virtual void copyTo(ISecUser& destination) { destination.setAuthenticateStatus(getAuthenticateStatus()); destination.setName(getName()); destination.setFullName(getFullName()); destination.setFirstName(getFirstName()); destination.setLastName(getLastName()); destination.setEmployeeID(getEmployeeID()); destination.setRealm(getRealm()); destination.setFqdn(getFqdn()); destination.setPeer(getPeer()); destination.credentials().setPassword(credentials().getPassword()); destination.credentials().setSessionToken(credentials().getSessionToken()); destination.credentials().setSignature(credentials().getSignature()); CDateTime exp; credentials().getPasswordExpiration(exp); destination.credentials().setPasswordExpiration(exp); CDateTime tmpTime; destination.setPasswordExpiration(getPasswordExpiration(tmpTime)); destination.setStatus(getStatus()); CriticalBlock b(crit); Owned<IPropertyIterator> Itr = m_parameters->getIterator(); ForEach(*Itr) { destination.setProperty(Itr->getPropKey(),m_parameters->queryProp(Itr->getPropKey())); } // DBGLOG("Copied name %s to %s",getName(),destination.getName()); }
int main(int argc, char *argv[]) { qSetMessagePattern(QLatin1String( "%{if-warning}\x1b[35m%{endif}" "%{if-critical}\x1b[31m%{endif}" "%{if-fatal}\x1b[1;31m%{endif}" "%{time HH:mm:ss.zzz} " //"%{appname} %{pid} %{threadid} " "%{type} " //"%{file}:%{line} %{function} " "%{if-category}%{category} %{endif}%{message}" "\x1b[0m" )); QCoreApplication app(argc, argv); const QString accessKeyId = QString::fromLocal8Bit(qgetenv("AWS_ACCESS_KEY_ID")); const QString secretAccessKey = QString::fromLocal8Bit(qgetenv("AWS_SECRET_ACCESS_KEY")); if ((accessKeyId.isEmpty()) || (secretAccessKey.isEmpty())) { std::cerr << "Missing credentials" << std::endl; exit(1); } AwsBasicCredentials credentials(accessKeyId, secretAccessKey); QNetworkAccessManager manager; SqsClient sqs(AwsRegion::AP_Southeast_2, &credentials, &manager); SqsCreateQueueResponse * response = sqs.createQueue(QLatin1String("libqtaws-test-queue")); QObject::connect(response, SIGNAL(finished()), &app, SLOT(quit())); return (response) ? app.exec() : 1; }
void Application::slotCheckConnection() { Account *account = AccountManager::instance()->account(); if( account ) { if (account->state() == Account::InvalidCredidential || account->state() == Account::SignedOut) { //Do not try to connect if we are logged out if (!_userTriggeredConnect) return; } AbstractCredentials* credentials(account->credentials()); if (! credentials->ready()) { connect( credentials, SIGNAL(fetched()), this, SLOT(slotCredentialsFetched()), Qt::UniqueConnection); credentials->fetch(account); } else { slotCredentialsFetched(); } } else { // let gui open the setup wizard _gui->slotOpenSettingsDialog( true ); } }
void TestAwsBasicCredentials::expiration() { // Basic credentials never expire. AwsBasicCredentials credentials(QLatin1String(""), QLatin1String("")); QTest::ignoreMessage(QtWarningMsg, "AwsAbstractCredentials: expiration should not be invoked on non-refreshable objects "); QVERIFY(credentials.expiration().isNull()); }
void TestAwsBasicCredentials::refresh() { // Basic credentials are not refreshable. AwsBasicCredentials credentials(QLatin1String(""), QLatin1String("")); QTest::ignoreMessage(QtWarningMsg, "AwsAbstractCredentials: refresh should not be invoked on non-refreshable objects "); QVERIFY(!credentials.refresh()); }
void Account::setCredentials(AbstractCredentials *cred) { // set active credential manager QNetworkCookieJar *jar = 0; if (_am) { jar = _am->cookieJar(); jar->setParent(0); _am->deleteLater(); } if (_credentials) { credentials()->deleteLater(); } // The order for these two is important! Reading the credential's // settings accesses the account as well as account->_credentials _credentials = cred; cred->setAccount(this); _am = _credentials->getQNAM(); if (jar) { _am->setCookieJar(jar); } connect(_am, SIGNAL(sslErrors(QNetworkReply*,QList<QSslError>)), SLOT(slotHandleErrors(QNetworkReply*,QList<QSslError>))); connect(_credentials, SIGNAL(fetched()), SLOT(slotCredentialsFetched())); }
virtual void copyTo(ISecUser& destination) { destination.setAuthenticateStatus(getAuthenticateStatus()); destination.setName(getName()); destination.setFullName(getFullName()); destination.setFirstName(getFirstName()); destination.setLastName(getLastName()); destination.setRealm(getRealm()); destination.setFqdn(getFqdn()); destination.setPeer(getPeer()); destination.credentials().setPassword(credentials().getPassword()); CDateTime tmpTime; destination.setPasswordExpiration(getPasswordExpiration(tmpTime)); destination.setStatus(getStatus()); if(m_parameters.get()==NULL) return; CriticalBlock b(crit); Owned<IPropertyIterator> Itr = m_parameters->getIterator(); Itr->first(); while(Itr->isValid()) { destination.setProperty(Itr->getPropKey(),m_parameters->queryProp(Itr->getPropKey())); Itr->next(); } //addToken is not currently implemented.... // DBGLOG("Copied name %s to %s",getName(),destination.getName()); }
QString WebClient::request( const QString& email, const QString& password) { QStringList args("--login-auth"); // hash password in case it contains interesting chars. QString credentials(email + ":" + hash(password) + "\n"); return m_CoreInterface.run(args, credentials); }
// ----------------------------------------------------------------------------- // RSIPSecChallengeResolver::PrepareCache // Ignore challenges that match a cache entry, but have different algorithm. // Then check if any matching cache entries must be removed. // ----------------------------------------------------------------------------- // void RSIPSecChallengeResolver::PrepareCache( const MSIPSecUser& aUser ) { TRegistrationId regId = iContext->RegistrationId(); CSIPSecDigestCacheEntry* entry( NULL ); CSIPSecCredentials* credentials( NULL ); TInt i( 0 ); // Start search from the end of the array, so if a challenge is removed, it // won't affect the position of challenges that haven't yet been checked. for ( i = Count() - 1; i >= 0; i-- ) { CSIPSecChallenge* challenge = ( *this )[ i ]; TSIPSecDigestCacheIterator iterator( *iContext ); iContext->Cache().InitializeIterator( iterator ); while ( ( entry = iterator.Next() ) != NULL && challenge ) { credentials = static_cast< CSIPSecCredentials* >( entry ); if ( credentials->DoesMatch( *challenge, aUser, regId ) && MixedAlgorithms( *credentials, *challenge )) { Remove( i ); delete challenge; challenge = NULL; // exits while-loop } } } for ( i = 0; i < Count(); i++ ) { CSIPSecChallenge* challenge = ( *this )[ i ]; TSIPSecDigestCacheIterator iterator( *iContext ); iContext->Cache().InitializeIterator( iterator ); while ( ( entry = iterator.Next() ) != NULL ) { credentials = static_cast< CSIPSecCredentials* >( entry ); if ( credentials->Type( *iContext ) == CSIPSecDigest::EProxy ) { __SIP_ASSERT_RETURN( credentials->IsUsedByUser(iContext->SIPSecUser(), ETrue, regId ), KErrGeneral ); } if ( credentials->DoesMatch( *challenge, aUser, regId ) && credentials->ChallengeReceived( *challenge ) ) { iContext->Cache().RemoveEntry( *credentials ); } } } RemoveObsoleteAKAEntries(); }
bool TwitterAccount::refreshTwitterAuth() { qDebug() << Q_FUNC_INFO << " begin"; if( !m_twitterAuth.isNull() ) delete m_twitterAuth.data(); Q_ASSERT( TomahawkUtils::nam() != 0 ); tDebug() << Q_FUNC_INFO << " with nam " << TomahawkUtils::nam(); m_twitterAuth = QPointer< TomahawkOAuthTwitter >( new TomahawkOAuthTwitter( TomahawkUtils::nam(), this ) ); if( m_twitterAuth.isNull() ) return false; m_twitterAuth.data()->setOAuthToken( credentials()[ "oauthtoken" ].toString().toLatin1() ); m_twitterAuth.data()->setOAuthTokenSecret( credentials()[ "oauthtokensecret" ].toString().toLatin1() ); return true; }
TEST_F(AwsUtilTests, test_get_credentials) { // Set a good path for the credentials file std::string profile_path = kTestDataPath + "/aws/credentials"; setenv(kAwsProfileFileEnvVar, profile_path.c_str(), true); // Clear any values for the other AWS env vars unsetenv(kAwsAccessKeyEnvVar); unsetenv(kAwsSecretKeyEnvVar); OsqueryAWSCredentialsProviderChain provider; Aws::Auth::AWSCredentials credentials("", ""); FLAGS_aws_access_key_id = "FLAG_ACCESS_KEY_ID"; FLAGS_aws_secret_access_key = "flag_secret_key"; // With the flags set, those credentials should be used provider = OsqueryAWSCredentialsProviderChain(); credentials = provider.GetAWSCredentials(); ASSERT_EQ("FLAG_ACCESS_KEY_ID", credentials.GetAWSAccessKeyId()); ASSERT_EQ("flag_secret_key", credentials.GetAWSSecretKey()); FLAGS_aws_access_key_id = ""; FLAGS_aws_secret_access_key = "flag_secret_key"; // With the flags set improperly, the profile should be used provider = OsqueryAWSCredentialsProviderChain(); credentials = provider.GetAWSCredentials(); ASSERT_EQ("DEFAULT_ACCESS_KEY_ID", credentials.GetAWSAccessKeyId()); ASSERT_EQ("default_secret_key", credentials.GetAWSSecretKey()); FLAGS_aws_access_key_id = "FLAG_ACCESS_KEY_ID"; FLAGS_aws_secret_access_key = ""; // With the flags set improperly, the profile should be used provider = OsqueryAWSCredentialsProviderChain(); credentials = provider.GetAWSCredentials(); ASSERT_EQ("DEFAULT_ACCESS_KEY_ID", credentials.GetAWSAccessKeyId()); ASSERT_EQ("default_secret_key", credentials.GetAWSSecretKey()); // Clear flags FLAGS_aws_access_key_id = ""; FLAGS_aws_secret_access_key = ""; setenv(kAwsAccessKeyEnvVar, "ENV_ACCESS_KEY_ID", true); setenv(kAwsSecretKeyEnvVar, "env_secret_key", true); // Now env variables should be the primary source provider = OsqueryAWSCredentialsProviderChain(); credentials = provider.GetAWSCredentials(); ASSERT_EQ("ENV_ACCESS_KEY_ID", credentials.GetAWSAccessKeyId()); ASSERT_EQ("env_secret_key", credentials.GetAWSSecretKey()); FLAGS_aws_profile_name = "test"; provider = OsqueryAWSCredentialsProviderChain(); credentials = provider.GetAWSCredentials(); // Now the "test" profile should take precedence ASSERT_EQ("TEST_ACCESS_KEY_ID", credentials.GetAWSAccessKeyId()); ASSERT_EQ("test_secret_key", credentials.GetAWSSecretKey()); }
TEST_FIXTURE(table_service_test_base, TableClient_BaseUriAndCredentials) { azure::storage::storage_uri base_uri(web::http::uri(U("https://myaccount.table.core.windows.net")), web::http::uri(U("https://myaccount-secondary.table.core.windows.net"))); azure::storage::storage_credentials credentials(U("devstoreaccount1"), U("Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==")); azure::storage::table_request_options default_request_options; azure::storage::cloud_table_client client(base_uri, credentials); CHECK(client.base_uri().primary_uri() == base_uri.primary_uri()); CHECK(client.base_uri().secondary_uri() == base_uri.secondary_uri()); CHECK(client.credentials().is_shared_key()); CHECK(client.default_request_options().payload_format() == azure::storage::table_payload_format::json); }
void PasswordDialog::accept() { if( LogonAuthentication::authenticateUser( credentials() ) == false ) { QMessageBox::critical( window(), tr( "Authentication error" ), tr( "Logon failed with given username and password. Please try again!" ) ); } else { QDialog::accept(); } }
void TestAwsBasicCredentials::setToken() { QFETCH(QString, token); AwsBasicCredentials credentials(QLatin1String(""), QLatin1String("")); const QString accessKeyId = credentials.accessKeyId(); const QString secretKey = credentials.secretKey(); credentials.setToken(token); QCOMPARE(credentials.accessKeyId(), accessKeyId); QCOMPARE(credentials.secretKey(), secretKey); QCOMPARE(credentials.token(), token); }
//------------------------------------------------------------------------------ bool ofxWebServerBaseRouteHandler::isValidRequest(const Settings& settings, HTTPServerRequest& request, HTTPServerResponse& response) { string sessionId = ""; // extract cookie from request NameValueCollection cookies; request.getCookies(cookies); NameValueCollection::ConstIterator it = cookies.find(settings.sessionCookieName); if (it != cookies.end()) { sessionId = it->second; } else { sessionId = ofxWebServerSessionManager::generateSessionKey(request); HTTPCookie cookie(settings.sessionCookieName,sessionId); cookie.setPath("/"); // set no age, so it expires @ end of session response.addCookie(cookie); } // TODO: update session manager URI uri(request.getURI()); const string path = uri.getPath(); // just get the path if(settings.requireAuthentication) { if(request.hasCredentials()) { HTTPBasicCredentials credentials(request); const string& user = credentials.getUsername(); const string& pwd = credentials.getPassword(); if(settings.username == credentials.getUsername() && settings.password == credentials.getPassword()) { // add an authentication cookie? return true; } else { response.setStatusAndReason(HTTPResponse::HTTP_UNAUTHORIZED); sendErrorResponse(response); return false; } } else { response.requireAuthentication(settings.realm); response.setContentLength(0); response.send(); return false; } } else { return true; } }
std::string Server::getStatsDocument() const { std::ostringstream doc; doc << "clear();" << std::endl; for (auto it = _connections.begin(); it != _connections.end(); ++it) { doc << "connection({"; auto connection = it->first; jsonKeyPairToStream(doc, "since", EpochTimeAsLocal(it->second), "fd", connection->getFd(), "id", reinterpret_cast<uint64_t>(connection), "uri", connection->getRequestUri(), "addr", formatAddress(connection->getRemoteAddress()), "user", connection->credentials() ? connection->credentials()->username : "******", "input", connection->inputBufferSize(), "read", connection->bytesReceived(), "output", connection->outputBufferSize(), "written", connection->bytesSent() ); doc << "});" << std::endl; } return doc.str(); }
void TwitterAccount::authenticateSlot() { tDebug() << Q_FUNC_INFO; if ( m_twitterInfoPlugin.isNull() ) { if ( infoPlugin() && Tomahawk::InfoSystem::InfoSystem::instance()->workerThread() ) { infoPlugin().data()->moveToThread( Tomahawk::InfoSystem::InfoSystem::instance()->workerThread().data() ); Tomahawk::InfoSystem::InfoSystem::instance()->addInfoPlugin( infoPlugin() ); } } if ( m_isAuthenticating ) { tDebug( LOGVERBOSE ) << Q_FUNC_INFO << "Already authenticating"; return; } tDebug() << Q_FUNC_INFO << "credentials: " << credentials().keys(); if ( credentials()[ "oauthtoken" ].toString().isEmpty() || credentials()[ "oauthtokensecret" ].toString().isEmpty() ) { tDebug() << Q_FUNC_INFO << "TwitterSipPlugin has empty Twitter credentials; not connecting"; return; } if ( refreshTwitterAuth() ) { m_isAuthenticating = true; tDebug() << Q_FUNC_INFO << "Verifying credentials"; QTweetAccountVerifyCredentials *credVerifier = new QTweetAccountVerifyCredentials( m_twitterAuth.data(), this ); connect( credVerifier, SIGNAL( parsedUser( const QTweetUser & ) ), SLOT( connectAuthVerifyReply( const QTweetUser & ) ) ); credVerifier->verify(); } }
bool AccountInfoPanel::apply() { // Apply service information changes if (service) { // Apply anonymity if (service->isAnonymous() != anonymousCheckBox->isChecked() && anonymousCheckBox->isChecked()) { userName->setText(QString()); password->setText(QString()); } if (service->description() != descriptionLineEdit->text()) { service->setDescription(descriptionLineEdit->text()); } QVariantMap credentials(service->credentials()); bool credentialsModified = false; if (credentials.value("password") != password->text()) { credentials["password"] = password->text(); credentialsModified = true; } if (credentials.value("user") != userName->text()) { credentials["user"] = userName->text(); credentialsModified = true; } if (credentialsModified) { service->setCredentials(credentials); } if (service->isAnonymous() != anonymousCheckBox->isChecked()) { service->setAnonymous(anonymousCheckBox->isChecked()); } else if (credentialsModified && service->isEnabled() && !service->isAnonymous()) { // Reset and start a service in error if (service->serviceState() == Service::ErrorState) { service->reset(); service->start(); // Log off a started logged-in service } else if (service->serviceState() == Service::StartedState && service->isLoggedIn() && service->logOut()) { loop.exec(); } service->logIn(); } refreshInformation(); return true; } return false; }
void CLdapSecUser::copyTo(ISecUser& destination) { CLdapSecUser* dest = dynamic_cast<CLdapSecUser*>(&destination); if(!dest) return; dest->setAuthenticated(isAuthenticated()); dest->setName(getName()); dest->setFullName(getFullName()); dest->setFirstName(getFirstName()); dest->setLastName(getLastName()); dest->setRealm(getRealm()); dest->credentials().setPassword(credentials().getPassword()); dest->setUserSid(m_usersid.length(), m_usersid.toByteArray()); dest->setUserID(m_userid); dest->setPasswordExpiration(m_passwordExpiration); }
cloud_storage_account cloud_storage_account::parse_explicit_settings(std::map<utility::string_t, utility::string_t> settings) { utility::string_t blob_endpoint; utility::string_t queue_endpoint; utility::string_t table_endpoint; get_setting(settings, blob_endpoint_setting_string, blob_endpoint); get_setting(settings, queue_endpoint_setting_string, queue_endpoint); get_setting(settings, table_endpoint_setting_string, table_endpoint); storage_credentials credentials(get_credentials(settings)); if (settings.empty() && (!blob_endpoint.empty() || !queue_endpoint.empty() || !table_endpoint.empty())) { return cloud_storage_account(credentials, blob_endpoint.empty() ? storage_uri() : storage_uri(web::http::uri(blob_endpoint)), queue_endpoint.empty() ? storage_uri() : storage_uri(web::http::uri(queue_endpoint)), table_endpoint.empty() ? storage_uri() : storage_uri(web::http::uri(table_endpoint))); } return cloud_storage_account(); }
// we use syntool to authenticate because Qt's http library is very // unreliable, and since we're writing platform specific code, use the // synergy code since there we can use integ tests. QString PremiumAuth::request(const QString& email, const QString& password) { QString program(QCoreApplication::applicationDirPath() + "/syntool"); QStringList args("--premium-auth"); QProcess process; process.setReadChannel(QProcess::StandardOutput); process.start(program, args); bool success = process.waitForStarted(); QString out, error; if (success) { // hash password in case it contains interesting chars. QString credentials(email + ":" + hash(password) + "\n"); process.write(credentials.toStdString().c_str()); if (process.waitForFinished()) { out = process.readAllStandardOutput(); error = process.readAllStandardError(); } } out = out.trimmed(); error = error.trimmed(); if (out.isEmpty() || !error.isEmpty() || !success || process.exitCode() != 0) { throw std::runtime_error( QString("Code: %1\nError: %2") .arg(process.exitCode()) .arg(error.isEmpty() ? "Unknown" : error) .toStdString()); } return out; }
void CLdapSecUser::copyTo(ISecUser& destination) { if (this == &destination) return; CLdapSecUser* dest = dynamic_cast<CLdapSecUser*>(&destination); if(!dest) return; dest->setAuthenticateStatus(getAuthenticateStatus()); dest->setName(getName()); dest->setFullName(getFullName()); dest->setFirstName(getFirstName()); dest->setLastName(getLastName()); dest->setEmployeeID(getEmployeeID()); dest->setRealm(getRealm()); dest->credentials().setPassword(credentials().getPassword()); dest->setUserSid(m_usersid.length(), m_usersid.toByteArray()); dest->setUserID(m_userid); dest->setPasswordExpiration(m_passwordExpiration); dest->setDistinguishedName(m_distinguishedName); dest->credentials().setSessionToken(&m_sessionToken); dest->credentials().setSignature(&m_signature); }
QVariant CredentialsManager::credentials( const QString& serviceName, const QString& key ) const { return credentials( CredentialsStorageKey( serviceName, key ) ); }
void TestAwsBasicCredentials::isRefreshable() { // Basic credentials are not refreshable. AwsBasicCredentials credentials(QLatin1String(""), QLatin1String("")); QVERIFY(!credentials.isRefreshable()); }
void TestAwsBasicCredentials::isExpired() { // Basic credentials never expire. AwsBasicCredentials credentials(QLatin1String(""), QLatin1String("")); QVERIFY(!credentials.isExpired()); }
void HTTPHandler::processQuery( Poco::Net::HTTPServerRequest & request, HTMLForm & params, Poco::Net::HTTPServerResponse & response, Output & used_output) { Context context = server.context(); context.setGlobalContext(server.context()); CurrentThread::QueryScope query_scope(context); LOG_TRACE(log, "Request URI: " << request.getURI()); std::istream & istr = request.stream(); /// Part of the query can be passed in the 'query' parameter and the rest in the request body /// (http method need not necessarily be POST). In this case the entire query consists of the /// contents of the 'query' parameter, a line break and the request body. std::string query_param = params.get("query", ""); if (!query_param.empty()) query_param += '\n'; /// The user and password can be passed by headers (similar to X-Auth-*), /// which is used by load balancers to pass authentication information. std::string user = request.get("X-ClickHouse-User", ""); std::string password = request.get("X-ClickHouse-Key", ""); std::string quota_key = request.get("X-ClickHouse-Quota", ""); if (user.empty() && password.empty() && quota_key.empty()) { /// User name and password can be passed using query parameters /// or using HTTP Basic auth (both methods are insecure). if (request.hasCredentials()) { Poco::Net::HTTPBasicCredentials credentials(request); user = credentials.getUsername(); password = credentials.getPassword(); } else { user = params.get("user", "default"); password = params.get("password", ""); } quota_key = params.get("quota_key", ""); } else { /// It is prohibited to mix different authorization schemes. if (request.hasCredentials() || params.has("user") || params.has("password") || params.has("quota_key")) { throw Exception("Invalid authentication: it is not allowed to use X-ClickHouse HTTP headers and other authentication methods simultaneously", ErrorCodes::REQUIRED_PASSWORD); } } std::string query_id = params.get("query_id", ""); context.setUser(user, password, request.clientAddress(), quota_key); context.setCurrentQueryId(query_id); /// The user could specify session identifier and session timeout. /// It allows to modify settings, create temporary tables and reuse them in subsequent requests. std::shared_ptr<Context> session; String session_id; std::chrono::steady_clock::duration session_timeout; bool session_is_set = params.has("session_id"); const auto & config = server.config(); if (session_is_set) { session_id = params.get("session_id"); session_timeout = parseSessionTimeout(config, params); std::string session_check = params.get("session_check", ""); session = context.acquireSession(session_id, session_timeout, session_check == "1"); context = *session; context.setSessionContext(*session); } SCOPE_EXIT({ if (session_is_set) session->releaseSession(session_id, session_timeout); });