/* static */ Request* Request::fromConsumerAndToken( Consumer consumer, Token token, QString url, Method method, QMap<QString, QString> *parameters, QObject *parent) { QMap<QString, QString> defaultParameters; defaultParameters.insert(QString("oauth_version"), VERSION); defaultParameters.insert(QString("oauth_nonce"), generateNonce()); defaultParameters.insert(QString("oauth_timestamp"), generateTimestamp()); defaultParameters.insert(QString("oauth_consumer_key"), consumer.getKey()); if (token.getKey().length() > 0) { defaultParameters.insert(QString("oauth_token"), token.getKey()); } if (parameters != 0) { QMapIterator<QString, QString> it(*parameters); while (it.hasNext()) { it.next(); defaultParameters.insert(it.key(), it.value()); } } return new Request(method, url, &defaultParameters, parent); }
QXmppSaslClientDigestMd5::QXmppSaslClientDigestMd5(QObject *parent) : QXmppSaslClient(parent) , m_nc("00000001") , m_step(0) { m_cnonce = generateNonce(); }
QXmppSaslClientScram::QXmppSaslClientScram(QCryptographicHash::Algorithm algorithm, QObject *parent) : QXmppSaslClient(parent) , m_algorithm(algorithm) , m_step(0) { Q_ASSERT(m_algorithm == QCryptographicHash::Sha1 || m_algorithm == QCryptographicHash::Sha256); m_nonce = generateNonce(); if (m_algorithm == QCryptographicHash::Sha256) { m_dklen = 32; m_mechanism = "SCRAM-SHA-256"; } else { m_dklen = 20; m_mechanism = "SCRAM-SHA-1"; } }
Chal* CredentialHandler::getServerChal(bool isServerAuthenticated) { Chal* chal = NULL; if (strcmp(serverAuthType, AUTH_TYPE_BASIC) == 0 && isServerAuthenticated == false) { chal = Chal::getBasicChal(); } else if (strcmp(serverAuthType, AUTH_TYPE_MD5) == 0) { // MD5 chal = Chal::getMD5Chal(); char nonce[16]; generateNonce(nonce); NextNonce* nextNonce = new NextNonce(nonce, 16); chal->setNextNonce(nextNonce); setServerNonce(nextNonce->getValueAsBase64()); } return chal; }
int SM_QDropbox::requestToken(bool blocking) { clearError(); QString sigmeth = signatureMethodString(); timestamp = QDateTime::currentMSecsSinceEpoch()/1000; nonce = generateNonce(128); QUrl url; url.setUrl(apiurl.toString()); url.setPath(QString("/%1/oauth/request_token").arg(_version.left(1))); QUrlQuery query; query.addQueryItem("oauth_consumer_key",_appKey); query.addQueryItem("oauth_nonce", nonce); query.addQueryItem("oauth_signature_method", sigmeth); query.addQueryItem("oauth_timestamp", QString::number(timestamp)); query.addQueryItem("oauth_version", _version); QString signature = oAuthSign(url); query.addQueryItem("oauth_signature", QUrl::toPercentEncoding(signature)); url.setQuery(query); #ifdef SM_QTDROPBOX_DEBUG qDebug() << "request token url: " << url.toString() << endl << "sig: " << signature << endl; qDebug() << "sending request " << url.toString() << " to " << apiurl.toString() << endl; #endif int reqnr = sendRequest(url); if(blocking) { requestMap[reqnr].type = SM_DROPBOX_REQ_RQBTOKN; startEventLoop(); } else requestMap[reqnr].type = SM_DROPBOX_REQ_RQTOKEN; return reqnr; }
QNetworkRequest TwitterRequest::createRequest(const QUrl& requestUrl, const QString httpMethod, QVariantMap params) { QMap<QString, QString> requestHeaders; QVariantMap::const_iterator i = params.constBegin(); while (i != params.constEnd()) { requestHeaders.insert(i.key(), QUrl::toPercentEncoding(i.value().toString())); ++i; } if (!m_accessToken.isEmpty()) { requestHeaders.insert(OAUTH_TOKEN, QUrl::toPercentEncoding(m_accessToken)); } requestHeaders.insert(OAUTH_CONSUMER_KEY, QUrl::toPercentEncoding(m_consumerKey)); requestHeaders.insert(OAUTH_NONCE, QUrl::toPercentEncoding(generateNonce())); requestHeaders.insert(OAUTH_SIGNATURE_METHOD, QUrl::toPercentEncoding("HMAC-SHA1")); requestHeaders.insert(OAUTH_TIMESTAMP, QUrl::toPercentEncoding(currentTime())); requestHeaders.insert(OAUTH_VERSION, QUrl::toPercentEncoding("1.0")); // Create the base signature string and sign it with the secrets. QString signatureBaseString = createSignatureBaseString( requestUrl.toString(), requestHeaders, httpMethod); QString signature = signRequest(signatureBaseString, QString(m_consumerSecret) + '&' + m_accessTokenSecret); requestHeaders.insert(OAUTH_SIGNATURE, QUrl::toPercentEncoding(signature)); // Generate authentication headers for the request. QString authHeader = generateAuthHeader(requestHeaders); QByteArray authHeaderByteArray = authHeader.toUtf8(); QNetworkRequest request(requestUrl); request.setRawHeader(HTTP_HEADER_AUTHORIZATION, authHeaderByteArray); return request; }
/** * Generates Authorization Header * @param url url with query items embedded * @param method type of http method * @remarks If HttpMethod is POST put query items in url (QUrl::addEncodedQueryItem) */ QByteArray OAuth::generateAuthorizationHeader( const QUrl& url, HttpMethod method ) { if (m_oauthToken.isEmpty() && m_oauthTokenSecret.isEmpty()) qDebug() << "OAuth tokens are empty!"; QByteArray timeStamp = generateTimeStamp(); QByteArray nonce = generateNonce(); QByteArray sigBase = generateSignatureBase(url, method, timeStamp, nonce); QByteArray signature = generateSignatureHMACSHA1(sigBase); QByteArray header; header += "OAuth "; header += "oauth_consumer_key=\"" + m_oauthConsumerKey + "\","; if(!m_oauthToken.isEmpty()) header += "oauth_token=\"" + m_oauthToken + "\","; header += "oauth_signature_method=\"HMAC-SHA1\","; header += "oauth_signature=\"" + signature + "\","; header += "oauth_timestamp=\"" + timeStamp + "\","; header += "oauth_nonce=\"" + nonce + "\","; header += "oauth_version=\"1.0\""; return header; }
QXmppSaslServerDigestMd5::QXmppSaslServerDigestMd5(QObject *parent) : QXmppSaslServer(parent) , m_step(0) { m_nonce = generateNonce(); }
void OAuth::updateNonceAndTimestamp() { nonce = generateNonce(); epoch = oauth_timestamp(); }
void QWsServer::dataReceived() { QTcpSocket * tcpSocket = qobject_cast<QTcpSocket*>( sender() ); if (tcpSocket == 0) return; bool allHeadersFetched = false; const QLatin1String emptyLine("\r\n"); while ( tcpSocket->canReadLine() ) { QString line = tcpSocket->readLine(); if (line == emptyLine) { allHeadersFetched = true; break; } headerBuffer[ tcpSocket ].append(line); } if (!allHeadersFetched) return; QString request( headerBuffer[ tcpSocket ].join("") ); QRegExp regExp; regExp.setMinimal( true ); // Extract mandatory datas // Version regExp.setPattern( QWsServer::regExpVersionStr ); regExp.indexIn(request); QString versionStr = regExp.cap(1); EWebsocketVersion version; if ( ! versionStr.isEmpty() ) { version = (EWebsocketVersion)versionStr.toInt(); } else if ( tcpSocket->bytesAvailable() >= 8 ) { version = WS_V0; request.append( tcpSocket->read(8) ); } else { version = WS_VUnknow; } // Resource name regExp.setPattern( QWsServer::regExpResourceNameStr ); regExp.indexIn(request); QString resourceName = regExp.cap(1); // Host (address & port) regExp.setPattern( QWsServer::regExpHostStr ); regExp.indexIn(request); QString host = regExp.cap(1); QStringList hostTmp = host.split(':'); QString hostAddress = hostTmp[0]; QString hostPort; if ( hostTmp.size() > 1 ) hostPort = hostTmp.last(); // fix for IPv6 // Key QString key, key1, key2, key3; if ( version >= WS_V4 ) { regExp.setPattern( QWsServer::regExpKeyStr ); regExp.indexIn(request); key = regExp.cap(1); } else { regExp.setPattern( QWsServer::regExpKey1Str ); regExp.indexIn(request); key1 = regExp.cap(1); regExp.setPattern( QWsServer::regExpKey2Str ); regExp.indexIn(request); key2 = regExp.cap(1); regExp.setPattern( QWsServer::regExpKey3Str ); regExp.indexIn(request); key3 = regExp.cap(1); } //////////////////////////////////////////////////////////////////// // If the mandatory fields are not specified, we abord the connection to the Websocket server if ( version == WS_VUnknow || resourceName.isEmpty() || hostAddress.isEmpty() || ( key.isEmpty() && ( key1.isEmpty() || key2.isEmpty() || key3.isEmpty() ) ) ) { // Send bad request response QString response = QWsServer::composeBadRequestResponse( QList<EWebsocketVersion>() << WS_V6 << WS_V7 << WS_V8 << WS_V13 ); tcpSocket->write( response.toUtf8() ); tcpSocket->flush(); return; } //////////////////////////////////////////////////////////////////// // Extract optional datas // Origin regExp.setPattern( QWsServer::regExpOriginStr ); if ( regExp.indexIn(request) == -1 ) { regExp.setPattern( QWsServer::regExpOrigin2Str ); regExp.indexIn(request); } QString origin = regExp.cap(1); // Protocol regExp.setPattern( QWsServer::regExpProtocolStr ); regExp.indexIn(request); QString protocol = regExp.cap(1); // Extensions regExp.setPattern( QWsServer::regExpExtensionsStr ); regExp.indexIn(request); QString extensions = regExp.cap(1); //////////////////////////////////////////////////////////////////// // Compose opening handshake response QString response; if ( version >= WS_V6 ) { QString accept = computeAcceptV4( key ); response = QWsServer::composeOpeningHandshakeResponseV6( accept, protocol ); } else if ( version >= WS_V4 ) { QString accept = computeAcceptV4( key ); QString nonce = generateNonce(); response = QWsServer::composeOpeningHandshakeResponseV4( accept, nonce, protocol ); } else { QString accept = computeAcceptV0( key1, key2, key3 ); response = QWsServer::composeOpeningHandshakeResponseV0( accept, origin, hostAddress, hostPort, resourceName , protocol ); } // Handshake OK, disconnect readyRead disconnect( tcpSocket, SIGNAL(readyRead()), this, SLOT(dataReceived()) ); // Send opening handshake response if ( version == WS_V0 ) tcpSocket->write( response.toLatin1() ); else tcpSocket->write( response.toUtf8() ); tcpSocket->flush(); QWsSocket * wsSocket = new QWsSocket( this, tcpSocket, version ); wsSocket->setResourceName( resourceName ); wsSocket->setHost( host ); wsSocket->setHostAddress( hostAddress ); wsSocket->setHostPort( hostPort.toInt() ); wsSocket->setOrigin( origin ); wsSocket->setProtocol( protocol ); wsSocket->setExtensions( extensions ); wsSocket->serverSideSocket = true; // ORIGINAL CODE //int socketDescriptor = tcpSocket->socketDescriptor(); //incomingConnection( socketDescriptor ); // CHANGED CODE FOR LINUX COMPATIBILITY addPendingConnection( wsSocket ); emit newConnection(); }