void QgsAuthConfigSelect::populateConfigSelector()
{
loadAvailableConfigs();
validateConfig();
cmbConfigSelect->blockSignals( true );
cmbConfigSelect->clear();
cmbConfigSelect->addItem( tr( "No authentication" ), "0" );
QgsStringMap sortmap;
QgsAuthMethodConfigsMap::const_iterator cit = mConfigs.constBegin();
for ( cit = mConfigs.constBegin(); cit != mConfigs.constEnd(); ++cit )
{
QgsAuthMethodConfig config = cit.value();
sortmap.insert( config.name(), cit.key() );
}
QgsStringMap::const_iterator sm = sortmap.constBegin();
for ( sm = sortmap.constBegin(); sm != sortmap.constEnd(); ++sm )
{
cmbConfigSelect->addItem( sm.key(), sm.value() );
}
cmbConfigSelect->blockSignals( false );
int indx = 0;
if ( !mAuthCfg.isEmpty() )
{
indx = cmbConfigSelect->findData( mAuthCfg );
}
cmbConfigSelect->setCurrentIndex( indx > 0 ? indx : 0 );
}
void QgsAuthIdentCertMethod::updateMethodConfig( QgsAuthMethodConfig &mconfig )
{
QMutexLocker locker( &mMutex );
if ( mconfig.hasConfig( QStringLiteral( "oldconfigstyle" ) ) )
{
QgsDebugMsg( QStringLiteral( "Updating old style auth method config" ) );
QStringList conflist = mconfig.config( QStringLiteral( "oldconfigstyle" ) ).split( QStringLiteral( "|||" ) );
mconfig.setConfig( QStringLiteral( "certid" ), conflist.at( 0 ) );
mconfig.removeConfig( QStringLiteral( "oldconfigstyle" ) );
}
// TODO: add updates as method version() increases due to config storage changes
}
void QgsAuthBasicMethod::updateMethodConfig( QgsAuthMethodConfig &mconfig )
{
if ( mconfig.hasConfig( "oldconfigstyle" ) )
{
QgsDebugMsg( "Updating old style auth method config" );
QStringList conflist = mconfig.config( "oldconfigstyle" ).split( "|||" );
mconfig.setConfig( "realm", conflist.at( 0 ) );
mconfig.setConfig( "username", conflist.at( 1 ) );
mconfig.setConfig( "password", conflist.at( 2 ) );
mconfig.removeConfig( "oldconfigstyle" );
}
// TODO: add updates as method version() increases due to config storage changes
}
void QgsAuthEsriTokenMethod::updateMethodConfig( QgsAuthMethodConfig &mconfig )
{
if ( mconfig.hasConfig( QStringLiteral( "oldconfigstyle" ) ) )
{
QgsDebugMsg( QStringLiteral( "Updating old style auth method config" ) );
}
// NOTE: add updates as method version() increases due to config storage changes
}
bool QgsAuthBasicMethod::updateDataSourceUriItems( QStringList &connectionItems, const QString &authcfg,
const QString &dataprovider )
{
Q_UNUSED( dataprovider )
QgsAuthMethodConfig mconfig = getMethodConfig( authcfg );
if ( !mconfig.isValid() )
{
QgsDebugMsg( QString( "Update URI items FAILED for authcfg: %1: basic config invalid" ).arg( authcfg ) );
return false;
}
QString username = mconfig.config( "username" );
QString password = mconfig.config( "password" );
if ( username.isEmpty() )
{
QgsDebugMsg( QString( "Update URI items FAILED for authcfg: %1: username empty" ).arg( authcfg ) );
return false;
}
QString userparam = "user='******'\'';
int userindx = connectionItems.indexOf( QRegExp( "^user='******'******'\'';
int passindx = connectionItems.indexOf( QRegExp( "^password='.*" ) );
if ( passindx != -1 )
{
connectionItems.replace( passindx, passparam );
}
else
{
connectionItems.append( passparam );
}
return true;
}
bool QgsAuthEsriTokenMethod::updateNetworkRequest( QNetworkRequest &request, const QString &authcfg,
const QString &dataprovider )
{
Q_UNUSED( dataprovider );
QgsAuthMethodConfig mconfig = getMethodConfig( authcfg );
if ( !mconfig.isValid() )
{
QgsDebugMsg( QStringLiteral( "Update request config FAILED for authcfg: %1: config invalid" ).arg( authcfg ) );
return false;
}
const QString token = mconfig.config( QStringLiteral( "token" ) );
if ( !token.isEmpty() )
{
request.setRawHeader( "X-Esri-Authorization", QStringLiteral( "Bearer %1 " ).arg( token ).toLocal8Bit() );
}
return true;
}
void QgsAuthConfigSelect::loadConfig()
{
clearConfig();
if ( !mAuthCfg.isEmpty() && mConfigs.contains( mAuthCfg ) )
{
QgsAuthMethodConfig config = mConfigs.value( mAuthCfg );
QgsAuthMethod * authmethod = QgsAuthManager::instance()->configAuthMethod( mAuthCfg );
QString methoddesc = tr( "Missing authentication method description" );
if ( authmethod )
{
methoddesc = authmethod->description();
}
leConfigMethodDesc->setText( methoddesc );
leConfigMethodDesc->setCursorPosition( 0 ); // left justify
leConfigId->setText( config.id() );
btnConfigEdit->setEnabled( true );
btnConfigRemove->setEnabled( true );
}
emit selectedConfigIdChanged( mAuthCfg );
}
bool QgsAuthBasicMethod::updateNetworkRequest( QNetworkRequest &request, const QString &authcfg,
const QString &dataprovider )
{
Q_UNUSED( dataprovider )
QgsAuthMethodConfig mconfig = getMethodConfig( authcfg );
if ( !mconfig.isValid() )
{
QgsDebugMsg( QString( "Update request config FAILED for authcfg: %1: config invalid" ).arg( authcfg ) );
return false;
}
QString username = mconfig.config( "username" );
QString password = mconfig.config( "password" );
if ( !username.isEmpty() )
{
request.setRawHeader( "Authorization", "Basic " + QString( "%1:%2" ).arg( username, password ).toLatin1().toBase64() );
}
return true;
}
QgsPkiConfigBundle *QgsAuthIdentCertMethod::getPkiConfigBundle( const QString &authcfg )
{
QMutexLocker locker( &mMutex );
QgsPkiConfigBundle *bundle = nullptr;
// check if it is cached
if ( sPkiConfigBundleCache.contains( authcfg ) )
{
bundle = sPkiConfigBundleCache.value( authcfg );
if ( bundle )
{
QgsDebugMsg( QStringLiteral( "Retrieved PKI bundle for authcfg %1" ).arg( authcfg ) );
return bundle;
}
}
// else build PKI bundle
QgsAuthMethodConfig mconfig;
if ( !QgsApplication::authManager()->loadAuthenticationConfig( authcfg, mconfig, true ) )
{
QgsDebugMsg( QStringLiteral( "PKI bundle for authcfg %1: FAILED to retrieve config" ).arg( authcfg ) );
return bundle;
}
// get identity from database
QPair<QSslCertificate, QSslKey> cibundle( QgsApplication::authManager()->certIdentityBundle( mconfig.config( QStringLiteral( "certid" ) ) ) );
// init client cert
// Note: if this is not valid, no sense continuing
QSslCertificate clientcert( cibundle.first );
if ( !QgsAuthCertUtils::certIsViable( clientcert ) )
{
QgsDebugMsg( QStringLiteral( "PKI bundle for authcfg %1: insert FAILED, client cert is not viable" ).arg( authcfg ) );
return bundle;
}
// init key
QSslKey clientkey( cibundle.second );
if ( clientkey.isNull() )
{
QgsDebugMsg( QStringLiteral( "PKI bundle for authcfg %1: insert FAILED, PEM cert key could not be created" ).arg( authcfg ) );
return bundle;
}
bundle = new QgsPkiConfigBundle( mconfig, clientcert, clientkey );
// cache bundle
putPkiConfigBundle( authcfg, bundle );
return bundle;
}
bool QgsAuthMethodConfig::operator==( const QgsAuthMethodConfig &other ) const
{
return ( other.id() == id()
&& other.name() == name()
&& other.uri() == uri()
&& other.method() == method()
&& other.version() == version()
&& other.configMap() == configMap() );
}
QgsAuthMethodConfig::QgsAuthMethodConfig( const QgsAuthMethodConfig &methodconfig )
: mId( methodconfig.id() )
, mName( methodconfig.name() )
, mUri( methodconfig.uri() )
, mMethod( methodconfig.method() )
, mVersion( methodconfig.version() )
, mConfigMap( methodconfig.configMap() )
{
}
void QgsAuthConfigSelect::loadConfig()
{
clearConfig();
if ( !mAuthCfg.isEmpty() && mConfigs.contains( mAuthCfg ) )
{
QgsAuthMethodConfig config = mConfigs.value( mAuthCfg );
QgsAuthMethod *authmethod = QgsAuthManager::instance()->configAuthMethod( mAuthCfg );
QString methoddesc = tr( "Missing authentication method description" );
if ( authmethod )
{
methoddesc = authmethod->description();
}
cmbConfigSelect->setToolTip( tr( "<ul><li><b>Method type:</b> %1</li>"
"<li><b>Configuration ID:</b> %2</li></ul>" ).arg( methoddesc, config.id( ) ) );
btnConfigEdit->setEnabled( true );
btnConfigRemove->setEnabled( true );
}
emit selectedConfigIdChanged( mAuthCfg );
}
