| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
I was getting a double-free when it went out of scope after a move.
Change-Id: Ifaa4b32b76d99635fc2e0db3bcd675c9a9a9bfa9
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
|
|
|
|
|
| |
Task-number: QTBUG-74391
Change-Id: Ibd426395c3ed13efd607955ce568157b0a1f3514
Reviewed-by: Paul Wicking <paul.wicking@qt.io>
|
|
|
|
|
| |
Change-Id: I6e99234909dc30da3609c9374d8f226acfc0e1a2
Reviewed-by: Paul Wicking <paul.wicking@qt.io>
|
|
|
|
|
| |
Change-Id: Idbc3c7f71726b3bedb44d963cbdc13353cdff503
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
|\
| |
| |
| | |
Change-Id: I4e1a6df8587f1bc7c6670d7981cc87c56bd6129c
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Follow the example of the other GPLv3 modules and show the license
as part of all pages.
Change-Id: I43c0722b3153a5d6bb278a7939d9581409547a78
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
Reviewed-by: Topi Reiniö <topi.reinio@qt.io>
Reviewed-by: Martin Smith <martin.smith@qt.io>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sending authenticated requests is limited to the APIs the QAbstractOAuth
class provides. With the newly added prepareRequest and
sendCustomRequest methods, one can set the correct headers etc. on any
custom created network request, including the verb that is used to the
request as well the body to be sent. This includes a modifcation to the
QOAuth1Signature class to make it possible to sign requests with a
custom method.
[ChangeLog][QOAuth1Signature] Added customMethodString and
setCustomMethodString methods to support signing requests with custom
methods.
[ChangeLog][QAbstractOAuth] Added prepareRequest and sendCustomRequest
methods to authenticate any custom request, including custom verbs and
bodies.
Change-Id: I86459844ee919e8c9d60d349257b57afbc3fa07a
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Following section 8.3 of RFC 8252
(https://tools.ietf.org/html/rfc8252#section-8.3), it is specifically
not recommended to use localhost but 127.0.0.1. This patch fixes that.
[ChangeLog][General] Use 127.0.0.1 in place of localhost for redirect
URI following RFC 8252.
Fixes: QTBUG-67528
Change-Id: I6f5a8dd26134cde2373185eaf2c8853d6f500e98
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
| |
The feature macros are defined in a header, so it has to be included
first.
Change-Id: I3ed7c4978cb9cdde23ed37d0e963a24a6b07f335
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, `parameters` passed to `QOAuth1Private::requestToken`
are used as HTTP GET or POST parameters directly. This commit fixes
the non-standard compliant behavior by inserting parameters with
`oauth_` prefix to `headers`; this fix also allows parameter
`oauth_callback` to be inserted only during `OAuth1::grant()`
but not all token requests.
Several approaches had been taken under consideration:
* strip `const` from `parameters` function signature
* make a copy of `const QVariantMap ¶meters`
* insert relevant headers and leave parameters intact
* current: copy oauth-inrelevant parameters to another map
Task-number: QTBUG-69709
Change-Id: I892f0e6b9a70c9e425fef976f6703ef065ee9163
Reviewed-by: Poren Chiang <ren.chiang@gmail.com>
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
|\
| |
| |
| | |
Change-Id: I15f4c5c395a0b4991d0d9fce9524df3d96676cc8
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The code now keeps track of whether or not the final tokens were
actually requested.
Before if we received temporary tokens a second time it would behave as
if the authorization succeeded and would simply fail any actual
authorizing and would stop attempts to authorize again. By keeping
track of whether or not an actual request was made we can now tell the
temporary and the final tokens apart.
Change-Id: I4a55e7beda9e7be9d8c693739f4d3985438837ea
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
|\|
| |
| |
| | |
Change-Id: I969dc5aaa41cb76b799d7ec0abf532ddfc503444
|
| |
| |
| |
| |
| |
| | |
Task-number: QTBUG-68933
Change-Id: Iaa915bfb4158b06028885a98cdf9430f23c1fe09
Reviewed-by: Topi Reiniö <topi.reinio@qt.io>
|
|\|
| |
| |
| | |
Change-Id: I44b2fc349045be2921949177d564999110aaf5a1
|
| |
| |
| |
| |
| | |
Change-Id: I549e71d3f655d598d28c84f483b5c2d0823b4b35
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
|\|
| |
| |
| | |
Change-Id: I1336416b625061d2fd5cffbb0de480bc761fdb42
|
| |
| |
| |
| |
| |
| |
| | |
This amends 8cce9fa16f3531e1e094a798c007480afa2bcaab.
Change-Id: I613abcc9a5b3606643aa2e4925739d19e4fdcd6b
Reviewed-by: Topi Reiniö <topi.reinio@qt.io>
|
|\|
| |
| |
| | |
Change-Id: I83f1fc441fe3853ebcf61c85b8a6284e48be2430
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
warning: Undocumented parameter 'modifyParametersFunction' in
QAbstractOAuth::setModifyParametersFunction()
warning: Undocumented parameter 'other' in
QOAuth1Signature::operator=()
Change-Id: I37d08a547b64d325d9a3b5106f639b3be36ded48
Reviewed-by: Martin Smith <martin.smith@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The workflow for refresh token was not working properly due to a
missing QObject::connect(). Getting the access token and refreshing it
later was working, but only because the connection was done in
QOAuth2AuthorizationCodeFlow::requestAccessToken().
The patch adds a couple of tests to check both workflows.
Task-number: QTBUG-65778
Change-Id: Id89f2e9f64d5285fc6cd24c9c4afd430b8925239
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Kamil Rojewski <kamil.rojewski@gmail.com>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Add a property to the already available C++ API for
refreshToken.
Change-Id: I34be1dd2a7b234cd7a24d8e56f959b8624269216
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
When receiving a access token it is common to also receive the refresh
token. But some api:s, for example Spotify[1], does not. That will
result in loss of a valid refresh token.
Make sure the refresh token is valid before updating it.
[1] https://developer.spotify.com/web-api/authorization-guide
Change-Id: If186dad353d97310d164476f89088668ffef9ca6
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
|\
| |
| |
| |
| |
| |
| | |
Conflicts:
.qmake.conf
Change-Id: I815c33bbe5a821a47c66d3d4b43ffd3873337c20
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
with QByteArray or QHttpMultiPart in QAbstractOAuth2
Task-number: QTBUG-65316
Change-Id: I893b2ad602de8c539ea08b72150dd1f92162b9dc
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Commit c071b588ce2b4d474845d553aa83120747dc46da broke QOAuth1::tokenSecret(),
in fact, it were returning the clientIdentifierSharedKey instead.
[ChangeLog][QOAuth1] Fix tokenSecret() return value.
Task-number: QTBUG-65422
Change-Id: I72d6783220e7a030eac65e5c22e4421a1d6b106e
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
| |\
| | |
| | |
| | | |
Change-Id: I4019ef47866c0df0ca1fbcd8fda75013debcd4b3
|
| | |\
| | | |
| | | |
| | | | |
Change-Id: Ia395f65e4e6cb7b7efbebab71e8653d87d028af4
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Task-number: QTBUG-60824
Change-Id: I229dc72963cac030a085e1d6988b9a2a9e7ff44a
Reviewed-by: Venugopal Shivashankar <Venugopal.Shivashankar@qt.io>
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Change-Id: I01c49cfb4c18c01acc0ed762dcfc72ea027cd30f
Reviewed-by: Venugopal Shivashankar <Venugopal.Shivashankar@qt.io>
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
Change-Id: Ib3e478b7653702cf6d69978d3212f35484ee4702
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Topi Reiniö <topi.reinio@qt.io>
|
|/ /
| |
| |
| |
| |
| |
| | |
clientIdentifier was moved to the base class in commit c071b588.
Change-Id: I9cc2309948ad5a03b0a00c8a85c070404c435a8a
Reviewed-by: Martin Smith <martin.smith@qt.io>
|
|/
|
|
|
| |
Change-Id: Ib3ded30af5b9886d53db22c5feb2d91d9f10bfc5
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|\
| |
| |
| |
| |
| |
| | |
Conflicts:
.qmake.conf
Change-Id: I557207cc8d55f9600ce39638a66e3014725fc822
|
| |
| |
| |
| |
| | |
Change-Id: Ib77d7820fbc6c9e0631309f7a4a1511440294758
Reviewed-by: Jani Heikkinen <jani.heikkinen@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Due to a bug in OAuth1 implementation, the granted() signal was being
emitted two times. This fix saves clients from repeating requests to the
web server, after authentication, in response to the repeated signal.
[ChangeLog][QOAuth1] Emit granted() only one time.
Task-number: QTBUG-63182
Change-Id: I6723d55a38fb773300ae14d3d9108d6863cde635
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Refresh tokens were not publicly accessible from QAbstractOAuth2 class.
So user was unable to (etc.) save refresh token to database. Refresh
tokens are meant to have longer lifespan than access tokens (as hinted in
https://tools.ietf.org/html/rfc6749#section-1.5) and they even
do not have to expire at all, so that it is very expected to have ability
of saving/restoring them to classes representing OAuth 2.0 sessions. Also
added some documentation.
[ChangeLog][QAbstractOAuth2] Added ability to get/set OAuth 2.0
refresh token via public API, so that user can store existing
refresh tokens and reuse them later.
Task-number: QTBUG-63357
Change-Id: I93ea279e12caed3791b147d9c37ab48d01b2bf42
Reviewed-by: Martin Rotter <rotter.martinos@gmail.com>
Reviewed-by: Erik Larsson <erik@ortogonal.com>
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Logging categories are not public API and throw off qdoc, causing:
qtnetworkauth/src/oauth/qabstractoauth.cpp:492: warning: Can't link to 'QAbstractOAuthReplyHandler'
Amends 43634a54376c55ff78521ea9a063f4cab984d871.
Change-Id: I730a39f14ee93d63a5d37271a79ea75b022e3ec5
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
|\|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
.qmake.conf
src/oauth/qabstractoauth.cpp
tests/auto/oauth1/tst_oauth1.cpp
Done-with: Jesus Fernandez<jesus.fernandez@qt.io>
Change-Id: I5be2c6ad2cd00943ee3acafe5b5c693fc4ada03c
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a new Stage to pass to the parameter modification call-back so
that the client code can recognize and adapt when preparing to
refresh an access token.
[ChangeLog][QAbstractAuth] Adds a token refresh stage
allowing parameters modification.
Task-number: QTBUG-59104
Change-Id: If6cd1349df163edd27ee083e82e6f537422574ca
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As mentioned in RFC 5849 in section 3.4.1.3.1 queries
should be treated as application/x-www-form-urlencoded
and be decoded before being used in the base string.
The queries located in the URL now gets fully decoded and any
already-percent-encoded key-value pairs should be added to the URL. The
parameters list is used for non-encoded input.
[ChangeLog][OAuth1] QOAuth1 will now decode the query-segment of the URL
supplied in get/post/head/deleteResource during the signature-generation
phase. Any key-value-pair which needs to be passed in as percent-encoded
must be passed in the query of the URL.
Task-number: QTBUG-61125
Change-Id: I2ecb145f19f6c9a0031e9f00c6cb22d0fa5c96ea
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| | |
Change-Id: Iaad9fb2096cd01a762c3eace90c6154b0d0ebe59
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
qtnetworkauth/src/oauth/qabstractoauth.cpp:173: warning: Cannot find 'authorizeWithBrowser(...)' in '\fn' void authorizeWithBrowser(const QUrl &url)
qtnetworkauth/src/oauth/qabstractoauth.h:151: warning: No documentation for 'QAbstractOAuth::authorizeWithBrowser(const QUrl &url)'
qtnetworkauth/src/oauth/qabstractoauth.h:140: warning: No documentation for 'QAbstractOAuth::grant()'
qtnetworkauth/src/oauth/qabstractoauth.h:152: warning: No documentation for 'QAbstractOAuth::granted()'
qtnetworkauth/src/oauth/qabstractoauth.h:126: warning: No documentation for 'QAbstractOAuth::get(const QUrl &url, const QVariantMap ¶meters)'
qtnetworkauth/src/oauth/qabstractoauth.h:124: warning: No documentation for 'QAbstractOAuth::head(const QUrl &url, const QVariantMap ¶meters)'
qtnetworkauth/src/oauth/qabstractoauth.h:128: warning: No documentation for 'QAbstractOAuth::post(const QUrl &url, const QVariantMap ¶meters)'
qtnetworkauth/src/oauth/qabstractoauth.h:130: warning: No documentation for 'QAbstractOAuth::deleteResource(const QUrl &url, const QVariantMap ¶meters)'
Change-Id: I105cae13edb78647ceca3b28cbc61f5cee1d05f7
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
Reviewed-by: Nico Vertriest <nico.vertriest@qt.io>
|
| |
| |
| |
| |
| |
| | |
Change-Id: I8bcff2570dd0bb46aeb3127d57778f4d062e5afd
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some servers are using text/javascript instead of application/json to
send the tokens to the client.
Task-number: QTBUG-60400
Change-Id: I07e00b4542c95c45e8cc2d6213eb799d4c1fb6d5
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
They don't compile with Clang 5.0 + libstdc++ from GCC 7.
I didn't care to investigate why.
functional:841:7: error: static_assert failed "Wrong number of arguments for pointer-to-member"
[...]
qoauth2authorizationcodeflow.cpp:340:13: note: while substituting deduced template arguments into function template
'bind' [with _Func = void (QAbstractOAuthReplyHandler::*)(QNetworkReply *), _BoundArgs = <QAbstractOAuthReplyHandler *, QNetworkReply *>]
Change-Id: Ia53158e207a94bf49489fffd14c791ec1aaa707d
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The PLAINTEXT signature was not working. It was sending the client
identifier instead of the token secret.
This adds some new tests to validate the signature.
Change-Id: I51bc6434e12915eb8b58866b7ff8f11b333dc730
Reviewed-by: Nikita Baryshnikov <nib952051@gmail.com>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| | |
Change-Id: I4f0c744b159d8e62a4564406acacf3fdee91621b
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The "not supported" \note for RSA-SHA1 was not shown in the same cell.
Replaced \note with a clarification using parentheses.
Change-Id: Icc19070e0d122a30899d66d292954aa976e916b3
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The links were duplicated in the documentation. There is no need to
keep the inline comment with the URL in the code.
Change-Id: Ia231a34dce4ffb3ec8dbd6e0574783f5a1dee288
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|