summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Update dependencies on 'dev' in qt/qtnetworkauthHEADdevQt Submodule Update Bot2 days1-1/+1
| | | | | Change-Id: I42834d098efb3757341fdb01ad4817506818469b Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* QAbstractOAuth: fix data race and poor seeding in generateRandomString()Marc Mutz3 days1-4/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While not explicitly documented as thread-safe, this function maintains unprotected global state, and OAuth classes are surely used outside the main thread, so independent OAuth objects performing this operation at the same time means data race, iow: UB. Protect with a mutex. As a drive-by, use Q_GLOBAL_STATIC instead of magic statics, and make the char array constexpr instead of static const, to statically assert that it plays no role in thread-safety. Also seed the PRNG with QRandomGenerator::system() instead of the moral equivalent of gettimeoday(). The OAuth1 RFC5849¹ doesn't mention it, but the OpenID² spec asks for the nonce to be "unguessable to attackers". A gettimeofday()-seeded PRNG, esp. with only millisecond resolution, clearly doesn't fulfil that requirement. QRandomGenerator::system(), OTOH, is documented to be "securely seeded", and provides a seed_seq-like interface so the _whole_ mt19937 state can be seeded, not just a 32-bit fraction of it. Keep the local PRNG to not exhaust the kernel's entropy pool through excessive system() usage. ¹ https://datatracker.ietf.org/doc/html/rfc5849#section-3.3 ² https://openid.net/specs/openid-connect-core-1_0.html#NonceNotes Amends a6dc1c01da723a93e1c174a6950eb4bab8cab3fc. Pick-to: 6.7 6.5 6.2 5.15 Change-Id: Id09b04cc2ae342a7374a9f7a6803c860360d132c Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io> Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot5 days1-1/+1
| | | | | Change-Id: I84001c70b888602e6773f3f64a77cc5c1f5234a3 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Doc: fix warnings from undocumented parameterVolker Hilsheimer5 days1-1/+1
| | | | | | | | | Move-assignment operators might be self-explanatory, but if we document them, then we need to document the parameters. Change-Id: I5f15c73b905d6853925dc55848c276815537b070 Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io> Reviewed-by: Andreas Eliasson <andreas.eliasson@qt.io>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot9 days1-1/+1
| | | | | Change-Id: I23698f4e0492c729b38d7ec970df10f584bd856c Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot10 days1-1/+1
| | | | | Change-Id: I5a341f25bbcdf9245f38a0e0b930e621afdcbdf3 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot13 days1-1/+1
| | | | | Change-Id: I02db26489fbbd2185384fe88c71239ac6987ec27 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-04-241-1/+1
| | | | | Change-Id: I362e529c3da84c1c4e2e0ff927814766ae55f685 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Ensure the code is not encoded a second time if already percent encodedSamuel Gaist2024-04-231-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | Google recently changed the way they send their code and it is now already percent encoded. This patch checks for the percent presence in the code and does not change it again if it's there. The alternative is to use: google = new QOAuth2AuthorizationCodeFlow; // Setup authentication parameters google->setModifyParametersFunction( [](QAbstractOAuth::Stage stage, QMultiMap<QString, QVariant>* parameters) { if (stage == QAbstractOAuth::Stage::RequestingAccessToken) { QByteArray code = parameters->take("code").toByteArray(); parameters->insert("code", QUrl::fromPercentEncoding(code)); } }); [ChangeLog][OAuth2] OAuth2 providers might be sending the authentication code already percent encoded. This is the case of Google. This now a supported use case and the code is not systematically encoded anymore. Fixes: QTBUG-81624 Change-Id: I43d66223a2aedf01fe0996de6798acc6d881c16b Reviewed-by: Juha Vuolle <juha.vuolle@qt.io>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-04-191-1/+1
| | | | | Change-Id: Ie402ca4d02093de29f15dc4582ad0135cb3c2b95 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-04-171-1/+1
| | | | | Change-Id: Ibb1030c6a884b6d5b4abcddfc97dd2bc0e641b6c Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-04-151-1/+1
| | | | | Change-Id: I7567b67201d2a944148ea638ece90c5f61c50873 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-04-101-1/+1
| | | | | Change-Id: Iafcf4a6b2e8a0f198c555fa275cd1ca4f14b8db4 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-04-091-1/+1
| | | | | Change-Id: I0bdcbb788e85afbcc522e5cd9145bcd60d62ac5a Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-04-081-1/+1
| | | | | Change-Id: I8966548d7f17f8bbb030ce20840c5b0ea3ad995d Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Add a licenseRule.json file for checking of SPDX license identifiersLucie Gérard2024-04-041-0/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The license test in qtqa reads this file in order to check the validity of the license used. This file reproduce the QUIP-18 [1] rules, with some exceptions. Each entry in the file corresponds to a set of licensing rules. A set of licensing rules can depend on the file ending, registered in "file_pattern_ending". The last entry in the file has no "file_pattern_ending", it sets the rules for the files whose licensing does not depend on their ending. The license to be used depends on the location of the file within the Qt module repository. Let's call this "<true_location>". The "<true_location>" can also correspond to a file name, offering flexibility for exceptions to the rule. The "<true_location>" are registered in "location". For each "<true_location>" there is a "file type" entry and a "spdx" entry. The "spdx" entry gives the rule: the expected license tag(s) in SPDX format for the file ending (if applicable) and "<true_location>". The "file type" informs on the QUIP-18 type the tested file corresponds to. It is purely informational for the reader. The set of rules are tested in order of appearance in the json file. For this reason, a more constraining ending (like "special.txt") needs to appear in a "file_pattern_ending" located before the "file_pattern_ending" of a less constraining ending (like ".txt"). Also, a file ending cannot be present in two "file_pattern_ending". "file_pattern_ending" and "spdx" should list strings. "<true_location>" can be regular expressions. During the test the deeper "<true_location>" are checked first. The order is which they appear in the json file does not matter. To test this file, run QT_MODULE_TO_TEST=../qtnetworkauth perl tests/prebuild/license/tst_licenses.pl [1]: https://contribute.qt-project.org/quips/18 Pick-to: 6.7 Task-number: QTBUG-121039 Change-Id: Iedbb1d0156ad8937eb98ede3e7bcc89437b8875c Reviewed-by: Kai Köhne <kai.koehne@qt.io>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-04-041-1/+1
| | | | | Change-Id: Iee71feb8de518c40cfa8891b1692260463ce84de Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-03-281-1/+1
| | | | | Change-Id: Ia6c99d531a20d5a2dfaf64cf34064314156a36da Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Correct license for examples filesLucie Gérard2024-03-263-3/+3
| | | | | | | | | | | | | Example takes precedence over build system file type. According to QUIP-18 [1], all examples file should be LicenseRef-Qt-Commercial OR BSD-3-Clause [1]: https://contribute.qt-project.org/quips/18 Pick-to: 6.7 Task-number: QTBUG-121787 Change-Id: I62c8328ab19bb60b4370cd651bb60b4795d8c619 Reviewed-by: Kai Köhne <kai.koehne@qt.io>
* Correct license for test filesLucie Gérard2024-03-265-5/+5
| | | | | | | | | | | | According to QUIP-18 [1], all test files should be LicenseRef-Qt-Commercial OR GPL-3.0-only [1]: https://contribute.qt-project.org/quips/18 Pick-to: 6.7 Task-number: QTBUG-121787 Change-Id: Ia7b5193dc62217ae8afb4a80725645e113dcc874 Reviewed-by: Kai Köhne <kai.koehne@qt.io>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-03-251-1/+1
| | | | | Change-Id: I3e5fbfaf158a4f733166b09e6d9a9cb377675980 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-03-251-1/+1
| | | | | Change-Id: Id01bb2de2b2397b6062665bb59b06a02ec41af22 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-03-211-1/+1
| | | | | Change-Id: I99f612a397c00a0d2b0d3b35d6e249d24b253dcc Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-03-171-1/+1
| | | | | Change-Id: Iffeb752b070669eda520e4274e05b10fd24ba8ea Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-03-161-1/+1
| | | | | Change-Id: I992dd3586f5ed8a59a9e691995d8a9f3b0cbf427 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-03-141-1/+1
| | | | | Change-Id: I7a428bfcc9bc26bb76ac2de8aa9fdf6b7c6e2051 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-03-131-1/+1
| | | | | Change-Id: I1256f0ff39d48c44d2e634f4e9664da345b650dc Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-03-101-1/+1
| | | | | Change-Id: Ib27461eab31ea202d4dde33cbcb20dcbe6c6c520 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-03-021-1/+1
| | | | | Change-Id: I1e404de8723a9c16cb526aa6418bbed95277840e Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-02-271-1/+1
| | | | | Change-Id: Ia1377fa41d8a8b913fa1654c00bf2f7202490df8 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-02-221-1/+1
| | | | | Change-Id: Ib18ffa5444cf1230f511c06ec676474a5abddc15 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-02-211-1/+1
| | | | | Change-Id: I1b6cf7de1b69678e166ba4e68fde4896fd4537ac Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-02-191-1/+1
| | | | | Change-Id: Ia24953382e242b0a0f94e9509863183bd18b2918 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-02-101-1/+1
| | | | | Change-Id: I92746d061d2fb76d3dd0d39267a86f091b9e2db5 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-02-091-1/+1
| | | | | Change-Id: I7337e8f987b24855eeecf36d8e6c4dd3ce391c26 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-02-061-1/+1
| | | | | Change-Id: I984a70bba89603d3a6b6a2ed22c292e343938dac Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update QtNetworkAuth tests for new QHttpHeaders behaviorMårten Nordheim2024-01-312-6/+6
| | | | | | | | | Since we now send the headers in lower-case we also need to be prepared for them to be lower-case on the server-side here. Fixes: QTBUG-121727 Change-Id: I83b52277842b2c88b65fe13071123d223ccc6e19 Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-01-311-1/+1
| | | | | Change-Id: I66f5b954396ab57d20e247c4a6c1b3e3439b170c Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Enable CMake autotestsJoerg Bornemann2024-01-242-8/+8
| | | | | | Task-number: QTBUG-84884 Change-Id: I1010f3dca690e30f7a7115a0002a97361c411969 Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-01-221-1/+1
| | | | | Change-Id: Iac73b22e8bfc3e5c0513a06a4337b859b3948934 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-01-201-1/+1
| | | | | Change-Id: Ia46f41ef1fda478e9da14933e7218a5b5b22cef6 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-01-191-1/+1
| | | | | Change-Id: I8a1a786536f90aa63a11d848045bd0b3acd0ca2e Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-01-181-1/+1
| | | | | Change-Id: Ibdcb9c11bf4dd61cb95661bb633c9ad4fe1cb4c7 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-01-151-1/+1
| | | | | Change-Id: I07b878f39ea83a38d3aac3b5ff5fa805775e402f Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-01-121-1/+1
| | | | | Change-Id: I8cd31588ae3a9fbd3f077bb4126fde4b9f7f77af Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-01-091-1/+1
| | | | | Change-Id: I75b7a1cad46447e0b1e1148daf55e8baf480b74f Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2024-01-051-1/+1
| | | | | Change-Id: I1ae4c5b737af2e0402e2e511e1e1bc65e4ba67f8 Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2023-12-281-1/+1
| | | | | Change-Id: I2523114c2a50318c7adea6f598286eb38ca2c8cc Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2023-12-191-1/+1
| | | | | Change-Id: Id77768732d38f400931bdfaaf32084d65c4ec64b Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
* Update dependencies on 'dev' in qt/qtnetworkauthQt Submodule Update Bot2023-12-181-1/+1
| | | | | Change-Id: I1fe2c24fe84455afd2ff3f03ce94b0ade9e18d3c Reviewed-by: Qt Submodule Update Bot <qt_submodule_update_bot@qt-project.org>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-11 18:19:05 +0000