Fix 3rd party login issue on macOS (#4739)

* Fix use-after-free error * Ignore http OPTIONS method * Make sure response has sent before closing the http server
2025-07-22 14:13:57 -06:00 · 2024-03-28 23:07:10 +08:00 · 2024-03-28 23:07:10 +08:00 · 9f3bafb04e
commit 9f3bafb04e
parent f36c22385b
3 changed files with 21 additions and 12 deletions
--- a/src/slic3r/GUI/HttpServer.cpp
+++ b/src/slic3r/GUI/HttpServer.cpp
@ -77,13 +77,20 @@ void session::read_next_line()

            if (line.length() == 0) {
                if (headers.content_length() == 0) {
+                    std::cout << "Request received: " << headers.method << " " << headers.get_url();
+                    if (headers.method == "OPTIONS") {
+                        // Ignore http OPTIONS
+                        server.stop(self);
+                        return;
+                    }
+
                    const std::string url_str = Http::url_decode(headers.get_url());
                    const auto        resp    = server.server.m_request_handler(url_str);
                    std::stringstream ssOut;
                    resp->write_response(ssOut);
                    std::shared_ptr<std::string> str = std::make_shared<std::string>(ssOut.str());
                    async_write(socket, boost::asio::buffer(str->c_str(), str->length()),
-                                [this, self](const boost::beast::error_code& e, std::size_t s) {
+                                [this, self, str](const boost::beast::error_code& e, std::size_t s) {
                        std::cout << "done" << std::endl;
                        server.stop(self);
                    });
@ -159,6 +166,7 @@ void HttpServer::stop()
    if (server_) {
        server_->acceptor.close();
        server_->stop_all();
+        server_->io_service.stop();
    }
    if (m_http_server_thread.joinable())
        m_http_server_thread.join();
--- a/src/slic3r/GUI/HttpServer.hpp
+++ b/src/slic3r/GUI/HttpServer.hpp
@ -28,6 +28,7 @@ class http_headers

    std::map<std::string, std::string> headers;

+    friend class session;
 public:
    std::string get_url() { return url; }

--- a/src/slic3r/GUI/Jobs/OAuthJob.cpp
+++ b/src/slic3r/GUI/Jobs/OAuthJob.cpp
@ -36,16 +36,16 @@ void OAuthJob::parse_token_response(const std::string& body, bool error, OAuthRe
 void OAuthJob::process(Ctl& ctl)
 {
    // Prepare auth process
-    ThreadSafeQueueSPSC<OAuthResult> queue;
+    std::shared_ptr<ThreadSafeQueueSPSC<OAuthResult>> queue = std::make_shared<ThreadSafeQueueSPSC<OAuthResult>>();

    // Setup auth server to receive OAuth code from callback url
-    local_authorization_server.set_request_handler([this, &queue](const std::string& url) -> std::shared_ptr<HttpServer::Response> {
+    local_authorization_server.set_request_handler([this, queue](const std::string& url) -> std::shared_ptr<HttpServer::Response> {
        if (boost::contains(url, "/callback")) {
            const auto code = url_get_param(url, "code");
            const auto state = url_get_param(url, "state");

-            const auto handle_auth_fail = [this, &queue](const std::string& message) -> std::shared_ptr<HttpServer::ResponseRedirect> {
-                queue.push(OAuthResult{false, message});
+            const auto handle_auth_fail = [this, queue](const std::string& message) -> std::shared_ptr<HttpServer::ResponseRedirect> {
+                queue->push(OAuthResult{false, message});
                return std::make_shared<HttpServer::ResponseRedirect>(this->_data.params.auth_fail_redirect_url);
            };

@ -81,11 +81,11 @@ void OAuthJob::process(Ctl& ctl)
                .on_error([&](std::string body, std::string error, unsigned status) { parse_token_response(body, true, r); })
                .perform_sync();

-            queue.push(r);
+            queue->push(r);
            return std::make_shared<HttpServer::ResponseRedirect>(r.success ? _data.params.auth_success_redirect_url :
                                                                              _data.params.auth_fail_redirect_url);
        } else {
-            queue.push(OAuthResult{false});
+            queue->push(OAuthResult{false});
            return std::make_shared<HttpServer::ResponseNotFound>();
        }
    });
@ -96,18 +96,18 @@ void OAuthJob::process(Ctl& ctl)
    // Wait until we received the result
    bool received = false;
    while (!ctl.was_canceled() && !received ) {
-        queue.consume_one(BlockingWait{1000}, [this, &received](const OAuthResult& result) {
+        queue->consume_one(BlockingWait{1000}, [this, &received](const OAuthResult& result) {
            *_data.result = result;
            received      = true;
        });
    }

    // Handle timeout
-    if (!received && !ctl.was_canceled()) {
-        BOOST_LOG_TRIVIAL(debug) << "Timeout when authenticating with the account server.";
-        _data.result->error_message = _u8L("Timeout when authenticating with the account server.");
-    } else if (ctl.was_canceled()) {
+    if (!received && ctl.was_canceled()) {
        _data.result->error_message = _u8L("User cancelled.");
+    } else {
+        // Wait a while to ensure the response has sent
+        std::this_thread::sleep_for(std::chrono::milliseconds(1500));
    }
 }