17 #ifndef QGSAUTHMANAGER_H
18 #define QGSAUTHMANAGER_H
22 #include <QNetworkReply>
23 #include <QNetworkRequest>
24 #include <QSqlDatabase>
27 #include <QStringList>
30 #include <QSslCertificate>
46 class QgsAuthProvider;
86 bool init(
const QString& pluginPath = QString::null );
89 bool isDisabled()
const;
92 const QString disabledMessage()
const;
103 bool setMasterPassword(
bool verify =
false );
110 bool setMasterPassword(
const QString& pass,
bool verify =
false );
116 bool verifyMasterPassword(
const QString &compare = QString::null );
119 bool masterPasswordIsSet()
const;
122 bool masterPasswordHashInDb()
const;
132 bool masterPasswordSame(
const QString& pass )
const;
141 bool resetMasterPassword(
const QString& newpass,
const QString& oldpass,
bool keepbackup,
QString *backuppath = 0 );
156 void setScheduledAuthDbErase(
bool scheduleErase );
171 bool registerCoreAuthMethods();
177 void updateConfigAuthMethods();
219 QgsAuthMethod::Expansions supportedAuthMethodExpansions(
const QString &authcfg );
222 const QString uniqueConfigId()
const;
228 bool configIdUnique(
const QString &
id )
const;
234 bool hasConfigId(
const QString &txt )
const;
270 bool removeAuthenticationConfig(
const QString& authcfg );
276 bool removeAllAuthenticationConfigs();
282 bool backupAuthenticationDatabase(
QString *backuppath = 0 );
290 bool eraseAuthenticationDatabase(
bool backup,
QString *backuppath = 0 );
328 bool storeAuthSetting(
const QString& key,
const QVariant& value,
bool encrypt =
false );
334 bool existsAuthSetting(
const QString& key );
337 bool removeAuthSetting(
const QString& key );
339 #ifndef QT_NO_OPENSSL
343 bool initSslCaches();
365 bool existsCertIdentity(
const QString&
id );
368 bool removeCertIdentity(
const QString&
id );
384 bool existsSslCertCustomConfig(
const QString&
id,
const QString &hostport );
387 bool removeSslCertCustomConfig(
const QString&
id,
const QString &hostport );
394 void dumpIgnoredSslErrorsCache_();
403 bool rebuildIgnoredSslErrorCache();
436 return mCaCertsCache;
440 bool rebuildCaCertsCache();
469 bool rebuildCertTrustCache();
478 bool rebuildTrustedCaCertsCache();
505 void masterPasswordVerified(
bool verified )
const;
508 void authDatabaseEraseRequested()
const;
511 void authDatabaseChanged()
const;
515 void clearAllCachedConfigs();
518 void clearCachedConfig(
const QString& authcfg );
531 void tryToStartDbErase();
538 bool createConfigTables();
540 bool createCertTables();
542 bool masterPasswordInput();
544 bool masterPasswordRowsInDb(
int *rows )
const;
546 bool masterPasswordCheckAgainstDb(
const QString &compare = QString::null )
const;
548 bool masterPasswordStoreInDb()
const;
550 bool masterPasswordClearDb();
552 const QString masterPasswordCiv()
const;
554 bool verifyPasswordCanDecryptConfigs()
const;
556 bool reencryptAllAuthenticationConfigs(
const QString& prevpass,
const QString& prevciv );
558 bool reencryptAuthenticationConfig(
const QString& authcfg,
const QString& prevpass,
const QString& prevciv );
560 bool reencryptAllAuthenticationSettings(
const QString& prevpass,
const QString& prevciv );
562 bool reencryptAllAuthenticationIdentities(
const QString& prevpass,
const QString& prevciv );
564 bool reencryptAuthenticationIdentity(
const QString& identid,
const QString& prevpass,
const QString& prevciv );
566 bool authDbOpen()
const;
568 bool authDbQuery(
QSqlQuery *query )
const;
570 bool authDbStartTransaction()
const;
572 bool authDbCommit()
const;
574 bool authDbTransactionQuery(
QSqlQuery *query )
const;
576 #ifndef QT_NO_OPENSSL
580 const QString authDbPassTable()
const {
return smAuthPassTable; }
582 const QString authDbSettingsTable()
const {
return smAuthSettingsTable; }
584 const QString authDbIdentitiesTable()
const {
return smAuthIdentitiesTable; }
586 const QString authDbAuthoritiesTable()
const {
return smAuthAuthoritiesTable; }
588 const QString authDbTrustTable()
const {
return smAuthTrustTable; }
591 static const QString smAuthConfigTable;
592 static const QString smAuthPassTable;
593 static const QString smAuthSettingsTable;
594 static const QString smAuthIdentitiesTable;
595 static const QString smAuthServersTable;
596 static const QString smAuthAuthoritiesTable;
597 static const QString smAuthTrustTable;
598 static const QString smAuthManTag;
599 static const QString smAuthCfgRegex;
604 QCA::Initializer * mQcaInitializer;
613 QTimer *mScheduledDbEraseTimer;
614 bool mScheduledDbErase;
615 int mScheduledDbEraseRequestWait;
616 bool mScheduledDbEraseRequestEmitted;
617 int mScheduledDbEraseRequestCount;
620 #ifndef QT_NO_OPENSSL
633 #endif // QGSAUTHMANAGER_H
Singleton offering an interface to manage the authentication configuration database and to utilize co...
const QString authDbServersTable() const
Name of the authentication database table that stores server exceptions/configs.
bool scheduledAuthDbErase()
Whether there is a scheduled opitonal erase of authentication database.
CertTrustPolicy
Type of certificate trust policy.
Configuration container for SSL server connection exceptions or overrides.
Abstract base class for the edit widget of authentication method plugins.
const QString authenticationDbPath() const
The standard authentication database file in ~/.qgis2/ or defined location.
const QString authManTag() const
Simple text tag describing authentication system for message logs.
QString configIdRegex() const
Return regular expression for authcfg=.
Configuration storage class for authentication method configurations.
CaCertSource
Type of CA certificate source.
const QList< QSslCertificate > getTrustedCaCertsCache()
Get cache of trusted certificate authorities, ready for network connections.
MessageLevel
Message log level (mirrors that of QgsMessageLog, so it can also output there)
const QMap< QgsAuthCertUtils::CertTrustPolicy, QStringList > getCertTrustCache()
Get cache of certificate sha1s, per trust policy.
void setScheduledAuthDbEraseRequestEmitted(bool emitted)
Re-emit a signal to schedule an optional erase of authentication database.
Abstract base class for authentication method plugins.
const QMap< QString, QPair< QgsAuthCertUtils::CaCertSource, QSslCertificate > > getCaCertsCache()
Get all CA certs mapped to their sha1 from cache.
const QString authDbConfigTable() const
Name of the authentication database table that stores configs.
void clearMasterPassword()
Clear supplied master password.
QHash< QString, QSet< QSslError::SslError > > getIgnoredSslErrorCache()
Get ignored SSL error cache, keyed with cert/connection's sha:host:port.
QMutex * mutex()
Return pointer to mutex.