1 # ===================================================================== 2 # bloggerAuth.awk: Blogger API 1.0 common authentication stuff. 3 # 4 # Copyright (c) 2007 Carlo Strozzi 5 # 6 # This program is free software; you can redistribute it and/or modify 7 # it under the terms of the GNU General Public License as published by 8 # the Free Software Foundation; version 2 dated June, 1991. 9 # 10 # This program is distributed in the hope that it will be useful, 11 # but WITHOUT ANY WARRANTY; without even the implied warranty of 12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 # GNU General Public License for more details. 14 # 15 # You should have received a copy of the GNU General Public License 16 # along with this program; if not, write to the Free Software 17 # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 18 # 19 # ===================================================================== 20 21 # ===================================================================== 22 # void bloggerAuth(string userarg, string pwarg, string blogid) 23 # 24 # If not specified, 'userarg', 'pwarg' and 'blogid' default to "3_1", 25 # "4_1" and "2_1" respectively. The 'appkey' parametrer defined by 26 # Blogger API specs is currently not taken into consideration. 27 # ===================================================================== 28 29 function bloggerAuth(userarg,pwarg,blogid, value,a) { 30 31 if (userarg == _NULL) userarg = "3_1" 32 if (pwarg == _NULL) pwarg = "4_1" 33 if (blogid == _NULL) blogid = "2_1" 34 35 # BloggerAPI authentication. 36 # 37 # XML-RPC APIs usually handle authentication stuff at the application 38 # level, so we need to perform login-related stuff here, because the 39 # required information was not available at the time 'weblib.rc' was 40 # loaded. Of course this will be less efficient as it will not make 41 # use of the fast authentication method provided by authlib.rc through 42 # session cookies, but it will only be triggered for those clients 43 # that do not return them, which is usually not the case. 44 45 if (ENVIRON["CSA_PGM"] ~ /^CSA2/) { 46 if (_bool(ENVIRON["CSA_AUTH_OK"]) != _TRUE) { 47 if ((value=_request(userarg,1)) ~ /^[-_a-zA-Z0-9@.]+$/) { 48 _rcset("CSA_AUTH_USER",value) 49 if ((value=_request(pwarg,1)) ~ /^[-+_a-zA-Z0-9@.!]*$/) { 50 _rcset("CSA_AUTH_PW",value) 51 _sys("authCheck --return") 52 } 53 } 54 } 55 56 # Extract CSA_LANG from 'blogid' if available. Note that 57 # this is now done by the caller so it can be removed 58 # here, although leaving it in place does not hurt. If 59 # it is ever removed, then the 3rd argument to this 60 # function becomes obsolete. 61 62 value = _request(blogid,1) 63 64 # For the test to be bullet-proof the supplied value is 65 # required to be in the form "language/group[[/cat].page]". 66 # where each dot-separated element must be in unixified 67 # format. (see lib/bloggerRecentPosts.awk). 68 69 if (split(value,a,"/") > 1 && \ 70 _LANG[a[1]] != _NULL) _rcset("CSA_LANG",a[1]) 71 } 72 } 73 74 # EOF