Merge into trunk : restrict-domains : Code : libubuntuone

Status:

Merged

Approved by:

Rodrigo Moya on 2010-03-25

Approved revision:

72

Merged at revision:

not available

Proposed branch:

lp:~sil/libubuntuone/restrict-domains

Merge into:

lp:libubuntuone

Diff against target:

348 lines (+234/-55)

4 files modified

data/Makefile.am (+2/-0)
data/outside_domain.html (+56/-0)
data/trying_sso.html (+58/-0)
libubuntuone/u1-music-store.c (+118/-55)

To merge this branch:

bzr merge lp:~sil/libubuntuone/restrict-domains

High

Fix Released

Link a bug report

Reviewer	Date Requested	Status
Rodrigo Moya (community)		Approve on 2010-03-25
Tim Cole (community)	2010-03-24	Approve on 2010-03-24
Review via email: mp+22063@code.launchpad.net

Commit message

Trap URLs that lead out of the Music Store (either to the non-U1 7digital.com, or to Ubuntu One authentication URLs) and show an error page instead, along with a way of logging the error in querystrings so that we can identify that it happened.

Description of the change

Trap URLs that lead out of the Music Store (either to the non-U1 7digital.com, or to Ubuntu One authentication URLs) and show an error page instead, along with a way of logging the error in querystrings so that we can identify that it happened.

Revision history for this message

Martin Albisetti (beuno) wrote on 2010-03-24:

#

59 +<h2>There was a problem with what you just tried to do. Please go back and try something different.</h2>

I'm not sure that's the best error message ever written.

122 +<h2>An error has occurred. Please ensure that your
123 +computer is connected to Ubuntu One.</h2>

How about a link to somewhere explaining how to do that? I guess that would be an external link :)
Can you open up something in firefox though? or explain right there and then?

Revision history for this message

Tim Cole (tcole) wrote on 2010-03-24:

#

Looks alright. But it does need a better error message. I'd suggest "The link you clicked is currently unsupported. Please try exploring a different part of the music store."

review: Approve

Revision history for this message

Stuart Langridge (sil) wrote on 2010-03-24:

#

beuno: for the latter message, you only get it if the thing that was supposed to open up firefox has failed. This whole branch is there to provide a safety net if there are bugs in the existing code, to stop the user crashing and burning as a result of those bugs. In theory, no-one should ever see the messages.

tcole: I'll change the first one. I was feeling a bit too whimsical when I wrote it :)

lp:~sil/libubuntuone/restrict-domains updated on 2010-03-24

72. By Stuart Langridge on 2010-03-24: slightly less whimsical error message

Revision history for this message

Rodrigo Moya (rodrigo-moya) wrote on 2010-03-25:

#

There are some improvements that can be done on the C code of this branch, but it still is correct as it is, so approving and will add those improvements in other branches

review: Approve

libubuntuone

Merge lp:~sil/libubuntuone/restrict-domains into lp:libubuntuone

Commit message

Description of the change

Preview Diff

Subscribers

 === modified file 'data/Makefile.am'
 --- data/Makefile.am	2010-03-22 10:07:24 +0000
 +++ data/Makefile.am	2010-03-24 23:55:36 +0000
@@ -4,6 +4,8 @@
  	u1-preview.js	\
  	u1-songs-clickable.js	\
  	load_error.html	\
++	outside_domain.html	\
++	trying_sso.html	\
  	connecting.html	\
  	in_development.html	\
  	screen.css	\
 === added file 'data/outside_domain.html'
 --- data/outside_domain.html	1970-01-01 00:00:00 +0000
 +++ data/outside_domain.html	2010-03-24 23:55:36 +0000
@@ -0,0 +1,56 @@
++<!doctype html>
++<html>
++<head>
++<title>Loading error</title>
++<link rel="stylesheet" href="reset.css" type="text/css" media="all">
++<link rel="stylesheet" href="screen.css" type="text/css" media="all">
++<script>
++function goback() {
++    // We should have been passed, to this page, the referrer and the URL they went to in error, separated by :::
++    if (location.search && location.search.indexOf(":::") != -1) {
++        var parts = location.search.substr(1).split(":::");
++        if (parts.length != 2) {
++            history.go(-1);
++        }
++        var from_url = parts[0];
++        var to_url = parts[1];
++        var combining = "&";
++        if (from_url.indexOf("?") == -1) {
++            combining = "?"
++        }
++        var go_back_url = from_url + combining + "went_to_url_in_error=" + escape(to_url);
++        location.href = go_back_url;
++    } else {
++        history.go(-1);
++    }
++}
++</script>
++</head>
++<body class="downloads">
++<div id="header">
++
++<div class="wrap">
++<h1 id="logo">Ubuntu One Music Store</h1>
++
++</div><!-- close .wrap -->
++</div><!-- close #header -->
++
++<div class="superfluous">
++<div id="content">
++<div class="access">
++   <h1>Sorry!</h1>
++<h2>The link you clicked is currently unsupported.
++Please try exploring a different part of the music store.</h2>
++
++<p><button onclick="goback()"><span>Go back</span></button></p>
++</div>
++</div>
++
++</div>
++</div>
++<div id="footer">
++<div class="wrap">
++</div>
++</div>
++</body>
++</html>
 === added file 'data/trying_sso.html'
 --- data/trying_sso.html	1970-01-01 00:00:00 +0000
 +++ data/trying_sso.html	2010-03-24 23:55:36 +0000
@@ -0,0 +1,58 @@
++<!doctype html>
++<html>
++<head>
++<title>Loading error</title>
++<link rel="stylesheet" href="reset.css" type="text/css" media="all">
++<link rel="stylesheet" href="screen.css" type="text/css" media="all">
++<script>
++function carry_on() {
++    // We should have been passed, to this page, the referrer, the URL they
++    // went to in error, and the store front page, separated by :::
++    if (location.search && location.search.indexOf(":::") != -1) {
++        var parts = location.search.substr(1).split(":::");
++        if (parts.length != 3) {
++            history.go(-1);
++        }
++        var from_url = parts[0];
++        var to_url = parts[1];
++        var front_page = parts[2];
++        var combining = "&";
++        if (front_page.indexOf("?") == -1) {
++            combining = "?"
++        }
++        var go_back_url = front_page + combining + "went_to_url_in_error=" +
++            escape(to_url) + "&came_from_url=" + escape(from_url);
++        location.href = go_back_url;
++    } else {
++        history.go(-1);
++    }
++}
++</script>
++</head>
++<body class="downloads">
++<div id="header">
++
++<div class="wrap">
++<h1 id="logo">Ubuntu One Music Store</h1>
++
++</div><!-- close .wrap -->
++</div><!-- close #header -->
++
++<div class="superfluous">
++<div id="content">
++<div class="access">
++   <h1>Sorry!</h1>
++<h2>An error has occurred. Please ensure that your
++computer is connected to Ubuntu One.</h2>
++<p><button onclick="carry_on()"><span>Go back</span></button></p>
++</div>
++</div>
++
++</div>
++</div>
++<div id="footer">
++<div class="wrap">
++</div>
++</div>
++</body>
++</html>
 === modified file 'libubuntuone/u1-music-store.c'
 --- libubuntuone/u1-music-store.c	2010-03-23 12:19:23 +0000
 +++ libubuntuone/u1-music-store.c	2010-03-24 23:55:36 +0000
@@ -25,6 +25,7 @@
  #include <webkit/webkit.h>
  #include <dbus/dbus-glib.h>
  #include <libsoup/soup-gnome-features.h>
++#include <libsoup/soup-uri.h>
  #include <gnome-keyring.h>
  #include "oauth.h"
  #include "u1-music-store.h"
@@ -39,6 +40,8 @@
  #define U1_NOT_REGISTERED_URL      "https://one.ubuntu.com/music/notregistered?returnUrl="
  #define U1_DEFAULT_ERROR_PAGE "load_error.html"
++#define U1_OUTSIDE_DOMAIN_ERROR_PAGE "outside_domain.html"
++#define U1_TRYING_SSO_ERROR_PAGE "trying_sso.html"
  #define U1_IN_DEVELOPMENT_PAGE "in_development.html"
  #define U1_CONNECTING_PAGE "connecting.html"
  #define U1_INITIAL_PAGE "<html><body>Loading Ubuntu One music store</body></html>"
@@ -241,6 +244,63 @@
  	gchar *not_registered_url;
  } NotRegisteredReplacementData;
++static gchar *
++get_url_to_use (U1MusicStore *music_store)
++{
++	gchar *oauth_token = NULL, *oauth_token_secret = NULL, *real_url;
++	const gchar *url_to_use;
++
++	/* If U1MUSICSTOREURL is defined, use that instead of the real URL */
++	if (! (url_to_use = g_getenv ("U1MUSICSTOREURL")))
++		url_to_use = "https://one.ubuntu.com";
++
++	if (music_store->priv->base_url != NULL)
++		g_free (music_store->priv->base_url);
++
++	music_store->priv->base_url = g_strdup (url_to_use);
++
++	/* OAUth sign the URL */
++	if (g_str_has_prefix (url_to_use, "http://localhost") || g_str_has_prefix (url_to_use, "http://127.0.0.1")) {
++		const gchar *oauthfile;
++
++		oauthfile = g_getenv ("OAUTHKEYFILE");
++		if (oauthfile != NULL) {
++			gchar *oauthstring;
++			gsize len;
++
++			if (g_file_get_contents (oauthfile, &oauthstring, &len, NULL)) {
++				parse_oauth_string (oauthstring, &oauth_token, &oauth_token_secret);
++				g_free (oauthstring);
++			}
++		} else {
++			webkit_web_view_load_string (WEBKIT_WEB_VIEW (music_store->priv->web_viewer),
++						     "Fail! If you specify U1MUSICSTOREURL you must "
++						     "also specify OAUTHKEYFILE as a file with OAuth keys in it",
++						     "text/html", "utf-8", "file:///");
++			return NULL;
++		}
++	} else
++		get_credentials_from_keyring (&oauth_token, &oauth_token_secret);
++
++	if (oauth_token == NULL || oauth_token_secret == NULL)
++		real_url = g_strdup_printf ("%s%s", music_store->priv->base_url, U1_NOT_LOGGED_IN_STORE_URL);
++	else {
++		gchar *s = g_strdup_printf ("%s%s", music_store->priv->base_url, U1_STORE_URL);
++
++		real_url = oauth_sign_url2 (s, NULL, OA_HMAC, "GET",
++					    "ubuntuone", "hammertime",
++					    oauth_token, oauth_token_secret);
++		g_free (s);
++	}
++
++	g_free (oauth_token);
++	g_free (oauth_token_secret);
++
++	return real_url;
++}
++
++
++
  static void
  got_new_dbus_credentials_cb (DBusGProxy *proxy, const gchar *realm, const gchar *consumer_key, gpointer user_data)
+ {
@@ -329,6 +389,64 @@
  			 gpointer user_data)
+ {
  	U1MusicStore *music_store = U1_MUSIC_STORE (user_data);
++	SoupURI *parsed_uri;
++
++	parsed_uri = soup_uri_new (webkit_network_request_get_uri (request));
++	if (parsed_uri != NULL) {
++		if (!g_strcmp0 ((const gchar *) parsed_uri->host, "www.7digital.com")) {
++			/* host is 7digital.com. It must be in our store. */
++			if (!g_str_has_prefix (parsed_uri->path, "/stores/")) {
++				/* a 7digital URL not in our store. Die */
++				gchar *to_and_from_error_uris;
++				g_debug("Hitting the unbranded store, so throwing an error");
++				to_and_from_error_uris = g_strdup_printf ("%s:::%s",
++					webkit_web_view_get_uri (web_view),
++					webkit_network_request_get_uri (request));
++				load_internal_html_page (web_view, U1_OUTSIDE_DOMAIN_ERROR_PAGE, to_and_from_error_uris);
++				g_free (to_and_from_error_uris);
++			}
++		}
++		if (!g_strcmp0 ((const gchar *) parsed_uri->host, "one.ubuntu.com")) {
++			/* host is one.ubuntu.com. It must not be the login page */
++			if (g_str_has_prefix (parsed_uri->path, "/auth/")) {
++				/* trying to log the user into o.u.c inside the webview. Die. */
++				gchar *real_url;
++				gchar *to_and_from_error_uris;
++				real_url = get_url_to_use (music_store);
++				to_and_from_error_uris = g_strdup_printf ("%s:::%s:::%s",
++					webkit_web_view_get_uri (web_view),
++					webkit_network_request_get_uri (request),
++					real_url);
++				g_debug("Being led through Ubuntu One login inside Rhythmbox, so throwing an error");
++				if (real_url != NULL) {
++					load_internal_html_page (web_view, U1_TRYING_SSO_ERROR_PAGE, to_and_from_error_uris);
++					g_free (real_url);
++				} else {
++					load_internal_html_page (web_view, U1_TRYING_SSO_ERROR_PAGE, NULL);
++				}
++				g_free (to_and_from_error_uris);
++			}
++		}
++		if (!g_strcmp0 ((const gchar *) parsed_uri->host, "login.ubuntu.com")) {
++			/* host is SSO. Die. */
++			gchar *real_url;
++			gchar *to_and_from_error_uris;
++			real_url = get_url_to_use (music_store);
++			to_and_from_error_uris = g_strdup_printf ("%s:::%s:::%s",
++				webkit_web_view_get_uri (web_view),
++				webkit_network_request_get_uri (request),
++				real_url);
++			g_debug("Being led through Ubuntu One login inside Rhythmbox, so throwing an error");
++			if (real_url != NULL) {
++				load_internal_html_page (web_view, U1_TRYING_SSO_ERROR_PAGE, to_and_from_error_uris);
++				g_free (real_url);
++			} else {
++				load_internal_html_page (web_view, U1_TRYING_SSO_ERROR_PAGE, NULL);
++			}
++			g_free (to_and_from_error_uris);
++		}
++
++	}
  	/* Remove watching callback for the page */
  	if (music_store->priv->watch_id != 0) {
@@ -681,61 +799,6 @@
  	return TRUE;
+ }
--static gchar *
--get_url_to_use (U1MusicStore *music_store)
--{
--	gchar *oauth_token = NULL, *oauth_token_secret = NULL, *real_url;
--	const gchar *url_to_use;
--
--	/* If U1MUSICSTOREURL is defined, use that instead of the real URL */
--	if (! (url_to_use = g_getenv ("U1MUSICSTOREURL")))
--		url_to_use = "https://one.ubuntu.com";
--
--	if (music_store->priv->base_url != NULL)
--		g_free (music_store->priv->base_url);
--
--	music_store->priv->base_url = g_strdup (url_to_use);
--
--	/* OAUth sign the URL */
--	if (g_str_has_prefix (url_to_use, "http://localhost") || g_str_has_prefix (url_to_use, "http://127.0.0.1")) {
--		const gchar *oauthfile;
--
--		oauthfile = g_getenv ("OAUTHKEYFILE");
--		if (oauthfile != NULL) {
--			gchar *oauthstring;
--			gsize len;
--
--			if (g_file_get_contents (oauthfile, &oauthstring, &len, NULL)) {
--				parse_oauth_string (oauthstring, &oauth_token, &oauth_token_secret);
--				g_free (oauthstring);
--			}
--		} else {
--			webkit_web_view_load_string (WEBKIT_WEB_VIEW (music_store->priv->web_viewer),
--						     "Fail! If you specify U1MUSICSTOREURL you must "
--						     "also specify OAUTHKEYFILE as a file with OAuth keys in it",
--						     "text/html", "utf-8", "file:///");
--			return NULL;
--		}
--	} else
--		get_credentials_from_keyring (&oauth_token, &oauth_token_secret);
--
--	if (oauth_token == NULL || oauth_token_secret == NULL)
--		real_url = g_strdup_printf ("%s%s", music_store->priv->base_url, U1_NOT_LOGGED_IN_STORE_URL);
--	else {
--		gchar *s = g_strdup_printf ("%s%s", music_store->priv->base_url, U1_STORE_URL);
--
--		real_url = oauth_sign_url2 (s, NULL, OA_HMAC, "GET",
--					    "ubuntuone", "hammertime",
--					    oauth_token, oauth_token_secret);
--		g_free (s);
--	}
--
--	g_free (oauth_token);
--	g_free (oauth_token_secret);
--
--	return real_url;
--}
--
  static gboolean
  load_real_store_cb (gpointer user_data)
+ {