| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to 'RFC 8252 Section 8.3' the loopback listening
should be closed after receiving authorization response.
There were however two things preventing application developers
from doing this:
1) The callback (aka redirect_uri) is needed in the subsequent
access token request (note: listening is not needed anymore).
2) The callback (aka redirect_uri) is currently used also in
refresh token request (this is unnecessary though, and should
be removed in a follow-up commit).
But the problem for these two was that the
QOAuthHttpServerReplyHandler::callback() code asserted (debug)
or just returned a wrong value (release) if the handler wasn't
listening. This made it unfeasible to close the handler in a
timely manner.
With this commit the callback/redirect_uri is cached, and
consequently the handler can be closed immediately after
authorization.
Pick-to: 6.7 6.5 6.2
Fixes: QTBUG-124333
Change-Id: I063637029908ed4fa0390a0cb07511c92bd51874
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PKCE (RFC 7636) is a MUST in RFC 8252 which lays out OAuth2
best practices for native applications.
PKCE mitigates the risk of authorization code intercepting.
PKCE is only relevant for OAuth2 "Authorization Code" flow,
which is the only OAuth2 flow Qt supports out of the box.
The S256 method is set as the default. Sending out the
PKCE parameters should not cause harm even if the
authorization server didn't support them.
[ChangeLog][QOAuth2AuthorizationCodeFlow] Added PKCE support
and turned it on by default
Fixes: QTBUG-124327
Change-Id: Ic0242be1b8afcd9baa3ff071989d58ddabf753a2
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new QOAuthUriSchemeReplyHandler depends on QtGui module.
Put the class behind a flag which is disabled when Qt is built
without Gui.
Task-number: QTBUG-124338
Task-number: QTBUG-124339
Change-Id: I49ad056b39e767fe5c111ed62d8e0d7fc6bec044
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The URI scheme reply handler is a convenience class for redirect_uris
which use either custom scheme ("com.mystuff.app:/somepath")
or a regular https scheme ("https://app.mystuff.com/somepath").
These URI scheme handlers complement the pre-existing "http://localhost"
handler qtnetworkauth provides (QOAuthHttpServerReplyHandler).
Together these three URI schemes then cover the listed authorization
response handling uri schemes with public native applications,
as listed in RFC 8252 section "7. Receiving the Authorization Response
in a Native App":
1. loopback (pre-existing)
2. private URI scheme (this commit)
3. claimed HTTPS (this commit)
Task-number: QTBUG-124338
Task-number: QTBUG-124339
Change-Id: I9d511ecb92b5c63c5a66fbd1fc4ec9993e0479e7
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Marc Mutz <marc.mutz@qt.io>
|
|
|
|
|
|
|
|
|
| |
EHLO is SMTP.
Pick-to: 6.7
Change-Id: Ie30a3caf09ef4176bb36fffd17cdba0ddd765c6a
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of constructing it via strings, just let QUrl parse it because
it will do so properly. This fixes the incorrect handling of URIs
requested that are a prefix to the URL we want to handle.
Pick-to: 6.7
Change-Id: Ie30a3caf09ef4176bb36fffd17cdb59a516441aa
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
| |
Just add a timeout and use QTestEventLoop.
Change-Id: Ie30a3caf09ef4176bb36fffd17cdb69a30b6b1ee
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
According to QUIP-18 [1], all test files should be
LicenseRef-Qt-Commercial OR GPL-3.0-only
[1]: https://contribute.qt-project.org/quips/18
Pick-to: 6.7
Task-number: QTBUG-121787
Change-Id: Ia7b5193dc62217ae8afb4a80725645e113dcc874
Reviewed-by: Kai Köhne <kai.koehne@qt.io>
|
|
|
|
|
|
|
|
|
| |
Since we now send the headers in lower-case we also need to be prepared
for them to be lower-case on the server-side here.
Fixes: QTBUG-121727
Change-Id: I83b52277842b2c88b65fe13071123d223ccc6e19
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
|
|
|
|
|
| |
Task-number: QTBUG-84884
Change-Id: I1010f3dca690e30f7a7115a0002a97361c411969
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
By adding it to the default build flags via .cmake.conf.
This amends commit 5ad5773f2388bfa74b16fd9108f3f00cbed06b43.
Task-number: QTBUG-116296
Change-Id: Ifca206eb4831e22db1205bba3e295a29d3c83aec
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
| |
This disables the 3-arg QObject::connect() overload:
QObject::connect(sender, signal, functor)
For details see:
https://lists.qt-project.org/pipermail/development/2023-July/044141.html
Change-Id: If6e8d202b114d053933fc1dcab5b99377c67a879
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
Can't use [=, this] because not all compilers support it.
Add missing include (needed by static analyzers such as clangd).
Change-Id: Id88730e5ea0bc9b797cd3dd2d13d025d3e48b289
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
| |
Pick-to: 6.5 6.6
Change-Id: Ie861a97ccf33ec406aeab8480cb546699b675d85
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To be better in line with the other signals (that is, end
the signal name with a 'verb').
Amends: 32f29d3e227da206f262efa055d1cac895855a98
Pick-to: 6.6
Change-Id: I8f76d526b124842d0982e74af0dc76d8bdc46f37
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The OAuth2 authorization and access token requests can fail for a number
of reasons, both network and authorization server related. These errors
are reported as a log output, leaving the application unaware.
In addition since the refresh token errors were not handled, a failed
refresh attempt left the OAuth2 class in a "refershing token" status
without proper means for application to recover.
This commit harnesses the pre-existing QAbstractOAuth::requestFailed()
signal for reporting these issues. It's used by OAuth1 implementation
for similar purpose.
This consists of:
- Document the requestFailed() signal
- Add new QAbstractOAuthReplyHandler::tokenRequestError() signal,
which reply handlers can emit upon error
- Connect AuthorizationCodeFlow class to that signal and handle it
- Implement error emission in OobReplyHandler, which is used by
the examples (via HTTPReplyHandler)
- Autotests
[ChangeLog][QAbstractOAuth] Add token request error signal and
improve related error handling
Fixes: QTBUG-102279
Fixes: QTBUG-106821
Change-Id: I4dc14aa237d92bd1a2ba830c349cae4121be2e57
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a semantic patch using ClangTidyTransformator as in
qtbase/df9d882d41b741fef7c5beeddb0abe9d904443d8, but extended to
handle typedefs and accesses through pointers, too:
const std::string o = "object";
auto hasTypeIgnoringPointer = [](auto type) { return anyOf(hasType(type), hasType(pointsTo(type))); };
auto derivedFromAnyOfClasses = [&](ArrayRef<StringRef> classes) {
auto exprOfDeclaredType = [&](auto decl) {
return expr(hasTypeIgnoringPointer(hasUnqualifiedDesugaredType(recordType(hasDeclaration(decl))))).bind(o);
};
return exprOfDeclaredType(cxxRecordDecl(isSameOrDerivedFrom(hasAnyName(classes))));
};
auto renameMethod = [&] (ArrayRef<StringRef> classes,
StringRef from, StringRef to) {
return makeRule(cxxMemberCallExpr(on(derivedFromAnyOfClasses(classes)),
callee(cxxMethodDecl(hasName(from), parameterCountIs(0)))),
changeTo(cat(access(o, cat(to)), "()")),
cat("use '", to, "' instead of '", from, "'"));
};
renameMethod(<classes>, "count", "size");
renameMethod(<classes>, "length", "size");
a.k.a qt-port-to-std-compatible-api V4 with config Scope: 'Container'.
Change-Id: I9635ce1b96e5788e63a5b8d56ab226ffaf0270e7
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a semantic patch using ClangTidyTransformator as in
qtbase/df9d882d41b741fef7c5beeddb0abe9d904443d8:
auto QtContainerClass = anyOf(
expr(hasType(cxxRecordDecl(isSameOrDerivedFrom(hasAnyName(classes))))).bind(o),
expr(hasType(namedDecl(hasAnyName(<classes>)))).bind(o));
makeRule(cxxMemberCallExpr(on(QtContainerClass),
callee(cxxMethodDecl(hasAnyName({"count", "length"),
parameterCountIs(0))))),
changeTo(cat(access(o, cat("size"), "()"))),
cat("use 'size()' instead of 'count()/length()'"))
a.k.a qt-port-to-std-compatible-api with config Scope: 'Container',
with the extended set of container classes recognized.
Change-Id: I126d264a62c9db96ed1b3b37781d2eeea4e2acab
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Specifying a custom TLS configuration is necessary when it is required
to establish a Mutual TLS connection between the client and the
Authentication Server.
[ChangeLog][QAbstractOAuth2] Introduce a new sslConfiguration parameter
which allows to specify a TLS configuration used during the
authentication process.
This patch also applies the new parameter to
QOAuth2AuthorizationCodeFlow class.
Fixes: QTBUG-88325
Change-Id: I5daac3d97e4df1ecc35597e168a2d111881d704a
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
|
|
|
|
|
|
|
| |
Task-number: QTBUG-105718
Change-Id: Id6065ca3122682b7ba7cf27480314b3d8fced417
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Jörg Bornemann <joerg.bornemann@qt.io>
|
|
|
|
|
|
|
|
|
| |
To fix possible issues with QT_DISABLE_DEPRECATED_BEFORE >= 0x060000
builds.
Pick-to: 6.4 6.3 6.2
Change-Id: I8f0d6e2a11ba518a7c72ba8bc6e76fa6ee346215
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
| |
Change-Id: I00b1993847909470f257a6d07e46069bd202c0dc
Reviewed-by: Alexey Edelev <alexey.edelev@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
CMakeLists.txt and .cmake files of significant size
(more than 2 lines according to our check in tst_license.pl)
now have the copyright and license header.
Existing copyright statements remain intact
Task-number: QTBUG-88621
Change-Id: I75a84023fdf965b72410e39bf40f81f7941d6d16
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Replace the current license disclaimer in files by
a SPDX-License-Identifier.
License files are organized under LICENSES directory.
Pick-to: 6.4
Task-number: QTBUG-67283
Change-Id: Ic012e87171ed4cef6871eff7d76f56994ea3ca1f
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
|
|
|
|
| |
Change-Id: I0986ffa3647b7283078425abae3064cc41973968
Reviewed-by: Daniel Smith <Daniel.Smith@qt.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Needed for subsequent change that will check and error out if the
version is lower than 3.16. We do that to ensure all policies
introduced by CMake up to version 3.16 have their behavior set to
NEW.
Pick-to: 6.2
Task-number: QTBUG-95018
Change-Id: Ib2e75ab1dcda8314d971117e58d003d6a4ed1af6
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
Reviewed-by: Kai Koehne <kai.koehne@qt.io>
|
|
|
|
|
|
| |
Task-number: QTBUG-88742
Change-Id: I724cb19edeaf71ea4afb3b5d46a6cda59662de30
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
|
|
|
|
|
|
| |
Task-number: QTBUG-88742
Change-Id: I97c112a9d2794881a75441591d17b2a0ce487cad
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org>
|
|
|
|
|
| |
Change-Id: I788630034a71d78a7c16b0a94e85f15aa41af4b6
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
|
|
|
|
|
|
|
| |
Modify special case locations to use the new API as well.
Task-number: QTBUG-86815
Change-Id: I6dfd4a015e177bf868e38e5ac2916ea30615aa33
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Following the separation of QMap and QMultiMap we can no longer create
a QMultiMap<QString, QVariant> from a QVariantMap so entries need to be
inserted through a raw loop.
QMap can also no longer hold multiple values per key and as such
parameters where this would be expected have changed to
QMultiMap<QString, QVariant> as well.
Task-number: QTBUG-85930
Change-Id: I5bdfe38c22ea0cdde5bd1336a0070514e8d6474f
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
| |
Change-Id: I71be8a5b9af169add47e04493c4ade178723dc3f
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|
|
|
|
|
| |
Task-number: QTBUG-84469
Change-Id: Ie60541ebb1666533b26d4560010253cdae4528bc
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
|
|
|
|
|
|
|
|
|
|
| |
And fix the typo for the others
Fixes: QTBUG-84071
Pick-to: 5.15
Change-Id: I0ec87f8c82cd2863b3d62ea1c9628657f7471872
Reviewed-by: Liang Qi <liang.qi@qt.io>
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
|\
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
dependencies.yaml
coin/module_config.yaml
Change-Id: Ibdaaddae3887694fa72bbd8d25d78d586c4ab803
|
| |
| |
| |
| |
| |
| |
| | |
Change-Id: Ie3dcf131d55db1b5d5a6271910785e4aac46140e
Reviewed-by: Liang Qi <liang.qi@qt.io>
Reviewed-by: Leander Beernaert <leander.beernaert@qt.io>
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
| |\
| | |
| | |
| | |
| | |
| | |
| | | |
Conflicts:
dependencies.yaml
Change-Id: I15dc8f6d292527b8686271c575b1f57897d17806
|
| | |
| | |
| | |
| | |
| | |
| | | |
Change-Id: Ibc93c962abc8c82900babf695a83dcbec551de31
Reviewed-by: Qt CMake Build Bot
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |\ \
| | | |
| | | |
| | | |
| | | |
| | | | |
Removed dependencies.yaml.
Change-Id: I81a0864a5ee362a6237c75107e49ed3799434498
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes examples to be actually standalone examples.
Also some special cases were added here and there.
And some new changes that comes from the newer version of pro2cmake.
Change-Id: I0053bb740e41b44bf793ec4e284283bf013eaac8
Reviewed-by: Qt CMake Build Bot
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
|
| |\ \ \
| | | | |
| | | | |
| | | | | |
Change-Id: I692753cbb1f23d73b1f2280f8f36242e1780a299
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Change-Id: Ic0d5b4157d439b9b4956bdbad14a749a659d2902
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
Reviewed-by: Qt CMake Build Bot
|
| |\ \ \ \
| | | | | |
| | | | | |
| | | | | | |
Change-Id: I9a6512762d5c634d9647eac3dbad08c17aa22239
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Convert the QtNetworkAuth project to be compatible with the cmake build
system. Includes tests and examples.
Added header guard to twitter.h to work with CMake's moc setup.
Change-Id: I0762e0b53f4e3194c969655e4c3deae21768b327
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
| |_|_|_|/
|/| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
And update old-style connect even if there's no warning
Task-number: QTBUG-82605
Change-Id: Ia12fe93a43fac24017faf55b931ad28ae959f245
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
| |_|_|/
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Use QMap::insert() instead QMultiMap::unite() in the tests.
In the module itself, change the parameter type to a QMultiMap
since apparently duplicate keys are expected.
Although possibly a pre-existing bug, to be on the safe side we change
QMap::insert to QMultiMap::replace.
Fixes
qoauth1signature.cpp: In member function ‘QList<QString> QOAuth1Signature::keys() const’:
qoauth1signature.cpp:344:37: warning: ‘QList<T> QMap<K, V>::uniqueKeys() const [with Key = QString; T = QVariant]’ is deprecated: Use QMultiMap for maps storing multiple values with the same key. [-Wdeprecated-declarations]
qoauth1.cpp: In member function ‘void QOAuth1Private::appendSignature(QAbstractOAuth::Stage, QVariantMap*, const QUrl&, QNetworkAccessManager::Operation, QVariantMap)’:
qoauth1.cpp:147:75: warning: ‘QMap<K, V>& QMap<K, V>::unite(const QMap<K, V>&) [with Key = QString; T = QVariant]’ is deprecated: Use QMultiMap for maps storing multiple values with the same key. [-Wdeprecated-declarations]
qoauth1.cpp: In member function ‘void QOAuth1::setup(QNetworkRequest*, const QVariantMap&, QNetworkAccessManager::Operation)’:
qoauth1.cpp:766:81: warning: ‘QMap<K, V>& QMap<K, V>::unite(const QMap<K, V>&) [with Key = QString; T = QVariant]’ is deprecated: Use QMultiMap for maps storing multiple values with the same key. [-Wdeprecated-declarations]
const auto parameters = QVariantMap(oauthParams).unite(signingParameters);
qoauth1.cpp: In member function ‘void QOAuth1::setup(QNetworkRequest*, const QVariantMap&, const QByteArray&)’:
qoauth1.cpp:806:81: warning: ‘QMap<K, V>& QMap<K, V>::unite(const QMap<K, V>&) [with Key = QString; T = QVariant]’ is deprecated: Use QMultiMap for maps storing multiple values with the same key. [-Wdeprecated-declarations]
const auto parameters = QVariantMap(oauthParams).unite(signingParameters);
Change-Id: Iaec7850335a188a6b198a672d220b01edc2c10ea
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
|\ \ \ \
| |_|_|/
|/| | |
| | | | |
Change-Id: I9cc6fd050cd77400af01815ca8147ec954101ea2
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
... due to term.ie not being a reachable host.
Change-Id: I3d7d7d22ffa6a8176c05db73afba187047f9f479
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
|\| | |
| |_|/
|/| |
| | | |
Change-Id: I4fc22d12fb31adb080d58e0791d79a133b416e24
|
| |/
| |
| |
| |
| |
| |
| | |
It is no longer available
Change-Id: Ia7bba0dec1040f5e00f22ddaa9819b63f4f27d9e
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|