Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/kde-apps/libkgapi/files/libkgapi-17.04.0-auth3.patch
diff options
context:
space:
mode:
Diffstat (limited to 'kde-apps/libkgapi/files/libkgapi-17.04.0-auth3.patch')
-rw-r--r--kde-apps/libkgapi/files/libkgapi-17.04.0-auth3.patch310
1 files changed, 310 insertions, 0 deletions
diff --git a/kde-apps/libkgapi/files/libkgapi-17.04.0-auth3.patch b/kde-apps/libkgapi/files/libkgapi-17.04.0-auth3.patch
new file mode 100644
index 000000000000..61d3b306bed4
--- /dev/null
+++ b/kde-apps/libkgapi/files/libkgapi-17.04.0-auth3.patch
@@ -0,0 +1,310 @@
+From 7b0934611ef72fb7e7c405813a1d2bb8b944dadc Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Daniel=20Vr=C3=A1til?= <dvratil@kde.org>
+Date: Thu, 27 Apr 2017 18:41:45 +0200
+Subject: [PATCH 3/3] Auth: add URL bar and SSL indicator to the authentication
+ page
+
+To increase trust-worthiness of the authentication dialog we now display
+the URL and an SSL indicator above the webview.
+---
+ src/core/ui/authwidget.cpp | 2 +
+ src/core/ui/authwidget_p.cpp | 137 +++++++++++++++++++++++++++++++++++++++----
+ src/core/ui/authwidget_p.h | 25 ++++----
+ 3 files changed, 136 insertions(+), 28 deletions(-)
+
+diff --git a/src/core/ui/authwidget.cpp b/src/core/ui/authwidget.cpp
+index 18d2106..ac09b63 100644
+--- a/src/core/ui/authwidget.cpp
++++ b/src/core/ui/authwidget.cpp
+@@ -107,6 +107,8 @@ void AuthWidget::authenticate()
+
+ qCDebug(KGAPIRaw) << "Requesting new token:" << url;
+
++ d->sslIndicator->setVisible(true);
++ d->urlEdit->setVisible(true);
+ d->webview->setVisible(true);
+ if (d->showProgressBar) {
+ d->progressbar->setVisible(true);
+diff --git a/src/core/ui/authwidget_p.cpp b/src/core/ui/authwidget_p.cpp
+index a51f4a9..f732935 100644
+--- a/src/core/ui/authwidget_p.cpp
++++ b/src/core/ui/authwidget_p.cpp
+@@ -25,35 +25,79 @@
+ #include "private/newtokensfetchjob_p.h"
+ #include "../../debug.h"
+
+-#include <QWebEngineView>
+ #include <QWebEngineProfile>
+ #include <QNetworkReply>
+ #include <QContextMenuEvent>
+
++#include <QVBoxLayout>
++#include <QLabel>
++#include <QTimer>
++#include <QMessageBox>
++
+ #include <QDateTime>
+
+ using namespace KGAPI2;
+
+-WebView::WebView(QWidget *parent)
+- : QWebEngineView(parent)
++namespace
+ {
+- // Don't store cookies, so that subsequent invocations of AuthJob won't remember
+- // the previous accounts.
+- QWebEngineProfile::defaultProfile()->setPersistentCookiesPolicy(QWebEngineProfile::NoPersistentCookies);
+-}
+
+-
+-WebView::~WebView()
++class WebView : public QWebEngineView
+ {
++ Q_OBJECT
++public:
++ explicit WebView(QWidget *parent = nullptr)
++ : QWebEngineView(parent)
++ {
++ // Don't store cookies, so that subsequent invocations of AuthJob won't remember
++ // the previous accounts.
++ QWebEngineProfile::defaultProfile()->setPersistentCookiesPolicy(QWebEngineProfile::NoPersistentCookies);
++ }
+
+-}
++ void contextMenuEvent(QContextMenuEvent *e) Q_DECL_OVERRIDE
++ {
++ // No menu
++ e->accept();
++ }
++};
+
+-void WebView::contextMenuEvent(QContextMenuEvent *e)
++class WebPage : public QWebEnginePage
+ {
+- // No menu
+- e->accept();
++ Q_OBJECT
++public:
++ explicit WebPage(QObject *parent = nullptr)
++ : QWebEnginePage(parent)
++ , mLastError(nullptr)
++ {
++ }
++
++ QWebEngineCertificateError *lastCertificateError() const
++ {
++ return mLastError;
++ }
++
++ bool certificateError(const QWebEngineCertificateError &err) Q_DECL_OVERRIDE
++ {
++ if (mLastError) {
++ delete mLastError;
++ }
++ mLastError = new QWebEngineCertificateError(err.error(), err.url(), err.isOverridable(), err.errorDescription());
++ Q_EMIT sslError();
++
++ return false; // don't let it through
++ }
++
++Q_SIGNALS:
++ void sslError();
++
++private:
++ QWebEngineCertificateError *mLastError;
++};
++
+ }
+
++
++
++
+ AuthWidgetPrivate::AuthWidgetPrivate(AuthWidget *parent):
+ QObject(),
+ showProgressBar(true),
+@@ -67,6 +111,15 @@ AuthWidgetPrivate::~AuthWidgetPrivate()
+ {
+ }
+
++void AuthWidgetPrivate::setSslIcon(const QString &iconName)
++{
++ // FIXME: workaround for silly Breeze icons: the small 22x22 icons are
++ // monochromatic, which is absolutely useless since we are trying to security
++ // information here, so instead we force use the bigger 48x48 icons which
++ // have colors and downscale them
++ sslIndicator->setIcon(QIcon::fromTheme(iconName).pixmap(48));
++}
++
+ void AuthWidgetPrivate::setupUi()
+ {
+ vbox = new QVBoxLayout(q);
+@@ -79,6 +132,26 @@ void AuthWidgetPrivate::setupUi()
+ label->setVisible(false);
+ vbox->addWidget(label);
+
++ auto hbox = new QHBoxLayout;
++ hbox->setSpacing(0);
++ sslIndicator = new QToolButton(q);
++ connect(sslIndicator, &QToolButton::clicked,
++ this, [this]() {
++ auto page = qobject_cast<WebPage*>(webview->page());
++ if (auto err = page->lastCertificateError()) {
++ QMessageBox msg;
++ msg.setIconPixmap(QIcon::fromTheme(QStringLiteral("security-low")).pixmap(64));
++ msg.setText(err->errorDescription());
++ msg.addButton(QMessageBox::Ok);
++ msg.exec();
++ }
++ });
++ hbox->addWidget(sslIndicator);
++ urlEdit = new QLineEdit(q);
++ urlEdit->setReadOnly(true);
++ hbox->addWidget(urlEdit);
++ vbox->addLayout(hbox);
++
+ progressbar = new QProgressBar(q);
+ progressbar->setMinimum(0);
+ progressbar->setMaximum(100);
+@@ -87,6 +160,13 @@ void AuthWidgetPrivate::setupUi()
+
+ webview = new WebView(q);
+
++ auto webpage = new WebPage(webview);
++ connect(webpage, &WebPage::sslError,
++ this, [this]() {
++ setSslIcon(QStringLiteral("security-low"));
++ });
++ webview->setPage(webpage);
++
+ vbox->addWidget(webview);
+ connect(webview, &QWebEngineView::loadProgress, progressbar, &QProgressBar::setValue);
+ connect(webview, &QWebEngineView::urlChanged, this, &AuthWidgetPrivate::webviewUrlChanged);
+@@ -104,6 +184,8 @@ void AuthWidgetPrivate::setProgress(AuthWidget::Progress progress)
+ void AuthWidgetPrivate::emitError(const enum Error errCode, const QString& msg)
+ {
+ label->setVisible(true);
++ sslIndicator->setVisible(false);
++ urlEdit->setVisible(false);
+ webview->setVisible(false);
+ progressbar->setVisible(false);
+
+@@ -118,10 +200,33 @@ void AuthWidgetPrivate::webviewUrlChanged(const QUrl &url)
+ {
+ qCDebug(KGAPIDebug) << "URLChange:" << url;
+
++ // Whoa! That should not happen!
++ if (url.scheme() != QLatin1String("https")) {
++ QTimer::singleShot(0, this, [this, url]() {
++ QUrl sslUrl = url;
++ sslUrl.setScheme(QStringLiteral("https"));
++ webview->setUrl(sslUrl);
++ });
++ return;
++ }
++
+ if (!isGoogleHost(url)) {
++ // We handled SSL above, so we are secure. We are however outside of
++ // accounts.google.com, which is a little suspicious in context of this class
++ setSslIcon(QStringLiteral("security-medium"));
+ return;
+ }
+
++ if (qobject_cast<WebPage*>(webview->page())->lastCertificateError()) {
++ setSslIcon(QStringLiteral("security-low"));
++ } else {
++ // We have no way of obtaining current SSL certifiace from QWebEngine, but we
++ // handled SSL and accounts.google.com cases above and QWebEngine did not report
++ // any SSL error to us, so we can assume we are safe.
++ setSslIcon(QStringLiteral("security-high"));
++ }
++
++
+ // Username and password inputs are loaded dynamically, so we only get
+ // urlChanged, but not urlFinished.
+ if (isUsernameFrame(url)) {
+@@ -145,6 +250,8 @@ void AuthWidgetPrivate::webviewUrlChanged(const QUrl &url)
+ } else if (isTokenPage(url)) {
+ /* Access token here - hide browser and tell user to wait until we
+ * finish the authentication process ourselves */
++ sslIndicator->setVisible(false);
++ urlEdit->setVisible(false);
+ webview->setVisible(false);
+ progressbar->setVisible(false);
+ label->setVisible(true);
+@@ -160,6 +267,8 @@ void AuthWidgetPrivate::webviewFinished(bool ok)
+ }
+
+ const QUrl url = webview->url();
++ urlEdit->setText(url.toDisplayString(QUrl::PrettyDecoded));
++ urlEdit->setCursorPosition(0);
+ qCDebug(KGAPIDebug) << "URLFinished:" << url;
+
+ if (!isGoogleHost(url)) {
+@@ -238,3 +347,5 @@ void AuthWidgetPrivate::accountInfoReceived(KGAPI2::Job* job)
+ setProgress(AuthWidget::Finished);
+ }
+
++
++#include "authwidget_p.moc"
+diff --git a/src/core/ui/authwidget_p.h b/src/core/ui/authwidget_p.h
+index 9c488be..78b0e7f 100644
+--- a/src/core/ui/authwidget_p.h
++++ b/src/core/ui/authwidget_p.h
+@@ -26,27 +26,18 @@
+ #include "ui/authwidget.h"
+ #include "types.h"
+
++#include <QLineEdit>
++#include <QToolButton>
+ #include <QProgressBar>
+-#include <QVBoxLayout>
+ #include <QWebEngineView>
+-#include <QLabel>
++
++class QVBoxLayout;
++class QLabel;
+
+ namespace KGAPI2 {
+
+ class Job;
+
+-class WebView : public QWebEngineView
+-{
+- Q_OBJECT
+-public:
+- explicit WebView(QWidget *parent=0);
+- ~WebView();
+-
+-protected:
+- void contextMenuEvent(QContextMenuEvent *) Q_DECL_OVERRIDE;
+-};
+-
+-
+ class Q_DECL_HIDDEN AuthWidgetPrivate: public QObject {
+
+ Q_OBJECT
+@@ -65,9 +56,11 @@ class Q_DECL_HIDDEN AuthWidgetPrivate: public QObject {
+ QString apiKey;
+ QString secretKey;
+
++ QToolButton *sslIndicator;
++ QLineEdit *urlEdit;
+ QProgressBar *progressbar;
+ QVBoxLayout *vbox;
+- WebView *webview;
++ QWebEngineView *webview;
+ QLabel *label;
+
+ private Q_SLOTS:
+@@ -88,6 +81,8 @@ class Q_DECL_HIDDEN AuthWidgetPrivate: public QObject {
+ bool isPasswordFrame(const QUrl &url) { return url.path() == QLatin1String("/signin/v2/challenge/pwd"); }
+ bool isTokenPage(const QUrl &url) { return url.path() == QLatin1String("/o/oauth2/approval/v2"); }
+
++ void setSslIcon(const QString &icon);
++
+ AuthWidget *q;
+
+ friend class AuthWidget;
+--
+2.12.2
+