Added wallPostPermission parameter to loggedIn signal

[situare] / src / facebookservice / facebookauthentication.cpp

/*
   Situare - A location system for Facebook
   Copyright (C) 2010  Ixonos Plc. Authors:

       Ville Tiensuu - ville.tiensuu@ixonos.com
       Kaj Wallin - kaj.wallin@ixonos.com
       Henri Lampela - henri.lampela@ixonos.com

   Situare is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public License
   version 2 as published by the Free Software Foundation.

   Situare is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with Situare; if not, write to the Free Software
   Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301,
   USA.
*/

#include <qjson/parser.h>

#include <QtDebug>
#include <QDateTime>
#include <QNetworkReply>
#include <QSettings>
#include <QStringList>
#include <QVariantMap>
#include <QWebView>

#ifdef Q_WS_MAEMO_5
#include <QMaemo5InformationBox>
#endif // Q_WS_MAEMO_5

#include "common.h"
#include "../error.h"
#include "network/networkcookiejar.h"
#include "situareservice/situarecommon.h"
#include "ui/mainwindow.h"

#include "facebookauthentication.h"

const QString FB_LOGIN_SUCCESS_URL = "http://www.facebook.com/connect/login_success.html";
const QString FB_LOGIN_URL = "https://www.facebook.com/login.php";

const QString URL_SESSION_PARAMETER_BEGIN("session={");

FacebookAuthentication::FacebookAuthentication(MainWindow *mainWindow, QObject *parent)
    : QObject(parent),
      m_loggedIn(false),
      m_browser(0),
      m_mainWindow(mainWindow)
{
    qDebug() << __PRETTY_FUNCTION__;
}

void FacebookAuthentication::browserDestroyed()
{
    qWarning() << __PRETTY_FUNCTION__;

    m_mainWindow->toggleProgressIndicator(false);
    m_browser = 0;
}

void FacebookAuthentication::clearAccountInformation(bool clearUserInformation)
{
    qWarning() << __PRETTY_FUNCTION__ << "clearUserInformation:" << clearUserInformation;

    QSettings settings(SETTINGS_ORGANIZATION_NAME, SETTINGS_APPLICATION_NAME);

    settings.remove(USER_UNSEND_MESSAGE);
    settings.remove(USER_UNSEND_MESSAGE_PUBLISH);

    if (clearUserInformation) {
        NetworkCookieJar::clearCookiesSetting();
        settings.remove(SETTINGS_AUTOMATIC_UPDATE_ENABLED);
        settings.remove(SETTINGS_AUTOMATIC_UPDATE_INTERVAL);
    }
}

void FacebookAuthentication::destroyLogin()
{
    qWarning() << __PRETTY_FUNCTION__;

    m_mainWindow->destroyLoginDialog();
    m_browser->deleteLater();
}

bool FacebookAuthentication::isLoggedIn() const
{
    qWarning() << __PRETTY_FUNCTION__;

    return m_loggedIn;
}

void FacebookAuthentication::login()
{
    qWarning() << __PRETTY_FUNCTION__;

    if (!m_browser) {
        m_browser = new QWebView(m_mainWindow);

        if (m_browser) {
            m_browser->page()->networkAccessManager()->setCookieJar(new NetworkCookieJar());

            connect(m_browser, SIGNAL(urlChanged(QUrl)),
                    this, SLOT(urlChanged(QUrl)));

            connect(m_browser, SIGNAL(destroyed(QObject*)),
                    this, SLOT(browserDestroyed()));

            connect(m_browser->page()->networkAccessManager(),
                    SIGNAL(sslErrors(QNetworkReply*, QList<QSslError>)),
                    this, SLOT(sslErrors(QNetworkReply*, QList<QSslError>)));

            connect(m_browser->page()->networkAccessManager(), SIGNAL(finished(QNetworkReply*)),
                    this, SLOT(networkReplyHandler(QNetworkReply*)));
        }
    }

    if (m_browser) {
        QString url = FB_LOGIN_URL + "?";
        url.append("api_key=" + API_KEY +"&");
        url.append("display=touch&");
        url.append("fbconnect=1&");
        url.append("next=" + FB_LOGIN_SUCCESS_URL + "&");
        url.append("return_session=1&");
        url.append("session_version=3&");
        url.append("v=1.0&");
        url.append("req_perms=publish_stream");

        m_browser->load(QUrl(url));

        m_mainWindow->toggleProgressIndicator(true);
    }
}

void FacebookAuthentication::logOut(bool clearUserInformation)
{
    qWarning() << __PRETTY_FUNCTION__;

    clearAccountInformation(clearUserInformation);
    m_loggedIn = false;
    emit loggedOut();
}

void FacebookAuthentication::networkReplyHandler(QNetworkReply *reply)
{
    qWarning() <<__PRETTY_FUNCTION__;

    if ((reply->error() != QNetworkReply::NoError)
        && (reply->error() != QNetworkReply::OperationCanceledError)) {

        qCritical() << __PRETTY_FUNCTION__ << "error:" << reply->error() << reply->errorString();
        emit error(ErrorContext::NETWORK, reply->error());
        destroyLogin();
    }
}

QString FacebookAuthentication::parseSession(const QUrl &url)
{
    qWarning() << __PRETTY_FUNCTION__;

    const QString END("}");

    QString urlString = url.toString();

    int begin = urlString.indexOf(URL_SESSION_PARAMETER_BEGIN);
    int end = urlString.indexOf(END, begin);

    if ((begin > -1) && (end > -1))
        return urlString.mid(begin, end - begin + 1);
    else
        return QString();
}

void FacebookAuthentication::sslErrors(QNetworkReply *reply, const QList<QSslError> &errors)
{
    qWarning() << __PRETTY_FUNCTION__;

    Q_UNUSED(errors);
    reply->ignoreSslErrors();
}

void FacebookAuthentication::urlChanged(const QUrl &url)
{
    qWarning() << __PRETTY_FUNCTION__ << url.toString();

    const QString WALL_POST_PERMISSION = "publish_stream";

    /*
      URL changes in different use cases:
        * Login with cookie failed:
            1) http://m.facebook.com/login.php?api_key=cf77865a5070f2c2ba3b52cbf3371579&cancel_url=http://www.facebook.com/connect/login_failure.html&display=touch&fbconnect=1&next=http://www.facebook.com/connect/uiserver.php?app_id=286811277465&next=http%3A%2F%2Fwww.facebook.com%2Fconnect%2Flogin_success.html&display=touch&cancel_url=http%3A%2F%2Fwww.facebook.com%2Fconnect%2Flogin_failure.html&perms=publish_stream&return_session=1&session_version=3&fbconnect=1&canvas=0&legacy_return=1&method=permissions.request&return_session=1&session_version=3&v=1.0&req_perms=publish_stream&app_id=286811277465&refsrc=http://www.facebook.com/login.php&fbb=ra985c5e9

        * Login without cookie, not allowed to publish:
            1) http://m.facebook.com/login.php?api_key=cf77865a5070f2c2ba3b52cbf3371579&display=touch&fbconnect=1&next=http://www.facebook.com/connect/uiserver.php?app_id=286811277465&next=http%3A%2F%2Fwww.facebook.com%2Fconnect%2Flogin_success.html&display=touch&perms=publish_stream&return_session=1&session_version=3&fbconnect=1&canvas=0&legacy_return=1&method=permissions.request&return_session=1&session_version=3&v=1.0&req_perms=publish_stream&app_id=286811277465&refsrc=http://www.facebook.com/login.php&fbb=r03cdf104"
                 --> browser dialog is invoked, user enters correct username and password
            2) http://www.facebook.com/connect/uiserver.php?app_id=286811277465&next=http://www.facebook.com/connect/login_success.html&display=touch&perms=publish_stream&return_session=1&session_version=3&fbconnect=1&canvas=0&legacy_return=1&method=permissions.request&session={"session_key":"2.isKv9bMtGmylvP1N6Il3IQ__.3600.1289394000-100001006647973","uid":100001006647973,"expires":1289394000,"secret":"PWiqZ9_aJjfKKJT4hJMTqA__","sig":"8f054aeca3c4d81e7efce3b90fb17d7e"}&installed=1&refsrc=http://www.facebook.com/login.php&fbb=rff1cc1be&refid=9&m_sess=sozzGNi5-SOBSb3AU
                 --> click allow
            3) http://www.facebook.com/connect/uiserver.php
            4) http://www.facebook.com/connect/login_success.html?perms=publish_stream&selected_profiles=100001006647973&session={"session_key":"2.isKv9bMtGmylvP1N6Il3IQ__.3600.1289394000-100001006647973","uid":"100001006647973","expires":1289394000,"secret":"PWiqZ9_aJjfKKJT4hJMTqA__","access_token":"286811277465|2.isKv9bMtGmylvP1N6Il3IQ__.3600.1289394000-100001006647973|bo9YniMczKY7PwlUEy9f40w3v5I","sig":"6b80d6928cf8f61b4c0c59d33d3127b6"}

        * Login without cookie, not allowed to publish:
            1) http://m.facebook.com/login.php?api_key=cf77865a5070f2c2ba3b52cbf3371579&display=touch&fbconnect=1&next=http://www.facebook.com/connect/uiserver.php?app_id=286811277465&next=http%3A%2F%2Fwww.facebook.com%2Fconnect%2Flogin_success.html&display=touch&perms=publish_stream&return_session=1&session_version=3&fbconnect=1&canvas=0&legacy_return=1&method=permissions.request&return_session=1&session_version=3&v=1.0&req_perms=publish_stream&app_id=286811277465&refsrc=http://www.facebook.com/login.php&fbb=r3fa0d31d
                 --> browser dialog is invoked, user enters correct username and password
            2) http://www.facebook.com/connect/uiserver.php?app_id=286811277465&next=http://www.facebook.com/connect/login_success.html&display=touch&perms=publish_stream&return_session=1&session_version=3&fbconnect=1&canvas=0&legacy_return=1&method=permissions.request&session={"session_key":"2.isKv9bMtGmylvP1N6Il3IQ__.3600.1289394000-100001006647973","uid":100001006647973,"expires":1289394000,"secret":"PWiqZ9_aJjfKKJT4hJMTqA__","sig":"8f054aeca3c4d81e7efce3b90fb17d7e"}&installed=1&refsrc=http://www.facebook.com/login.php&fbb=r29076109&refid=9&m_sess=sozzGNi5-SOBSb3AU
                 --> click deny
            3) http://www.facebook.com/connect/uiserver.php
            4) http://www.facebook.com/connect/login_success.html?perms&selected_profiles=100001006647973&session={"session_key":"2.isKv9bMtGmylvP1N6Il3IQ__.3600.1289394000-100001006647973","uid":"100001006647973","expires":1289394000,"secret":"PWiqZ9_aJjfKKJT4hJMTqA__","access_token":"286811277465|2.isKv9bMtGmylvP1N6Il3IQ__.3600.1289394000-100001006647973|bo9YniMczKY7PwlUEy9f40w3v5I","sig":"6b80d6928cf8f61b4c0c59d33d3127b6"}

        * Login with cookie succeeded, already allowed to publish:
            1) http://www.facebook.com/connect/uiserver.php?app_id=286811277465&next=http://www.facebook.com/connect/login_success.html&display=touch&cancel_url=http://www.facebook.com/connect/login_failure.html&perms=publish_stream&return_session=1&session_version=3&fbconnect=1&canvas=0&legacy_return=1&method=permissions.request&session={"session_key":"2.iHXi5fLKlHktva2R71xSAw__.3600.1289228400-100001006647973","uid":100001006647973,"expires":1289228400,"secret":"q4_Hn5qRdxnVT_qh3ztv5w__","sig":"c9d29ca857bacec48b952e7d2826a3ca"}&fbb=rb28f24e5
            2) http://www.facebook.com/connect/login_success.html?perms=publish_stream&selected_profiles=100001006647973&session={"session_key":"2.iHXi5fLKlHktva2R71xSAw__.3600.1289228400-100001006647973","uid":"100001006647973","expires":1289228400,"secret":"q4_Hn5qRdxnVT_qh3ztv5w__","access_token":"286811277465|2.iHXi5fLKlHktva2R71xSAw__.3600.1289228400-100001006647973|LVTHGW82A98SGvv6Fl43DlCrFT0","sig":"8edd8d611047bcd162abbe9983b25a56"}
     */

    const QString urlString = url.toString();
    if (!urlString.contains(URL_SESSION_PARAMETER_BEGIN)) {
        // login page url doesn't contain session
        /// @todo INVOKE DIALOG ALSO WHEN STOPPED TO PERMISSION PAGE
        /// @todo case: set cookie, remove situare app, re-login, 1 extra allow page before permissions, redirect from extra page when denying?
        m_mainWindow->buildLoginDialog(m_browser);
    } else if (urlString.startsWith(FB_LOGIN_SUCCESS_URL)) {
        // login succeeded, permissions granted/declined
        const QString session = parseSession(url);
        qWarning() << __PRETTY_FUNCTION__ << "login finished, parsed session:" << session;
        if (!session.isEmpty()) {
            destroyLogin();
            m_loggedIn = true;
            emit loggedIn(session, urlString.contains(WALL_POST_PERMISSION));
        }
    }
    else {
        qCritical() << __PRETTY_FUNCTION__ << "new url was not recognised, url:" << urlString;
    }
}