From 0a67592d2c0cb345732032e499445159616a64da Mon Sep 17 00:00:00 2001 From: Alessandro Pasotti Date: Wed, 20 Jun 2018 11:30:20 +0200 Subject: [PATCH] [oauth] Fix tests and rebase agains current master --- src/auth/oauth2/CMakeLists.txt | 6 +-- src/auth/oauth2/qgsauthoauth2method.cpp | 52 +++++++++---------- tests/src/auth/CMakeLists.txt | 13 +++-- tests/src/python/qgis_wrapped_server.py | 27 +--------- .../src/python/test_authmanager_oauth2_ows.py | 14 ++--- 5 files changed, 46 insertions(+), 66 deletions(-) diff --git a/src/auth/oauth2/CMakeLists.txt b/src/auth/oauth2/CMakeLists.txt index 3699d54192d9..997558b29353 100644 --- a/src/auth/oauth2/CMakeLists.txt +++ b/src/auth/oauth2/CMakeLists.txt @@ -124,11 +124,11 @@ IF(WITH_INTERNAL_O2 AND CMAKE_GENERATOR MATCHES "Ninja") COMMAND ) ENDIF() -QT4_WRAP_UI(OAUTH2_UIS_H ${OAUTH2_UIS}) +QT5_WRAP_UI(OAUTH2_UIS_H ${OAUTH2_UIS}) -QT4_WRAP_CPP(OAUTH2_MOC_SRCS ${OAUTH2_MOC_HDRS}) +QT5_WRAP_CPP(OAUTH2_MOC_SRCS ${OAUTH2_MOC_HDRS}) -QT4_ADD_RESOURCES(OAUTH2_RCC_SRCS ${OAUTH2_RCCS}) +QT5_ADD_RESOURCES(OAUTH2_RCC_SRCS ${OAUTH2_RCCS}) ############################################################ # Set up plugin targets diff --git a/src/auth/oauth2/qgsauthoauth2method.cpp b/src/auth/oauth2/qgsauthoauth2method.cpp index ba4174459892..b9f9090a024d 100644 --- a/src/auth/oauth2/qgsauthoauth2method.cpp +++ b/src/auth/oauth2/qgsauthoauth2method.cpp @@ -114,7 +114,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const if ( !o2 ) { msg = QStringLiteral( "Update request FAILED for authcfg %1: null object for requestor" ).arg( authcfg ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); return false; } @@ -125,7 +125,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const if ( !QFile::exists( tokencache ) ) { msg = QStringLiteral( "Token cache removed for authcfg %1: unlinking authenticator" ).arg( authcfg ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); o2->unlink(); } } @@ -143,7 +143,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const if ( expired ) { msg = QStringLiteral( "Token expired, attempting refresh for authcfg %1" ).arg( authcfg ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); // Try to get a refresh token first // go into local event loop and wait for a fired refresh-related slot @@ -220,7 +220,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const if ( !o2->linked() ) { msg = QStringLiteral( "Update request FAILED for authcfg %1: requestor could not link app" ).arg( authcfg ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); return false; } } @@ -228,7 +228,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const if ( o2->token().isEmpty() ) { msg = QStringLiteral( "Update request FAILED for authcfg %1: access token is empty" ).arg( authcfg ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); return false; } @@ -243,13 +243,13 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const case QgsAuthOAuth2Config::Header: request.setRawHeader( O2_HTTP_AUTHORIZATION_HEADER, QStringLiteral( "Bearer %1" ).arg( o2->token() ).toAscii() ); msg = QStringLiteral( "Updated request HEADER with access token for authcfg: %1" ).arg( authcfg ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); break; case QgsAuthOAuth2Config::Form: // FIXME: what to do here if the parent request is not POST? // probably have to skip this until auth system support is moved into QgsNetworkAccessManager msg = QStringLiteral( "Update request FAILED for authcfg %1: form POST token update is unsupported" ).arg( authcfg ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); break; case QgsAuthOAuth2Config::Query: if ( !query.hasQueryItem( O2_OAUTH2_ACCESS_TOKEN ) ) @@ -263,7 +263,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const { msg = QStringLiteral( "Updated request QUERY with access token SKIPPED (existing token) for authcfg: %1" ).arg( authcfg ); } - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); break; } @@ -284,7 +284,7 @@ bool QgsAuthOAuth2Method::updateNetworkReply( QNetworkReply *reply, const QStrin { QString msg = QStringLiteral( "Updated reply with token refresh connection FAILED" " for authcfg %1: null reply object" ).arg( authcfg ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); return false; } reply->setProperty( "authcfg", authcfg ); @@ -296,7 +296,7 @@ bool QgsAuthOAuth2Method::updateNetworkReply( QNetworkReply *reply, const QStrin // this, &QgsAuthOAuth2Method::onNetworkError, Qt::QueuedConnection ); QString msg = QStringLiteral( "Updated reply with token refresh connection for authcfg: %1" ).arg( authcfg ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); return true; } @@ -311,7 +311,7 @@ void QgsAuthOAuth2Method::onLinkedChanged() void QgsAuthOAuth2Method::onLinkingFailed() { // Login has failed - QgsMessageLog::logMessage( tr( "Authenticator linking (login) has failed" ), AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + QgsMessageLog::logMessage( tr( "Authenticator linking (login) has failed" ), AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); } void QgsAuthOAuth2Method::onLinkingSucceeded() @@ -320,18 +320,18 @@ void QgsAuthOAuth2Method::onLinkingSucceeded() if ( !o2 ) { QgsMessageLog::logMessage( tr( "Linking succeeded, but authenticator access FAILED: null object" ), - AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); return; } if ( !o2->linked() ) { QgsMessageLog::logMessage( tr( "Linking apparently succeeded, but authenticator FAILED to verify it is linked" ), - AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); return; } - QgsMessageLog::logMessage( tr( "Linking succeeded" ), AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( tr( "Linking succeeded" ), AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); //###################### DO NOT LEAVE ME UNCOMMENTED ###################### //QgsDebugMsg( QStringLiteral( "Access token: %1" ).arg( o2->token() ) ); @@ -357,7 +357,7 @@ void QgsAuthOAuth2Method::onOpenBrowser( const QUrl &url ) // The user will interact with this browser window to // enter login name, password, and authorize your application // to access the Twitter account - QgsMessageLog::logMessage( tr( "Open browser requested" ), AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( tr( "Open browser requested" ), AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); QDesktopServices::openUrl( url ); } @@ -365,7 +365,7 @@ void QgsAuthOAuth2Method::onOpenBrowser( const QUrl &url ) void QgsAuthOAuth2Method::onCloseBrowser() { // Close the browser window opened in openBrowser() - QgsMessageLog::logMessage( tr( "Close browser requested" ), AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( tr( "Close browser requested" ), AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); // Bring focus back to QGIS app if ( qobject_cast( qApp ) ) @@ -385,10 +385,10 @@ void QgsAuthOAuth2Method::onCloseBrowser() void QgsAuthOAuth2Method::onReplyFinished() { - QgsMessageLog::logMessage( tr( "Network reply finished" ), AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( tr( "Network reply finished" ), AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); QNetworkReply *reply = qobject_cast( sender() ); QgsMessageLog::logMessage( tr( "Results: %1" ).arg( QString( reply->readAll() ) ), - AUTH_METHOD_KEY, QgsMessageLog::INFO ); + AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); } void QgsAuthOAuth2Method::onNetworkError( QNetworkReply::NetworkError err ) @@ -399,13 +399,13 @@ void QgsAuthOAuth2Method::onNetworkError( QNetworkReply::NetworkError err ) if ( !reply ) { msg = tr( "Network error but no reply object accessible" ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); return; } if ( err != QNetworkReply::NoError ) { msg = tr( "Network error: %1" ).arg( reply->errorString() ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); } // TODO: update debug messages to output to QGIS @@ -413,18 +413,18 @@ void QgsAuthOAuth2Method::onNetworkError( QNetworkReply::NetworkError err ) int status = reply->attribute( QNetworkRequest::HttpStatusCodeAttribute ).toInt(); msg = tr( "Network error, HTTP status: %1" ).arg( reply->attribute( QNetworkRequest::HttpReasonPhraseAttribute ).toString() ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); if ( status == 401 ) { msg = tr( "Attempting token refresh..." ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); QString authcfg = reply->property( "authcfg" ).toString(); if ( authcfg.isEmpty() ) { msg = tr( "Token refresh FAILED: authcfg empty" ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); return; } @@ -438,12 +438,12 @@ void QgsAuthOAuth2Method::onNetworkError( QNetworkReply::NetworkError err ) o2->refresh(); msg = tr( "Background token refresh underway for authcfg: %1" ).arg( authcfg ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info ); } else { msg = tr( "Background token refresh FAILED for authcfg %1: could not get authenticator object" ).arg( authcfg ); - QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); } } } @@ -454,7 +454,7 @@ void QgsAuthOAuth2Method::onRefreshFinished( QNetworkReply::NetworkError err ) if ( err != QNetworkReply::NoError ) { QgsMessageLog::logMessage( tr( "Token fefresh error: %1" ).arg( reply->errorString() ), - AUTH_METHOD_KEY, QgsMessageLog::WARNING ); + AUTH_METHOD_KEY, Qgis::MessageLevel::Warning ); } } diff --git a/tests/src/auth/CMakeLists.txt b/tests/src/auth/CMakeLists.txt index 63283629ceb2..a25499fcdb41 100644 --- a/tests/src/auth/CMakeLists.txt +++ b/tests/src/auth/CMakeLists.txt @@ -57,12 +57,15 @@ MACRO (ADD_QGIS_TEST testname testsrc) TARGET_LINK_LIBRARIES(qgis_${testname} ${APP_SERVICES_LIBRARY}) ENDIF(APPLE) TARGET_LINK_LIBRARIES(qgis_${testname} - ${QT_QTCORE_LIBRARY} - ${QT_QTGUI_LIBRARY} - ${QT_QTNETWORK_LIBRARY} - ${QT_QTXML_LIBRARY} + ${Qt5Core_LIBRARIES} + ${Qt5Xml_LIBRARIES} + ${Qt5Svg_LIBRARIES} + ${Qt5Test_LIBRARIES} + ${Qt5Network_LIBRARIES} + ${PROJ_LIBRARY} + ${GEOS_LIBRARY} + ${GDAL_LIBRARY} ${OPTIONAL_QTWEBKIT} - ${QT_QTTEST_LIBRARY} ${PROJ_LIBRARY} ${GEOS_LIBRARY} ${GDAL_LIBRARY} diff --git a/tests/src/python/qgis_wrapped_server.py b/tests/src/python/qgis_wrapped_server.py index de4b468fd4b0..36d3c9ea593a 100644 --- a/tests/src/python/qgis_wrapped_server.py +++ b/tests/src/python/qgis_wrapped_server.py @@ -203,12 +203,8 @@ qgs_server = QgsServer() -<<<<<<< a929de58a77eb0040b173a59df22ef510cd51023 -if os.environ.get('QGIS_SERVER_HTTP_BASIC_AUTH') is not None: -======= if QGIS_SERVER_HTTP_BASIC_AUTH: from qgis.server import QgsServerFilter ->>>>>>> [oauth2] Added test for resource owner password grant flow import base64 class HTTPBasicFilter(QgsServerFilter): @@ -242,7 +238,6 @@ def responseComplete(self): qgs_server.serverInterface().registerFilter(filter) -<<<<<<< a929de58a77eb0040b173a59df22ef510cd51023 def num2deg(xtile, ytile, zoom): """This returns the NW-corner of the square. Use the function with xtile+1 and/or ytile+1 to get the other corners. With xtile+0.5 & ytile+0.5 it will return the center of the tile.""" @@ -277,7 +272,7 @@ def requestReady(self): xyzfilter = XYZFilter(qgs_server.serverInterface()) qgs_server.serverInterface().registerFilter(xyzfilter) -======= + if QGIS_SERVER_OAUTH2_AUTH: from qgis.server import QgsServerFilter from oauthlib.oauth2 import RequestValidator, LegacyApplicationServer @@ -415,7 +410,6 @@ def _token(ttl): filter = OAuth2Filter(qgs_server.serverInterface()) qgs_server.serverInterface().registerFilter(filter) ->>>>>>> [oauth2] Added test for resource owner password grant flow class Handler(BaseHTTPRequestHandler): @@ -424,17 +418,11 @@ def do_GET(self, post_body=None): # CGI vars: headers = {} for k, v in self.headers.items(): -<<<<<<< a7fb4238893336c8d5b2b4802f63588175e70c83 headers['HTTP_%s' % k.replace(' ', '-').replace('-', '_').replace(' ', '-').upper()] = v if not self.path.startswith('http'): - self.path = "%s://%s:%s%s" % ('https' if https else 'http', QGIS_SERVER_HOST, self.server.server_port, self.path) - request = QgsBufferServerRequest(self.path, (QgsServerRequest.PostMethod if post_body is not None else QgsServerRequest.GetMethod), headers, post_body) -======= - headers['HTTP_%s' % k.replace( - ' ', '-').replace('-', '_').replace(' ', '-').upper()] = v + self.path = "%s://%s:%s%s" % ('https' if HTTPS_ENABLED else 'http', QGIS_SERVER_HOST, self.server.server_port, self.path) request = QgsBufferServerRequest( self.path, (QgsServerRequest.PostMethod if post_body is not None else QgsServerRequest.GetMethod), headers, post_body) ->>>>>>> Pass urlencoded URL to the oauth handler response = QgsBufferServerResponse() qgs_server.handleRequest(request, response) @@ -461,20 +449,10 @@ class ThreadedHTTPServer(ThreadingMixIn, HTTPServer): if __name__ == '__main__': -<<<<<<< a929de58a77eb0040b173a59df22ef510cd51023 if os.environ.get('MULTITHREADING') == '1': server = ThreadedHTTPServer((QGIS_SERVER_HOST, QGIS_SERVER_PORT), Handler) else: server = HTTPServer((QGIS_SERVER_HOST, QGIS_SERVER_PORT), Handler) - if https: - server.socket = ssl.wrap_socket(server.socket, - certfile=QGIS_SERVER_PKI_CERTIFICATE, - keyfile=QGIS_SERVER_PKI_KEY, - ca_certs=QGIS_SERVER_PKI_AUTHORITY, - cert_reqs=ssl.CERT_REQUIRED, - server_side=True, - ssl_version=ssl.PROTOCOL_TLSv1) -======= server = HTTPServer((QGIS_SERVER_HOST, QGIS_SERVER_PORT), Handler) # HTTPS is enabled if any of PKI or OAuth2 are enabled too if HTTPS_ENABLED: @@ -497,7 +475,6 @@ class ThreadedHTTPServer(ThreadingMixIn, HTTPServer): server_side=True, ssl_version=ssl.PROTOCOL_TLSv1) ->>>>>>> [oauth2] Added test for resource owner password grant flow print('Starting server on %s://%s:%s, use to stop' % ('https' if HTTPS_ENABLED else 'http', QGIS_SERVER_HOST, server.server_port), flush=True) diff --git a/tests/src/python/test_authmanager_oauth2_ows.py b/tests/src/python/test_authmanager_oauth2_ows.py index d160eea9180b..aafc95137de2 100644 --- a/tests/src/python/test_authmanager_oauth2_ows.py +++ b/tests/src/python/test_authmanager_oauth2_ows.py @@ -36,7 +36,7 @@ from utilities import unitTestDataPath, waitServer from qgis.core import ( - QgsAuthManager, + QgsApplication, QgsAuthMethodConfig, QgsVectorLayer, QgsRasterLayer, @@ -87,19 +87,19 @@ def setup_oauth(username, password, token_uri, refresh_token_uri='', authcfg_id= "version": 1 } - if authcfg_id not in QgsAuthManager.instance().availableAuthMethodConfigs(): + if authcfg_id not in QgsApplication.authManager().availableAuthMethodConfigs(): authConfig = QgsAuthMethodConfig('OAuth2') authConfig.setId(authcfg_id) authConfig.setName(authcfg_name) authConfig.setConfig('oauth2config', json.dumps(cfgjson)) - if QgsAuthManager.instance().storeAuthenticationConfig(authConfig): + if QgsApplication.authManager().storeAuthenticationConfig(authConfig): return authcfg_id else: authConfig = QgsAuthMethodConfig() - QgsAuthManager.instance().loadAuthenticationConfig(authcfg_id, authConfig, True) + QgsApplication.authManager().loadAuthenticationConfig(authcfg_id, authConfig, True) authConfig.setName(authcfg_name) authConfig.setConfig('oauth2config', json.dumps(cfgjson)) - if QgsAuthManager.instance().updateAuthenticationConfig(authConfig): + if QgsApplication.authManager().updateAuthenticationConfig(authConfig): return authcfg_id return None @@ -109,7 +109,7 @@ class TestAuthManager(unittest.TestCase): @classmethod def setUpAuth(cls): """Run before all tests and set up authentication""" - authm = QgsAuthManager.instance() + authm = QgsApplication.authManager() assert (authm.setMasterPassword('masterpassword', True)) cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'chains_subissuer-issuer-root_issuer2-root2.pem') assert os.path.isfile(cls.sslrootcert_path) @@ -178,7 +178,7 @@ def setUpClass(cls): # This is to test wrong credentials cls.wrong_authcfg_id = setup_oauth('wrong', 'wrong', cls.token_uri, cls.refresh_token_uri, str(random.randint(0, 10000000))) # Get the authentication configuration instance: - cls.auth_config = QgsAuthManager.instance().availableAuthMethodConfigs()[cls.authcfg_id] + cls.auth_config = QgsApplication.authManager().availableAuthMethodConfigs()[cls.authcfg_id] assert cls.auth_config.isValid() # Wait for the server process to start