Merge lp:~mardy/ubuntuone-credentials/signon-plugin into lp:ubuntuone-credentials
- signon-plugin
- Merge into trunk
Status: | Work in progress |
---|---|
Proposed branch: | lp:~mardy/ubuntuone-credentials/signon-plugin |
Merge into: | lp:ubuntuone-credentials |
Diff against target: |
3370 lines (+2886/-118) 23 files modified
data/ubuntuone.provider (+2/-2) debian/control (+3/-2) debian/libubuntuoneauth-2.0-0.symbols (+4/-0) debian/signon-plugin-ubuntuone.install (+1/-1) libubuntuoneauth/CMakeLists.txt (+13/-3) libubuntuoneauth/accountmanager.cpp (+44/-0) libubuntuoneauth/accountmanager.h (+43/-0) libubuntuoneauth/authenticator.cpp (+176/-0) libubuntuoneauth/authenticator.h (+71/-0) libubuntuoneauth/common.h (+30/-0) libubuntuoneauth/keyring.cpp (+34/-60) libubuntuoneauth/libubuntuoneauth.symbols (+2/-1) libubuntuoneauth/ssoservice.cpp (+44/-13) libubuntuoneauth/token.cpp (+54/-5) libubuntuoneauth/token.h (+4/-0) signon-plugin/CMakeLists.txt (+9/-2) signon-plugin/i18n.cpp (+37/-0) signon-plugin/i18n.h (+31/-0) signon-plugin/tests/CMakeLists.txt (+52/-0) signon-plugin/tests/tst_plugin.cpp (+1840/-0) signon-plugin/ubuntuone-plugin.cpp (+327/-19) signon-plugin/ubuntuone-plugin.h (+45/-7) signon-plugin/ubuntuonedata.h (+20/-3) |
To merge this branch: | bzr merge lp:~mardy/ubuntuone-credentials/signon-plugin |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
dobey | Pending | ||
Review via email: mp+287132@code.launchpad.net |
Commit message
WIP Implement SignOn authentication plugin, use it libubuntuoneauth.
Description of the change
WIP Implement SignOn authentication plugin, use it libubuntuoneauth.
- 237. By Alberto Mardegan
-
Force export of symbol
- 238. By Alberto Mardegan
-
Allow authentication with no account
- 239. By Alberto Mardegan
-
No undefined symbols
- 240. By Alberto Mardegan
-
Test plugin loading
- 241. By Alberto Mardegan
-
Properly export symbols
- 242. By Alberto Mardegan
-
debugging
- 243. By Alberto Mardegan
-
Return specific error codes
- 244. By Alberto Mardegan
-
Tweak on application name
- 245. By Alberto Mardegan
-
missing include
- 246. By Alberto Mardegan
-
Explain hack
- 247. By Alberto Mardegan
-
Never remove accounts
- 248. By Alberto Mardegan
-
Plugin: don't delete the reply while using it
- 249. By Alberto Mardegan
-
Handle invalid email error
- 250. By Alberto Mardegan
-
Allow UI interactions when retrieving token
- 251. By Alberto Mardegan
-
Fix dialog title and handling of 2fa reply
- 252. By Alberto Mardegan
-
Avoid double free
- 253. By Alberto Mardegan
-
Update method name in .provider file
- 254. By Alberto Mardegan
-
Merge trunk
[ CI Train Bot ]
* Resync trunk.
[ Michael Zanetti ]
* update to uitk 1.3 (LP: #1560621)
[ Rodney Dawes ]
* Disable tests on powerpc as something in xenial is causing a crash. - 255. By Alberto Mardegan
-
Use Internal namespace
Unmerged revisions
- 255. By Alberto Mardegan
-
Use Internal namespace
Preview Diff
1 | === modified file 'data/ubuntuone.provider' | |||
2 | --- data/ubuntuone.provider 2013-10-16 08:21:08 +0000 | |||
3 | +++ data/ubuntuone.provider 2016-04-22 09:51:32 +0000 | |||
4 | @@ -8,8 +8,8 @@ | |||
5 | 8 | 8 | ||
6 | 9 | <template> | 9 | <template> |
7 | 10 | <group name="auth"> | 10 | <group name="auth"> |
10 | 11 | <setting name="method">password</setting> | 11 | <setting name="method">ubuntuone</setting> |
11 | 12 | <setting name="mechanism">password</setting> | 12 | <setting name="mechanism">ubuntuone</setting> |
12 | 13 | </group> | 13 | </group> |
13 | 14 | </template> | 14 | </template> |
14 | 15 | </provider> | 15 | </provider> |
15 | 16 | 16 | ||
16 | === modified file 'debian/control' | |||
17 | --- debian/control 2015-11-16 20:17:01 +0000 | |||
18 | +++ debian/control 2016-04-22 09:51:32 +0000 | |||
19 | @@ -14,7 +14,7 @@ | |||
20 | 14 | qtdeclarative5-dev-tools, | 14 | qtdeclarative5-dev-tools, |
21 | 15 | qtdeclarative5-ubuntu-ui-toolkit-plugin, | 15 | qtdeclarative5-ubuntu-ui-toolkit-plugin, |
22 | 16 | python3-all:native, | 16 | python3-all:native, |
24 | 17 | signon-plugins-dev, | 17 | signon-plugins-dev (>= 8.58), |
25 | 18 | ubuntu-ui-toolkit-autopilot:native, | 18 | ubuntu-ui-toolkit-autopilot:native, |
26 | 19 | xvfb, | 19 | xvfb, |
27 | 20 | Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> | 20 | Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
28 | @@ -135,7 +135,7 @@ | |||
29 | 135 | 135 | ||
30 | 136 | Package: signon-plugin-ubuntuone | 136 | Package: signon-plugin-ubuntuone |
31 | 137 | Architecture: any | 137 | Architecture: any |
33 | 138 | Multi-Arch: foreign | 138 | Multi-Arch: same |
34 | 139 | Pre-Depends: | 139 | Pre-Depends: |
35 | 140 | multiarch-support, | 140 | multiarch-support, |
36 | 141 | ${misc:Pre-Depends}, | 141 | ${misc:Pre-Depends}, |
37 | @@ -159,6 +159,7 @@ | |||
38 | 159 | Depends: | 159 | Depends: |
39 | 160 | libubuntuoneauth-2.0-0 (= ${binary:Version}), | 160 | libubuntuoneauth-2.0-0 (= ${binary:Version}), |
40 | 161 | qml-module-ubuntuone (= ${binary:Version}), | 161 | qml-module-ubuntuone (= ${binary:Version}), |
41 | 162 | signon-plugin-ubuntuone, | ||
42 | 162 | ubuntu-system-settings-online-accounts, | 163 | ubuntu-system-settings-online-accounts, |
43 | 163 | ${misc:Depends}, | 164 | ${misc:Depends}, |
44 | 164 | ${shlibs:Depends}, | 165 | ${shlibs:Depends}, |
45 | 165 | 166 | ||
46 | === modified file 'debian/libubuntuoneauth-2.0-0.symbols' | |||
47 | --- debian/libubuntuoneauth-2.0-0.symbols 2015-12-07 21:38:01 +0000 | |||
48 | +++ debian/libubuntuoneauth-2.0-0.symbols 2016-04-22 09:51:32 +0000 | |||
49 | @@ -111,7 +111,11 @@ | |||
50 | 111 | (c++)"UbuntuOne::Token::Token(QString, QString, QString, QString)@Base" 13.08 | 111 | (c++)"UbuntuOne::Token::Token(QString, QString, QString, QString)@Base" 13.08 |
51 | 112 | (c++)"UbuntuOne::Token::Token(QString, QString, QString, QString, QString, QString)@Base" 14.04+14.10.20140908 | 112 | (c++)"UbuntuOne::Token::Token(QString, QString, QString, QString, QString, QString)@Base" 14.04+14.10.20140908 |
52 | 113 | (c++)"UbuntuOne::Token::~Token()@Base" 13.08 | 113 | (c++)"UbuntuOne::Token::~Token()@Base" 13.08 |
53 | 114 | (c++)"UbuntuOne::Token::name() const@Base" 15.11+16.04.20151207.1 | ||
54 | 114 | (c++)"UbuntuOne::Token::consumerKey() const@Base" 15.10+15.10.20150617 | 115 | (c++)"UbuntuOne::Token::consumerKey() const@Base" 15.10+15.10.20150617 |
55 | 116 | (c++)"UbuntuOne::Token::consumerSecret() const@Base" 15.11+16.04.20151207.1 | ||
56 | 117 | (c++)"UbuntuOne::Token::tokenKey() const@Base" 15.11+16.04.20151207.1 | ||
57 | 118 | (c++)"UbuntuOne::Token::tokenSecret() const@Base" 15.11+16.04.20151207.1 | ||
58 | 115 | (c++)"UbuntuOne::Token::created() const@Base" 14.04+14.10.20140818 | 119 | (c++)"UbuntuOne::Token::created() const@Base" 14.04+14.10.20140818 |
59 | 116 | (c++)"UbuntuOne::Token::updated() const@Base" 14.04+14.10.20140818 | 120 | (c++)"UbuntuOne::Token::updated() const@Base" 14.04+14.10.20140818 |
60 | 117 | (c++)"UbuntuOne::Token::getServerTimestamp() const@Base" 15.11+16.04.20151207.1 | 121 | (c++)"UbuntuOne::Token::getServerTimestamp() const@Base" 15.11+16.04.20151207.1 |
61 | 118 | 122 | ||
62 | === modified file 'debian/signon-plugin-ubuntuone.install' | |||
63 | --- debian/signon-plugin-ubuntuone.install 2013-11-27 21:19:44 +0000 | |||
64 | +++ debian/signon-plugin-ubuntuone.install 2016-04-22 09:51:32 +0000 | |||
65 | @@ -1,1 +1,1 @@ | |||
67 | 1 | usr/lib/signon/*.so | 1 | usr/lib/*/signon/*.so |
68 | 2 | 2 | ||
69 | === modified file 'libubuntuoneauth/CMakeLists.txt' | |||
70 | --- libubuntuoneauth/CMakeLists.txt 2013-11-22 19:17:04 +0000 | |||
71 | +++ libubuntuoneauth/CMakeLists.txt 2016-04-22 09:51:32 +0000 | |||
72 | @@ -16,7 +16,17 @@ | |||
73 | 16 | # The sources for building the library | 16 | # The sources for building the library |
74 | 17 | FILE (GLOB SOURCES *.cpp) | 17 | FILE (GLOB SOURCES *.cpp) |
75 | 18 | # HEADERS only includes the public headers for installation. | 18 | # HEADERS only includes the public headers for installation. |
77 | 19 | FILE (GLOB HEADERS *.h) | 19 | FILE (GLOB HEADERS |
78 | 20 | errormessages.h | ||
79 | 21 | identityprovider.h | ||
80 | 22 | keyring.h | ||
81 | 23 | logging.h | ||
82 | 24 | network.h | ||
83 | 25 | requests.h | ||
84 | 26 | responses.h | ||
85 | 27 | ssoservice.h | ||
86 | 28 | token.h | ||
87 | 29 | ) | ||
88 | 20 | 30 | ||
89 | 21 | pkg_check_modules(OAUTH REQUIRED oauth) | 31 | pkg_check_modules(OAUTH REQUIRED oauth) |
90 | 22 | add_definitions(${OAUTH_CFLAGS} ${OAUTH_CFLAGS_OTHER}) | 32 | add_definitions(${OAUTH_CFLAGS} ${OAUTH_CFLAGS_OTHER}) |
91 | @@ -29,12 +39,12 @@ | |||
92 | 29 | target_link_libraries (${AUTH_LIB_NAME} | 39 | target_link_libraries (${AUTH_LIB_NAME} |
93 | 30 | ${LIBSIGNON_LDFLAGS} | 40 | ${LIBSIGNON_LDFLAGS} |
94 | 31 | ${OAUTH_LDFLAGS} | 41 | ${OAUTH_LDFLAGS} |
95 | 32 | -Wl,--version-script -Wl,${CMAKE_CURRENT_SOURCE_DIR}/libubuntuoneauth.symbols | ||
96 | 33 | ) | 42 | ) |
97 | 34 | 43 | ||
98 | 35 | SET_TARGET_PROPERTIES(${AUTH_LIB_NAME} PROPERTIES | 44 | SET_TARGET_PROPERTIES(${AUTH_LIB_NAME} PROPERTIES |
99 | 36 | VERSION ${AUTH_LIB_VERSION} | 45 | VERSION ${AUTH_LIB_VERSION} |
100 | 37 | SOVERSION ${AUTH_LIB_SOVERSION} | 46 | SOVERSION ${AUTH_LIB_SOVERSION} |
101 | 47 | LINK_FLAGS "-Wl,--version-script -Wl,\"${CMAKE_CURRENT_SOURCE_DIR}/libubuntuoneauth.symbols\"" | ||
102 | 38 | ) | 48 | ) |
103 | 39 | 49 | ||
104 | 40 | INSTALL ( | 50 | INSTALL ( |
105 | @@ -64,4 +74,4 @@ | |||
106 | 64 | ) | 74 | ) |
107 | 65 | 75 | ||
108 | 66 | add_subdirectory(tests) | 76 | add_subdirectory(tests) |
109 | 67 | add_subdirectory(examples) | ||
110 | 68 | \ No newline at end of file | 77 | \ No newline at end of file |
111 | 78 | add_subdirectory(examples) | ||
112 | 69 | 79 | ||
113 | === added file 'libubuntuoneauth/accountmanager.cpp' | |||
114 | --- libubuntuoneauth/accountmanager.cpp 1970-01-01 00:00:00 +0000 | |||
115 | +++ libubuntuoneauth/accountmanager.cpp 2016-04-22 09:51:32 +0000 | |||
116 | @@ -0,0 +1,44 @@ | |||
117 | 1 | /* | ||
118 | 2 | * Copyright 2016 Canonical Ltd. | ||
119 | 3 | * | ||
120 | 4 | * This library is free software; you can redistribute it and/or | ||
121 | 5 | * modify it under the terms of version 3 of the GNU Lesser General Public | ||
122 | 6 | * License as published by the Free Software Foundation. | ||
123 | 7 | * | ||
124 | 8 | * This program is distributed in the hope that it will be useful, | ||
125 | 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
126 | 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
127 | 11 | * General Public License for more details. | ||
128 | 12 | * | ||
129 | 13 | * You should have received a copy of the GNU Lesser General Public | ||
130 | 14 | * License along with this library; if not, write to the | ||
131 | 15 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
132 | 16 | * Boston, MA 02110-1301, USA. | ||
133 | 17 | */ | ||
134 | 18 | |||
135 | 19 | #include "accountmanager.h" | ||
136 | 20 | |||
137 | 21 | namespace Internal { | ||
138 | 22 | |||
139 | 23 | AccountManager *AccountManager::m_instance = 0; | ||
140 | 24 | |||
141 | 25 | AccountManager::AccountManager(QObject *parent): | ||
142 | 26 | Accounts::Manager(parent) | ||
143 | 27 | { | ||
144 | 28 | } | ||
145 | 29 | |||
146 | 30 | AccountManager::~AccountManager() | ||
147 | 31 | { | ||
148 | 32 | m_instance = 0; | ||
149 | 33 | } | ||
150 | 34 | |||
151 | 35 | AccountManager *AccountManager::instance() | ||
152 | 36 | { | ||
153 | 37 | if (!m_instance) { | ||
154 | 38 | m_instance = new AccountManager; | ||
155 | 39 | } | ||
156 | 40 | |||
157 | 41 | return m_instance; | ||
158 | 42 | } | ||
159 | 43 | |||
160 | 44 | } // namespace | ||
161 | 0 | 45 | ||
162 | === added file 'libubuntuoneauth/accountmanager.h' | |||
163 | --- libubuntuoneauth/accountmanager.h 1970-01-01 00:00:00 +0000 | |||
164 | +++ libubuntuoneauth/accountmanager.h 2016-04-22 09:51:32 +0000 | |||
165 | @@ -0,0 +1,43 @@ | |||
166 | 1 | /* | ||
167 | 2 | * Copyright 2016 Canonical Ltd. | ||
168 | 3 | * | ||
169 | 4 | * This library is free software; you can redistribute it and/or | ||
170 | 5 | * modify it under the terms of version 3 of the GNU Lesser General Public | ||
171 | 6 | * License as published by the Free Software Foundation. | ||
172 | 7 | * | ||
173 | 8 | * This program is distributed in the hope that it will be useful, | ||
174 | 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
175 | 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
176 | 11 | * General Public License for more details. | ||
177 | 12 | * | ||
178 | 13 | * You should have received a copy of the GNU Lesser General Public | ||
179 | 14 | * License along with this library; if not, write to the | ||
180 | 15 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
181 | 16 | * Boston, MA 02110-1301, USA. | ||
182 | 17 | */ | ||
183 | 18 | #ifndef _U1_ACCOUNTMANAGER_H_ | ||
184 | 19 | #define _U1_ACCOUNTMANAGER_H_ | ||
185 | 20 | |||
186 | 21 | #include <Accounts/Manager> | ||
187 | 22 | #include <QObject> | ||
188 | 23 | |||
189 | 24 | namespace Internal { | ||
190 | 25 | |||
191 | 26 | class AccountManager : public Accounts::Manager | ||
192 | 27 | { | ||
193 | 28 | Q_OBJECT | ||
194 | 29 | |||
195 | 30 | public: | ||
196 | 31 | static AccountManager *instance(); | ||
197 | 32 | ~AccountManager(); | ||
198 | 33 | |||
199 | 34 | protected: | ||
200 | 35 | explicit AccountManager(QObject *parent = 0); | ||
201 | 36 | |||
202 | 37 | private: | ||
203 | 38 | static AccountManager *m_instance; | ||
204 | 39 | }; | ||
205 | 40 | |||
206 | 41 | } /* namespace */ | ||
207 | 42 | |||
208 | 43 | #endif /* _U1_ACCOUNTMANAGER_H_ */ | ||
209 | 0 | 44 | ||
210 | === added file 'libubuntuoneauth/authenticator.cpp' | |||
211 | --- libubuntuoneauth/authenticator.cpp 1970-01-01 00:00:00 +0000 | |||
212 | +++ libubuntuoneauth/authenticator.cpp 2016-04-22 09:51:32 +0000 | |||
213 | @@ -0,0 +1,176 @@ | |||
214 | 1 | /* | ||
215 | 2 | * Copyright 2016 Canonical Ltd. | ||
216 | 3 | * | ||
217 | 4 | * This library is free software; you can redistribute it and/or | ||
218 | 5 | * modify it under the terms of version 3 of the GNU Lesser General Public | ||
219 | 6 | * License as published by the Free Software Foundation. | ||
220 | 7 | * | ||
221 | 8 | * This program is distributed in the hope that it will be useful, | ||
222 | 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
223 | 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
224 | 11 | * General Public License for more details. | ||
225 | 12 | * | ||
226 | 13 | * You should have received a copy of the GNU Lesser General Public | ||
227 | 14 | * License along with this library; if not, write to the | ||
228 | 15 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
229 | 16 | * Boston, MA 02110-1301, USA. | ||
230 | 17 | */ | ||
231 | 18 | |||
232 | 19 | #include <Accounts/Account> | ||
233 | 20 | #include <Accounts/Service> | ||
234 | 21 | #include <SignOn/AuthSession> | ||
235 | 22 | #include <SignOn/Identity> | ||
236 | 23 | #include <SignOn/IdentityInfo> | ||
237 | 24 | |||
238 | 25 | #include <QDebug> | ||
239 | 26 | |||
240 | 27 | #include "accountmanager.h" | ||
241 | 28 | #include "authenticator.h" | ||
242 | 29 | #include "../signon-plugin/ubuntuonedata.h" | ||
243 | 30 | |||
244 | 31 | using namespace Internal; | ||
245 | 32 | using namespace UbuntuOne; | ||
246 | 33 | |||
247 | 34 | Authenticator::Authenticator(QObject *parent): | ||
248 | 35 | QObject(parent), | ||
249 | 36 | m_manager(AccountManager::instance()), | ||
250 | 37 | m_invalidate(false), | ||
251 | 38 | m_uiAllowed(true) | ||
252 | 39 | { | ||
253 | 40 | } | ||
254 | 41 | |||
255 | 42 | void Authenticator::handleError(const SignOn::Error &e) | ||
256 | 43 | { | ||
257 | 44 | qCritical() << "Authentication error:" << e.message(); | ||
258 | 45 | Q_EMIT error(AuthenticationError); | ||
259 | 46 | } | ||
260 | 47 | |||
261 | 48 | void Authenticator::handleSessionData(const SignOn::SessionData &data) | ||
262 | 49 | { | ||
263 | 50 | PluginData reply = data.data<PluginData>(); | ||
264 | 51 | |||
265 | 52 | auto errorCode = PluginData::ErrorCode(reply.U1ErrorCode()); | ||
266 | 53 | if (errorCode != PluginData::NoError) { | ||
267 | 54 | switch (errorCode) { | ||
268 | 55 | case PluginData::OneTimePasswordRequired: | ||
269 | 56 | qDebug() << "Error: OTP required"; | ||
270 | 57 | Q_EMIT error(OneTimePasswordRequired); | ||
271 | 58 | break; | ||
272 | 59 | case PluginData::InvalidPassword: | ||
273 | 60 | qDebug() << "Error: invalid password"; | ||
274 | 61 | Q_EMIT error(InvalidPassword); | ||
275 | 62 | break; | ||
276 | 63 | default: | ||
277 | 64 | qWarning() << "Unknown error code" << errorCode; | ||
278 | 65 | Q_EMIT error(AuthenticationError); | ||
279 | 66 | } | ||
280 | 67 | return; | ||
281 | 68 | } | ||
282 | 69 | |||
283 | 70 | Token token(reply.TokenKey(), reply.TokenSecret(), | ||
284 | 71 | reply.ConsumerKey(), reply.ConsumerSecret()); | ||
285 | 72 | if (token.isValid()) { | ||
286 | 73 | Q_EMIT authenticated(token); | ||
287 | 74 | } else { | ||
288 | 75 | QString message("Failed to convert result to Token object."); | ||
289 | 76 | qCritical() << message; | ||
290 | 77 | Q_EMIT error(AuthenticationError); | ||
291 | 78 | } | ||
292 | 79 | } | ||
293 | 80 | |||
294 | 81 | quint32 Authenticator::credentialsId() | ||
295 | 82 | { | ||
296 | 83 | QString providerId("ubuntuone"); | ||
297 | 84 | Accounts::AccountIdList accountIds = m_manager->accountList(providerId); | ||
298 | 85 | |||
299 | 86 | if (accountIds.isEmpty()) { | ||
300 | 87 | qDebug() << "authenticate(): No UbuntuOne accounts found"; | ||
301 | 88 | Q_EMIT error(AccountNotFound); | ||
302 | 89 | return 0; | ||
303 | 90 | } | ||
304 | 91 | |||
305 | 92 | if (accountIds.count() > 1) { | ||
306 | 93 | qWarning() << "authenticate(): Found '" << accountIds.count() << | ||
307 | 94 | "' accounts. Using first."; | ||
308 | 95 | } | ||
309 | 96 | |||
310 | 97 | qDebug() << "authenticate(): Using account '" << accountIds[0] << "'."; | ||
311 | 98 | |||
312 | 99 | auto account = m_manager->account(accountIds[0]); | ||
313 | 100 | if (Q_UNLIKELY(!account)) { | ||
314 | 101 | qDebug() << "Couldn't load account"; | ||
315 | 102 | /* This could either happen because the account was deleted right while | ||
316 | 103 | * we were loading it, or because the accounts DB was locked by another | ||
317 | 104 | * app. Let's just return an authentication error here, so the client | ||
318 | 105 | * can retry. | ||
319 | 106 | */ | ||
320 | 107 | Q_EMIT error(AuthenticationError); | ||
321 | 108 | return 0; | ||
322 | 109 | } | ||
323 | 110 | |||
324 | 111 | /* Here we should check that the account service is enabled; but since the | ||
325 | 112 | * old code was not doing this check, and that from the API there is no way | ||
326 | 113 | * of knowing which service we are interested in, let's leave it as a TODO. | ||
327 | 114 | */ | ||
328 | 115 | |||
329 | 116 | return account->credentialsId(); | ||
330 | 117 | } | ||
331 | 118 | |||
332 | 119 | void Authenticator::authenticate(const QString &tokenName, | ||
333 | 120 | const QString &userName, | ||
334 | 121 | const QString &password, | ||
335 | 122 | const QString &otp) | ||
336 | 123 | { | ||
337 | 124 | SignOn::Identity *identity; | ||
338 | 125 | if (userName.isEmpty()) { | ||
339 | 126 | // Use existing account | ||
340 | 127 | quint32 id = credentialsId(); | ||
341 | 128 | if (Q_UNLIKELY(!id)) return; | ||
342 | 129 | |||
343 | 130 | identity = SignOn::Identity::existingIdentity(id, this); | ||
344 | 131 | if (Q_UNLIKELY(!identity)) { | ||
345 | 132 | qCritical() << "authenticate(): unable to load credentials" << id; | ||
346 | 133 | Q_EMIT error(AccountNotFound); | ||
347 | 134 | return; | ||
348 | 135 | } | ||
349 | 136 | } else { | ||
350 | 137 | identity = SignOn::Identity::newIdentity(SignOn::IdentityInfo(), this); | ||
351 | 138 | } | ||
352 | 139 | |||
353 | 140 | auto session = identity->createSession(QStringLiteral("ubuntuone")); | ||
354 | 141 | if (Q_UNLIKELY(!session)) { | ||
355 | 142 | qCritical() << "Unable to create AuthSession."; | ||
356 | 143 | Q_EMIT error(AuthenticationError); | ||
357 | 144 | return; | ||
358 | 145 | } | ||
359 | 146 | |||
360 | 147 | connect(session, SIGNAL(response(const SignOn::SessionData&)), | ||
361 | 148 | this, SLOT(handleSessionData(const SignOn::SessionData&))); | ||
362 | 149 | connect(session, SIGNAL(error(const SignOn::Error&)), | ||
363 | 150 | this, SLOT(handleError(const SignOn::Error&))); | ||
364 | 151 | |||
365 | 152 | PluginData data; | ||
366 | 153 | data.setTokenName(tokenName); | ||
367 | 154 | data.setUserName(userName); | ||
368 | 155 | data.setSecret(password); | ||
369 | 156 | data.setOneTimePassword(otp); | ||
370 | 157 | int uiPolicy = m_uiAllowed ? | ||
371 | 158 | SignOn::DefaultPolicy : SignOn::NoUserInteractionPolicy; | ||
372 | 159 | if (m_invalidate) { | ||
373 | 160 | uiPolicy |= SignOn::RequestPasswordPolicy; | ||
374 | 161 | m_invalidate = false; | ||
375 | 162 | } | ||
376 | 163 | data.setUiPolicy(uiPolicy); | ||
377 | 164 | |||
378 | 165 | session->process(data, QStringLiteral("ubuntuone")); | ||
379 | 166 | } | ||
380 | 167 | |||
381 | 168 | void Authenticator::invalidateCredentials() | ||
382 | 169 | { | ||
383 | 170 | m_invalidate = true; | ||
384 | 171 | } | ||
385 | 172 | |||
386 | 173 | void Authenticator::setUiAllowed(bool allowed) | ||
387 | 174 | { | ||
388 | 175 | m_uiAllowed = allowed; | ||
389 | 176 | } | ||
390 | 0 | 177 | ||
391 | === added file 'libubuntuoneauth/authenticator.h' | |||
392 | --- libubuntuoneauth/authenticator.h 1970-01-01 00:00:00 +0000 | |||
393 | +++ libubuntuoneauth/authenticator.h 2016-04-22 09:51:32 +0000 | |||
394 | @@ -0,0 +1,71 @@ | |||
395 | 1 | /* | ||
396 | 2 | * Copyright 2016 Canonical Ltd. | ||
397 | 3 | * | ||
398 | 4 | * This library is free software; you can redistribute it and/or | ||
399 | 5 | * modify it under the terms of version 3 of the GNU Lesser General Public | ||
400 | 6 | * License as published by the Free Software Foundation. | ||
401 | 7 | * | ||
402 | 8 | * This program is distributed in the hope that it will be useful, | ||
403 | 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
404 | 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
405 | 11 | * General Public License for more details. | ||
406 | 12 | * | ||
407 | 13 | * You should have received a copy of the GNU Lesser General Public | ||
408 | 14 | * License along with this library; if not, write to the | ||
409 | 15 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
410 | 16 | * Boston, MA 02110-1301, USA. | ||
411 | 17 | */ | ||
412 | 18 | #ifndef _U1_AUTHENTICATOR_H_ | ||
413 | 19 | #define _U1_AUTHENTICATOR_H_ | ||
414 | 20 | |||
415 | 21 | #include <Accounts/Manager> | ||
416 | 22 | #include <SignOn/Identity> | ||
417 | 23 | |||
418 | 24 | #include <QObject> | ||
419 | 25 | |||
420 | 26 | #include "token.h" | ||
421 | 27 | |||
422 | 28 | namespace Internal { | ||
423 | 29 | |||
424 | 30 | class Authenticator : public QObject | ||
425 | 31 | { | ||
426 | 32 | Q_OBJECT | ||
427 | 33 | |||
428 | 34 | public: | ||
429 | 35 | enum ErrorCode { | ||
430 | 36 | NoError = 0, | ||
431 | 37 | AccountNotFound, | ||
432 | 38 | OneTimePasswordRequired, | ||
433 | 39 | InvalidPassword, | ||
434 | 40 | AuthenticationError, // will create more specific codes if needed | ||
435 | 41 | }; | ||
436 | 42 | |||
437 | 43 | explicit Authenticator(QObject *parent = 0); | ||
438 | 44 | |||
439 | 45 | void authenticate(const QString &tokenName, | ||
440 | 46 | const QString &userName = QString(), | ||
441 | 47 | const QString &password = QString(), | ||
442 | 48 | const QString &otp = QString()); | ||
443 | 49 | void invalidateCredentials(); | ||
444 | 50 | void setUiAllowed(bool allowed); | ||
445 | 51 | |||
446 | 52 | Q_SIGNALS: | ||
447 | 53 | void authenticated(const UbuntuOne::Token& token); | ||
448 | 54 | void error(Internal::Authenticator::ErrorCode code); | ||
449 | 55 | |||
450 | 56 | private: | ||
451 | 57 | quint32 credentialsId(); | ||
452 | 58 | |||
453 | 59 | private Q_SLOTS: | ||
454 | 60 | void handleError(const SignOn::Error &error); | ||
455 | 61 | void handleSessionData(const SignOn::SessionData &data); | ||
456 | 62 | |||
457 | 63 | private: | ||
458 | 64 | Accounts::Manager *m_manager; | ||
459 | 65 | bool m_invalidate; | ||
460 | 66 | bool m_uiAllowed; | ||
461 | 67 | }; | ||
462 | 68 | |||
463 | 69 | } /* namespace */ | ||
464 | 70 | |||
465 | 71 | #endif /* _U1_AUTHENTICATOR_H_ */ | ||
466 | 0 | 72 | ||
467 | === added file 'libubuntuoneauth/common.h' | |||
468 | --- libubuntuoneauth/common.h 1970-01-01 00:00:00 +0000 | |||
469 | +++ libubuntuoneauth/common.h 2016-04-22 09:51:32 +0000 | |||
470 | @@ -0,0 +1,30 @@ | |||
471 | 1 | /* | ||
472 | 2 | * Copyright 2016 Canonical Ltd. | ||
473 | 3 | * | ||
474 | 4 | * This library is free software; you can redistribute it and/or | ||
475 | 5 | * modify it under the terms of version 3 of the GNU Lesser General Public | ||
476 | 6 | * License as published by the Free Software Foundation. | ||
477 | 7 | * | ||
478 | 8 | * This program is distributed in the hope that it will be useful, | ||
479 | 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
480 | 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
481 | 11 | * General Public License for more details. | ||
482 | 12 | * | ||
483 | 13 | * You should have received a copy of the GNU Lesser General Public | ||
484 | 14 | * License along with this library; if not, write to the | ||
485 | 15 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
486 | 16 | * Boston, MA 02110-1301, USA. | ||
487 | 17 | */ | ||
488 | 18 | |||
489 | 19 | #ifndef U1_COMMON_H | ||
490 | 20 | #define U1_COMMON_H | ||
491 | 21 | |||
492 | 22 | #include <QtGlobal> | ||
493 | 23 | |||
494 | 24 | #if defined(BUILDING_LIBU1AUTH) | ||
495 | 25 | # define U1_EXPORT Q_DECL_EXPORT | ||
496 | 26 | #else | ||
497 | 27 | # define U1_EXPORT Q_DECL_IMPORT | ||
498 | 28 | #endif | ||
499 | 29 | |||
500 | 30 | #endif // U1_COMMON_H | ||
501 | 0 | 31 | ||
502 | === modified file 'libubuntuoneauth/keyring.cpp' | |||
503 | --- libubuntuoneauth/keyring.cpp 2015-03-12 13:13:46 +0000 | |||
504 | +++ libubuntuoneauth/keyring.cpp 2016-04-22 09:51:32 +0000 | |||
505 | @@ -23,7 +23,9 @@ | |||
506 | 23 | 23 | ||
507 | 24 | #include <QDebug> | 24 | #include <QDebug> |
508 | 25 | 25 | ||
509 | 26 | #include "authenticator.h" | ||
510 | 26 | #include "keyring.h" | 27 | #include "keyring.h" |
511 | 28 | #include "../signon-plugin/ubuntuonedata.h" | ||
512 | 27 | 29 | ||
513 | 28 | using namespace Accounts; | 30 | using namespace Accounts; |
514 | 29 | using namespace SignOn; | 31 | using namespace SignOn; |
515 | @@ -46,58 +48,41 @@ | |||
516 | 46 | 48 | ||
517 | 47 | void Keyring::handleSessionData(const SignOn::SessionData &data) | 49 | void Keyring::handleSessionData(const SignOn::SessionData &data) |
518 | 48 | { | 50 | { |
531 | 49 | QString secret = data.Secret(); | 51 | PluginData reply = data.data<PluginData>(); |
532 | 50 | 52 | ||
533 | 51 | if (secret.length() == 0) { | 53 | Token token(reply.TokenKey(), reply.TokenSecret(), |
534 | 52 | QString msg("Could not read credentials secret value."); | 54 | reply.ConsumerKey(), reply.ConsumerSecret()); |
535 | 53 | qCritical() << msg; | 55 | if (token.isValid()) { |
536 | 54 | emit keyringError(msg); | 56 | emit tokenFound(token); |
525 | 55 | return; | ||
526 | 56 | } | ||
527 | 57 | |||
528 | 58 | Token *token = Token::fromQuery(secret); | ||
529 | 59 | if (token->isValid()) { | ||
530 | 60 | emit tokenFound(*token); | ||
537 | 61 | } else { | 57 | } else { |
538 | 62 | QString message("Failed to convert result to Token object."); | 58 | QString message("Failed to convert result to Token object."); |
539 | 63 | qCritical() << message; | 59 | qCritical() << message; |
540 | 64 | emit keyringError(message); | 60 | emit keyringError(message); |
541 | 65 | } | 61 | } |
542 | 66 | delete token; | ||
543 | 67 | } | 62 | } |
544 | 68 | 63 | ||
545 | 69 | void Keyring::findToken() | 64 | void Keyring::findToken() |
546 | 70 | { | 65 | { |
577 | 71 | QString _acctName("ubuntuone"); | 66 | using namespace Internal; |
578 | 72 | AccountIdList _ids = _manager.accountList(_acctName); | 67 | |
579 | 73 | Identity *identity; | 68 | auto authenticator = new Authenticator; |
580 | 74 | Account *account; | 69 | authenticator->setUiAllowed(true); |
581 | 75 | 70 | ||
582 | 76 | if (_ids.length() > 0) { | 71 | connect(authenticator, &Authenticator::authenticated, |
583 | 77 | if (_ids.length() > 1) { | 72 | [=](const Token &token) { |
584 | 78 | qDebug() << "findToken(): Found '" << _ids.length() << "' accounts. Using first."; | 73 | Q_EMIT tokenFound(token); |
585 | 79 | } | 74 | authenticator->deleteLater(); |
586 | 80 | account = _manager.account(_ids[0]); | 75 | }); |
587 | 81 | qDebug() << "findToken(): Using Ubuntu One account '" << _ids[0] << "'."; | 76 | connect(authenticator, &Authenticator::error, |
588 | 82 | identity = Identity::existingIdentity(account->credentialsId()); | 77 | [=](Authenticator::ErrorCode code) { |
589 | 83 | if (identity == NULL) { | 78 | if (code == Authenticator::AccountNotFound) { |
590 | 84 | qCritical() << "findToken(): disabled account " << _acctName << _ids[0]; | 79 | Q_EMIT tokenNotFound(); |
591 | 85 | emit tokenNotFound(); | 80 | } else { |
592 | 86 | return; | 81 | Q_EMIT keyringError("Authentication failed"); |
593 | 87 | } | 82 | } |
594 | 88 | AuthSession *session = identity->createSession(QStringLiteral("password")); | 83 | authenticator->deleteLater(); |
595 | 89 | if (session != NULL) { | 84 | }); |
596 | 90 | connect(session, SIGNAL(response(const SignOn::SessionData&)), | 85 | authenticator->authenticate(Token::buildTokenName()); |
567 | 91 | this, SLOT(handleSessionData(const SignOn::SessionData&))); | ||
568 | 92 | connect(session, SIGNAL(error(const SignOn::Error&)), | ||
569 | 93 | this, SLOT(handleError(const SignOn::Error&))); | ||
570 | 94 | session->process(SessionData(), QStringLiteral("password")); | ||
571 | 95 | return; | ||
572 | 96 | } | ||
573 | 97 | qCritical() << "Unable to create AuthSession."; | ||
574 | 98 | } | ||
575 | 99 | qDebug() << "findToken(): No accounts found matching " << _acctName; | ||
576 | 100 | emit tokenNotFound(); | ||
597 | 101 | } | 86 | } |
598 | 102 | 87 | ||
599 | 103 | void Keyring::handleCredentialsStored(const quint32 id) | 88 | void Keyring::handleCredentialsStored(const quint32 id) |
600 | @@ -167,11 +152,13 @@ | |||
601 | 167 | 152 | ||
602 | 168 | void Keyring::handleAccountRemoved() | 153 | void Keyring::handleAccountRemoved() |
603 | 169 | { | 154 | { |
604 | 155 | /* DEPRECATED, UNUSED */ | ||
605 | 170 | emit tokenDeleted(); | 156 | emit tokenDeleted(); |
606 | 171 | } | 157 | } |
607 | 172 | 158 | ||
608 | 173 | void Keyring::handleDeleteError(const SignOn::Error &error) | 159 | void Keyring::handleDeleteError(const SignOn::Error &error) |
609 | 174 | { | 160 | { |
610 | 161 | /* DEPRECATED, UNUSED */ | ||
611 | 175 | // Just log the error here, as we don't want to infinite loop. | 162 | // Just log the error here, as we don't want to infinite loop. |
612 | 176 | qWarning() << "Error deleting token:" << error.message(); | 163 | qWarning() << "Error deleting token:" << error.message(); |
613 | 177 | } | 164 | } |
614 | @@ -180,24 +167,11 @@ | |||
615 | 180 | { | 167 | { |
616 | 181 | QString _acctName("ubuntuone"); | 168 | QString _acctName("ubuntuone"); |
617 | 182 | AccountIdList _ids = _manager.accountList(_acctName); | 169 | AccountIdList _ids = _manager.accountList(_acctName); |
634 | 183 | if (_ids.length() > 0) { | 170 | if (_ids.isEmpty()) { |
635 | 184 | if (_ids.length() > 1) { | 171 | emit tokenNotFound(); |
620 | 185 | qDebug() << "deleteToken(): Found '" << _ids.length() << "' accounts. Using first."; | ||
621 | 186 | } | ||
622 | 187 | Account *account = _manager.account(_ids[0]); | ||
623 | 188 | qDebug() << "deleteToken(): Using Ubuntu One account '" << _ids[0] << "'."; | ||
624 | 189 | Identity *identity = Identity::existingIdentity(account->credentialsId()); | ||
625 | 190 | connect(account, SIGNAL(removed()), | ||
626 | 191 | this, SLOT(handleAccountRemoved())); | ||
627 | 192 | connect(identity, SIGNAL(error(const SignOn::Error&)), | ||
628 | 193 | this, SLOT(handleDeleteError(const SignOn::Error&))); | ||
629 | 194 | |||
630 | 195 | identity->remove(); | ||
631 | 196 | account->remove(); | ||
632 | 197 | account->sync(); | ||
633 | 198 | return; | ||
636 | 199 | } | 172 | } |
638 | 200 | emit tokenNotFound(); | 173 | |
639 | 174 | /* We don't remove accounts anymore */ | ||
640 | 201 | } | 175 | } |
641 | 202 | 176 | ||
642 | 203 | } // namespace UbuntuOne | 177 | } // namespace UbuntuOne |
643 | 204 | 178 | ||
644 | === modified file 'libubuntuoneauth/libubuntuoneauth.symbols' | |||
645 | --- libubuntuoneauth/libubuntuoneauth.symbols 2013-07-22 15:54:02 +0000 | |||
646 | +++ libubuntuoneauth/libubuntuoneauth.symbols 2016-04-22 09:51:32 +0000 | |||
647 | @@ -1,7 +1,8 @@ | |||
648 | 1 | { | 1 | { |
649 | 2 | global: | 2 | global: |
650 | 3 | extern "C++" { | 3 | extern "C++" { |
652 | 4 | *UbuntuOne::*; | 4 | UbuntuOne::*; |
653 | 5 | *for?UbuntuOne::*; | ||
654 | 5 | }; | 6 | }; |
655 | 6 | qt_*; | 7 | qt_*; |
656 | 7 | local: | 8 | local: |
657 | 8 | 9 | ||
658 | === modified file 'libubuntuoneauth/ssoservice.cpp' | |||
659 | --- libubuntuoneauth/ssoservice.cpp 2015-01-15 21:12:35 +0000 | |||
660 | +++ libubuntuoneauth/ssoservice.cpp 2016-04-22 09:51:32 +0000 | |||
661 | @@ -17,11 +17,13 @@ | |||
662 | 17 | */ | 17 | */ |
663 | 18 | #include <sys/utsname.h> | 18 | #include <sys/utsname.h> |
664 | 19 | 19 | ||
665 | 20 | #include <QCoreApplication> | ||
666 | 20 | #include <QDebug> | 21 | #include <QDebug> |
667 | 21 | #include <QtGlobal> | 22 | #include <QtGlobal> |
668 | 22 | #include <QNetworkRequest> | 23 | #include <QNetworkRequest> |
669 | 23 | #include <QUrlQuery> | 24 | #include <QUrlQuery> |
670 | 24 | 25 | ||
671 | 26 | #include "authenticator.h" | ||
672 | 25 | #include "logging.h" | 27 | #include "logging.h" |
673 | 26 | #include "ssoservice.h" | 28 | #include "ssoservice.h" |
674 | 27 | #include "requests.h" | 29 | #include "requests.h" |
675 | @@ -64,9 +66,6 @@ | |||
676 | 64 | this, SLOT(accountPinged(QNetworkReply*))); | 66 | this, SLOT(accountPinged(QNetworkReply*))); |
677 | 65 | 67 | ||
678 | 66 | connect(&(_provider), | 68 | connect(&(_provider), |
679 | 67 | SIGNAL(OAuthTokenGranted(const OAuthTokenResponse&)), | ||
680 | 68 | this, SLOT(tokenReceived(const OAuthTokenResponse&))); | ||
681 | 69 | connect(&(_provider), | ||
682 | 70 | SIGNAL(AccountGranted(const AccountResponse&)), | 69 | SIGNAL(AccountGranted(const AccountResponse&)), |
683 | 71 | this, SLOT(accountRegistered(const AccountResponse&))); | 70 | this, SLOT(accountRegistered(const AccountResponse&))); |
684 | 72 | connect(&(_provider), | 71 | connect(&(_provider), |
685 | @@ -116,12 +115,40 @@ | |||
686 | 116 | 115 | ||
687 | 117 | void SSOService::login(QString email, QString password, QString twoFactorCode) | 116 | void SSOService::login(QString email, QString password, QString twoFactorCode) |
688 | 118 | { | 117 | { |
695 | 119 | OAuthTokenRequest request(getAuthBaseUrl(), | 118 | using namespace Internal; |
696 | 120 | email, password, | 119 | |
697 | 121 | Token::buildTokenName(), twoFactorCode); | 120 | auto authenticator = new Authenticator; |
698 | 122 | _tempEmail = email; | 121 | /* This is a hack: there should be a public API to decide whether UI |
699 | 123 | 122 | * interactions are allowed. | |
700 | 124 | _provider.GetOAuthToken(request); | 123 | * For the time being, allow them everywhere except from the account |
701 | 124 | * plugin (which has its own UI to request all the needed info). | ||
702 | 125 | */ | ||
703 | 126 | if (QCoreApplication::applicationName() == "online-accounts-ui") { | ||
704 | 127 | qDebug() << "In account plugin: disabling UI interactions"; | ||
705 | 128 | authenticator->setUiAllowed(false); | ||
706 | 129 | } else { | ||
707 | 130 | authenticator->setUiAllowed(true); | ||
708 | 131 | } | ||
709 | 132 | |||
710 | 133 | connect(authenticator, &Authenticator::authenticated, | ||
711 | 134 | [=](const Token &token) { | ||
712 | 135 | _keyring->storeToken(token, email); | ||
713 | 136 | authenticator->deleteLater(); | ||
714 | 137 | }); | ||
715 | 138 | connect(authenticator, &Authenticator::error, | ||
716 | 139 | [=](Authenticator::ErrorCode code) { | ||
717 | 140 | if (code == Authenticator::AccountNotFound) { | ||
718 | 141 | Q_EMIT credentialsNotFound(); | ||
719 | 142 | } else if (code == Authenticator::OneTimePasswordRequired) { | ||
720 | 143 | Q_EMIT twoFactorAuthRequired(); | ||
721 | 144 | } else { | ||
722 | 145 | /* TODO: deliver a proper error response. */ | ||
723 | 146 | Q_EMIT requestFailed(ErrorResponse()); | ||
724 | 147 | } | ||
725 | 148 | authenticator->deleteLater(); | ||
726 | 149 | }); | ||
727 | 150 | authenticator->authenticate(Token::buildTokenName(), | ||
728 | 151 | email, password, twoFactorCode); | ||
729 | 125 | } | 152 | } |
730 | 126 | 153 | ||
731 | 127 | void SSOService::handleTwoFactorAuthRequired() | 154 | void SSOService::handleTwoFactorAuthRequired() |
732 | @@ -147,10 +174,14 @@ | |||
733 | 147 | 174 | ||
734 | 148 | void SSOService::tokenReceived(const OAuthTokenResponse& token) | 175 | void SSOService::tokenReceived(const OAuthTokenResponse& token) |
735 | 149 | { | 176 | { |
740 | 150 | Token realToken = Token(token.token_key(), token.token_secret(), | 177 | // Not used anymore |
741 | 151 | token.consumer_key(), token.consumer_secret(), | 178 | |
742 | 152 | token.date_created(), token.date_updated()); | 179 | /* The following two lines are needed to ensure that the |
743 | 153 | _keyring->storeToken(realToken, _tempEmail); | 180 | * OAuthTokenRequest::~OAuthTokenRequest() symbol is exported by the |
744 | 181 | * library. | ||
745 | 182 | */ | ||
746 | 183 | OAuthTokenRequest request; | ||
747 | 184 | qDebug() << request.serialize(); | ||
748 | 154 | } | 185 | } |
749 | 155 | 186 | ||
750 | 156 | void SSOService::accountPinged(QNetworkReply*) | 187 | void SSOService::accountPinged(QNetworkReply*) |
751 | 157 | 188 | ||
752 | === modified file 'libubuntuoneauth/token.cpp' | |||
753 | --- libubuntuoneauth/token.cpp 2015-12-07 21:17:00 +0000 | |||
754 | +++ libubuntuoneauth/token.cpp 2016-04-22 09:51:32 +0000 | |||
755 | @@ -46,10 +46,18 @@ | |||
756 | 46 | QString consumer_key, QString consumer_secret) | 46 | QString consumer_key, QString consumer_secret) |
757 | 47 | { | 47 | { |
758 | 48 | _tokenHash[TOKEN_NAME_KEY] = buildTokenName(); | 48 | _tokenHash[TOKEN_NAME_KEY] = buildTokenName(); |
763 | 49 | _tokenHash[TOKEN_TOKEN_KEY] = token_key; | 49 | if (!token_key.isEmpty()) { |
764 | 50 | _tokenHash[TOKEN_TOKEN_SEC_KEY] = token_secret; | 50 | _tokenHash[TOKEN_TOKEN_KEY] = token_key; |
765 | 51 | _tokenHash[TOKEN_CONSUMER_KEY] = consumer_key; | 51 | } |
766 | 52 | _tokenHash[TOKEN_CONSUMER_SEC_KEY] = consumer_secret; | 52 | if (!token_secret.isEmpty()) { |
767 | 53 | _tokenHash[TOKEN_TOKEN_SEC_KEY] = token_secret; | ||
768 | 54 | } | ||
769 | 55 | if (!consumer_key.isEmpty()) { | ||
770 | 56 | _tokenHash[TOKEN_CONSUMER_KEY] = consumer_key; | ||
771 | 57 | } | ||
772 | 58 | if (!consumer_secret.isEmpty()) { | ||
773 | 59 | _tokenHash[TOKEN_CONSUMER_SEC_KEY] = consumer_secret; | ||
774 | 60 | } | ||
775 | 53 | } | 61 | } |
776 | 54 | 62 | ||
777 | 55 | Token::Token(QString token_key, QString token_secret, | 63 | Token::Token(QString token_key, QString token_secret, |
778 | @@ -93,9 +101,19 @@ | |||
779 | 93 | } | 101 | } |
780 | 94 | 102 | ||
781 | 95 | /** | 103 | /** |
782 | 104 | * \fn QString Token::name() | ||
783 | 105 | * | ||
784 | 106 | * Returns the token name, or empty string if not set. | ||
785 | 107 | */ | ||
786 | 108 | QString Token::name() const | ||
787 | 109 | { | ||
788 | 110 | return _tokenHash.value(TOKEN_NAME_KEY, ""); | ||
789 | 111 | } | ||
790 | 112 | |||
791 | 113 | /** | ||
792 | 96 | * \fn QString Token::consumerKey() | 114 | * \fn QString Token::consumerKey() |
793 | 97 | * | 115 | * |
795 | 98 | * Retruns a consumer key for this token, or empty string if consumer key is not set. | 116 | * Returns a consumer key for this token, or empty string if consumer key is not set. |
796 | 99 | */ | 117 | */ |
797 | 100 | QString Token::consumerKey() const | 118 | QString Token::consumerKey() const |
798 | 101 | { | 119 | { |
799 | @@ -103,6 +121,36 @@ | |||
800 | 103 | } | 121 | } |
801 | 104 | 122 | ||
802 | 105 | /** | 123 | /** |
803 | 124 | * \fn QString Token::consumerSecret() | ||
804 | 125 | * | ||
805 | 126 | * Returns a consumer secret for this token, or empty string if not set. | ||
806 | 127 | */ | ||
807 | 128 | QString Token::consumerSecret() const | ||
808 | 129 | { | ||
809 | 130 | return _tokenHash.value(TOKEN_CONSUMER_SEC_KEY, ""); | ||
810 | 131 | } | ||
811 | 132 | |||
812 | 133 | /** | ||
813 | 134 | * \fn QString Token::tokenKey() | ||
814 | 135 | * | ||
815 | 136 | * Returns a token key for this token, or empty string if token key is not set. | ||
816 | 137 | */ | ||
817 | 138 | QString Token::tokenKey() const | ||
818 | 139 | { | ||
819 | 140 | return _tokenHash.value(TOKEN_TOKEN_KEY, ""); | ||
820 | 141 | } | ||
821 | 142 | |||
822 | 143 | /** | ||
823 | 144 | * \fn QString Token::tokenSecret() | ||
824 | 145 | * | ||
825 | 146 | * Returns a token secret for this token, or empty string if not set. | ||
826 | 147 | */ | ||
827 | 148 | QString Token::tokenSecret() const | ||
828 | 149 | { | ||
829 | 150 | return _tokenHash.value(TOKEN_TOKEN_SEC_KEY, ""); | ||
830 | 151 | } | ||
831 | 152 | |||
832 | 153 | /** | ||
833 | 106 | * \fn bool Token::isValid() | 154 | * \fn bool Token::isValid() |
834 | 107 | * | 155 | * |
835 | 108 | * Check that the token is valid. | 156 | * Check that the token is valid. |
836 | @@ -291,6 +339,7 @@ | |||
837 | 291 | QStringList params = query.split("&"); | 339 | QStringList params = query.split("&"); |
838 | 292 | for (int i = 0; i < params.size(); ++i) { | 340 | for (int i = 0; i < params.size(); ++i) { |
839 | 293 | QStringList pair = params.at(i).split("="); | 341 | QStringList pair = params.at(i).split("="); |
840 | 342 | if (pair.count() < 2) continue; | ||
841 | 294 | if (pair.at(0) == TOKEN_NAME_KEY) { | 343 | if (pair.at(0) == TOKEN_NAME_KEY) { |
842 | 295 | // TODO: Need to figure out how to actually use the | 344 | // TODO: Need to figure out how to actually use the |
843 | 296 | // QUrl::fromPercentEncoding at this point in the code. | 345 | // QUrl::fromPercentEncoding at this point in the code. |
844 | 297 | 346 | ||
845 | === modified file 'libubuntuoneauth/token.h' | |||
846 | --- libubuntuoneauth/token.h 2015-12-07 21:17:00 +0000 | |||
847 | +++ libubuntuoneauth/token.h 2016-04-22 09:51:32 +0000 | |||
848 | @@ -55,7 +55,11 @@ | |||
849 | 55 | 55 | ||
850 | 56 | static QString dateStringToISO(const QString date); | 56 | static QString dateStringToISO(const QString date); |
851 | 57 | 57 | ||
852 | 58 | QString name() const; | ||
853 | 58 | QString consumerKey() const; | 59 | QString consumerKey() const; |
854 | 60 | QString consumerSecret() const; | ||
855 | 61 | QString tokenKey() const; | ||
856 | 62 | QString tokenSecret() const; | ||
857 | 59 | 63 | ||
858 | 60 | private: | 64 | private: |
859 | 61 | QHash<QString, QString> _tokenHash; | 65 | QHash<QString, QString> _tokenHash; |
860 | 62 | 66 | ||
861 | === modified file 'signon-plugin/CMakeLists.txt' | |||
862 | --- signon-plugin/CMakeLists.txt 2014-07-24 13:30:19 +0000 | |||
863 | +++ signon-plugin/CMakeLists.txt 2016-04-22 09:51:32 +0000 | |||
864 | @@ -1,3 +1,8 @@ | |||
865 | 1 | project(SignonPlugin) | ||
866 | 2 | |||
867 | 3 | set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fno-exceptions -fno-rtti") | ||
868 | 4 | set(CMAKE_MODULE_LINKER_FLAGS "-Wl,--no-undefined") | ||
869 | 5 | |||
870 | 1 | # Qt5 bits | 6 | # Qt5 bits |
871 | 2 | SET (CMAKE_INCLUDE_CURRENT_DIR ON) | 7 | SET (CMAKE_INCLUDE_CURRENT_DIR ON) |
872 | 3 | SET (CMAKE_AUTOMOC ON) | 8 | SET (CMAKE_AUTOMOC ON) |
873 | @@ -24,13 +29,15 @@ | |||
874 | 24 | -L${CMAKE_BINARY_DIR}/libubuntuoneauth | 29 | -L${CMAKE_BINARY_DIR}/libubuntuoneauth |
875 | 25 | ${AUTH_LIB_NAME} | 30 | ${AUTH_LIB_NAME} |
876 | 26 | ${SIGNON_PLUGIN_LDFLAGS} | 31 | ${SIGNON_PLUGIN_LDFLAGS} |
877 | 32 | ${SIGNON_LDFLAGS} | ||
878 | 33 | ${SIGNON_LDFLAGS_OTHER} | ||
879 | 27 | ) | 34 | ) |
880 | 28 | 35 | ||
882 | 29 | SET (SIGNON_PLUGIN_INSTALL_DIR lib/signon) | 36 | SET (SIGNON_PLUGIN_INSTALL_DIR ${CMAKE_INSTALL_LIBDIR}/signon) |
883 | 30 | 37 | ||
884 | 31 | INSTALL ( | 38 | INSTALL ( |
885 | 32 | TARGETS ${SIGNON_PLUGIN_NAME} | 39 | TARGETS ${SIGNON_PLUGIN_NAME} |
886 | 33 | LIBRARY DESTINATION ${SIGNON_PLUGIN_INSTALL_DIR} | 40 | LIBRARY DESTINATION ${SIGNON_PLUGIN_INSTALL_DIR} |
887 | 34 | ) | 41 | ) |
888 | 35 | 42 | ||
890 | 36 | #add_subdirectory(tests) | 43 | add_subdirectory(tests) |
891 | 37 | 44 | ||
892 | === added file 'signon-plugin/i18n.cpp' | |||
893 | --- signon-plugin/i18n.cpp 1970-01-01 00:00:00 +0000 | |||
894 | +++ signon-plugin/i18n.cpp 2016-04-22 09:51:32 +0000 | |||
895 | @@ -0,0 +1,37 @@ | |||
896 | 1 | /* | ||
897 | 2 | * Copyright 2016 Canonical Ltd. | ||
898 | 3 | * | ||
899 | 4 | * This library is free software; you can redistribute it and/or | ||
900 | 5 | * modify it under the terms of version 3 of the GNU Lesser General Public | ||
901 | 6 | * License as published by the Free Software Foundation. | ||
902 | 7 | * | ||
903 | 8 | * This program is distributed in the hope that it will be useful, | ||
904 | 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
905 | 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
906 | 11 | * General Public License for more details. | ||
907 | 12 | * | ||
908 | 13 | * You should have received a copy of the GNU Lesser General Public | ||
909 | 14 | * License along with this library; if not, write to the | ||
910 | 15 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
911 | 16 | * Boston, MA 02110-1301, USA. | ||
912 | 17 | */ | ||
913 | 18 | |||
914 | 19 | #define NO_TR_OVERRIDE | ||
915 | 20 | #include "i18n.h" | ||
916 | 21 | |||
917 | 22 | #include <libintl.h> | ||
918 | 23 | |||
919 | 24 | namespace UbuntuOne { | ||
920 | 25 | |||
921 | 26 | void initTr(const char *domain, const char *localeDir) | ||
922 | 27 | { | ||
923 | 28 | bindtextdomain(domain, localeDir); | ||
924 | 29 | textdomain(domain); | ||
925 | 30 | } | ||
926 | 31 | |||
927 | 32 | QString _(const char *text, const char *domain) | ||
928 | 33 | { | ||
929 | 34 | return QString::fromUtf8(dgettext(domain, text)); | ||
930 | 35 | } | ||
931 | 36 | |||
932 | 37 | } // namespace | ||
933 | 0 | 38 | ||
934 | === added file 'signon-plugin/i18n.h' | |||
935 | --- signon-plugin/i18n.h 1970-01-01 00:00:00 +0000 | |||
936 | +++ signon-plugin/i18n.h 2016-04-22 09:51:32 +0000 | |||
937 | @@ -0,0 +1,31 @@ | |||
938 | 1 | /* | ||
939 | 2 | * Copyright 2016 Canonical Ltd. | ||
940 | 3 | * | ||
941 | 4 | * This library is free software; you can redistribute it and/or | ||
942 | 5 | * modify it under the terms of version 3 of the GNU Lesser General Public | ||
943 | 6 | * License as published by the Free Software Foundation. | ||
944 | 7 | * | ||
945 | 8 | * This program is distributed in the hope that it will be useful, | ||
946 | 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
947 | 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
948 | 11 | * General Public License for more details. | ||
949 | 12 | * | ||
950 | 13 | * You should have received a copy of the GNU Lesser General Public | ||
951 | 14 | * License along with this library; if not, write to the | ||
952 | 15 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
953 | 16 | * Boston, MA 02110-1301, USA. | ||
954 | 17 | */ | ||
955 | 18 | |||
956 | 19 | #ifndef UBUNTUONE_I18N_H | ||
957 | 20 | #define UBUNTUONE_I18N_H | ||
958 | 21 | |||
959 | 22 | #include <QString> | ||
960 | 23 | |||
961 | 24 | namespace UbuntuOne { | ||
962 | 25 | |||
963 | 26 | void initTr(const char *domain, const char *localeDir); | ||
964 | 27 | QString _(const char *text, const char *domain = 0); | ||
965 | 28 | |||
966 | 29 | } // namespace | ||
967 | 30 | |||
968 | 31 | #endif // UBUNTUONE_I18N_H | ||
969 | 0 | 32 | ||
970 | === added directory 'signon-plugin/tests' | |||
971 | === added file 'signon-plugin/tests/CMakeLists.txt' | |||
972 | --- signon-plugin/tests/CMakeLists.txt 1970-01-01 00:00:00 +0000 | |||
973 | +++ signon-plugin/tests/CMakeLists.txt 2016-04-22 09:51:32 +0000 | |||
974 | @@ -0,0 +1,52 @@ | |||
975 | 1 | # The thing we're building in here | ||
976 | 2 | SET (TESTS_TARGET test-ubuntuone-plugin) | ||
977 | 3 | |||
978 | 4 | # Qt5 bits | ||
979 | 5 | SET (CMAKE_INCLUDE_CURRENT_DIR ON) | ||
980 | 6 | SET (CMAKE_AUTOMOC ON) | ||
981 | 7 | find_package(Qt5Core REQUIRED) | ||
982 | 8 | |||
983 | 9 | pkg_check_modules(SIGNON REQUIRED signon-plugins) | ||
984 | 10 | add_definitions( | ||
985 | 11 | ${SIGNON_CFLAGS} | ||
986 | 12 | ${SIGNON_CFLAGS_OTHER} | ||
987 | 13 | "-DPLUGIN_PATH=\"${CMAKE_CURRENT_BINARY_DIR}/../libubuntuoneplugin.so\"" | ||
988 | 14 | ) | ||
989 | 15 | |||
990 | 16 | # Workaround for cmake not adding these to automoc properly | ||
991 | 17 | SET (CMAKE_AUTOMOC_MOC_OPTIONS "${SIGNON_CFLAGS} ${CMAKE_AUTOMOC_MOC_OPTIONS}") | ||
992 | 18 | |||
993 | 19 | # The sources for building the tests | ||
994 | 20 | SET (SOURCES | ||
995 | 21 | ${SignonPlugin_SOURCE_DIR}/i18n.cpp | ||
996 | 22 | ${SignonPlugin_SOURCE_DIR}/ubuntuone-plugin.cpp | ||
997 | 23 | tst_plugin.cpp | ||
998 | 24 | ) | ||
999 | 25 | |||
1000 | 26 | include_directories( | ||
1001 | 27 | ${SignonPlugin_SOURCE_DIR} | ||
1002 | 28 | ) | ||
1003 | 29 | |||
1004 | 30 | add_executable (${TESTS_TARGET} ${SOURCES}) | ||
1005 | 31 | qt5_use_modules (${TESTS_TARGET} Test Network) | ||
1006 | 32 | target_link_libraries (${TESTS_TARGET} | ||
1007 | 33 | -Wl,-rpath,${CMAKE_BINARY_DIR}/libubuntuoneauth | ||
1008 | 34 | -L${CMAKE_BINARY_DIR}/libubuntuoneauth | ||
1009 | 35 | ${AUTH_LIB_NAME} | ||
1010 | 36 | ${SIGNON_LDFLAGS} | ||
1011 | 37 | ) | ||
1012 | 38 | |||
1013 | 39 | add_custom_target(ubuntuone-plugin-tests | ||
1014 | 40 | COMMAND ${CMAKE_CURRENT_BINARY_DIR}/${TESTS_TARGET} | ||
1015 | 41 | DEPENDS ${TESTS_TARGET} | ||
1016 | 42 | ) | ||
1017 | 43 | |||
1018 | 44 | add_custom_target(ubuntuone-plugin-tests-valgrind | ||
1019 | 45 | COMMAND valgrind --tool=memcheck ${CMAKE_CURRENT_BINARY_DIR}/${TESTS_TARGET} | ||
1020 | 46 | DEPENDS ${TESTS_TARGET} | ||
1021 | 47 | ) | ||
1022 | 48 | |||
1023 | 49 | add_custom_target(ubuntuone-plugin-tests-valgrind-leaks | ||
1024 | 50 | COMMAND valgrind --tool=memcheck --track-origins=yes --num-callers=40 --leak-resolution=high --leak-check=full ${CMAKE_CURRENT_BINARY_DIR}/${TESTS_TARGET} | ||
1025 | 51 | DEPENDS ${TESTS_TARGET} | ||
1026 | 52 | ) | ||
1027 | 0 | 53 | ||
1028 | === added file 'signon-plugin/tests/tst_plugin.cpp' | |||
1029 | --- signon-plugin/tests/tst_plugin.cpp 1970-01-01 00:00:00 +0000 | |||
1030 | +++ signon-plugin/tests/tst_plugin.cpp 2016-04-22 09:51:32 +0000 | |||
1031 | @@ -0,0 +1,1840 @@ | |||
1032 | 1 | /* | ||
1033 | 2 | * Copyright 2016 Canonical Ltd. | ||
1034 | 3 | * | ||
1035 | 4 | * This library is free software; you can redistribute it and/or | ||
1036 | 5 | * modify it under the terms of version 3 of the GNU Lesser General Public | ||
1037 | 6 | * License as published by the Free Software Foundation. | ||
1038 | 7 | * | ||
1039 | 8 | * This program is distributed in the hope that it will be useful, | ||
1040 | 9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
1041 | 10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
1042 | 11 | * General Public License for more details. | ||
1043 | 12 | * | ||
1044 | 13 | * You should have received a copy of the GNU Lesser General Public | ||
1045 | 14 | * License along with this library; if not, write to the | ||
1046 | 15 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
1047 | 16 | * Boston, MA 02110-1301, USA. | ||
1048 | 17 | */ | ||
1049 | 18 | |||
1050 | 19 | #include <QJsonDocument> | ||
1051 | 20 | #include <QJsonObject> | ||
1052 | 21 | #include <QNetworkAccessManager> | ||
1053 | 22 | #include <QNetworkReply> | ||
1054 | 23 | #include <QPointer> | ||
1055 | 24 | #include <QRegExp> | ||
1056 | 25 | #include <QSignalSpy> | ||
1057 | 26 | #include <QTimer> | ||
1058 | 27 | #include <QtTest/QtTest> | ||
1059 | 28 | |||
1060 | 29 | #include <SignOn/uisessiondata_priv.h> | ||
1061 | 30 | |||
1062 | 31 | #include "ubuntuone-plugin.h" | ||
1063 | 32 | |||
1064 | 33 | using namespace SignOn; | ||
1065 | 34 | |||
1066 | 35 | namespace QTest { | ||
1067 | 36 | template<> | ||
1068 | 37 | char *toString(const QVariantMap &map) | ||
1069 | 38 | { | ||
1070 | 39 | QJsonDocument doc(QJsonObject::fromVariantMap(map)); | ||
1071 | 40 | return qstrdup(doc.toJson(QJsonDocument::Compact).data()); | ||
1072 | 41 | } | ||
1073 | 42 | } // QTest namespace | ||
1074 | 43 | |||
1075 | 44 | class TestNetworkReply: public QNetworkReply | ||
1076 | 45 | { | ||
1077 | 46 | Q_OBJECT | ||
1078 | 47 | |||
1079 | 48 | public: | ||
1080 | 49 | TestNetworkReply(QObject *parent = 0): | ||
1081 | 50 | QNetworkReply(parent), | ||
1082 | 51 | m_offset(0) | ||
1083 | 52 | {} | ||
1084 | 53 | |||
1085 | 54 | void setError(NetworkError errorCode, const QString &errorString, | ||
1086 | 55 | int delay = -1) { | ||
1087 | 56 | QNetworkReply::setError(errorCode, errorString); | ||
1088 | 57 | if (delay > 0) { | ||
1089 | 58 | QTimer::singleShot(delay, this, SLOT(fail())); | ||
1090 | 59 | } | ||
1091 | 60 | } | ||
1092 | 61 | |||
1093 | 62 | void setRawHeader(const QByteArray &headerName, const QByteArray &value) { | ||
1094 | 63 | QNetworkReply::setRawHeader(headerName, value); | ||
1095 | 64 | } | ||
1096 | 65 | |||
1097 | 66 | void setContentType(const QString &contentType) { | ||
1098 | 67 | setRawHeader("Content-Type", contentType.toUtf8()); | ||
1099 | 68 | } | ||
1100 | 69 | |||
1101 | 70 | void setStatusCode(int statusCode) { | ||
1102 | 71 | setAttribute(QNetworkRequest::HttpStatusCodeAttribute, statusCode); | ||
1103 | 72 | } | ||
1104 | 73 | |||
1105 | 74 | void setContent(const QByteArray &content) { | ||
1106 | 75 | m_content = content; | ||
1107 | 76 | m_offset = 0; | ||
1108 | 77 | |||
1109 | 78 | open(ReadOnly | Unbuffered); | ||
1110 | 79 | setHeader(QNetworkRequest::ContentLengthHeader, QVariant(content.size())); | ||
1111 | 80 | } | ||
1112 | 81 | |||
1113 | 82 | void start() { | ||
1114 | 83 | QTimer::singleShot(0, this, SIGNAL(readyRead())); | ||
1115 | 84 | QTimer::singleShot(10, this, SLOT(finish())); | ||
1116 | 85 | } | ||
1117 | 86 | |||
1118 | 87 | public Q_SLOTS: | ||
1119 | 88 | void finish() { setFinished(true); Q_EMIT finished(); } | ||
1120 | 89 | void fail() { Q_EMIT error(error()); } | ||
1121 | 90 | |||
1122 | 91 | protected: | ||
1123 | 92 | void abort() Q_DECL_OVERRIDE {} | ||
1124 | 93 | qint64 bytesAvailable() const Q_DECL_OVERRIDE { | ||
1125 | 94 | return m_content.size() - m_offset + QIODevice::bytesAvailable(); | ||
1126 | 95 | } | ||
1127 | 96 | |||
1128 | 97 | bool isSequential() const Q_DECL_OVERRIDE { return true; } | ||
1129 | 98 | qint64 readData(char *data, qint64 maxSize) Q_DECL_OVERRIDE { | ||
1130 | 99 | if (m_offset >= m_content.size()) | ||
1131 | 100 | return -1; | ||
1132 | 101 | qint64 number = qMin(maxSize, m_content.size() - m_offset); | ||
1133 | 102 | memcpy(data, m_content.constData() + m_offset, number); | ||
1134 | 103 | m_offset += number; | ||
1135 | 104 | return number; | ||
1136 | 105 | } | ||
1137 | 106 | |||
1138 | 107 | private: | ||
1139 | 108 | QByteArray m_content; | ||
1140 | 109 | qint64 m_offset; | ||
1141 | 110 | }; | ||
1142 | 111 | |||
1143 | 112 | class TestNetworkAccessManager: public QNetworkAccessManager | ||
1144 | 113 | { | ||
1145 | 114 | Q_OBJECT | ||
1146 | 115 | |||
1147 | 116 | public: | ||
1148 | 117 | TestNetworkAccessManager(): QNetworkAccessManager() {} | ||
1149 | 118 | |||
1150 | 119 | void setNextReply(TestNetworkReply *reply) { m_nextReply = reply; } | ||
1151 | 120 | |||
1152 | 121 | protected: | ||
1153 | 122 | QNetworkReply *createRequest(Operation op, const QNetworkRequest &request, | ||
1154 | 123 | QIODevice *outgoingData = 0) Q_DECL_OVERRIDE { | ||
1155 | 124 | Q_UNUSED(op); | ||
1156 | 125 | m_lastRequest = request; | ||
1157 | 126 | m_lastRequestData = outgoingData->readAll(); | ||
1158 | 127 | m_nextReply->start(); | ||
1159 | 128 | return m_nextReply; | ||
1160 | 129 | } | ||
1161 | 130 | |||
1162 | 131 | public: | ||
1163 | 132 | QPointer<TestNetworkReply> m_nextReply; | ||
1164 | 133 | QNetworkRequest m_lastRequest; | ||
1165 | 134 | QByteArray m_lastRequestData; | ||
1166 | 135 | }; | ||
1167 | 136 | |||
1168 | 137 | class PluginTest: public QObject | ||
1169 | 138 | { | ||
1170 | 139 | Q_OBJECT | ||
1171 | 140 | |||
1172 | 141 | private Q_SLOTS: | ||
1173 | 142 | void initTestCase(); | ||
1174 | 143 | void cleanupTestCase(); | ||
1175 | 144 | |||
1176 | 145 | void testLoading(); | ||
1177 | 146 | void testInitialization(); | ||
1178 | 147 | void testPluginType(); | ||
1179 | 148 | void testPluginMechanisms(); | ||
1180 | 149 | void testStoredToken_data(); | ||
1181 | 150 | void testStoredToken(); | ||
1182 | 151 | void testUserInteraction(); | ||
1183 | 152 | void testTokenCreation_data(); | ||
1184 | 153 | void testTokenCreation(); | ||
1185 | 154 | |||
1186 | 155 | void init(); | ||
1187 | 156 | void cleanup(); | ||
1188 | 157 | |||
1189 | 158 | private: | ||
1190 | 159 | UbuntuOne::SignOnPlugin *m_testPlugin; | ||
1191 | 160 | }; | ||
1192 | 161 | |||
1193 | 162 | void PluginTest::initTestCase() | ||
1194 | 163 | { | ||
1195 | 164 | qRegisterMetaType<SignOn::SessionData>(); | ||
1196 | 165 | qRegisterMetaType<SignOn::UiSessionData>(); | ||
1197 | 166 | qRegisterMetaType<SignOn::Error>(); | ||
1198 | 167 | } | ||
1199 | 168 | |||
1200 | 169 | void PluginTest::cleanupTestCase() | ||
1201 | 170 | { | ||
1202 | 171 | } | ||
1203 | 172 | |||
1204 | 173 | // prepare each test by creating new plugin | ||
1205 | 174 | void PluginTest::init() | ||
1206 | 175 | { | ||
1207 | 176 | m_testPlugin = new UbuntuOne::SignOnPlugin(); | ||
1208 | 177 | } | ||
1209 | 178 | |||
1210 | 179 | // finish each test by deleting plugin | ||
1211 | 180 | void PluginTest::cleanup() | ||
1212 | 181 | { | ||
1213 | 182 | delete m_testPlugin; | ||
1214 | 183 | m_testPlugin = 0; | ||
1215 | 184 | } | ||
1216 | 185 | |||
1217 | 186 | void PluginTest::testLoading() | ||
1218 | 187 | { | ||
1219 | 188 | QLibrary module(PLUGIN_PATH); | ||
1220 | 189 | if (!module.load()) { | ||
1221 | 190 | qDebug() << "Failed to load module:" << module.errorString(); | ||
1222 | 191 | } | ||
1223 | 192 | |||
1224 | 193 | QVERIFY(module.isLoaded()); | ||
1225 | 194 | typedef AuthPluginInterface *(*AuthPluginInstanceF)(); | ||
1226 | 195 | auto instance = | ||
1227 | 196 | (AuthPluginInstanceF)module.resolve("auth_plugin_instance"); | ||
1228 | 197 | QVERIFY(instance); | ||
1229 | 198 | |||
1230 | 199 | auto plugin = qobject_cast<AuthPluginInterface *>(instance()); | ||
1231 | 200 | QVERIFY(plugin); | ||
1232 | 201 | } | ||
1233 | 202 | |||
1234 | 203 | void PluginTest::testInitialization() | ||
1235 | 204 | { | ||
1236 | 205 | QVERIFY(m_testPlugin); | ||
1237 | 206 | } | ||
1238 | 207 | |||
1239 | 208 | void PluginTest::testPluginType() | ||
1240 | 209 | { | ||
1241 | 210 | QCOMPARE(m_testPlugin->type(), QString("ubuntuone")); | ||
1242 | 211 | } | ||
1243 | 212 | |||
1244 | 213 | void PluginTest::testPluginMechanisms() | ||
1245 | 214 | { | ||
1246 | 215 | QStringList mechs = m_testPlugin->mechanisms(); | ||
1247 | 216 | QCOMPARE(mechs.count(), 1); | ||
1248 | 217 | QCOMPARE(mechs[0], QString("ubuntuone")); | ||
1249 | 218 | } | ||
1250 | 219 | |||
1251 | 220 | void PluginTest::testStoredToken_data() | ||
1252 | 221 | { | ||
1253 | 222 | QTest::addColumn<QVariantMap>("sessionData"); | ||
1254 | 223 | QTest::addColumn<int>("networkError"); | ||
1255 | 224 | QTest::addColumn<int>("httpStatus"); | ||
1256 | 225 | QTest::addColumn<QString>("replyContents"); | ||
1257 | 226 | QTest::addColumn<int>("expectedErrorCode"); | ||
1258 | 227 | QTest::addColumn<bool>("uiExpected"); | ||
1259 | 228 | QTest::addColumn<QVariantMap>("expectedResponse"); | ||
1260 | 229 | QTest::addColumn<QVariantMap>("expectedStore"); | ||
1261 | 230 | |||
1262 | 231 | UbuntuOne::PluginData sessionData; | ||
1263 | 232 | UbuntuOne::PluginData response; | ||
1264 | 233 | UbuntuOne::PluginData stored; | ||
1265 | 234 | |||
1266 | 235 | QTest::newRow("empty") << | ||
1267 | 236 | sessionData.toMap() << | ||
1268 | 237 | -1 << -1 << QString() << | ||
1269 | 238 | int(Error::MissingData) << | ||
1270 | 239 | false << QVariantMap() << QVariantMap(); | ||
1271 | 240 | |||
1272 | 241 | sessionData.setTokenName("helloworld"); | ||
1273 | 242 | sessionData.setSecret("consumer_key=aAa&consumer_secret=bBb&name=helloworld&token=cCc&token_secret=dDd"); | ||
1274 | 243 | response.setConsumerKey("aAa"); | ||
1275 | 244 | response.setConsumerSecret("bBb"); | ||
1276 | 245 | response.setTokenKey("cCc"); | ||
1277 | 246 | response.setTokenSecret("dDd"); | ||
1278 | 247 | QVariantMap storedData; | ||
1279 | 248 | storedData[sessionData.TokenName()] = response.toMap(); | ||
1280 | 249 | stored.setStoredData(storedData); | ||
1281 | 250 | response.setTokenName(sessionData.TokenName()); | ||
1282 | 251 | QTest::newRow("in secret, valid") << | ||
1283 | 252 | sessionData.toMap() << | ||
1284 | 253 | -1 << | ||
1285 | 254 | 200 << QString("{\n" | ||
1286 | 255 | " \"is_valid\": true,\n" | ||
1287 | 256 | " \"identifier\": \"64we8bn\",\n" | ||
1288 | 257 | " \"account_verified\": true\n" | ||
1289 | 258 | "}") << | ||
1290 | 259 | -1 << | ||
1291 | 260 | false << response.toMap() << stored.toMap(); | ||
1292 | 261 | sessionData = UbuntuOne::PluginData(); | ||
1293 | 262 | response = UbuntuOne::PluginData(); | ||
1294 | 263 | stored = UbuntuOne::PluginData(); | ||
1295 | 264 | storedData.clear(); | ||
1296 | 265 | |||
1297 | 266 | sessionData.setTokenName("helloworld"); | ||
1298 | 267 | sessionData.setSecret("consumer_key=aAa&consumer_secret=bBb&name=helloworld&token=cCc&token_secret=dDd"); | ||
1299 | 268 | response.setConsumerKey("aAa"); | ||
1300 | 269 | response.setConsumerSecret("bBb"); | ||
1301 | 270 | response.setTokenKey("cCc"); | ||
1302 | 271 | response.setTokenSecret("dDd"); | ||
1303 | 272 | storedData[sessionData.TokenName()] = response.toMap(); | ||
1304 | 273 | stored.setStoredData(storedData); | ||
1305 | 274 | response = UbuntuOne::PluginData(); | ||
1306 | 275 | QTest::newRow("in secret, invalid") << | ||
1307 | 276 | sessionData.toMap() << | ||
1308 | 277 | -1 << | ||
1309 | 278 | 200 << QString("{\n" | ||
1310 | 279 | " \"is_valid\": false,\n" | ||
1311 | 280 | " \"identifier\": \"64we8bn\",\n" | ||
1312 | 281 | " \"account_verified\": true\n" | ||
1313 | 282 | "}") << | ||
1314 | 283 | -1 << | ||
1315 | 284 | true << response.toMap() << stored.toMap(); | ||
1316 | 285 | sessionData = UbuntuOne::PluginData(); | ||
1317 | 286 | response = UbuntuOne::PluginData(); | ||
1318 | 287 | stored = UbuntuOne::PluginData(); | ||
1319 | 288 | storedData.clear(); | ||
1320 | 289 | |||
1321 | 290 | sessionData.setTokenName("helloworld"); | ||
1322 | 291 | sessionData.setSecret("consumer_key=aAa&consumer_secret=bBb&name=helloworld&token=cCc&token_secret=dDd"); | ||
1323 | 292 | response.setConsumerKey("aAa"); | ||
1324 | 293 | response.setConsumerSecret("bBb"); | ||
1325 | 294 | response.setTokenKey("cCc"); | ||
1326 | 295 | response.setTokenSecret("dDd"); | ||
1327 | 296 | storedData[sessionData.TokenName()] = response.toMap(); | ||
1328 | 297 | stored.setStoredData(storedData); | ||
1329 | 298 | response = UbuntuOne::PluginData(); | ||
1330 | 299 | QTest::newRow("in secret, network error") << | ||
1331 | 300 | sessionData.toMap() << | ||
1332 | 301 | int(QNetworkReply::SslHandshakeFailedError) << | ||
1333 | 302 | -1 << QString() << | ||
1334 | 303 | int(SignOn::Error::Ssl) << | ||
1335 | 304 | true << response.toMap() << stored.toMap(); | ||
1336 | 305 | sessionData = UbuntuOne::PluginData(); | ||
1337 | 306 | response = UbuntuOne::PluginData(); | ||
1338 | 307 | stored = UbuntuOne::PluginData(); | ||
1339 | 308 | storedData.clear(); | ||
1340 | 309 | } | ||
1341 | 310 | |||
1342 | 311 | void PluginTest::testStoredToken() | ||
1343 | 312 | { | ||
1344 | 313 | QFETCH(QVariantMap, sessionData); | ||
1345 | 314 | QFETCH(int, httpStatus); | ||
1346 | 315 | QFETCH(int, networkError); | ||
1347 | 316 | QFETCH(QString, replyContents); | ||
1348 | 317 | QFETCH(int, expectedErrorCode); | ||
1349 | 318 | QFETCH(bool, uiExpected); | ||
1350 | 319 | QFETCH(QVariantMap, expectedResponse); | ||
1351 | 320 | QFETCH(QVariantMap, expectedStore); | ||
1352 | 321 | |||
1353 | 322 | QSignalSpy result(m_testPlugin, SIGNAL(result(const SignOn::SessionData&))); | ||
1354 | 323 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
1355 | 324 | QSignalSpy userActionRequired(m_testPlugin, | ||
1356 | 325 | SIGNAL(userActionRequired(const SignOn::UiSessionData&))); | ||
1357 | 326 | QSignalSpy store(m_testPlugin, SIGNAL(store(const SignOn::SessionData&))); | ||
1358 | 327 | |||
1359 | 328 | /* Prepare network reply */ | ||
1360 | 329 | TestNetworkAccessManager *nam = new TestNetworkAccessManager; | ||
1361 | 330 | m_testPlugin->m_networkAccessManager = nam; | ||
1362 | 331 | TestNetworkReply *reply = new TestNetworkReply(this); | ||
1363 | 332 | if (httpStatus > 0) { | ||
1364 | 333 | reply->setStatusCode(httpStatus); | ||
1365 | 334 | } else { | ||
1366 | 335 | reply->setError(QNetworkReply::NetworkError(networkError), | ||
1367 | 336 | "Network error"); | ||
1368 | 337 | } | ||
1369 | 338 | reply->setContent(replyContents.toUtf8()); | ||
1370 | 339 | nam->setNextReply(reply); | ||
1371 | 340 | |||
1372 | 341 | |||
1373 | 342 | m_testPlugin->process(sessionData, "ubuntuone"); | ||
1374 | 343 | if (expectedErrorCode < 0) { | ||
1375 | 344 | QCOMPARE(error.count(), 0); | ||
1376 | 345 | QTRY_COMPARE(userActionRequired.count(), uiExpected ? 1 : 0); | ||
1377 | 346 | if (!expectedResponse.isEmpty()) { | ||
1378 | 347 | QTRY_COMPARE(result.count(), 1); | ||
1379 | 348 | QVariantMap resp = result.at(0).at(0).value<SessionData>().toMap(); | ||
1380 | 349 | QCOMPARE(resp, expectedResponse); | ||
1381 | 350 | } else { | ||
1382 | 351 | QCOMPARE(result.count(), 0); | ||
1383 | 352 | } | ||
1384 | 353 | |||
1385 | 354 | if (!expectedStore.isEmpty()) { | ||
1386 | 355 | QCOMPARE(store.count(), 1); | ||
1387 | 356 | QVariantMap storedData = | ||
1388 | 357 | store.at(0).at(0).value<SessionData>().toMap(); | ||
1389 | 358 | QCOMPARE(storedData, expectedStore); | ||
1390 | 359 | } else { | ||
1391 | 360 | QCOMPARE(store.count(), 0); | ||
1392 | 361 | } | ||
1393 | 362 | } else { | ||
1394 | 363 | QTRY_COMPARE(error.count(), 1); | ||
1395 | 364 | Error err = error.at(0).at(0).value<Error>(); | ||
1396 | 365 | QCOMPARE(err.type(), expectedErrorCode); | ||
1397 | 366 | } | ||
1398 | 367 | } | ||
1399 | 368 | |||
1400 | 369 | void PluginTest::testUserInteraction() | ||
1401 | 370 | { | ||
1402 | 371 | QSignalSpy result(m_testPlugin, SIGNAL(result(const SignOn::SessionData&))); | ||
1403 | 372 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
1404 | 373 | QSignalSpy userActionRequired(m_testPlugin, | ||
1405 | 374 | SIGNAL(userActionRequired(const SignOn::UiSessionData&))); | ||
1406 | 375 | QSignalSpy store(m_testPlugin, SIGNAL(store(const SignOn::SessionData&))); | ||
1407 | 376 | |||
1408 | 377 | TestNetworkAccessManager *nam = new TestNetworkAccessManager; | ||
1409 | 378 | m_testPlugin->m_networkAccessManager = nam; | ||
1410 | 379 | |||
1411 | 380 | UbuntuOne::PluginData sessionData; | ||
1412 | 381 | sessionData.setTokenName("helloworld"); | ||
1413 | 382 | sessionData.setUserName("tom@example.com"); | ||
1414 | 383 | m_testPlugin->process(sessionData, "ubuntuone"); | ||
1415 | 384 | |||
1416 | 385 | QTRY_COMPARE(userActionRequired.count(), 1); | ||
1417 | 386 | QVariantMap data = | ||
1418 | 387 | userActionRequired.at(0).at(0).value<UiSessionData>().toMap(); | ||
1419 | 388 | QVariantMap expectedUserInteraction; | ||
1420 | 389 | expectedUserInteraction[SSOUI_KEY_QUERYUSERNAME] = true; | ||
1421 | 390 | expectedUserInteraction[SSOUI_KEY_USERNAME] = "tom@example.com"; | ||
1422 | 391 | expectedUserInteraction[SSOUI_KEY_QUERYPASSWORD] = true; | ||
1423 | 392 | QCOMPARE(data, expectedUserInteraction); | ||
1424 | 393 | userActionRequired.clear(); | ||
1425 | 394 | |||
1426 | 395 | /* Prepare network reply */ | ||
1427 | 396 | TestNetworkReply *reply = new TestNetworkReply(this); | ||
1428 | 397 | reply->setStatusCode(401); | ||
1429 | 398 | reply->setContent("{\n" | ||
1430 | 399 | " \"code\": \"TWOFACTOR_REQUIRED\",\n" | ||
1431 | 400 | " \"message\": \"This account requires 2-factor authentication.\",\n" | ||
1432 | 401 | " \"extra\": {}\n" | ||
1433 | 402 | "}"); | ||
1434 | 403 | nam->setNextReply(reply); | ||
1435 | 404 | |||
1436 | 405 | QVariantMap userReply; | ||
1437 | 406 | userReply[SSOUI_KEY_USERNAME] = "tom@example.com"; | ||
1438 | 407 | userReply[SSOUI_KEY_PASSWORD] = "s3cr3t"; | ||
1439 | 408 | m_testPlugin->userActionFinished(userReply); | ||
1440 | 409 | |||
1441 | 410 | /* Again the plugin should request user interaction, as OTP is required */ | ||
1442 | 411 | QTRY_COMPARE(userActionRequired.count(), 1); | ||
1443 | 412 | data = userActionRequired.at(0).at(0).value<UiSessionData>().toMap(); | ||
1444 | 413 | expectedUserInteraction.clear(); | ||
1445 | 414 | expectedUserInteraction[SSOUI_KEY_USERNAME] = "tom@example.com"; | ||
1446 | 415 | expectedUserInteraction[SSOUI_KEY_PASSWORD] = "s3cr3t"; | ||
1447 | 416 | expectedUserInteraction[SSOUI_KEY_QUERY2FA] = true; | ||
1448 | 417 | /* We want the map to contain the SSOUI_KEY_2FA_TEXT, but we don't care | ||
1449 | 418 | * about the value */ | ||
1450 | 419 | QVERIFY(data.contains(SSOUI_KEY_2FA_TEXT)); | ||
1451 | 420 | data.remove(SSOUI_KEY_2FA_TEXT); | ||
1452 | 421 | QCOMPARE(data, expectedUserInteraction); | ||
1453 | 422 | } | ||
1454 | 423 | |||
1455 | 424 | void PluginTest::testTokenCreation_data() | ||
1456 | 425 | { | ||
1457 | 426 | QTest::addColumn<QVariantMap>("sessionData"); | ||
1458 | 427 | QTest::addColumn<int>("networkError"); | ||
1459 | 428 | QTest::addColumn<int>("httpStatus"); | ||
1460 | 429 | QTest::addColumn<QString>("replyContents"); | ||
1461 | 430 | QTest::addColumn<int>("expectedErrorCode"); | ||
1462 | 431 | QTest::addColumn<QVariantMap>("expectedResponse"); | ||
1463 | 432 | QTest::addColumn<QVariantMap>("expectedStore"); | ||
1464 | 433 | QTest::addColumn<QVariantMap>("expectedUserInteraction"); | ||
1465 | 434 | |||
1466 | 435 | UbuntuOne::PluginData sessionData; | ||
1467 | 436 | UbuntuOne::PluginData response; | ||
1468 | 437 | UbuntuOne::PluginData stored; | ||
1469 | 438 | QVariantMap userInteraction; | ||
1470 | 439 | |||
1471 | 440 | // Successful creation, with password only | ||
1472 | 441 | sessionData.setTokenName("helloworld"); | ||
1473 | 442 | sessionData.setUserName("jim@example.com"); | ||
1474 | 443 | sessionData.setSecret("s3cr3t"); | ||
1475 | 444 | response.setConsumerKey("aAa"); | ||
1476 | 445 | response.setConsumerSecret("bBb"); | ||
1477 | 446 | response.setTokenKey("cCc"); | ||
1478 | 447 | response.setTokenSecret("dDd"); | ||
1479 | 448 | QVariantMap storedData; | ||
1480 | 449 | storedData[sessionData.TokenName()] = response.toMap(); | ||
1481 | 450 | stored.setStoredData(storedData); | ||
1482 | 451 | response.setTokenName(sessionData.TokenName()); | ||
1483 | 452 | QTest::newRow("no OTP needed, 201") << | ||
1484 | 453 | sessionData.toMap() << | ||
1485 | 454 | -1 << | ||
1486 | 455 | 201 << QString("{\n" | ||
1487 | 456 | " \"href\": \"https://login.ubuntu.com/api/v2/tokens/oauth/the-key\",\n" | ||
1488 | 457 | " \"token_key\": \"cCc\",\n" | ||
1489 | 458 | " \"token_secret\": \"dDd\",\n" | ||
1490 | 459 | " \"token_name\": \"helloworld\",\n" | ||
1491 | 460 | " \"consumer_key\": \"aAa\",\n" | ||
1492 | 461 | " \"consumer_secret\": \"bBb\",\n" | ||
1493 | 462 | " \"date_created\": \"2013-01-11 12:43:23\",\n" | ||
1494 | 463 | " \"date_updated\": \"2013-01-11 12:43:23\"\n" | ||
1495 | 464 | "}") << | ||
1496 | 465 | -1 << | ||
1497 | 466 | response.toMap() << stored.toMap() << userInteraction; | ||
1498 | 467 | sessionData = UbuntuOne::PluginData(); | ||
1499 | 468 | response = UbuntuOne::PluginData(); | ||
1500 | 469 | stored = UbuntuOne::PluginData(); | ||
1501 | 470 | storedData.clear(); | ||
1502 | 471 | |||
1503 | 472 | // Wrong password | ||
1504 | 473 | sessionData.setTokenName("helloworld"); | ||
1505 | 474 | sessionData.setUserName("jim@example.com"); | ||
1506 | 475 | sessionData.setSecret("s3cr3t"); | ||
1507 | 476 | userInteraction[SSOUI_KEY_QUERYUSERNAME] = true; | ||
1508 | 477 | userInteraction[SSOUI_KEY_USERNAME] = "jim@example.com"; | ||
1509 | 478 | userInteraction[SSOUI_KEY_QUERYPASSWORD] = true; | ||
1510 | 479 | QTest::newRow("wrong password") << | ||
1511 | 480 | sessionData.toMap() << | ||
1512 | 481 | -1 << | ||
1513 | 482 | 401 << QString("{\n" | ||
1514 | 483 | " \"code\": \"INVALID_CREDENTIALS\",\n" | ||
1515 | 484 | " \"message\": \"Wrong password!\",\n" | ||
1516 | 485 | " \"extra\": {}\n" | ||
1517 | 486 | "}") << | ||
1518 | 487 | -1 << | ||
1519 | 488 | response.toMap() << stored.toMap() << userInteraction; | ||
1520 | 489 | sessionData = UbuntuOne::PluginData(); | ||
1521 | 490 | userInteraction.clear(); | ||
1522 | 491 | |||
1523 | 492 | // Network error while creating token | ||
1524 | 493 | sessionData.setTokenName("helloworld"); | ||
1525 | 494 | sessionData.setUserName("jim@example.com"); | ||
1526 | 495 | sessionData.setSecret("s3cr3t"); | ||
1527 | 496 | QTest::newRow("network error") << | ||
1528 | 497 | sessionData.toMap() << | ||
1529 | 498 | int(QNetworkReply::SslHandshakeFailedError) << | ||
1530 | 499 | -1 << QString() << | ||
1531 | 500 | int(SignOn::Error::Ssl) << | ||
1532 | 501 | response.toMap() << stored.toMap() << userInteraction; | ||
1533 | 502 | sessionData = UbuntuOne::PluginData(); | ||
1534 | 503 | |||
1535 | 504 | // Account needs reset | ||
1536 | 505 | sessionData.setTokenName("helloworld"); | ||
1537 | 506 | sessionData.setUserName("jim@example.com"); | ||
1538 | 507 | sessionData.setSecret("s3cr3t"); | ||
1539 | 508 | userInteraction[SSOUI_KEY_OPENURL] = "http://www.example.com/reset"; | ||
1540 | 509 | QTest::newRow("reset needed") << | ||
1541 | 510 | sessionData.toMap() << | ||
1542 | 511 | -1 << | ||
1543 | 512 | 403 << QString("{\n" | ||
1544 | 513 | " \"code\": \"PASSWORD_POLICY_ERROR\",\n" | ||
1545 | 514 | " \"message\": \"Password too short\",\n" | ||
1546 | 515 | " \"extra\": {\n" | ||
1547 | 516 | " \"location\": \"http://www.example.com/reset\"\n" | ||
1548 | 517 | " }\n" | ||
1549 | 518 | "}") << | ||
1550 | 519 | -1 << | ||
1551 | 520 | response.toMap() << stored.toMap() << userInteraction; | ||
1552 | 521 | sessionData = UbuntuOne::PluginData(); | ||
1553 | 522 | userInteraction.clear(); | ||
1554 | 523 | } | ||
1555 | 524 | |||
1556 | 525 | void PluginTest::testTokenCreation() | ||
1557 | 526 | { | ||
1558 | 527 | QFETCH(QVariantMap, sessionData); | ||
1559 | 528 | QFETCH(int, httpStatus); | ||
1560 | 529 | QFETCH(int, networkError); | ||
1561 | 530 | QFETCH(QString, replyContents); | ||
1562 | 531 | QFETCH(int, expectedErrorCode); | ||
1563 | 532 | QFETCH(QVariantMap, expectedResponse); | ||
1564 | 533 | QFETCH(QVariantMap, expectedStore); | ||
1565 | 534 | QFETCH(QVariantMap, expectedUserInteraction); | ||
1566 | 535 | |||
1567 | 536 | QSignalSpy result(m_testPlugin, SIGNAL(result(const SignOn::SessionData&))); | ||
1568 | 537 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
1569 | 538 | QSignalSpy userActionRequired(m_testPlugin, | ||
1570 | 539 | SIGNAL(userActionRequired(const SignOn::UiSessionData&))); | ||
1571 | 540 | QSignalSpy store(m_testPlugin, SIGNAL(store(const SignOn::SessionData&))); | ||
1572 | 541 | |||
1573 | 542 | /* Prepare network reply */ | ||
1574 | 543 | TestNetworkAccessManager *nam = new TestNetworkAccessManager; | ||
1575 | 544 | m_testPlugin->m_networkAccessManager = nam; | ||
1576 | 545 | TestNetworkReply *reply = new TestNetworkReply(this); | ||
1577 | 546 | if (httpStatus > 0) { | ||
1578 | 547 | reply->setStatusCode(httpStatus); | ||
1579 | 548 | } else { | ||
1580 | 549 | reply->setError(QNetworkReply::NetworkError(networkError), | ||
1581 | 550 | "Network error"); | ||
1582 | 551 | } | ||
1583 | 552 | reply->setContent(replyContents.toUtf8()); | ||
1584 | 553 | nam->setNextReply(reply); | ||
1585 | 554 | |||
1586 | 555 | |||
1587 | 556 | m_testPlugin->process(sessionData, "ubuntuone"); | ||
1588 | 557 | if (expectedErrorCode < 0) { | ||
1589 | 558 | if (!expectedUserInteraction.isEmpty()) { | ||
1590 | 559 | QTRY_COMPARE(userActionRequired.count(), 1); | ||
1591 | 560 | QVariantMap data = | ||
1592 | 561 | userActionRequired.at(0).at(0).value<UiSessionData>().toMap(); | ||
1593 | 562 | QCOMPARE(data, expectedUserInteraction); | ||
1594 | 563 | } else { | ||
1595 | 564 | QCOMPARE(userActionRequired.count(), 0); | ||
1596 | 565 | } | ||
1597 | 566 | |||
1598 | 567 | if (!expectedResponse.isEmpty()) { | ||
1599 | 568 | QTRY_COMPARE(result.count(), 1); | ||
1600 | 569 | QVariantMap resp = result.at(0).at(0).value<SessionData>().toMap(); | ||
1601 | 570 | QCOMPARE(resp, expectedResponse); | ||
1602 | 571 | } else { | ||
1603 | 572 | QCOMPARE(result.count(), 0); | ||
1604 | 573 | } | ||
1605 | 574 | |||
1606 | 575 | if (!expectedStore.isEmpty()) { | ||
1607 | 576 | QCOMPARE(store.count(), 1); | ||
1608 | 577 | QVariantMap storedData = | ||
1609 | 578 | store.at(0).at(0).value<SessionData>().toMap(); | ||
1610 | 579 | QCOMPARE(storedData, expectedStore); | ||
1611 | 580 | } else { | ||
1612 | 581 | QCOMPARE(store.count(), 0); | ||
1613 | 582 | } | ||
1614 | 583 | |||
1615 | 584 | QCOMPARE(error.count(), 0); | ||
1616 | 585 | } else { | ||
1617 | 586 | QTRY_COMPARE(error.count(), 1); | ||
1618 | 587 | Error err = error.at(0).at(0).value<Error>(); | ||
1619 | 588 | QCOMPARE(err.type(), expectedErrorCode); | ||
1620 | 589 | } | ||
1621 | 590 | } | ||
1622 | 591 | |||
1623 | 592 | #if 0 | ||
1624 | 593 | void PluginTest::testPluginHmacSha1Process_data() | ||
1625 | 594 | { | ||
1626 | 595 | QTest::addColumn<QString>("mechanism"); | ||
1627 | 596 | QTest::addColumn<QVariantMap>("sessionData"); | ||
1628 | 597 | QTest::addColumn<int>("replyStatusCode"); | ||
1629 | 598 | QTest::addColumn<QString>("replyContentType"); | ||
1630 | 599 | QTest::addColumn<QString>("replyContents"); | ||
1631 | 600 | QTest::addColumn<int>("errorCode"); | ||
1632 | 601 | QTest::addColumn<bool>("uiExpected"); | ||
1633 | 602 | QTest::addColumn<QVariantMap>("response"); | ||
1634 | 603 | QTest::addColumn<QVariantMap>("stored"); | ||
1635 | 604 | |||
1636 | 605 | OAuth1PluginData hmacSha1Data; | ||
1637 | 606 | hmacSha1Data.setRequestEndpoint("https://localhost/oauth/request_token"); | ||
1638 | 607 | hmacSha1Data.setTokenEndpoint("https://localhost/oauth/access_token"); | ||
1639 | 608 | hmacSha1Data.setAuthorizationEndpoint("https://localhost/oauth/authorize"); | ||
1640 | 609 | hmacSha1Data.setCallback("https://localhost/connect/login_success.html"); | ||
1641 | 610 | hmacSha1Data.setConsumerKey("104660106251471"); | ||
1642 | 611 | hmacSha1Data.setConsumerSecret("fa28f40b5a1f8c1d5628963d880636fbkjkjkj"); | ||
1643 | 612 | hmacSha1Data.setRealm("MyHost"); | ||
1644 | 613 | |||
1645 | 614 | QTest::newRow("invalid mechanism") << | ||
1646 | 615 | "ANONYMOUS" << | ||
1647 | 616 | hmacSha1Data.toMap() << | ||
1648 | 617 | int(200) << "" << "" << | ||
1649 | 618 | int(Error::MechanismNotAvailable) << | ||
1650 | 619 | false << QVariantMap() << QVariantMap(); | ||
1651 | 620 | |||
1652 | 621 | // Try without params | ||
1653 | 622 | hmacSha1Data.setAuthorizationEndpoint(QString()); | ||
1654 | 623 | QTest::newRow("without params, HMAC-SHA1") << | ||
1655 | 624 | "HMAC-SHA1" << | ||
1656 | 625 | hmacSha1Data.toMap() << | ||
1657 | 626 | int(200) << "" << "" << | ||
1658 | 627 | int(Error::MissingData) << | ||
1659 | 628 | false << QVariantMap() << QVariantMap(); | ||
1660 | 629 | |||
1661 | 630 | // Check for signon UI request for HMAC-SHA1 | ||
1662 | 631 | hmacSha1Data.setAuthorizationEndpoint("https://localhost/oauth/authorize"); | ||
1663 | 632 | QTest::newRow("ui-request, HMAC-SHA1") << | ||
1664 | 633 | "HMAC-SHA1" << | ||
1665 | 634 | hmacSha1Data.toMap() << | ||
1666 | 635 | int(200) << "text/plain" << | ||
1667 | 636 | "oauth_token=HiThere&oauth_token_secret=BigSecret" << | ||
1668 | 637 | -1 << | ||
1669 | 638 | true << QVariantMap() << QVariantMap(); | ||
1670 | 639 | |||
1671 | 640 | QTest::newRow("ui-request, PLAINTEXT") << | ||
1672 | 641 | "PLAINTEXT" << | ||
1673 | 642 | hmacSha1Data.toMap() << | ||
1674 | 643 | int(200) << "text/plain" << | ||
1675 | 644 | "oauth_token=HiThere&oauth_token_secret=BigSecret" << | ||
1676 | 645 | -1 << | ||
1677 | 646 | true << QVariantMap() << QVariantMap(); | ||
1678 | 647 | |||
1679 | 648 | /* Now store some tokens and test the responses */ | ||
1680 | 649 | hmacSha1Data.m_data.insert("UiPolicy", NoUserInteractionPolicy); | ||
1681 | 650 | QVariantMap tokens; // ConsumerKey to Token map | ||
1682 | 651 | QVariantMap token; | ||
1683 | 652 | token.insert("oauth_token", QLatin1String("hmactokenfromtest")); | ||
1684 | 653 | token.insert("oauth_token_secret", QLatin1String("hmacsecretfromtest")); | ||
1685 | 654 | token.insert("timestamp", QDateTime::currentDateTime().toTime_t()); | ||
1686 | 655 | token.insert("Expiry", (uint)50000); | ||
1687 | 656 | tokens.insert(QLatin1String("invalidid"), QVariant::fromValue(token)); | ||
1688 | 657 | hmacSha1Data.m_data.insert(QLatin1String("Tokens"), tokens); | ||
1689 | 658 | |||
1690 | 659 | // Try without cached token for our ConsumerKey | ||
1691 | 660 | QTest::newRow("cached tokens, no ConsumerKey") << | ||
1692 | 661 | "HMAC-SHA1" << | ||
1693 | 662 | hmacSha1Data.toMap() << | ||
1694 | 663 | int(200) << "text/plain" << | ||
1695 | 664 | "oauth_token=HiThere&oauth_token_secret=BigSecret" << | ||
1696 | 665 | -1 << | ||
1697 | 666 | true << QVariantMap() << QVariantMap(); | ||
1698 | 667 | |||
1699 | 668 | // Ensure that the cached token is returned as required | ||
1700 | 669 | tokens.insert(hmacSha1Data.ConsumerKey(), QVariant::fromValue(token)); | ||
1701 | 670 | hmacSha1Data.m_data.insert(QLatin1String("Tokens"), tokens); | ||
1702 | 671 | QVariantMap response; | ||
1703 | 672 | response.insert("AccessToken", QLatin1String("hmactokenfromtest")); | ||
1704 | 673 | QTest::newRow("cached tokens, with ConsumerKey") << | ||
1705 | 674 | "HMAC-SHA1" << | ||
1706 | 675 | hmacSha1Data.toMap() << | ||
1707 | 676 | int(200) << "" << "" << | ||
1708 | 677 | -1 << | ||
1709 | 678 | false << response << QVariantMap(); | ||
1710 | 679 | |||
1711 | 680 | hmacSha1Data.m_data.insert("UiPolicy", RequestPasswordPolicy); | ||
1712 | 681 | QTest::newRow("cached tokens, request password policy") << | ||
1713 | 682 | "HMAC-SHA1" << | ||
1714 | 683 | hmacSha1Data.toMap() << | ||
1715 | 684 | int(200) << "text/plain" << | ||
1716 | 685 | "oauth_token=HiThere&oauth_token_secret=BigSecret" << | ||
1717 | 686 | -1 << | ||
1718 | 687 | true << QVariantMap() << QVariantMap(); | ||
1719 | 688 | hmacSha1Data.m_data.remove("UiPolicy"); | ||
1720 | 689 | |||
1721 | 690 | hmacSha1Data.setForceTokenRefresh(true); | ||
1722 | 691 | QTest::newRow("cached tokens, force refresh") << | ||
1723 | 692 | "HMAC-SHA1" << | ||
1724 | 693 | hmacSha1Data.toMap() << | ||
1725 | 694 | int(200) << "text/plain" << | ||
1726 | 695 | "oauth_token=HiThere&oauth_token_secret=BigSecret" << | ||
1727 | 696 | -1 << | ||
1728 | 697 | true << QVariantMap() << QVariantMap(); | ||
1729 | 698 | hmacSha1Data.setForceTokenRefresh(false); | ||
1730 | 699 | |||
1731 | 700 | token.insert("timestamp", QDateTime::currentDateTime().toTime_t() - 50000); | ||
1732 | 701 | token.insert("Expiry", (uint)100); | ||
1733 | 702 | tokens.insert(hmacSha1Data.ConsumerKey(), QVariant::fromValue(token)); | ||
1734 | 703 | hmacSha1Data.m_data.insert(QLatin1String("Tokens"), tokens); | ||
1735 | 704 | QTest::newRow("cached tokens, expired") << | ||
1736 | 705 | "HMAC-SHA1" << | ||
1737 | 706 | hmacSha1Data.toMap() << | ||
1738 | 707 | int(200) << "text/plain" << | ||
1739 | 708 | "oauth_token=HiThere&oauth_token_secret=BigSecret" << | ||
1740 | 709 | -1 << | ||
1741 | 710 | true << QVariantMap() << QVariantMap(); | ||
1742 | 711 | |||
1743 | 712 | /* test the ProvidedTokens semantics */ | ||
1744 | 713 | OAuth1PluginData providedTokensHmacSha1Data; | ||
1745 | 714 | providedTokensHmacSha1Data.setRequestEndpoint("https://localhost/oauth/request_token"); | ||
1746 | 715 | providedTokensHmacSha1Data.setTokenEndpoint("https://localhost/oauth/access_token"); | ||
1747 | 716 | providedTokensHmacSha1Data.setAuthorizationEndpoint("https://localhost/oauth/authorize"); | ||
1748 | 717 | providedTokensHmacSha1Data.setCallback("https://localhost/connect/login_success.html"); | ||
1749 | 718 | providedTokensHmacSha1Data.setConsumerKey("104660106251471"); | ||
1750 | 719 | providedTokensHmacSha1Data.setConsumerSecret("fa28f40b5a1f8c1d5628963d880636fbkjkjkj"); | ||
1751 | 720 | QVariantMap providedTokens; | ||
1752 | 721 | providedTokens.insert("AccessToken", "providedhmactokenfromtest"); | ||
1753 | 722 | providedTokens.insert("TokenSecret", "providedhmacsecretfromtest"); | ||
1754 | 723 | providedTokens.insert("ScreenName", "providedhmacscreennamefromtest"); | ||
1755 | 724 | providedTokens.insert("UserId", "providedUserId"); | ||
1756 | 725 | |||
1757 | 726 | // try providing tokens to be stored | ||
1758 | 727 | providedTokensHmacSha1Data.m_data.insert("ProvidedTokens", providedTokens); | ||
1759 | 728 | QVariantMap storedTokensForKey; | ||
1760 | 729 | storedTokensForKey.insert("oauth_token", providedTokens.value("AccessToken")); | ||
1761 | 730 | storedTokensForKey.insert("oauth_token_secret", providedTokens.value("TokenSecret")); | ||
1762 | 731 | QVariantMap storedTokens; | ||
1763 | 732 | storedTokens.insert(providedTokensHmacSha1Data.ConsumerKey(), storedTokensForKey); | ||
1764 | 733 | QVariantMap stored; | ||
1765 | 734 | stored.insert("Tokens", storedTokens); | ||
1766 | 735 | QTest::newRow("provided tokens") << | ||
1767 | 736 | "HMAC-SHA1" << | ||
1768 | 737 | providedTokensHmacSha1Data.toMap() << | ||
1769 | 738 | int(200) << "" << "" << | ||
1770 | 739 | -1 << | ||
1771 | 740 | false << providedTokens << stored; | ||
1772 | 741 | |||
1773 | 742 | QTest::newRow("http error 401") << | ||
1774 | 743 | "HMAC-SHA1" << | ||
1775 | 744 | hmacSha1Data.toMap() << | ||
1776 | 745 | int(401) << "text/plain" << | ||
1777 | 746 | "oauth_token=HiThere&oauth_token_secret=BigSecret" << | ||
1778 | 747 | int(Error::OperationFailed) << | ||
1779 | 748 | false << QVariantMap() << QVariantMap(); | ||
1780 | 749 | |||
1781 | 750 | QTest::newRow("no content returned") << | ||
1782 | 751 | "HMAC-SHA1" << | ||
1783 | 752 | hmacSha1Data.toMap() << | ||
1784 | 753 | int(200) << "" << "" << | ||
1785 | 754 | int(Error::OperationFailed) << | ||
1786 | 755 | false << QVariantMap() << QVariantMap(); | ||
1787 | 756 | |||
1788 | 757 | QTest::newRow("no token returned") << | ||
1789 | 758 | "HMAC-SHA1" << | ||
1790 | 759 | hmacSha1Data.toMap() << | ||
1791 | 760 | int(200) << "text/plain" << | ||
1792 | 761 | "oauth_token=HiThere" << | ||
1793 | 762 | int(Error::OperationFailed) << | ||
1794 | 763 | false << QVariantMap() << QVariantMap(); | ||
1795 | 764 | |||
1796 | 765 | /* Test handling of oauth_problem; this is a non standard extension: | ||
1797 | 766 | * http://wiki.oauth.net/w/page/12238543/ProblemReporting | ||
1798 | 767 | * https://developer.yahoo.com/oauth/guide/oauth-errors.html | ||
1799 | 768 | */ | ||
1800 | 769 | QTest::newRow("problem user_refused") << | ||
1801 | 770 | "HMAC-SHA1" << | ||
1802 | 771 | hmacSha1Data.toMap() << | ||
1803 | 772 | int(400) << "text/plain" << | ||
1804 | 773 | "oauth_problem=user_refused" << | ||
1805 | 774 | int(Error::PermissionDenied) << | ||
1806 | 775 | false << QVariantMap() << QVariantMap(); | ||
1807 | 776 | QTest::newRow("problem permission_denied") << | ||
1808 | 777 | "HMAC-SHA1" << | ||
1809 | 778 | hmacSha1Data.toMap() << | ||
1810 | 779 | int(400) << "text/plain" << | ||
1811 | 780 | "oauth_problem=permission_denied" << | ||
1812 | 781 | int(Error::PermissionDenied) << | ||
1813 | 782 | false << QVariantMap() << QVariantMap(); | ||
1814 | 783 | QTest::newRow("problem signature_invalid") << | ||
1815 | 784 | "HMAC-SHA1" << | ||
1816 | 785 | hmacSha1Data.toMap() << | ||
1817 | 786 | int(400) << "text/plain" << | ||
1818 | 787 | "oauth_problem=signature_invalid" << | ||
1819 | 788 | int(Error::OperationFailed) << | ||
1820 | 789 | false << QVariantMap() << QVariantMap(); | ||
1821 | 790 | } | ||
1822 | 791 | |||
1823 | 792 | void PluginTest::testPluginHmacSha1Process() | ||
1824 | 793 | { | ||
1825 | 794 | QFETCH(QString, mechanism); | ||
1826 | 795 | QFETCH(QVariantMap, sessionData); | ||
1827 | 796 | QFETCH(int, replyStatusCode); | ||
1828 | 797 | QFETCH(QString, replyContentType); | ||
1829 | 798 | QFETCH(QString, replyContents); | ||
1830 | 799 | QFETCH(int, errorCode); | ||
1831 | 800 | QFETCH(bool, uiExpected); | ||
1832 | 801 | QFETCH(QVariantMap, response); | ||
1833 | 802 | QFETCH(QVariantMap, stored); | ||
1834 | 803 | |||
1835 | 804 | QSignalSpy result(m_testPlugin, SIGNAL(result(const SignOn::SessionData&))); | ||
1836 | 805 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
1837 | 806 | QSignalSpy userActionRequired(m_testPlugin, | ||
1838 | 807 | SIGNAL(userActionRequired(const SignOn::UiSessionData&))); | ||
1839 | 808 | QSignalSpy store(m_testPlugin, SIGNAL(store(const SignOn::SessionData&))); | ||
1840 | 809 | |||
1841 | 810 | TestNetworkAccessManager *nam = new TestNetworkAccessManager; | ||
1842 | 811 | m_testPlugin->m_networkAccessManager = nam; | ||
1843 | 812 | TestNetworkReply *reply = new TestNetworkReply(this); | ||
1844 | 813 | reply->setStatusCode(replyStatusCode); | ||
1845 | 814 | if (!replyContentType.isEmpty()) { | ||
1846 | 815 | reply->setContentType(replyContentType); | ||
1847 | 816 | } | ||
1848 | 817 | reply->setContent(replyContents.toUtf8()); | ||
1849 | 818 | nam->setNextReply(reply); | ||
1850 | 819 | |||
1851 | 820 | m_testPlugin->process(sessionData, mechanism); | ||
1852 | 821 | |||
1853 | 822 | QTRY_COMPARE(result.count(), response.isEmpty() ? 0 : 1); | ||
1854 | 823 | /* In the test data sometimes we don't specify the expected stored data, | ||
1855 | 824 | * but this doesn't mean that store() shouldn't be emitted. */ | ||
1856 | 825 | if (!stored.isEmpty()) { QTRY_COMPARE(store.count(), 1); } | ||
1857 | 826 | QTRY_COMPARE(userActionRequired.count(), uiExpected ? 1 : 0); | ||
1858 | 827 | QTRY_COMPARE(error.count(), errorCode < 0 ? 0 : 1); | ||
1859 | 828 | |||
1860 | 829 | if (errorCode < 0) { | ||
1861 | 830 | QCOMPARE(error.count(), 0); | ||
1862 | 831 | |||
1863 | 832 | QVariantMap resp = result.count() > 0 ? | ||
1864 | 833 | result.at(0).at(0).value<SessionData>().toMap() : QVariantMap(); | ||
1865 | 834 | QVariantMap storedData = store.count() > 0 ? | ||
1866 | 835 | store.at(0).at(0).value<SessionData>().toMap() : QVariantMap(); | ||
1867 | 836 | /* We don't check the network request if a response was received, | ||
1868 | 837 | * because a response can only be received if a cached token was | ||
1869 | 838 | * found -- and that doesn't cause any network request to be made. */ | ||
1870 | 839 | if (resp.isEmpty()) { | ||
1871 | 840 | QCOMPARE(nam->m_lastRequest.url(), | ||
1872 | 841 | sessionData.value("RequestEndpoint").toUrl()); | ||
1873 | 842 | QVERIFY(nam->m_lastRequestData.isEmpty()); | ||
1874 | 843 | |||
1875 | 844 | /* Check the authorization header */ | ||
1876 | 845 | QString authorizationHeader = | ||
1877 | 846 | QString::fromUtf8(nam->m_lastRequest.rawHeader("Authorization")); | ||
1878 | 847 | QStringList authorizationHeaderParts = | ||
1879 | 848 | authorizationHeader.split(QRegExp(",?\\s+")); | ||
1880 | 849 | QCOMPARE(authorizationHeaderParts[0], QString("OAuth")); | ||
1881 | 850 | |||
1882 | 851 | /* The rest of the header should be a mapping, let's parse it */ | ||
1883 | 852 | bool ok = true; | ||
1884 | 853 | QVariantMap authMap = | ||
1885 | 854 | parseAuthorizationHeader(authorizationHeaderParts.mid(1), &ok); | ||
1886 | 855 | QVERIFY(ok); | ||
1887 | 856 | QCOMPARE(authMap.value("oauth_signature_method").toString(), mechanism); | ||
1888 | 857 | } | ||
1889 | 858 | |||
1890 | 859 | QVERIFY(mapIsSubset(response, resp)); | ||
1891 | 860 | QVERIFY(mapIsSubset(stored, storedData)); | ||
1892 | 861 | } else { | ||
1893 | 862 | Error err = error.at(0).at(0).value<Error>(); | ||
1894 | 863 | QCOMPARE(err.type(), errorCode); | ||
1895 | 864 | } | ||
1896 | 865 | } | ||
1897 | 866 | |||
1898 | 867 | void PluginTest::testPluginUseragentUserActionFinished() | ||
1899 | 868 | { | ||
1900 | 869 | SignOn::UiSessionData info; | ||
1901 | 870 | PluginData data; | ||
1902 | 871 | data.setHost("https://localhost"); | ||
1903 | 872 | data.setAuthPath("authorize"); | ||
1904 | 873 | data.setTokenPath("access_token"); | ||
1905 | 874 | data.setClientId("104660106251471"); | ||
1906 | 875 | data.setClientSecret("fa28f40b5a1f8c1d5628963d880636fbkjkjkj"); | ||
1907 | 876 | data.setRedirectUri("http://localhost/connect/login_success.html"); | ||
1908 | 877 | QStringList scopes = QStringList() << "scope1" << "scope2"; | ||
1909 | 878 | data.setScope(scopes); | ||
1910 | 879 | |||
1911 | 880 | QSignalSpy resultSpy(m_testPlugin, SIGNAL(result(const SignOn::SessionData&))); | ||
1912 | 881 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
1913 | 882 | QSignalSpy userActionRequired(m_testPlugin, | ||
1914 | 883 | SIGNAL(userActionRequired(const SignOn::UiSessionData&))); | ||
1915 | 884 | QSignalSpy store(m_testPlugin, SIGNAL(store(const SignOn::SessionData&))); | ||
1916 | 885 | |||
1917 | 886 | m_testPlugin->process(data, QString("user_agent")); | ||
1918 | 887 | |||
1919 | 888 | QTRY_COMPARE(userActionRequired.count(), 1); | ||
1920 | 889 | QString state = parseState(userActionRequired); | ||
1921 | 890 | |||
1922 | 891 | //empty data | ||
1923 | 892 | m_testPlugin->userActionFinished(info); | ||
1924 | 893 | QTRY_COMPARE(error.count(), 1); | ||
1925 | 894 | QCOMPARE(error.at(0).at(0).value<Error>().type(), int(Error::NotAuthorized)); | ||
1926 | 895 | error.clear(); | ||
1927 | 896 | |||
1928 | 897 | //invalid data | ||
1929 | 898 | info.setUrlResponse(QString("http://www.facebook.com/connect/login_success.html#access_token=&expires_in=4776")); | ||
1930 | 899 | m_testPlugin->userActionFinished(info); | ||
1931 | 900 | QTRY_COMPARE(error.count(), 1); | ||
1932 | 901 | QCOMPARE(error.at(0).at(0).value<Error>().type(), int(Error::NotAuthorized)); | ||
1933 | 902 | error.clear(); | ||
1934 | 903 | |||
1935 | 904 | //Invalid data | ||
1936 | 905 | info.setUrlResponse(QString("http://www.facebook.com/connect/login_success.html")); | ||
1937 | 906 | m_testPlugin->userActionFinished(info); | ||
1938 | 907 | QTRY_COMPARE(error.count(), 1); | ||
1939 | 908 | QCOMPARE(error.at(0).at(0).value<Error>().type(), int(Error::NotAuthorized)); | ||
1940 | 909 | error.clear(); | ||
1941 | 910 | |||
1942 | 911 | // Wrong state | ||
1943 | 912 | info.setUrlResponse(QString("http://www.facebook.com/connect/login_success.html" | ||
1944 | 913 | "#access_token=123&expires_in=456&state=%1"). | ||
1945 | 914 | arg(state + "Boo")); | ||
1946 | 915 | m_testPlugin->userActionFinished(info); | ||
1947 | 916 | QTRY_COMPARE(error.count(), 1); | ||
1948 | 917 | QCOMPARE(error.at(0).at(0).value<Error>().type(), int(Error::NotAuthorized)); | ||
1949 | 918 | error.clear(); | ||
1950 | 919 | |||
1951 | 920 | //valid data | ||
1952 | 921 | info.setUrlResponse(QString("http://www.facebook.com/connect/login_success.html#access_token=testtoken.&expires_in=4776&state=%1"). | ||
1953 | 922 | arg(state)); | ||
1954 | 923 | m_testPlugin->userActionFinished(info); | ||
1955 | 924 | QTRY_COMPARE(resultSpy.count(), 1); | ||
1956 | 925 | SessionData response = resultSpy.at(0).at(0).value<SessionData>(); | ||
1957 | 926 | PluginTokenData result = response.data<PluginTokenData>(); | ||
1958 | 927 | QCOMPARE(result.AccessToken(), QString("testtoken.")); | ||
1959 | 928 | QCOMPARE(result.ExpiresIn(), 4776); | ||
1960 | 929 | QCOMPARE(result.Scope(), QStringList() << "scope1" << "scope2"); | ||
1961 | 930 | resultSpy.clear(); | ||
1962 | 931 | QTRY_COMPARE(store.count(), 1); | ||
1963 | 932 | SessionData storedData = store.at(0).at(0).value<SessionData>(); | ||
1964 | 933 | QVariantMap storedTokenData = storedData.data<TokenData>().Tokens(); | ||
1965 | 934 | QVariantMap storedClientData = | ||
1966 | 935 | storedTokenData.value(data.ClientId()).toMap(); | ||
1967 | 936 | QVERIFY(!storedClientData.isEmpty()); | ||
1968 | 937 | QCOMPARE(storedClientData["Scopes"].toStringList(), scopes); | ||
1969 | 938 | store.clear(); | ||
1970 | 939 | |||
1971 | 940 | //valid data, got scopes | ||
1972 | 941 | info.setUrlResponse(QString("http://www.facebook.com/connect/login_success.html#access_token=testtoken.&expires_in=4776&state=%1&scope=scope2"). | ||
1973 | 942 | arg(state)); | ||
1974 | 943 | m_testPlugin->userActionFinished(info); | ||
1975 | 944 | QTRY_COMPARE(resultSpy.count(), 1); | ||
1976 | 945 | response = resultSpy.at(0).at(0).value<SessionData>(); | ||
1977 | 946 | result = response.data<PluginTokenData>(); | ||
1978 | 947 | QCOMPARE(result.AccessToken(), QString("testtoken.")); | ||
1979 | 948 | QCOMPARE(result.ExpiresIn(), 4776); | ||
1980 | 949 | QCOMPARE(result.Scope(), QStringList() << "scope2"); | ||
1981 | 950 | resultSpy.clear(); | ||
1982 | 951 | store.clear(); | ||
1983 | 952 | |||
1984 | 953 | //valid data | ||
1985 | 954 | info.setUrlResponse(QString("http://www.facebook.com/connect/login_success.html" | ||
1986 | 955 | "#state=%1&access_token=testtoken."). | ||
1987 | 956 | arg(state)); | ||
1988 | 957 | m_testPlugin->userActionFinished(info); | ||
1989 | 958 | QTRY_COMPARE(resultSpy.count(), 1); | ||
1990 | 959 | response = resultSpy.at(0).at(0).value<SessionData>(); | ||
1991 | 960 | result = response.data<PluginTokenData>(); | ||
1992 | 961 | QCOMPARE(result.AccessToken(), QString("testtoken.")); | ||
1993 | 962 | QCOMPARE(result.ExpiresIn(), 0); | ||
1994 | 963 | resultSpy.clear(); | ||
1995 | 964 | /* Check that the expiration time has not been stored, since the expiration | ||
1996 | 965 | * time was not given (https://bugs.launchpad.net/bugs/1316021) | ||
1997 | 966 | */ | ||
1998 | 967 | QTRY_COMPARE(store.count(), 1); | ||
1999 | 968 | storedData = store.at(0).at(0).value<SessionData>(); | ||
2000 | 969 | storedTokenData = storedData.data<TokenData>().Tokens(); | ||
2001 | 970 | storedClientData = storedTokenData.value(data.ClientId()).toMap(); | ||
2002 | 971 | QVERIFY(!storedClientData.isEmpty()); | ||
2003 | 972 | QCOMPARE(storedClientData["Token"].toString(), QString("testtoken.")); | ||
2004 | 973 | QVERIFY(!storedClientData.contains("Expiry")); | ||
2005 | 974 | store.clear(); | ||
2006 | 975 | |||
2007 | 976 | //Permission denied | ||
2008 | 977 | info.setUrlResponse(QString("http://www.facebook.com/connect/login_success.html?error=user_denied")); | ||
2009 | 978 | m_testPlugin->userActionFinished(info); | ||
2010 | 979 | QTRY_COMPARE(error.count(), 1); | ||
2011 | 980 | QCOMPARE(error.at(0).at(0).value<Error>().type(), int(Error::NotAuthorized)); | ||
2012 | 981 | error.clear(); | ||
2013 | 982 | } | ||
2014 | 983 | |||
2015 | 984 | void PluginTest::testPluginWebserverUserActionFinished_data() | ||
2016 | 985 | { | ||
2017 | 986 | QTest::addColumn<QString>("urlResponse"); | ||
2018 | 987 | QTest::addColumn<int>("errorCode"); | ||
2019 | 988 | QTest::addColumn<QString>("postUrl"); | ||
2020 | 989 | QTest::addColumn<QString>("postContents"); | ||
2021 | 990 | QTest::addColumn<bool>("disableStateParameter"); | ||
2022 | 991 | QTest::addColumn<int>("replyStatusCode"); | ||
2023 | 992 | QTest::addColumn<QString>("replyContentType"); | ||
2024 | 993 | QTest::addColumn<QString>("replyContents"); | ||
2025 | 994 | QTest::addColumn<QVariantMap>("response"); | ||
2026 | 995 | |||
2027 | 996 | QVariantMap response; | ||
2028 | 997 | |||
2029 | 998 | QTest::newRow("empty data") << | ||
2030 | 999 | "" << | ||
2031 | 1000 | int(Error::NotAuthorized) << | ||
2032 | 1001 | "" << "" << false << 0 << "" << "" << QVariantMap(); | ||
2033 | 1002 | |||
2034 | 1003 | QTest::newRow("no query data") << | ||
2035 | 1004 | "http://localhost/resp.html" << | ||
2036 | 1005 | int(Error::NotAuthorized) << | ||
2037 | 1006 | "" << "" << false << 0 << "" << "" << QVariantMap(); | ||
2038 | 1007 | |||
2039 | 1008 | QTest::newRow("permission denied") << | ||
2040 | 1009 | "http://localhost/resp.html?error=user_denied&$state" << | ||
2041 | 1010 | int(Error::NotAuthorized) << | ||
2042 | 1011 | "" << "" << false << 0 << "" << "" << QVariantMap(); | ||
2043 | 1012 | |||
2044 | 1013 | QTest::newRow("invalid data") << | ||
2045 | 1014 | "http://localhost/resp.html?sdsdsds=access.grant." << | ||
2046 | 1015 | int(Error::NotAuthorized) << | ||
2047 | 1016 | "" << "" << false << 0 << "" << "" << QVariantMap(); | ||
2048 | 1017 | |||
2049 | 1018 | QTest::newRow("reply code, http error 401") << | ||
2050 | 1019 | "http://localhost/resp.html?code=c0d3&$state" << | ||
2051 | 1020 | int(Error::OperationFailed) << | ||
2052 | 1021 | "https://localhost/access_token" << | ||
2053 | 1022 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2054 | 1023 | false << | ||
2055 | 1024 | int(401) << | ||
2056 | 1025 | "application/json" << | ||
2057 | 1026 | "something else" << | ||
2058 | 1027 | QVariantMap(); | ||
2059 | 1028 | |||
2060 | 1029 | QTest::newRow("reply code, empty reply") << | ||
2061 | 1030 | "http://localhost/resp.html?code=c0d3&$state" << | ||
2062 | 1031 | int(Error::NotAuthorized) << | ||
2063 | 1032 | "https://localhost/access_token" << | ||
2064 | 1033 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2065 | 1034 | false << | ||
2066 | 1035 | int(200) << | ||
2067 | 1036 | "application/json" << | ||
2068 | 1037 | "something else" << | ||
2069 | 1038 | QVariantMap(); | ||
2070 | 1039 | |||
2071 | 1040 | QTest::newRow("reply code, no access token") << | ||
2072 | 1041 | "http://localhost/resp.html?code=c0d3&$state" << | ||
2073 | 1042 | int(Error::NotAuthorized) << | ||
2074 | 1043 | "https://localhost/access_token" << | ||
2075 | 1044 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2076 | 1045 | false << | ||
2077 | 1046 | int(200) << | ||
2078 | 1047 | "application/json" << | ||
2079 | 1048 | "{ \"expires_in\": 3600 }" << | ||
2080 | 1049 | QVariantMap(); | ||
2081 | 1050 | |||
2082 | 1051 | QTest::newRow("reply code, no content type") << | ||
2083 | 1052 | "http://localhost/resp.html?code=c0d3&$state" << | ||
2084 | 1053 | int(Error::OperationFailed) << | ||
2085 | 1054 | "https://localhost/access_token" << | ||
2086 | 1055 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2087 | 1056 | false << | ||
2088 | 1057 | int(200) << | ||
2089 | 1058 | "" << | ||
2090 | 1059 | "something else" << | ||
2091 | 1060 | QVariantMap(); | ||
2092 | 1061 | |||
2093 | 1062 | QTest::newRow("reply code, unsupported content type") << | ||
2094 | 1063 | "http://localhost/resp.html?code=c0d3&$state" << | ||
2095 | 1064 | int(Error::OperationFailed) << | ||
2096 | 1065 | "https://localhost/access_token" << | ||
2097 | 1066 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2098 | 1067 | false << | ||
2099 | 1068 | int(200) << | ||
2100 | 1069 | "image/jpeg" << | ||
2101 | 1070 | "something else" << | ||
2102 | 1071 | QVariantMap(); | ||
2103 | 1072 | |||
2104 | 1073 | response.clear(); | ||
2105 | 1074 | response.insert("AccessToken", "t0k3n"); | ||
2106 | 1075 | response.insert("ExpiresIn", int(3600)); | ||
2107 | 1076 | response.insert("RefreshToken", QString()); | ||
2108 | 1077 | QTest::newRow("reply code, valid token, wrong state") << | ||
2109 | 1078 | "http://localhost/resp.html?code=c0d3&$wrongstate" << | ||
2110 | 1079 | int(Error::NotAuthorized) << | ||
2111 | 1080 | "" << | ||
2112 | 1081 | "" << | ||
2113 | 1082 | false << | ||
2114 | 1083 | int(200) << | ||
2115 | 1084 | "application/json" << | ||
2116 | 1085 | "{ \"access_token\":\"t0k3n\", \"expires_in\": 3600 }" << | ||
2117 | 1086 | response; | ||
2118 | 1087 | |||
2119 | 1088 | response.clear(); | ||
2120 | 1089 | response.insert("AccessToken", "t0k3n"); | ||
2121 | 1090 | response.insert("ExpiresIn", int(3600)); | ||
2122 | 1091 | response.insert("RefreshToken", QString()); | ||
2123 | 1092 | response.insert("Scope", QStringList() << "one" << "two"); | ||
2124 | 1093 | QTest::newRow("reply code, valid token, wrong state ignored") << | ||
2125 | 1094 | "http://localhost/resp.html?code=c0d3&$wrongstate" << | ||
2126 | 1095 | int(-1) << | ||
2127 | 1096 | "https://localhost/access_token" << | ||
2128 | 1097 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2129 | 1098 | true << | ||
2130 | 1099 | int(200) << | ||
2131 | 1100 | "application/json" << | ||
2132 | 1101 | "{ \"access_token\":\"t0k3n\", \"expires_in\": 3600, " | ||
2133 | 1102 | "\"scope\": \"one two\" }" << | ||
2134 | 1103 | response; | ||
2135 | 1104 | |||
2136 | 1105 | response.clear(); | ||
2137 | 1106 | response.insert("AccessToken", "t0k3n"); | ||
2138 | 1107 | response.insert("ExpiresIn", int(3600)); | ||
2139 | 1108 | response.insert("RefreshToken", QString()); | ||
2140 | 1109 | response.insert("Scope", QStringList() << "one" << "two" << "three"); | ||
2141 | 1110 | QTest::newRow("reply code, valid token, no scope") << | ||
2142 | 1111 | "http://localhost/resp.html?code=c0d3&$state" << | ||
2143 | 1112 | int(-1) << | ||
2144 | 1113 | "https://localhost/access_token" << | ||
2145 | 1114 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2146 | 1115 | false << | ||
2147 | 1116 | int(200) << | ||
2148 | 1117 | "application/json" << | ||
2149 | 1118 | "{ \"access_token\":\"t0k3n\", \"expires_in\": 3600 }" << | ||
2150 | 1119 | response; | ||
2151 | 1120 | |||
2152 | 1121 | response.clear(); | ||
2153 | 1122 | response.insert("AccessToken", "t0k3n"); | ||
2154 | 1123 | response.insert("ExpiresIn", int(3600)); | ||
2155 | 1124 | response.insert("RefreshToken", QString()); | ||
2156 | 1125 | response.insert("Scope", QStringList()); | ||
2157 | 1126 | QTest::newRow("reply code, valid token, empty scope") << | ||
2158 | 1127 | "http://localhost/resp.html?code=c0d3&$state" << | ||
2159 | 1128 | int(-1) << | ||
2160 | 1129 | "https://localhost/access_token" << | ||
2161 | 1130 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2162 | 1131 | false << | ||
2163 | 1132 | int(200) << | ||
2164 | 1133 | "application/json" << | ||
2165 | 1134 | "{ \"access_token\":\"t0k3n\", \"expires_in\": 3600, \"scope\": \"\" }" << | ||
2166 | 1135 | response; | ||
2167 | 1136 | |||
2168 | 1137 | response.clear(); | ||
2169 | 1138 | response.insert("AccessToken", "t0k3n"); | ||
2170 | 1139 | response.insert("ExpiresIn", int(3600)); | ||
2171 | 1140 | response.insert("RefreshToken", QString()); | ||
2172 | 1141 | response.insert("Scope", QStringList() << "one" << "two"); | ||
2173 | 1142 | QTest::newRow("reply code, valid token, other scope") << | ||
2174 | 1143 | "http://localhost/resp.html?code=c0d3&$state" << | ||
2175 | 1144 | int(-1) << | ||
2176 | 1145 | "https://localhost/access_token" << | ||
2177 | 1146 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2178 | 1147 | false << | ||
2179 | 1148 | int(200) << | ||
2180 | 1149 | "application/json" << | ||
2181 | 1150 | "{ \"access_token\":\"t0k3n\", \"expires_in\": 3600, " | ||
2182 | 1151 | "\"scope\": \"one two\" }" << | ||
2183 | 1152 | response; | ||
2184 | 1153 | |||
2185 | 1154 | response.clear(); | ||
2186 | 1155 | QTest::newRow("reply code, facebook, no token") << | ||
2187 | 1156 | "http://localhost/resp.html?code=c0d3&$state" << | ||
2188 | 1157 | int(Error::NotAuthorized) << | ||
2189 | 1158 | "https://localhost/access_token" << | ||
2190 | 1159 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2191 | 1160 | false << | ||
2192 | 1161 | int(200) << | ||
2193 | 1162 | "text/plain" << | ||
2194 | 1163 | "expires=3600" << | ||
2195 | 1164 | response; | ||
2196 | 1165 | |||
2197 | 1166 | response.clear(); | ||
2198 | 1167 | response.insert("AccessToken", "t0k3n"); | ||
2199 | 1168 | response.insert("ExpiresIn", int(3600)); | ||
2200 | 1169 | response.insert("RefreshToken", QString()); | ||
2201 | 1170 | response.insert("Scope", QStringList() << "one" << "two" << "three"); | ||
2202 | 1171 | QTest::newRow("reply code, facebook, valid token") << | ||
2203 | 1172 | "http://localhost/resp.html?code=c0d3&$state" << | ||
2204 | 1173 | int(-1) << | ||
2205 | 1174 | "https://localhost/access_token" << | ||
2206 | 1175 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2207 | 1176 | false << | ||
2208 | 1177 | int(200) << | ||
2209 | 1178 | "text/plain" << | ||
2210 | 1179 | "access_token=t0k3n&expires=3600" << | ||
2211 | 1180 | response; | ||
2212 | 1181 | |||
2213 | 1182 | response.clear(); | ||
2214 | 1183 | response.insert("AccessToken", "t0k3n"); | ||
2215 | 1184 | response.insert("ExpiresIn", int(3600)); | ||
2216 | 1185 | response.insert("RefreshToken", QString()); | ||
2217 | 1186 | response.insert("Scope", QStringList() << "one" << "two" << "three"); | ||
2218 | 1187 | QTest::newRow("username-password, valid token") << | ||
2219 | 1188 | "http://localhost/resp.html?username=us3r&password=s3cr3t" << | ||
2220 | 1189 | int(-1) << | ||
2221 | 1190 | "https://localhost/access_token" << | ||
2222 | 1191 | "grant_type=user_basic&username=us3r&password=s3cr3t" << | ||
2223 | 1192 | false << | ||
2224 | 1193 | int(200) << | ||
2225 | 1194 | "application/json" << | ||
2226 | 1195 | "{ \"access_token\":\"t0k3n\", \"expires_in\": 3600 }" << | ||
2227 | 1196 | response; | ||
2228 | 1197 | |||
2229 | 1198 | response.clear(); | ||
2230 | 1199 | response.insert("AccessToken", "t0k3n"); | ||
2231 | 1200 | response.insert("ExpiresIn", int(3600)); | ||
2232 | 1201 | response.insert("RefreshToken", QString()); | ||
2233 | 1202 | response.insert("Scope", QStringList() << "one" << "two" << "three"); | ||
2234 | 1203 | QTest::newRow("assertion, valid token") << | ||
2235 | 1204 | "http://localhost/resp.html?assertion_type=http://oauth.net/token/1.0" | ||
2236 | 1205 | "&assertion=oauth1t0k3n" << | ||
2237 | 1206 | int(-1) << | ||
2238 | 1207 | "https://localhost/access_token" << | ||
2239 | 1208 | "grant_type=assertion&assertion_type=http://oauth.net/token/1.0&assertion=oauth1t0k3n" << | ||
2240 | 1209 | false << | ||
2241 | 1210 | int(200) << | ||
2242 | 1211 | "application/json" << | ||
2243 | 1212 | "{ \"access_token\":\"t0k3n\", \"expires_in\": 3600 }" << | ||
2244 | 1213 | response; | ||
2245 | 1214 | |||
2246 | 1215 | response.clear(); | ||
2247 | 1216 | response.insert("AccessToken", "t0k3n"); | ||
2248 | 1217 | response.insert("ExpiresIn", int(3600)); | ||
2249 | 1218 | response.insert("RefreshToken", QString()); | ||
2250 | 1219 | response.insert("Scope", QStringList() << "one" << "two" << "three"); | ||
2251 | 1220 | QTest::newRow("username-password, valid token, wrong content type") << | ||
2252 | 1221 | "http://localhost/resp.html?username=us3r&password=s3cr3t" << | ||
2253 | 1222 | int(-1) << | ||
2254 | 1223 | "https://localhost/access_token" << | ||
2255 | 1224 | "grant_type=user_basic&username=us3r&password=s3cr3t" << | ||
2256 | 1225 | false << | ||
2257 | 1226 | int(200) << | ||
2258 | 1227 | "text/plain" << | ||
2259 | 1228 | "{ \"access_token\":\"t0k3n\", \"expires_in\": 3600 }" << | ||
2260 | 1229 | response; | ||
2261 | 1230 | } | ||
2262 | 1231 | |||
2263 | 1232 | void PluginTest::testPluginWebserverUserActionFinished() | ||
2264 | 1233 | { | ||
2265 | 1234 | QFETCH(QString, urlResponse); | ||
2266 | 1235 | QFETCH(int, errorCode); | ||
2267 | 1236 | QFETCH(QString, postUrl); | ||
2268 | 1237 | QFETCH(QString, postContents); | ||
2269 | 1238 | QFETCH(bool, disableStateParameter); | ||
2270 | 1239 | QFETCH(int, replyStatusCode); | ||
2271 | 1240 | QFETCH(QString, replyContentType); | ||
2272 | 1241 | QFETCH(QString, replyContents); | ||
2273 | 1242 | QFETCH(QVariantMap, response); | ||
2274 | 1243 | |||
2275 | 1244 | SignOn::UiSessionData info; | ||
2276 | 1245 | PluginData data; | ||
2277 | 1246 | data.setHost("localhost"); | ||
2278 | 1247 | data.setAuthPath("authorize"); | ||
2279 | 1248 | data.setTokenPath("access_token"); | ||
2280 | 1249 | data.setClientId("104660106251471"); | ||
2281 | 1250 | data.setClientSecret("fa28f40b5a1f8c1d5628963d880636fbkjkjkj"); | ||
2282 | 1251 | data.setRedirectUri("http://localhost/resp.html"); | ||
2283 | 1252 | data.setScope(QStringList() << "one" << "two" << "three"); | ||
2284 | 1253 | data.setDisableStateParameter(disableStateParameter); | ||
2285 | 1254 | |||
2286 | 1255 | QSignalSpy result(m_testPlugin, SIGNAL(result(const SignOn::SessionData&))); | ||
2287 | 1256 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
2288 | 1257 | QSignalSpy userActionRequired(m_testPlugin, | ||
2289 | 1258 | SIGNAL(userActionRequired(const SignOn::UiSessionData&))); | ||
2290 | 1259 | |||
2291 | 1260 | TestNetworkAccessManager *nam = new TestNetworkAccessManager; | ||
2292 | 1261 | m_testPlugin->m_networkAccessManager = nam; | ||
2293 | 1262 | TestNetworkReply *reply = new TestNetworkReply(this); | ||
2294 | 1263 | reply->setStatusCode(replyStatusCode); | ||
2295 | 1264 | if (!replyContentType.isEmpty()) { | ||
2296 | 1265 | reply->setContentType(replyContentType); | ||
2297 | 1266 | } | ||
2298 | 1267 | reply->setContent(replyContents.toUtf8()); | ||
2299 | 1268 | nam->setNextReply(reply); | ||
2300 | 1269 | |||
2301 | 1270 | m_testPlugin->process(data, QString("web_server")); | ||
2302 | 1271 | QTRY_COMPARE(userActionRequired.count(), 1); | ||
2303 | 1272 | QString state = parseState(userActionRequired); | ||
2304 | 1273 | |||
2305 | 1274 | if (!urlResponse.isEmpty()) { | ||
2306 | 1275 | urlResponse.replace("$state", QString("state=") + state); | ||
2307 | 1276 | urlResponse.replace("$wrongstate", QString("state=12") + state); | ||
2308 | 1277 | info.setUrlResponse(urlResponse); | ||
2309 | 1278 | } | ||
2310 | 1279 | |||
2311 | 1280 | m_testPlugin->userActionFinished(info); | ||
2312 | 1281 | |||
2313 | 1282 | QTRY_COMPARE(error.count(), errorCode < 0 ? 0 : 1); | ||
2314 | 1283 | QTRY_COMPARE(result.count(), errorCode < 0 ? 1 : 0); | ||
2315 | 1284 | if (errorCode >= 0) { | ||
2316 | 1285 | QCOMPARE(error.at(0).at(0).value<Error>().type(), errorCode); | ||
2317 | 1286 | } else { | ||
2318 | 1287 | QCOMPARE(result.at(0).at(0).value<SessionData>().toMap(), response); | ||
2319 | 1288 | } | ||
2320 | 1289 | QCOMPARE(nam->m_lastRequest.url(), QUrl(postUrl)); | ||
2321 | 1290 | QCOMPARE(QString::fromUtf8(nam->m_lastRequestData), postContents); | ||
2322 | 1291 | |||
2323 | 1292 | delete nam; | ||
2324 | 1293 | } | ||
2325 | 1294 | |||
2326 | 1295 | void PluginTest::testUserActionFinishedErrors_data() | ||
2327 | 1296 | { | ||
2328 | 1297 | QTest::addColumn<int>("uiError"); | ||
2329 | 1298 | QTest::addColumn<int>("expectedErrorCode"); | ||
2330 | 1299 | |||
2331 | 1300 | QTest::newRow("user canceled") << | ||
2332 | 1301 | int(QUERY_ERROR_CANCELED) << | ||
2333 | 1302 | int(Error::SessionCanceled); | ||
2334 | 1303 | |||
2335 | 1304 | QTest::newRow("network error") << | ||
2336 | 1305 | int(QUERY_ERROR_NETWORK) << | ||
2337 | 1306 | int(Error::Network); | ||
2338 | 1307 | |||
2339 | 1308 | QTest::newRow("SSL error") << | ||
2340 | 1309 | int(QUERY_ERROR_SSL) << | ||
2341 | 1310 | int(Error::Ssl); | ||
2342 | 1311 | |||
2343 | 1312 | QTest::newRow("generic") << | ||
2344 | 1313 | int(QUERY_ERROR_NOT_AVAILABLE) << | ||
2345 | 1314 | int(Error::UserInteraction); | ||
2346 | 1315 | } | ||
2347 | 1316 | |||
2348 | 1317 | void PluginTest::testUserActionFinishedErrors() | ||
2349 | 1318 | { | ||
2350 | 1319 | QFETCH(int, uiError); | ||
2351 | 1320 | QFETCH(int, expectedErrorCode); | ||
2352 | 1321 | |||
2353 | 1322 | SignOn::UiSessionData info; | ||
2354 | 1323 | PluginData data; | ||
2355 | 1324 | data.setHost("localhost"); | ||
2356 | 1325 | data.setAuthPath("authorize"); | ||
2357 | 1326 | data.setTokenPath("access_token"); | ||
2358 | 1327 | data.setClientId("104660106251471"); | ||
2359 | 1328 | data.setClientSecret("fa28f40b5a1f8c1d5628963d880636fbkjkjkj"); | ||
2360 | 1329 | data.setRedirectUri("http://localhost/resp.html"); | ||
2361 | 1330 | |||
2362 | 1331 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
2363 | 1332 | QSignalSpy userActionRequired(m_testPlugin, | ||
2364 | 1333 | SIGNAL(userActionRequired(const SignOn::UiSessionData&))); | ||
2365 | 1334 | |||
2366 | 1335 | m_testPlugin->process(data, QString("web_server")); | ||
2367 | 1336 | QTRY_COMPARE(userActionRequired.count(), 1); | ||
2368 | 1337 | |||
2369 | 1338 | info.setQueryErrorCode(uiError); | ||
2370 | 1339 | m_testPlugin->userActionFinished(info); | ||
2371 | 1340 | |||
2372 | 1341 | QTRY_COMPARE(error.count(), 1); | ||
2373 | 1342 | QCOMPARE(error.at(0).at(0).value<Error>().type(), expectedErrorCode); | ||
2374 | 1343 | } | ||
2375 | 1344 | |||
2376 | 1345 | void PluginTest::testOauth1UserActionFinished_data() | ||
2377 | 1346 | { | ||
2378 | 1347 | QTest::addColumn<QString>("mechanism"); | ||
2379 | 1348 | QTest::addColumn<QString>("urlResponse"); | ||
2380 | 1349 | QTest::addColumn<int>("errorCode"); | ||
2381 | 1350 | QTest::addColumn<QVariantMap>("expectedAuthMap"); | ||
2382 | 1351 | QTest::addColumn<int>("replyStatusCode"); | ||
2383 | 1352 | QTest::addColumn<QString>("replyContentType"); | ||
2384 | 1353 | QTest::addColumn<QString>("replyContents"); | ||
2385 | 1354 | QTest::addColumn<QVariantMap>("response"); | ||
2386 | 1355 | |||
2387 | 1356 | QTest::newRow("empty data") << | ||
2388 | 1357 | "HMAC-SHA1" << | ||
2389 | 1358 | "" << | ||
2390 | 1359 | int(Error::NotAuthorized) << | ||
2391 | 1360 | QVariantMap() << 0 << "" << "" << QVariantMap(); | ||
2392 | 1361 | |||
2393 | 1362 | QTest::newRow("auth error") << | ||
2394 | 1363 | "HMAC-SHA1" << | ||
2395 | 1364 | "http://localhost/resp.html?error=permission_denied" << | ||
2396 | 1365 | int(Error::NotAuthorized) << | ||
2397 | 1366 | QVariantMap() << 0 << "" << "" << QVariantMap(); | ||
2398 | 1367 | |||
2399 | 1368 | QTest::newRow("auth problem") << | ||
2400 | 1369 | "HMAC-SHA1" << | ||
2401 | 1370 | "http://localhost/resp.html?oauth_problem=permission_denied" << | ||
2402 | 1371 | int(Error::PermissionDenied) << | ||
2403 | 1372 | QVariantMap() << 0 << "" << "" << QVariantMap(); | ||
2404 | 1373 | |||
2405 | 1374 | QVariantMap authMap; | ||
2406 | 1375 | authMap.insert("oauth_verifier", QString("v3r1f13r")); | ||
2407 | 1376 | authMap.insert("oauth_token", QString("HiThere")); | ||
2408 | 1377 | QTest::newRow("http error 401") << | ||
2409 | 1378 | "HMAC-SHA1" << | ||
2410 | 1379 | "http://localhost/resp.html?oauth_verifier=v3r1f13r" << | ||
2411 | 1380 | int(Error::OperationFailed) << | ||
2412 | 1381 | authMap << | ||
2413 | 1382 | int(401) << | ||
2414 | 1383 | "text/plain" << | ||
2415 | 1384 | "something else" << | ||
2416 | 1385 | QVariantMap(); | ||
2417 | 1386 | |||
2418 | 1387 | QTest::newRow("empty reply") << | ||
2419 | 1388 | "HMAC-SHA1" << | ||
2420 | 1389 | "http://localhost/resp.html?oauth_verifier=v3r1f13r" << | ||
2421 | 1390 | int(Error::OperationFailed) << | ||
2422 | 1391 | authMap << | ||
2423 | 1392 | int(200) << | ||
2424 | 1393 | "text/plain" << | ||
2425 | 1394 | "" << | ||
2426 | 1395 | QVariantMap(); | ||
2427 | 1396 | |||
2428 | 1397 | QTest::newRow("missing secret") << | ||
2429 | 1398 | "HMAC-SHA1" << | ||
2430 | 1399 | "http://localhost/resp.html?oauth_verifier=v3r1f13r" << | ||
2431 | 1400 | int(Error::OperationFailed) << | ||
2432 | 1401 | authMap << | ||
2433 | 1402 | int(200) << | ||
2434 | 1403 | "text/plain" << | ||
2435 | 1404 | "oauth_token=t0k3n" << | ||
2436 | 1405 | QVariantMap(); | ||
2437 | 1406 | |||
2438 | 1407 | QVariantMap response; | ||
2439 | 1408 | response.insert("AccessToken", QString("t0k3n")); | ||
2440 | 1409 | response.insert("TokenSecret", QString("t0k3nS3cr3t")); | ||
2441 | 1410 | |||
2442 | 1411 | QTest::newRow("success") << | ||
2443 | 1412 | "HMAC-SHA1" << | ||
2444 | 1413 | "http://localhost/resp.html?oauth_verifier=v3r1f13r" << | ||
2445 | 1414 | int(-1) << | ||
2446 | 1415 | authMap << | ||
2447 | 1416 | int(200) << | ||
2448 | 1417 | "text/plain" << | ||
2449 | 1418 | "oauth_token=t0k3n&oauth_token_secret=t0k3nS3cr3t" << | ||
2450 | 1419 | response; | ||
2451 | 1420 | |||
2452 | 1421 | response.insert("ExtraField", QString("v4lu3")); | ||
2453 | 1422 | QTest::newRow("success with data") << | ||
2454 | 1423 | "HMAC-SHA1" << | ||
2455 | 1424 | "http://localhost/resp.html?oauth_verifier=v3r1f13r" << | ||
2456 | 1425 | int(-1) << | ||
2457 | 1426 | authMap << | ||
2458 | 1427 | int(200) << | ||
2459 | 1428 | "text/plain" << | ||
2460 | 1429 | "oauth_token=t0k3n&oauth_token_secret=t0k3nS3cr3t" | ||
2461 | 1430 | "&ExtraField=v4lu3" << | ||
2462 | 1431 | response; | ||
2463 | 1432 | } | ||
2464 | 1433 | |||
2465 | 1434 | void PluginTest::testOauth1UserActionFinished() | ||
2466 | 1435 | { | ||
2467 | 1436 | QFETCH(QString, mechanism); | ||
2468 | 1437 | QFETCH(QString, urlResponse); | ||
2469 | 1438 | QFETCH(int, errorCode); | ||
2470 | 1439 | QFETCH(QVariantMap, expectedAuthMap); | ||
2471 | 1440 | QFETCH(int, replyStatusCode); | ||
2472 | 1441 | QFETCH(QString, replyContentType); | ||
2473 | 1442 | QFETCH(QString, replyContents); | ||
2474 | 1443 | QFETCH(QVariantMap, response); | ||
2475 | 1444 | |||
2476 | 1445 | SignOn::UiSessionData info; | ||
2477 | 1446 | OAuth1PluginData data; | ||
2478 | 1447 | data.setRequestEndpoint("https://localhost/oauth/request_token"); | ||
2479 | 1448 | data.setTokenEndpoint("https://localhost/oauth/access_token"); | ||
2480 | 1449 | data.setAuthorizationEndpoint("https://localhost/oauth/authorize"); | ||
2481 | 1450 | data.setCallback("http://localhost/resp.html"); | ||
2482 | 1451 | data.setConsumerKey("104660106251471"); | ||
2483 | 1452 | data.setConsumerSecret("fa28f40b5a1f8c1d5628963d880636fbkjkjkj"); | ||
2484 | 1453 | data.setRealm("MyHost"); | ||
2485 | 1454 | |||
2486 | 1455 | QSignalSpy result(m_testPlugin, SIGNAL(result(const SignOn::SessionData&))); | ||
2487 | 1456 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
2488 | 1457 | QSignalSpy userActionRequired(m_testPlugin, | ||
2489 | 1458 | SIGNAL(userActionRequired(const SignOn::UiSessionData&))); | ||
2490 | 1459 | |||
2491 | 1460 | TestNetworkAccessManager *nam = new TestNetworkAccessManager; | ||
2492 | 1461 | m_testPlugin->m_networkAccessManager = nam; | ||
2493 | 1462 | TestNetworkReply *reply = new TestNetworkReply(this); | ||
2494 | 1463 | reply->setStatusCode(200); | ||
2495 | 1464 | reply->setContentType("text/plain"); | ||
2496 | 1465 | reply->setContent("oauth_token=HiThere&oauth_token_secret=BigSecret"); | ||
2497 | 1466 | nam->setNextReply(reply); | ||
2498 | 1467 | |||
2499 | 1468 | m_testPlugin->process(data, mechanism); | ||
2500 | 1469 | QTRY_COMPARE(userActionRequired.count(), 1); | ||
2501 | 1470 | |||
2502 | 1471 | nam->m_lastRequest = QNetworkRequest(); | ||
2503 | 1472 | nam->m_lastRequestData = QByteArray(); | ||
2504 | 1473 | |||
2505 | 1474 | reply = new TestNetworkReply(this); | ||
2506 | 1475 | reply->setStatusCode(replyStatusCode); | ||
2507 | 1476 | if (!replyContentType.isEmpty()) { | ||
2508 | 1477 | reply->setContentType(replyContentType); | ||
2509 | 1478 | } | ||
2510 | 1479 | reply->setContent(replyContents.toUtf8()); | ||
2511 | 1480 | nam->setNextReply(reply); | ||
2512 | 1481 | |||
2513 | 1482 | if (!urlResponse.isEmpty()) { | ||
2514 | 1483 | info.setUrlResponse(urlResponse); | ||
2515 | 1484 | } | ||
2516 | 1485 | |||
2517 | 1486 | m_testPlugin->userActionFinished(info); | ||
2518 | 1487 | QTRY_COMPARE(error.count(), errorCode < 0 ? 0 : 1); | ||
2519 | 1488 | QTRY_COMPARE(result.count(), errorCode < 0 ? 1 : 0); | ||
2520 | 1489 | QVariantMap resp; | ||
2521 | 1490 | if (errorCode >= 0) { | ||
2522 | 1491 | QCOMPARE(error.at(0).at(0).value<Error>().type(), errorCode); | ||
2523 | 1492 | } else { | ||
2524 | 1493 | resp = result.at(0).at(0).value<SessionData>().toMap(); | ||
2525 | 1494 | QVERIFY(mapIsSubset(response, resp)); | ||
2526 | 1495 | } | ||
2527 | 1496 | |||
2528 | 1497 | if (!expectedAuthMap.isEmpty()) { | ||
2529 | 1498 | QCOMPARE(nam->m_lastRequest.url().toString(), data.TokenEndpoint()); | ||
2530 | 1499 | QVERIFY(nam->m_lastRequestData.isEmpty()); | ||
2531 | 1500 | |||
2532 | 1501 | QString authorizationHeader = | ||
2533 | 1502 | QString::fromUtf8(nam->m_lastRequest.rawHeader("Authorization")); | ||
2534 | 1503 | QStringList authorizationHeaderParts = | ||
2535 | 1504 | authorizationHeader.split(QRegExp(",?\\s+")); | ||
2536 | 1505 | QCOMPARE(authorizationHeaderParts[0], QString("OAuth")); | ||
2537 | 1506 | |||
2538 | 1507 | /* The rest of the header should be a mapping, let's parse it */ | ||
2539 | 1508 | bool ok = true; | ||
2540 | 1509 | QVariantMap authMap = | ||
2541 | 1510 | parseAuthorizationHeader(authorizationHeaderParts.mid(1), &ok); | ||
2542 | 1511 | QVERIFY(ok); | ||
2543 | 1512 | QCOMPARE(authMap.value("oauth_signature_method").toString(), mechanism); | ||
2544 | 1513 | QVERIFY(mapIsSubset(expectedAuthMap, authMap)); | ||
2545 | 1514 | } | ||
2546 | 1515 | |||
2547 | 1516 | delete nam; | ||
2548 | 1517 | } | ||
2549 | 1518 | |||
2550 | 1519 | void PluginTest::testErrors_data() | ||
2551 | 1520 | { | ||
2552 | 1521 | QTest::addColumn<QString>("replyContents"); | ||
2553 | 1522 | QTest::addColumn<int>("expectedErrorCode"); | ||
2554 | 1523 | |||
2555 | 1524 | QTest::newRow("incorrect_client_credentials") << | ||
2556 | 1525 | "{ \"error\": \"incorrect_client_credentials\" }" << | ||
2557 | 1526 | int(Error::InvalidCredentials); | ||
2558 | 1527 | |||
2559 | 1528 | QTest::newRow("redirect_uri_mismatch") << | ||
2560 | 1529 | "{ \"error\": \"redirect_uri_mismatch\" }" << | ||
2561 | 1530 | int(Error::InvalidCredentials); | ||
2562 | 1531 | |||
2563 | 1532 | QTest::newRow("bad_authorization_code") << | ||
2564 | 1533 | "{ \"error\": \"bad_authorization_code\" }" << | ||
2565 | 1534 | int(Error::InvalidCredentials); | ||
2566 | 1535 | |||
2567 | 1536 | QTest::newRow("invalid_client_credentials") << | ||
2568 | 1537 | "{ \"error\": \"invalid_client_credentials\" }" << | ||
2569 | 1538 | int(Error::InvalidCredentials); | ||
2570 | 1539 | |||
2571 | 1540 | QTest::newRow("unauthorized_client") << | ||
2572 | 1541 | "{ \"error\": \"unauthorized_client\" }" << | ||
2573 | 1542 | int(Error::NotAuthorized); | ||
2574 | 1543 | |||
2575 | 1544 | QTest::newRow("invalid_assertion") << | ||
2576 | 1545 | "{ \"error\": \"invalid_assertion\" }" << | ||
2577 | 1546 | int(Error::InvalidCredentials); | ||
2578 | 1547 | |||
2579 | 1548 | QTest::newRow("unknown_format") << | ||
2580 | 1549 | "{ \"error\": \"unknown_format\" }" << | ||
2581 | 1550 | int(Error::InvalidQuery); | ||
2582 | 1551 | |||
2583 | 1552 | QTest::newRow("authorization_expired") << | ||
2584 | 1553 | "{ \"error\": \"authorization_expired\" }" << | ||
2585 | 1554 | int(Error::InvalidCredentials); | ||
2586 | 1555 | |||
2587 | 1556 | QTest::newRow("multiple_credentials") << | ||
2588 | 1557 | "{ \"error\": \"multiple_credentials\" }" << | ||
2589 | 1558 | int(Error::InvalidQuery); | ||
2590 | 1559 | |||
2591 | 1560 | QTest::newRow("invalid_user_credentials") << | ||
2592 | 1561 | "{ \"error\": \"invalid_user_credentials\" }" << | ||
2593 | 1562 | int(Error::InvalidCredentials); | ||
2594 | 1563 | } | ||
2595 | 1564 | |||
2596 | 1565 | void PluginTest::testErrors() | ||
2597 | 1566 | { | ||
2598 | 1567 | QFETCH(QString, replyContents); | ||
2599 | 1568 | QFETCH(int, expectedErrorCode); | ||
2600 | 1569 | |||
2601 | 1570 | SignOn::UiSessionData info; | ||
2602 | 1571 | PluginData data; | ||
2603 | 1572 | data.setHost("localhost"); | ||
2604 | 1573 | data.setAuthPath("authorize"); | ||
2605 | 1574 | data.setTokenPath("access_token"); | ||
2606 | 1575 | data.setClientId("104660106251471"); | ||
2607 | 1576 | data.setClientSecret("fa28f40b5a1f8c1d5628963d880636fbkjkjkj"); | ||
2608 | 1577 | data.setRedirectUri("http://localhost/resp.html"); | ||
2609 | 1578 | |||
2610 | 1579 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
2611 | 1580 | QSignalSpy userActionRequired(m_testPlugin, | ||
2612 | 1581 | SIGNAL(userActionRequired(const SignOn::UiSessionData&))); | ||
2613 | 1582 | |||
2614 | 1583 | TestNetworkAccessManager *nam = new TestNetworkAccessManager; | ||
2615 | 1584 | m_testPlugin->m_networkAccessManager = nam; | ||
2616 | 1585 | TestNetworkReply *reply = new TestNetworkReply(this); | ||
2617 | 1586 | reply->setStatusCode(401); | ||
2618 | 1587 | reply->setContentType("application/json"); | ||
2619 | 1588 | reply->setContent(replyContents.toUtf8()); | ||
2620 | 1589 | nam->setNextReply(reply); | ||
2621 | 1590 | |||
2622 | 1591 | m_testPlugin->process(data, QString("web_server")); | ||
2623 | 1592 | QTRY_COMPARE(userActionRequired.count(), 1); | ||
2624 | 1593 | QString state = parseState(userActionRequired); | ||
2625 | 1594 | |||
2626 | 1595 | info.setUrlResponse("http://localhost/resp.html?code=c0d3&state=" + state); | ||
2627 | 1596 | m_testPlugin->userActionFinished(info); | ||
2628 | 1597 | |||
2629 | 1598 | QTRY_COMPARE(error.count(), 1); | ||
2630 | 1599 | QCOMPARE(error.at(0).at(0).value<Error>().type(), expectedErrorCode); | ||
2631 | 1600 | |||
2632 | 1601 | delete nam; | ||
2633 | 1602 | } | ||
2634 | 1603 | |||
2635 | 1604 | void PluginTest::testRefreshToken_data() | ||
2636 | 1605 | { | ||
2637 | 1606 | QTest::addColumn<QVariantMap>("sessionData"); | ||
2638 | 1607 | QTest::addColumn<QVariantMap>("expectedResponse"); | ||
2639 | 1608 | |||
2640 | 1609 | PluginData data; | ||
2641 | 1610 | data.setHost("localhost"); | ||
2642 | 1611 | data.setAuthPath("authorize"); | ||
2643 | 1612 | data.setTokenPath("access_token"); | ||
2644 | 1613 | data.setClientId("104660106251471"); | ||
2645 | 1614 | data.setClientSecret("fa28f40b5a1f8c1d5628963d880636fbkjkjkj"); | ||
2646 | 1615 | data.setRedirectUri("http://localhost/resp.html"); | ||
2647 | 1616 | |||
2648 | 1617 | QVariantMap tokens; | ||
2649 | 1618 | QVariantMap token; | ||
2650 | 1619 | token.insert("Token", QLatin1String("tokenfromtest")); | ||
2651 | 1620 | token.insert("timestamp", QDateTime::currentDateTime().toTime_t() - 10000); | ||
2652 | 1621 | token.insert("Expiry", 1000); | ||
2653 | 1622 | token.insert("refresh_token", QString("r3fr3sh")); | ||
2654 | 1623 | tokens.insert(data.ClientId(), QVariant::fromValue(token)); | ||
2655 | 1624 | data.m_data.insert("Tokens", tokens); | ||
2656 | 1625 | |||
2657 | 1626 | QVariantMap response; | ||
2658 | 1627 | response.insert("AccessToken", "n3w-t0k3n"); | ||
2659 | 1628 | response.insert("ExpiresIn", 3600); | ||
2660 | 1629 | response.insert("RefreshToken", QString()); | ||
2661 | 1630 | response.insert("Scope", QStringList()); | ||
2662 | 1631 | |||
2663 | 1632 | QTest::newRow("expired access token") << data.toMap() << response; | ||
2664 | 1633 | |||
2665 | 1634 | token.insert("timestamp", QDateTime::currentDateTime().toTime_t()); | ||
2666 | 1635 | token.insert("Expiry", 50000); | ||
2667 | 1636 | tokens.insert(data.ClientId(), QVariant::fromValue(token)); | ||
2668 | 1637 | data.m_data.insert("Tokens", tokens); | ||
2669 | 1638 | data.setForceTokenRefresh(true); | ||
2670 | 1639 | QTest::newRow("valid access token, force refresh") << data.toMap() << response; | ||
2671 | 1640 | } | ||
2672 | 1641 | |||
2673 | 1642 | void PluginTest::testRefreshToken() | ||
2674 | 1643 | { | ||
2675 | 1644 | QFETCH(QVariantMap, sessionData); | ||
2676 | 1645 | QFETCH(QVariantMap, expectedResponse); | ||
2677 | 1646 | |||
2678 | 1647 | SignOn::UiSessionData info; | ||
2679 | 1648 | |||
2680 | 1649 | QSignalSpy result(m_testPlugin, SIGNAL(result(const SignOn::SessionData&))); | ||
2681 | 1650 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
2682 | 1651 | |||
2683 | 1652 | TestNetworkAccessManager *nam = new TestNetworkAccessManager; | ||
2684 | 1653 | m_testPlugin->m_networkAccessManager = nam; | ||
2685 | 1654 | TestNetworkReply *reply = new TestNetworkReply(this); | ||
2686 | 1655 | reply->setStatusCode(200); | ||
2687 | 1656 | reply->setContentType("application/json"); | ||
2688 | 1657 | reply->setContent("{ \"access_token\":\"n3w-t0k3n\", \"expires_in\": 3600 }"); | ||
2689 | 1658 | nam->setNextReply(reply); | ||
2690 | 1659 | |||
2691 | 1660 | m_testPlugin->process(sessionData, QString("web_server")); | ||
2692 | 1661 | QTRY_COMPARE(result.count(), 1); | ||
2693 | 1662 | QCOMPARE(error.count(), 0); | ||
2694 | 1663 | |||
2695 | 1664 | QCOMPARE(nam->m_lastRequest.url(), QUrl("https://localhost/access_token")); | ||
2696 | 1665 | QCOMPARE(QString::fromUtf8(nam->m_lastRequestData), | ||
2697 | 1666 | QString("grant_type=refresh_token&refresh_token=r3fr3sh")); | ||
2698 | 1667 | |||
2699 | 1668 | QCOMPARE(result.at(0).at(0).value<SessionData>().toMap(), expectedResponse); | ||
2700 | 1669 | |||
2701 | 1670 | delete nam; | ||
2702 | 1671 | } | ||
2703 | 1672 | |||
2704 | 1673 | void PluginTest::testRefreshTokenError_data() | ||
2705 | 1674 | { | ||
2706 | 1675 | QTest::addColumn<int>("replyErrorCode"); | ||
2707 | 1676 | QTest::addColumn<int>("replyStatusCode"); | ||
2708 | 1677 | QTest::addColumn<QString>("replyContents"); | ||
2709 | 1678 | QTest::addColumn<int>("expectedError"); | ||
2710 | 1679 | |||
2711 | 1680 | QTest::newRow("invalid grant, 400") << | ||
2712 | 1681 | int(QNetworkReply::ProtocolInvalidOperationError) << | ||
2713 | 1682 | int(400) << | ||
2714 | 1683 | "{ \"error\":\"invalid_grant\" }" << | ||
2715 | 1684 | int(-1); | ||
2716 | 1685 | |||
2717 | 1686 | QTest::newRow("invalid grant, 401") << | ||
2718 | 1687 | int(QNetworkReply::ContentAccessDenied) << | ||
2719 | 1688 | int(401) << | ||
2720 | 1689 | "{ \"error\":\"invalid_grant\" }" << | ||
2721 | 1690 | int(-1); | ||
2722 | 1691 | |||
2723 | 1692 | QTest::newRow("invalid grant, 401, no error signal") << | ||
2724 | 1693 | int(-1) << | ||
2725 | 1694 | int(401) << | ||
2726 | 1695 | "{ \"error\":\"invalid_grant\" }" << | ||
2727 | 1696 | int(-1); | ||
2728 | 1697 | |||
2729 | 1698 | QTest::newRow("temporary network failure") << | ||
2730 | 1699 | int(QNetworkReply::TemporaryNetworkFailureError) << | ||
2731 | 1700 | int(-1) << | ||
2732 | 1701 | "" << | ||
2733 | 1702 | int(Error::NoConnection); | ||
2734 | 1703 | } | ||
2735 | 1704 | |||
2736 | 1705 | void PluginTest::testRefreshTokenError() | ||
2737 | 1706 | { | ||
2738 | 1707 | QFETCH(int, replyErrorCode); | ||
2739 | 1708 | QFETCH(int, replyStatusCode); | ||
2740 | 1709 | QFETCH(QString, replyContents); | ||
2741 | 1710 | QFETCH(int, expectedError); | ||
2742 | 1711 | |||
2743 | 1712 | PluginData data; | ||
2744 | 1713 | data.setHost("localhost"); | ||
2745 | 1714 | data.setAuthPath("authorize"); | ||
2746 | 1715 | data.setTokenPath("access_token"); | ||
2747 | 1716 | data.setClientId("104660106251471"); | ||
2748 | 1717 | data.setClientSecret("fa28f40b5a1f8c1d5628963d880636fbkjkjkj"); | ||
2749 | 1718 | data.setRedirectUri("http://localhost/resp.html"); | ||
2750 | 1719 | |||
2751 | 1720 | QVariantMap tokens; | ||
2752 | 1721 | QVariantMap token; | ||
2753 | 1722 | token.insert("Token", QLatin1String("tokenfromtest")); | ||
2754 | 1723 | token.insert("timestamp", QDateTime::currentDateTime().toTime_t() - 10000); | ||
2755 | 1724 | token.insert("Expiry", 1000); | ||
2756 | 1725 | token.insert("refresh_token", QString("r3fr3sh")); | ||
2757 | 1726 | tokens.insert(data.ClientId(), QVariant::fromValue(token)); | ||
2758 | 1727 | data.m_data.insert("Tokens", tokens); | ||
2759 | 1728 | |||
2760 | 1729 | SignOn::UiSessionData info; | ||
2761 | 1730 | |||
2762 | 1731 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
2763 | 1732 | QSignalSpy userActionRequired(m_testPlugin, | ||
2764 | 1733 | SIGNAL(userActionRequired(const SignOn::UiSessionData&))); | ||
2765 | 1734 | |||
2766 | 1735 | TestNetworkAccessManager *nam = new TestNetworkAccessManager; | ||
2767 | 1736 | m_testPlugin->m_networkAccessManager = nam; | ||
2768 | 1737 | TestNetworkReply *reply = new TestNetworkReply(this); | ||
2769 | 1738 | if (replyErrorCode >= 0) { | ||
2770 | 1739 | reply->setError(QNetworkReply::NetworkError(replyErrorCode), | ||
2771 | 1740 | "Dummy error", 5); | ||
2772 | 1741 | } | ||
2773 | 1742 | reply->setStatusCode(replyStatusCode); | ||
2774 | 1743 | reply->setContentType("application/json"); | ||
2775 | 1744 | reply->setContent(replyContents.toUtf8()); | ||
2776 | 1745 | nam->setNextReply(reply); | ||
2777 | 1746 | |||
2778 | 1747 | m_testPlugin->process(data, QString("web_server")); | ||
2779 | 1748 | |||
2780 | 1749 | if (expectedError < 0) { | ||
2781 | 1750 | QTRY_COMPARE(userActionRequired.count(), 1); | ||
2782 | 1751 | QCOMPARE(error.count(), 0); | ||
2783 | 1752 | } else { | ||
2784 | 1753 | QTRY_COMPARE(error.count(), 1); | ||
2785 | 1754 | QCOMPARE(error.at(0).at(0).value<Error>().type(), expectedError); | ||
2786 | 1755 | } | ||
2787 | 1756 | |||
2788 | 1757 | delete nam; | ||
2789 | 1758 | } | ||
2790 | 1759 | |||
2791 | 1760 | void PluginTest::testClientAuthentication_data() | ||
2792 | 1761 | { | ||
2793 | 1762 | QTest::addColumn<QString>("clientSecret"); | ||
2794 | 1763 | QTest::addColumn<bool>("forceAuthViaRequestBody"); | ||
2795 | 1764 | QTest::addColumn<QString>("postContents"); | ||
2796 | 1765 | QTest::addColumn<QString>("postAuthorization"); | ||
2797 | 1766 | |||
2798 | 1767 | QTest::newRow("no secret, std auth") << | ||
2799 | 1768 | "" << false << | ||
2800 | 1769 | "grant_type=authorization_code&code=c0d3" | ||
2801 | 1770 | "&redirect_uri=http://localhost/resp.html&client_id=104660106251471" << | ||
2802 | 1771 | ""; | ||
2803 | 1772 | QTest::newRow("no secret, auth in body") << | ||
2804 | 1773 | "" << true << | ||
2805 | 1774 | "grant_type=authorization_code&code=c0d3" | ||
2806 | 1775 | "&redirect_uri=http://localhost/resp.html&client_id=104660106251471" << | ||
2807 | 1776 | ""; | ||
2808 | 1777 | |||
2809 | 1778 | QTest::newRow("with secret, std auth") << | ||
2810 | 1779 | "s3cr3t" << false << | ||
2811 | 1780 | "grant_type=authorization_code&code=c0d3&redirect_uri=http://localhost/resp.html" << | ||
2812 | 1781 | "Basic MTA0NjYwMTA2MjUxNDcxOnMzY3IzdA=="; | ||
2813 | 1782 | QTest::newRow("with secret, auth in body") << | ||
2814 | 1783 | "s3cr3t" << true << | ||
2815 | 1784 | "grant_type=authorization_code&code=c0d3" | ||
2816 | 1785 | "&redirect_uri=http://localhost/resp.html" | ||
2817 | 1786 | "&client_id=104660106251471&client_secret=s3cr3t" << | ||
2818 | 1787 | ""; | ||
2819 | 1788 | } | ||
2820 | 1789 | |||
2821 | 1790 | void PluginTest::testClientAuthentication() | ||
2822 | 1791 | { | ||
2823 | 1792 | QFETCH(QString, clientSecret); | ||
2824 | 1793 | QFETCH(bool, forceAuthViaRequestBody); | ||
2825 | 1794 | QFETCH(QString, postContents); | ||
2826 | 1795 | QFETCH(QString, postAuthorization); | ||
2827 | 1796 | |||
2828 | 1797 | SignOn::UiSessionData info; | ||
2829 | 1798 | PluginData data; | ||
2830 | 1799 | data.setHost("localhost"); | ||
2831 | 1800 | data.setAuthPath("authorize"); | ||
2832 | 1801 | data.setTokenPath("access_token"); | ||
2833 | 1802 | data.setClientId("104660106251471"); | ||
2834 | 1803 | data.setClientSecret(clientSecret); | ||
2835 | 1804 | data.setRedirectUri("http://localhost/resp.html"); | ||
2836 | 1805 | data.setForceClientAuthViaRequestBody(forceAuthViaRequestBody); | ||
2837 | 1806 | |||
2838 | 1807 | QSignalSpy result(m_testPlugin, SIGNAL(result(const SignOn::SessionData&))); | ||
2839 | 1808 | QSignalSpy error(m_testPlugin, SIGNAL(error(const SignOn::Error &))); | ||
2840 | 1809 | QSignalSpy userActionRequired(m_testPlugin, | ||
2841 | 1810 | SIGNAL(userActionRequired(const SignOn::UiSessionData&))); | ||
2842 | 1811 | |||
2843 | 1812 | TestNetworkAccessManager *nam = new TestNetworkAccessManager; | ||
2844 | 1813 | m_testPlugin->m_networkAccessManager = nam; | ||
2845 | 1814 | TestNetworkReply *reply = new TestNetworkReply(this); | ||
2846 | 1815 | reply->setStatusCode(200); | ||
2847 | 1816 | reply->setContentType("application/json"); | ||
2848 | 1817 | reply->setContent("{ \"access_token\":\"t0k3n\", \"expires_in\": 3600 }"); | ||
2849 | 1818 | nam->setNextReply(reply); | ||
2850 | 1819 | |||
2851 | 1820 | m_testPlugin->process(data, QString("web_server")); | ||
2852 | 1821 | QTRY_COMPARE(userActionRequired.count(), 1); | ||
2853 | 1822 | QString state = parseState(userActionRequired); | ||
2854 | 1823 | |||
2855 | 1824 | info.setUrlResponse("http://localhost/resp.html?code=c0d3&state=" + state); | ||
2856 | 1825 | m_testPlugin->userActionFinished(info); | ||
2857 | 1826 | |||
2858 | 1827 | QTRY_COMPARE(result.count(), 1); | ||
2859 | 1828 | QCOMPARE(error.count(), 0); | ||
2860 | 1829 | QCOMPARE(nam->m_lastRequest.url(), QUrl("https://localhost/access_token")); | ||
2861 | 1830 | QCOMPARE(QString::fromUtf8(nam->m_lastRequestData), postContents); | ||
2862 | 1831 | QCOMPARE(QString::fromUtf8(nam->m_lastRequest.rawHeader("Authorization")), | ||
2863 | 1832 | postAuthorization); | ||
2864 | 1833 | |||
2865 | 1834 | delete nam; | ||
2866 | 1835 | } | ||
2867 | 1836 | |||
2868 | 1837 | #endif | ||
2869 | 1838 | |||
2870 | 1839 | QTEST_MAIN(PluginTest) | ||
2871 | 1840 | #include "tst_plugin.moc" | ||
2872 | 0 | 1841 | ||
2873 | === modified file 'signon-plugin/ubuntuone-plugin.cpp' | |||
2874 | --- signon-plugin/ubuntuone-plugin.cpp 2013-08-12 21:16:29 +0000 | |||
2875 | +++ signon-plugin/ubuntuone-plugin.cpp 2016-04-22 09:51:32 +0000 | |||
2876 | @@ -15,15 +15,37 @@ | |||
2877 | 15 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | 15 | * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, |
2878 | 16 | * Boston, MA 02110-1301, USA. | 16 | * Boston, MA 02110-1301, USA. |
2879 | 17 | */ | 17 | */ |
2880 | 18 | |||
2881 | 19 | #include <QJsonDocument> | ||
2882 | 20 | #include <QJsonObject> | ||
2883 | 21 | #include <QNetworkAccessManager> | ||
2884 | 22 | #include <QNetworkReply> | ||
2885 | 23 | #include <QNetworkRequest> | ||
2886 | 24 | |||
2887 | 25 | #include <SignOn/UiSessionData> | ||
2888 | 26 | #include <SignOn/uisessiondata_priv.h> | ||
2889 | 27 | |||
2890 | 18 | #include <token.h> | 28 | #include <token.h> |
2891 | 19 | 29 | ||
2892 | 30 | #include "i18n.h" | ||
2893 | 20 | #include "ubuntuone-plugin.h" | 31 | #include "ubuntuone-plugin.h" |
2894 | 21 | 32 | ||
2895 | 33 | #define BASE_URL "https://login.ubuntu.com" | ||
2896 | 34 | |||
2897 | 35 | #define ERR_INVALID_CREDENTIALS QLatin1String("INVALID_CREDENTIALS") | ||
2898 | 36 | #define ERR_INVALID_DATA QLatin1String("INVALID_DATA") | ||
2899 | 37 | #define ERR_TWOFACTOR_REQUIRED QLatin1String("TWOFACTOR_REQUIRED") | ||
2900 | 38 | #define ERR_TWOFACTOR_FAILURE QLatin1String("TWOFACTOR_FAILURE") | ||
2901 | 39 | #define ERR_PASSWORD_POLICY_ERROR QLatin1String("PASSWORD_POLICY_ERROR") | ||
2902 | 22 | 40 | ||
2903 | 23 | namespace UbuntuOne { | 41 | namespace UbuntuOne { |
2904 | 24 | 42 | ||
2907 | 25 | SignOnPlugin::SignOnPlugin(QObject *parent) | 43 | SignOnPlugin::SignOnPlugin(QObject *parent): |
2908 | 26 | : AuthPluginInterface(parent) | 44 | AuthPluginInterface(parent), |
2909 | 45 | m_networkAccessManager(0), | ||
2910 | 46 | m_reply(0), | ||
2911 | 47 | m_didAskForPassword(false), | ||
2912 | 48 | m_needsOtp(false) | ||
2913 | 27 | { | 49 | { |
2914 | 28 | } | 50 | } |
2915 | 29 | 51 | ||
2916 | @@ -47,33 +69,319 @@ | |||
2917 | 47 | { | 69 | { |
2918 | 48 | } | 70 | } |
2919 | 49 | 71 | ||
2920 | 72 | bool SignOnPlugin::validateInput(const PluginData &data, | ||
2921 | 73 | const QString &mechanism) | ||
2922 | 74 | { | ||
2923 | 75 | Q_UNUSED(mechanism); | ||
2924 | 76 | |||
2925 | 77 | if (data.TokenName().isEmpty()) { | ||
2926 | 78 | return false; | ||
2927 | 79 | } | ||
2928 | 80 | |||
2929 | 81 | return true; | ||
2930 | 82 | } | ||
2931 | 83 | |||
2932 | 84 | bool SignOnPlugin::respondWithStoredData() | ||
2933 | 85 | { | ||
2934 | 86 | QVariantMap storedData = m_data.StoredData(); | ||
2935 | 87 | |||
2936 | 88 | /* When U1 was using the password plugin, it was storing the token data | ||
2937 | 89 | * in the password field. So, if we don't have any data stored in the | ||
2938 | 90 | * plugin's data, try to get a token from the password field. | ||
2939 | 91 | */ | ||
2940 | 92 | if (storedData.isEmpty() && !m_data.Secret().isEmpty()) { | ||
2941 | 93 | Token *token = Token::fromQuery(m_data.Secret()); | ||
2942 | 94 | if (token->isValid()) { | ||
2943 | 95 | PluginData tokenData; | ||
2944 | 96 | tokenData.setConsumerKey(token->consumerKey()); | ||
2945 | 97 | tokenData.setConsumerSecret(token->consumerSecret()); | ||
2946 | 98 | tokenData.setTokenKey(token->tokenKey()); | ||
2947 | 99 | tokenData.setTokenSecret(token->tokenSecret()); | ||
2948 | 100 | storedData[token->name()] = tokenData.toMap(); | ||
2949 | 101 | PluginData pluginData; | ||
2950 | 102 | pluginData.setStoredData(storedData); | ||
2951 | 103 | Q_EMIT store(pluginData); | ||
2952 | 104 | |||
2953 | 105 | /* We know that the given secret is a valid token, so it cannot | ||
2954 | 106 | * be a valid password as well: let's clear it out now, so that | ||
2955 | 107 | * if it turns out that the token is no longer valid and that | ||
2956 | 108 | * we need to create a new one, we won't make a useless attempt | ||
2957 | 109 | * to create one with a wrong password. | ||
2958 | 110 | */ | ||
2959 | 111 | m_data.setSecret(QString()); | ||
2960 | 112 | } | ||
2961 | 113 | delete token; | ||
2962 | 114 | } | ||
2963 | 115 | |||
2964 | 116 | /* Check if we have stored data for this token name */ | ||
2965 | 117 | PluginData tokenData(storedData[m_data.TokenName()].toMap()); | ||
2966 | 118 | Token token(tokenData.TokenKey(), tokenData.TokenSecret(), | ||
2967 | 119 | tokenData.ConsumerKey(), tokenData.ConsumerSecret()); | ||
2968 | 120 | if (!token.isValid()) return false; | ||
2969 | 121 | qDebug() << "Token is valid!" << tokenData.TokenKey(); | ||
2970 | 122 | |||
2971 | 123 | tokenData.setTokenName(m_data.TokenName()); | ||
2972 | 124 | checkTokenValidity(token, tokenData); | ||
2973 | 125 | return true; | ||
2974 | 126 | } | ||
2975 | 127 | |||
2976 | 128 | void SignOnPlugin::emitErrorFromReply(QNetworkReply *reply) | ||
2977 | 129 | { | ||
2978 | 130 | int errorCode = reply->error(); | ||
2979 | 131 | int type = SignOn::Error::Network; | ||
2980 | 132 | if (errorCode == QNetworkReply::SslHandshakeFailedError) { | ||
2981 | 133 | type = SignOn::Error::Ssl; | ||
2982 | 134 | } else if (errorCode == QNetworkReply::ServiceUnavailableError) { | ||
2983 | 135 | type = SignOn::Error::ServiceNotAvailable; | ||
2984 | 136 | } else if (errorCode == QNetworkReply::AuthenticationRequiredError) { | ||
2985 | 137 | type = SignOn::Error::NotAuthorized; | ||
2986 | 138 | } else if (errorCode <= QNetworkReply::UnknownNetworkError) { | ||
2987 | 139 | type = SignOn::Error::NoConnection; | ||
2988 | 140 | } | ||
2989 | 141 | |||
2990 | 142 | qDebug() << "Got error:" << reply->errorString(); | ||
2991 | 143 | Q_EMIT error(SignOn::Error(type, reply->errorString())); | ||
2992 | 144 | } | ||
2993 | 145 | |||
2994 | 146 | void SignOnPlugin::onValidationFinished() | ||
2995 | 147 | { | ||
2996 | 148 | QNetworkReply *reply = m_reply; | ||
2997 | 149 | m_reply->deleteLater(); | ||
2998 | 150 | m_reply = 0; | ||
2999 | 151 | |||
3000 | 152 | /* Note on error handling: we consider the token to be (in)valid only if | ||
3001 | 153 | * we can parse the JSON response and it contains the response. If the | ||
3002 | 154 | * validation has failed because of some other error (SSL error, | ||
3003 | 155 | * unparsable server reply, etc.) then we report the error to the | ||
3004 | 156 | * client. | ||
3005 | 157 | */ | ||
3006 | 158 | QJsonDocument json = QJsonDocument::fromJson(reply->readAll()); | ||
3007 | 159 | QJsonObject object = json.object(); | ||
3008 | 160 | QJsonValue value = object.value("is_valid"); | ||
3009 | 161 | |||
3010 | 162 | int statusCode = reply->attribute(QNetworkRequest::HttpStatusCodeAttribute).toInt(); | ||
3011 | 163 | if (statusCode == 200 && value.isBool()) { | ||
3012 | 164 | bool isValid = value.toBool(); | ||
3013 | 165 | if (isValid) { | ||
3014 | 166 | Q_EMIT result(m_checkedToken); | ||
3015 | 167 | } else { | ||
3016 | 168 | qDebug() << "Server verification failed"; | ||
3017 | 169 | getCredentialsAndCreateNewToken(); | ||
3018 | 170 | } | ||
3019 | 171 | } else { | ||
3020 | 172 | emitErrorFromReply(reply); | ||
3021 | 173 | } | ||
3022 | 174 | } | ||
3023 | 175 | |||
3024 | 176 | void SignOnPlugin::checkTokenValidity(const Token &token, | ||
3025 | 177 | const PluginData &tokenData) | ||
3026 | 178 | { | ||
3027 | 179 | m_checkedToken = tokenData; | ||
3028 | 180 | |||
3029 | 181 | QNetworkRequest req(QUrl(BASE_URL "/api/v2/requests/validate")); | ||
3030 | 182 | req.setHeader(QNetworkRequest::ContentTypeHeader, "application/json"); | ||
3031 | 183 | |||
3032 | 184 | QString httpUrl("http://www.example.com"); | ||
3033 | 185 | QString httpMethod("GET"); | ||
3034 | 186 | |||
3035 | 187 | QJsonObject formData; | ||
3036 | 188 | formData.insert("http_url", httpUrl); | ||
3037 | 189 | formData.insert("http_method", httpMethod); | ||
3038 | 190 | formData.insert("authorization", token.signUrl(httpUrl, httpMethod)); | ||
3039 | 191 | |||
3040 | 192 | m_reply = | ||
3041 | 193 | m_networkAccessManager->post(req, QJsonDocument(formData).toJson()); | ||
3042 | 194 | QObject::connect(m_reply, SIGNAL(finished()), | ||
3043 | 195 | this, SLOT(onValidationFinished())); | ||
3044 | 196 | } | ||
3045 | 197 | |||
3046 | 50 | void SignOnPlugin::process(const SignOn::SessionData &inData, | 198 | void SignOnPlugin::process(const SignOn::SessionData &inData, |
3047 | 51 | const QString &mechanism) | 199 | const QString &mechanism) |
3048 | 52 | { | 200 | { |
3050 | 53 | Q_UNUSED(mechanism); | 201 | if (!m_networkAccessManager) { |
3051 | 202 | m_networkAccessManager = new QNetworkAccessManager(this); | ||
3052 | 203 | } | ||
3053 | 204 | |||
3054 | 205 | initTr("ubuntuone-credentials", NULL); | ||
3055 | 206 | |||
3056 | 54 | PluginData response; | 207 | PluginData response; |
3057 | 55 | m_data = inData.data<PluginData>(); | 208 | m_data = inData.data<PluginData>(); |
3058 | 56 | 209 | ||
3075 | 57 | if (!inData.Secret().isEmpty()) { | 210 | if (!validateInput(m_data, mechanism)) { |
3076 | 58 | response.setConsumer(m_data.Consumer()); | 211 | qWarning() << "Invalid parameters passed"; |
3077 | 59 | response.setConsumerSecret(m_data.ConsumerSecret()); | 212 | Q_EMIT error(SignOn::Error(SignOn::Error::MissingData)); |
3078 | 60 | response.setToken(m_data.Token()); | 213 | return; |
3079 | 61 | response.setTokenSecret(m_data.TokenSecret()); | 214 | } |
3080 | 62 | 215 | ||
3081 | 63 | response.setName(Token::buildTokenName()); | 216 | /* It may be that the stored token is valid; however, do the check only |
3082 | 64 | 217 | * if no OTP was provided (since the presence of an OTP is a clear | |
3083 | 65 | emit result(response); | 218 | * signal that the caller wants to get a new token). */ |
3084 | 66 | return; | 219 | if (m_data.OneTimePassword().isEmpty() && |
3085 | 67 | } | 220 | respondWithStoredData()) { |
3086 | 68 | 221 | return; | |
3087 | 69 | SignOn::UiSessionData data; | 222 | } |
3088 | 70 | data.setRealm(inData.Realm()); | 223 | |
3089 | 71 | data.setShowRealm(!data.Realm().isEmpty()); | 224 | getCredentialsAndCreateNewToken(); |
3090 | 72 | emit userActionRequired(data); | 225 | } |
3091 | 226 | |||
3092 | 227 | void SignOnPlugin::onCreationFinished() | ||
3093 | 228 | { | ||
3094 | 229 | QNetworkReply *reply = m_reply; | ||
3095 | 230 | m_reply->deleteLater(); | ||
3096 | 231 | m_reply = 0; | ||
3097 | 232 | |||
3098 | 233 | QByteArray data = reply->readAll(); | ||
3099 | 234 | qDebug() << "Received" << data; | ||
3100 | 235 | QJsonDocument json = QJsonDocument::fromJson(data); | ||
3101 | 236 | QJsonObject object = json.object(); | ||
3102 | 237 | |||
3103 | 238 | QString error = object.value("code").toString(); | ||
3104 | 239 | |||
3105 | 240 | int statusCode = reply->attribute(QNetworkRequest::HttpStatusCodeAttribute).toInt(); | ||
3106 | 241 | qDebug() << "Status code:" << statusCode; | ||
3107 | 242 | if (statusCode == 200 || statusCode == 201) { | ||
3108 | 243 | QString tokenName = object.value("token_name").toString(); | ||
3109 | 244 | PluginData token; | ||
3110 | 245 | token.setConsumerKey(object.value("consumer_key").toString()); | ||
3111 | 246 | token.setConsumerSecret(object.value("consumer_secret").toString()); | ||
3112 | 247 | token.setTokenKey(object.value("token_key").toString()); | ||
3113 | 248 | token.setTokenSecret(object.value("token_secret").toString()); | ||
3114 | 249 | |||
3115 | 250 | /* Store the token */ | ||
3116 | 251 | QVariantMap storedData; | ||
3117 | 252 | storedData[tokenName] = token.toMap(); | ||
3118 | 253 | PluginData pluginData; | ||
3119 | 254 | pluginData.setStoredData(storedData); | ||
3120 | 255 | Q_EMIT store(pluginData); | ||
3121 | 256 | |||
3122 | 257 | token.setTokenName(tokenName); | ||
3123 | 258 | Q_EMIT result(token); | ||
3124 | 259 | } else if (statusCode == 401 && error == ERR_INVALID_CREDENTIALS) { | ||
3125 | 260 | m_data.setSecret(QString()); | ||
3126 | 261 | m_data.setOneTimePassword(QString()); | ||
3127 | 262 | getCredentialsAndCreateNewToken(); | ||
3128 | 263 | } else if (statusCode == 401 && error == ERR_TWOFACTOR_REQUIRED) { | ||
3129 | 264 | m_needsOtp = true; | ||
3130 | 265 | getCredentialsAndCreateNewToken(); | ||
3131 | 266 | } else if (statusCode == 403 && error == ERR_TWOFACTOR_FAILURE) { | ||
3132 | 267 | m_data.setOneTimePassword(QString()); | ||
3133 | 268 | getCredentialsAndCreateNewToken(); | ||
3134 | 269 | } else if (statusCode == 403 && error == ERR_PASSWORD_POLICY_ERROR) { | ||
3135 | 270 | QVariantMap data; | ||
3136 | 271 | QJsonObject extra = object.value("extra").toObject(); | ||
3137 | 272 | data[SSOUI_KEY_OPENURL] = extra.value("location").toString(); | ||
3138 | 273 | Q_EMIT userActionRequired(data); | ||
3139 | 274 | } else if (error == ERR_INVALID_DATA) { | ||
3140 | 275 | // This error is received when the email address is invalid | ||
3141 | 276 | m_data.setUserName(QString()); | ||
3142 | 277 | m_data.setSecret(QString()); | ||
3143 | 278 | m_data.setOneTimePassword(QString()); | ||
3144 | 279 | getCredentialsAndCreateNewToken(); | ||
3145 | 280 | } else { | ||
3146 | 281 | emitErrorFromReply(reply); | ||
3147 | 282 | } | ||
3148 | 283 | } | ||
3149 | 284 | |||
3150 | 285 | void SignOnPlugin::createNewToken() | ||
3151 | 286 | { | ||
3152 | 287 | QNetworkRequest req(QUrl(BASE_URL "/api/v2/tokens/oauth")); | ||
3153 | 288 | req.setHeader(QNetworkRequest::ContentTypeHeader, "application/json"); | ||
3154 | 289 | |||
3155 | 290 | QJsonObject formData; | ||
3156 | 291 | formData.insert("email", m_data.UserName()); | ||
3157 | 292 | formData.insert("password", m_data.Secret()); | ||
3158 | 293 | formData.insert("token_name", m_data.TokenName()); | ||
3159 | 294 | if (!m_data.OneTimePassword().isEmpty()) { | ||
3160 | 295 | formData.insert("otp", m_data.OneTimePassword()); | ||
3161 | 296 | } | ||
3162 | 297 | |||
3163 | 298 | qDebug() << "Sending data for token creation"; | ||
3164 | 299 | m_reply = | ||
3165 | 300 | m_networkAccessManager->post(req, QJsonDocument(formData).toJson()); | ||
3166 | 301 | QObject::connect(m_reply, SIGNAL(finished()), | ||
3167 | 302 | this, SLOT(onCreationFinished())); | ||
3168 | 303 | } | ||
3169 | 304 | |||
3170 | 305 | void SignOnPlugin::getCredentialsAndCreateNewToken() | ||
3171 | 306 | { | ||
3172 | 307 | if (!m_data.Secret().isEmpty() && | ||
3173 | 308 | (!m_needsOtp || !m_data.OneTimePassword().isEmpty())) { | ||
3174 | 309 | createNewToken(); | ||
3175 | 310 | } else if (m_data.Secret().isEmpty()) { | ||
3176 | 311 | QVariantMap data; | ||
3177 | 312 | data[SSOUI_KEY_TITLE] = _("UbuntuOne authentication"); | ||
3178 | 313 | data[SSOUI_KEY_QUERYUSERNAME] = true; | ||
3179 | 314 | data[SSOUI_KEY_USERNAME] = m_data.UserName(); | ||
3180 | 315 | data[SSOUI_KEY_QUERYPASSWORD] = true; | ||
3181 | 316 | m_didAskForPassword = true; | ||
3182 | 317 | Q_EMIT userActionRequired(data); | ||
3183 | 318 | } else { | ||
3184 | 319 | QVariantMap data; | ||
3185 | 320 | data[SSOUI_KEY_TITLE] = _("UbuntuOne authentication"); | ||
3186 | 321 | data[SSOUI_KEY_USERNAME] = m_data.UserName(); | ||
3187 | 322 | data[SSOUI_KEY_PASSWORD] = m_data.Secret(); | ||
3188 | 323 | data[SSOUI_KEY_QUERY2FA] = true; | ||
3189 | 324 | data[SSOUI_KEY_2FA_TEXT] = _("2-factor device code"); | ||
3190 | 325 | Q_EMIT userActionRequired(data); | ||
3191 | 326 | } | ||
3192 | 327 | } | ||
3193 | 328 | |||
3194 | 329 | bool SignOnPlugin::handleUiError(const SignOn::UiSessionData &data) | ||
3195 | 330 | { | ||
3196 | 331 | using namespace SignOn; | ||
3197 | 332 | |||
3198 | 333 | int code = data.QueryErrorCode(); | ||
3199 | 334 | if (code == QUERY_ERROR_NONE) { | ||
3200 | 335 | return false; | ||
3201 | 336 | } | ||
3202 | 337 | |||
3203 | 338 | qDebug() << "userActionFinished with error: " << code; | ||
3204 | 339 | if (code == QUERY_ERROR_CANCELED) { | ||
3205 | 340 | Q_EMIT error(Error(Error::SessionCanceled, | ||
3206 | 341 | QLatin1String("Cancelled by user"))); | ||
3207 | 342 | } else if (code == QUERY_ERROR_NETWORK) { | ||
3208 | 343 | Q_EMIT error(Error(Error::Network, QLatin1String("Network error"))); | ||
3209 | 344 | } else if (code == QUERY_ERROR_SSL) { | ||
3210 | 345 | Q_EMIT error(Error(Error::Ssl, QLatin1String("SSL error"))); | ||
3211 | 346 | } else { | ||
3212 | 347 | QVariantMap map = data.toMap(); | ||
3213 | 348 | if (map.contains(SSOUI_KEY_QUERY2FA)) { | ||
3214 | 349 | PluginData reply; | ||
3215 | 350 | reply.setU1ErrorCode(PluginData::OneTimePasswordRequired); | ||
3216 | 351 | Q_EMIT result(reply); | ||
3217 | 352 | } else if (map.contains(SSOUI_KEY_QUERYPASSWORD)) { | ||
3218 | 353 | PluginData reply; | ||
3219 | 354 | reply.setU1ErrorCode(PluginData::InvalidPassword); | ||
3220 | 355 | Q_EMIT result(reply); | ||
3221 | 356 | } else { | ||
3222 | 357 | Q_EMIT error(Error(Error::UserInteraction, | ||
3223 | 358 | QString("userActionFinished error: ") | ||
3224 | 359 | + QString::number(data.QueryErrorCode()))); | ||
3225 | 360 | } | ||
3226 | 361 | } | ||
3227 | 362 | return true; | ||
3228 | 73 | } | 363 | } |
3229 | 74 | 364 | ||
3230 | 75 | void SignOnPlugin::userActionFinished(const SignOn::UiSessionData &data) | 365 | void SignOnPlugin::userActionFinished(const SignOn::UiSessionData &data) |
3231 | 76 | { | 366 | { |
3232 | 367 | if (handleUiError(data)) return; | ||
3233 | 368 | |||
3234 | 369 | PluginData uiData = data.data<PluginData>(); | ||
3235 | 370 | if (!uiData.UserName().isEmpty()) { | ||
3236 | 371 | m_data.setUserName(uiData.UserName()); | ||
3237 | 372 | } | ||
3238 | 373 | |||
3239 | 374 | if (!uiData.Secret().isEmpty()) { | ||
3240 | 375 | m_data.setSecret(uiData.Secret()); | ||
3241 | 376 | } | ||
3242 | 377 | |||
3243 | 378 | QVariantMap map = data.toMap(); | ||
3244 | 379 | QString oneTimePassword = map.value(SSOUI_KEY_2FA).toString(); | ||
3245 | 380 | if (!oneTimePassword.isEmpty()) { | ||
3246 | 381 | m_data.setOneTimePassword(oneTimePassword); | ||
3247 | 382 | } | ||
3248 | 383 | |||
3249 | 384 | getCredentialsAndCreateNewToken(); | ||
3250 | 77 | } | 385 | } |
3251 | 78 | 386 | ||
3252 | 79 | SIGNON_DECL_AUTH_PLUGIN(SignOnPlugin) | 387 | SIGNON_DECL_AUTH_PLUGIN(SignOnPlugin) |
3253 | 80 | 388 | ||
3254 | === modified file 'signon-plugin/ubuntuone-plugin.h' | |||
3255 | --- signon-plugin/ubuntuone-plugin.h 2013-08-12 21:16:29 +0000 | |||
3256 | +++ signon-plugin/ubuntuone-plugin.h 2016-04-22 09:51:32 +0000 | |||
3257 | @@ -27,9 +27,15 @@ | |||
3258 | 27 | 27 | ||
3259 | 28 | #include "ubuntuonedata.h" | 28 | #include "ubuntuonedata.h" |
3260 | 29 | 29 | ||
3261 | 30 | class PluginTest; | ||
3262 | 31 | |||
3263 | 32 | class QNetworkAccessManager; | ||
3264 | 33 | class QNetworkReply; | ||
3265 | 30 | 34 | ||
3266 | 31 | namespace UbuntuOne { | 35 | namespace UbuntuOne { |
3267 | 32 | 36 | ||
3268 | 37 | class Token; | ||
3269 | 38 | |||
3270 | 33 | class SignOnPlugin : public AuthPluginInterface | 39 | class SignOnPlugin : public AuthPluginInterface |
3271 | 34 | { | 40 | { |
3272 | 35 | Q_OBJECT | 41 | Q_OBJECT |
3273 | @@ -40,17 +46,49 @@ | |||
3274 | 40 | virtual ~SignOnPlugin(); | 46 | virtual ~SignOnPlugin(); |
3275 | 41 | 47 | ||
3276 | 42 | public Q_SLOTS: | 48 | public Q_SLOTS: |
3280 | 43 | QString type() const; | 49 | QString type() const Q_DECL_OVERRIDE; |
3281 | 44 | QStringList mechanisms() const; | 50 | QStringList mechanisms() const Q_DECL_OVERRIDE; |
3282 | 45 | void cancel(); | 51 | void cancel() Q_DECL_OVERRIDE; |
3283 | 46 | void process(const SignOn::SessionData &inData, | 52 | void process(const SignOn::SessionData &inData, |
3288 | 47 | const QString &mechanism = 0); | 53 | const QString &mechanism = 0) Q_DECL_OVERRIDE; |
3289 | 48 | void userActionFinished(const SignOn::UiSessionData &data); | 54 | void userActionFinished(const SignOn::UiSessionData &data) Q_DECL_OVERRIDE; |
3290 | 49 | 55 | ||
3291 | 50 | private: | 56 | private: |
3292 | 57 | bool validateInput(const PluginData &data, const QString &mechanism); | ||
3293 | 58 | bool respondWithStoredData(); | ||
3294 | 59 | void checkTokenValidity(const Token &token, | ||
3295 | 60 | const PluginData &tokenData); | ||
3296 | 61 | void emitErrorFromReply(QNetworkReply *reply); | ||
3297 | 62 | void createNewToken(); | ||
3298 | 63 | void getCredentialsAndCreateNewToken(); | ||
3299 | 64 | bool handleUiError(const SignOn::UiSessionData &data); | ||
3300 | 65 | |||
3301 | 66 | private Q_SLOTS: | ||
3302 | 67 | void onValidationFinished(); | ||
3303 | 68 | void onCreationFinished(); | ||
3304 | 69 | |||
3305 | 70 | private: | ||
3306 | 71 | friend class ::PluginTest; | ||
3307 | 51 | PluginData m_data; | 72 | PluginData m_data; |
3308 | 73 | PluginData m_checkedToken; | ||
3309 | 74 | QNetworkAccessManager *m_networkAccessManager; | ||
3310 | 75 | QNetworkReply *m_reply; | ||
3311 | 76 | bool m_didAskForPassword; | ||
3312 | 77 | bool m_needsOtp; | ||
3313 | 52 | }; | 78 | }; |
3314 | 53 | 79 | ||
3315 | 54 | } // namespace UbuntuOne | 80 | } // namespace UbuntuOne |
3316 | 55 | 81 | ||
3317 | 82 | /* These fields are temporarily defined here; they'll be eventually moved to | ||
3318 | 83 | * signond's include files. */ | ||
3319 | 84 | #define SSOUI_KEY_USERNAME_TEXT QLatin1String("UserNameText") | ||
3320 | 85 | #define SSOUI_KEY_PASSWORD_TEXT QLatin1String("PasswordText") | ||
3321 | 86 | #define SSOUI_KEY_REGISTER_URL QLatin1String("RegisterUrl") | ||
3322 | 87 | #define SSOUI_KEY_REGISTER_TEXT QLatin1String("RegisterText") | ||
3323 | 88 | #define SSOUI_KEY_LOGIN_TEXT QLatin1String("LoginText") | ||
3324 | 89 | #define SSOUI_KEY_QUERY2FA QLatin1String("Query2fa") | ||
3325 | 90 | #define SSOUI_KEY_2FA QLatin1String("2fa") | ||
3326 | 91 | #define SSOUI_KEY_2FA_TEXT QLatin1String("2faText") | ||
3327 | 92 | #define SSOUI_KEY_ERROR_MESSAGE QLatin1String("ErrorMessage") | ||
3328 | 93 | |||
3329 | 56 | #endif | 94 | #endif |
3330 | 57 | 95 | ||
3331 | === modified file 'signon-plugin/ubuntuonedata.h' | |||
3332 | --- signon-plugin/ubuntuonedata.h 2013-08-12 21:16:29 +0000 | |||
3333 | +++ signon-plugin/ubuntuonedata.h 2016-04-22 09:51:32 +0000 | |||
3334 | @@ -25,16 +25,33 @@ | |||
3335 | 25 | class PluginData : public SignOn::SessionData | 25 | class PluginData : public SignOn::SessionData |
3336 | 26 | { | 26 | { |
3337 | 27 | public: | 27 | public: |
3338 | 28 | PluginData(const QVariantMap &data = QVariantMap()): | ||
3339 | 29 | SignOn::SessionData(data) {} | ||
3340 | 30 | |||
3341 | 28 | // The name of the token | 31 | // The name of the token |
3343 | 29 | SIGNON_SESSION_DECLARE_PROPERTY(QString, Name); | 32 | SIGNON_SESSION_DECLARE_PROPERTY(QString, TokenName); |
3344 | 33 | |||
3345 | 34 | // The one-time password (optional) | ||
3346 | 35 | SIGNON_SESSION_DECLARE_PROPERTY(QString, OneTimePassword); | ||
3347 | 30 | 36 | ||
3348 | 31 | // The consumer key and secret for signing | 37 | // The consumer key and secret for signing |
3350 | 32 | SIGNON_SESSION_DECLARE_PROPERTY(QString, Consumer); | 38 | SIGNON_SESSION_DECLARE_PROPERTY(QString, ConsumerKey); |
3351 | 33 | SIGNON_SESSION_DECLARE_PROPERTY(QString, ConsumerSecret); | 39 | SIGNON_SESSION_DECLARE_PROPERTY(QString, ConsumerSecret); |
3352 | 34 | 40 | ||
3353 | 35 | // The access token and secret for signing | 41 | // The access token and secret for signing |
3355 | 36 | SIGNON_SESSION_DECLARE_PROPERTY(QString, Token); | 42 | SIGNON_SESSION_DECLARE_PROPERTY(QString, TokenKey); |
3356 | 37 | SIGNON_SESSION_DECLARE_PROPERTY(QString, TokenSecret); | 43 | SIGNON_SESSION_DECLARE_PROPERTY(QString, TokenSecret); |
3357 | 44 | |||
3358 | 45 | // Error code | ||
3359 | 46 | enum ErrorCode { | ||
3360 | 47 | NoError = 0, | ||
3361 | 48 | OneTimePasswordRequired, | ||
3362 | 49 | InvalidPassword, | ||
3363 | 50 | }; | ||
3364 | 51 | SIGNON_SESSION_DECLARE_PROPERTY(int, U1ErrorCode); | ||
3365 | 52 | |||
3366 | 53 | // Data which the plugin has stored into signond | ||
3367 | 54 | SIGNON_SESSION_DECLARE_PROPERTY(QVariantMap, StoredData); | ||
3368 | 38 | }; | 55 | }; |
3369 | 39 | 56 | ||
3370 | 40 | } // namespace UbuntuOne | 57 | } // namespace UbuntuOne |