From 3dd7dbe99e42db64a81be2a2475ba09ba18df63b Mon Sep 17 00:00:00 2001
From: tkashkin <tkashkin@gmail.com>
Date: Wed, 23 Jan 2019 17:02:09 +0300
Subject: [PATCH] Possibly fix Humble token escaping (#32, #9)

---
 data/css/themes/elementary.css      |  2 ++
 src/data/sources/humble/Humble.vala | 21 +++++++++++++++++++--
 src/data/sources/humble/Trove.vala  |  4 ++--
 3 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/data/css/themes/elementary.css b/data/css/themes/elementary.css
index 6064fb36..13cd7d90 100644
--- a/data/css/themes/elementary.css
+++ b/data/css/themes/elementary.css
@@ -10,6 +10,7 @@
 .titlebar.flat .title,
 .titlebar.flat .subtitle,
 .titlebar.flat .titlebutton,
+.titlebar.flat button,
 .titlebar.flat *:not(entry) image
 {
 	color: @textColorPrimaryDefault;
@@ -20,6 +21,7 @@
 .titlebar.flat .title:backdrop,
 .titlebar.flat .subtitle:backdrop,
 .titlebar.flat .titlebutton:backdrop,
+.titlebar.flat button:backdrop,
 .titlebar.flat *:not(entry) image:backdrop
 {
 	color: mix(@textColorPrimaryDefault, @titlebar_color, 0.3);
diff --git a/src/data/sources/humble/Humble.vala b/src/data/sources/humble/Humble.vala
index 134858c5..ba50afba 100644
--- a/src/data/sources/humble/Humble.vala
+++ b/src/data/sources/humble/Humble.vala
@@ -38,6 +38,23 @@ namespace GameHub.Data.Sources.Humble
 
 		public string? user_token = null;
 
+		public static string? escaped_cookie(string? token)
+		{
+			if(token == null)
+			{
+				return null;
+			}
+			var escaped = "%s=\"%s\";".printf(AUTH_COOKIE, token.replace("=", "\\075"));
+
+			if(GameHub.Application.log_auth && GameHub.Application.log_verbose)
+			{
+				debug("[Humble.escaped_cookie] Unescaped: %s", token);
+				debug("[Humble.escaped_cookie] Escaped:   %s", escaped);
+			}
+
+			return escaped;
+		}
+
 		private Settings.Auth.Humble settings;
 
 		public Humble()
@@ -88,7 +105,7 @@ namespace GameHub.Data.Sources.Humble
 
 			wnd.finished.connect(token =>
 			{
-				user_token = token.replace("\"", "");
+				user_token = token.replace("\"", "").replace("\\\\075", "=").replace("\\075", "=");
 				settings.access_token = user_token ?? "";
 				if(GameHub.Application.log_auth)
 				{
@@ -146,7 +163,7 @@ namespace GameHub.Data.Sources.Humble
 				}
 
 				var headers = new HashMap<string, string>();
-				headers["Cookie"] = @"$(AUTH_COOKIE)=\"$(user_token)\";";
+				headers["Cookie"] = escaped_cookie(user_token);
 
 				var orders_json = Parser.load_remote_file("https://www.humblebundle.com/api/v1/user/order?ajax=true", "GET", null, headers);
 				var orders_md5 = Utils.md5(orders_json);
diff --git a/src/data/sources/humble/Trove.vala b/src/data/sources/humble/Trove.vala
index 846629ed..e00dd3ef 100644
--- a/src/data/sources/humble/Trove.vala
+++ b/src/data/sources/humble/Trove.vala
@@ -78,7 +78,7 @@ namespace GameHub.Data.Sources.Humble
 				}
 
 				var headers = new HashMap<string, string>();
-				headers["Cookie"] = @"$(AUTH_COOKIE)=\"$(user_token)\";";
+				headers["Cookie"] = escaped_cookie(user_token);
 
 				var html = Parser.parse_remote_html_file(Trove.PAGE_URL, "GET", null, headers);
 
@@ -144,7 +144,7 @@ namespace GameHub.Data.Sources.Humble
 		public static string? sign_url(string machine_name, string filename, string humble_token)
 		{
 			var headers = new HashMap<string, string>();
-			headers["Cookie"] = @"$(AUTH_COOKIE)=\"$(humble_token)\";";
+			headers["Cookie"] = escaped_cookie(humble_token);
 
 			var data = new HashMap<string, string>();
 			data["machine_name"] = machine_name;