| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Pick-to: 6.9 6.8
Change-Id: I76ce92bdf7c1688ece7e2f2caf63cc4d832e2238
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most cpp files in this module are security critical, as
this module implements network interfacing authorization
protocols.
Headers in this module are not marked as they are
trivial.
Fixes: QTBUG-135564
Pick-to: 6.9 6.8
Change-Id: I97d8079296a98099955d3fe63434279599911a5e
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
As the first virtual function, the dtor of a polymorphic class should
be defined out-of-line, lest the vtable becomes a weak symbol and
therefore duplicated across all libraries that include the header,
with the associated failures like false negative dynamic_casts
Pick-to: 6.9
Task-number: QTBUG-45582
Change-Id: Ic05bbbd2ed51f407ff5871e97e76c32f9ae35988
Reviewed-by: Juha Vuolle <juha.vuolle@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
Mark the container const before iterating (it may be a copy of a
member variable of QUrlQuery).
Amends a6dc1c01da723a93e1c174a6950eb4bab8cab3fc.
Pick-to: 6.9 6.8 6.5
Change-Id: Ie2731d974aa333fa7225fc1fbb9e9b29709b4992
Reviewed-by: Juha Vuolle <juha.vuolle@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The module cannot be built without HTTP support, so each and every file
had an `#ifndef QT_NO_HTTP` check.
However, commit d49f744968a237b751f0e520f8a9fff59dc283f5 already
disabled the module build at the toplevel CMakeLists.txt file if the
relevant feature is not found.
As a result, we can drop the checks from the private headers and
the .cpp files and also remove the QtNetwork/qtnetwork-config.h includes
that were added in order to provide access to QT_NO_HTTP definition.
This patch still keeps the QT_NO_HTTP check on public headers, because
it allows the user code like:
#include <QOAuth1> // unconditionally
...
#ifndef QT_NO_HTTP
QOAuth1 oauth;
// use oauth
#endif // QT_NO_HTTP
Pick-to: 6.9 6.8 6.5
Change-Id: I517aa1da90ed53a5fc013d28530aa1d41a946a79
Reviewed-by: Juha Vuolle <juha.vuolle@qt.io>
Reviewed-by: Marc Mutz <marc.mutz@qt.io>
Reviewed-by: Alexandru Croitor <alexandru.croitor@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From QAbstractOAuth::Error documentation:
NetworkError - Failed to connect to the server.
ServerError - The server answered the request with an error,
or its response was not successfully received
The reply handler's usage of these error codes didn't match
these criteria. Notably it used QNetworkReply::error() function,
which mixes network, protocol, and HTTP status errors.
As per OAuth RFC, it is common for the authorization server to
respond with an HTTP error status like 400 Bad Request in case
something is wrong either on the client-side or on the server-side.
This commit makes a distinction between network/protocol errors,
and errors where the server responded with an HTTP status (or
errors which can be otherwise considered server-errors, like missing
content-type header). Network/protocol errors are NetworkErrors,
and other errors are ServerErrors.
As a related change, one qCWarning is removed as redundant, because
in practice tokenRequestErrorOccurred() handler also prints
a warning. Also as a related change, empty JSON object
branch was missing an error signal emission which is now added.
Note: Picking this to branches earlier than 6.6 isn't particularly
useful, because token request error reporting was introduced in 6.6.
Prior to 6.6, an error results only in a qCWarning print, not
an error signal emission.
Amends: 32f29d3e227da206f262efa055d1cac895855a98
[ChangeLog][QOAuthHttpServerReplyHandler] Make a better
distinction between NetworkErrors and ServerErrors with token
requests.
Pick-to: 6.8
Change-Id: I3ea8ca30da3e82867628ae5a90e2aa84e435d66d
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The URI scheme reply handler is a convenience class for redirect_uris
which use either custom scheme ("com.mystuff.app:/somepath")
or a regular https scheme ("https://app.mystuff.com/somepath").
These URI scheme handlers complement the pre-existing "http://localhost"
handler qtnetworkauth provides (QOAuthHttpServerReplyHandler).
Together these three URI schemes then cover the listed authorization
response handling uri schemes with public native applications,
as listed in RFC 8252 section "7. Receiving the Authorization Response
in a Native App":
1. loopback (pre-existing)
2. private URI scheme (this commit)
3. claimed HTTPS (this commit)
Task-number: QTBUG-124338
Task-number: QTBUG-124339
Change-Id: I9d511ecb92b5c63c5a66fbd1fc4ec9993e0479e7
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Marc Mutz <marc.mutz@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
To be better in line with the other signals (that is, end
the signal name with a 'verb').
Amends: 32f29d3e227da206f262efa055d1cac895855a98
Pick-to: 6.6
Change-Id: I8f76d526b124842d0982e74af0dc76d8bdc46f37
Reviewed-by: Friedemann Kleint <Friedemann.Kleint@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The OAuth2 authorization and access token requests can fail for a number
of reasons, both network and authorization server related. These errors
are reported as a log output, leaving the application unaware.
In addition since the refresh token errors were not handled, a failed
refresh attempt left the OAuth2 class in a "refershing token" status
without proper means for application to recover.
This commit harnesses the pre-existing QAbstractOAuth::requestFailed()
signal for reporting these issues. It's used by OAuth1 implementation
for similar purpose.
This consists of:
- Document the requestFailed() signal
- Add new QAbstractOAuthReplyHandler::tokenRequestError() signal,
which reply handlers can emit upon error
- Connect AuthorizationCodeFlow class to that signal and handle it
- Implement error emission in OobReplyHandler, which is used by
the examples (via HTTPReplyHandler)
- Autotests
[ChangeLog][QAbstractOAuth] Add token request error signal and
improve related error handling
Fixes: QTBUG-102279
Fixes: QTBUG-106821
Change-Id: I4dc14aa237d92bd1a2ba830c349cae4121be2e57
Reviewed-by: Ivan Solovev <ivan.solovev@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
Replace the current license disclaimer in files by
a SPDX-License-Identifier.
License files are organized under LICENSES directory.
Pick-to: 6.4
Task-number: QTBUG-67283
Change-Id: Ic012e87171ed4cef6871eff7d76f56994ea3ca1f
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some of the header and source files incorrectly check for QT_NO_HTTP
without including the necessary QtNetwork/qtnetwork-config.h
header. Because CMake's AUTOGEN still runs moc on those files and then
includes them into mocs_compilation.cpp, this causes compilation
failures.
Work around the compilation failures by including the moc files
directly in the respective cpp files.
Note that this ensures archiving works in a static build, but results
in a an unusable library. This was the case for Qt 5.15 as well.
A follow up change will be done to clean up this state, but for now
this change unblocks adding the WebAssembly platform into CI.
Task-number: QTBUG-78647
Task-number: QTBUG-93243
Change-Id: I9b6657d5ae539fdb09a741637cc5a19e652c9272
Reviewed-by: Joerg Bornemann <joerg.bornemann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit ce84933d7466a6eb966da03591f6b45fbc0dcb47.
QProcess takes precedence.
Naming in QProcess is considered to be the correct one.
Change-Id: Ie54f27c31ac0753a54632be1fa37280016ebb671
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Because it's deprecated in 5.15
Task-number: QTBUG-80369
Change-Id: I8337da24c49cc136edd465f8e23eda3480747ce8
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Logging categories are not public API and throw off qdoc, causing:
qtnetworkauth/src/oauth/qabstractoauth.cpp:492: warning: Can't link to 'QAbstractOAuthReplyHandler'
Amends 43634a54376c55ff78521ea9a063f4cab984d871.
Change-Id: I730a39f14ee93d63a5d37271a79ea75b022e3ec5
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
.qmake.conf
src/oauth/qabstractoauth.cpp
tests/auto/oauth1/tst_oauth1.cpp
Done-with: Jesus Fernandez<jesus.fernandez@qt.io>
Change-Id: I5be2c6ad2cd00943ee3acafe5b5c693fc4ada03c
|
| | |
| |
| |
| |
| | |
Change-Id: Iaad9fb2096cd01a762c3eace90c6154b0d0ebe59
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Some servers are using text/javascript instead of application/json to
send the tokens to the client.
Task-number: QTBUG-60400
Change-Id: I07e00b4542c95c45e8cc2d6213eb799d4c1fb6d5
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |/
|
|
|
|
|
|
| |
It allows filtering the debug messages in runtime using the
QLoggingCategory system.
Change-Id: Ib6790455ad856ccbc20e34f0a84a07cf5240f62e
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
| |
|
|
|
|
|
| |
Change-Id: I40cc53ee24ad71a1293dc3b635b2cb545d29a686
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
Reviewed-by: Tuukka Turunen <tuukka.turunen@theqtcompany.com>
Reviewed-by: Fredrik de Vibe <fredrik.devibe@qt.io>
|
|
|
New library to support OAuth1 and OAuth2 standard in Qt.
OAuth provides a method for clients to access server resources on behalf
of a resource owner (such as a different client or an end-user). It
also provides a process for end-users to authorize third-party access to
their server resources without sharing their credentials (typically, a
username and password pair), using user-agent redirections.
[ChangeLog][OAuth] Added OAuth support
Change-Id: I3971456f93bf6ddd7fd46f555202bab2eb777c15
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
|
