Qt 4.8
Public Types | Public Functions | Static Public Functions | Public Variables | List of all members
QAuthenticatorPrivate Class Reference

#include <qauthenticator_p.h>

Public Types

enum  Method {
  None, Basic, Plain, Login,
  Ntlm, CramMd5, DigestMd5
}
 
enum  Phase { Start, Phase2, Done, Invalid }
 

Public Functions

QByteArray calculateResponse (const QByteArray &method, const QByteArray &path)
 
QByteArray digestMd5Response (const QByteArray &challenge, const QByteArray &method, const QByteArray &path)
 
void parseHttpResponse (const QHttpResponseHeader &, bool isProxy)
 
void parseHttpResponse (const QList< QPair< QByteArray, QByteArray > > &, bool isProxy)
 
 QAuthenticatorPrivate ()
 
void updateCredentials ()
 
 ~QAuthenticatorPrivate ()
 

Static Public Functions

static QAuthenticatorPrivategetPrivate (QAuthenticator &auth)
 
static const QAuthenticatorPrivategetPrivate (const QAuthenticator &auth)
 
static QHash< QByteArray, QByteArrayparseDigestAuthenticationChallenge (const QByteArray &challenge)
 

Public Variables

QByteArray challenge
 
QByteArray cnonce
 
QString extractedUser
 
bool hasFailed
 
Method method
 
int nonceCount
 
QVariantHash options
 
QString password
 
Phase phase
 
QString realm
 
QString user
 
QString userDomain
 
QString workstation
 

Detailed Description

Definition at line 66 of file qauthenticator_p.h.

Enumerations

◆ Method

◆ Phase

Enumerator
Start 
Phase2 
Done 
Invalid 

Definition at line 82 of file qauthenticator_p.h.

Constructors and Destructors

◆ QAuthenticatorPrivate()

QAuthenticatorPrivate::QAuthenticatorPrivate ( )

Definition at line 329 of file qauthenticator.cpp.

330  : method(None)
331  , hasFailed(false)
332  , phase(Start)
333  , nonceCount(0)
334 {
337  nonceCount = 0;
338 }
Q_CORE_EXPORT int qrand()
QByteArray toHex() const
Returns a hex encoded copy of the byte array.
static QByteArray number(int, int base=10)
Returns a byte array containing the string equivalent of the number n to base base (10 by default)...
static QByteArray hash(const QByteArray &data, Algorithm method)
Returns the hash of data using method.

◆ ~QAuthenticatorPrivate()

QAuthenticatorPrivate::~QAuthenticatorPrivate ( )

Definition at line 355 of file qauthenticator.cpp.

356 {
357 }

Functions

◆ calculateResponse()

QByteArray QAuthenticatorPrivate::calculateResponse ( const QByteArray method,
const QByteArray path 
)

Definition at line 446 of file qauthenticator.cpp.

Referenced by QHttpPrivate::_q_slotSendRequest(), QHttpNetworkConnectionPrivate::createAuthorization(), and QHttpSocketEngine::slotSocketConnected().

447 {
448  QByteArray response;
449  const char *methodString = 0;
450  switch(method) {
452  methodString = "";
453  phase = Done;
454  break;
456  response = '\0' + user.toUtf8() + '\0' + password.toUtf8();
457  phase = Done;
458  break;
460  methodString = "Basic ";
461  response = user.toLatin1() + ':' + password.toLatin1();
462  response = response.toBase64();
463  phase = Done;
464  break;
466  if (challenge.contains("VXNlciBOYW1lAA==")) {
467  response = user.toUtf8().toBase64();
468  phase = Phase2;
469  } else if (challenge.contains("UGFzc3dvcmQA")) {
470  response = password.toUtf8().toBase64();
471  phase = Done;
472  }
473  break;
475  break;
477  methodString = "Digest ";
478  response = digestMd5Response(challenge, requestMethod, path);
479  phase = Done;
480  break;
482  methodString = "NTLM ";
483  if (challenge.isEmpty()) {
484  response = qNtlmPhase1().toBase64();
485  if (user.isEmpty())
486  phase = Done;
487  else
488  phase = Phase2;
489  } else {
491  phase = Done;
492  }
493 
494  break;
495  }
496  return QByteArray(methodString) + response;
497 }
QByteArray toUtf8() const Q_REQUIRED_RESULT
Returns a UTF-8 representation of the string as a QByteArray.
Definition: qstring.cpp:4074
The QByteArray class provides an array of bytes.
Definition: qbytearray.h:135
bool isEmpty() const
Returns true if the string has no characters; otherwise returns false.
Definition: qstring.h:704
static QByteArray qNtlmPhase1()
QByteArray toLatin1() const Q_REQUIRED_RESULT
Returns a Latin-1 representation of the string as a QByteArray.
Definition: qstring.cpp:3993
static QByteArray qNtlmPhase3(QAuthenticatorPrivate *ctx, const QByteArray &phase2data)
static QByteArray fromBase64(const QByteArray &base64)
Returns a decoded copy of the Base64 array base64.
QByteArray digestMd5Response(const QByteArray &challenge, const QByteArray &method, const QByteArray &path)
QByteArray toBase64() const
Returns a copy of the byte array, encoded as Base64.
bool isEmpty() const
Returns true if the byte array has size 0; otherwise returns false.
Definition: qbytearray.h:421
QBool contains(char c) const
Returns true if the byte array contains the character ch; otherwise returns false.
Definition: qbytearray.h:525

◆ digestMd5Response()

QByteArray QAuthenticatorPrivate::digestMd5Response ( const QByteArray challenge,
const QByteArray method,
const QByteArray path 
)

Definition at line 642 of file qauthenticator.cpp.

Referenced by calculateResponse().

643 {
645 
646  ++nonceCount;
647  QByteArray nonceCountString = QByteArray::number(nonceCount, 16);
648  while (nonceCountString.length() < 8)
649  nonceCountString.prepend('0');
650 
651  QByteArray nonce = options.value("nonce");
652  QByteArray opaque = options.value("opaque");
653  QByteArray qop = options.value("qop");
654 
655 // qDebug() << "calculating digest: method=" << method << "path=" << path;
656  QByteArray response = digestMd5ResponseHelper(options.value("algorithm"), user.toLatin1(),
658  nonce, nonceCountString,
659  cnonce, qop, method,
660  path, QByteArray());
661 
662 
663  QByteArray credentials;
664  credentials += "username=\"" + user.toLatin1() + "\", ";
665  credentials += "realm=\"" + realm.toLatin1() + "\", ";
666  credentials += "nonce=\"" + nonce + "\", ";
667  credentials += "uri=\"" + path + "\", ";
668  if (!opaque.isEmpty())
669  credentials += "opaque=\"" + opaque + "\", ";
670  credentials += "response=\"" + response + '\"';
671  if (!options.value("algorithm").isEmpty())
672  credentials += ", algorithm=" + options.value("algorithm");
673  if (!options.value("qop").isEmpty()) {
674  credentials += ", qop=" + qop + ", ";
675  credentials += "nc=" + nonceCountString + ", ";
676  credentials += "cnonce=\"" + cnonce + '\"';
677  }
678 
679  return credentials;
680 }
static QByteArray digestMd5ResponseHelper(const QByteArray &alg, const QByteArray &userName, const QByteArray &realm, const QByteArray &password, const QByteArray &nonce, const QByteArray &nonceCount, const QByteArray &cNonce, const QByteArray &qop, const QByteArray &method, const QByteArray &digestUri, const QByteArray &hEntity)
The QByteArray class provides an array of bytes.
Definition: qbytearray.h:135
QByteArray & prepend(char c)
Prepends the character ch to this byte array.
The QHash class is a template class that provides a hash-table-based dictionary.
Definition: qdatastream.h:66
const T value(const Key &key) const
Returns the value associated with the key.
Definition: qhash.h:606
QByteArray toLatin1() const Q_REQUIRED_RESULT
Returns a Latin-1 representation of the string as a QByteArray.
Definition: qstring.cpp:3993
static QHash< QByteArray, QByteArray > parseDigestAuthenticationChallenge(const QByteArray &challenge)
int length() const
Same as size().
Definition: qbytearray.h:356
bool isEmpty() const
Returns true if the byte array has size 0; otherwise returns false.
Definition: qbytearray.h:421
static QByteArray number(int, int base=10)
Returns a byte array containing the string equivalent of the number n to base base (10 by default)...

◆ getPrivate() [1/2]

static QAuthenticatorPrivate* QAuthenticatorPrivate::getPrivate ( QAuthenticator auth)
inlinestatic

◆ getPrivate() [2/2]

static const QAuthenticatorPrivate* QAuthenticatorPrivate::getPrivate ( const QAuthenticator auth)
inlinestatic

Definition at line 101 of file qauthenticator_p.h.

101 { return auth.d; }
QAuthenticatorPrivate * d

◆ parseDigestAuthenticationChallenge()

QHash< QByteArray, QByteArray > QAuthenticatorPrivate::parseDigestAuthenticationChallenge ( const QByteArray challenge)
static

Definition at line 502 of file qauthenticator.cpp.

Referenced by digestMd5Response(), and parseHttpResponse().

503 {
505  // parse the challenge
506  const char *d = challenge.constData();
507  const char *end = d + challenge.length();
508  while (d < end) {
509  while (d < end && (*d == ' ' || *d == '\n' || *d == '\r'))
510  ++d;
511  const char *start = d;
512  while (d < end && *d != '=')
513  ++d;
514  QByteArray key = QByteArray(start, d - start);
515  ++d;
516  if (d >= end)
517  break;
518  bool quote = (*d == '"');
519  if (quote)
520  ++d;
521  if (d >= end)
522  break;
523  start = d;
524  QByteArray value;
525  while (d < end) {
526  bool backslash = false;
527  if (*d == '\\' && d < end - 1) {
528  ++d;
529  backslash = true;
530  }
531  if (!backslash) {
532  if (quote) {
533  if (*d == '"')
534  break;
535  } else {
536  if (*d == ',')
537  break;
538  }
539  }
540  value += *d;
541  ++d;
542  }
543  while (d < end && *d != ',')
544  ++d;
545  ++d;
546  options[key] = value;
547  }
548 
549  QByteArray qop = options.value("qop");
550  if (!qop.isEmpty()) {
551  QList<QByteArray> qopoptions = qop.split(',');
552  if (!qopoptions.contains("auth"))
554  // #### can't do auth-int currently
555 // if (qop.contains("auth-int"))
556 // qop = "auth-int";
557 // else if (qop.contains("auth"))
558 // qop = "auth";
559 // else
560 // qop = QByteArray();
561  options["qop"] = "auth";
562  }
563 
564  return options;
565 }
double d
Definition: qnumeric_p.h:62
The QByteArray class provides an array of bytes.
Definition: qbytearray.h:135
The QHash class is a template class that provides a hash-table-based dictionary.
Definition: qdatastream.h:66
const T value(const Key &key) const
Returns the value associated with the key.
Definition: qhash.h:606
QBool contains(const T &t) const
Returns true if the list contains an occurrence of value; otherwise returns false.
Definition: qlist.h:880
int length() const
Same as size().
Definition: qbytearray.h:356
const char * constData() const
Returns a pointer to the data stored in the byte array.
Definition: qbytearray.h:433
QList< QByteArray > split(char sep) const
Splits the byte array into subarrays wherever sep occurs, and returns the list of those arrays...
int key
bool isEmpty() const
Returns true if the byte array has size 0; otherwise returns false.
Definition: qbytearray.h:421
static const KeyPair *const end

◆ parseHttpResponse() [1/2]

void QAuthenticatorPrivate::parseHttpResponse ( const QHttpResponseHeader header,
bool  isProxy 
)

Definition at line 341 of file qauthenticator.cpp.

Referenced by QHttpPrivate::_q_slotReadyRead(), QHttpNetworkConnectionPrivate::handleAuthenticateChallenge(), and QHttpSocketEngine::slotSocketReadNotification().

342 {
343  const QList<QPair<QString, QString> > values = header.values();
345 
346  QList<QPair<QString, QString> >::const_iterator it, end;
347  for (it = values.constBegin(), end = values.constEnd(); it != end; ++it)
348  rawValues.append(qMakePair(it->first.toLatin1(), it->second.toUtf8()));
349 
350  // continue in byte array form
351  parseHttpResponse(rawValues, isProxy);
352 }
#define it(className, varName)
void parseHttpResponse(const QHttpResponseHeader &, bool isProxy)
const_iterator constBegin() const
Returns a const STL-style iterator pointing to the first item in the list.
Definition: qlist.h:269
void append(const T &t)
Inserts value at the end of the list.
Definition: qlist.h:507
QList< QPair< QString, QString > > values() const
Returns all the entries in the header.
Definition: qhttp.cpp:852
quint16 values[128]
T & first()
Returns a reference to the first item in the list.
Definition: qlist.h:282
Q_OUTOFLINE_TEMPLATE QPair< T1, T2 > qMakePair(const T1 &x, const T2 &y)
Definition: qpair.h:102
static const KeyPair *const end
The QList class is a template class that provides lists.
Definition: qdatastream.h:62
const_iterator constEnd() const
Returns a const STL-style iterator pointing to the imaginary item after the last item in the list...
Definition: qlist.h:272

◆ parseHttpResponse() [2/2]

void QAuthenticatorPrivate::parseHttpResponse ( const QList< QPair< QByteArray, QByteArray > > &  values,
bool  isProxy 
)

Definition at line 382 of file qauthenticator.cpp.

383 {
384  const char *search = isProxy ? "proxy-authenticate" : "www-authenticate";
385 
386  method = None;
387  /*
388  Fun from the HTTP 1.1 specs, that we currently ignore:
389 
390  User agents are advised to take special care in parsing the WWW-
391  Authenticate field value as it might contain more than one challenge,
392  or if more than one WWW-Authenticate header field is provided, the
393  contents of a challenge itself can contain a comma-separated list of
394  authentication parameters.
395  */
396 
397  QByteArray headerVal;
398  for (int i = 0; i < values.size(); ++i) {
399  const QPair<QByteArray, QByteArray> &current = values.at(i);
400  if (current.first.toLower() != search)
401  continue;
402  QByteArray str = current.second.toLower();
403  if (method < Basic && str.startsWith("basic")) {
404  method = Basic;
405  headerVal = current.second.mid(6);
406  } else if (method < Ntlm && str.startsWith("ntlm")) {
407  method = Ntlm;
408  headerVal = current.second.mid(5);
409  } else if (method < DigestMd5 && str.startsWith("digest")) {
410  method = DigestMd5;
411  headerVal = current.second.mid(7);
412  }
413  }
414 
415  // Reparse credentials since we know the method now
417  challenge = headerVal.trimmed();
419 
420  switch(method) {
421  case Basic:
422  this->options[QLatin1String("realm")] = realm = QString::fromLatin1(options.value("realm"));
423  if (user.isEmpty() && password.isEmpty())
424  phase = Done;
425  break;
426  case Ntlm:
427  // #### extract from header
428  if (user.isEmpty() && password.isEmpty())
429  phase = Done;
430  break;
431  case DigestMd5: {
432  this->options[QLatin1String("realm")] = realm = QString::fromLatin1(options.value("realm"));
433  if (options.value("stale").toLower() == "true")
434  phase = Start;
435  if (user.isEmpty() && password.isEmpty())
436  phase = Done;
437  break;
438  }
439  default:
440  realm.clear();
441  challenge = QByteArray();
442  phase = Invalid;
443  }
444 }
The QByteArray class provides an array of bytes.
Definition: qbytearray.h:135
T1 first
Definition: qpair.h:65
T2 second
Definition: qpair.h:66
QByteArray toLower() const
Returns a lowercase copy of the byte array.
QLatin1String(DBUS_INTERFACE_DBUS))) Q_GLOBAL_STATIC_WITH_ARGS(QString
The QHash class is a template class that provides a hash-table-based dictionary.
Definition: qdatastream.h:66
bool startsWith(const QByteArray &a) const
Returns true if this byte array starts with byte array ba; otherwise returns false.
const T value(const Key &key) const
Returns the value associated with the key.
Definition: qhash.h:606
bool isEmpty() const
Returns true if the string has no characters; otherwise returns false.
Definition: qstring.h:704
QByteArray trimmed() const
Returns a byte array that has whitespace removed from the start and the end.
const T & at(int i) const
Returns the item at index position i in the list.
Definition: qlist.h:468
QByteArray mid(int index, int len=-1) const
Returns a byte array containing len bytes from this byte array, starting at position pos...
static QHash< QByteArray, QByteArray > parseDigestAuthenticationChallenge(const QByteArray &challenge)
void clear()
Clears the contents of the string and makes it empty.
Definition: qstring.h:723
static QString fromLatin1(const char *, int size=-1)
Returns a QString initialized with the first size characters of the Latin-1 string str...
Definition: qstring.cpp:4188
int size() const
Returns the number of items in the list.
Definition: qlist.h:137

◆ updateCredentials()

void QAuthenticatorPrivate::updateCredentials ( )

Definition at line 359 of file qauthenticator.cpp.

Referenced by parseHttpResponse(), and QAuthenticator::setUser().

360 {
361  int separatorPosn = 0;
362 
363  switch (method) {
365  if ((separatorPosn = user.indexOf(QLatin1String("\\"))) != -1) {
366  //domain name is present
367  realm.clear();
368  userDomain = user.left(separatorPosn);
369  extractedUser = user.mid(separatorPosn + 1);
370  } else {
372  realm.clear();
373  userDomain.clear();
374  }
375  break;
376  default:
377  userDomain.clear();
378  break;
379  }
380 }
QString left(int n) const Q_REQUIRED_RESULT
Returns a substring that contains the n leftmost characters of the string.
Definition: qstring.cpp:3664
int indexOf(QChar c, int from=0, Qt::CaseSensitivity cs=Qt::CaseSensitive) const
Definition: qstring.cpp:2838
The QLatin1String class provides a thin wrapper around an US-ASCII/Latin-1 encoded string literal...
Definition: qstring.h:654
QString mid(int position, int n=-1) const Q_REQUIRED_RESULT
Returns a string that contains n characters of this string, starting at the specified position index...
Definition: qstring.cpp:3706
void clear()
Clears the contents of the string and makes it empty.
Definition: qstring.h:723

Properties

◆ challenge

QByteArray QAuthenticatorPrivate::challenge

Definition at line 79 of file qauthenticator_p.h.

Referenced by calculateResponse(), and parseHttpResponse().

◆ cnonce

QByteArray QAuthenticatorPrivate::cnonce

Definition at line 91 of file qauthenticator_p.h.

Referenced by clientChallenge(), digestMd5Response(), and QAuthenticatorPrivate().

◆ extractedUser

QString QAuthenticatorPrivate::extractedUser

◆ hasFailed

bool QAuthenticatorPrivate::hasFailed

◆ method

Method QAuthenticatorPrivate::method

◆ nonceCount

int QAuthenticatorPrivate::nonceCount

Definition at line 92 of file qauthenticator_p.h.

Referenced by digestMd5Response(), and QAuthenticatorPrivate().

◆ options

QVariantHash QAuthenticatorPrivate::options

◆ password

QString QAuthenticatorPrivate::password

◆ phase

Phase QAuthenticatorPrivate::phase

◆ realm

QString QAuthenticatorPrivate::realm

◆ user

QString QAuthenticatorPrivate::user

◆ userDomain

QString QAuthenticatorPrivate::userDomain

Definition at line 96 of file qauthenticator_p.h.

Referenced by QAuthenticator::operator=(), qNtlmPhase3(), and updateCredentials().

◆ workstation

QString QAuthenticatorPrivate::workstation

Definition at line 95 of file qauthenticator_p.h.

Referenced by QAuthenticator::operator=(), and qNtlmPhase3().


The documentation for this class was generated from the following files: