mirrors/nextcloud-desktop
1
0
Fork 0
mirror of https://github.com/nextcloud/desktop.git synced 2024-11-27 08:47:22 +03:00
Code Issues Projects Releases Packages Wiki Activity

Credentials: Use the bound account everywhere.

Browse source 
This is preparation for multiaccount.
This commit is contained in:
Christian Kamm 2015-01-16 15:18:01 +01:00
parent 91fce3ea73
commit aa6a5e4ac2
16 changed files with 136 additions and 152 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/gui/application.cpp
View file

@ -187,7 +187,7 @@ void Application::slotLogout()
if (ai) {
AccountPtr a = ai->account();
// invalidate & forget token/password
a->credentials()->invalidateToken(a);
a->credentials()->invalidateToken();
// terminate all syncs and unload folders
FolderMan *folderMan = FolderMan::instance();
folderMan->setSyncEnabled(false);

2
src/gui/wizard/owncloudhttpcredspage.cpp
View file

@ -71,7 +71,7 @@ void OwncloudHttpCredsPage::initializePage()
AbstractCredentials *cred = ocWizard->account()->credentials();
HttpCredentials *httpCreds = qobject_cast<HttpCredentials*>(cred);
if (httpCreds) {
const QString user = httpCreds->fetchUser(ocWizard->account());
const QString user = httpCreds->fetchUser();
if (!user.isEmpty()) {
_ui.leUsername->setText(user);
}

5
src/gui/wizard/owncloudshibbolethcredspage.cpp
View file

@ -92,10 +92,7 @@ void OwncloudShibbolethCredsPage::setConnected()
AbstractCredentials* OwncloudShibbolethCredsPage::getCredentials() const
{
const OwncloudWizard *ocWizard = static_cast<const OwncloudWizard*>(wizard());
AccountPtr account = ocWizard->account();
return new ShibbolethCredentials(_cookie, account);
return new ShibbolethCredentials(_cookie);
}
void OwncloudShibbolethCredsPage::slotShibbolethCookieReceived(const QNetworkCookie &cookie, AccountPtr)

7
src/libsync/account.cpp
View file

@ -106,7 +106,7 @@ void Account::save()
QScopedPointer<QSettings> settings(settingsWithGroup(Theme::instance()->appName()));
settings->setValue(QLatin1String(urlC), _url.toString());
if (_credentials) {
_credentials->persist(sharedFromThis());
_credentials->persist();
Q_FOREACH(QString key, _settingsMap.keys()) {
settings->setValue(key, _settingsMap.value(key));
}
@ -243,6 +243,7 @@ void Account::setCredentials(AbstractCredentials *cred)
if (_credentials) {
credentials()->deleteLater();
}
cred->setAccount(this);
_credentials = cred;
_am = _credentials->getQNAM();
if (jar) {
@ -425,9 +426,9 @@ void Account::handleInvalidCredentials()
// invalidate & forget token/password
// but try to re-sign in.
if (_credentials->ready()) {
_credentials->invalidateAndFetch(sharedFromThis());
_credentials->invalidateAndFetch();
} else {
_credentials->fetch(sharedFromThis());
_credentials->fetch();
}
emit invalidCredentials();

2
src/libsync/connectionvalidator.cpp
View file

@ -92,7 +92,7 @@ void ConnectionValidator::slotStatusFound(const QUrl&url, const QVariantMap &inf
} else {
connect( creds, SIGNAL(fetched()),
this, SLOT(checkAuthentication()), Qt::UniqueConnection);
creds->fetch(_account);
creds->fetch();
}
}

11
src/libsync/creds/abstractcredentials.cpp
View file

@ -20,6 +20,17 @@
namespace OCC
{
AbstractCredentials::AbstractCredentials()
: _account(0)
{
}
void AbstractCredentials::setAccount(Account *account)
{
Q_ASSERT(!_account);
_account = account;
}
QString AbstractCredentials::keychainKey(const QString &url, const QString &user)
{
QString u(url);

25
src/libsync/creds/abstractcredentials.h
View file

@ -30,7 +30,17 @@ class OWNCLOUDSYNC_EXPORT AbstractCredentials : public QObject
Q_OBJECT
public:
AbstractCredentials();
// No need for virtual destructor - QObject already has one.
/** The bound account for the credentials instance.
*
* Credentials are always used in conjunction with an account.
* Calling Account::setCredentials() will call this function.
* Credentials only live as long as the underlying account object.
*/
virtual void setAccount(Account* account);
virtual void syncContextPreInit(CSYNC* ctx) = 0;
virtual void syncContextPreStart(CSYNC* ctx) = 0;
virtual bool changed(AbstractCredentials* credentials) const = 0;
@ -38,14 +48,14 @@ public:
virtual QString user() const = 0;
virtual QNetworkAccessManager* getQNAM() const = 0;
virtual bool ready() const = 0;
virtual void fetch(AccountPtr account) = 0;
virtual void fetch() = 0;
virtual bool stillValid(QNetworkReply *reply) = 0;
virtual void persist(AccountPtr account) = 0;
virtual void persist() = 0;
/** Invalidates auth token, or password for basic auth */
virtual void invalidateToken(AccountPtr account) = 0;
virtual void invalidateAndFetch(AccountPtr account) {
invalidateToken(account);
fetch(account);
virtual void invalidateToken() = 0;
virtual void invalidateAndFetch() {
invalidateToken();
fetch();
}
@ -53,6 +63,9 @@ public:
Q_SIGNALS:
void fetched();
protected:
Account* _account;
};
} // namespace OCC

4
src/libsync/creds/dummycredentials.cpp
View file

@ -56,12 +56,12 @@ bool DummyCredentials::stillValid(QNetworkReply *reply)
return true;
}
void DummyCredentials::fetch(AccountPtr)
void DummyCredentials::fetch()
{
Q_EMIT(fetched());
}
void DummyCredentials::persist(AccountPtr)
void DummyCredentials::persist()
{}
} // namespace OCC

6
src/libsync/creds/dummycredentials.h
View file

@ -35,9 +35,9 @@ public:
QNetworkAccessManager* getQNAM() const Q_DECL_OVERRIDE;
bool ready() const Q_DECL_OVERRIDE;
bool stillValid(QNetworkReply *reply) Q_DECL_OVERRIDE;
void fetch(AccountPtr) Q_DECL_OVERRIDE;
void persist(AccountPtr) Q_DECL_OVERRIDE;
void invalidateToken(AccountPtr) Q_DECL_OVERRIDE {}
void fetch() Q_DECL_OVERRIDE;
void persist() Q_DECL_OVERRIDE;
void invalidateToken() Q_DECL_OVERRIDE {}
};
} // namespace OCC

47
src/libsync/creds/httpcredentials.cpp
View file

@ -122,11 +122,7 @@ void HttpCredentials::syncContextPreInit (CSYNC* ctx)
void HttpCredentials::syncContextPreStart (CSYNC* ctx)
{
// TODO: This should not be a part of this method, but we don't have
// any way to get "session_key" module property from csync. Had we
// have it, then we could remove this code and keep it in
// csyncthread code (or folder code, git remembers).
QList<QNetworkCookie> cookies(AccountManager::instance()->account()->lastAuthCookies());
QList<QNetworkCookie> cookies(_account->lastAuthCookies());
QString cookiesAsString;
// Stuff cookies inside csync, then we can avoid the intermediate HTTP 401 reply
@ -186,27 +182,23 @@ bool HttpCredentials::ready() const
return _ready;
}
QString HttpCredentials::fetchUser(AccountPtr account)
QString HttpCredentials::fetchUser()
{
_user = account->credentialSetting(QLatin1String(userC)).toString();
_user = _account->credentialSetting(QLatin1String(userC)).toString();
return _user;
}
void HttpCredentials::fetch(AccountPtr account)
void HttpCredentials::fetch()
{
if( !account ) {
return;
}
if (_fetchJobInProgress) {
return;
}
// User must be fetched from config file
fetchUser(account);
fetchUser();
QSettings *settings = account->settingsWithGroup(Theme::instance()->appName());
const QString kck = keychainKey(account->url().toString(), _user );
QSettings *settings = _account->settingsWithGroup(Theme::instance()->appName());
const QString kck = keychainKey(_account->url().toString(), _user );
QString key = QString::fromLatin1( "%1/data" ).arg( kck );
if( settings && settings->contains(key) ) {
@ -229,7 +221,6 @@ void HttpCredentials::fetch(AccountPtr account)
job->setInsecureFallback(false);
job->setKey(kck);
connect(job, SIGNAL(finished(QKeychain::Job*)), SLOT(slotReadJobDone(QKeychain::Job*)));
job->setProperty("account", QVariant::fromValue(account));
job->start();
_fetchJobInProgress = true;
_readPwdFromDeprecatedPlace = true;
@ -247,7 +238,6 @@ void HttpCredentials::slotReadJobDone(QKeychain::Job *job)
{
ReadPasswordJob *readJob = static_cast<ReadPasswordJob*>(job);
_password = readJob->textData();
AccountPtr account = qvariant_cast<AccountPtr>(readJob->property("account"));
if( _user.isEmpty()) {
qDebug() << "Strange: User is empty!";
@ -273,11 +263,10 @@ void HttpCredentials::slotReadJobDone(QKeychain::Job *job)
// a settings object as we did it in older client releases.
ReadPasswordJob *job = new ReadPasswordJob(Theme::instance()->appName());
const QString kck = keychainKey(account->url().toString(), _user);
const QString kck = keychainKey(_account->url().toString(), _user);
job->setKey(kck);
connect(job, SIGNAL(finished(QKeychain::Job*)), SLOT(slotReadJobDone(QKeychain::Job*)));
job->setProperty("account", QVariant::fromValue(account));
job->start();
_readPwdFromDeprecatedPlace = false; // do try that only once.
_fetchJobInProgress = true;
@ -291,7 +280,7 @@ void HttpCredentials::slotReadJobDone(QKeychain::Job *job)
if (ok) {
_password = pwd;
_ready = true;
persist(account);
persist();
} else {
_password = QString::null;
_ready = false;
@ -301,46 +290,46 @@ void HttpCredentials::slotReadJobDone(QKeychain::Job *job)
}
}
void HttpCredentials::invalidateToken(AccountPtr account)
void HttpCredentials::invalidateToken()
{
_password = QString();
_ready = false;
// User must be fetched from config file to generate a valid key
fetchUser(account);
fetchUser();
const QString kck = keychainKey(account->url().toString(), _user);
const QString kck = keychainKey(_account->url().toString(), _user);
if( kck.isEmpty() ) {
qDebug() << "InvalidateToken: User is empty, bailing out!";
return;
}
DeletePasswordJob *job = new DeletePasswordJob(Theme::instance()->appName());
QSettings *settings = account->settingsWithGroup(Theme::instance()->appName());
QSettings *settings = _account->settingsWithGroup(Theme::instance()->appName());
settings->setParent(job); // make the job parent to make setting deleted properly
job->setSettings(settings);
job->setInsecureFallback(true);
job->setKey(kck);
job->start();
account->clearCookieJar();
_account->clearCookieJar();
}
void HttpCredentials::persist(AccountPtr account)
void HttpCredentials::persist()
{
if (_user.isEmpty()) {
// We never connected or fetched the user, there is nothing to save.
return;
}
account->setCredentialSetting(QLatin1String(userC), _user);
_account->setCredentialSetting(QLatin1String(userC), _user);
WritePasswordJob *job = new WritePasswordJob(Theme::instance()->appName());
QSettings *settings = account->settingsWithGroup(Theme::instance()->appName());
QSettings *settings = _account->settingsWithGroup(Theme::instance()->appName());
settings->setParent(job); // make the job parent to make setting deleted properly
job->setSettings(settings);
job->setInsecureFallback(false);
connect(job, SIGNAL(finished(QKeychain::Job*)), SLOT(slotWriteJobDone(QKeychain::Job*)));
job->setKey(keychainKey(account->url().toString(), _user));
job->setKey(keychainKey(_account->url().toString(), _user));
job->setTextData(_password);
job->start();
}

12
src/libsync/creds/httpcredentials.h
View file

@ -35,7 +35,7 @@ class OWNCLOUDSYNC_EXPORT HttpCredentials : public AbstractCredentials
Q_OBJECT
public:
HttpCredentials();
explicit HttpCredentials();
HttpCredentials(const QString& user, const QString& password);
void syncContextPreInit(CSYNC* ctx) Q_DECL_OVERRIDE;
@ -44,14 +44,14 @@ public:
QString authType() const Q_DECL_OVERRIDE;
QNetworkAccessManager* getQNAM() const Q_DECL_OVERRIDE;
bool ready() const Q_DECL_OVERRIDE;
void fetch(AccountPtr account) Q_DECL_OVERRIDE;
void fetch() Q_DECL_OVERRIDE;
bool stillValid(QNetworkReply *reply) Q_DECL_OVERRIDE;
void persist(AccountPtr account) Q_DECL_OVERRIDE;
void persist() Q_DECL_OVERRIDE;
QString user() const Q_DECL_OVERRIDE;
QString password() const;
virtual QString queryPassword(bool *ok) = 0;
void invalidateToken(AccountPtr account) Q_DECL_OVERRIDE;
QString fetchUser(AccountPtr account);
void invalidateToken() Q_DECL_OVERRIDE;
QString fetchUser();
virtual bool sslIsTrusted() { return false; }
private Q_SLOTS:
@ -71,7 +71,7 @@ private:
class OWNCLOUDSYNC_EXPORT HttpCredentialsGui : public HttpCredentials {
public:
HttpCredentialsGui() : HttpCredentials() {}
explicit HttpCredentialsGui() : HttpCredentials() {}
HttpCredentialsGui(const QString& user, const QString& password) : HttpCredentials(user, password) {}
QString queryPassword(bool *ok) Q_DECL_OVERRIDE;
};

4
src/libsync/creds/shibboleth/shibbolethwebview.cpp
View file

@ -56,7 +56,7 @@ ShibbolethWebView::ShibbolethWebView(AccountPtr account, QWidget* parent)
// If we have a valid cookie, it's most likely expired. We can use this as
// as a criteria to tell the user why the browser window pops up
QNetworkCookie shibCookie = ShibbolethCredentials::findShibCookie(_account, ShibbolethCredentials::accountCookies(_account));
QNetworkCookie shibCookie = ShibbolethCredentials::findShibCookie(_account.data(), ShibbolethCredentials::accountCookies(_account.data()));
if (shibCookie != QNetworkCookie()) {
Logger::instance()->postOptionalGuiLog(tr("Reauthentication required"), tr("Your session has expired. You need to re-login to continue to use the client."));
}
@ -69,7 +69,7 @@ ShibbolethWebView::~ShibbolethWebView()
void ShibbolethWebView::onNewCookiesForUrl (const QList<QNetworkCookie>& cookieList, const QUrl& url)
{
if (url.host() == _account->url().host()) {
QNetworkCookie shibCookie = ShibbolethCredentials::findShibCookie(_account, cookieList);
QNetworkCookie shibCookie = ShibbolethCredentials::findShibCookie(_account.data(), cookieList);
if (shibCookie != QNetworkCookie()) {
Q_EMIT shibbolethCookieReceived(shibCookie, _account);
accept();

116
src/libsync/creds/shibbolethcredentials.cpp
View file

@ -30,6 +30,7 @@
#include "account.h"
#include "theme.h"
#include "cookiejar.h"
#include "syncengine.h"
#if QT_VERSION >= QT_VERSION_CHECK(5, 0, 0)
#include <qt5keychain/keychain.h>
@ -64,16 +65,16 @@ int shibboleth_redirect_callback(CSYNC* csync_ctx,
return 1;
}
QMutex mutex;
QMutexLocker locker(&mutex);
AccountPtr account = AccountManager::instance()->account();
SyncEngine* engine = reinterpret_cast<SyncEngine*>(csync_get_userdata(csync_ctx));
AccountPtr account = engine->account();
ShibbolethCredentials* creds = qobject_cast<ShibbolethCredentials*>(account->credentials());
if (!creds) {
qDebug() << "Not a Shibboleth creds instance!";
return 1;
}
QMutex mutex;
QMutexLocker locker(&mutex);
ShibbolethRefresher refresher(account, creds, csync_ctx);
// blocks
@ -93,19 +94,24 @@ ShibbolethCredentials::ShibbolethCredentials()
_browser(0)
{}
ShibbolethCredentials::ShibbolethCredentials(const QNetworkCookie& cookie, AccountPtr account)
ShibbolethCredentials::ShibbolethCredentials(const QNetworkCookie& cookie)
: _ready(true),
_stillValid(true),
_fetchJobInProgress(false),
_browser(0),
_shibCookie(cookie)
{
if (account) {
}
void ShibbolethCredentials::setAccount(Account* account)
{
AbstractCredentials::setAccount(account);
if (_ready) {
/* The _user has not yet been fetched, so fetch it now */
ShibbolethUserJob *job = new ShibbolethUserJob(account, this);
ShibbolethUserJob *job = new ShibbolethUserJob(account->sharedFromThis(), this);
connect(job, SIGNAL(userFetched(QString)), this, SLOT(slotUserFetched(QString)));
QTimer::singleShot(1234, job, SLOT(start()));
}
}
@ -118,12 +124,7 @@ void ShibbolethCredentials::syncContextPreInit(CSYNC* ctx)
QByteArray ShibbolethCredentials::prepareCookieData() const
{
QString cookiesAsString;
// TODO: This should not be a part of this method, but we don't
// have any way to get "session_key" module property from
// csync. Had we have it, then we could just append shibboleth
// cookies to the "session_key" value and set it in csync module.
AccountPtr account = AccountManager::instance()->account();
QList<QNetworkCookie> cookies = accountCookies(account);
QList<QNetworkCookie> cookies = accountCookies(_account);
foreach(const QNetworkCookie &cookie, cookies) {
cookiesAsString += cookie.toRawForm(QNetworkCookie::NameAndValueOnly) + QLatin1String("; ");
@ -195,28 +196,24 @@ bool ShibbolethCredentials::ready() const
return _ready;
}
void ShibbolethCredentials::fetch(AccountPtr account)
void ShibbolethCredentials::fetch()
{
if(_fetchJobInProgress) {
return;
}
if (_user.isEmpty()) {
_user = account->credentialSetting(QLatin1String(userC)).toString();
_user = _account->credentialSetting(QLatin1String(userC)).toString();
}
if (_ready) {
_fetchJobInProgress = false;
Q_EMIT fetched();
} else {
if (account) {
_url = account->url();
}
_url = _account->url();
ReadPasswordJob *job = new ReadPasswordJob(Theme::instance()->appName());
job->setSettings(account->settingsWithGroup(Theme::instance()->appName(), job));
job->setSettings(_account->settingsWithGroup(Theme::instance()->appName(), job));
job->setInsecureFallback(false);
job->setKey(keychainKey(account->url().toString(), "shibAssertion"));
job->setProperty("account", QVariant::fromValue(account));
job->setKey(keychainKey(_account->url().toString(), "shibAssertion"));
connect(job, SIGNAL(finished(QKeychain::Job*)), SLOT(slotReadJobDone(QKeychain::Job*)));
job->start();
_fetchJobInProgress = true;
@ -229,18 +226,18 @@ bool ShibbolethCredentials::stillValid(QNetworkReply *reply)
return _stillValid;
}
void ShibbolethCredentials::persist(AccountPtr account)
void ShibbolethCredentials::persist()
{
storeShibCookie(_shibCookie, account);
storeShibCookie(_shibCookie);
if (!_user.isEmpty()) {
account->setCredentialSetting(QLatin1String(userC), _user);
_account->setCredentialSetting(QLatin1String(userC), _user);
}
}
// only used by Application::slotLogout(). Use invalidateAndFetch for normal usage
void ShibbolethCredentials::invalidateToken(AccountPtr account)
void ShibbolethCredentials::invalidateToken()
{
CookieJar *jar = static_cast<CookieJar*>(account->networkAccessManager()->cookieJar());
CookieJar *jar = static_cast<CookieJar*>(_account->networkAccessManager()->cookieJar());
// Remove the _shibCookie
auto cookies = jar->allCookies();
@ -255,22 +252,22 @@ void ShibbolethCredentials::invalidateToken(AccountPtr account)
// Clear all other temporary cookies
jar->clearSessionCookies();
removeShibCookie(account);
removeShibCookie();
_shibCookie = QNetworkCookie();
// ### access to ctx missing, but might not be required at all
//csync_set_module_property(ctx, "session_key", "");
}
void ShibbolethCredentials::onShibbolethCookieReceived(const QNetworkCookie& shibCookie, AccountPtr account)
void ShibbolethCredentials::onShibbolethCookieReceived(const QNetworkCookie& shibCookie)
{
storeShibCookie(shibCookie, account);
storeShibCookie(shibCookie);
_shibCookie = shibCookie;
addToCookieJar(shibCookie);
// Now fetch the user...
// But we must first do a request to webdav so the session is enabled.
// (because for some reason we wan't access the API without that.. a bug in the server maybe?)
EntityExistsJob* job = new EntityExistsJob(account, account->davPath(), this);
EntityExistsJob* job = new EntityExistsJob(_account->sharedFromThis(), _account->davPath(), this);
connect(job, SIGNAL(exists(QNetworkReply*)), this, SLOT(slotFetchUser()));
job->setIgnoreCredentialFailure(true);
job->start();
@ -278,9 +275,7 @@ void ShibbolethCredentials::onShibbolethCookieReceived(const QNetworkCookie& shi
void ShibbolethCredentials::slotFetchUser()
{
AbstractNetworkJob* oldjob = qobject_cast<AbstractNetworkJob*>(sender());
Q_ASSERT(oldjob);
ShibbolethUserJob *job = new ShibbolethUserJob(oldjob->account(), this);
ShibbolethUserJob *job = new ShibbolethUserJob(_account->sharedFromThis(), this);
connect(job, SIGNAL(userFetched(QString)), this, SLOT(slotUserFetched(QString)));
job->start();
}
@ -288,15 +283,13 @@ void ShibbolethCredentials::slotFetchUser()
void ShibbolethCredentials::slotUserFetched(const QString &user)
{
ShibbolethUserJob *job = qobject_cast<ShibbolethUserJob *>(sender());
Q_ASSERT(job);
if (_user.isEmpty()) {
_user = user;
} else if (user != _user) {
qDebug() << "Wrong user: " << user << "!=" << _user;
QMessageBox::warning(_browser, tr("Login Error"), tr("You must sign in as user %1").arg(_user));
invalidateToken(job->account());
showLoginWindow(job->account());
invalidateToken();
showLoginWindow();
return;
}
@ -314,31 +307,28 @@ void ShibbolethCredentials::slotBrowserRejected()
Q_EMIT fetched();
}
void ShibbolethCredentials::invalidateAndFetch(AccountPtr account)
void ShibbolethCredentials::invalidateAndFetch()
{
_ready = false;
_fetchJobInProgress = true;
// delete the credentials, then in the slot fetch them again (which will trigger browser)
DeletePasswordJob *job = new DeletePasswordJob(Theme::instance()->appName());
job->setProperty("account", QVariant::fromValue(account));
job->setSettings(account->settingsWithGroup(Theme::instance()->appName(), job));
job->setSettings(_account->settingsWithGroup(Theme::instance()->appName(), job));
connect(job, SIGNAL(finished(QKeychain::Job*)), SLOT(slotInvalidateAndFetchInvalidateDone(QKeychain::Job*)));
job->setKey(keychainKey(account->url().toString(), "shibAssertion"));
job->setKey(keychainKey(_account->url().toString(), "shibAssertion"));
job->start();
}
void ShibbolethCredentials::slotInvalidateAndFetchInvalidateDone(QKeychain::Job* job)
void ShibbolethCredentials::slotInvalidateAndFetchInvalidateDone(QKeychain::Job*)
{
AccountPtr account = qvariant_cast<AccountPtr>(job->property("account"));
connect (this, SIGNAL(fetched()),
this, SLOT(onFetched()));
_fetchJobInProgress = false;
// small hack to support the ShibbolethRefresher hack
// we already rand fetch() with a valid account object,
// and hence know the url on refresh
fetch(account);
fetch();
}
void ShibbolethCredentials::onFetched()
@ -351,7 +341,6 @@ void ShibbolethCredentials::onFetched()
void ShibbolethCredentials::slotReadJobDone(QKeychain::Job *job)
{
AccountPtr account = qvariant_cast<AccountPtr>(job->property("account"));
if (job->error() == QKeychain::NoError) {
ReadPasswordJob *readJob = static_cast<ReadPasswordJob*>(job);
delete readJob->settings();
@ -361,18 +350,18 @@ void ShibbolethCredentials::slotReadJobDone(QKeychain::Job *job)
addToCookieJar(_shibCookie);
}
// access
job->setSettings(account->settingsWithGroup(Theme::instance()->appName(), job));
job->setSettings(_account->settingsWithGroup(Theme::instance()->appName(), job));
_ready = true;
_stillValid = true;
_fetchJobInProgress = false;
Q_EMIT fetched();
} else {
showLoginWindow(account);
showLoginWindow();
}
}
void ShibbolethCredentials::showLoginWindow(AccountPtr account)
void ShibbolethCredentials::showLoginWindow()
{
if (!_browser.isNull()) {
_browser->activateWindow();
@ -381,13 +370,13 @@ void ShibbolethCredentials::showLoginWindow(AccountPtr account)
return;
}
CookieJar *jar = static_cast<CookieJar*>(account->networkAccessManager()->cookieJar());
CookieJar *jar = static_cast<CookieJar*>(_account->networkAccessManager()->cookieJar());
// When opening a new window clear all the session cookie that might keep the user from logging in
// (or the session may already be open in the server, and there will not be redirect asking for the
// real long term cookie we want to store)
jar->clearSessionCookies();
_browser = new ShibbolethWebView(account);
_browser = new ShibbolethWebView(_account->sharedFromThis());
connect(_browser, SIGNAL(shibbolethCookieReceived(QNetworkCookie, AccountPtr)),
this, SLOT(onShibbolethCookieReceived(QNetworkCookie, AccountPtr)), Qt::QueuedConnection);
connect(_browser, SIGNAL(rejected()), this, SLOT(slotBrowserRejected()));
@ -395,12 +384,12 @@ void ShibbolethCredentials::showLoginWindow(AccountPtr account)
_browser->show();
}
QList<QNetworkCookie> ShibbolethCredentials::accountCookies(AccountPtr account)
QList<QNetworkCookie> ShibbolethCredentials::accountCookies(Account* account)
{
return account->networkAccessManager()->cookieJar()->cookiesForUrl(account->davUrl());
}
QNetworkCookie ShibbolethCredentials::findShibCookie(AccountPtr account, QList<QNetworkCookie> cookies)
QNetworkCookie ShibbolethCredentials::findShibCookie(Account* account, QList<QNetworkCookie> cookies)
{
if(cookies.isEmpty()) {
cookies = accountCookies(account);
@ -419,22 +408,22 @@ QByteArray ShibbolethCredentials::shibCookieName()
return QByteArray(shibCookieNameC);
}
void ShibbolethCredentials::storeShibCookie(const QNetworkCookie &cookie, AccountPtr account)
void ShibbolethCredentials::storeShibCookie(const QNetworkCookie &cookie)
{
WritePasswordJob *job = new WritePasswordJob(Theme::instance()->appName());
job->setSettings(account->settingsWithGroup(Theme::instance()->appName(), job));
job->setSettings(_account->settingsWithGroup(Theme::instance()->appName(), job));
// we don't really care if it works...
//connect(job, SIGNAL(finished(QKeychain::Job*)), SLOT(slotWriteJobDone(QKeychain::Job*)));
job->setKey(keychainKey(account->url().toString(), "shibAssertion"));
job->setKey(keychainKey(_account->url().toString(), "shibAssertion"));
job->setTextData(QString::fromUtf8(cookie.toRawForm()));
job->start();
}
void ShibbolethCredentials::removeShibCookie(AccountPtr account)
void ShibbolethCredentials::removeShibCookie()
{
DeletePasswordJob *job = new DeletePasswordJob(Theme::instance()->appName());
job->setSettings(account->settingsWithGroup(Theme::instance()->appName(), job));
job->setKey(keychainKey(account->url().toString(), "shibAssertion"));
job->setSettings(_account->settingsWithGroup(Theme::instance()->appName(), job));
job->setKey(keychainKey(_account->url().toString(), "shibAssertion"));
job->start();
}
@ -442,10 +431,9 @@ void ShibbolethCredentials::addToCookieJar(const QNetworkCookie &cookie)
{
QList<QNetworkCookie> cookies;
cookies << cookie;
AccountPtr account = AccountManager::instance()->account();
QNetworkCookieJar *jar = account->networkAccessManager()->cookieJar();
QNetworkCookieJar *jar = _account->networkAccessManager()->cookieJar();
jar->blockSignals(true); // otherwise we'd call ourselves
jar->setCookiesFromUrl(cookies, account->url());
jar->setCookiesFromUrl(cookies, _account->url());
jar->blockSignals(false);
}

23
src/libsync/creds/shibbolethcredentials.h
View file

@ -41,8 +41,9 @@ public:
ShibbolethCredentials();
/* create a credentials for an already connected account */
ShibbolethCredentials(const QNetworkCookie &cookie, AccountPtr acc);
ShibbolethCredentials(const QNetworkCookie &cookie);
void setAccount(Account* account) Q_DECL_OVERRIDE;
void syncContextPreInit(CSYNC* ctx) Q_DECL_OVERRIDE;
void syncContextPreStart(CSYNC* ctx) Q_DECL_OVERRIDE;
bool changed(AbstractCredentials* credentials) const Q_DECL_OVERRIDE;
@ -50,22 +51,22 @@ public:
QString user() const Q_DECL_OVERRIDE;
QNetworkAccessManager* getQNAM() const Q_DECL_OVERRIDE;
bool ready() const Q_DECL_OVERRIDE;
void fetch(AccountPtr account) Q_DECL_OVERRIDE;
void fetch() Q_DECL_OVERRIDE;
bool stillValid(QNetworkReply *reply) Q_DECL_OVERRIDE;
void persist(AccountPtr account) Q_DECL_OVERRIDE;
void invalidateToken(AccountPtr account) Q_DECL_OVERRIDE;
void persist() Q_DECL_OVERRIDE;
void invalidateToken() Q_DECL_OVERRIDE;
void showLoginWindow(AccountPtr);
void showLoginWindow();
static QList<QNetworkCookie> accountCookies(AccountPtr);
static QNetworkCookie findShibCookie(AccountPtr, QList<QNetworkCookie> cookies = QList<QNetworkCookie>());
static QList<QNetworkCookie> accountCookies(Account *);
static QNetworkCookie findShibCookie(Account *, QList<QNetworkCookie> cookies = QList<QNetworkCookie>());
static QByteArray shibCookieName();
public Q_SLOTS:
void invalidateAndFetch(AccountPtr account) Q_DECL_OVERRIDE;
void invalidateAndFetch() Q_DECL_OVERRIDE;
private Q_SLOTS:
void onShibbolethCookieReceived(const QNetworkCookie&, AccountPtr);
void onShibbolethCookieReceived(const QNetworkCookie&);
void slotBrowserRejected();
void onFetched();
void slotReadJobDone(QKeychain::Job*);
@ -79,8 +80,8 @@ Q_SIGNALS:
void invalidatedAndFetched(const QByteArray& cookieData);
private:
void storeShibCookie(const QNetworkCookie &cookie, AccountPtr account);
void removeShibCookie(AccountPtr account);
void storeShibCookie(const QNetworkCookie &cookie);
void removeShibCookie();
void addToCookieJar(const QNetworkCookie &cookie);
QUrl _url;
QByteArray prepareCookieData() const;

6
src/libsync/creds/tokencredentials.h
View file

@ -46,13 +46,13 @@ public:
QString authType() const;
QNetworkAccessManager* getQNAM() const;
bool ready() const;
void fetch(Account *account);
void fetch();
bool stillValid(QNetworkReply *reply);
void persist(Account *account);
void persist();
QString user() const;
QString password() const;
QString queryPassword(bool *ok);
void invalidateToken(Account *account);
void invalidateToken();
private Q_SLOTS:
void slotAuthentication(QNetworkReply*, QAuthenticator*);

16
src/libsync/syncengine.cpp
View file

@ -589,23 +589,7 @@ void SyncEngine::startSync()
}
csync_set_userdata(_csync_ctx, this);
// TODO: This should be a part of this method, but we don't have
// any way to get "session_key" module property from csync. Had we
// have it, then we could keep this code and remove it from
// AbstractCredentials implementations.
_account->credentials()->syncContextPreStart(_csync_ctx);
// if (_lastAuthCookies.length() > 0) {
// // Stuff cookies inside csync, then we can avoid the intermediate HTTP 401 reply
// // when https://github.com/owncloud/core/pull/4042 is merged.
// QString cookiesAsString;
// foreach(QNetworkCookie c, _lastAuthCookies) {
// cookiesAsString += c.name();
// cookiesAsString += '=';
// cookiesAsString += c.value();
// cookiesAsString += "; ";
// }
// csync_set_module_property(_csync_ctx, "session_key", cookiesAsString.to
// }
// csync_set_auth_callback( _csync_ctx, getauth );
//csync_set_log_level( 11 ); don't set the loglevel here, it shall be done by folder.cpp or owncloudcmd.cpp