QGIS API Documentation  3.16.0-Hannover (43b64b13f3)
qgsauthconfig.h
Go to the documentation of this file.
1 /***************************************************************************
2  qgsauthconfig.h
3  ---------------------
4  begin : October 5, 2014
5  copyright : (C) 2014 by Boundless Spatial, Inc. USA
6  author : Larry Shaffer
7  email : lshaffer at boundlessgeo dot com
8  ***************************************************************************
9  * *
10  * This program is free software; you can redistribute it and/or modify *
11  * it under the terms of the GNU General Public License as published by *
12  * the Free Software Foundation; either version 2 of the License, or *
13  * (at your option) any later version. *
14  * *
15  ***************************************************************************/
16 
17 #ifndef QGSAUTHCONFIG_H
18 #define QGSAUTHCONFIG_H
19 
20 #include "qgis_core.h"
21 #include <QHash>
22 #include <QString>
23 
24 #ifndef QT_NO_SSL
25 #include <QSslCertificate>
26 #include <QSslKey>
27 #include <QSslError>
28 #include <QSslSocket>
29 #endif
30 
31 #include "qgis.h"
32 
33 
38 class CORE_EXPORT QgsAuthMethodConfig
39 {
40  public:
41 
47  QgsAuthMethodConfig( const QString &method = QString(), int version = 0 );
48 
50  bool operator==( const QgsAuthMethodConfig &other ) const;
51 
53  bool operator!=( const QgsAuthMethodConfig &other ) const;
54 
59  const QString id() const { return mId; }
61  void setId( const QString &id ) { mId = id; }
62 
64  const QString name() const { return mName; }
66  void setName( const QString &name ) { mName = name; }
67 
69  const QString uri() const { return mUri; }
70  void setUri( const QString &uri ) { mUri = uri; }
71 
73  QString method() const { return mMethod; }
74  void setMethod( const QString &method ) { mMethod = method; }
75 
77  int version() const { return mVersion; }
79  void setVersion( int version ) { mVersion = version; }
80 
85  bool isValid( bool validateid = false ) const;
86 
91  const QString configString() const;
92 
97  void loadConfigString( const QString &configstr );
98 
100  QgsStringMap configMap() const { return mConfigMap; }
101 
106  void setConfigMap( const QgsStringMap &map ) { mConfigMap = map; }
107 
114  void setConfig( const QString &key, const QString &value );
115 
122  void setConfigList( const QString &key, const QStringList &value );
123 
129  int removeConfig( const QString &key );
130 
136  QString config( const QString &key, const QString &defaultvalue = QString() ) const;
137 
142  QStringList configList( const QString &key ) const;
143 
148  bool hasConfig( const QString &key ) const;
149 
151  void clearConfigMap() { mConfigMap.clear(); }
152 
161  static bool uriToResource( const QString &accessurl, QString *resource, bool withpath = false );
162 
163  private:
164  QString mId;
165  QString mName;
166  QString mUri;
167  QString mMethod;
168  int mVersion;
169 
170  QgsStringMap mConfigMap;
171 
172  static const QString CONFIG_SEP;
173  static const QString CONFIG_KEY_SEP;
174  static const QString CONFIG_LIST_SEP;
175 
176  static const int CONFIG_VERSION;
177 };
178 
179 typedef QHash<QString, QgsAuthMethodConfig> QgsAuthMethodConfigsMap;
180 
181 
182 #ifndef QT_NO_SSL
183 
189 class CORE_EXPORT QgsPkiBundle
190 {
191  public:
192 
199  QgsPkiBundle( const QSslCertificate &clientCert = QSslCertificate(),
200  const QSslKey &clientKey = QSslKey(),
201  const QList<QSslCertificate> &caChain = QList<QSslCertificate>() );
202 
210  static const QgsPkiBundle fromPemPaths( const QString &certPath,
211  const QString &keyPath,
212  const QString &keyPass = QString(),
213  const QList<QSslCertificate> &caChain = QList<QSslCertificate>() );
214 
220  static const QgsPkiBundle fromPkcs12Paths( const QString &bundlepath,
221  const QString &bundlepass = QString() );
222 
224  bool isNull() const;
225 
227  bool isValid() const;
228 
230  const QString certId() const;
231 
233  const QSslCertificate clientCert() const { return mCert; }
235  void setClientCert( const QSslCertificate &cert );
236 
238  const QSslKey clientKey() const { return mCertKey; }
240  void setClientKey( const QSslKey &certkey );
241 
243  const QList<QSslCertificate> caChain() const { return mCaChain; }
245  void setCaChain( const QList<QSslCertificate> &cachain ) { mCaChain = cachain; }
246 
247  private:
248  QSslCertificate mCert;
249  QSslKey mCertKey;
250  QList<QSslCertificate> mCaChain;
251 };
252 
253 
258 class CORE_EXPORT QgsPkiConfigBundle
259 {
260  public:
261 
270  const QSslCertificate &cert,
271  const QSslKey &certkey,
272  const QList<QSslCertificate> &cachain = QList<QSslCertificate>( ) );
273 
275  bool isValid();
276 
278  const QgsAuthMethodConfig config() const { return mConfig; }
279 
281  void setConfig( const QgsAuthMethodConfig &config ) { mConfig = config; }
282 
284  const QSslCertificate clientCert() const { return mCert; }
285 
287  void setClientCert( const QSslCertificate &cert ) { mCert = cert; }
288 
290  const QSslKey clientCertKey() const { return mCertKey; }
291 
293  void setClientCertKey( const QSslKey &certkey ) { mCertKey = certkey; }
294 
299  QList<QSslCertificate> caChain() const { return mCaChain; }
300 
305  void setCaChain( const QList<QSslCertificate> &caChain ) { mCaChain = caChain; }
306 
307  private:
308  QgsAuthMethodConfig mConfig;
309  QSslCertificate mCert;
310  QSslKey mCertKey;
311  QList<QSslCertificate> mCaChain;
312 };
313 
314 
315 
316 #ifdef SIP_RUN
317 % MappedType QList<QSslError::SslError>
318 {
319  % TypeHeaderCode
320 #include <QList>
321  % End
322 
323  % ConvertFromTypeCode
324  // Create the list.
325  PyObject *l;
326 
327  if ( ( l = PyList_New( sipCpp->size() ) ) == NULL )
328  return NULL;
329 
330  // Set the list elements.
331  QList<QSslError::SslError>::iterator it = sipCpp->begin();
332  for ( int i = 0; it != sipCpp->end(); ++it, ++i )
333  {
334  PyObject *tobj;
335 
336  if ( ( tobj = sipConvertFromEnum( *it, sipType_QSslError_SslError ) ) == NULL )
337  {
338  Py_DECREF( l );
339  return NULL;
340  }
341  PyList_SET_ITEM( l, i, tobj );
342  }
343 
344  return l;
345  % End
346 
347  % ConvertToTypeCode
348  // Check the type if that is all that is required.
349  if ( sipIsErr == NULL )
350  return PyList_Check( sipPy );
351 
352  QList<QSslError::SslError> *qlist = new QList<QSslError::SslError>;
353 
354  for ( int i = 0; i < PyList_GET_SIZE( sipPy ); ++i )
355  {
356  *qlist << ( QSslError::SslError )SIPLong_AsLong( PyList_GET_ITEM( sipPy, i ) );
357  }
358 
359  *sipCppPtr = qlist;
360  return sipGetState( sipTransferObj );
361  % End
362 };
363 #endif
364 
365 
366 
371 class CORE_EXPORT QgsAuthConfigSslServer
372 {
373  public:
376 
378  const QSslCertificate sslCertificate() const { return mSslCert; }
380  void setSslCertificate( const QSslCertificate &cert ) { mSslCert = cert; }
381 
383  const QString sslHostPort() const { return mSslHostPort; }
385  void setSslHostPort( const QString &hostport ) { mSslHostPort = hostport; }
386 
388  QSsl::SslProtocol sslProtocol() const { return mSslProtocol; }
390  void setSslProtocol( QSsl::SslProtocol protocol ) { mSslProtocol = protocol; }
391 
393  const QList<QSslError> sslIgnoredErrors() const;
395  const QList<QSslError::SslError> sslIgnoredErrorEnums() const { return mSslIgnoredErrors; }
397  void setSslIgnoredErrorEnums( const QList<QSslError::SslError> &errors ) { mSslIgnoredErrors = errors; }
398 
400  QSslSocket::PeerVerifyMode sslPeerVerifyMode() const { return mSslPeerVerifyMode; }
402  void setSslPeerVerifyMode( QSslSocket::PeerVerifyMode mode ) { mSslPeerVerifyMode = mode; }
403 
408  int sslPeerVerifyDepth() const { return mSslPeerVerifyDepth; }
409 
414  void setSslPeerVerifyDepth( int depth ) { mSslPeerVerifyDepth = depth; }
415 
417  int version() const { return mVersion; }
419  void setVersion( int version ) { mVersion = version; }
420 
422  int qtVersion() const { return mQtVersion; }
424  void setQtVersion( int version ) { mQtVersion = version; }
425 
427  const QString configString() const;
429  void loadConfigString( const QString &config = QString() );
430 
432  bool isNull() const;
433 
434  private:
435 
436  QString mSslHostPort;
437  QSslCertificate mSslCert;
438 
439  QSsl::SslProtocol mSslProtocol;
440  int mQtVersion;
441  QList<QSslError::SslError> mSslIgnoredErrors;
442  QSslSocket::PeerVerifyMode mSslPeerVerifyMode = QSslSocket::VerifyPeer;
443  int mSslPeerVerifyDepth = 0;
444  int mVersion = 1;
445 
446  static const QString CONF_SEP;
447 };
448 #endif
449 
450 #endif // QGSAUTHCONFIG_H
QgsPkiConfigBundle
Storage set for constructed SSL certificate, key, associated with an authentication config.
Definition: qgsauthconfig.h:259
QgsAuthConfigSslServer::setSslHostPort
void setSslHostPort(const QString &hostport)
Sets server host:port string.
Definition: qgsauthconfig.h:385
QgsAuthMethodConfig::name
const QString name() const
Gets name of configuration.
Definition: qgsauthconfig.h:64
QgsAuthConfigSslServer::sslHostPort
const QString sslHostPort() const
Server host:port string.
Definition: qgsauthconfig.h:383
operator==
bool operator==(const QgsFeatureIterator &fi1, const QgsFeatureIterator &fi2)
Definition: qgsfeatureiterator.h:400
QgsAuthMethodConfig::setUri
void setUri(const QString &uri)
Definition: qgsauthconfig.h:70
QgsPkiConfigBundle::setClientCertKey
void setClientCertKey(const QSslKey &certkey)
Sets private key object.
Definition: qgsauthconfig.h:293
QgsPkiConfigBundle::clientCert
const QSslCertificate clientCert() const
Client certificate object.
Definition: qgsauthconfig.h:284
QgsAuthMethodConfig::setMethod
void setMethod(const QString &method)
Definition: qgsauthconfig.h:74
QgsPkiConfigBundle::config
const QgsAuthMethodConfig config() const
Authentication method configuration.
Definition: qgsauthconfig.h:278
QgsAuthConfigSslServer::setSslPeerVerifyMode
void setSslPeerVerifyMode(QSslSocket::PeerVerifyMode mode)
Sets SSL client's peer verify mode to use in connections.
Definition: qgsauthconfig.h:402
QgsAuthConfigSslServer::setSslPeerVerifyDepth
void setSslPeerVerifyDepth(int depth)
Set number or SSL client's peer to verify in connections.
Definition: qgsauthconfig.h:414
qgis.h
QgsAuthConfigSslServer::setQtVersion
void setQtVersion(int version)
Sets Qt version when the configuration was made (SSL protocols may differ)
Definition: qgsauthconfig.h:424
QgsPkiConfigBundle::setCaChain
void setCaChain(const QList< QSslCertificate > &caChain)
setCaChain set the CA chain
Definition: qgsauthconfig.h:305
QgsAuthConfigSslServer::setSslCertificate
void setSslCertificate(const QSslCertificate &cert)
Sets server certificate object.
Definition: qgsauthconfig.h:380
QgsPkiBundle
Storage set for PKI bundle: SSL certificate, key, optional CA cert chain.
Definition: qgsauthconfig.h:190
operator!=
bool operator!=(const QgsFeatureIterator &fi1, const QgsFeatureIterator &fi2)
Definition: qgsfeatureiterator.h:405
QgsPkiBundle::clientKey
const QSslKey clientKey() const
Private key object.
Definition: qgsauthconfig.h:238
QgsAuthMethodConfigsMap
QHash< QString, QgsAuthMethodConfig > QgsAuthMethodConfigsMap
Definition: qgsauthconfig.h:179
QgsAuthMethodConfig::setConfigMap
void setConfigMap(const QgsStringMap &map)
Set extended configuration map.
Definition: qgsauthconfig.h:106
QgsPkiConfigBundle::setConfig
void setConfig(const QgsAuthMethodConfig &config)
Sets authentication method configuration.
Definition: qgsauthconfig.h:281
QgsAuthMethodConfig::setVersion
void setVersion(int version)
Sets version of the configuration.
Definition: qgsauthconfig.h:79
QgsAuthConfigSslServer::sslIgnoredErrorEnums
const QList< QSslError::SslError > sslIgnoredErrorEnums() const
SSL server errors (as enum list) to ignore in connections.
Definition: qgsauthconfig.h:395
QgsPkiBundle::clientCert
const QSslCertificate clientCert() const
Client certificate object.
Definition: qgsauthconfig.h:233
QgsPkiBundle::setCaChain
void setCaChain(const QList< QSslCertificate > &cachain)
Sets chain of Certificate Authorities for client certificate.
Definition: qgsauthconfig.h:245
QgsAuthConfigSslServer::qtVersion
int qtVersion() const
Qt version when the configuration was made (SSL protocols may differ)
Definition: qgsauthconfig.h:422
QgsAuthConfigSslServer::sslPeerVerifyDepth
int sslPeerVerifyDepth() const
Number or SSL client's peer to verify in connections.
Definition: qgsauthconfig.h:408
QgsAuthMethodConfig::version
int version() const
Gets version of the configuration.
Definition: qgsauthconfig.h:77
QgsAuthConfigSslServer::setSslProtocol
void setSslProtocol(QSsl::SslProtocol protocol)
Sets SSL server protocol to use in connections.
Definition: qgsauthconfig.h:390
QgsAuthMethodConfig::method
QString method() const
Textual key of the associated authentication method.
Definition: qgsauthconfig.h:73
QgsAuthConfigSslServer::setSslIgnoredErrorEnums
void setSslIgnoredErrorEnums(const QList< QSslError::SslError > &errors)
Sets SSL server errors (as enum list) to ignore in connections.
Definition: qgsauthconfig.h:397
QgsPkiBundle::caChain
const QList< QSslCertificate > caChain() const
Chain of Certificate Authorities for client certificate.
Definition: qgsauthconfig.h:243
QgsAuthConfigSslServer::version
int version() const
Version of the configuration (used for future upgrading)
Definition: qgsauthconfig.h:417
QgsPkiConfigBundle::clientCertKey
const QSslKey clientCertKey() const
Private key object.
Definition: qgsauthconfig.h:290
QgsAuthMethodConfig::configMap
QgsStringMap configMap() const
Gets extended configuration, mapped to key/value pairs of QStrings.
Definition: qgsauthconfig.h:100
QgsStringMap
QMap< QString, QString > QgsStringMap
Definition: qgis.h:758
QgsAuthMethodConfig::id
const QString id() const
Gets 'authcfg' 7-character alphanumeric ID of the config.
Definition: qgsauthconfig.h:59
QgsAuthConfigSslServer::sslPeerVerifyMode
QSslSocket::PeerVerifyMode sslPeerVerifyMode() const
SSL client's peer verify mode to use in connections.
Definition: qgsauthconfig.h:400
QgsAuthConfigSslServer
Configuration container for SSL server connection exceptions or overrides.
Definition: qgsauthconfig.h:372
QgsPkiConfigBundle::setClientCert
void setClientCert(const QSslCertificate &cert)
Sets client certificate object.
Definition: qgsauthconfig.h:287
QgsAuthConfigSslServer::sslProtocol
QSsl::SslProtocol sslProtocol() const
SSL server protocol to use in connections.
Definition: qgsauthconfig.h:388
QgsAuthMethodConfig::setId
void setId(const QString &id)
Sets auth config ID.
Definition: qgsauthconfig.h:61
QgsAuthMethodConfig::clearConfigMap
void clearConfigMap()
Clear all configs.
Definition: qgsauthconfig.h:151
QgsAuthMethodConfig::setName
void setName(const QString &name)
Sets name of configuration.
Definition: qgsauthconfig.h:66
QgsAuthConfigSslServer::sslCertificate
const QSslCertificate sslCertificate() const
Server certificate object.
Definition: qgsauthconfig.h:378
QgsPkiConfigBundle::caChain
QList< QSslCertificate > caChain() const
caChain return the CA chain
Definition: qgsauthconfig.h:299
QgsAuthMethodConfig
Configuration storage class for authentication method configurations.
Definition: qgsauthconfig.h:39
QgsAuthConfigSslServer::setVersion
void setVersion(int version)
Sets version of the configuration (used for future upgrading)
Definition: qgsauthconfig.h:419
QgsAuthMethodConfig::uri
const QString uri() const
A URI to auto-select a config when connecting to a resource.
Definition: qgsauthconfig.h:69