qt6/cutelyst3/credentialhttp_8cpp_source.html

 /*
  * SPDX-FileCopyrightText: (C) 2013-2022 Daniel Nicoletti <dantti12@gmail.com>
  * SPDX-License-Identifier: BSD-3-Clause
  */
 #include "authenticationrealm.h"
 #include "credentialhttp_p.h"
 #include "credentialpassword.h"

 #include <Cutelyst/Context>
 #include <Cutelyst/Response>

 #include <QLoggingCategory>
 #include <QUrl>

 using namespace Cutelyst;

 Q_LOGGING_CATEGORY(C_CREDENTIALHTTP, "cutelyst.plugin.credentialhttp", QtWarningMsg)

 CredentialHttp::CredentialHttp(QObject *parent)
     : AuthenticationCredential(parent)
     , d_ptr(new CredentialHttpPrivate)
 {
 }

 CredentialHttp::~CredentialHttp()
 {
     delete d_ptr;
 }

 void CredentialHttp::setType(CredentialHttp::AuthType type)
 {
     Q_D(CredentialHttp);
     d->type = type;
 }

 void CredentialHttp::setAuthorizationRequiredMessage(const QString &message)
 {
     Q_D(CredentialHttp);
     d->authorizationRequiredMessage = message;
 }

 QString CredentialHttp::passwordField() const
 {
     Q_D(const CredentialHttp);
     return d->passwordField;
 }

 void CredentialHttp::setPasswordField(const QString &fieldName)
 {
     Q_D(CredentialHttp);
     d->passwordField = fieldName;
 }

 CredentialHttp::PasswordType CredentialHttp::passwordType() const
 {
     Q_D(const CredentialHttp);
     return d->passwordType;
 }

 void CredentialHttp::setPasswordType(CredentialHttp::PasswordType type)
 {
     Q_D(CredentialHttp);
     d->passwordType = type;
 }

 QString CredentialHttp::passwordPreSalt() const
 {
     Q_D(const CredentialHttp);
     return d->passwordPreSalt;
 }

 void CredentialHttp::setPasswordPreSalt(const QString &passwordPreSalt)
 {
     Q_D(CredentialHttp);
     d->passwordPreSalt = passwordPreSalt;
 }

 QString CredentialHttp::passwordPostSalt() const
 {
     Q_D(const CredentialHttp);
     return d->passwordPostSalt;
 }

 void CredentialHttp::setPasswordPostSalt(const QString &passwordPostSalt)
 {
     Q_D(CredentialHttp);
     d->passwordPostSalt = passwordPostSalt;
 }

 QString CredentialHttp::usernameField() const
 {
     Q_D(const CredentialHttp);
     return d->usernameField;
 }

 void CredentialHttp::setUsernameField(const QString &fieldName)
 {
     Q_D(CredentialHttp);
     d->usernameField = fieldName;
 }

 void CredentialHttp::setRequireSsl(bool require)
 {
     Q_D(CredentialHttp);
     d->requireSsl = require;
 }

 AuthenticationUser CredentialHttp::authenticate(Cutelyst::Context *c,
                                                 AuthenticationRealm *realm,
                                                 const ParamsMultiMap &authinfo)
 {
     Q_D(CredentialHttp);

     AuthenticationUser ret;
     if (d->requireSsl && !c->request()->secure()) {
         ret = d->authenticationFailed(c, realm, authinfo);
         return ret;
     }

     if (d->isAuthTypeBasic()) {
         ret = d->authenticateBasic(c, realm, authinfo);
         if (!ret.isNull()) {
             return ret;
         }
     }

     ret = d->authenticationFailed(c, realm, authinfo);
     return ret;
 }

 bool CredentialHttpPrivate::checkPassword(const AuthenticationUser &user,
                                           const ParamsMultiMap &authinfo)
 {
     QString password             = authinfo.value(passwordField);
     const QString storedPassword = user.value(passwordField).toString();

     if (Q_LIKELY(passwordType == CredentialHttp::Hashed)) {
         if (!passwordPreSalt.isEmpty()) {
             password.prepend(password);
         }

         if (!passwordPostSalt.isEmpty()) {
             password.append(password);
         }

         return CredentialPassword::validatePassword(password.toUtf8(), storedPassword.toUtf8());
     } else if (passwordType == CredentialHttp::Clear) {
         return storedPassword == password;
     } else if (passwordType == CredentialHttp::None) {
         qCCritical(C_CREDENTIALHTTP) << "CredentialPassword is set to ignore password check";
         return true;
     }

     return false;
 }

 AuthenticationUser CredentialHttpPrivate::authenticateBasic(Context *c,
                                                             AuthenticationRealm *realm,
                                                             const ParamsMultiMap &authinfo)
 {
     Q_UNUSED(authinfo)
     AuthenticationUser user;
     qCDebug(C_CREDENTIALHTTP) << "Checking http basic authentication.";

     const auto userPass = c->req()->headers().authorizationBasicObject();
     if (userPass.user.isEmpty()) {
         return user;
     }

     ParamsMultiMap auth;
     auth.insert(usernameField, userPass.user);
     AuthenticationUser _user = realm->findUser(c, auth);
     if (!_user.isNull()) {
         auth.insert(passwordField, userPass.password);
         if (checkPassword(_user, auth)) {
             user = _user;
         } else {
             qCDebug(C_CREDENTIALHTTP) << "Password didn't match";
         }
     } else {
         qCDebug(C_CREDENTIALHTTP) << "Unable to locate a user matching user info provided in realm";
     }
     return user;
 }

 AuthenticationUser CredentialHttpPrivate::authenticationFailed(Context *c,
                                                                AuthenticationRealm *realm,
                                                                const ParamsMultiMap &authinfo)
 {
     Q_UNUSED(authinfo);
     Response *res = c->response();
     res->setStatus(Response::Unauthorized); // 401
     res->setContentType(QStringLiteral("text/plain; charset=UTF-8"));

     if (authorizationRequiredMessage.isEmpty()) {
         res->setBody(QStringLiteral("Authorization required."));
     } else {
         res->setBody(authorizationRequiredMessage);
     }

     // Create Basic response
     if (isAuthTypeBasic()) {
         createBasicAuthResponse(c, realm);
     }

     return AuthenticationUser();
 }

 bool CredentialHttpPrivate::isAuthTypeBasic() const
 {
     return type == CredentialHttp::Basic || type == CredentialHttp::Any;
 }

 void CredentialHttpPrivate::createBasicAuthResponse(Context *c, AuthenticationRealm *realm)
 {
     c->res()->headers().setWwwAuthenticate(
         joinAuthHeaderParts(QStringLiteral("Basic"), buildAuthHeaderCommon(realm)));
 }

 QStringList CredentialHttpPrivate::buildAuthHeaderCommon(AuthenticationRealm *realm) const
 {
     QStringList ret;
     // TODO
     // return realm="realmname"
     // return domain="realmname"
     if (!realm->name().isEmpty()) {
         ret.append(u"realm=\"" + realm->name() + u'"');
     }
     return ret;
 }

 QString CredentialHttpPrivate::joinAuthHeaderParts(const QString &type,
                                                    const QStringList &parts) const
 {
     QString ret = type;
     if (!parts.isEmpty()) {
         ret.append(u' ' + parts.join(u", "));
     }
     return ret;
 }

 #include "moc_credentialhttp.cpp"
QString::append
QString & append(QChar ch)

Cutelyst::CredentialHttp::setPasswordPostSalt
void setPasswordPostSalt(const QString &passwordPostSalt)
Sets the salt string to be appended to the password.
Definition: credentialhttp.cpp:84

Cutelyst::Response::setContentType
void setContentType(const QString &type)
Definition: response.h:220

Cutelyst::AuthenticationRealm::findUser
virtual AuthenticationUser findUser(Context *c, const ParamsMultiMap &userinfo)
Tries to find the user with authinfo returning a non null AuthenticationUser on success.
Definition: authenticationrealm.cpp:48

Cutelyst::Response::headers
Headers & headers() noexcept

QString::prepend
QString & prepend(QChar ch)

Cutelyst::AuthenticationUser::isNull
bool isNull() const
Returns true if the object is null.
Definition: authenticationuser.cpp:35

Cutelyst::Context::res
Response * res() const noexcept
Definition: context.cpp:102

Cutelyst::CredentialHttp::passwordPreSalt
QString passwordPreSalt() const
Returns the salt string to be prepended to the password.
Definition: credentialhttp.cpp:66

Cutelyst::CredentialHttp::setPasswordType
void setPasswordType(PasswordType type)
Sets the type of password this class will be dealing with.
Definition: credentialhttp.cpp:60

QStringList::join
QString join(QChar separator) const const

Cutelyst::CredentialHttp::passwordPostSalt
QString passwordPostSalt() const
Returns the salt string to be appended to the password.
Definition: credentialhttp.cpp:78

Cutelyst::AuthenticationCredential
Definition: authentication.h:18

Cutelyst::AuthenticationRealm
Definition: authenticationrealm.h:17

Cutelyst::Response
Definition: response.h:24

Cutelyst::Context
The Cutelyst Context.
Definition: context.h:38

Cutelyst::CredentialHttp::usernameField
QString usernameField() const
Returns the field to look for when authenticating the user.
Definition: credentialhttp.cpp:90

Cutelyst::CredentialHttp::setUsernameField
void setUsernameField(const QString &fieldName)
Sets the field to look for when authenticating the user.
Definition: credentialhttp.cpp:96

Cutelyst::CredentialHttp::authenticate
AuthenticationUser authenticate(Context *c, AuthenticationRealm *realm, const ParamsMultiMap &authinfo) final
Tries to authenticate the authinfo using the give realm.
Definition: credentialhttp.cpp:108

Cutelyst::CredentialHttp::setType
void setType(CredentialHttp::AuthType type)
Definition: credentialhttp.cpp:30

Cutelyst::Request::headers
Headers headers() const noexcept
Definition: request.cpp:310

QObject

Cutelyst::Component::name
QString name() const
Definition: component.cpp:33

Cutelyst::CredentialHttp::passwordField
QString passwordField() const
Returns the field to look for when authenticating the user.
Definition: credentialhttp.cpp:42

QList::isEmpty
bool isEmpty() const const

QString::isEmpty
bool isEmpty() const const

Cutelyst::CredentialHttp::setPasswordPreSalt
void setPasswordPreSalt(const QString &passwordPreSalt)
Sets the salt string to be prepended to the password.
Definition: credentialhttp.cpp:72

QMultiMap::insert
iterator insert(const Key &key, const T &value)

Cutelyst
The Cutelyst namespace holds all public Cutelyst API.
Definition: Mainpage.dox:7

QString

Cutelyst::CredentialHttp
Definition: credentialhttp.h:16

Cutelyst::CredentialHttp::setRequireSsl
void setRequireSsl(bool require)
Definition: credentialhttp.cpp:102

QStringList

Cutelyst::CredentialHttp::setPasswordField
void setPasswordField(const QString &fieldName)
Sets the field to look for when authenticating the user.
Definition: credentialhttp.cpp:48

Cutelyst::AuthenticationUser
Definition: authenticationuser.h:18

Cutelyst::Headers::setWwwAuthenticate
void setWwwAuthenticate(const QString &value)
Definition: headers.cpp:322

QList::append
void append(QList< T > &&value)

Cutelyst::CredentialHttp::passwordType
PasswordType passwordType() const
Returns the type of password this class will be dealing with.
Definition: credentialhttp.cpp:54

Cutelyst::CredentialHttp::setAuthorizationRequiredMessage
void setAuthorizationRequiredMessage(const QString &message)
Definition: credentialhttp.cpp:36

QMultiMap

Cutelyst::Response::setBody
void setBody(QIODevice *body)
Definition: response.cpp:100

Cutelyst::Context::response
Response * response() const noexcept
Definition: context.cpp:96

QVariant::toString
QString toString() const const

Cutelyst::Response::setStatus
void setStatus(quint16 status) noexcept
Definition: response.cpp:70

Cutelyst::Headers::authorizationBasicObject
Authorization authorizationBasicObject() const
Definition: headers.cpp:352

Cutelyst::CredentialPassword::validatePassword
static bool validatePassword(const QByteArray &password, const QByteArray &correctHash)
Validates the given password against the correct hash.
Definition: credentialpassword.cpp:111

QMultiMap::value
T value(const Key &key, const T &defaultValue) const const

QString::toUtf8
QByteArray toUtf8() const const