Ejemplo n.º 1
0
bool DetermineAuthTypeJob::finished()
{
    QUrl redirection = reply()->attribute(QNetworkRequest::RedirectionTargetAttribute).toUrl();
    qDebug() << Q_FUNC_INFO << redirection.toString();
    if (_redirects >= maxRedirects()) {
        redirection.clear();
    }
    if ((reply()->error() == QNetworkReply::AuthenticationRequiredError) || redirection.isEmpty()) {
        emit authType(WizardCommon::HttpCreds);
    } else if (redirection.toString().endsWith(account()->davPath())) {
        // do a new run
        _redirects++;
        resetTimeout();
        setReply(getRequest(redirection));
        setupConnections(reply());
        return false; // don't discard
    } else {
        QRegExp shibbolethyWords("SAML|wayf");

        shibbolethyWords.setCaseSensitivity(Qt::CaseInsensitive);
        if (redirection.toString().contains(shibbolethyWords)) {
            emit authType(WizardCommon::Shibboleth);
        } else {
            // TODO: Send an error.
            // eh?
            emit authType(WizardCommon::HttpCreds);
        }
    }
    return true;
}
Ejemplo n.º 2
0
void DetermineAuthTypeJob::start()
{
    qCInfo(lcDetermineAuthTypeJob) << "Determining auth type for" << _account->davUrl();

    QNetworkRequest req;
    // Prevent HttpCredentialsAccessManager from setting an Authorization header.
    req.setAttribute(HttpCredentials::DontAddCredentialsAttribute, true);
    // Don't reuse previous auth credentials
    req.setAttribute(QNetworkRequest::AuthenticationReuseAttribute, QNetworkRequest::Manual);
    // Don't send cookies, we can't determine the auth type if we're logged in
    req.setAttribute(QNetworkRequest::CookieLoadControlAttribute, QNetworkRequest::Manual);

    // Start two parallel requests, one determines whether it's a shib server
    // and the other checks the HTTP auth method.
    auto get = _account->sendRequest("GET", _account->davUrl(), req);
    auto propfind = _account->sendRequest("PROPFIND", _account->davUrl(), req);
    get->setTimeout(30 * 1000);
    propfind->setTimeout(30 * 1000);
    get->setIgnoreCredentialFailure(true);
    propfind->setIgnoreCredentialFailure(true);

    connect(get, &AbstractNetworkJob::redirected, this, [this, get](QNetworkReply *, const QUrl &target, int) {
#ifndef NO_SHIBBOLETH
        QRegExp shibbolethyWords("SAML|wayf");
        shibbolethyWords.setCaseSensitivity(Qt::CaseInsensitive);
        if (target.toString().contains(shibbolethyWords)) {
            _resultGet = Shibboleth;
            get->setFollowRedirects(false);
        }
#endif
    });
    connect(get, &SimpleNetworkJob::finishedSignal, this, [this]() {
        _getDone = true;
        checkBothDone();
    });
    connect(propfind, &SimpleNetworkJob::finishedSignal, this, [this](QNetworkReply *reply) {
        auto authChallenge = reply->rawHeader("WWW-Authenticate").toLower();
        if (authChallenge.contains("bearer ")) {
            _resultPropfind = OAuth;
        } else if (authChallenge.isEmpty()) {
            qCWarning(lcDetermineAuthTypeJob) << "Did not receive WWW-Authenticate reply to auth-test PROPFIND";
        }
        _propfindDone = true;
        checkBothDone();
    });
}