Always handle 401 requests, except for network jobs

It is not enough to only implement it for the QNAM returned
by the ShibbolethCredentials, because we sometimes need it
when we have no valid credentials set (and are using dummy
credentials in the course).  The main use case is the
Webview opened by Shibboleth for FBA.

But as a side-effect, we can use it to handle auth requests
from the updater and other places.

src/CMakeLists.txt

@@ -65,6 +65,7 @@ set(3rdparty_INC
     )
 
 set(libsync_SRCS
+    mirall/authenticationdialog.cpp
     mirall/syncresult.cpp
     mirall/mirallconfigfile.cpp
     mirall/syncengine.cpp
@@ -107,7 +108,6 @@ else()
         creds/shibbolethcredentials.cpp
         creds/shibboleth/shibbolethwebview.cpp
         creds/shibboleth/shibbolethrefresher.cpp
-        creds/shibboleth/authenticationdialog.cpp
         creds/shibboleth/shibbolethuserjob.cpp
     )
 endif()

src/creds/shibbolethcredentials.cpp

@@ -20,7 +20,6 @@
 #include <QDebug>
 
 #include "creds/shibbolethcredentials.h"
-#include "creds/shibboleth/authenticationdialog.h"
 #include "creds/shibboleth/shibbolethwebview.h"
 #include "creds/shibboleth/shibbolethrefresher.h"
 #include "creds/shibbolethcredentials.h"
@@ -173,8 +172,6 @@ QNetworkAccessManager* ShibbolethCredentials::getQNAM() const
     QNetworkAccessManager* qnam(new MirallAccessManager);
     connect(qnam, SIGNAL(finished(QNetworkReply*)),
             this, SLOT(slotReplyFinished(QNetworkReply*)));
-    connect(qnam, SIGNAL(authenticationRequired(QNetworkReply*,QAuthenticator*)),
-            SLOT(slotHandleAuthentication(QNetworkReply*,QAuthenticator*)));
     return qnam;
 }
 
@@ -319,23 +316,6 @@ void ShibbolethCredentials::invalidateAndFetch(Account* account)
     job->start();
 }
 
-void ShibbolethCredentials::slotHandleAuthentication(QNetworkReply *reply, QAuthenticator *authenticator)
-{
-    Q_UNUSED(reply)
-    QUrl url = reply->url();
-    // show only scheme, host and port
-    QUrl reducedUrl;
-    reducedUrl.setScheme(url.scheme());
-    reducedUrl.setHost(url.host());
-    reducedUrl.setPort(url.port());
-
-    AuthenticationDialog dialog(authenticator->realm(), reducedUrl.toString());
-    if (dialog.exec() == QDialog::Accepted) {
-        authenticator->setUser(dialog.user());
-        authenticator->setPassword(dialog.password());
-    }
-}
-
 void ShibbolethCredentials::slotInvalidateAndFetchInvalidateDone(QKeychain::Job* job)
 {
     Account *account = qvariant_cast<Account*>(job->property("account"));

src/creds/shibbolethcredentials.h

@@ -63,7 +63,6 @@ public:
 
 public Q_SLOTS:
     void invalidateAndFetch(Account *account) Q_DECL_OVERRIDE;
-    void slotHandleAuthentication(QNetworkReply*,QAuthenticator*);
 
 private Q_SLOTS:
     void onShibbolethCookieReceived(const QNetworkCookie&, Account*);

src/mirall/mirallaccessmanager.cpp

@@ -12,6 +12,7 @@
  */
 
 #include <QNetworkRequest>
+#include <QNetworkReply>
 #include <QNetworkProxy>
 #include <QAuthenticator>
 #include <QSslConfiguration>
@@ -19,6 +20,8 @@
 #include "mirall/cookiejar.h"
 #include "mirall/mirallaccessmanager.h"
 #include "mirall/utility.h"
+#include "mirall/authenticationdialog.h"
+
 
 namespace Mirall
 {
@@ -33,8 +36,11 @@ MirallAccessManager::MirallAccessManager(QObject* parent)
     setProxy(proxy);
 #endif
     setCookieJar(new CookieJar);
-    QObject::connect(this, SIGNAL(proxyAuthenticationRequired(QNetworkProxy,QAuthenticator*)),
-                     this, SLOT(slotProxyAuthenticationRequired(QNetworkProxy,QAuthenticator*)));
+    connect(this, SIGNAL(proxyAuthenticationRequired(QNetworkProxy,QAuthenticator*)),
+            this, SLOT(slotProxyAuthenticationRequired(QNetworkProxy,QAuthenticator*)));
+    connect(this, SIGNAL(authenticationRequired(QNetworkReply*,QAuthenticator*)),
+            this, SLOT(slotAuthenticationRequired(QNetworkReply*,QAuthenticator*)));
+
 }
 
 QNetworkReply* MirallAccessManager::createRequest(QNetworkAccessManager::Operation op, const QNetworkRequest& request, QIODevice* outgoingData)
@@ -60,5 +66,27 @@ void MirallAccessManager::slotProxyAuthenticationRequired(const QNetworkProxy &p
         authenticator->setPassword(proxy.password());
     }
 }
+void MirallAccessManager::slotAuthenticationRequired(QNetworkReply *reply, QAuthenticator *authenticator)
+{
+    // do not handle 401 created by the networkjobs. We may want
+    // to eventually exempt some, but for now we need
+    // it only for other things, e.g. the browser. Would we handle
+    // network jobs, this would break the wizard logic
+    if (reply->property("doNotHandleAuth").toBool()) {
+        return;
+    }
+    QUrl url = reply->url();
+    // show only scheme, host and port
+    QUrl reducedUrl;
+    reducedUrl.setScheme(url.scheme());
+    reducedUrl.setHost(url.host());
+    reducedUrl.setPort(url.port());
+
+    AuthenticationDialog dialog(authenticator->realm(), reducedUrl.toString());
+    if (dialog.exec() == QDialog::Accepted) {
+        authenticator->setUser(dialog.user());
+        authenticator->setPassword(dialog.password());
+    }
+}
 
 } // ns Mirall

src/mirall/mirallaccessmanager.h

@@ -31,6 +31,8 @@ protected:
     QNetworkReply* createRequest(QNetworkAccessManager::Operation op, const QNetworkRequest& request, QIODevice* outgoingData = 0) Q_DECL_OVERRIDE;
 protected slots:
     void slotProxyAuthenticationRequired(const QNetworkProxy &proxy, QAuthenticator *authenticator);
+    void slotAuthenticationRequired(QNetworkReply *reply, QAuthenticator *authenticator);
+
 };
 
 } // ns Mirall

src/mirall/networkjobs.cpp

@@ -57,6 +57,7 @@ void AbstractNetworkJob::setReply(QNetworkReply *reply)
     if (_reply) {
         _reply->deleteLater();
     }
+    reply->setProperty("doNotHandleAuth", true);
     _reply = reply;
 }