/**************************************************************************** ** ** Copyright (C) 2016 The Qt Company Ltd. ** Contact: https://www.qt.io/licensing/ ** ** This file is part of the QtNetwork module of the Qt Toolkit. ** ** $QT_BEGIN_LICENSE:LGPL$ ** Commercial License Usage ** Licensees holding valid commercial Qt licenses may use this file in ** accordance with the commercial license agreement provided with the ** Software or, alternatively, in accordance with the terms contained in ** a written agreement between you and The Qt Company. For licensing terms ** and conditions see https://www.qt.io/terms-conditions. For further ** information use the contact form at https://www.qt.io/contact-us. ** ** GNU Lesser General Public License Usage ** Alternatively, this file may be used under the terms of the GNU Lesser ** General Public License version 3 as published by the Free Software ** Foundation and appearing in the file LICENSE.LGPL3 included in the ** packaging of this file. Please review the following information to ** ensure the GNU Lesser General Public License version 3 requirements ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html. ** ** GNU General Public License Usage ** Alternatively, this file may be used under the terms of the GNU ** General Public License version 2.0 or (at your option) the GNU General ** Public license version 3 or any later version approved by the KDE Free ** Qt Foundation. The licenses are as published by the Free Software ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3 ** included in the packaging of this file. Please review the following ** information to ensure the GNU General Public License requirements will ** be met: https://www.gnu.org/licenses/gpl-2.0.html and ** https://www.gnu.org/licenses/gpl-3.0.html. ** ** $QT_END_LICENSE$ ** ****************************************************************************/ #ifndef QT_NO_HTTP #include #include #include #include #include #include #include #include #include #include #include QT_BEGIN_NAMESPACE QOAuth2AuthorizationCodeFlowPrivate::QOAuth2AuthorizationCodeFlowPrivate( QNetworkAccessManager *manager) : QAbstractOAuth2Private(manager) {} void QOAuth2AuthorizationCodeFlowPrivate::_q_handleCallback(const QVariantMap &data) { Q_Q(QOAuth2AuthorizationCodeFlow); typedef QAbstractOAuth2Private::OAuth2KeyString Key; if (status != QAbstractOAuth::Status::NotAuthenticated) { qWarning("QOAuth2AuthorizationCodeFlow: Unexpected call"); return; } Q_ASSERT(!state.isEmpty()); const QString error = data.value(Key::error).toString(); const QString code = data.value(Key::code).toString(); const QString receivedState = data.value(Key::state).toString(); if (error.size()) { const QString uri = data.value(Key::errorUri).toString(); const QString description = data.value(Key::errorDescription).toString(); qCritical("QOAuth2AuthorizationCodeFlow: AuthenticationError: %s(%s): %s", qPrintable(error), qPrintable(uri), qPrintable(description)); return; } else if (code.isEmpty()) { qCritical("QOAuth2AuthorizationCodeFlow: AuthenticationError: Code not received"); return; } else if (receivedState.isEmpty()) { qCritical("QOAuth2AuthorizationCodeFlow: State not received"); return; } else if (state != receivedState) { qCritical("QOAuth2AuthorizationCodeFlow: State mismatch"); return; } setStatus(QAbstractOAuth::Status::TemporaryTokenReceived); QVariantMap copy(data); copy.remove(Key::code); extraTokens = copy; q->requestAccessToken(code); } void QOAuth2AuthorizationCodeFlowPrivate::_q_accessTokenRequestFinished(QNetworkReply *reply) { Q_Q(QOAuth2AuthorizationCodeFlow); typedef QAbstractOAuth2Private::OAuth2KeyString Key; if (reply != currentReply) return; if (reply->error() == QNetworkReply::UnknownNetworkError) { qWarning("QOAuth2AuthorizationCodeFlow: %s", qPrintable(reply->errorString())); setStatus(QAbstractOAuth::Status::NotAuthenticated); return; } const QByteArray json = reply->readAll(); Q_EMIT q->replyDataReceived(json); if (json.isEmpty()) { qCritical("QOAuth2AuthorizationCodeFlowPrivate::accessTokenRequestFinished: Empty answer"); return; } qDebug("QOAuth2AuthorizationCodeFlowPrivate::accessTokenRequestFinished: %s", qPrintable(json)); const auto document = QJsonDocument::fromJson(json); Q_ASSERT(document.isObject()); const auto object = document.object(); if (object.contains(Key::error)) { const QString error = object.value(Key::error).toString(); qCritical("QOAuth2AuthorizationCodeFlow Error: %s", qPrintable(error)); return; } const QString accessToken = object.value(Key::accessToken).toString(); tokenType = object.value(Key::tokenType).toString(); const int expiresIn = object.value(Key::expiresIn).toInt(-1); refreshToken = object.value(Key::refreshToken).toString(); scope = object.value(Key::scope).toString(); if (accessToken.isEmpty()) { qWarning("QOAuth2AuthorizationCodeFlow: Access token not received"); return; } q->setToken(accessToken); expiresAt = expiresIn > 0 ? QDateTime::currentDateTime().addSecs(expiresIn) : QDateTime(); setStatus(QAbstractOAuth::Status::Granted); } void QOAuth2AuthorizationCodeFlowPrivate::_q_authenticate(QNetworkReply *reply, QAuthenticator *authenticator) { if (reply == currentReply){ const auto url = reply->url(); if (url == accessTokenUrl) { authenticator->setUser(clientCredentials.first); authenticator->setPassword(QString()); } } } QOAuth2AuthorizationCodeFlow::QOAuth2AuthorizationCodeFlow(QObject *parent) : QAbstractOAuth2(*new QOAuth2AuthorizationCodeFlowPrivate, parent) {} QOAuth2AuthorizationCodeFlow::QOAuth2AuthorizationCodeFlow(QNetworkAccessManager *manager, QObject *parent) : QAbstractOAuth2(*new QOAuth2AuthorizationCodeFlowPrivate(manager), parent) {} QOAuth2AuthorizationCodeFlow::QOAuth2AuthorizationCodeFlow(const QString &clientIdentifier, QNetworkAccessManager *manager, QObject *parent) : QAbstractOAuth2(*new QOAuth2AuthorizationCodeFlowPrivate(manager), parent) { Q_D(QOAuth2AuthorizationCodeFlow); d->clientCredentials.first = clientIdentifier; } QOAuth2AuthorizationCodeFlow::QOAuth2AuthorizationCodeFlow(const QUrl &authenticateUrl, const QUrl &accessTokenUrl, QNetworkAccessManager *manager, QObject *parent) : QAbstractOAuth2(*new QOAuth2AuthorizationCodeFlowPrivate(manager), parent) { Q_D(QOAuth2AuthorizationCodeFlow); d->authorizationUrl = authenticateUrl; d->accessTokenUrl = accessTokenUrl; } QOAuth2AuthorizationCodeFlow::QOAuth2AuthorizationCodeFlow(const QString &clientIdentifier, const QUrl &authenticateUrl, const QUrl &accessTokenUrl, QNetworkAccessManager *manager, QObject *parent) : QAbstractOAuth2(*new QOAuth2AuthorizationCodeFlowPrivate(manager), parent) { Q_D(QOAuth2AuthorizationCodeFlow); d->authorizationUrl = authenticateUrl; d->accessTokenUrl = accessTokenUrl; d->clientCredentials.first = clientIdentifier; } QOAuth2AuthorizationCodeFlow::~QOAuth2AuthorizationCodeFlow() {} QString QOAuth2AuthorizationCodeFlow::responseType() const { return QStringLiteral("code"); } QUrl QOAuth2AuthorizationCodeFlow::accessTokenUrl() const { Q_D(const QOAuth2AuthorizationCodeFlow); return d->accessTokenUrl; } void QOAuth2AuthorizationCodeFlow::setAccessTokenUrl(const QUrl &accessTokenUrl) { Q_D(QOAuth2AuthorizationCodeFlow); if (d->accessTokenUrl != accessTokenUrl) { d->accessTokenUrl = accessTokenUrl; Q_EMIT accessTokenUrlChanged(accessTokenUrl); } } void QOAuth2AuthorizationCodeFlow::grant() { Q_D(QOAuth2AuthorizationCodeFlow); if (d->authorizationUrl.isEmpty()) { qCritical("QOAuth2AuthorizationCodeFlow: No authenticate Url set"); return; } else if (d->accessTokenUrl.isEmpty()) { qCritical("QOAuth2AuthorizationCodeFlow: No request access token Url set"); return; } resourceOwnerAuthorization(d->authorizationUrl); } void QOAuth2AuthorizationCodeFlow::refreshAccessToken() { Q_D(QOAuth2AuthorizationCodeFlow); if (d->refreshToken.isEmpty()) { qWarning("QOAuth2AuthorizationCodeFlow::refreshAccessToken: Cannot refresh access token. " "Empty refresh token"); return; } typedef QAbstractOAuth2Private::OAuth2KeyString Key; QVariantMap parameters; QNetworkRequest request(d->accessTokenUrl); QUrlQuery query; parameters.insert(Key::grantType, QStringLiteral("refresh_token")); parameters.insert(Key::refreshToken, d->refreshToken); parameters.insert(Key::redirectUri, QUrl::toPercentEncoding(callback())); query = QAbstractOAuthPrivate::createQuery(parameters); request.setHeader(QNetworkRequest::ContentTypeHeader, QStringLiteral("application/x-www-form-urlencoded")); const QString data = query.toString(QUrl::FullyEncoded); d->currentReply = d->networkAccessManager()->post(request, data.toUtf8()); QObjectPrivate::connect(d->networkAccessManager(), &QNetworkAccessManager::finished, d, &QOAuth2AuthorizationCodeFlowPrivate::_q_accessTokenRequestFinished); QObjectPrivate::connect(d->networkAccessManager(), &QNetworkAccessManager::authenticationRequired, d, &QOAuth2AuthorizationCodeFlowPrivate::_q_authenticate, Qt::UniqueConnection); } QUrl QOAuth2AuthorizationCodeFlow::buildAuthenticateUrl(const QVariantMap ¶meters) { Q_D(QOAuth2AuthorizationCodeFlow); typedef QAbstractOAuth2Private::OAuth2KeyString Key; if (d->state.isEmpty()) d->state = QAbstractOAuth2Private::generateRandomState(); const QString state = d->state; QVariantMap p(parameters); QUrl url(d->authorizationUrl); p.insert(Key::responseType, responseType()); p.insert(Key::clientIdentifier, d->clientCredentials.first); p.insert(Key::redirectUri, callback()); p.insert(Key::scope, d->scope); p.insert(Key::state, state); p.insert(Key::apiKey, QVariant()); if (d->modifyParametersFunction) d->modifyParametersFunction(Stage::RequestingAuthorization, &p); url.setQuery(d->createQuery(p)); connect(d->replyHandler.data(), &QAbstractOAuthReplyHandler::callbackReceived, this, &QOAuth2AuthorizationCodeFlow::authorizationCallbackReceived, Qt::UniqueConnection); setStatus(QAbstractOAuth::Status::NotAuthenticated); qDebug("QOAuth2AuthorizationCodeFlow::buildAuthenticateUrl: %s", qPrintable(url.toString())); return url; } void QOAuth2AuthorizationCodeFlow::requestAccessToken(const QString &code) { Q_D(QOAuth2AuthorizationCodeFlow); typedef QAbstractOAuth2Private::OAuth2KeyString Key; QVariantMap parameters; QNetworkRequest request(d->accessTokenUrl); QUrlQuery query; parameters.insert(Key::grantType, QStringLiteral("authorization_code")); parameters.insert(Key::code, QUrl::toPercentEncoding(code)); parameters.insert(Key::redirectUri, QUrl::toPercentEncoding(callback())); parameters.insert(Key::clientIdentifier, QUrl::toPercentEncoding(d->clientCredentials.first)); if (!d->clientCredentials.second.isEmpty()) parameters.insert(Key::clientSharedSecret, d->clientCredentials.second); if (d->modifyParametersFunction) d->modifyParametersFunction(Stage::RequestingAccessToken, ¶meters); query = QAbstractOAuthPrivate::createQuery(parameters); request.setHeader(QNetworkRequest::ContentTypeHeader, QStringLiteral("application/x-www-form-urlencoded")); const QString data = query.toString(QUrl::FullyEncoded); d->currentReply = d->networkAccessManager()->post(request, data.toUtf8()); QObjectPrivate::connect(d->networkAccessManager(), &QNetworkAccessManager::finished, d, &QOAuth2AuthorizationCodeFlowPrivate::_q_accessTokenRequestFinished); QObjectPrivate::connect(d->networkAccessManager(), &QNetworkAccessManager::authenticationRequired, d, &QOAuth2AuthorizationCodeFlowPrivate::_q_authenticate, Qt::UniqueConnection); } void QOAuth2AuthorizationCodeFlow::resourceOwnerAuthorization(const QUrl &url, const QVariantMap ¶meters) { Q_D(QOAuth2AuthorizationCodeFlow); Q_ASSERT(url == d->authorizationUrl); const QUrl u = buildAuthenticateUrl(parameters); QObjectPrivate::connect(this, &QOAuth2AuthorizationCodeFlow::authorizationCallbackReceived, d, &QOAuth2AuthorizationCodeFlowPrivate::_q_handleCallback, Qt::UniqueConnection); Q_EMIT authorizeWithBrowser(u); } QT_END_NAMESPACE #endif // QT_NO_HTTP