void OAuthWebViewHandler::displayWebviewForAuthorizationURL(const QUrl& authorizationURL) { if (!_activeWebView) { if (!_lastAuthorizationURL.isEmpty()) { if (_lastAuthorizationURL.host() == authorizationURL.host() && _webViewRedisplayTimer.elapsed() < WEB_VIEW_REDISPLAY_ELAPSED_MSECS) { // this would be re-displaying an OAuth dialog for the same auth URL inside of the redisplay ms // so return instead return; } } _lastAuthorizationURL = authorizationURL; _activeWebView = new QWebView; // keep the window on top and delete it when it closes _activeWebView->setWindowFlags(Qt::Sheet); _activeWebView->setAttribute(Qt::WA_DeleteOnClose); qDebug() << "Displaying QWebView for OAuth authorization at" << authorizationURL.toString(); AccountManager& accountManager = AccountManager::getInstance(); QUrl codedAuthorizationURL = authorizationURL; // check if we have an access token for this host - if so we can bypass login by adding it to the URL if (accountManager.getAuthURL().host() == authorizationURL.host() && accountManager.hasValidAccessToken()) { const QString ACCESS_TOKEN_QUERY_STRING_KEY = "access_token"; QUrlQuery authQuery(codedAuthorizationURL); authQuery.addQueryItem(ACCESS_TOKEN_QUERY_STRING_KEY, accountManager.getAccountInfo().getAccessToken().token); codedAuthorizationURL.setQuery(authQuery); } connect(_activeWebView.data(), &QWebView::urlChanged, this, &OAuthWebViewHandler::handleURLChanged); _activeWebView->load(codedAuthorizationURL); connect(_activeWebView->page()->networkAccessManager(), &QNetworkAccessManager::sslErrors, this, &OAuthWebViewHandler::handleSSLErrors); connect(_activeWebView->page()->networkAccessManager(), &QNetworkAccessManager::finished, this, &OAuthWebViewHandler::handleReplyFinished); connect(_activeWebView.data(), &QWebView::loadFinished, this, &OAuthWebViewHandler::handleLoadFinished); // connect to the destroyed signal so after the web view closes we can start a timer connect(_activeWebView.data(), &QWebView::destroyed, this, &OAuthWebViewHandler::handleWebViewDestroyed); } }
void OAuthWebViewHandler::handleLoadFinished(bool success) { if (success && _activeWebView->url().host() == NodeList::getInstance()->getDomainHandler().getHostname()) { qDebug() << "OAuth authorization code passed successfully to domain-server."; // grab the UUID that is set as the state parameter in the auth URL // since that is our new session UUID QUrlQuery authQuery(_activeWebView->url()); const QString AUTH_STATE_QUERY_KEY = "state"; NodeList::getInstance()->setSessionUUID(QUuid(authQuery.queryItemValue(AUTH_STATE_QUERY_KEY))); _activeWebView->close(); } }