From 75442db9e079fe3f3df7d1ffba7cab4a20044930 Mon Sep 17 00:00:00 2001
From: Jeena Paradies <spam@jeenaparadies.net>
Date: Sat, 24 Nov 2012 08:27:12 +0100
Subject: [PATCH] fixed overwriting key in keychain

---
 Mac/AccessToken.m                      | 44 ++++++++++++++++------
 Mac/Controller.m                       |  2 +-
 Mac/English.lproj/NewMessageWindow.xib |  2 +-
 Mac/NewMessageWindow.m                 |  4 +-
 Mac/publish/Appcast.xml                | 10 ++---
 WebKit/scripts/controller/Oauth.js     |  5 +--
 WebKit/scripts/helper/Core.js          | 51 ++++++--------------------
 WebKit/scripts/helper/Paths.js         |  4 +-
 8 files changed, 57 insertions(+), 65 deletions(-)

diff --git a/Mac/AccessToken.m b/Mac/AccessToken.m
index cb70213..afdb0f7 100644
--- a/Mac/AccessToken.m
+++ b/Mac/AccessToken.m
@@ -46,20 +46,37 @@
 
 - (void)setSecret:(NSString *)_secret
 {
+    UInt32 _passwordLength = 0;
+    char *_password = nil;
+    SecKeychainItemRef item = nil;
+    SecKeychainFindGenericPassword(NULL, 6, "Tentia", 17, "TentiaUserAccount", &_passwordLength, (void **)&_password, &item);
+    
     OSStatus status;
     void * passwordData = (void*)[_secret cStringUsingEncoding:NSUTF8StringEncoding];
     UInt32 passwordLength = strlen((char*)passwordData);
-    status = SecKeychainAddGenericPassword (
-                                            NULL,           // default keychain
-                                            6,              // length of service name
-                                            "Tentia",         // service name
-                                            17,             // length of account name
-                                            "TentiaUserAccount",    // account name
-                                            passwordLength,  // length of password
-                                            passwordData,        // pointer to password data
-                                            NULL             // the item reference
-                                            );
-    //NSLog(@"%@",(NSString *)SecCopyErrorMessageString (status,NULL));
+    if (!item)
+    {
+        status = SecKeychainAddGenericPassword(
+                                               NULL,           // default keychain
+                                               6,              // length of service name
+                                               "Tentia",         // service name
+                                               17,             // length of account name
+                                               "TentiaUserAccount",    // account name
+                                               passwordLength,  // length of password
+                                               passwordData,        // pointer to password data
+                                               NULL             // the item reference
+                                               );
+    }
+    else
+    {
+        status = SecKeychainItemModifyContent(
+                                              item,
+                                              NULL,
+                                              passwordLength,
+                                              passwordData
+        );
+    }
+    NSLog(@"%@",(NSString *)SecCopyErrorMessageString (status,NULL));
 }
 
 - (NSString *)secret
@@ -68,6 +85,11 @@
     char *password = nil;
     SecKeychainItemRef item = nil;
     SecKeychainFindGenericPassword(NULL, 6, "Tentia", 17, "TentiaUserAccount", &passwordLength, (void **)&password, &item);
+    
+    if (!item) {
+        return nil;
+    }
+    
     //Get password
     NSString *passwordString = [[[NSString alloc] initWithData:[NSData dataWithBytes:password length:passwordLength] encoding:NSUTF8StringEncoding] autorelease];
     SecKeychainItemFreeContent(NULL, password);
diff --git a/Mac/Controller.m b/Mac/Controller.m
index 6041a71..a7d85fd 100644
--- a/Mac/Controller.m
+++ b/Mac/Controller.m
@@ -71,7 +71,7 @@
             [accessToken setString:nil forKey:@"user_mac_key"];
         }
     }
-    if (![accessToken stringForKey:@"user_access_token"]) {
+    if (![accessToken stringForKey:@"user_access_token"] || ![accessToken secret]) {
         [timelineViewWindow performClose:self];
         [mentionsViewWindow performClose:self];
         [self.loginViewWindow makeKeyAndOrderFront:self];
diff --git a/Mac/English.lproj/NewMessageWindow.xib b/Mac/English.lproj/NewMessageWindow.xib
index def5ffb..a2204f0 100644
--- a/Mac/English.lproj/NewMessageWindow.xib
+++ b/Mac/English.lproj/NewMessageWindow.xib
@@ -195,7 +195,7 @@
 					</object>
 					<object class="NSMenuItem" id="502380341">
 						<reference key="NSMenu" ref="723763594"/>
-						<string key="NSTitle">Add image</string>
+						<string key="NSTitle">Add photo</string>
 						<string key="NSKeyEquiv"/>
 						<int key="NSMnemonicLoc">2147483647</int>
 						<reference key="NSOnImage" ref="400068421"/>
diff --git a/Mac/NewMessageWindow.m b/Mac/NewMessageWindow.m
index 50073a5..336adca 100644
--- a/Mac/NewMessageWindow.m
+++ b/Mac/NewMessageWindow.m
@@ -253,7 +253,7 @@
 
     if (!self.imageFilePath)
     {
-        [menuItem setTitle:@"Remove image"];
+        [menuItem setTitle:@"Remove photo"];
         
         NSOpenPanel* openDlg = [NSOpenPanel openPanel];
         [openDlg setPrompt:@"Select"];
@@ -283,7 +283,7 @@
     else
     {
         self.imageFilePath = nil;
-        [menuItem setTitle:@"Add image"];
+        [menuItem setTitle:@"Add photo"];
     }
 }
 
diff --git a/Mac/publish/Appcast.xml b/Mac/publish/Appcast.xml
index 5b67854..fdabc0e 100755
--- a/Mac/publish/Appcast.xml
+++ b/Mac/publish/Appcast.xml
@@ -6,15 +6,15 @@
       <description>Most recent changes with links to updates.</description>
       <language>en</language>
       <item>
-        <title>Version 0.3.1</title>
+        <title>Version 0.4.0</title>
 		<sparkle:minimumSystemVersion>10.5.0</sparkle:minimumSystemVersion>
 		<sparkle:releaseNotesLink>http://jabs.nu/Tentia/download/ReleaseNotes.html</sparkle:releaseNotesLink>
-		<pubDate>Sat, 24 Nov 2012 00:48:42 +0100</pubDate>
+		<pubDate>Sat, 24 Nov 2012 05:03:37 +0100</pubDate>
 		<enclosure	url="http://jabs.nu/Tentia/download/Tentia.app.zip"
-					sparkle:version="0.3.1"
-					length="1032871"
+					sparkle:version="0.4.0"
+					length="1039378"
 					type="application/octet-stream"
-					sparkle:dsaSignature="MCwCFFpH1VFUwJj251WwYbO1El8Ra742AhRHvFroDTIjqBVsqOJt+7L/rcZaDA==" />
+					sparkle:dsaSignature="MCwCFDFeNCx4UYAuH9tSCP3pKZqka5JqAhRcXwhxaOsyVNLfBBTwI0tEpz3W5w==" />
       </item>
    </channel>
 </rss>
diff --git a/WebKit/scripts/controller/Oauth.js b/WebKit/scripts/controller/Oauth.js
index 70bb90a..e74797e 100644
--- a/WebKit/scripts/controller/Oauth.js
+++ b/WebKit/scripts/controller/Oauth.js
@@ -52,7 +52,6 @@ function(HostApp, Paths, Hmac) {
         var those = this;
         Paths.findProfileURL(entity,
             function(profile_url) {
-
                 if (profile_url && (profile_url.startsWith("http://") || profile_url.startsWith("https://"))) {
                     those.register(profile_url);
                 } else {
@@ -67,6 +66,7 @@ function(HostApp, Paths, Hmac) {
 
     Oauth.prototype.register = function (url) {
         var those = this;
+
         Paths.getURL(url, "GET", function(resp) {
 
             those.profile = JSON.parse(resp.responseText);
@@ -78,7 +78,6 @@ function(HostApp, Paths, Hmac) {
                 var data = JSON.parse(resp.responseText);
                 those.authRequest(data);
             }
-
             Paths.getURL(Paths.mkApiRootPath("/apps"), "POST", callback, JSON.stringify(those.app_info));
         });
     }
@@ -144,7 +143,7 @@ function(HostApp, Paths, Hmac) {
     Oauth.prototype.requestAccessTokenTicketFinished = function(responseBody) {
 
         var access = JSON.parse(responseBody); 
-        
+
         HostApp.setStringForKey(access["access_token"], "user_access_token");
         HostApp.setSecret(access["mac_key"]);
         HostApp.setStringForKey(access["mac_algorithm"], "user_mac_algorithm");
diff --git a/WebKit/scripts/helper/Core.js b/WebKit/scripts/helper/Core.js
index cacfb8d..f554706 100644
--- a/WebKit/scripts/helper/Core.js
+++ b/WebKit/scripts/helper/Core.js
@@ -358,29 +358,24 @@ function(jQuery, Paths, URI, HostApp, Followings) {
 
         post += "\r\n--" + boundary + "\r\n";
 
-        var binary_data = this.dataURItoBlob(image_data_uri);
+        var blob_string = image_data_uri.split(',')[1];
+        var mime_type = image_data_uri.split(',')[0].split(':')[1].split(';')[0];
         var ext = "png";
-        if (binary_data.mime_type == "image/jpeg") {
+        if (mime_type == "image/jpeg") {
             ext = "jpeg";
-        } else if (binary_data.mime_type == "image/gif") {
+        } else if (mime_type == "image/gif") {
             ext = "gif";
         }
 
-        var reader = new FileReader();
-        reader.onload = function(e) {
 
-            var blob_string = e.target.result;
-            post += 'Content-Disposition: form-data; name="photos[0]"; filename="photo.' + ext + '"\r\n';
-            post += 'Content-Length: ' + blob_string.length + "\r\n";
-            post += 'Content-Type: ' + binary_data.mime_type + "\r\n";
-            post += 'Content-Transfer-Encoding: base64\r\n\r\n';
-            post += image_data_uri.split(',')[1];
-            post += "\r\n--" + boundary + "--\r\n";
+        post += 'Content-Disposition: form-data; name="photos[0]"; filename="photo.' + ext + '"\r\n';
+        post += 'Content-Length: ' + blob_string.length + "\r\n";
+        post += 'Content-Type: ' + mime_type + "\r\n";
+        post += 'Content-Transfer-Encoding: base64\r\n\r\n';
+        post += blob_string;
+        post += "\r\n--" + boundary + "--\r\n";
 
-            Paths.postMultipart(url.toString(), callback, post, boundary);
-        }
-     
-        reader.readAsBinaryString(binary_data.blob)
+        Paths.postMultipart(url.toString(), callback, post, boundary);
     }
 
     Core.prototype.remove = function(id, callback) {
@@ -570,30 +565,6 @@ function(jQuery, Paths, URI, HostApp, Followings) {
         HostApp.openNewMessageWidow(entity, status_id, string);
     }
 
-    Core.prototype.dataURItoBlob = function(dataURI) {
-        // convert base64 to raw binary data held in a string
-        // doesn't handle URLEncoded DataURIs
-        var byteString = atob(dataURI.split(',')[1]);
-
-        // separate out the mime component
-        var mimeString = dataURI.split(',')[0].split(':')[1].split(';')[0]
-
-        // write the bytes of the string to an ArrayBuffer
-        var ab = new ArrayBuffer(byteString.length);
-        var ia = new Uint8Array(ab);
-        for (var i = 0; i < byteString.length; i++) {
-            ia[i] = byteString.charCodeAt(i);
-        }
-
-        // write the ArrayBuffer to a blob, and you're done
-        var blob = new Blob([ab], {type: mimeString});
-        return {
-            mime_type: mimeString,
-            blob: blob,
-            base64: byteString
-        }
-    }
-
     return Core;
 
 });
\ No newline at end of file
diff --git a/WebKit/scripts/helper/Paths.js b/WebKit/scripts/helper/Paths.js
index b2f42b3..83d4824 100644
--- a/WebKit/scripts/helper/Paths.js
+++ b/WebKit/scripts/helper/Paths.js
@@ -40,7 +40,7 @@ function(jQuery, HostApp, Hmac) {
 
                     var user_access_token = HostApp.stringForKey("user_access_token");
 
-                    if (auth_header !== false && user_access_token) {
+                    if (auth_header !== false && typeof user_access_token != "undefined") {
 
                         auth_header = Hmac.makeAuthHeader(
                             url, 
@@ -59,7 +59,7 @@ function(jQuery, HostApp, Hmac) {
             data: data,
             processData: false,
             error: function(xhr, ajaxOptions, thrownError) {
-                console.error("getURL " + xhr.statusText + " " + http_method + " (" + url + "): '" + xhr.responseText + "'");
+                console.error("getURL (" + xhr.status + ")" + xhr.statusText + " " + http_method + " (" + url + "): '" + xhr.responseText + "'");
             }
         });
     }