Skip to content
Permalink
Browse files

[authmanager] Fix OAuth2 implicit grant flow

  • Loading branch information
elpaso authored and nyalldawson committed Oct 25, 2018
1 parent 8eb1930 commit 560e841e3738b7eac6be4e6896108878479ec898
Showing with 38 additions and 3 deletions.
  1. +36 −1 src/auth/oauth2/qgso2.cpp
  2. +2 −2 src/auth/oauth2/qgso2.h
@@ -170,7 +170,7 @@ void QgsO2::link()
setRefreshToken( QString() );
setExpires( 0 );

if ( grantFlow_ == GrantFlowAuthorizationCode )
if ( grantFlow_ == GrantFlowAuthorizationCode || grantFlow_ == GrantFlowImplicit )
{
if ( mIsLocalHost )
{
@@ -238,6 +238,15 @@ void QgsO2::link()
}
}


void QgsO2::setState( const QString & )
{
qsrand( QTime::currentTime().msec() );
state_ = QString::number( qrand() );
Q_EMIT stateChanged();
}


void QgsO2::onVerificationReceived( QMap<QString, QString> response )
{
QgsDebugMsgLevel( QStringLiteral( "QgsO2::onVerificationReceived: Emitting closeBrowser()" ), 4 );
@@ -295,6 +304,32 @@ void QgsO2::onVerificationReceived( QMap<QString, QString> response )
connect( tokenReply, &QNetworkReply::finished, this, &QgsO2::onTokenReplyFinished, Qt::QueuedConnection );
connect( tokenReply, qgis::overload<QNetworkReply::NetworkError>::of( &QNetworkReply::error ), this, &QgsO2::onTokenReplyError, Qt::QueuedConnection );
}
else if ( grantFlow_ == GrantFlowImplicit )
{
// Check for mandatory tokens
if ( response.contains( O2_OAUTH2_ACCESS_TOKEN ) )
{
qDebug() << "O2::onVerificationReceived: Access token returned for implicit flow";
setToken( response.value( O2_OAUTH2_ACCESS_TOKEN ) );
if ( response.contains( O2_OAUTH2_EXPIRES_IN ) )
{
bool ok = false;
int expiresIn = response.value( O2_OAUTH2_EXPIRES_IN ).toInt( &ok );
if ( ok )
{
qDebug() << "O2::onVerificationReceived: Token expires in" << expiresIn << "seconds";
setExpires( QDateTime::currentMSecsSinceEpoch() / 1000 + expiresIn );
}
}
setLinked( true );
Q_EMIT linkingSucceeded();
}
else
{
qWarning() << "O2::onVerificationReceived: Access token missing from response for implicit flow";
Q_EMIT linkingFailed();
}
}
else
{
setToken( response.value( O2_OAUTH2_ACCESS_TOKEN ) );
@@ -55,8 +55,8 @@ class QgsO2: public O2
//! Retrieve oauth2 state
QString state() const { return state_; }

//! Store oauth2 state to \a value
void setState( const QString &value ) { state_ = value; }
//! Store oauth2 state to a random value when called
void setState( const QString &value );

public slots:

0 comments on commit 560e841

Please sign in to comment.
You can’t perform that action at this time.