/callback-mailru.bml 2011-02-21 12:38:56 UTC (rev 10094) +++ trunk/htdocs/identity/callback-mailru.bml 2011-02-21 12:58:39 UTC (rev 10095) @@ -37,10 +37,15 @@ return '<?errorbar Mail.ru connectivity error errorbar?>'; } + my $chal = LJ::Request->get_param('chal'); + unless (LJ::challenge_check($chal)) { + $title = $ML{'.timeout'}; + return "<?errorbar $ML{'.please.try.again'} errorbar?>" + } + # "redirect_uri — адрес вашей принимающей страницы, который вы указывали при обращении к /oauth/authorize" # cite from http://api.mail.ru/docs/guides/oauth/sites/ (russian only) - my $selfurl = "$LJ::SITEROOT/identity/callback-mailru.bml?" . - 'forwhat=' . $forwhat; + my $selfurl = "$LJ::SITEROOT/identity/callback-mailru.bml?forwhat=$forwhat&chal=$chal"; my $ua = LJ::get_useragent( 'role' => 'mailru_auth' ); my $res = $ua->post('https://connect.mail.ru/oauth/token', @@ -64,7 +69,17 @@ my $created; # x_mailru_vid from authorization_code grant_type, mailru_vid from password grant type # I am afraid of mistyping in documentation - my $u = LJ::User::load_identity_user('M', $params->{'x_mailru_vid'} || $params->{'mailru_vid'}, $params, \$created); + my $u = eval { LJ::User::load_identity_user('M', $params->{'x_mailru_vid'} || $params->{'mailru_vid'}, $params, \$created); }; + if ($@) { + my $err = $@; + if ($err eq 'timeout') { + $title = $ML{'.timeout'}; + return "<?errorbar $ML{'.please.try.again'} errorbar?>" + } else { + warn $err if $LJ::IS_DEV_SERVER; + return '<?errorbar Mail.ru connectivity error errorbar?>'; + } + } # send out a P3P header thing so as to work around IE's # unwillingness to receive our cookies while we're in an iframe Added: trunk/htdocs/identity/callback-mailru.bml.text.local =================================================================== --- trunk/htdocs/identity/callback-mailru.bml.text.local (rev 0) +++ trunk/htdocs/identity/callback-mailru.bml.text.local 2011-02-21 12:58:39 UTC (rev 10095) @@ -0,0 +1,3 @@ +.please.try.again=Please try again + +.timeout=Timeout