[Pkg-owncloud-commits] [owncloud-client] 107/332: TokenCredentials: Fix cookie behaviour

Thu Aug 14 21:06:46 UTC 2014

This is an automated email from the git hooks/post-receive script.

hefee-guest pushed a commit to branch master
in repository owncloud-client.

commit 71a901a24e4ff5564337e91c6a62177d764e64b9
Author: Markus Goetz <markus at woboq.com>
Date:   Thu Jun 19 13:34:15 2014 +0200

    TokenCredentials: Fix cookie behaviour
    
    parseCookies did not work as expected. Now we just hard-set the
    token credentials into the Cookie header for QNAM jobs.
    This is the same behaviour as for neon jobs.
    
    (cherry picked from commit 855a8c0a335f76b82b8e647a8c5a4ae692065d3b)
---
 src/creds/tokencredentials.cpp | 37 +++++++++++++------------------------
 src/creds/tokencredentials.h   |  3 +--
 2 files changed, 14 insertions(+), 26 deletions(-)

diff --git a/src/creds/tokencredentials.cpp b/src/creds/tokencredentials.cpp
index e2607e0..7e9a562 100644
--- a/src/creds/tokencredentials.cpp
+++ b/src/creds/tokencredentials.cpp
@@ -79,15 +79,16 @@ public:
         : MirallAccessManager(parent), _cred(cred) {}
 protected:
     QNetworkReply *createRequest(Operation op, const QNetworkRequest &request, QIODevice *outgoingData) {
-        QByteArray credHash = QByteArray(_cred->user().toUtf8()+":"+_cred->password().toUtf8()).toBase64();
+        if (_cred->user().isEmpty() || _cred->password().isEmpty() || _cred->_token.isEmpty()) {
+            qWarning() << Q_FUNC_INFO << "Empty user/password/token provided!";
+        }
+
         QNetworkRequest req(request);
+
+        QByteArray credHash = QByteArray(_cred->user().toUtf8()+":"+_cred->password().toUtf8()).toBase64();
         req.setRawHeader(QByteArray("Authorization"), QByteArray("Basic ") + credHash);
-        //qDebug() << "Request for " << req.url() << "with authorization" << QByteArray::fromBase64(credHash);
 
-        // Append token cookie
-        QList<QNetworkCookie> cookies = request.header(QNetworkRequest::CookieHeader).value<QList<QNetworkCookie> >();
-        cookies.append(QNetworkCookie::parseCookies(_cred->_token.toUtf8()));
-        req.setHeader(QNetworkRequest::CookieHeader, QVariant::fromValue(cookies));
+        req.setRawHeader("Cookie", _cred->_token.toUtf8()); // analogous to neon in syncContextPreStart
 
         return MirallAccessManager::createRequest(op, req, outgoingData);
     }
@@ -161,12 +162,6 @@ bool TokenCredentials::ready() const
     return _ready;
 }
 
-QString TokenCredentials::fetchUser(Account* account)
-{
-    _user = account->credentialSetting(QLatin1String(userC)).toString();
-    return _user;
-}
-
 void TokenCredentials::fetch(Account *account)
 {
     if( !account ) {
@@ -174,10 +169,11 @@ void TokenCredentials::fetch(Account *account)
     }
     Q_EMIT fetched();
 }
+
 bool TokenCredentials::stillValid(QNetworkReply *reply)
 {
     return ((reply->error() != QNetworkReply::AuthenticationRequiredError)
-            // returned if user or password is incorrect
+            // returned if user/password or token are incorrect
             && (reply->error() != QNetworkReply::OperationCanceledError
                 || !reply->property(authenticationFailedC).toBool()));
 }
@@ -189,19 +185,12 @@ QString TokenCredentials::queryPassword(bool *ok)
 
 void TokenCredentials::invalidateToken(Account *account)
 {
-    _password = QString();
+    qDebug() << Q_FUNC_INFO;
     _ready = false;
-
-    // User must be fetched from config file to generate a valid key
-    fetchUser(account);
-
-    const QString kck = keychainKey(account->url().toString(), _user);
-    if( kck.isEmpty() ) {
-        qDebug() << "InvalidateToken: User is empty, bailing out!";
-        return;
-    }
-
     account->clearCookieJar();
+    _token = QString();
+    _user = QString();
+    _password = QString();
 }
 
 void TokenCredentials::persist(Account *account)
diff --git a/src/creds/tokencredentials.h b/src/creds/tokencredentials.h
index 7b593d5..d44fb20 100644
--- a/src/creds/tokencredentials.h
+++ b/src/creds/tokencredentials.h
@@ -53,7 +53,6 @@ public:
     QString password() const;
     QString queryPassword(bool *ok);
     void invalidateToken(Account *account);
-    QString fetchUser(Account *account);
 
 private Q_SLOTS:
     void slotAuthentication(QNetworkReply*, QAuthenticator*);
@@ -61,7 +60,7 @@ private Q_SLOTS:
 private:
     QString _user;
     QString _password;
-    QString _token;
+    QString _token; // the cookies
     bool _ready;
 };
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud-client.git

