qt5/cutelyst2/credentialhttp_8cpp_source.html

 /*
  * Copyright (C) 2013-2018 Daniel Nicoletti <dantti12@gmail.com>
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
  * License as published by the Free Software Foundation; either
  * version 2.1 of the License, or (at your option) any later version.
  *
  * This library is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * Lesser General Public License for more details.
  *
  * You should have received a copy of the GNU Lesser General Public
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  */
 #include "credentialhttp_p.h"
 #include "credentialpassword.h"

 #include "authenticationrealm.h"

 #include <Cutelyst/Context>
 #include <Cutelyst/Response>

 #include <QUrl>
 #include <QLoggingCategory>

 using namespace Cutelyst;

 Q_LOGGING_CATEGORY(C_CREDENTIALHTTP, "cutelyst.plugin.credentialhttp", QtWarningMsg)

 CredentialHttp::CredentialHttp(QObject *parent) : AuthenticationCredential(parent)
   , d_ptr(new CredentialHttpPrivate)
 {
 }

 CredentialHttp::~CredentialHttp()
 {
     delete d_ptr;
 }

 void CredentialHttp::setType(CredentialHttp::AuthType type)
 {
     Q_D(CredentialHttp);
     d->type = type;
 }

 void CredentialHttp::setAuthorizationRequiredMessage(const QString &message)
 {
     Q_D(CredentialHttp);
     d->authorizationRequiredMessage = message;
 }

 QString CredentialHttp::passwordField() const
 {
     Q_D(const CredentialHttp);
     return d->passwordField;
 }

 void CredentialHttp::setPasswordField(const QString &fieldName)
 {
     Q_D(CredentialHttp);
     d->passwordField = fieldName;
 }

 CredentialHttp::PasswordType CredentialHttp::passwordType() const
 {
     Q_D(const CredentialHttp);
     return d->passwordType;
 }

 void CredentialHttp::setPasswordType(CredentialHttp::PasswordType type)
 {
     Q_D(CredentialHttp);
     d->passwordType = type;
 }

 QString CredentialHttp::passwordPreSalt() const
 {
     Q_D(const CredentialHttp);
     return d->passwordPreSalt;
 }

 void CredentialHttp::setPasswordPreSalt(const QString &passwordPreSalt)
 {
     Q_D(CredentialHttp);
     d->passwordPreSalt = passwordPreSalt;
 }

 QString CredentialHttp::passwordPostSalt() const
 {
     Q_D(const CredentialHttp);
     return d->passwordPostSalt;
 }

 void CredentialHttp::setPasswordPostSalt(const QString &passwordPostSalt)
 {
     Q_D(CredentialHttp);
     d->passwordPostSalt = passwordPostSalt;
 }

 QString CredentialHttp::usernameField() const
 {
     Q_D(const CredentialHttp);
     return d->usernameField;
 }

 void CredentialHttp::setUsernameField(const QString &fieldName)
 {
     Q_D(CredentialHttp);
     d->usernameField = fieldName;
 }

 void CredentialHttp::setRequireSsl(bool require)
 {
     Q_D(CredentialHttp);
     d->requireSsl = require;
 }

 AuthenticationUser CredentialHttp::authenticate(Cutelyst::Context *c, AuthenticationRealm *realm, const ParamsMultiMap &authinfo)
 {
     Q_D(CredentialHttp);

     AuthenticationUser ret;
     if (d->requireSsl && !c->request()->secure()) {
         ret = d->authenticationFailed(c, realm, authinfo);
         return ret;
     }

     if (d->isAuthTypeBasic()) {
         ret = d->authenticateBasic(c, realm, authinfo);
         if (!ret.isNull()) {
             return ret;
         }
     }

     ret = d->authenticationFailed(c, realm, authinfo);
     return ret;
 }

 bool CredentialHttpPrivate::checkPassword(const AuthenticationUser &user, const ParamsMultiMap &authinfo)
 {
     QString password = authinfo.value(passwordField);
     const QString storedPassword = user.value(passwordField).toString();

     if (Q_LIKELY(passwordType == CredentialHttp::Hashed)) {
         if (!passwordPreSalt.isEmpty()) {
             password.prepend(password);
         }

         if (!passwordPostSalt.isEmpty()) {
             password.append(password);
         }

         return CredentialPassword::validatePassword(password.toUtf8(), storedPassword.toUtf8());
     } else if (passwordType == CredentialHttp::Clear) {
         return storedPassword == password;
     } else if (passwordType == CredentialHttp::None) {
         qCCritical(C_CREDENTIALHTTP) << "CredentialPassword is set to ignore password check";
         return true;
     }

     return false;
 }

 AuthenticationUser CredentialHttpPrivate::authenticateBasic(Context *c, AuthenticationRealm *realm, const ParamsMultiMap &authinfo)
 {
     Q_UNUSED(authinfo)
     AuthenticationUser user;
     qCDebug(C_CREDENTIALHTTP) << "Checking http basic authentication.";

     const std::pair<QString, QString> userPass = c->req()->headers().authorizationBasicPair();
     if (userPass.first.isEmpty()) {
         return user;
     }

     ParamsMultiMap auth;
     auth.insert(usernameField, userPass.first);
     AuthenticationUser _user = realm->findUser(c, auth);
     if (!_user.isNull()) {
         auth.insert(passwordField, userPass.second);
         if (checkPassword(_user, auth)) {
             user = _user;
         } else {
             qCDebug(C_CREDENTIALHTTP) << "Password didn't match";
         }
     } else {
         qCDebug(C_CREDENTIALHTTP) << "Unable to locate a user matching user info provided in realm";
     }
     return user;
 }

 AuthenticationUser CredentialHttpPrivate::authenticationFailed(Context *c, AuthenticationRealm *realm, const ParamsMultiMap &authinfo)
 {
     Response *res = c->response();
     res->setStatus(Response::Unauthorized); // 401
     res->setContentType(QStringLiteral("text/plain; charset=UTF-8"));

     if (authorizationRequiredMessage.isEmpty()) {
         res->setBody(QStringLiteral("Authorization required."));
     } else {
         res->setBody(authorizationRequiredMessage);
     }

     // Create Basic response
     if (isAuthTypeBasic()) {
         createBasicAuthResponse(c, realm);
     }

     return AuthenticationUser();
 }

 bool CredentialHttpPrivate::isAuthTypeBasic() const
 {
     return type == CredentialHttp::Basic || type == CredentialHttp::Any;
 }

 void CredentialHttpPrivate::createBasicAuthResponse(Context *c, AuthenticationRealm *realm)
 {
     c->res()->headers().setWwwAuthenticate(joinAuthHeaderParts(QStringLiteral("Basic"),
                                                                buildAuthHeaderCommon(realm)));
 }

 QStringList CredentialHttpPrivate::buildAuthHeaderCommon(AuthenticationRealm *realm) const
 {
     QStringList ret;
     // TODO
     // return realm="realmname"
     // return domain="realmname"
     if (!realm->name().isEmpty()) {
         ret.append(QLatin1String("realm=\"") + realm->name() + QLatin1Char('"'));
     }
     return ret;
 }

 QString CredentialHttpPrivate::joinAuthHeaderParts(const QString &type, const QStringList &parts) const
 {
     QString ret = type;
     if (!parts.isEmpty()) {
         ret.append(QLatin1Char(' ') + parts.join(QStringLiteral(", ")));
     }
     return ret;
 }

 #include "moc_credentialhttp.cpp"
QString::append
QString & append(QChar ch)

Cutelyst::CredentialHttp::setPasswordPostSalt
void setPasswordPostSalt(const QString &passwordPostSalt)
Sets the salt string to be appended to the password.
Definition: credentialhttp.cpp:97

Cutelyst::Response::setContentType
void setContentType(const QString &type)
Definition: response.h:218

Cutelyst::AuthenticationRealm::findUser
virtual AuthenticationUser findUser(Context *c, const ParamsMultiMap &userinfo)
Tries to find the user with authinfo returning a non null AuthenticationUser on success.
Definition: authenticationrealm.cpp:60

QString::prepend
QString & prepend(QChar ch)

Cutelyst::AuthenticationUser::isNull
bool isNull() const
Returns true if the object is null.
Definition: authenticationuser.cpp:49

QMap

Cutelyst::Context::res
Response * res() const
Definition: context.cpp:116

Cutelyst::CredentialHttp::passwordPreSalt
QString passwordPreSalt() const
Returns the salt string to be prepended to the password.
Definition: credentialhttp.cpp:79

Cutelyst::CredentialHttp::setPasswordType
void setPasswordType(PasswordType type)
Sets the type of password this class will be dealing with.
Definition: credentialhttp.cpp:73

QStringList::join
QString join(const QString &separator) const

Cutelyst::Response::setStatus
void setStatus(quint16 status)
Definition: response.cpp:85

Cutelyst::CredentialHttp::passwordPostSalt
QString passwordPostSalt() const
Returns the salt string to be appended to the password.
Definition: credentialhttp.cpp:91

Cutelyst::AuthenticationCredential
Definition: authentication.h:31

Cutelyst::AuthenticationRealm
Definition: authenticationrealm.h:30

Cutelyst::Response
Definition: response.h:34

Cutelyst::Context
The Cutelyst Context.
Definition: context.h:51

Cutelyst::CredentialHttp::usernameField
QString usernameField() const
Returns the field to look for when authenticating the user.
Definition: credentialhttp.cpp:103

Cutelyst::CredentialHttp::setUsernameField
void setUsernameField(const QString &fieldName)
Sets the field to look for when authenticating the user.
Definition: credentialhttp.cpp:109

QList::append
void append(const T &value)

Cutelyst::CredentialHttp::authenticate
AuthenticationUser authenticate(Context *c, AuthenticationRealm *realm, const ParamsMultiMap &authinfo) final
Tries to authenticate the authinfo using the give realm.
Definition: credentialhttp.cpp:121

Cutelyst::CredentialHttp::setType
void setType(CredentialHttp::AuthType type)
Definition: credentialhttp.cpp:43

QObject

Cutelyst::Component::name
QString name() const
Definition: component.cpp:44

Cutelyst::CredentialHttp::passwordField
QString passwordField() const
Returns the field to look for when authenticating the user.
Definition: credentialhttp.cpp:55

QList::isEmpty
bool isEmpty() const

QString::isEmpty
bool isEmpty() const

Cutelyst::CredentialHttp::setPasswordPreSalt
void setPasswordPreSalt(const QString &passwordPreSalt)
Sets the salt string to be prepended to the password.
Definition: credentialhttp.cpp:85

Cutelyst::Response::headers
Headers & headers()
Definition: response.cpp:316

Cutelyst::Context::response
Response * response() const
Definition: context.cpp:110

Cutelyst
The Cutelyst namespace holds all public Cutelyst API.
Definition: Mainpage.dox:7

QString

Cutelyst::CredentialHttp
Definition: credentialhttp.h:29

Cutelyst::CredentialHttp::setRequireSsl
void setRequireSsl(bool require)
Definition: credentialhttp.cpp:115

QStringList

Cutelyst::CredentialHttp::setPasswordField
void setPasswordField(const QString &fieldName)
Sets the field to look for when authenticating the user.
Definition: credentialhttp.cpp:61

QLatin1Char

Cutelyst::AuthenticationUser
Definition: authenticationuser.h:31

QLatin1String

Cutelyst::Headers::setWwwAuthenticate
void setWwwAuthenticate(const QString &value)
Definition: headers.cpp:339

Cutelyst::CredentialHttp::passwordType
PasswordType passwordType() const
Returns the type of password this class will be dealing with.
Definition: credentialhttp.cpp:67

QMap::insert
iterator insert(const Key &key, const T &value)

Cutelyst::CredentialHttp::setAuthorizationRequiredMessage
void setAuthorizationRequiredMessage(const QString &message)
Definition: credentialhttp.cpp:49

Cutelyst::Response::setBody
void setBody(QIODevice *body)
Definition: response.cpp:114

QVariant::toString
QString toString() const

Cutelyst::CredentialPassword::validatePassword
static bool validatePassword(const QByteArray &password, const QByteArray &correctHash)
Validates the given password against the correct hash.
Definition: credentialpassword.cpp:121

QMap::value
const T value(const Key &key, const T &defaultValue) const

QString::toUtf8
QByteArray toUtf8() const