Feature/auth builder #31

FiniteSingularity · 2025-02-28T18:32:38Z

No description provided.

Elgato-AStory

The only things I think must change are the lack of escaping around the query params and JSON key/values, other than that it looks good.

Elgato-AStory · 2025-02-28T18:37:15Z

src/api.cpp

+
+	std::stringstream queryStrStream;
+	for (const auto& pair : queryParams) {
+		queryStrStream << pair.first << "=" << pair.second << "&";


Potential future footgun with unescaped query parameters

Also this seems like a candidate to be replaced with std::string queryString()

Updated this to make a call to queryString (which now does url encoding of the pair values)

Elgato-AStory · 2025-02-28T18:41:40Z

src/api.cpp

+	return url;
+}
+
+std::string MarketplaceApi::getGatewayUrl(


Is there future logic that is planned which will make this function materially different from getAuthUrl?

Potentially yes, as the calls to the gateway API have various standard parameters such as limits/offsets. My thought is to standardize this in the future for easier/more clear calls to the various API endpoints versus the calls done to the OAuth process

Elgato-AStory · 2025-02-28T18:57:50Z

src/util.cpp

+{
+	std::stringstream queryStrStream;
+	for (const auto& pair : params) {
+		queryStrStream << "\"" << pair.first << "\": \"" << pair.second << "\",";


Unescaped JSON keys/values too

Fixed by doing a round trip with nlohmann::json from std::map --> json object --> std::string which escapes json values.

Elgato-AStory · 2025-02-28T19:03:50Z

src/api.cpp

+	std::map<std::string, std::string> const& queryParams
+)
+{
+	std::string endpoint = segments.size() > 0 ? std::accumulate(std::next(segments.begin()), segments.end(), segments[0],


I know this is technically not "bad" code, but I prefer when algorithms like this are spun out into a well named helper function; especially when it's a pattern used in multiple places for a relatively well understood high level operation like this.

I've noted this, and will revisit.

… escaping for all json post bodies.

FiniteSingularity added 2 commits February 28, 2025 11:59

Adds url builder for auth and gateway endpoints.

189d989

Remove comments.

9813222

FiniteSingularity requested a review from Elgato-AStory February 28, 2025 18:32

Elgato-AStory requested changes Feb 28, 2025

View reviewed changes

Adds url (%) encoding to all processed url query parameters, and json…

b067b3d

… escaping for all json post bodies.

Elgato-AStory approved these changes Feb 28, 2025

View reviewed changes

FiniteSingularity merged commit b54b190 into main Feb 28, 2025
3 checks passed

FiniteSingularity deleted the feature/auth-builder branch February 28, 2025 19:53

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Feature/auth builder #31

Feature/auth builder #31

Uh oh!

FiniteSingularity commented Feb 28, 2025

Uh oh!

Elgato-AStory left a comment

Uh oh!

Elgato-AStory Feb 28, 2025

Uh oh!

FiniteSingularity Feb 28, 2025

Uh oh!

Elgato-AStory Feb 28, 2025

Uh oh!

FiniteSingularity Feb 28, 2025

Uh oh!

Elgato-AStory Feb 28, 2025

Uh oh!

FiniteSingularity Feb 28, 2025

Uh oh!

Elgato-AStory Feb 28, 2025

Uh oh!

FiniteSingularity Feb 28, 2025

Uh oh!

Uh oh!

Uh oh!

Feature/auth builder #31

Feature/auth builder #31

Uh oh!

Conversation

FiniteSingularity commented Feb 28, 2025

Uh oh!

Elgato-AStory left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!