diff options
author | Qt Forward Merge Bot <qt_forward_merge_bot@qt-project.org> | 2018-07-14 03:00:57 +0200 |
---|---|---|
committer | Qt Forward Merge Bot <qt_forward_merge_bot@qt-project.org> | 2018-07-14 03:00:57 +0200 |
commit | 5cf4aedf4eb2317b2be469a9184c8113fb7f0c4d (patch) | |
tree | ea96c15e5277fffda5a4aa60fb014a460a7a32a4 | |
parent | 9fc6a143ce02721ef4730671d682a810abad2d80 (diff) | |
parent | f23445845310b9f47ea5592f1dea92ca463ba284 (diff) |
Merge remote-tracking branch 'origin/5.11' into dev
Change-Id: I15f4c5c395a0b4991d0d9fce9524df3d96676cc8
-rw-r--r-- | src/oauth/qoauth1.cpp | 12 | ||||
-rw-r--r-- | src/oauth/qoauth1_p.h | 1 | ||||
-rw-r--r-- | tests/auto/oauth1/tst_oauth1.cpp | 57 |
3 files changed, 69 insertions, 1 deletions
diff --git a/src/oauth/qoauth1.cpp b/src/oauth/qoauth1.cpp index fcff92e..37408fc 100644 --- a/src/oauth/qoauth1.cpp +++ b/src/oauth/qoauth1.cpp @@ -262,6 +262,15 @@ void QOAuth1Private::_q_tokensReceived(const QVariantMap &tokens) { Q_Q(QOAuth1); + if (!tokenRequested && status == QAbstractOAuth::Status::TemporaryCredentialsReceived) { + // We didn't request a token yet, but in the "TemporaryCredentialsReceived" state _any_ + // new tokens received will count as a successful authentication and we move to the + // 'Granted' state. To avoid this, 'status' will be temporarily set to 'NotAuthenticated'. + status = QAbstractOAuth::Status::NotAuthenticated; + } + if (tokenRequested) // 'Reset' tokenRequested now that we've gotten new tokens + tokenRequested = false; + QPair<QString, QString> credential(tokens.value(Key::oauthToken).toString(), tokens.value(Key::oauthTokenSecret).toString()); switch (status) { @@ -675,6 +684,7 @@ QNetworkReply *QOAuth1::requestTokenCredentials(QNetworkAccessManager::Operation const QVariantMap ¶meters) { Q_D(QOAuth1); + d->tokenRequested = true; return d->requestToken(operation, url, temporaryToken, parameters); } @@ -786,7 +796,7 @@ void QOAuth1::grant() qCWarning(d->loggingCategory, "authorizationGrantUrl is empty"); return; } - if (!d->token.isEmpty()) { + if (!d->token.isEmpty() && status() == Status::Granted) { qCWarning(d->loggingCategory, "Already authenticated"); return; } diff --git a/src/oauth/qoauth1_p.h b/src/oauth/qoauth1_p.h index ecc5cc4..ee57fba 100644 --- a/src/oauth/qoauth1_p.h +++ b/src/oauth/qoauth1_p.h @@ -93,6 +93,7 @@ public: QUrl tokenCredentialsUrl; QOAuth1::SignatureMethod signatureMethod = QOAuth1::SignatureMethod::Hmac_Sha1; const QString oauthVersion = QStringLiteral("1.0"); + bool tokenRequested = false; struct OAuth1KeyString { diff --git a/tests/auto/oauth1/tst_oauth1.cpp b/tests/auto/oauth1/tst_oauth1.cpp index 0ca373d..2385863 100644 --- a/tests/auto/oauth1/tst_oauth1.cpp +++ b/tests/auto/oauth1/tst_oauth1.cpp @@ -160,6 +160,8 @@ private Q_SLOTS: void authenticatedCalls_data(); void authenticatedCalls(); + + void secondTemporaryToken(); }; bool hostReachable(const QLatin1String &host) @@ -712,5 +714,60 @@ void tst_OAuth1::authenticatedCalls() reply.clear(); } +void tst_OAuth1::secondTemporaryToken() +{ + QNetworkAccessManager networkAccessManager; + + const StringPair expectedToken(qMakePair(QStringLiteral("temporaryKey"), QStringLiteral("temporaryToken"))); + WebServer webServer([&](const WebServer::HttpRequest &request, QTcpSocket *socket) { + Q_UNUSED(request); + const QString format = "oauth_token=%1&oauth_token_secret=%2&oauth_callback_confirmed=true"; + const QByteArray text = format.arg(expectedToken.first, expectedToken.second).toUtf8(); + const QByteArray replyMessage { + "HTTP/1.0 200 OK\r\n" + "Content-Type: application/x-www-form-urlencoded; charset=\"utf-8\"\r\n" + "Content-Length: " + QByteArray::number(text.size()) + "\r\n\r\n" + + text + }; + socket->write(replyMessage); + }); + + QOAuth1 o1(&networkAccessManager); + + StringPair clientCredentials = qMakePair(QStringLiteral("user"), QStringLiteral("passwd")); + o1.setClientCredentials(clientCredentials); + o1.setTemporaryCredentialsUrl(webServer.url(QStringLiteral("temporary"))); + o1.setAuthorizationUrl(webServer.url(QStringLiteral("authorization"))); + o1.setTokenCredentialsUrl(webServer.url(QStringLiteral("token"))); + + StringPair tokenReceived; + connect(&o1, &QOAuth1::tokenChanged, [&tokenReceived](const QString &token) { + tokenReceived.first = token; + }); + bool replyReceived = false; + connect(&o1, &QOAuth1::tokenSecretChanged, [&tokenReceived, &replyReceived](const QString &tokenSecret) { + tokenReceived.second = tokenSecret; + replyReceived = true; + }); + + o1.grant(); + QTRY_VERIFY(replyReceived); + + QVERIFY(!tokenReceived.first.isEmpty()); + QVERIFY(!tokenReceived.second.isEmpty()); + QCOMPARE(o1.status(), QAbstractOAuth::Status::TemporaryCredentialsReceived); + QCOMPARE(tokenReceived, expectedToken); + + replyReceived = false; // reset this so we can 'synchronize' on it again + // Do the same request again, should end up in the same state!! + o1.grant(); + QTRY_VERIFY(replyReceived); + + QVERIFY(!tokenReceived.first.isEmpty()); + QVERIFY(!tokenReceived.second.isEmpty()); + QCOMPARE(o1.status(), QAbstractOAuth::Status::TemporaryCredentialsReceived); + QCOMPARE(tokenReceived, expectedToken); +} + QTEST_MAIN(tst_OAuth1) #include "tst_oauth1.moc" |