2013-07-29 16:28:45 +04:00
|
|
|
/*
|
|
|
|
|
* Copyright (C) by Krzesimir Nowak <krzesimir@endocode.com>
|
2013-07-30 12:48:26 +04:00
|
|
|
* Copyright (C) by Klaas Freitag <freitag@owncloud.com>
|
2013-07-29 16:28:45 +04:00
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
2013-07-30 12:48:26 +04:00
|
|
|
* the Free Software Foundation; version 2 of the License.
|
2013-07-29 16:28:45 +04:00
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful, but
|
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
|
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
|
|
|
* for more details.
|
|
|
|
|
*/
|
|
|
|
|
|
2013-10-23 16:48:44 +04:00
|
|
|
#include <QMutex>
|
2014-02-06 16:00:57 +04:00
|
|
|
#include <QSettings>
|
2014-02-25 17:22:01 +04:00
|
|
|
#include <QNetworkReply>
|
2014-03-27 20:58:31 +04:00
|
|
|
#include <QMessageBox>
|
2014-05-14 13:11:45 +04:00
|
|
|
#include <QDebug>
|
2013-10-23 16:48:44 +04:00
|
|
|
|
2013-07-30 13:19:22 +04:00
|
|
|
#include "creds/shibbolethcredentials.h"
|
|
|
|
|
#include "creds/shibboleth/shibbolethwebview.h"
|
2013-08-05 19:31:52 +04:00
|
|
|
#include "creds/shibboleth/shibbolethrefresher.h"
|
2014-05-14 13:11:45 +04:00
|
|
|
#include "creds/shibbolethcredentials.h"
|
2014-03-27 20:58:31 +04:00
|
|
|
#include "shibboleth/shibbolethuserjob.h"
|
2013-08-06 13:50:08 +04:00
|
|
|
#include "creds/credentialscommon.h"
|
2014-02-06 16:00:57 +04:00
|
|
|
|
2014-05-14 13:11:45 +04:00
|
|
|
#include "mirall/mirallaccessmanager.h"
|
2013-10-23 16:48:44 +04:00
|
|
|
#include "mirall/account.h"
|
2014-02-06 16:00:57 +04:00
|
|
|
#include "mirall/theme.h"
|
2014-05-14 13:11:45 +04:00
|
|
|
#include "mirall/cookiejar.h"
|
2014-02-06 16:00:57 +04:00
|
|
|
|
2014-04-07 19:46:06 +04:00
|
|
|
#if QT_VERSION >= QT_VERSION_CHECK(5, 0, 0)
|
|
|
|
|
#include <qt5keychain/keychain.h>
|
|
|
|
|
#else
|
2014-02-06 16:00:57 +04:00
|
|
|
#include <qtkeychain/keychain.h>
|
2014-04-07 19:46:06 +04:00
|
|
|
#endif
|
2014-02-06 16:00:57 +04:00
|
|
|
|
|
|
|
|
using namespace QKeychain;
|
2013-07-29 16:28:45 +04:00
|
|
|
|
|
|
|
|
namespace Mirall
|
|
|
|
|
{
|
|
|
|
|
|
2013-08-05 19:31:52 +04:00
|
|
|
namespace
|
|
|
|
|
{
|
|
|
|
|
|
2014-05-13 13:52:46 +04:00
|
|
|
// Not "user" because it has a special meaning for http
|
|
|
|
|
const char userC[] = "shib_user";
|
2014-05-14 13:11:45 +04:00
|
|
|
const char shibCookieNameC[] = "_shibsession_";
|
2014-03-27 20:58:31 +04:00
|
|
|
|
2013-08-05 19:31:52 +04:00
|
|
|
int shibboleth_redirect_callback(CSYNC* csync_ctx,
|
|
|
|
|
const char* uri)
|
|
|
|
|
{
|
|
|
|
|
if (!csync_ctx || !uri) {
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const QString qurl(QString::fromLatin1(uri));
|
|
|
|
|
QRegExp shibbolethyWords ("SAML|wayf");
|
|
|
|
|
|
|
|
|
|
shibbolethyWords.setCaseSensitivity (Qt::CaseInsensitive);
|
|
|
|
|
if (!qurl.contains(shibbolethyWords)) {
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
QMutex mutex;
|
|
|
|
|
QMutexLocker locker(&mutex);
|
2013-11-22 17:01:11 +04:00
|
|
|
Account *account = AccountManager::instance()->account();
|
|
|
|
|
ShibbolethCredentials* creds = qobject_cast<ShibbolethCredentials*>(account->credentials());
|
2013-10-30 19:31:47 +04:00
|
|
|
|
2013-08-05 19:31:52 +04:00
|
|
|
if (!creds) {
|
|
|
|
|
qDebug() << "Not a Shibboleth creds instance!";
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2013-11-22 17:01:11 +04:00
|
|
|
ShibbolethRefresher refresher(account, creds, csync_ctx);
|
2013-08-05 19:31:52 +04:00
|
|
|
|
|
|
|
|
// blocks
|
|
|
|
|
refresher.refresh();
|
|
|
|
|
|
2013-08-07 16:00:47 +04:00
|
|
|
return creds->ready() ? 0 : 1;
|
2013-08-05 19:31:52 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} // ns
|
|
|
|
|
|
2013-07-29 16:28:45 +04:00
|
|
|
ShibbolethCredentials::ShibbolethCredentials()
|
2013-11-04 19:36:23 +04:00
|
|
|
: AbstractCredentials(),
|
|
|
|
|
_url(),
|
2013-07-29 16:28:45 +04:00
|
|
|
_ready(false),
|
2014-02-25 17:22:01 +04:00
|
|
|
_stillValid(false),
|
2014-05-14 13:11:45 +04:00
|
|
|
_browser(0)
|
2013-07-29 16:28:45 +04:00
|
|
|
{}
|
|
|
|
|
|
2013-08-06 13:50:08 +04:00
|
|
|
void ShibbolethCredentials::syncContextPreInit(CSYNC* ctx)
|
|
|
|
|
{
|
|
|
|
|
csync_set_auth_callback (ctx, handleNeonSSLProblems);
|
|
|
|
|
}
|
2013-07-29 16:44:54 +04:00
|
|
|
|
2013-08-05 19:31:52 +04:00
|
|
|
QByteArray ShibbolethCredentials::prepareCookieData() const
|
|
|
|
|
{
|
|
|
|
|
QString cookiesAsString;
|
|
|
|
|
// TODO: This should not be a part of this method, but we don't
|
|
|
|
|
// have any way to get "session_key" module property from
|
|
|
|
|
// csync. Had we have it, then we could just append shibboleth
|
|
|
|
|
// cookies to the "session_key" value and set it in csync module.
|
2014-05-14 13:11:45 +04:00
|
|
|
Account *account = AccountManager::instance()->account();
|
|
|
|
|
QList<QNetworkCookie> cookies = accountCookies(account);
|
2013-08-05 20:39:26 +04:00
|
|
|
|
2014-05-14 13:11:45 +04:00
|
|
|
foreach(const QNetworkCookie &cookie, cookies) {
|
|
|
|
|
cookiesAsString += cookie.toRawForm(QNetworkCookie::NameAndValueOnly) + QLatin1String("; ");
|
2013-08-05 19:31:52 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return cookiesAsString.toLatin1();
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-29 16:44:54 +04:00
|
|
|
void ShibbolethCredentials::syncContextPreStart (CSYNC* ctx)
|
2013-07-29 16:28:45 +04:00
|
|
|
{
|
2013-08-05 19:31:52 +04:00
|
|
|
typedef int (*csync_owncloud_redirect_callback_t)(CSYNC* ctx, const char* uri);
|
|
|
|
|
|
|
|
|
|
csync_owncloud_redirect_callback_t cb = shibboleth_redirect_callback;
|
|
|
|
|
|
|
|
|
|
csync_set_module_property(ctx, "session_key", prepareCookieData().data());
|
|
|
|
|
csync_set_module_property(ctx, "redirect_callback", &cb);
|
2013-07-29 16:28:45 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool ShibbolethCredentials::changed(AbstractCredentials* credentials) const
|
|
|
|
|
{
|
2014-05-15 13:12:09 +04:00
|
|
|
ShibbolethCredentials* other(qobject_cast< ShibbolethCredentials* >(credentials));
|
|
|
|
|
|
|
|
|
|
if (!other) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
2013-07-29 16:28:45 +04:00
|
|
|
|
2014-05-14 13:11:45 +04:00
|
|
|
if (_shibCookie != other->_shibCookie || _user != other->_user) {
|
2013-07-29 16:28:45 +04:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
QString ShibbolethCredentials::authType() const
|
|
|
|
|
{
|
|
|
|
|
return QString::fromLatin1("shibboleth");
|
|
|
|
|
}
|
|
|
|
|
|
2013-11-13 16:59:35 +04:00
|
|
|
QString ShibbolethCredentials::user() const
|
|
|
|
|
{
|
2014-03-27 20:58:31 +04:00
|
|
|
return _user;
|
2013-11-13 16:59:35 +04:00
|
|
|
}
|
|
|
|
|
|
2013-07-29 16:28:45 +04:00
|
|
|
QNetworkAccessManager* ShibbolethCredentials::getQNAM() const
|
|
|
|
|
{
|
2014-05-14 13:11:45 +04:00
|
|
|
QNetworkAccessManager* qnam(new MirallAccessManager);
|
2014-02-25 17:22:01 +04:00
|
|
|
connect(qnam, SIGNAL(finished(QNetworkReply*)),
|
|
|
|
|
this, SLOT(slotReplyFinished(QNetworkReply*)));
|
2013-07-30 14:56:27 +04:00
|
|
|
return qnam;
|
2013-07-29 16:28:45 +04:00
|
|
|
}
|
|
|
|
|
|
2014-02-25 17:22:01 +04:00
|
|
|
void ShibbolethCredentials::slotReplyFinished(QNetworkReply* r)
|
|
|
|
|
{
|
2014-05-28 04:29:14 +04:00
|
|
|
if (!_browser.isNull()) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-25 17:22:01 +04:00
|
|
|
QVariant target = r->attribute(QNetworkRequest::RedirectionTargetAttribute);
|
|
|
|
|
if (target.isValid()) {
|
|
|
|
|
_stillValid = false;
|
|
|
|
|
qWarning() << Q_FUNC_INFO << "detected redirect, will open Login Window"; // will be done in NetworkJob's finished signal
|
|
|
|
|
} else {
|
|
|
|
|
//_stillValid = true; // gets set when reading from keychain or getting it from browser
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-07-29 16:28:45 +04:00
|
|
|
bool ShibbolethCredentials::ready() const
|
|
|
|
|
{
|
|
|
|
|
return _ready;
|
|
|
|
|
}
|
|
|
|
|
|
2013-11-04 19:36:23 +04:00
|
|
|
void ShibbolethCredentials::fetch(Account *account)
|
2013-07-29 16:28:45 +04:00
|
|
|
{
|
2014-03-27 20:58:31 +04:00
|
|
|
if (_user.isEmpty()) {
|
|
|
|
|
_user = account->credentialSetting(QLatin1String(userC)).toString();
|
|
|
|
|
}
|
2013-07-29 16:28:45 +04:00
|
|
|
if (_ready) {
|
|
|
|
|
Q_EMIT fetched();
|
|
|
|
|
} else {
|
2013-11-04 19:36:23 +04:00
|
|
|
if (account) {
|
|
|
|
|
_url = account->url();
|
|
|
|
|
}
|
2014-02-06 16:00:57 +04:00
|
|
|
ReadPasswordJob *job = new ReadPasswordJob(Theme::instance()->appName());
|
2014-03-26 20:08:34 +04:00
|
|
|
job->setSettings(account->settingsWithGroup(Theme::instance()->appName(), job));
|
2014-02-06 16:00:57 +04:00
|
|
|
job->setInsecureFallback(false);
|
|
|
|
|
job->setKey(keychainKey(account->url().toString(), "shibAssertion"));
|
|
|
|
|
job->setProperty("account", QVariant::fromValue(account));
|
|
|
|
|
connect(job, SIGNAL(finished(QKeychain::Job*)), SLOT(slotReadJobDone(QKeychain::Job*)));
|
|
|
|
|
job->start();
|
2013-07-29 16:28:45 +04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-11-22 17:01:11 +04:00
|
|
|
bool ShibbolethCredentials::stillValid(QNetworkReply *reply)
|
|
|
|
|
{
|
|
|
|
|
Q_UNUSED(reply)
|
2014-02-25 17:22:01 +04:00
|
|
|
return _stillValid;
|
2013-11-22 17:01:11 +04:00
|
|
|
}
|
|
|
|
|
|
2014-02-06 16:00:57 +04:00
|
|
|
void ShibbolethCredentials::persist(Account* account)
|
2013-07-29 16:28:45 +04:00
|
|
|
{
|
2014-02-06 16:00:57 +04:00
|
|
|
storeShibCookie(_shibCookie, account);
|
2014-05-14 13:11:45 +04:00
|
|
|
if (!_user.isEmpty()) {
|
2014-03-27 20:58:31 +04:00
|
|
|
account->setCredentialSetting(QLatin1String(userC), _user);
|
2014-05-14 13:11:45 +04:00
|
|
|
}
|
2013-07-29 16:28:45 +04:00
|
|
|
}
|
|
|
|
|
|
2014-02-25 17:22:01 +04:00
|
|
|
// only used by Application::slotLogout(). Use invalidateAndFetch for normal usage
|
2013-11-23 03:14:02 +04:00
|
|
|
void ShibbolethCredentials::invalidateToken(Account *account)
|
|
|
|
|
{
|
2014-05-28 13:41:06 +04:00
|
|
|
CookieJar *jar = static_cast<CookieJar*>(account->networkAccessManager()->cookieJar());
|
|
|
|
|
jar->clearCookies();
|
2014-05-14 13:11:45 +04:00
|
|
|
removeShibCookie(account);
|
2014-02-06 16:00:57 +04:00
|
|
|
_shibCookie = QNetworkCookie();
|
2013-11-23 03:14:02 +04:00
|
|
|
// ### access to ctx missing, but might not be required at all
|
|
|
|
|
//csync_set_module_property(ctx, "session_key", "");
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-14 13:11:45 +04:00
|
|
|
void ShibbolethCredentials::onShibbolethCookieReceived(const QNetworkCookie& shibCookie, Account *account)
|
2013-07-29 16:28:45 +04:00
|
|
|
{
|
2014-05-14 13:11:45 +04:00
|
|
|
storeShibCookie(shibCookie, account);
|
|
|
|
|
_shibCookie = shibCookie;
|
|
|
|
|
addToCookieJar(shibCookie);
|
2014-03-27 20:58:31 +04:00
|
|
|
|
|
|
|
|
// Now fetch the user...
|
|
|
|
|
// But we must first do a request to webdav so the session is enabled.
|
|
|
|
|
// (because for some reason we wan't access the API without that.. a bug in the server maybe?)
|
|
|
|
|
EntityExistsJob* job = new EntityExistsJob(account, account->davPath(), this);
|
|
|
|
|
connect(job, SIGNAL(exists(QNetworkReply*)), this, SLOT(slotFetchUser()));
|
|
|
|
|
job->setIgnoreCredentialFailure(true);
|
|
|
|
|
job->start();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ShibbolethCredentials::slotFetchUser()
|
|
|
|
|
{
|
|
|
|
|
AbstractNetworkJob* oldjob = qobject_cast<AbstractNetworkJob*>(sender());
|
|
|
|
|
Q_ASSERT(oldjob);
|
|
|
|
|
ShibbolethUserJob *job = new ShibbolethUserJob(oldjob->account(), this);
|
|
|
|
|
connect(job, SIGNAL(userFetched(QString)), this, SLOT(slotUserFetched(QString)));
|
|
|
|
|
job->start();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void ShibbolethCredentials::slotUserFetched(const QString &user)
|
|
|
|
|
{
|
|
|
|
|
ShibbolethUserJob *job = qobject_cast<ShibbolethUserJob *>(sender());
|
|
|
|
|
Q_ASSERT(job);
|
|
|
|
|
if (_user.isEmpty()) {
|
|
|
|
|
_user = user;
|
|
|
|
|
} else if (user != _user) {
|
|
|
|
|
qDebug() << "Wrong user: " << user << "!=" << _user;
|
2014-03-27 21:19:56 +04:00
|
|
|
QMessageBox::warning(_browser, tr("Login Error"), tr("You must sign in as user %1").arg(_user));
|
2014-03-27 20:58:31 +04:00
|
|
|
invalidateToken(job->account());
|
|
|
|
|
showLoginWindow(job->account());
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
_stillValid = true;
|
|
|
|
|
_ready = true;
|
2013-07-29 16:28:45 +04:00
|
|
|
Q_EMIT fetched();
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-27 20:58:31 +04:00
|
|
|
|
2014-05-28 12:18:57 +04:00
|
|
|
void ShibbolethCredentials::slotBrowserRejected()
|
2013-08-07 16:00:47 +04:00
|
|
|
{
|
|
|
|
|
_ready = false;
|
|
|
|
|
Q_EMIT fetched();
|
|
|
|
|
}
|
|
|
|
|
|
2013-11-22 17:01:11 +04:00
|
|
|
void ShibbolethCredentials::invalidateAndFetch(Account* account)
|
2013-08-05 19:31:52 +04:00
|
|
|
{
|
|
|
|
|
_ready = false;
|
2014-02-25 12:32:31 +04:00
|
|
|
|
|
|
|
|
// delete the credentials, then in the slot fetch them again (which will trigger browser)
|
|
|
|
|
DeletePasswordJob *job = new DeletePasswordJob(Theme::instance()->appName());
|
|
|
|
|
job->setProperty("account", QVariant::fromValue(account));
|
2014-03-26 20:08:34 +04:00
|
|
|
job->setSettings(account->settingsWithGroup(Theme::instance()->appName(), job));
|
2014-02-25 12:32:31 +04:00
|
|
|
connect(job, SIGNAL(finished(QKeychain::Job*)), SLOT(slotInvalidateAndFetchInvalidateDone(QKeychain::Job*)));
|
|
|
|
|
job->setKey(keychainKey(account->url().toString(), "shibAssertion"));
|
|
|
|
|
job->start();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ShibbolethCredentials::slotInvalidateAndFetchInvalidateDone(QKeychain::Job* job)
|
|
|
|
|
{
|
|
|
|
|
Account *account = qvariant_cast<Account*>(job->property("account"));
|
|
|
|
|
|
2013-08-05 19:31:52 +04:00
|
|
|
connect (this, SIGNAL(fetched()),
|
|
|
|
|
this, SLOT(onFetched()));
|
2013-11-04 19:36:23 +04:00
|
|
|
// small hack to support the ShibbolethRefresher hack
|
|
|
|
|
// we already rand fetch() with a valid account object,
|
|
|
|
|
// and hence know the url on refresh
|
2013-11-22 17:01:11 +04:00
|
|
|
fetch(account);
|
2013-08-05 19:31:52 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ShibbolethCredentials::onFetched()
|
|
|
|
|
{
|
|
|
|
|
disconnect (this, SIGNAL(fetched()),
|
|
|
|
|
this, SLOT(onFetched()));
|
|
|
|
|
|
|
|
|
|
Q_EMIT invalidatedAndFetched(prepareCookieData());
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-06 16:00:57 +04:00
|
|
|
void ShibbolethCredentials::slotReadJobDone(QKeychain::Job *job)
|
|
|
|
|
{
|
|
|
|
|
Account *account = qvariant_cast<Account*>(job->property("account"));
|
|
|
|
|
if (job->error() == QKeychain::NoError) {
|
|
|
|
|
ReadPasswordJob *readJob = static_cast<ReadPasswordJob*>(job);
|
|
|
|
|
delete readJob->settings();
|
|
|
|
|
QList<QNetworkCookie> cookies = QNetworkCookie::parseCookies(readJob->textData().toUtf8());
|
|
|
|
|
if (cookies.count() > 0) {
|
|
|
|
|
_shibCookie = cookies.first();
|
2014-05-14 13:11:45 +04:00
|
|
|
addToCookieJar(_shibCookie);
|
2014-02-06 16:00:57 +04:00
|
|
|
}
|
2014-05-14 13:11:45 +04:00
|
|
|
// access
|
2014-03-26 20:08:34 +04:00
|
|
|
job->setSettings(account->settingsWithGroup(Theme::instance()->appName(), job));
|
2014-02-06 16:00:57 +04:00
|
|
|
|
|
|
|
|
_ready = true;
|
2014-02-25 17:22:01 +04:00
|
|
|
_stillValid = true;
|
2014-02-06 16:00:57 +04:00
|
|
|
Q_EMIT fetched();
|
|
|
|
|
} else {
|
2014-02-25 17:22:01 +04:00
|
|
|
showLoginWindow(account);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ShibbolethCredentials::showLoginWindow(Account* account)
|
|
|
|
|
{
|
2014-05-14 13:11:45 +04:00
|
|
|
if (!_browser.isNull()) {
|
2014-02-25 17:22:01 +04:00
|
|
|
_browser->activateWindow();
|
|
|
|
|
_browser->raise();
|
|
|
|
|
// FIXME On OS X this does not raise properly
|
|
|
|
|
return;
|
2014-02-06 16:00:57 +04:00
|
|
|
}
|
2014-05-14 13:11:45 +04:00
|
|
|
_browser = new ShibbolethWebView(account);
|
2014-02-25 17:22:01 +04:00
|
|
|
connect(_browser, SIGNAL(shibbolethCookieReceived(QNetworkCookie, Account*)),
|
|
|
|
|
this, SLOT(onShibbolethCookieReceived(QNetworkCookie, Account*)));
|
2014-05-28 12:18:57 +04:00
|
|
|
connect(_browser, SIGNAL(rejected()), this, SLOT(slotBrowserRejected()));
|
2014-02-25 17:22:01 +04:00
|
|
|
|
|
|
|
|
_browser->show();
|
2014-02-06 16:00:57 +04:00
|
|
|
}
|
|
|
|
|
|
2014-05-14 13:11:45 +04:00
|
|
|
QList<QNetworkCookie> ShibbolethCredentials::accountCookies(Account *account)
|
|
|
|
|
{
|
|
|
|
|
return account->networkAccessManager()->cookieJar()->cookiesForUrl(account->url());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
QNetworkCookie ShibbolethCredentials::findShibCookie(Account *account, QList<QNetworkCookie> cookies)
|
|
|
|
|
{
|
|
|
|
|
if(cookies.isEmpty()) {
|
|
|
|
|
cookies = accountCookies(account);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Q_FOREACH(QNetworkCookie cookie, cookies) {
|
|
|
|
|
if (cookie.name().startsWith(shibCookieNameC)) {
|
|
|
|
|
return cookie;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return QNetworkCookie();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
QByteArray ShibbolethCredentials::shibCookieName()
|
|
|
|
|
{
|
|
|
|
|
return QByteArray(shibCookieNameC);
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-06 16:00:57 +04:00
|
|
|
void ShibbolethCredentials::storeShibCookie(const QNetworkCookie &cookie, Account *account)
|
|
|
|
|
{
|
|
|
|
|
WritePasswordJob *job = new WritePasswordJob(Theme::instance()->appName());
|
2014-03-26 20:08:34 +04:00
|
|
|
job->setSettings(account->settingsWithGroup(Theme::instance()->appName(), job));
|
2014-02-06 16:00:57 +04:00
|
|
|
// we don't really care if it works...
|
|
|
|
|
//connect(job, SIGNAL(finished(QKeychain::Job*)), SLOT(slotWriteJobDone(QKeychain::Job*)));
|
|
|
|
|
job->setKey(keychainKey(account->url().toString(), "shibAssertion"));
|
|
|
|
|
job->setTextData(QString::fromUtf8(cookie.toRawForm()));
|
|
|
|
|
job->start();
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-14 13:11:45 +04:00
|
|
|
void ShibbolethCredentials::removeShibCookie(Account *account)
|
|
|
|
|
{
|
|
|
|
|
DeletePasswordJob *job = new DeletePasswordJob(Theme::instance()->appName());
|
|
|
|
|
job->setSettings(account->settingsWithGroup(Theme::instance()->appName(), job));
|
|
|
|
|
job->setKey(keychainKey(account->url().toString(), "shibAssertion"));
|
|
|
|
|
job->start();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ShibbolethCredentials::addToCookieJar(const QNetworkCookie &cookie)
|
|
|
|
|
{
|
|
|
|
|
QList<QNetworkCookie> cookies;
|
|
|
|
|
cookies << cookie;
|
|
|
|
|
Account *account = AccountManager::instance()->account();
|
|
|
|
|
QNetworkCookieJar *jar = account->networkAccessManager()->cookieJar();
|
|
|
|
|
jar->blockSignals(true); // otherwise we'd call ourselves
|
|
|
|
|
jar->setCookiesFromUrl(cookies, account->url());
|
|
|
|
|
jar->blockSignals(false);
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-27 20:58:31 +04:00
|
|
|
|
2013-07-29 16:28:45 +04:00
|
|
|
} // ns Mirall
|
