Skip to content
Permalink
Browse files

[FEATURE] Authentication configuration system with master password

- Main C++ core and gui classes and desktop app integration
- Support for authentication method plugins
- Does not contain any integration with service connections
  • Loading branch information
dakcarto committed Sep 21, 2015
1 parent 3a379d0 commit e65aa99ae7b320790d38e04a1a2b5d6232003571
Showing with 19,966 additions and 70 deletions.
  1. +7 −0 CMakeLists.txt
  2. +1 −0 ci/travis/linux/before_install.sh
  3. +2 −1 ci/travis/osx/before_install.sh
  4. +98 −0 cmake/FindQCA.cmake
  5. +189 −0 cmake/QCAMacros.cmake
  6. +4 −0 images/images.qrc
  7. +90 −0 images/themes/default/mIconCertificate.svg
  8. +83 −0 images/themes/default/mIconCertificateMissing.svg
  9. +98 −0 images/themes/default/mIconCertificateTrusted.svg
  10. +97 −0 images/themes/default/mIconCertificateUntrusted.svg
  11. +64 −0 mac/cmake/1qt.cmake.in
  12. +3 −0 python/CMakeLists.txt
  13. +3 −0 python/core/qgsapplication.sip
  14. +6 −0 python/core/qgscredentials.sip
  15. +2 −0 python/gui/qgscredentialdialog.sip
  16. +3 −0 src/app/CMakeLists.txt
  17. +12 −0 src/app/main.cpp
  18. +145 −19 src/app/qgisapp.cpp
  19. +13 −0 src/app/qgisapp.h
  20. +3 −0 src/app/qgsabout.cpp
  21. +1 −1 src/app/qgsbrowserdockwidget.cpp
  22. +1 −1 src/app/qgsmaptoolidentifyaction.cpp
  23. +1 −0 src/app/qgsoptions.h
  24. +22 −0 src/core/CMakeLists.txt
  25. +902 −0 src/core/auth/qgsauthcertutils.cpp
  26. +198 −0 src/core/auth/qgsauthcertutils.h
  27. +452 −0 src/core/auth/qgsauthconfig.cpp
  28. +271 −0 src/core/auth/qgsauthconfig.h
  29. +160 −0 src/core/auth/qgsauthcrypto.cpp
  30. +58 −0 src/core/auth/qgsauthcrypto.h
  31. +3,291 −0 src/core/auth/qgsauthmanager.cpp
  32. +616 −0 src/core/auth/qgsauthmanager.h
  33. +165 −0 src/core/auth/qgsauthmethod.h
  34. +43 −0 src/core/auth/qgsauthmethodmetadata.cpp
  35. +69 −0 src/core/auth/qgsauthmethodmetadata.h
  36. +392 −0 src/core/auth/qgsauthmethodregistry.cpp
  37. +121 −0 src/core/auth/qgsauthmethodregistry.h
  38. +36 −2 src/core/qgsapplication.cpp
  39. +9 −0 src/core/qgsapplication.h
  40. +25 −0 src/core/qgscredentials.cpp
  41. +6 −0 src/core/qgscredentials.h
  42. +33 −0 src/core/qgsnetworkaccessmanager.cpp
  43. +57 −0 src/gui/CMakeLists.txt
  44. +790 −0 src/gui/auth/qgsauthauthoritieseditor.cpp
  45. +134 −0 src/gui/auth/qgsauthauthoritieseditor.h
  46. +928 −0 src/gui/auth/qgsauthcertificateinfo.cpp
  47. +155 −0 src/gui/auth/qgsauthcertificateinfo.h
  48. +121 −0 src/gui/auth/qgsauthcerttrustpolicycombobox.cpp
  49. +53 −0 src/gui/auth/qgsauthcerttrustpolicycombobox.h
  50. +335 −0 src/gui/auth/qgsauthconfigedit.cpp
  51. +88 −0 src/gui/auth/qgsauthconfigedit.h
  52. +258 −0 src/gui/auth/qgsauthconfigeditor.cpp
  53. +101 −0 src/gui/auth/qgsauthconfigeditor.h
  54. +194 −0 src/gui/auth/qgsauthconfigselect.cpp
  55. +73 −0 src/gui/auth/qgsauthconfigselect.h
  56. +44 −0 src/gui/auth/qgsautheditorwidgets.h
  57. +257 −0 src/gui/auth/qgsauthguiutils.cpp
  58. +80 −0 src/gui/auth/qgsauthguiutils.h
  59. +405 −0 src/gui/auth/qgsauthidentitieseditor.cpp
  60. +101 −0 src/gui/auth/qgsauthidentitieseditor.h
  61. +226 −0 src/gui/auth/qgsauthimportcertdialog.cpp
  62. +83 −0 src/gui/auth/qgsauthimportcertdialog.h
  63. +468 −0 src/gui/auth/qgsauthimportidentitydialog.cpp
  64. +104 −0 src/gui/auth/qgsauthimportidentitydialog.h
  65. +105 −0 src/gui/auth/qgsauthmasterpassresetdialog.cpp
  66. +59 −0 src/gui/auth/qgsauthmasterpassresetdialog.h
  67. +55 −0 src/gui/auth/qgsauthmethodedit.h
  68. +420 −0 src/gui/auth/qgsauthserverseditor.cpp
  69. +99 −0 src/gui/auth/qgsauthserverseditor.h
  70. +501 −0 src/gui/auth/qgsauthsslconfigwidget.cpp
  71. +161 −0 src/gui/auth/qgsauthsslconfigwidget.h
  72. +210 −0 src/gui/auth/qgsauthsslerrorsdialog.cpp
  73. +74 −0 src/gui/auth/qgsauthsslerrorsdialog.h
  74. +462 −0 src/gui/auth/qgsauthsslimportdialog.cpp
  75. +128 −0 src/gui/auth/qgsauthsslimportdialog.h
  76. +331 −0 src/gui/auth/qgsauthtrustedcasdialog.cpp
  77. +95 −0 src/gui/auth/qgsauthtrustedcasdialog.h
  78. +178 −0 src/gui/qgscredentialdialog.cpp
  79. +16 −0 src/gui/qgscredentialdialog.h
  80. +2 −1 src/ui/CMakeLists.txt
  81. +369 −0 src/ui/auth/qgsauthauthoritieseditor.ui
  82. +277 −0 src/ui/auth/qgsauthcertificateinfo.ui
  83. +141 −0 src/ui/auth/qgsauthconfigedit.ui
  84. +227 −0 src/ui/auth/qgsauthconfigeditor.ui
  85. +148 −0 src/ui/auth/qgsauthconfigselect.ui
  86. +163 −0 src/ui/auth/qgsautheditorwidgets.ui
  87. +261 −0 src/ui/auth/qgsauthidentitieseditor.ui
  88. +305 −0 src/ui/auth/qgsauthimportcertdialog.ui
  89. +399 −0 src/ui/auth/qgsauthimportidentitydialog.ui
  90. +215 −0 src/ui/auth/qgsauthmasterpassresetdialog.ui
  91. +246 −0 src/ui/auth/qgsauthserverseditor.ui
  92. +196 −0 src/ui/auth/qgsauthsslconfigwidget.ui
  93. +281 −0 src/ui/auth/qgsauthsslerrorsdialog.ui
  94. +297 −0 src/ui/auth/qgsauthsslimportdialog.ui
  95. +112 −0 src/ui/auth/qgsauthsslimporterrors.ui
  96. +183 −0 src/ui/auth/qgsauthtrustedcasdialog.ui
  97. +10 −0 src/ui/qgisapp.ui
  98. +234 −45 src/ui/qgscredentialdialog.ui
  99. +25 −0 src/ui/qgsoptionsbase.ui
  100. +1 −0 tests/src/analysis/CMakeLists.txt
  101. +2 −0 tests/src/app/CMakeLists.txt
  102. +3 −0 tests/src/core/CMakeLists.txt
  103. +121 −0 tests/src/core/testqgsauthcrypto.cpp
  104. +2 −0 tests/src/gui/CMakeLists.txt
  105. +2 −0 tests/src/providers/CMakeLists.txt
@@ -308,6 +308,13 @@ ENDIF (WITH_TOUCH)
# search for QScintilla2 (C++ lib)
FIND_PACKAGE(QScintilla REQUIRED)

# Master password hash and authentication encryption
FIND_PACKAGE(QCA REQUIRED)
# Check for runtime dependency of qca-ossl plugin
# REQUIRED if unit tests are to be run from build directory
include(QCAMacros)
FIND_QCAOSSL_PLUGIN_CPP(ENABLE_TESTS)

# ModelTest
SET(ENABLE_MODELTEST FALSE CACHE BOOL "Enable QT ModelTest (not for production)")

@@ -11,6 +11,7 @@ sudo apt-get install --force-yes --no-install-recommends --no-install-suggests \
libgdal1-dev libgeos-dev libgsl0-dev libpq-dev \
libproj-dev libqscintilla2-dev libqt4-dev \
libqt4-opengl-dev libqt4-sql-sqlite libqtwebkit-dev \
libqca2-dev libqca2-plugin-ossl \
libqwt-dev libspatialindex-dev libspatialite-dev \
libsqlite3-dev lighttpd pkg-config poppler-utils \
pyqt4-dev-tools python python-dev python-qt4 \
@@ -1,6 +1,7 @@
brew tap osgeo/osgeo4mac
brew update
brew install osgeo/osgeo4mac/qgis-28 --without-postgis --without-postgresql --without-grass --without-gpsbabel --only-dependencies
brew install osgeo/osgeo4mac/qgis-28 --without-postgis --without-postgresql --without-grass --without-gpsbabel --only-dependencies
brew install qca
brew install spawn-fcgi
brew install lighttpd
brew install poppler
@@ -0,0 +1,98 @@
# Find QCA (Qt Cryptography Architecture 2+)
# ~~~~~~~~~~~~~~~~
# When run this will define
#
# QCA_FOUND - system has QCA
# QCA_LIBRARY - the QCA library or framework
# QCA_INCLUDE_DIR - the QCA include directory
# QCA_VERSION_STR - e.g. "2.0.3"
#
# Copyright (c) 2006, Michael Larouche, <michael.larouche@kdemail.net>
# Copyright (c) 2014, Larry Shaffer, <larrys (at) dakotacarto (dot) com>
#
# Redistribution and use is allowed according to the terms of the BSD license.
# For details see the accompanying COPYING-CMAKE-SCRIPTS file.


if(QCA_INCLUDE_DIR AND QCA_LIBRARY)

set(QCA_FOUND TRUE)

else(QCA_INCLUDE_DIR AND QCA_LIBRARY)

find_library(QCA_LIBRARY
NAMES qca qca2
PATHS
${LIB_DIR}
$ENV{LIB}
"$ENV{LIB_DIR}"
/usr/local/lib
)

if(APPLE)
if(QCA_LIBRARY AND QCA_LIBRARY MATCHES "qca(2)?\\.framework")
set(QCA_LIBRARY "${QCA_LIBRARY}" CACHE FILEPATH "QCA framework" FORCE)
set(QCA_INCLUDE_DIR "${QCA_LIBRARY}/Headers" CACHE FILEPATH "QCA framework headers" FORCE)
endif()
endif(APPLE)

find_path(QCA_INCLUDE_DIR
NAMES QtCrypto
PATHS
${LIB_DIR}/include
"$ENV{LIB_DIR}/include"
$ENV{INCLUDE}
/usr/local/include
PATH_SUFFIXES QtCrypto qt4/QtCrypto
)

if(QCA_LIBRARY AND QCA_INCLUDE_DIR)
set(QCA_FOUND TRUE)
endif()

endif(QCA_INCLUDE_DIR AND QCA_LIBRARY)

if(NOT QCA_FOUND)

if(QCA_FIND_REQUIRED)
message(FATAL_ERROR "Could not find QCA")
else()
message(STATUS "Could not find QCA")
endif()

else(NOT QCA_FOUND)

# Check version is valid (>= 2.0.3)
# find_package(QCA 2.0.3) works with 2.1.0+, which has a QcaConfigVersion.cmake, but 2.0.3 does not

# qca_version.h header only available with 2.1.0+
set(_qca_version_h "${QCA_INCLUDE_DIR}/qca_version.h")
if(EXISTS "${_qca_version_h}")
file(STRINGS "${_qca_version_h}" _qca_version_str REGEX "^.*QCA_VERSION_STR +\"[^\"]+\".*$")
string(REGEX REPLACE "^.*QCA_VERSION_STR +\"([^\"]+)\".*$" "\\1" QCA_VERSION_STR "${_qca_version_str}")
else()
# qca_core.h contains hexidecimal version in <= 2.0.3
set(_qca_core_h "${QCA_INCLUDE_DIR}/qca_core.h")
if(EXISTS "${_qca_core_h}")
file(STRINGS "${_qca_core_h}" _qca_version_str REGEX "^#define +QCA_VERSION +0x[0-9a-fA-F]+.*")
string(REGEX REPLACE "^#define +QCA_VERSION +0x([0-9a-fA-F]+)$" "\\1" _qca_version_int "${_qca_version_str}")
if("${_qca_version_int}" STREQUAL "020003")
set(QCA_VERSION_STR "2.0.3")
endif()
endif()
endif()

if(NOT QCA_VERSION_STR)
set(QCA_FOUND FALSE)
if(QCA_FIND_REQUIRED)
message(FATAL_ERROR "Could not find QCA >= 2.0.3")
else()
message(STATUS "Could not find QCA >= 2.0.3")
endif()
else()
if(NOT QCA_FIND_QUIETLY)
message(STATUS "Found QCA: ${QCA_LIBRARY} (${QCA_VERSION_STR})")
endif()
endif()

endif(NOT QCA_FOUND)
@@ -0,0 +1,189 @@
# Macros/functions for finding QCA's qcatool utility and qca-ossl plugin
# ~~~~~~~~~~~~~~~~
# When FIND_QCATOOL is run, will define:
#
# QCATOOL_EXECUTABLE - Path to QCA's qcatool utility
#
# NOTE: FIND_QCAOSSL_PLUGIN_CPP requires Qt and QCA packages to be found
#
# Copyright (c) 2014, Larry Shaffer, <larrys (at) dakotacarto (dot) com>>
# Redistribution and use is allowed according to the terms of the BSD license.
# For details see the accompanying COPYING-CMAKE-SCRIPTS file.

function(FIND_QCAOSSL_PLUGIN_CPP PLUGIN_REQUIRED)

# requires Qt and QCA packages to be found
if(QT_INCLUDE_DIR AND QT_QTCORE_INCLUDE_DIR AND QT_QTCORE_LIBRARY
AND QCA_INCLUDE_DIR AND QCA_LIBRARY
AND NOT CMAKE_CROSSCOMPILING)

# NOTE: boolean result when compiled executable is run
set(CODE
"
#include <QtCrypto>
#include <QCoreApplication>
int main( int argc, char** argv )
{
QCA::Initializer init;
QCoreApplication app( argc, argv );
if ( !QCA::isSupported( \"cert\", \"qca-ossl\" ) )
{
return 0;
}
return 1;
}
"
)
set(TESTCPP "${CMAKE_BINARY_DIR}${CMAKE_FILES_DIRECTORY}/CMakeTmp/qcaossl.cpp")
file(WRITE ${TESTCPP} "${CODE}")

set(QCA_INCLUDE_DIRECTORIES "-DINCLUDE_DIRECTORIES:STRING=${QT_INCLUDE_DIR};${QT_QTCORE_INCLUDE_DIR};${QCA_INCLUDE_DIR}")
set(QCA_LINK_LIBRARIES "-DLINK_LIBRARIES:STRING=${QT_QTCORE_LIBRARY};${QCA_LIBRARY}")

try_run(RUN_RESULT COMPILE_RESULT
${CMAKE_BINARY_DIR} ${TESTCPP}
CMAKE_FLAGS "${QCA_INCLUDE_DIRECTORIES}" "${QCA_LINK_LIBRARIES}"
COMPILE_OUTPUT_VARIABLE COMPILE_OUTPUT
)

set(_msg "QCA OpenSSL plugin not found (run-time/unit-test dependency)")

if(NOT COMPILE_RESULT)
message(STATUS "QCA OpenSSL plugin C++ check failed to compile")
if(${PLUGIN_REQUIRED})
message(STATUS "QCA OpenSSL plugin C++ check compile output:")
message(STATUS "${COMPILE_OUTPUT}")
message(FATAL_ERROR ${_msg})
else()
message(STATUS ${_msg})
endif()
else()
if(NOT RUN_RESULT)
if(${PLUGIN_REQUIRED})
message(FATAL_ERROR ${_msg})
else()
message(STATUS ${_msg})
endif()
else()
message(STATUS "Found QCA OpenSSL plugin")
endif()
endif()

else()
message(STATUS "QtCore/QCA include/lib variables missing or CMake is cross-compiling,")
message(STATUS " skipping QCA OpenSSL plugin C++ check")
endif()

endfunction(FIND_QCAOSSL_PLUGIN_CPP PLUGIN_REQUIRED)


function(FIND_QCATOOL TOOL_REQUIRED)
if(NOT QCATOOL_EXECUTABLE)

if(MSVC)
find_program(QCATOOL_EXECUTABLE NAMES qcatool.exe qcatool2.exe
PATHS
$ENV{LIB_DIR}/bin
$ENV{OSGEO4W_ROOT}/bin
)
else()
find_program(QCATOOL_EXECUTABLE NAMES qcatool qcatool2)
endif()

if(NOT QCATOOL_EXECUTABLE)
set(_msg "QCA's qcatool utility not found - aborting")
if(${TOOL_REQUIRED})
message(FATAL_ERROR ${_msg})
else()
message(STATUS ${_msg})
endif()
endif()

else()

get_filename_component(_qcatool ${QCATOOL_EXECUTABLE} REALPATH)
if(NOT EXISTS "${_qcatool}")
set(_msg "QCA's qcatool utility not found at: ${QCATOOL_EXECUTABLE}")
if(${TOOL_REQUIRED})
message(FATAL_ERROR ${_msg})
else()
message(STATUS ${_msg})
endif()
endif()

endif(NOT QCATOOL_EXECUTABLE)

endfunction(FIND_QCATOOL TOOL_REQUIRED)


function(FIND_QCAOSSL_PLUGIN PLUGIN_REQUIRED)

get_filename_component(_qcatool ${QCATOOL_EXECUTABLE} REALPATH)

if(EXISTS "${_qcatool}")
execute_process(COMMAND "${_qcatool}" plugins OUTPUT_VARIABLE _qca_plugins)
# message(STATUS ${_qca_plugins})

if(NOT "${_qca_plugins}" MATCHES "qca-ossl")
set(_msg "QCA OpenSSL plugin not found (run-time/unit-test dependency)")
if(${PLUGIN_REQUIRED})
message(FATAL_ERROR ${_msg})
else()
message(STATUS ${_msg})
endif()
else()
message(STATUS "Found QCA OpenSSL plugin")
endif()
endif()

endfunction(FIND_QCAOSSL_PLUGIN PLUGIN_REQUIRED)


function(FIND_QCA_PLUGIN_DIR DIR_REQUIRED)

FIND_QCATOOL(1)
get_filename_component(_qcatool ${QCATOOL_EXECUTABLE} REALPATH)

if(EXISTS "${_qcatool}")
execute_process(COMMAND "${_qcatool}" plugins OUTPUT_VARIABLE _qca_plugins)
#message(STATUS ${_qca_plugins})
string(REGEX REPLACE "\n" ";" _qca_plugins_list "${_qca_plugins}")
#message(STATUS "_qca_plugins_list: ${_qca_plugins_list}")

if(NOT "${_qca_plugins}" MATCHES "Available Providers")
set(_msg "QCA plugin directory not found")
if(${DIR_REQUIRED})
message(FATAL_ERROR ${_msg})
else()
message(STATUS ${_msg})
endif()
else()

set(QCA_PLUGIN_DIR)
foreach(_plugin_dir ${_qca_plugins_list})
string(STRIP "${_plugin_dir}" _plugin_dir)
if(EXISTS "${_plugin_dir}" AND IS_DIRECTORY "${_plugin_dir}" AND NOT QCA_PLUGIN_DIR)
file(GLOB qca_dylibs "${_plugin_dir}/crypto/libqca*")
if(qca_dylibs)
set(QCA_PLUGIN_DIR "${_plugin_dir}")
endif()
endif()
endforeach()

if(QCA_PLUGIN_DIR)
set(QCA_PLUGIN_DIR "${QCA_PLUGIN_DIR}" PARENT_SCOPE)
message(STATUS "Found QCA plugin directory: ${QCA_PLUGIN_DIR}")
else()
set(_msg "QCA plugin directory not found")
if(${DIR_REQUIRED})
message(FATAL_ERROR ${_msg})
else()
message(STATUS ${_msg})
endif()
endif()

endif()
endif()

endfunction(FIND_QCA_PLUGIN_DIR DIR_REQUIRED)
@@ -311,6 +311,10 @@
<file>themes/default/mActionZoomToSelected.svg</file>
<file>themes/default/mIconAtlas.svg</file>
<file>themes/default/mIconAutoPlacementSettings.svg</file>
<file>themes/default/mIconCertificate.svg</file>
<file>themes/default/mIconCertificateMissing.svg</file>
<file>themes/default/mIconCertificateTrusted.svg</file>
<file>themes/default/mIconCertificateUntrusted.svg</file>
<file>themes/default/mIconClear.svg</file>
<file>themes/default/mIconClose.png</file>
<file>themes/default/mIconCollapse.png</file>

0 comments on commit e65aa99

Please sign in to comment.
You can’t perform that action at this time.