//--------------------------------------------------------------
void CloudsVHXAuth::update(ofEventArgs& args)
{
if (bNotifyComplete) {
//Wait to ensure the thread has stopped
//JG Added this... Elie please advise
waitForThread(true);
Mode completedMode = mode;
mode = WAITING;
if (completedMode == REQUEST_TOKEN) {
ofNotifyEvent(requestTokenComplete, completeArgs);
}
else if (completedMode == REFRESH_TOKEN) {
ofNotifyEvent(refreshTokenComplete, completeArgs);
}
else if (completedMode == REQUEST_CODE) {
ofNotifyEvent(requestCodeComplete, completeArgs);
}
else if (completedMode == LINK_CODE) {
ofNotifyEvent(linkCodeComplete, completeArgs);
}
else if (completedMode == VERIFY_PACKAGE) {
ofNotifyEvent(verifyPackageComplete, completeArgs);
}
bNotifyComplete = false;
}
time_t nowTime = (ofGetSystemTime() / 1000.f);
// Refresh token if it's expired.
if (mode == WAITING && _tokenExpiry && nowTime > _tokenExpiry) {
if (_refreshToken.empty()) {
requestToken();
}
else {
refreshToken();
}
}
// Reset code if it's expired.
if (_codeExpiry && nowTime > _codeExpiry) {
_code = "";
_codeExpiry = 0;
CloudsVHXEventArgs args;
ofNotifyEvent(codeExpired, args);
}
// Update state if package expired.
if (state == RENTAL && _packageExpiry && nowTime > _packageExpiry) {
state = EXPIRED;
CloudsVHXEventArgs args;
ofNotifyEvent(packageExpired, args);
}
}
void OAuth::loadFromSettings()
{
setExpireDateTime(settingsLoadExpiresDateTime());
setRefreshToken(settingsLoadRefreshToken());
setAccessToken(settingsLoadAccessToken());
setAccountUsername(settingsLoadUsername());
setIsLinked(refreshToken().length() > 0);
setCode(settingsLoadCode());
}
OAuth::OAuth() :
QObject()
{
// TODO Auto-generated constructor stub
loadFromSettings();
qDebug() << "[OAuth] << access_token: " << accessToken();
qDebug() << "[OAuth] << refresh_token: " << refreshToken();
qDebug() << "[OAuth] << expire_datetime: " << expireDateTime();
m_running = false;
}
void AuthorizedCommand::executeQuery()
{
emitStarted();
if (session()->accessToken().isEmpty())
{
if (session()->refreshToken().isEmpty())
emitError(AuthorizationNeeded, tr("Refresh token is empty, "
"you should to process authorization."));
else
refreshToken();
}
else
reexecuteQuery();
}
//--------------------------------------------------------------
bool CloudsVHXAuth::setup()
{
_keysPath = GetCloudsDataPath(true) + "vhx/client.bin";
_tokensPath = GetCloudsDataPath(true) + "vhx/tokens.bin";
// Load and decrypt the info from files on disk.
//string path = GetCloudsDataPath() + "vhx/client.bin";
if (CloudsCryptoLoadKeys(_clientId, _clientSecret, _packageId, _keysPath)) {
ofLogNotice("CloudsVHXAuth::setup") << "Loaded keys successfully:\n"
<< "\tClient ID: " << _clientId << "\n"
<< "\tClient Secret: " << _clientSecret << "\n"
<< "\tPackage ID: " << _packageId;
}
else {
ofLogError("CloudsVHXAuth::setup") << "Cannot open file at " << _keysPath;
}
if (CloudsCryptoLoadTokens(_accessToken, _refreshToken, _tokenExpiry, _tokensPath)) {
ofLogNotice("CloudsVHXAuth::setup") << "Loaded tokens successfully:\n"
<< "\tAccess Token: " << _accessToken << "\n"
<< "\tRefresh Token: " << _refreshToken << "\n"
<< "\tToken Expiry: " << _tokenExpiry;
}
else {
ofLogError("CloudsVHXAuth::setup") << "Cannot open file at " << _tokensPath;
_tokenExpiry = 0;
}
state = INACTIVE;
mode = WAITING;
bNotifyComplete = false;
ofAddListener(ofEvents().update, this, &CloudsVHXAuth::update);
if (_packageId.size() && _accessToken.size()) {
time_t nowTime = (ofGetSystemTime() / 1000.f);
if (_tokenExpiry > nowTime) {
// Try to verify the package immediately.
verifyPackage();
}
else {
// Refresh the token first, it's expired.
refreshToken();
}
return true;
}
return false;
}
void OAuth::authorizationReceivedToken(QString url)
{
QUrl tmp(url);
QUrl mUrl("?" + tmp.fragment()); // all info is in fragment, we have to transform it to be able to read
// if you sent State, expect it!
if (!m_state.isEmpty())
if (QString(mUrl.queryItemValue(OAUTH_STATE)) == QString(m_state)) {
qDebug() << "[OAuth.onAuthorizationReceived] State did not match! Received: " << mUrl.queryItemValue(OAUTH_STATE);
// TODO emit signal with error!
return;
}
if (mUrl.queryItemValue(OAUTH_ACCESS_TOKEN).size() == 0) {
return;
}
if (mUrl.queryItemValue(OAUTH_EXPIRES_IN).size() == 0) {
return;
}
if (mUrl.queryItemValue(OAUTH_TOKEN_TYPE).size() == 0) {
return;
}
// in some cases refresh token will not be received
/*if (mUrl.queryItemValue(OAUTH_REFRESH_TOKEN).size() == 0) {
return;
}*/
setAccessToken(mUrl.queryItemValue(OAUTH_ACCESS_TOKEN));
setExpiresIn(mUrl.queryItemValue(OAUTH_EXPIRES_IN).toInt());
setTokenType(mUrl.queryItemValue(OAUTH_TOKEN_TYPE));
setRefreshToken(mUrl.queryItemValue(OAUTH_REFRESH_TOKEN));
setCode(mUrl.queryItemValue(OAUTH_CODE));
settingsSaveCode(code());
settingsSaveAccessToken(accessToken());
settingsSaveRefreshToken(refreshToken());
// Not considered important?
if (mUrl.queryItemValue(OAUTH_ACCOUNT_USERNAME).size() > 0) {
setAccountUsername(mUrl.queryItemValue(OAUTH_ACCOUNT_USERNAME));
settingsSaveUsername(accountUsername());
}
setIsLinked(true);
emit closeBrowser();
m_running = false;
}
void CommandDownloadFile::requestFinished()
{
QNetworkReply* reply = qobject_cast<QNetworkReply*>(sender());
Q_ASSERT(reply);
if (!reply)
return;
if (reply->error() == QNetworkReply::AuthenticationRequiredError)
{
refreshToken();
return;
}
if (checkInvalidReplyAndRefreshToken(reply))
return;
emitSuccess();
}
void OAuth::getNewAccessToken()
{
// if two request refresh key at the same time only one request to be sent
if (isRunning())
return;
netManager = new QNetworkAccessManager();
if (!netManager) {
qDebug() << "Unable to create QNetworkAccessManager!";
//emit complete("Unable to create QNetworkAccessManager!", false);
return;
}
QUrl url(m_refresh_url);
//https://api.imgur.com/oauth2/token?client_id=2137fbd8fcb4a0a&client_secret=ffc769f3b79ac245e4d8871518d9617ceaf4b2cd&refresh_token=f1ae5cc3f2f231a29db009a54c5c5bb3ebc20684&grant_type=refresh_token
QNetworkRequest req(url);
req.setHeader(QNetworkRequest::ContentTypeHeader, "application/x-www-form-urlencoded");
QUrl postData;
postData.addQueryItem(OAUTH_CLIENT_ID, clientId().toAscii());
postData.addQueryItem(OAUTH_CLIENT_SECRET, clientSecret().toAscii());
// If redirect is required and available
if (!m_redirect_uri.isEmpty())
postData.addQueryItem(OAUTH_REDIRECT_URI, redirectURI().toAscii());
if (m_response_type == TOKEN) {
postData.addQueryItem(OAUTH_REFRESH_TOKEN, refreshToken().toAscii());
postData.addQueryItem(OAUTH_GRANT_TYPE, OAUTH_REFRESH_TOKEN);
} else {
postData.addQueryItem(OAUTH_CODE, code().toAscii());
postData.addQueryItem(OAUTH_GRANT_TYPE, OAUTH_AUTHORIZATION_CODE);
}
QNetworkReply* ipReply = netManager->post(req, postData.encodedQuery());
bool connectResult;
Q_UNUSED(connectResult);
connectResult = connect(netManager, SIGNAL(finished(QNetworkReply*)), this, SLOT(onNewAccessTokenReply(QNetworkReply*)));
Q_ASSERT(connectResult);
m_running = true;
}
void OAuth::onNewAccessTokenReply(QNetworkReply* reply)
{
QByteArray response = reply->readAll();
// if valid!
qDebug() << "[OAuth.onNetworkReply] reply" << response;
if (reply->error() > 0) {
qDebug() << "[OAuth.onNetworkReply] Network error! " << reply->errorString();
return;
}
QVariantMap result;
bb::data::JsonDataAccess jda;
result = jda.loadFromBuffer(response).toMap();
if (result["access_token"].toString().size() == 0) {
qDebug() << "[OAuth.onNetworkReply] Didn't get get access_token ";
//emit error?
return;
}
//[OAuth.onNetworkReply] reply "{"access_token":"09e6f53ee377f6xxxx","expires_in":3600,"token_type":"bearer","scope":null,"refresh_token":"c9517d8e0e489c422b745xxxxx","account_id":11140216,"account_username":"******"}"
// To make sure
if (result[OAUTH_ACCESS_TOKEN].toString().isEmpty())
return;
setAccessToken(result[OAUTH_ACCESS_TOKEN].toString());
setAccountUsername(result[OAUTH_ACCOUNT_USERNAME].toString());
setExpiresIn(result[OAUTH_EXPIRES_IN].toInt());
setIsLinked(true);
settingsSaveAccessToken(accessToken());
settingsSaveRefreshToken(refreshToken());
settingsSaveUsername(accountUsername());
settingsSaveExpiresDateTime(expiresIn());
emit accessTokenRefreshed();
reply->deleteLater();
}
bool AuthorizedCommand::checkForRefreshToken(const QVariantMap& map)
{
const QString cError("error");
if (!map.contains(cError))
return false;
const QVariantMap& errorMap = map.value(cError).toMap();
const QString& code = errorMap.value("code").toString();
const QString& message = errorMap.value("message").toString();
if (code == "403")
{
// full reauthorization is needed
emitError(AuthorizationNeeded, message);
return true;
}
if (code != "401")
return false;
refreshToken();
return true;
}
