public
/
openhab-addons
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[myq] Fixes a serious issue that could wipe out cookies across an entire OH instance for bindings using the shared Jetty client (#11343) 

Signed-off-by: Dan Cunningham <dan@digitaldan.com>
This commit is contained in:
Dan Cunningham 2021-10-03 22:41:41 -07:00 committed by GitHub
parent 0ce4e8cb56
commit ccfe232d49
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
bundles/org.openhab.binding.myq/src/main/java/org/openhab/binding/myq/internal/handler/MyQAccountHandler.java
View File

@ -16,6 +16,7 @@ import static org.openhab.binding.myq.internal.MyQBindingConstants.*;
import java.io.IOException; import java.io.IOException;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import java.net.CookieStore;
import java.net.HttpCookie; import java.net.HttpCookie;
import java.net.URI; import java.net.URI;
import java.net.URISyntaxException; import java.net.URISyntaxException;
@ -291,10 +292,14 @@ public class MyQAccountHandler extends BaseBridgeHandler implements AccessTokenR
*/ */
private AccessTokenResponse login() private AccessTokenResponse login()
throws InterruptedException, MyQCommunicationException, MyQAuthenticationException { throws InterruptedException, MyQCommunicationException, MyQAuthenticationException {
// make sure we have a fresh session
httpClient.getCookieStore().removeAll();
try { try {
// make sure we have a fresh session
URI authUri = new URI(LOGIN_BASE_URL);
CookieStore store = httpClient.getCookieStore();
store.get(authUri).forEach(cookie -> {
store.remove(authUri, cookie);
});
String codeVerifier = generateCodeVerifier(); String codeVerifier = generateCodeVerifier();
ContentResponse loginPageResponse = getLoginPage(codeVerifier); ContentResponse loginPageResponse = getLoginPage(codeVerifier);
@ -328,7 +333,7 @@ public class MyQAccountHandler extends BaseBridgeHandler implements AccessTokenR
} }
getOAuthService().importAccessTokenResponse(accessTokenResponse); getOAuthService().importAccessTokenResponse(accessTokenResponse);
return accessTokenResponse; return accessTokenResponse;
} catch (IOException | ExecutionException | TimeoutException | OAuthException e) { } catch (IOException | ExecutionException | TimeoutException | OAuthException | URISyntaxException e) {
throw new MyQCommunicationException(e.getMessage()); throw new MyQCommunicationException(e.getMessage());
} }
} }