diff options
Diffstat (limited to 'imap/src/c-client/auth_bea.c')
-rw-r--r-- | imap/src/c-client/auth_bea.c | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/imap/src/c-client/auth_bea.c b/imap/src/c-client/auth_bea.c index 683d769f..b9bf61e1 100644 --- a/imap/src/c-client/auth_bea.c +++ b/imap/src/c-client/auth_bea.c @@ -11,7 +11,7 @@ * ======================================================================== */ -long auth_oauthbearer_client (authchallenge_t challenger,authrespond_t responder, +long auth_oauthbearer_client (authchallenge_t challenger,authrespond_t responder, char *base, char *service,NETMBX *mb,void *stream, unsigned long port, unsigned long *trial,char *user); #ifndef HTTP_OAUTH2_INCLUDED @@ -19,7 +19,7 @@ void mm_login_oauth2_c_client_method (NETMBX *, char *, char *, OAUTH2_S *, unsi #endif /* HTTP_OAUTH2_INCLUDED */ AUTHENTICATOR auth_bea = { - AU_HIDE, /* hidden */ + AU_HIDE | AU_SINGLE, /* hidden, single trip */ BEARERNAME, /* authenticator name */ NIL, /* always valid */ auth_oauthbearer_client, /* client method */ @@ -77,7 +77,7 @@ char *oauth2_generate_state(void) * Returns: T if success, NIL otherwise, number of trials incremented if retry */ -long auth_oauthbearer_client (authchallenge_t challenger,authrespond_t responder, +long auth_oauthbearer_client (authchallenge_t challenger,authrespond_t responder,char *base, char *service,NETMBX *mb,void *stream, unsigned long port, unsigned long *trial,char *user) { @@ -94,12 +94,14 @@ long auth_oauthbearer_client (authchallenge_t challenger,authrespond_t responder mm_log ("SECURITY PROBLEM: insecure server advertised AUTH=OAUTHBEARER",WARN); /* get initial (empty) challenge */ - if ((challenge = (*challenger) (stream,&clen)) != NULL) { - fs_give ((void **) &challenge); - if (clen) { /* abort if challenge non-empty */ - mm_log ("Server bug: non-empty initial OAUTHBEARER challenge",WARN); - (*responder) (stream,NIL,0); - ret = LONGT; /* will get a BAD response back */ + if (base || (challenge = (*challenger) (stream,&clen)) != NULL) { + if(base == NIL){ + fs_give ((void **) &challenge); + if (clen) { /* abort if challenge non-empty */ + mm_log ("Server bug: non-empty initial OAUTHBEARER challenge",WARN); + (*responder) (stream,NIL,NIL,0); + ret = LONGT; /* will get a BAD response back */ + } } mm_login_method (mb, user, (void *) &oauth2, *trial, BEARERNAME); @@ -137,7 +139,7 @@ long auth_oauthbearer_client (authchallenge_t challenger,authrespond_t responder /* empty challenge or user requested abort or client does not have info */ if(!oauth2.access_token) { - (*responder) (stream,NIL,0); + (*responder) (stream,NIL,NIL,0); *trial = 0; /* cancel subsequent attempts */ ret = LONGT; /* will get a BAD response back */ } @@ -166,7 +168,7 @@ long auth_oauthbearer_client (authchallenge_t challenger,authrespond_t responder for (u = oauth2.access_token; *u; *t++ = *u++); *t++ = '\001'; /* delimiting ^A */ *t++ = '\001'; /* delimiting ^A */ - if ((*responder) (stream,response,rlen)) { + if ((*responder) (stream,base,response,rlen)) { if ((challenge = (*challenger) (stream,&clen)) != NULL) fs_give ((void **) &challenge); else { |