ssafronova (ssafronova) wrote in changelog,
ssafronova
ssafronova
changelog

[ljcom] r10095: LJSUP-7762: Mail.ru connect

Committer: ssafronova
LJSUP-7762: Mail.ru connect
U   trunk/cgi-bin/LJ/Identity/MailRU.pm
U   trunk/htdocs/identity/callback-mailru.bml
A   trunk/htdocs/identity/callback-mailru.bml.text.local
Modified: trunk/cgi-bin/LJ/Identity/MailRU.pm
===================================================================
--- trunk/cgi-bin/LJ/Identity/MailRU.pm	2011-02-21 12:38:56 UTC (rev 10094)
+++ trunk/cgi-bin/LJ/Identity/MailRU.pm	2011-02-21 12:58:39 UTC (rev 10095)
@@ -16,9 +16,9 @@
     my ($class, $errs, %opts) = @_;
 
     my $forwhat = $opts{'forwhat'} || 'login';
+    my $chal = LJ::challenge_generate(45 * 60); # 45 minutes
 
-    my $callback_url = "$LJ::SITEROOT/identity/callback-mailru.bml?" .
-                       'forwhat=' . $forwhat;
+    my $callback_url = "$LJ::SITEROOT/identity/callback-mailru.bml?forwhat=$forwhat&chal=$chal";
 
     my $addr = 'https://connect.mail.ru/oauth/authorize?' .
                "client_id=$LJ::MAILRU_CONNECT_CLIENT_ID&" .
@@ -79,10 +79,12 @@
 200 Permission error: the application does not have permission to perform this action.
 =cut
 
-    my $userdata = eval { LJ::JSON->from_json($res->content) };
-    die "Strange answer from mail.ru about '$fields{uids}', error: $@, returned: <" . $res->content . ">"
+    my $result = eval { $res->content };
+    my $userdata = eval { LJ::JSON->from_json($result) };
+    die "timeout" if $@ and $res and HTTP::Status::is_server_error($res->code) and $result =~ /timeout/i;
+    die "Strange answer from mail.ru about '$fields{uids}', error: $@, returned: <$result>"
         if $@;
-    die "Strange answer rom mail.ru about '$fields{uids}', not an array ref,  returned: <" . $res->content . ">"
+    die "Strange answer rom mail.ru about '$fields{uids}', not an array ref,  returned: <$result>"
         unless ref $userdata eq 'ARRAY';
     $userdata = $userdata->[0];
 

Modified: trunk/htdocs/identity/callback-mailru.bml
===================================================================
--- trunk/htdocs/identity/callback-mailru.bml	2011-02-21 12:38:56 UTC (rev 10094)
+++ trunk/htdocs/identity/callback-mailru.bml	2011-02-21 12:58:39 UTC (rev 10095)
@@ -37,10 +37,15 @@
         return '<?errorbar Mail.ru connectivity error errorbar?>';
     }
 
+    my $chal = LJ::Request->get_param('chal');
+    unless (LJ::challenge_check($chal)) {
+        $title = $ML{'.timeout'};
+        return "<?errorbar $ML{'.please.try.again'}  errorbar?>"
+    }
+
     # "redirect_uri — адрес вашей принимающей страницы, который вы указывали при обращении к /oauth/authorize"
     # cite from http://api.mail.ru/docs/guides/oauth/sites/ (russian only)
-    my $selfurl = "$LJ::SITEROOT/identity/callback-mailru.bml?" .
-                  'forwhat=' . $forwhat;
+    my $selfurl = "$LJ::SITEROOT/identity/callback-mailru.bml?forwhat=$forwhat&chal=$chal";
 
     my $ua = LJ::get_useragent( 'role' => 'mailru_auth' );
     my $res = $ua->post('https://connect.mail.ru/oauth/token',
@@ -64,7 +69,17 @@
     my $created;
     # x_mailru_vid from authorization_code grant_type, mailru_vid from password grant type
     # I am afraid of mistyping in documentation
-    my $u = LJ::User::load_identity_user('M', $params->{'x_mailru_vid'} || $params->{'mailru_vid'}, $params, \$created);
+    my $u = eval { LJ::User::load_identity_user('M', $params->{'x_mailru_vid'} || $params->{'mailru_vid'}, $params, \$created); };
+    if ($@) {
+        my $err = $@;
+        if ($err eq 'timeout') {
+            $title = $ML{'.timeout'};
+            return "<?errorbar $ML{'.please.try.again'}  errorbar?>"
+        } else {
+            warn $err if $LJ::IS_DEV_SERVER;
+            return '<?errorbar Mail.ru connectivity error errorbar?>';
+        }
+    }
 
     # send out a P3P header thing so as to work around IE's
     # unwillingness to receive our cookies while we're in an iframe

Added: trunk/htdocs/identity/callback-mailru.bml.text.local
===================================================================
--- trunk/htdocs/identity/callback-mailru.bml.text.local	                        (rev 0)
+++ trunk/htdocs/identity/callback-mailru.bml.text.local	2011-02-21 12:58:39 UTC (rev 10095)
@@ -0,0 +1,3 @@
+.please.try.again=Please try again
+
+.timeout=Timeout

Tags: bml, ljcom, local, pm, ssafronova
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments