ubuntuone-credentials

Merge lp:~mardy/ubuntuone-credentials/default-token-name into lp:ubuntuone-credentials

default-token-name
Merge into trunk

Proposed by Alberto Mardegan on 2016-04-28

Status:	Superseded
Proposed branch:	lp:~mardy/ubuntuone-credentials/default-token-name
Merge into:	lp:ubuntuone-credentials
Diff against target:	1403 lines (+1071/-53) 15 files modified CMakeLists.txt (+3/-3) debian/control (+3/-2) debian/libubuntuoneauth-2.0-0.symbols (+4/-0) debian/signon-plugin-ubuntuone.install (+1/-1) libubuntuoneauth/CMakeLists.txt (+13/-3) libubuntuoneauth/tests/test_token.cpp (+7/-0) libubuntuoneauth/tests/test_token.h (+1/-0) libubuntuoneauth/token.cpp (+58/-11) libubuntuoneauth/token.h (+4/-0) signon-plugin/CMakeLists.txt (+14/-4) signon-plugin/tests/CMakeLists.txt (+51/-0) signon-plugin/tests/test_plugin.cpp (+550/-0) signon-plugin/ubuntuone-plugin.cpp (+297/-19) signon-plugin/ubuntuone-plugin.h (+41/-7) signon-plugin/ubuntuonedata.h (+24/-3)
To merge this branch:	bzr merge lp:~mardy/ubuntuone-credentials/default-token-name
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Unity API Team		2016-04-28	Pending
Review via email: mp+293233@code.launchpad.net

Commit message

If no token name is given, use a default one

Description of the change

If no token name is given, use a default one

If we don't do something like this, then we need to accept this:
https://code.launchpad.net/~mardy/unity-scope-click/signon-plugin/+merge/288758
(which would be my recommendation, actually).

lp:~mardy/ubuntuone-credentials/default-token-name updated on 2016-05-27

241. By Launchpad Translations on behalf of ubuntuone-control-tower on 2016-05-18: Launchpad automatic translations update.
242. By dobey on 2016-05-24: Remove the superfluous validateInput method.
Use the same taken name always.
Store the token name as part of the token data.
243. By Alberto Mardegan on 2016-05-27: Fix stored token response

Unmerged revisions

243. By Alberto Mardegan on 2016-05-27: Fix stored token response

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Alberto Mardegan

Unity API Team

 === modified file 'CMakeLists.txt'
 --- CMakeLists.txt	2015-05-11 13:44:59 +0000
 +++ CMakeLists.txt	2016-04-28 10:10:18 +0000
@@ -59,13 +59,13 @@
  # We use $namespace-tests[-valgrind[-leaks]] for the test names in subdirs,
  # and depend on them here, so that 'make check' will run them all.
  add_custom_target(check
--  DEPENDS ubuntuoneauth-tests
++  DEPENDS ubuntuoneauth-tests ubuntuone-plugin-tests
+ )
  add_custom_target(check-valgrind
--  DEPENDS ubuntuoneauth-tests-valgrind
++  DEPENDS ubuntuoneauth-tests-valgrind ubuntuone-plugin-tests-valgrind
+ )
  add_custom_target(check-valgrind-leaks
--  DEPENDS ubuntuoneauth-tests-valgrind-leaks
++  DEPENDS ubuntuoneauth-tests-valgrind-leaks ubuntuone-plugin-tests-valgrind-leaks
+ )
 === modified file 'debian/control'
 --- debian/control	2015-11-16 20:17:01 +0000
 +++ debian/control	2016-04-28 10:10:18 +0000
@@ -6,6 +6,7 @@
   debhelper (>= 9),
   dh-migrations,
   libaccounts-qt5-dev,
++ libglib2.0-dev,
   liboauth-dev,
   libsignon-qt5-dev,
   pkg-config,
@@ -14,7 +15,7 @@
   qtdeclarative5-dev-tools,
   qtdeclarative5-ubuntu-ui-toolkit-plugin,
   python3-all:native,
-- signon-plugins-dev,
++ signon-plugins-dev (>= 8.58),
   ubuntu-ui-toolkit-autopilot:native,
   xvfb,
  Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
@@ -135,7 +136,7 @@
  Package: signon-plugin-ubuntuone
  Architecture: any
--Multi-Arch: foreign
++Multi-Arch: same
  Pre-Depends:
   multiarch-support,
   ${misc:Pre-Depends},
 === modified file 'debian/libubuntuoneauth-2.0-0.symbols'
 --- debian/libubuntuoneauth-2.0-0.symbols	2015-12-07 21:38:01 +0000
 +++ debian/libubuntuoneauth-2.0-0.symbols	2016-04-28 10:10:18 +0000
@@ -111,7 +111,11 @@
   (c++)"UbuntuOne::Token::Token(QString, QString, QString, QString)@Base" 13.08
   (c++)"UbuntuOne::Token::Token(QString, QString, QString, QString, QString, QString)@Base" 14.04+14.10.20140908
   (c++)"UbuntuOne::Token::~Token()@Base" 13.08
++ (c++)"UbuntuOne::Token::name() const@Base" 15.11+16.04.20151207.1
   (c++)"UbuntuOne::Token::consumerKey() const@Base" 15.10+15.10.20150617
++ (c++)"UbuntuOne::Token::consumerSecret() const@Base" 15.11+16.04.20151207.1
++ (c++)"UbuntuOne::Token::tokenKey() const@Base" 15.11+16.04.20151207.1
++ (c++)"UbuntuOne::Token::tokenSecret() const@Base" 15.11+16.04.20151207.1
   (c++)"UbuntuOne::Token::created() const@Base" 14.04+14.10.20140818
   (c++)"UbuntuOne::Token::updated() const@Base" 14.04+14.10.20140818
   (c++)"UbuntuOne::Token::getServerTimestamp() const@Base" 15.11+16.04.20151207.1
 === modified file 'debian/signon-plugin-ubuntuone.install'
 --- debian/signon-plugin-ubuntuone.install	2013-11-27 21:19:44 +0000
 +++ debian/signon-plugin-ubuntuone.install	2016-04-28 10:10:18 +0000
@@ -1,1 +1,1 @@
--usr/lib/signon/*.so
++usr/lib/*/signon/*.so
 === modified file 'libubuntuoneauth/CMakeLists.txt'
 --- libubuntuoneauth/CMakeLists.txt	2013-11-22 19:17:04 +0000
 +++ libubuntuoneauth/CMakeLists.txt	2016-04-28 10:10:18 +0000
@@ -16,7 +16,17 @@
  # The sources for building the library
  FILE (GLOB SOURCES *.cpp)
  # HEADERS only includes the public headers for installation.
--FILE (GLOB HEADERS *.h)
++FILE (GLOB HEADERS
++  errormessages.h
++  identityprovider.h
++  keyring.h
++  logging.h
++  network.h
++  requests.h
++  responses.h
++  ssoservice.h
++  token.h
++)
  pkg_check_modules(OAUTH REQUIRED oauth)
  add_definitions(${OAUTH_CFLAGS} ${OAUTH_CFLAGS_OTHER})
@@ -29,12 +39,12 @@
  target_link_libraries (${AUTH_LIB_NAME}
    ${LIBSIGNON_LDFLAGS}
    ${OAUTH_LDFLAGS}
--  -Wl,--version-script -Wl,${CMAKE_CURRENT_SOURCE_DIR}/libubuntuoneauth.symbols
+ )
  SET_TARGET_PROPERTIES(${AUTH_LIB_NAME} PROPERTIES
    VERSION ${AUTH_LIB_VERSION}
    SOVERSION ${AUTH_LIB_SOVERSION}
++  LINK_FLAGS "-Wl,--version-script -Wl,\"${CMAKE_CURRENT_SOURCE_DIR}/libubuntuoneauth.symbols\""
+ )
  INSTALL (
@@ -64,4 +74,4 @@
+ )
  add_subdirectory(tests)
--add_subdirectory(examples)
 \ No newline at end of file
++add_subdirectory(examples)
 === modified file 'libubuntuoneauth/tests/test_token.cpp'
 --- libubuntuoneauth/tests/test_token.cpp	2015-12-07 21:17:00 +0000
 +++ libubuntuoneauth/tests/test_token.cpp	2016-04-28 10:10:18 +0000
@@ -46,6 +46,13 @@
      delete token;
+ }
++void TestToken::testTokenEmptyStrings()
++{
++    Token *token = new Token(QString(), QString(), QString(), QString());
++    QVERIFY(!token->isValid());
++    delete token;
++}
++
  void TestToken::testTokenArgs()
+ {
      Token *token = new Token("a", "b", "c", "d");
 === modified file 'libubuntuoneauth/tests/test_token.h'
 --- libubuntuoneauth/tests/test_token.h	2015-12-07 21:17:00 +0000
 +++ libubuntuoneauth/tests/test_token.h	2016-04-28 10:10:18 +0000
@@ -39,6 +39,7 @@
          void cleanupTestCase();
          void testEmptyToken();
++        void testTokenEmptyStrings();
          void testTokenArgs();
          void testTokenCopy();
 === modified file 'libubuntuoneauth/token.cpp'
 --- libubuntuoneauth/token.cpp	2015-12-07 21:17:00 +0000
 +++ libubuntuoneauth/token.cpp	2016-04-28 10:10:18 +0000
@@ -46,21 +46,25 @@
                   QString consumer_key, QString consumer_secret)
+     {
          _tokenHash[TOKEN_NAME_KEY] = buildTokenName();
--        _tokenHash[TOKEN_TOKEN_KEY] = token_key;
--        _tokenHash[TOKEN_TOKEN_SEC_KEY] = token_secret;
--        _tokenHash[TOKEN_CONSUMER_KEY] = consumer_key;
--        _tokenHash[TOKEN_CONSUMER_SEC_KEY] = consumer_secret;
++        if (!token_key.isEmpty()) {
++            _tokenHash[TOKEN_TOKEN_KEY] = token_key;
++        }
++        if (!token_secret.isEmpty()) {
++            _tokenHash[TOKEN_TOKEN_SEC_KEY] = token_secret;
++        }
++        if (!consumer_key.isEmpty()) {
++            _tokenHash[TOKEN_CONSUMER_KEY] = consumer_key;
++        }
++        if (!consumer_secret.isEmpty()) {
++            _tokenHash[TOKEN_CONSUMER_SEC_KEY] = consumer_secret;
++        }
+     }
      Token::Token(QString token_key, QString token_secret,
                   QString consumer_key, QString consumer_secret,
--                 QString created_date, QString updated_date)
++                 QString created_date, QString updated_date):
++        Token(token_key, token_secret, consumer_key, consumer_secret)
+     {
--        _tokenHash[TOKEN_NAME_KEY] = buildTokenName();
--        _tokenHash[TOKEN_TOKEN_KEY] = token_key;
--        _tokenHash[TOKEN_TOKEN_SEC_KEY] = token_secret;
--        _tokenHash[TOKEN_CONSUMER_KEY] = consumer_key;
--        _tokenHash[TOKEN_CONSUMER_SEC_KEY] = consumer_secret;
          _tokenHash[TOKEN_CREATED_KEY] = dateStringToISO(created_date);
          _tokenHash[TOKEN_UPDATED_KEY] = dateStringToISO(updated_date);
+     }
@@ -93,9 +97,19 @@
+     }
      /**
++     * \fn QString Token::name()
++     *
++     * Returns the token name, or empty string if not set.
++     */
++    QString Token::name() const
++    {
++        return _tokenHash.value(TOKEN_NAME_KEY, "");
++    }
++
++    /**
       * \fn QString Token::consumerKey()
+      *
--     * Retruns a consumer key for this token, or empty string if consumer key is not set.
++     * Returns a consumer key for this token, or empty string if consumer key is not set.
       */
      QString Token::consumerKey() const
+     {
@@ -103,6 +117,36 @@
+     }
      /**
++     * \fn QString Token::consumerSecret()
++     *
++     * Returns a consumer secret for this token, or empty string if not set.
++     */
++    QString Token::consumerSecret() const
++    {
++        return _tokenHash.value(TOKEN_CONSUMER_SEC_KEY, "");
++    }
++
++    /**
++     * \fn QString Token::tokenKey()
++     *
++     * Returns a token key for this token, or empty string if token key is not set.
++     */
++    QString Token::tokenKey() const
++    {
++        return _tokenHash.value(TOKEN_TOKEN_KEY, "");
++    }
++
++    /**
++     * \fn QString Token::tokenSecret()
++     *
++     * Returns a token secret for this token, or empty string if not set.
++     */
++    QString Token::tokenSecret() const
++    {
++        return _tokenHash.value(TOKEN_TOKEN_SEC_KEY, "");
++    }
++
++    /**
       * \fn bool Token::isValid()
+      *
       * Check that the token is valid.
@@ -291,6 +335,9 @@
          QStringList params = query.split("&");
          for (int i = 0; i < params.size(); ++i) {
              QStringList pair = params.at(i).split("=");
++            if (pair.count() < 2) {
++                continue;
++            }
              if (pair.at(0) == TOKEN_NAME_KEY) {
                  // TODO: Need to figure out how to actually use the
                  // QUrl::fromPercentEncoding at this point in the code.
 === modified file 'libubuntuoneauth/token.h'
 --- libubuntuoneauth/token.h	2015-12-07 21:17:00 +0000
 +++ libubuntuoneauth/token.h	2016-04-28 10:10:18 +0000
@@ -55,7 +55,11 @@
          static QString dateStringToISO(const QString date);
++        QString name() const;
          QString consumerKey() const;
++        QString consumerSecret() const;
++        QString tokenKey() const;
++        QString tokenSecret() const;
      private:
          QHash<QString, QString> _tokenHash;
 === modified file 'signon-plugin/CMakeLists.txt'
 --- signon-plugin/CMakeLists.txt	2014-07-24 13:30:19 +0000
 +++ signon-plugin/CMakeLists.txt	2016-04-28 10:10:18 +0000
@@ -1,3 +1,8 @@
++project(SignonPlugin)
++
++set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fno-exceptions -fno-rtti")
++set(CMAKE_MODULE_LINKER_FLAGS "-Wl,--no-undefined")
++
  # Qt5 bits
  SET (CMAKE_INCLUDE_CURRENT_DIR ON)
  SET (CMAKE_AUTOMOC ON)
@@ -8,14 +13,17 @@
  # HEADERS only includes the public headers for installation.
  FILE (GLOB HEADERS *.h)
--pkg_check_modules(SIGNON REQUIRED signon-plugins)
++pkg_check_modules(SIGNON REQUIRED signon-plugins glib-2.0)
  add_definitions(${SIGNON_CFLAGS} ${SIGNON_CFLAGS_OTHER})
  # Workaround for cmake not adding these to automoc properly
  SET (CMAKE_AUTOMOC_MOC_OPTIONS "${SIGNON_CFLAGS} ${CMAKE_AUTOMOC_MOC_OPTIONS}")
  # Need the project version here
--add_definitions("-DPROJECT_VERSION=\"${PROJECT_VERSION}\"")
++add_definitions(
++  "-DPROJECT_VERSION=\"${PROJECT_VERSION}\""
++  "-DGETTEXT_PACKAGE=\"ubuntuone-credentials\""
++)
  add_library (${SIGNON_PLUGIN_NAME} MODULE ${SOURCES})
  qt5_use_modules (${SIGNON_PLUGIN_NAME} Core Xml Network)
@@ -24,13 +32,15 @@
    -L${CMAKE_BINARY_DIR}/libubuntuoneauth
    ${AUTH_LIB_NAME}
    ${SIGNON_PLUGIN_LDFLAGS}
++  ${SIGNON_LDFLAGS}
++  ${SIGNON_LDFLAGS_OTHER}
+ )
--SET (SIGNON_PLUGIN_INSTALL_DIR lib/signon)
++SET (SIGNON_PLUGIN_INSTALL_DIR ${CMAKE_INSTALL_LIBDIR}/signon)
  INSTALL (
    TARGETS ${SIGNON_PLUGIN_NAME}
    LIBRARY DESTINATION ${SIGNON_PLUGIN_INSTALL_DIR}
+ )
--#add_subdirectory(tests)
++add_subdirectory(tests)
 === added directory 'signon-plugin/tests'
 === added file 'signon-plugin/tests/CMakeLists.txt'
 --- signon-plugin/tests/CMakeLists.txt	1970-01-01 00:00:00 +0000
 +++ signon-plugin/tests/CMakeLists.txt	2016-04-28 10:10:18 +0000
@@ -0,0 +1,51 @@
++# The thing we're building in here
++SET (TESTS_TARGET test-ubuntuone-plugin)
++
++# Qt5 bits
++SET (CMAKE_INCLUDE_CURRENT_DIR ON)
++SET (CMAKE_AUTOMOC ON)
++find_package(Qt5Core REQUIRED)
++
++pkg_check_modules(SIGNON REQUIRED signon-plugins)
++add_definitions(
++    ${SIGNON_CFLAGS}
++    ${SIGNON_CFLAGS_OTHER}
++    "-DPLUGIN_PATH=\"${CMAKE_CURRENT_BINARY_DIR}/../libubuntuoneplugin.so\""
++)
++
++# Workaround for cmake not adding these to automoc properly
++SET (CMAKE_AUTOMOC_MOC_OPTIONS "${SIGNON_CFLAGS} ${CMAKE_AUTOMOC_MOC_OPTIONS}")
++
++# The sources for building the tests
++SET (SOURCES
++    ${SignonPlugin_SOURCE_DIR}/ubuntuone-plugin.cpp
++    test_plugin.cpp
++)
++
++include_directories(
++    ${SignonPlugin_SOURCE_DIR}
++)
++
++add_executable (${TESTS_TARGET} ${SOURCES})
++qt5_use_modules (${TESTS_TARGET} Test Network)
++target_link_libraries (${TESTS_TARGET}
++    -Wl,-rpath,${CMAKE_BINARY_DIR}/libubuntuoneauth
++    -L${CMAKE_BINARY_DIR}/libubuntuoneauth
++    ${AUTH_LIB_NAME}
++    ${SIGNON_LDFLAGS}
++)
++
++add_custom_target(ubuntuone-plugin-tests
++    COMMAND ${CMAKE_CURRENT_BINARY_DIR}/${TESTS_TARGET}
++    DEPENDS ${TESTS_TARGET}
++)
++
++add_custom_target(ubuntuone-plugin-tests-valgrind
++    COMMAND valgrind --tool=memcheck ${CMAKE_CURRENT_BINARY_DIR}/${TESTS_TARGET}
++    DEPENDS ${TESTS_TARGET}
++)
++
++add_custom_target(ubuntuone-plugin-tests-valgrind-leaks
++    COMMAND valgrind --tool=memcheck --track-origins=yes --num-callers=40 --leak-resolution=high --leak-check=full ${CMAKE_CURRENT_BINARY_DIR}/${TESTS_TARGET}
++    DEPENDS ${TESTS_TARGET}
++)
 === added file 'signon-plugin/tests/test_plugin.cpp'
 --- signon-plugin/tests/test_plugin.cpp	1970-01-01 00:00:00 +0000
 +++ signon-plugin/tests/test_plugin.cpp	2016-04-28 10:10:18 +0000
@@ -0,0 +1,550 @@
++/*
++ * Copyright 2016 Canonical Ltd.
++ *
++ * This library is free software; you can redistribute it and/or
++ * modify it under the terms of version 3 of the GNU Lesser General Public
++ * License as published by the Free Software Foundation.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++ * General Public License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public
++ * License along with this library; if not, write to the
++ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
++ * Boston, MA 02110-1301, USA.
++ */
++
++#include <QJsonDocument>
++#include <QJsonObject>
++#include <QNetworkAccessManager>
++#include <QNetworkReply>
++#include <QPointer>
++#include <QRegExp>
++#include <QSignalSpy>
++#include <QTimer>
++#include <QtTest/QtTest>
++
++#include <SignOn/uisessiondata_priv.h>
++
++#include "ubuntuone-plugin.h"
++
++using namespace SignOn;
++
++namespace QTest {
++template<>
++char *toString(const QVariantMap &map)
++{
++    QJsonDocument doc(QJsonObject::fromVariantMap(map));
++    return qstrdup(doc.toJson(QJsonDocument::Compact).data());
++}
++} // QTest namespace
++
++class TestNetworkReply: public QNetworkReply
++{
++    Q_OBJECT
++
++public:
++    TestNetworkReply(QObject *parent = 0):
++        QNetworkReply(parent),
++        m_offset(0)
++    {}
++
++    void setError(NetworkError errorCode, const QString &errorString,
++                  int delay = -1) {
++        QNetworkReply::setError(errorCode, errorString);
++        if (delay > 0) {
++            QTimer::singleShot(delay, this, SLOT(fail()));
++        }
++    }
++
++    void setRawHeader(const QByteArray &headerName, const QByteArray &value) {
++        QNetworkReply::setRawHeader(headerName, value);
++    }
++
++    void setContentType(const QString &contentType) {
++        setRawHeader("Content-Type", contentType.toUtf8());
++    }
++
++    void setStatusCode(int statusCode) {
++        setAttribute(QNetworkRequest::HttpStatusCodeAttribute, statusCode);
++    }
++
++    void setContent(const QByteArray &content) {
++        m_content = content;
++        m_offset = 0;
++
++        open(ReadOnly | Unbuffered);
++        setHeader(QNetworkRequest::ContentLengthHeader, QVariant(content.size()));
++    }
++
++    void start() {
++        QTimer::singleShot(0, this, SIGNAL(readyRead()));
++        QTimer::singleShot(10, this, SLOT(finish()));
++    }
++
++public Q_SLOTS:
++    void finish() { setFinished(true); Q_EMIT finished(); }
++    void fail() { Q_EMIT error(error()); }
++
++protected:
++    void abort() Q_DECL_OVERRIDE {}
++    qint64 bytesAvailable() const Q_DECL_OVERRIDE {
++        return m_content.size() - m_offset + QIODevice::bytesAvailable();
++    }
++
++    bool isSequential() const Q_DECL_OVERRIDE { return true; }
++    qint64 readData(char *data, qint64 maxSize) Q_DECL_OVERRIDE {
++        if (m_offset >= m_content.size()) {
++            return -1;
++        }
++        qint64 number = qMin(maxSize, m_content.size() - m_offset);
++        memcpy(data, m_content.constData() + m_offset, number);
++        m_offset += number;
++        return number;
++    }
++
++private:
++    QByteArray m_content;
++    qint64 m_offset;
++};
++
++class TestNetworkAccessManager: public QNetworkAccessManager
++{
++    Q_OBJECT
++
++public:
++    TestNetworkAccessManager(): QNetworkAccessManager() {}
++
++    void setNextReply(TestNetworkReply *reply) { m_nextReply = reply; }
++
++protected:
++    QNetworkReply *createRequest(Operation op, const QNetworkRequest &request,
++                                 QIODevice *outgoingData = 0) Q_DECL_OVERRIDE {
++        Q_UNUSED(op);
++        m_lastRequest = request;
++        m_lastRequestData = outgoingData->readAll();
++        m_nextReply->start();
++        return m_nextReply;
++    }
++
++public:
++    QPointer<TestNetworkReply> m_nextReply;
++    QNetworkRequest m_lastRequest;
++    QByteArray m_lastRequestData;
++};
++
++class PluginTest: public QObject
++{
++    Q_OBJECT
++
++private Q_SLOTS:
++    void initTestCase();
++    void cleanupTestCase();
++
++    void testLoading();
++    void testInitialization();
++    void testPluginType();
++    void testPluginMechanisms();
++    void testStoredToken_data();
++    void testStoredToken();
++    void testUserInteraction();
++    void testTokenCreation_data();
++    void testTokenCreation();
++
++    void init();
++    void cleanup();
++
++private:
++    UbuntuOne::SignOnPlugin *m_testPlugin;
++};
++
++void PluginTest::initTestCase()
++{
++    qRegisterMetaType<SignOn::SessionData>();
++    qRegisterMetaType<SignOn::UiSessionData>();
++    qRegisterMetaType<SignOn::Error>();
++}
++
++void PluginTest::cleanupTestCase()
++{
++}
++
++// prepare each test by creating new plugin
++void PluginTest::init()
++{
++    m_testPlugin = new UbuntuOne::SignOnPlugin();
++}
++
++// finish each test by deleting plugin
++void PluginTest::cleanup()
++{
++    delete m_testPlugin;
++    m_testPlugin = 0;
++}
++
++void PluginTest::testLoading()
++{
++    QLibrary module(PLUGIN_PATH);
++    if (!module.load()) {
++        qDebug() << "Failed to load module:" << module.errorString();
++    }
++
++    QVERIFY(module.isLoaded());
++    typedef AuthPluginInterface *(*AuthPluginInstanceF)();
++    auto instance =
++        (AuthPluginInstanceF)module.resolve("auth_plugin_instance");
++    QVERIFY(instance);
++
++    auto plugin = qobject_cast<AuthPluginInterface *>(instance());
++    QVERIFY(plugin);
++}
++
++void PluginTest::testInitialization()
++{
++    QVERIFY(m_testPlugin);
++}
++
++void PluginTest::testPluginType()
++{
++    QCOMPARE(m_testPlugin->type(), QString("ubuntuone"));
++}
++
++void PluginTest::testPluginMechanisms()
++{
++    QStringList mechs = m_testPlugin->mechanisms();
++    QCOMPARE(mechs.count(), 1);
++    QCOMPARE(mechs[0], QString("ubuntuone"));
++}
++
++void PluginTest::testStoredToken_data()
++{
++    QTest::addColumn<QVariantMap>("sessionData");
++    QTest::addColumn<int>("expectedErrorCode");
++    QTest::addColumn<bool>("uiExpected");
++    QTest::addColumn<QVariantMap>("expectedResponse");
++    QTest::addColumn<QVariantMap>("expectedStore");
++
++    UbuntuOne::PluginData sessionData;
++    UbuntuOne::PluginData response;
++    UbuntuOne::PluginData stored;
++
++    QTest::newRow("empty") <<
++        sessionData.toMap() <<
++        -1 <<
++        true << QVariantMap() << QVariantMap();
++
++    sessionData.setTokenName("helloworld");
++    sessionData.setSecret("consumer_key=aAa&consumer_secret=bBb&name=helloworld&token=cCc&token_secret=dDd");
++    response.setConsumerKey("aAa");
++    response.setConsumerSecret("bBb");
++    response.setTokenKey("cCc");
++    response.setTokenSecret("dDd");
++    QVariantMap storedData;
++    storedData[sessionData.TokenName()] = response.toMap();
++    stored.setStoredData(storedData);
++    response.setTokenName(sessionData.TokenName());
++    QTest::newRow("in secret, valid") <<
++        sessionData.toMap() <<
++        -1 <<
++        false << response.toMap() << stored.toMap();
++    sessionData = UbuntuOne::PluginData();
++    response = UbuntuOne::PluginData();
++    stored = UbuntuOne::PluginData();
++    storedData.clear();
++}
++
++void PluginTest::testStoredToken()
++{
++    QFETCH(QVariantMap, sessionData);
++    QFETCH(int, expectedErrorCode);
++    QFETCH(bool, uiExpected);
++    QFETCH(QVariantMap, expectedResponse);
++    QFETCH(QVariantMap, expectedStore);
++
++    QSignalSpy result(m_testPlugin, SIGNAL(result(const SignOn::SessionData&)));
++    QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &)));
++    QSignalSpy userActionRequired(m_testPlugin,
++                                  SIGNAL(userActionRequired(const SignOn::UiSessionData&)));
++    QSignalSpy store(m_testPlugin, SIGNAL(store(const SignOn::SessionData&)));
++
++    m_testPlugin->process(sessionData, "ubuntuone");
++    if (expectedErrorCode < 0) {
++        QCOMPARE(error.count(), 0);
++        QTRY_COMPARE(userActionRequired.count(), uiExpected ? 1 : 0);
++        if (!expectedResponse.isEmpty()) {
++            QTRY_COMPARE(result.count(), 1);
++            QVariantMap resp = result.at(0).at(0).value<SessionData>().toMap();
++            QCOMPARE(resp, expectedResponse);
++        } else {
++            QCOMPARE(result.count(), 0);
++        }
++
++        if (!expectedStore.isEmpty()) {
++            QCOMPARE(store.count(), 1);
++            QVariantMap storedData =
++                store.at(0).at(0).value<SessionData>().toMap();
++            QCOMPARE(storedData, expectedStore);
++        } else {
++            QCOMPARE(store.count(), 0);
++        }
++    } else {
++        QTRY_COMPARE(error.count(), 1);
++        Error err = error.at(0).at(0).value<Error>();
++        QCOMPARE(err.type(), expectedErrorCode);
++    }
++}
++
++void PluginTest::testUserInteraction()
++{
++    QSignalSpy result(m_testPlugin, SIGNAL(result(const SignOn::SessionData&)));
++    QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &)));
++    QSignalSpy userActionRequired(m_testPlugin,
++                                  SIGNAL(userActionRequired(const SignOn::UiSessionData&)));
++    QSignalSpy store(m_testPlugin, SIGNAL(store(const SignOn::SessionData&)));
++
++    TestNetworkAccessManager *nam = new TestNetworkAccessManager;
++    m_testPlugin->m_networkAccessManager = nam;
++
++    UbuntuOne::PluginData sessionData;
++    sessionData.setTokenName("helloworld");
++    sessionData.setUserName("tom@example.com");
++    m_testPlugin->process(sessionData, "ubuntuone");
++
++    QTRY_COMPARE(userActionRequired.count(), 1);
++    QVariantMap data =
++        userActionRequired.at(0).at(0).value<UiSessionData>().toMap();
++    /* We want the title to be there, but we don't care about its value here */
++    QVERIFY(data.contains(SSOUI_KEY_TITLE));
++    data.remove(SSOUI_KEY_TITLE);
++    QVariantMap expectedUserInteraction;
++    expectedUserInteraction[SSOUI_KEY_USERNAME] = "tom@example.com";
++    expectedUserInteraction[SSOUI_KEY_QUERYPASSWORD] = true;
++    QCOMPARE(data, expectedUserInteraction);
++    userActionRequired.clear();
++
++    /* Prepare network reply */
++    TestNetworkReply *reply = new TestNetworkReply(this);
++    reply->setStatusCode(401);
++    reply->setContent("{\n"
++                      "  \"code\": \"TWOFACTOR_REQUIRED\",\n"
++                      "  \"message\": \"This account requires 2-factor authentication.\",\n"
++                      "  \"extra\": {}\n"
++                      "}");
++    nam->setNextReply(reply);
++
++    QVariantMap userReply;
++    userReply[SSOUI_KEY_USERNAME] = "tom@example.com";
++    userReply[SSOUI_KEY_PASSWORD] = "s3cr3t";
++    m_testPlugin->userActionFinished(userReply);
++
++    /* Again the plugin should request user interaction, as OTP is required */
++    QTRY_COMPARE(userActionRequired.count(), 1);
++    data = userActionRequired.at(0).at(0).value<UiSessionData>().toMap();
++    expectedUserInteraction.clear();
++    expectedUserInteraction[SSOUI_KEY_USERNAME] = "tom@example.com";
++    expectedUserInteraction[SSOUI_KEY_PASSWORD] = "s3cr3t";
++    expectedUserInteraction[SSOUI_KEY_QUERY2FA] = true;
++    /* We want the map to contain the SSOUI_KEY_2FA_TEXT, but we don't care
++     * about the value */
++    QVERIFY(data.contains(SSOUI_KEY_2FA_TEXT));
++    data.remove(SSOUI_KEY_2FA_TEXT);
++    /* Same goes for the title */
++    QVERIFY(data.contains(SSOUI_KEY_TITLE));
++    data.remove(SSOUI_KEY_TITLE);
++    QCOMPARE(data, expectedUserInteraction);
++}
++
++void PluginTest::testTokenCreation_data()
++{
++    QTest::addColumn<QVariantMap>("sessionData");
++    QTest::addColumn<int>("networkError");
++    QTest::addColumn<int>("httpStatus");
++    QTest::addColumn<QString>("replyContents");
++    QTest::addColumn<int>("expectedErrorCode");
++    QTest::addColumn<QVariantMap>("expectedResponse");
++    QTest::addColumn<QVariantMap>("expectedStore");
++    QTest::addColumn<QVariantMap>("expectedUserInteraction");
++
++    UbuntuOne::PluginData sessionData;
++    UbuntuOne::PluginData response;
++    UbuntuOne::PluginData stored;
++    QVariantMap userInteraction;
++
++    // Successful creation, with password only
++    sessionData.setTokenName("helloworld");
++    sessionData.setUserName("jim@example.com");
++    sessionData.setSecret("s3cr3t");
++    response.setConsumerKey("aAa");
++    response.setConsumerSecret("bBb");
++    response.setTokenKey("cCc");
++    response.setTokenSecret("dDd");
++    response.setDateUpdated("2013-01-11 12:43:23");
++    response.setDateCreated("2013-01-11 12:43:23");
++    QVariantMap storedData;
++    storedData[sessionData.TokenName()] = response.toMap();
++    stored.setStoredData(storedData);
++    response.setTokenName(sessionData.TokenName());
++    QTest::newRow("no OTP needed, 201") <<
++        sessionData.toMap() <<
++        -1 <<
++        201 << QString("{\n"
++                       "  \"href\": \"https://login.ubuntu.com/api/v2/tokens/oauth/the-key\",\n"
++                       "  \"token_key\": \"cCc\",\n"
++                       "  \"token_secret\": \"dDd\",\n"
++                       "  \"token_name\": \"helloworld\",\n"
++                       "  \"consumer_key\": \"aAa\",\n"
++                       "  \"consumer_secret\": \"bBb\",\n"
++                       "  \"date_created\": \"2013-01-11 12:43:23\",\n"
++                       "  \"date_updated\": \"2013-01-11 12:43:23\"\n"
++                       "}") <<
++        -1 <<
++        response.toMap() << stored.toMap() << userInteraction;
++    sessionData = UbuntuOne::PluginData();
++    response = UbuntuOne::PluginData();
++    stored = UbuntuOne::PluginData();
++    storedData.clear();
++
++    // Wrong password
++    sessionData.setTokenName("helloworld");
++    sessionData.setUserName("jim@example.com");
++    sessionData.setSecret("s3cr3t");
++    userInteraction[SSOUI_KEY_USERNAME] = "jim@example.com";
++    userInteraction[SSOUI_KEY_QUERYPASSWORD] = true;
++    QTest::newRow("wrong password") <<
++        sessionData.toMap() <<
++        -1 <<
++        401 << QString("{\n"
++                       "  \"code\": \"INVALID_CREDENTIALS\",\n"
++                       "  \"message\": \"Wrong password!\",\n"
++                       "  \"extra\": {}\n"
++                       "}") <<
++        -1 <<
++        response.toMap() << stored.toMap() << userInteraction;
++    sessionData = UbuntuOne::PluginData();
++    userInteraction.clear();
++
++    // Empty username
++    sessionData.setTokenName("helloworld");
++    sessionData.setSecret("s3cr3t");
++    userInteraction[SSOUI_KEY_QUERYUSERNAME] = true;
++    userInteraction[SSOUI_KEY_USERNAME] = "";
++    userInteraction[SSOUI_KEY_QUERYPASSWORD] = true;
++    QTest::newRow("empty username") <<
++        sessionData.toMap() <<
++        -1 <<
++        401 << QString("{\n"
++                       "  \"code\": \"INVALID_CREDENTIALS\",\n"
++                       "  \"message\": \"Missing username\",\n"
++                       "  \"extra\": {}\n"
++                       "}") <<
++        -1 <<
++        response.toMap() << stored.toMap() << userInteraction;
++    sessionData = UbuntuOne::PluginData();
++    userInteraction.clear();
++
++    // Network error while creating token
++    sessionData.setTokenName("helloworld");
++    sessionData.setUserName("jim@example.com");
++    sessionData.setSecret("s3cr3t");
++    QTest::newRow("network error") <<
++        sessionData.toMap() <<
++        int(QNetworkReply::SslHandshakeFailedError) <<
++        -1 << QString() <<
++        int(SignOn::Error::Ssl) <<
++        response.toMap() << stored.toMap() << userInteraction;
++    sessionData = UbuntuOne::PluginData();
++
++    // Account needs reset
++    sessionData.setTokenName("helloworld");
++    sessionData.setUserName("jim@example.com");
++    sessionData.setSecret("s3cr3t");
++    userInteraction[SSOUI_KEY_OPENURL] = "http://www.example.com/reset";
++    QTest::newRow("reset needed") <<
++        sessionData.toMap() <<
++        -1 <<
++        403 << QString("{\n"
++                       "  \"code\": \"PASSWORD_POLICY_ERROR\",\n"
++                       "  \"message\": \"Password too short\",\n"
++                       "  \"extra\": {\n"
++                       "    \"location\": \"http://www.example.com/reset\"\n"
++                       "  }\n"
++                       "}") <<
++        -1 <<
++        response.toMap() << stored.toMap() << userInteraction;
++    sessionData = UbuntuOne::PluginData();
++    userInteraction.clear();
++}
++
++void PluginTest::testTokenCreation()
++{
++    QFETCH(QVariantMap, sessionData);
++    QFETCH(int, httpStatus);
++    QFETCH(int, networkError);
++    QFETCH(QString, replyContents);
++    QFETCH(int, expectedErrorCode);
++    QFETCH(QVariantMap, expectedResponse);
++    QFETCH(QVariantMap, expectedStore);
++    QFETCH(QVariantMap, expectedUserInteraction);
++
++    QSignalSpy result(m_testPlugin, SIGNAL(result(const SignOn::SessionData&)));
++    QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &)));
++    QSignalSpy userActionRequired(m_testPlugin,
++                                  SIGNAL(userActionRequired(const SignOn::UiSessionData&)));
++    QSignalSpy store(m_testPlugin, SIGNAL(store(const SignOn::SessionData&)));
++
++    /* Prepare network reply */
++    TestNetworkAccessManager *nam = new TestNetworkAccessManager;
++    m_testPlugin->m_networkAccessManager = nam;
++    TestNetworkReply *reply = new TestNetworkReply(this);
++    if (httpStatus > 0) {
++        reply->setStatusCode(httpStatus);
++    } else {
++        reply->setError(QNetworkReply::NetworkError(networkError),
++                        "Network error");
++    }
++    reply->setContent(replyContents.toUtf8());
++    nam->setNextReply(reply);
++
++
++    m_testPlugin->process(sessionData, "ubuntuone");
++    if (expectedErrorCode < 0) {
++        if (!expectedUserInteraction.isEmpty()) {
++            QTRY_COMPARE(userActionRequired.count(), 1);
++            QVariantMap data =
++                userActionRequired.at(0).at(0).value<UiSessionData>().toMap();
++            /* We don't care about the title here */
++            data.remove(SSOUI_KEY_TITLE);
++            QCOMPARE(data, expectedUserInteraction);
++        } else {
++            QCOMPARE(userActionRequired.count(), 0);
++        }
++
++        if (!expectedResponse.isEmpty()) {
++            QTRY_COMPARE(result.count(), 1);
++            QVariantMap resp = result.at(0).at(0).value<SessionData>().toMap();
++            QCOMPARE(resp, expectedResponse);
++        } else {
++            QCOMPARE(result.count(), 0);
++        }
++
++        if (!expectedStore.isEmpty()) {
++            QCOMPARE(store.count(), 1);
++            QVariantMap storedData =
++                store.at(0).at(0).value<SessionData>().toMap();
++            QCOMPARE(storedData, expectedStore);
++        } else {
++            QCOMPARE(store.count(), 0);
++        }
++
++        QCOMPARE(error.count(), 0);
++    } else {
++        QTRY_COMPARE(error.count(), 1);
++        Error err = error.at(0).at(0).value<Error>();
++        QCOMPARE(err.type(), expectedErrorCode);
++    }
++}
++
++QTEST_MAIN(PluginTest)
++#include "test_plugin.moc"
 === modified file 'signon-plugin/ubuntuone-plugin.cpp'
 --- signon-plugin/ubuntuone-plugin.cpp	2013-08-12 21:16:29 +0000
 +++ signon-plugin/ubuntuone-plugin.cpp	2016-04-28 10:10:18 +0000
@@ -15,15 +15,37 @@
   * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
   * Boston, MA 02110-1301, USA.
   */
++
++#include <QJsonDocument>
++#include <QJsonObject>
++#include <QNetworkAccessManager>
++#include <QNetworkReply>
++#include <QNetworkRequest>
++
++#include <SignOn/UiSessionData>
++#include <SignOn/uisessiondata_priv.h>
++
++#include <ssoservice.h>
  #include <token.h>
++#include <glib/gi18n-lib.h>
++
  #include "ubuntuone-plugin.h"
++#define ERR_INVALID_CREDENTIALS QLatin1String("INVALID_CREDENTIALS")
++#define ERR_INVALID_DATA QLatin1String("INVALID_DATA")
++#define ERR_TWOFACTOR_REQUIRED QLatin1String("TWOFACTOR_REQUIRED")
++#define ERR_TWOFACTOR_FAILURE QLatin1String("TWOFACTOR_FAILURE")
++#define ERR_PASSWORD_POLICY_ERROR QLatin1String("PASSWORD_POLICY_ERROR")
  namespace UbuntuOne {
--    SignOnPlugin::SignOnPlugin(QObject *parent)
--        : AuthPluginInterface(parent)
++    SignOnPlugin::SignOnPlugin(QObject *parent):
++        AuthPluginInterface(parent),
++        m_networkAccessManager(0),
++        m_reply(0),
++        m_didAskForPassword(false),
++        m_needsOtp(false)
+     {
+     }
@@ -47,33 +69,289 @@
+     {
+     }
++    bool SignOnPlugin::validateInput(PluginData &data,
++                                     const QString &mechanism)
++    {
++        Q_UNUSED(mechanism);
++
++        if (data.TokenName().isEmpty()) {
++            data.setTokenName(Token::buildTokenName());
++        }
++
++        return true;
++    }
++
++    bool SignOnPlugin::respondWithStoredData()
++    {
++        QVariantMap storedData = m_data.StoredData();
++
++        /* When U1 was using the password plugin, it was storing the token data
++         * in the password field. So, if we don't have any data stored in the
++         * plugin's data, try to get a token from the password field.
++         */
++        if (storedData.isEmpty() && !m_data.Secret().isEmpty()) {
++            Token *token = Token::fromQuery(m_data.Secret());
++            if (token->isValid()) {
++                PluginData tokenData;
++                tokenData.setConsumerKey(token->consumerKey());
++                tokenData.setConsumerSecret(token->consumerSecret());
++                tokenData.setTokenKey(token->tokenKey());
++                tokenData.setTokenSecret(token->tokenSecret());
++                QDateTime time = token->updated();
++                if (time.isValid()) {
++                    tokenData.setDateUpdated(time.toString(Qt::ISODate));
++                }
++                time = token->created();
++                if (time.isValid()) {
++                    tokenData.setDateCreated(time.toString(Qt::ISODate));
++                }
++                storedData[token->name()] = tokenData.toMap();
++                PluginData pluginData;
++                pluginData.setStoredData(storedData);
++                Q_EMIT store(pluginData);
++
++                /* We know that the given secret is a valid token, so it cannot
++                 * be a valid password as well: let's clear it out now, so that
++                 * if it turns out that the token is no longer valid and that
++                 * we need to create a new one, we won't make a useless attempt
++                 * to create one with a wrong password.
++                 */
++                m_data.setSecret(QString());
++            }
++            delete token;
++        }
++
++        /* Check if we have stored data for this token name */
++        PluginData tokenData(storedData[m_data.TokenName()].toMap());
++        Token token(tokenData.TokenKey(), tokenData.TokenSecret(),
++                    tokenData.ConsumerKey(), tokenData.ConsumerSecret(),
++                    tokenData.DateCreated(), tokenData.DateUpdated());
++        if (!token.isValid()) {
++            return false;
++        }
++        qDebug() << "Token is valid!" << tokenData.TokenKey();
++
++        tokenData.setTokenName(m_data.TokenName());
++        Q_EMIT result(tokenData);
++        return true;
++    }
++
++    void SignOnPlugin::emitErrorFromReply(QNetworkReply *reply)
++    {
++        int errorCode = reply->error();
++        int type = SignOn::Error::Network;
++        if (errorCode == QNetworkReply::SslHandshakeFailedError) {
++            type = SignOn::Error::Ssl;
++        } else if (errorCode == QNetworkReply::ServiceUnavailableError) {
++            type = SignOn::Error::ServiceNotAvailable;
++        } else if (errorCode == QNetworkReply::AuthenticationRequiredError) {
++            type = SignOn::Error::NotAuthorized;
++        } else if (errorCode <= QNetworkReply::UnknownNetworkError) {
++            type = SignOn::Error::NoConnection;
++        }
++
++        qDebug() << "Got error:" << reply->errorString();
++        Q_EMIT error(SignOn::Error(type, reply->errorString()));
++    }
++
      void SignOnPlugin::process(const SignOn::SessionData &inData,
                                 const QString &mechanism)
+     {
--        Q_UNUSED(mechanism);
++        if (!m_networkAccessManager) {
++            m_networkAccessManager = new QNetworkAccessManager(this);
++        }
++
++        bindtextdomain(GETTEXT_PACKAGE, NULL);
++        textdomain(GETTEXT_PACKAGE);
++
          PluginData response;
          m_data = inData.data<PluginData>();
--        if (!inData.Secret().isEmpty()) {
--            response.setConsumer(m_data.Consumer());
--            response.setConsumerSecret(m_data.ConsumerSecret());
--            response.setToken(m_data.Token());
--            response.setTokenSecret(m_data.TokenSecret());
--
--            response.setName(Token::buildTokenName());
--
--            emit result(response);
--            return;
--        }
--
--        SignOn::UiSessionData data;
--        data.setRealm(inData.Realm());
--        data.setShowRealm(!data.Realm().isEmpty());
--        emit userActionRequired(data);
++        if (!validateInput(m_data, mechanism)) {
++            qWarning() << "Invalid parameters passed";
++            Q_EMIT error(SignOn::Error(SignOn::Error::MissingData));
++            return;
++        }
++
++        /* It may be that the stored token is valid; however, do the check only
++         * if no OTP was provided (since the presence of an OTP is a clear
++         * signal that the caller wants to get a new token). */
++        if (m_data.OneTimePassword().isEmpty() &&
++            respondWithStoredData()) {
++            return;
++        }
++
++        getCredentialsAndCreateNewToken();
++    }
++
++    void SignOnPlugin::onCreationFinished()
++    {
++        QNetworkReply *reply = m_reply;
++        m_reply->deleteLater();
++        m_reply = 0;
++
++        QByteArray data = reply->readAll();
++        qDebug() << "Received" << data;
++        QJsonDocument json = QJsonDocument::fromJson(data);
++        QJsonObject object = json.object();
++
++        QString error = object.value("code").toString();
++
++        int statusCode = reply->attribute(QNetworkRequest::HttpStatusCodeAttribute).toInt();
++        qDebug() << "Status code:" << statusCode;
++        if (statusCode == 200 || statusCode == 201) {
++            QString tokenName = object.value("token_name").toString();
++            PluginData token;
++            token.setConsumerKey(object.value("consumer_key").toString());
++            token.setConsumerSecret(object.value("consumer_secret").toString());
++            token.setTokenKey(object.value("token_key").toString());
++            token.setTokenSecret(object.value("token_secret").toString());
++            token.setDateCreated(Token::dateStringToISO(object.value("date_created").toString()));
++            token.setDateUpdated(Token::dateStringToISO(object.value("date_updated").toString()));
++
++            /* Store the token */
++            QVariantMap storedData;
++            storedData[tokenName] = token.toMap();
++            PluginData pluginData;
++            pluginData.setStoredData(storedData);
++            Q_EMIT store(pluginData);
++
++            token.setTokenName(tokenName);
++            Q_EMIT result(token);
++        } else if (statusCode == 401 && error == ERR_INVALID_CREDENTIALS) {
++            m_data.setSecret(QString());
++            m_data.setOneTimePassword(QString());
++            getCredentialsAndCreateNewToken();
++        } else if (statusCode == 401 && error == ERR_TWOFACTOR_REQUIRED) {
++            m_needsOtp = true;
++            getCredentialsAndCreateNewToken();
++        } else if (statusCode == 403 && error == ERR_TWOFACTOR_FAILURE) {
++            m_data.setOneTimePassword(QString());
++            getCredentialsAndCreateNewToken();
++        } else if (statusCode == 403 && error == ERR_PASSWORD_POLICY_ERROR) {
++            QVariantMap data;
++            QJsonObject extra = object.value("extra").toObject();
++            data[SSOUI_KEY_OPENURL] = extra.value("location").toString();
++            Q_EMIT userActionRequired(data);
++        } else if (error == ERR_INVALID_DATA) {
++            // This error is received when the email address is invalid
++            m_data.setUserName(QString());
++            m_data.setSecret(QString());
++            m_data.setOneTimePassword(QString());
++            getCredentialsAndCreateNewToken();
++        } else {
++            emitErrorFromReply(reply);
++        }
++    }
++
++    void SignOnPlugin::createNewToken()
++    {
++        QNetworkRequest req(QUrl(SSOService::getAuthBaseUrl() +
++                                 QStringLiteral("/api/v2/tokens/oauth")));
++        req.setHeader(QNetworkRequest::ContentTypeHeader, "application/json");
++
++        QJsonObject formData;
++        formData.insert("email", m_data.UserName());
++        formData.insert("password", m_data.Secret());
++        formData.insert("token_name", m_data.TokenName());
++        if (!m_data.OneTimePassword().isEmpty()) {
++            formData.insert("otp", m_data.OneTimePassword());
++        }
++
++        qDebug() << "Sending data for token creation";
++        m_reply =
++            m_networkAccessManager->post(req, QJsonDocument(formData).toJson());
++        QObject::connect(m_reply, SIGNAL(finished()),
++                         this, SLOT(onCreationFinished()));
++    }
++
++    void SignOnPlugin::getCredentialsAndCreateNewToken()
++    {
++        if (!m_data.Secret().isEmpty() &&
++            (!m_needsOtp || !m_data.OneTimePassword().isEmpty())) {
++            createNewToken();
++        } else if (m_data.Secret().isEmpty()) {
++            QVariantMap data;
++            data[SSOUI_KEY_TITLE] =
++                QString::fromUtf8(_("Sign in to your Ubuntu One account"));
++            if (m_data.UserName().isEmpty()) {
++                data[SSOUI_KEY_QUERYUSERNAME] = true;
++            }
++            data[SSOUI_KEY_USERNAME] = m_data.UserName();
++            data[SSOUI_KEY_QUERYPASSWORD] = true;
++            m_didAskForPassword = true;
++            Q_EMIT userActionRequired(data);
++        } else {
++            QVariantMap data;
++            data[SSOUI_KEY_TITLE] =
++                QString::fromUtf8(_("Sign in to your Ubuntu One account"));
++            data[SSOUI_KEY_USERNAME] = m_data.UserName();
++            data[SSOUI_KEY_PASSWORD] = m_data.Secret();
++            data[SSOUI_KEY_QUERY2FA] = true;
++            data[SSOUI_KEY_2FA_TEXT] =
++                QString::fromUtf8(_("2-factor device code"));
++            Q_EMIT userActionRequired(data);
++        }
++    }
++
++    bool SignOnPlugin::handleUiError(const SignOn::UiSessionData &data)
++    {
++        using namespace SignOn;
++
++        int code = data.QueryErrorCode();
++        if (code == QUERY_ERROR_NONE) {
++            return false;
++        }
++
++        qDebug() << "userActionFinished with error: " << code;
++        if (code == QUERY_ERROR_CANCELED) {
++            Q_EMIT error(Error(Error::SessionCanceled,
++                               QLatin1String("Cancelled by user")));
++        } else if (code == QUERY_ERROR_NETWORK) {
++            Q_EMIT error(Error(Error::Network, QLatin1String("Network error")));
++        } else if (code == QUERY_ERROR_SSL) {
++            Q_EMIT error(Error(Error::Ssl, QLatin1String("SSL error")));
++        } else {
++            QVariantMap map = data.toMap();
++            if (map.contains(SSOUI_KEY_QUERY2FA)) {
++                PluginData reply;
++                reply.setU1ErrorCode(PluginData::OneTimePasswordRequired);
++                Q_EMIT result(reply);
++            } else if (map.contains(SSOUI_KEY_QUERYPASSWORD)) {
++                PluginData reply;
++                reply.setU1ErrorCode(PluginData::InvalidPassword);
++                Q_EMIT result(reply);
++            } else {
++                Q_EMIT error(Error(Error::UserInteraction,
++                                   QString("userActionFinished error: ")
++                                   + QString::number(data.QueryErrorCode())));
++            }
++        }
++        return true;
+     }
      void SignOnPlugin::userActionFinished(const SignOn::UiSessionData &data)
+     {
++        if (handleUiError(data)) {
++            return;
++        }
++
++        PluginData uiData = data.data<PluginData>();
++        if (!uiData.UserName().isEmpty()) {
++            m_data.setUserName(uiData.UserName());
++        }
++
++        if (!uiData.Secret().isEmpty()) {
++            m_data.setSecret(uiData.Secret());
++        }
++
++        QVariantMap map = data.toMap();
++        QString oneTimePassword = map.value(SSOUI_KEY_2FA).toString();
++        if (!oneTimePassword.isEmpty()) {
++            m_data.setOneTimePassword(oneTimePassword);
++        }
++
++        getCredentialsAndCreateNewToken();
+     }
      SIGNON_DECL_AUTH_PLUGIN(SignOnPlugin)
 === modified file 'signon-plugin/ubuntuone-plugin.h'
 --- signon-plugin/ubuntuone-plugin.h	2013-08-12 21:16:29 +0000
 +++ signon-plugin/ubuntuone-plugin.h	2016-04-28 10:10:18 +0000
@@ -27,9 +27,15 @@
  #include "ubuntuonedata.h"
++class PluginTest;
++
++class QNetworkAccessManager;
++class QNetworkReply;
  namespace UbuntuOne {
++    class Token;
++
      class SignOnPlugin : public AuthPluginInterface
+     {
          Q_OBJECT
@@ -40,17 +46,45 @@
          virtual ~SignOnPlugin();
      public Q_SLOTS:
--        QString type() const;
--        QStringList mechanisms() const;
--        void cancel();
++        QString type() const Q_DECL_OVERRIDE;
++        QStringList mechanisms() const Q_DECL_OVERRIDE;
++        void cancel() Q_DECL_OVERRIDE;
          void process(const SignOn::SessionData &inData,
--                     const QString &mechanism = 0);
--        void userActionFinished(const SignOn::UiSessionData &data);
--
--    private:
++                     const QString &mechanism = 0) Q_DECL_OVERRIDE;
++        void userActionFinished(const SignOn::UiSessionData &data) Q_DECL_OVERRIDE;
++
++    private:
++        bool validateInput(PluginData &data, const QString &mechanism);
++        bool respondWithStoredData();
++        void emitErrorFromReply(QNetworkReply *reply);
++        void createNewToken();
++        void getCredentialsAndCreateNewToken();
++        bool handleUiError(const SignOn::UiSessionData &data);
++
++    private Q_SLOTS:
++        void onCreationFinished();
++
++    private:
++        friend class ::PluginTest;
          PluginData m_data;
++        QNetworkAccessManager *m_networkAccessManager;
++        QNetworkReply *m_reply;
++        bool m_didAskForPassword;
++        bool m_needsOtp;
      };
  } // namespace UbuntuOne
++/* These fields are temporarily defined here; they'll be eventually moved to
++ * signond's include files. */
++#define SSOUI_KEY_USERNAME_TEXT QLatin1String("UserNameText")
++#define SSOUI_KEY_PASSWORD_TEXT QLatin1String("PasswordText")
++#define SSOUI_KEY_REGISTER_URL  QLatin1String("RegisterUrl")
++#define SSOUI_KEY_REGISTER_TEXT QLatin1String("RegisterText")
++#define SSOUI_KEY_LOGIN_TEXT QLatin1String("LoginText")
++#define SSOUI_KEY_QUERY2FA QLatin1String("Query2fa")
++#define SSOUI_KEY_2FA QLatin1String("2fa")
++#define SSOUI_KEY_2FA_TEXT QLatin1String("2faText")
++#define SSOUI_KEY_ERROR_MESSAGE QLatin1String("ErrorMessage")
++
  #endif
 === modified file 'signon-plugin/ubuntuonedata.h'
 --- signon-plugin/ubuntuonedata.h	2013-08-12 21:16:29 +0000
 +++ signon-plugin/ubuntuonedata.h	2016-04-28 10:10:18 +0000
@@ -25,16 +25,37 @@
      class PluginData : public SignOn::SessionData
+     {
      public:
++        PluginData(const QVariantMap &data = QVariantMap()):
++            SignOn::SessionData(data) {}
++
          // The name of the token
--        SIGNON_SESSION_DECLARE_PROPERTY(QString, Name);
++        SIGNON_SESSION_DECLARE_PROPERTY(QString, TokenName);
++
++        // The one-time password (optional)
++        SIGNON_SESSION_DECLARE_PROPERTY(QString, OneTimePassword);
          // The consumer key and secret for signing
--        SIGNON_SESSION_DECLARE_PROPERTY(QString, Consumer);
++        SIGNON_SESSION_DECLARE_PROPERTY(QString, ConsumerKey);
          SIGNON_SESSION_DECLARE_PROPERTY(QString, ConsumerSecret);
          // The access token and secret for signing
--        SIGNON_SESSION_DECLARE_PROPERTY(QString, Token);
++        SIGNON_SESSION_DECLARE_PROPERTY(QString, TokenKey);
          SIGNON_SESSION_DECLARE_PROPERTY(QString, TokenSecret);
++
++        // Token creation and update time
++        SIGNON_SESSION_DECLARE_PROPERTY(QString, DateCreated);
++        SIGNON_SESSION_DECLARE_PROPERTY(QString, DateUpdated);
++
++        // Error code
++        enum ErrorCode {
++            NoError = 0,
++            OneTimePasswordRequired,
++            InvalidPassword,
++        };
++        SIGNON_SESSION_DECLARE_PROPERTY(int, U1ErrorCode);
++
++        // Data which the plugin has stored into signond
++        SIGNON_SESSION_DECLARE_PROPERTY(QVariantMap, StoredData);
      };
  } // namespace UbuntuOne