/* static */
Request* Request::fromConsumerAndToken(
Consumer consumer,
Token token,
QString url,
Method method,
QMap<QString, QString> *parameters,
QObject *parent)
{
QMap<QString, QString> defaultParameters;
defaultParameters.insert(QString("oauth_version"), VERSION);
defaultParameters.insert(QString("oauth_nonce"), generateNonce());
defaultParameters.insert(QString("oauth_timestamp"), generateTimestamp());
defaultParameters.insert(QString("oauth_consumer_key"), consumer.getKey());
if (token.getKey().length() > 0) {
defaultParameters.insert(QString("oauth_token"), token.getKey());
}
if (parameters != 0) {
QMapIterator<QString, QString> it(*parameters);
while (it.hasNext()) {
it.next();
defaultParameters.insert(it.key(), it.value());
}
}
return new Request(method, url, &defaultParameters, parent);
}
QXmppSaslClientDigestMd5::QXmppSaslClientDigestMd5(QObject *parent)
: QXmppSaslClient(parent)
, m_nc("00000001")
, m_step(0)
{
m_cnonce = generateNonce();
}
QXmppSaslClientScram::QXmppSaslClientScram(QCryptographicHash::Algorithm algorithm, QObject *parent)
: QXmppSaslClient(parent)
, m_algorithm(algorithm)
, m_step(0)
{
Q_ASSERT(m_algorithm == QCryptographicHash::Sha1 || m_algorithm == QCryptographicHash::Sha256);
m_nonce = generateNonce();
if (m_algorithm == QCryptographicHash::Sha256) {
m_dklen = 32;
m_mechanism = "SCRAM-SHA-256";
} else {
m_dklen = 20;
m_mechanism = "SCRAM-SHA-1";
}
}
Chal* CredentialHandler::getServerChal(bool isServerAuthenticated) {
Chal* chal = NULL;
if (strcmp(serverAuthType, AUTH_TYPE_BASIC) == 0 && isServerAuthenticated == false) {
chal = Chal::getBasicChal();
} else if (strcmp(serverAuthType, AUTH_TYPE_MD5) == 0) { // MD5
chal = Chal::getMD5Chal();
char nonce[16];
generateNonce(nonce);
NextNonce* nextNonce = new NextNonce(nonce, 16);
chal->setNextNonce(nextNonce);
setServerNonce(nextNonce->getValueAsBase64());
}
return chal;
}
int SM_QDropbox::requestToken(bool blocking)
{
clearError();
QString sigmeth = signatureMethodString();
timestamp = QDateTime::currentMSecsSinceEpoch()/1000;
nonce = generateNonce(128);
QUrl url;
url.setUrl(apiurl.toString());
url.setPath(QString("/%1/oauth/request_token").arg(_version.left(1)));
QUrlQuery query;
query.addQueryItem("oauth_consumer_key",_appKey);
query.addQueryItem("oauth_nonce", nonce);
query.addQueryItem("oauth_signature_method", sigmeth);
query.addQueryItem("oauth_timestamp", QString::number(timestamp));
query.addQueryItem("oauth_version", _version);
QString signature = oAuthSign(url);
query.addQueryItem("oauth_signature", QUrl::toPercentEncoding(signature));
url.setQuery(query);
#ifdef SM_QTDROPBOX_DEBUG
qDebug() << "request token url: " << url.toString() << endl << "sig: " << signature << endl;
qDebug() << "sending request " << url.toString() << " to " << apiurl.toString() << endl;
#endif
int reqnr = sendRequest(url);
if(blocking)
{
requestMap[reqnr].type = SM_DROPBOX_REQ_RQBTOKN;
startEventLoop();
}
else
requestMap[reqnr].type = SM_DROPBOX_REQ_RQTOKEN;
return reqnr;
}
QNetworkRequest TwitterRequest::createRequest(const QUrl& requestUrl,
const QString httpMethod,
QVariantMap params)
{
QMap<QString, QString> requestHeaders;
QVariantMap::const_iterator i = params.constBegin();
while (i != params.constEnd()) {
requestHeaders.insert(i.key(), QUrl::toPercentEncoding(i.value().toString()));
++i;
}
if (!m_accessToken.isEmpty()) {
requestHeaders.insert(OAUTH_TOKEN, QUrl::toPercentEncoding(m_accessToken));
}
requestHeaders.insert(OAUTH_CONSUMER_KEY, QUrl::toPercentEncoding(m_consumerKey));
requestHeaders.insert(OAUTH_NONCE, QUrl::toPercentEncoding(generateNonce()));
requestHeaders.insert(OAUTH_SIGNATURE_METHOD, QUrl::toPercentEncoding("HMAC-SHA1"));
requestHeaders.insert(OAUTH_TIMESTAMP, QUrl::toPercentEncoding(currentTime()));
requestHeaders.insert(OAUTH_VERSION, QUrl::toPercentEncoding("1.0"));
// Create the base signature string and sign it with the secrets.
QString signatureBaseString = createSignatureBaseString(
requestUrl.toString(), requestHeaders, httpMethod);
QString signature = signRequest(signatureBaseString,
QString(m_consumerSecret) + '&' + m_accessTokenSecret);
requestHeaders.insert(OAUTH_SIGNATURE, QUrl::toPercentEncoding(signature));
// Generate authentication headers for the request.
QString authHeader = generateAuthHeader(requestHeaders);
QByteArray authHeaderByteArray = authHeader.toUtf8();
QNetworkRequest request(requestUrl);
request.setRawHeader(HTTP_HEADER_AUTHORIZATION, authHeaderByteArray);
return request;
}
/**
* Generates Authorization Header
* @param url url with query items embedded
* @param method type of http method
* @remarks If HttpMethod is POST put query items in url (QUrl::addEncodedQueryItem)
*/
QByteArray OAuth::generateAuthorizationHeader( const QUrl& url, HttpMethod method )
{
if (m_oauthToken.isEmpty() && m_oauthTokenSecret.isEmpty())
qDebug() << "OAuth tokens are empty!";
QByteArray timeStamp = generateTimeStamp();
QByteArray nonce = generateNonce();
QByteArray sigBase = generateSignatureBase(url, method, timeStamp, nonce);
QByteArray signature = generateSignatureHMACSHA1(sigBase);
QByteArray header;
header += "OAuth ";
header += "oauth_consumer_key=\"" + m_oauthConsumerKey + "\",";
if(!m_oauthToken.isEmpty())
header += "oauth_token=\"" + m_oauthToken + "\",";
header += "oauth_signature_method=\"HMAC-SHA1\",";
header += "oauth_signature=\"" + signature + "\",";
header += "oauth_timestamp=\"" + timeStamp + "\",";
header += "oauth_nonce=\"" + nonce + "\",";
header += "oauth_version=\"1.0\"";
return header;
}
QXmppSaslServerDigestMd5::QXmppSaslServerDigestMd5(QObject *parent)
: QXmppSaslServer(parent)
, m_step(0)
{
m_nonce = generateNonce();
}
void OAuth::updateNonceAndTimestamp() {
nonce = generateNonce();
epoch = oauth_timestamp();
}
void QWsServer::dataReceived()
{
QTcpSocket * tcpSocket = qobject_cast<QTcpSocket*>( sender() );
if (tcpSocket == 0)
return;
bool allHeadersFetched = false;
const QLatin1String emptyLine("\r\n");
while ( tcpSocket->canReadLine() )
{
QString line = tcpSocket->readLine();
if (line == emptyLine)
{
allHeadersFetched = true;
break;
}
headerBuffer[ tcpSocket ].append(line);
}
if (!allHeadersFetched)
return;
QString request( headerBuffer[ tcpSocket ].join("") );
QRegExp regExp;
regExp.setMinimal( true );
// Extract mandatory datas
// Version
regExp.setPattern( QWsServer::regExpVersionStr );
regExp.indexIn(request);
QString versionStr = regExp.cap(1);
EWebsocketVersion version;
if ( ! versionStr.isEmpty() )
{
version = (EWebsocketVersion)versionStr.toInt();
}
else if ( tcpSocket->bytesAvailable() >= 8 )
{
version = WS_V0;
request.append( tcpSocket->read(8) );
}
else
{
version = WS_VUnknow;
}
// Resource name
regExp.setPattern( QWsServer::regExpResourceNameStr );
regExp.indexIn(request);
QString resourceName = regExp.cap(1);
// Host (address & port)
regExp.setPattern( QWsServer::regExpHostStr );
regExp.indexIn(request);
QString host = regExp.cap(1);
QStringList hostTmp = host.split(':');
QString hostAddress = hostTmp[0];
QString hostPort;
if ( hostTmp.size() > 1 )
hostPort = hostTmp.last(); // fix for IPv6
// Key
QString key, key1, key2, key3;
if ( version >= WS_V4 )
{
regExp.setPattern( QWsServer::regExpKeyStr );
regExp.indexIn(request);
key = regExp.cap(1);
}
else
{
regExp.setPattern( QWsServer::regExpKey1Str );
regExp.indexIn(request);
key1 = regExp.cap(1);
regExp.setPattern( QWsServer::regExpKey2Str );
regExp.indexIn(request);
key2 = regExp.cap(1);
regExp.setPattern( QWsServer::regExpKey3Str );
regExp.indexIn(request);
key3 = regExp.cap(1);
}
////////////////////////////////////////////////////////////////////
// If the mandatory fields are not specified, we abord the connection to the Websocket server
if ( version == WS_VUnknow || resourceName.isEmpty() || hostAddress.isEmpty() || ( key.isEmpty() && ( key1.isEmpty() || key2.isEmpty() || key3.isEmpty() ) ) )
{
// Send bad request response
QString response = QWsServer::composeBadRequestResponse( QList<EWebsocketVersion>() << WS_V6 << WS_V7 << WS_V8 << WS_V13 );
tcpSocket->write( response.toUtf8() );
tcpSocket->flush();
return;
}
////////////////////////////////////////////////////////////////////
// Extract optional datas
// Origin
regExp.setPattern( QWsServer::regExpOriginStr );
if ( regExp.indexIn(request) == -1 )
{
regExp.setPattern( QWsServer::regExpOrigin2Str );
regExp.indexIn(request);
}
QString origin = regExp.cap(1);
// Protocol
regExp.setPattern( QWsServer::regExpProtocolStr );
regExp.indexIn(request);
QString protocol = regExp.cap(1);
// Extensions
regExp.setPattern( QWsServer::regExpExtensionsStr );
regExp.indexIn(request);
QString extensions = regExp.cap(1);
////////////////////////////////////////////////////////////////////
// Compose opening handshake response
QString response;
if ( version >= WS_V6 )
{
QString accept = computeAcceptV4( key );
response = QWsServer::composeOpeningHandshakeResponseV6( accept, protocol );
}
else if ( version >= WS_V4 )
{
QString accept = computeAcceptV4( key );
QString nonce = generateNonce();
response = QWsServer::composeOpeningHandshakeResponseV4( accept, nonce, protocol );
}
else
{
QString accept = computeAcceptV0( key1, key2, key3 );
response = QWsServer::composeOpeningHandshakeResponseV0( accept, origin, hostAddress, hostPort, resourceName , protocol );
}
// Handshake OK, disconnect readyRead
disconnect( tcpSocket, SIGNAL(readyRead()), this, SLOT(dataReceived()) );
// Send opening handshake response
if ( version == WS_V0 )
tcpSocket->write( response.toLatin1() );
else
tcpSocket->write( response.toUtf8() );
tcpSocket->flush();
QWsSocket * wsSocket = new QWsSocket( this, tcpSocket, version );
wsSocket->setResourceName( resourceName );
wsSocket->setHost( host );
wsSocket->setHostAddress( hostAddress );
wsSocket->setHostPort( hostPort.toInt() );
wsSocket->setOrigin( origin );
wsSocket->setProtocol( protocol );
wsSocket->setExtensions( extensions );
wsSocket->serverSideSocket = true;
// ORIGINAL CODE
//int socketDescriptor = tcpSocket->socketDescriptor();
//incomingConnection( socketDescriptor );
// CHANGED CODE FOR LINUX COMPATIBILITY
addPendingConnection( wsSocket );
emit newConnection();
}
