api/4.0/qgsauthconfig_8cpp_source.html

/***************************************************************************

    qgsauthconfig.cpp

    ---------------------

    begin                : October 5, 2014

    copyright            : (C) 2014 by Boundless Spatial, Inc. USA

    author               : Larry Shaffer

    email                : lshaffer at boundlessgeo dot com

 ***************************************************************************

 *                                                                         *

 *   This program is free software; you can redistribute it and/or modify  *

 *   it under the terms of the GNU General Public License as published by  *

 *   the Free Software Foundation; either version 2 of the License, or     *

 *   (at your option) any later version.                                   *

 *                                                                         *

 ***************************************************************************/


#include "qgsauthconfig.h"


#include "qgsauthcertutils.h"

#include "qgslogger.h"

#include "qgsxmlutils.h"


#include <QCryptographicHash>

#include <QFile>

#include <QObject>

#include <QString>

#include <QUrl>

#include <QtCrypto>


using namespace Qt::StringLiterals;


// QgsAuthMethodConfig


const QString QgsAuthMethodConfig::CONFIG_SEP = u"|||"_s;

const QString QgsAuthMethodConfig::CONFIG_KEY_SEP = u":::"_s;

const QString QgsAuthMethodConfig::CONFIG_LIST_SEP = u"```"_s;


const int QgsAuthMethodConfig::CONFIG_VERSION = 1;


// get uniqueConfigId only on save


QgsAuthMethodConfig::QgsAuthMethodConfig( const QString &method, int version )

  : mId( QString() )

  , mName( QString() )

  , mUri( QString() )

  , mMethod( method )

  , mVersion( version )

  , mConfigMap( QgsStringMap() )

{}


bool QgsAuthMethodConfig::operator==( const QgsAuthMethodConfig &other ) const

{

  return ( other.id() == id() && other.name() == name() && other.uri() == uri() && other.method() == method() && other.version() == version() && other.configMap() == configMap() );

}


bool QgsAuthMethodConfig::operator!=( const QgsAuthMethodConfig &other ) const

{

  return !( *this == other );

}


bool QgsAuthMethodConfig::isValid( bool validateid ) const

{

  const bool idvalid = validateid ? !mId.isEmpty() : true;


  return ( idvalid && !mName.isEmpty() && !mMethod.isEmpty() );

}


const QString QgsAuthMethodConfig::configString() const

{

  QStringList confstrs;

  QgsStringMap::const_iterator i = mConfigMap.constBegin();

  while ( i != mConfigMap.constEnd() )

  {

    confstrs << i.key() + CONFIG_KEY_SEP + i.value();

    ++i;

  }

  return confstrs.join( CONFIG_SEP );

}


void QgsAuthMethodConfig::loadConfigString( const QString &configstr )

{

  clearConfigMap();

  if ( configstr.isEmpty() )

  {

    return;

  }


  const QStringList confs( configstr.split( CONFIG_SEP ) );


  for ( const auto &conf : confs )

  {

    if ( conf.contains( CONFIG_KEY_SEP ) )

    {

      const QStringList keyval( conf.split( CONFIG_KEY_SEP ) );

      setConfig( keyval.at( 0 ), keyval.at( 1 ) );

    }

  }


  if ( configMap().empty() )

  {

    setConfig( u"oldconfigstyle"_s, configstr );

  }

}


void QgsAuthMethodConfig::setConfig( const QString &key, const QString &value )

{

  mConfigMap.insert( key, value );

}


void QgsAuthMethodConfig::setConfigList( const QString &key, const QStringList &value )

{

  setConfig( key, value.join( CONFIG_LIST_SEP ) );

}


int QgsAuthMethodConfig::removeConfig( const QString &key )

{

  return mConfigMap.remove( key );

}


QString QgsAuthMethodConfig::config( const QString &key, const QString &defaultvalue ) const

{

  return mConfigMap.value( key, defaultvalue );

}


QStringList QgsAuthMethodConfig::configList( const QString &key ) const

{

  return config( key ).split( CONFIG_LIST_SEP );

}


bool QgsAuthMethodConfig::hasConfig( const QString &key ) const

{

  return mConfigMap.contains( key );

}


bool QgsAuthMethodConfig::uriToResource( const QString &accessurl, QString *resource, bool withpath )

{

  QString res = QString();

  if ( !accessurl.isEmpty() )

  {

    const QUrl url( accessurl );

    if ( url.isValid() )

    {

      res = u"%1://%2:%3%4"_s.arg( url.scheme(), url.host() ).arg( url.port() ).arg( withpath ? url.path() : QString() );

    }

  }

  *resource = res;

  return ( !res.isEmpty() );

}


bool QgsAuthMethodConfig::writeXml( QDomElement &parentElement, QDomDocument &document )

{

  QDomElement element = document.createElement( u"AuthMethodConfig"_s );

  element.setAttribute( u"method"_s, mMethod );

  element.setAttribute( u"id"_s, mId );

  element.setAttribute( u"name"_s, mName );

  element.setAttribute( u"version"_s, QString::number( mVersion ) );

  element.setAttribute( u"uri"_s, mUri );


  QDomElement configElements = document.createElement( u"Config"_s );

  QgsStringMap::const_iterator i = mConfigMap.constBegin();

  while ( i != mConfigMap.constEnd() )

  {

    configElements.setAttribute( i.key(), i.value() );

    ++i;

  }

  element.appendChild( configElements );


  parentElement.appendChild( element );

  return true;

}


bool QgsAuthMethodConfig::readXml( const QDomElement &element )

{

  if ( element.nodeName() != "AuthMethodConfig"_L1 )

    return false;


  mMethod = element.attribute( u"method"_s );

  mId = element.attribute( u"id"_s );

  mName = element.attribute( u"name"_s );

  mVersion = element.attribute( u"version"_s ).toInt();

  mUri = element.attribute( u"uri"_s );


  clearConfigMap();

  const QDomNamedNodeMap configAttributes = element.firstChildElement().attributes();

  for ( int i = 0; i < configAttributes.length(); i++ )

  {

    const QDomAttr configAttribute = configAttributes.item( i ).toAttr();

    setConfig( configAttribute.name(), configAttribute.value() );

  }


  return true;

}


#ifndef QT_NO_SSL


// QgsPkiBundle


QgsPkiBundle::QgsPkiBundle( const QSslCertificate &clientCert, const QSslKey &clientKey, const QList<QSslCertificate> &caChain )

  : mCert( QSslCertificate() )

  , mCertKey( QSslKey() )

  , mCaChain( caChain )

{

  setClientCert( clientCert );

  setClientKey( clientKey );

}


const QgsPkiBundle QgsPkiBundle::fromPemPaths( const QString &certPath, const QString &keyPath, const QString &keyPass, const QList<QSslCertificate> &caChain )

{

  QgsPkiBundle pkibundle;

  if ( !certPath.isEmpty()

       && !keyPath.isEmpty()

       && ( certPath.endsWith( ".pem"_L1, Qt::CaseInsensitive ) || certPath.endsWith( ".der"_L1, Qt::CaseInsensitive ) )

       && QFile::exists( certPath )

       && QFile::exists( keyPath ) )

  {

    // client cert

    const bool pem = certPath.endsWith( ".pem"_L1, Qt::CaseInsensitive );

    const QSslCertificate clientcert( QgsAuthCertUtils::fileData( certPath ), pem ? QSsl::Pem : QSsl::Der );

    pkibundle.setClientCert( clientcert );


    QSslKey clientkey;

    clientkey = QgsAuthCertUtils::keyFromFile( keyPath, keyPass );

    pkibundle.setClientKey( clientkey );

    if ( !caChain.isEmpty() )

    {

      pkibundle.setCaChain( caChain );

    }

  }

  return pkibundle;

}


const QgsPkiBundle QgsPkiBundle::fromPkcs12Paths( const QString &bundlepath, const QString &bundlepass )

{

  QgsPkiBundle pkibundle;

  if ( QCA::isSupported( "pkcs12" )

       && !bundlepath.isEmpty()

       && ( bundlepath.endsWith( ".p12"_L1, Qt::CaseInsensitive ) || bundlepath.endsWith( ".pfx"_L1, Qt::CaseInsensitive ) )

       && QFile::exists( bundlepath ) )

  {

    QCA::SecureArray passarray;

    if ( !bundlepass.isNull() )

      passarray = QCA::SecureArray( bundlepass.toUtf8() );

    QCA::ConvertResult res;

    const QCA::KeyBundle bundle( QCA::KeyBundle::fromFile( bundlepath, passarray, &res, u"qca-ossl"_s ) );

    if ( res == QCA::ConvertGood && !bundle.isNull() )

    {

      const QCA::CertificateChain cert_chain( bundle.certificateChain() );

      const QSslCertificate cert( cert_chain.primary().toPEM().toLatin1() );

      if ( !cert.isNull() )

      {

        pkibundle.setClientCert( cert );

      }

      const QSslKey cert_key( bundle.privateKey().toPEM().toLatin1(), QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, QByteArray() );

      if ( !cert_key.isNull() )

      {

        pkibundle.setClientKey( cert_key );

      }


      if ( cert_chain.size() > 1 )

      {

        QList<QSslCertificate> ca_chain;

        for ( const auto &ca_cert : cert_chain )

        {

          if ( ca_cert != cert_chain.primary() )

          {

            ca_chain << QSslCertificate( ca_cert.toPEM().toLatin1() );

          }

        }

        pkibundle.setCaChain( ca_chain );

      }

    }

  }

  return pkibundle;

}


bool QgsPkiBundle::isNull() const

{

  return ( mCert.isNull() || mCertKey.isNull() );

}


bool QgsPkiBundle::isValid() const

{

  return ( !isNull() && QgsAuthCertUtils::certIsViable( mCert ) );

}


const QString QgsPkiBundle::certId() const

{

  if ( mCert.isNull() )

  {

    return QString();

  }

  return QString( mCert.digest( QCryptographicHash::Sha1 ).toHex() );

}


void QgsPkiBundle::setClientCert( const QSslCertificate &cert )

{

  mCert.clear();

  if ( !cert.isNull() )

  {

    mCert = cert;

  }

}


void QgsPkiBundle::setClientKey( const QSslKey &certkey )

{

  mCertKey.clear();

  if ( !certkey.isNull() && certkey.type() == QSsl::PrivateKey )

  {

    mCertKey = certkey;

  }

}


// QgsPkiConfigBundle


QgsPkiConfigBundle::QgsPkiConfigBundle( const QgsAuthMethodConfig &config, const QSslCertificate &cert, const QSslKey &certkey, const QList<QSslCertificate> &cachain )

  : mConfig( config )

  , mCert( cert )

  , mCertKey( certkey )

  , mCaChain( cachain )

{}


bool QgsPkiConfigBundle::isValid()

{

  return ( !mCert.isNull() && !mCertKey.isNull() );

}


// QgsAuthConfigSslServer


const QString QgsAuthConfigSslServer::CONF_SEP = u"|||"_s;


QgsAuthConfigSslServer::QgsAuthConfigSslServer()

  : mSslHostPort( QString() )

  , mSslCert( QSslCertificate() )

  , mSslIgnoredErrors( QList<QSslError::SslError>() )

{

  // TODO: figure out if Qt 5 has changed yet again, e.g. TLS-only

  mQtVersion = 480;

  // Qt 4.8 defaults to SecureProtocols, i.e. TlsV1SslV3

  // http://qt-project.org/doc/qt-4.8/qssl.html#SslProtocol-enum

  mSslProtocol = QSsl::SecureProtocols;

}


const QList<QSslError> QgsAuthConfigSslServer::sslIgnoredErrors() const

{

  QList<QSslError> errors;

  const QList<QSslError::SslError> ignoredErrors = sslIgnoredErrorEnums();

  for ( const QSslError::SslError errenum : ignoredErrors )

  {

    errors << QSslError( errenum );

  }

  return errors;

}


const QString QgsAuthConfigSslServer::configString() const

{

  QStringList configlist { QString::number( mVersion ), QString::number( mQtVersion ), encodeSslProtocol( mSslProtocol ) };


  QStringList errs;

  for ( const auto err : mSslIgnoredErrors )

  {

    errs << QString::number( static_cast< int >( err ) );

  }

  configlist << errs.join( "~~"_L1 );


  configlist << u"%1~~%2"_s.arg( static_cast< int >( mSslPeerVerifyMode ) ).arg( mSslPeerVerifyDepth );


  return configlist.join( CONF_SEP );

}


void QgsAuthConfigSslServer::loadConfigString( const QString &config )

{

  if ( config.isEmpty() )

  {

    return;

  }

  const QStringList configlist( config.split( CONF_SEP ) );


  mVersion = configlist.at( 0 ).toInt();

  mQtVersion = configlist.at( 1 ).toInt();

  mSslProtocol = decodeSslProtocol( configlist.at( 2 ) );


  mSslIgnoredErrors.clear();

  const QStringList errs( configlist.at( 3 ).split( u"~~"_s ) );

  for ( const auto &err : errs )

  {

    mSslIgnoredErrors.append( static_cast< QSslError::SslError >( err.toInt() ) );

  }


  const QStringList peerverify( configlist.at( 4 ).split( u"~~"_s ) );

  mSslPeerVerifyMode = static_cast< QSslSocket::PeerVerifyMode >( peerverify.at( 0 ).toInt() );

  mSslPeerVerifyDepth = peerverify.at( 1 ).toInt();

}


bool QgsAuthConfigSslServer::isNull() const

{

  return mSslCert.isNull() && mSslHostPort.isEmpty();

}


QSsl::SslProtocol QgsAuthConfigSslServer::decodeSslProtocol( const QString &protocol )

{

  bool ok = false;

  const int qt5EnumInt = protocol.toInt( &ok );

  if ( ok )

  {

    // old qt5 enum value. We can't directly cast this to QSsl::SslProtocol, as those values

    // have changed in qt6!

    switch ( qt5EnumInt )

    {

      case 0: // SslV3

        return QSsl::SslProtocol::UnknownProtocol;


      case 1: // SslV2

      case 2:

        return QSsl::SslProtocol::TlsV1_0;

      case 3:

        return QSsl::SslProtocol::TlsV1_1;

      case 4:

        return QSsl::SslProtocol::TlsV1_2;

      case 5:

        return QSsl::SslProtocol::AnyProtocol;

      case 6:

        return QSsl::SslProtocol::TlsV1_3;

      case 7:

        return QSsl::SslProtocol::SecureProtocols;

      case 8:

        return QSsl::SslProtocol::TlsV1_0OrLater;

      case 9:

        return QSsl::SslProtocol::TlsV1_1OrLater;

      case 10:

        return QSsl::SslProtocol::TlsV1_2OrLater;

      case 11:

        return QSsl::SslProtocol::DtlsV1_0;

      case 12:

        return QSsl::SslProtocol::DtlsV1_0OrLater;

      case 13:

        return QSsl::SslProtocol::DtlsV1_2;

      case 14:

        return QSsl::SslProtocol::DtlsV1_2OrLater;

      case 15:

        return QSsl::SslProtocol::TlsV1_3;

      case 16:

        return QSsl::SslProtocol::TlsV1_3OrLater;

      default:

        return QSsl::SslProtocol::UnknownProtocol;

    }

  }


  if ( protocol == "TlsV1_0"_L1 )

    return QSsl::SslProtocol::TlsV1_0;

  else if ( protocol == "TlsV1_1"_L1 )

    return QSsl::SslProtocol::TlsV1_1;

  else if ( protocol == "TlsV1_2"_L1 )

    return QSsl::SslProtocol::TlsV1_2;

  else if ( protocol == "AnyProtocol"_L1 )

    return QSsl::SslProtocol::AnyProtocol;

  else if ( protocol == "SecureProtocols"_L1 )

    return QSsl::SslProtocol::SecureProtocols;

  else if ( protocol == "TlsV1_0OrLater"_L1 )

    return QSsl::SslProtocol::TlsV1_0OrLater;

  else if ( protocol == "TlsV1_1OrLater"_L1 )

    return QSsl::SslProtocol::TlsV1_1OrLater;

  else if ( protocol == "TlsV1_2OrLater"_L1 )

    return QSsl::SslProtocol::TlsV1_2OrLater;

  else if ( protocol == "DtlsV1_0"_L1 )

    return QSsl::SslProtocol::DtlsV1_0;

  else if ( protocol == "DtlsV1_0OrLater"_L1 )

    return QSsl::SslProtocol::DtlsV1_0OrLater;

  else if ( protocol == "DtlsV1_2"_L1 )

    return QSsl::SslProtocol::DtlsV1_2;

  else if ( protocol == "DtlsV1_2OrLater"_L1 )

    return QSsl::SslProtocol::DtlsV1_2OrLater;

  else if ( protocol == "TlsV1_3"_L1 )

    return QSsl::SslProtocol::TlsV1_3;

  else if ( protocol == "TlsV1_3OrLater"_L1 )

    return QSsl::SslProtocol::TlsV1_3OrLater;


  QgsDebugError( u"Can't decode protocol \"%1\""_s.arg( protocol ) );


  return QSsl::SslProtocol::UnknownProtocol;

}


QString QgsAuthConfigSslServer::encodeSslProtocol( QSsl::SslProtocol protocol )

{

  switch ( protocol )

  {

    case QSsl::TlsV1_0:

      return u"TlsV1_0"_s;

    case QSsl::TlsV1_1:

      return u"TlsV1_1"_s;

    case QSsl::TlsV1_2:

      return u"TlsV1_2"_s;

    case QSsl::AnyProtocol:

      return u"AnyProtocol"_s;

    case QSsl::SecureProtocols:

      return u"SecureProtocols"_s;

    case QSsl::TlsV1_0OrLater:

      return u"TlsV1_0OrLater"_s;

    case QSsl::TlsV1_1OrLater:

      return u"TlsV1_1OrLater"_s;

    case QSsl::TlsV1_2OrLater:

      return u"TlsV1_2OrLater"_s;

    case QSsl::DtlsV1_0:

      return u"DtlsV1_0"_s;

    case QSsl::DtlsV1_0OrLater:

      return u"DtlsV1_0OrLater"_s;

    case QSsl::DtlsV1_2:

      return u"DtlsV1_2"_s;

    case QSsl::DtlsV1_2OrLater:

      return u"DtlsV1_2OrLater"_s;

    case QSsl::TlsV1_3:

      return u"TlsV1_3"_s;

    case QSsl::TlsV1_3OrLater:

      return u"TlsV1_3OrLater"_s;

    case QSsl::UnknownProtocol:

      return u"UnknownProtocol"_s;

  }


  QgsDebugError( u"Can't encode protocol: %1"_s.arg( protocol ) );


  return u"UnknownProtocol"_s;

}


#endif

QgsAuthConfigSslServer::sslIgnoredErrors
const QList< QSslError > sslIgnoredErrors() const
SSL server errors to ignore in connections.
Definition qgsauthconfig.cpp:353

QgsAuthConfigSslServer::isNull
bool isNull() const
Whether configuration is null (missing components).
Definition qgsauthconfig.cpp:404

QgsAuthConfigSslServer::sslIgnoredErrorEnums
const QList< QSslError::SslError > sslIgnoredErrorEnums() const
SSL server errors (as enum list) to ignore in connections.
Definition qgsauthconfig.h:353

QgsAuthConfigSslServer::configString
const QString configString() const
Configuration as a concatenated string.
Definition qgsauthconfig.cpp:364

QgsAuthConfigSslServer::QgsAuthConfigSslServer
QgsAuthConfigSslServer()
Construct a default SSL server configuration.
Definition qgsauthconfig.cpp:341

QgsAuthConfigSslServer::loadConfigString
void loadConfigString(const QString &config=QString())
Load concatenated string into configuration, e.g. from auth database.
Definition qgsauthconfig.cpp:380

QgsAuthMethodConfig
Configuration storage class for authentication method configurations.
Definition qgsauthconfig.h:43

QgsAuthMethodConfig::config
QString config(const QString &key, const QString &defaultvalue=QString()) const
Returns a config's value.
Definition qgsauthconfig.cpp:121

QgsAuthMethodConfig::isValid
bool isValid(bool validateid=false) const
Whether the configuration is valid.
Definition qgsauthconfig.cpp:62

QgsAuthMethodConfig::method
QString method() const
Textual key of the associated authentication method.
Definition qgsauthconfig.h:75

QgsAuthMethodConfig::uri
const QString uri() const
A URI to auto-select a config when connecting to a resource.
Definition qgsauthconfig.h:71

QgsAuthMethodConfig::removeConfig
int removeConfig(const QString &key)
Remove a config from map.
Definition qgsauthconfig.cpp:116

QgsAuthMethodConfig::readXml
bool readXml(const QDomElement &element)
from a DOM element.
Definition qgsauthconfig.cpp:174

QgsAuthMethodConfig::configString
const QString configString() const
The extended configuration, as stored and retrieved from the authentication database.
Definition qgsauthconfig.cpp:69

QgsAuthMethodConfig::name
const QString name() const
Gets name of configuration.
Definition qgsauthconfig.h:66

QgsAuthMethodConfig::operator==
bool operator==(const QgsAuthMethodConfig &other) const
Definition qgsauthconfig.cpp:52

QgsAuthMethodConfig::id
const QString id() const
Gets 'authcfg' 7-character alphanumeric ID of the config.
Definition qgsauthconfig.h:61

QgsAuthMethodConfig::loadConfigString
void loadConfigString(const QString &configstr)
Load existing extended configuration.
Definition qgsauthconfig.cpp:81

QgsAuthMethodConfig::clearConfigMap
void clearConfigMap()
Clear all configs.
Definition qgsauthconfig.h:153

QgsAuthMethodConfig::writeXml
bool writeXml(QDomElement &parentElement, QDomDocument &document)
Stores the configuration in a DOM.
Definition qgsauthconfig.cpp:152

QgsAuthMethodConfig::setConfig
void setConfig(const QString &key, const QString &value)
Set a single config value per key in the map.
Definition qgsauthconfig.cpp:106

QgsAuthMethodConfig::configList
QStringList configList(const QString &key) const
Returns a config's list of values.
Definition qgsauthconfig.cpp:126

QgsAuthMethodConfig::version
int version() const
Gets version of the configuration.
Definition qgsauthconfig.h:79

QgsAuthMethodConfig::configMap
QgsStringMap configMap() const
Gets extended configuration, mapped to key/value pairs of QStrings.
Definition qgsauthconfig.h:102

QgsAuthMethodConfig::operator!=
bool operator!=(const QgsAuthMethodConfig &other) const
Definition qgsauthconfig.cpp:57

QgsAuthMethodConfig::hasConfig
bool hasConfig(const QString &key) const
Whether a config key exists in config map.
Definition qgsauthconfig.cpp:131

QgsAuthMethodConfig::QgsAuthMethodConfig
QgsAuthMethodConfig(const QString &method=QString(), int version=0)
Construct a configuration for an authentication method.
Definition qgsauthconfig.cpp:43

QgsAuthMethodConfig::setConfigList
void setConfigList(const QString &key, const QStringList &value)
Set a multiple config values per key in the map.
Definition qgsauthconfig.cpp:111

QgsAuthMethodConfig::uriToResource
static bool uriToResource(const QString &accessurl, QString *resource, bool withpath=false)
A utility function for generating a resource from a URL to be compared against the config's uri() for...
Definition qgsauthconfig.cpp:136

QgsPkiBundle::certId
const QString certId() const
The sha hash of the client certificate.
Definition qgsauthconfig.cpp:290

QgsPkiBundle::isNull
bool isNull() const
Whether the bundle, either its certificate or private key, is null.
Definition qgsauthconfig.cpp:280

QgsPkiBundle::QgsPkiBundle
QgsPkiBundle(const QSslCertificate &clientCert=QSslCertificate(), const QSslKey &clientKey=QSslKey(), const QList< QSslCertificate > &caChain=QList< QSslCertificate >())
Construct a bundle from existing PKI components.
Definition qgsauthconfig.cpp:202

QgsPkiBundle::setClientKey
void setClientKey(const QSslKey &certkey)
Sets private key object.
Definition qgsauthconfig.cpp:308

QgsPkiBundle::setClientCert
void setClientCert(const QSslCertificate &cert)
Sets client certificate object.
Definition qgsauthconfig.cpp:299

QgsPkiBundle::fromPkcs12Paths
static const QgsPkiBundle fromPkcs12Paths(const QString &bundlepath, const QString &bundlepass=QString())
Construct a bundle of PKI components from a PKCS#12 file path.
Definition qgsauthconfig.cpp:236

QgsPkiBundle::clientKey
const QSslKey clientKey() const
Private key object.
Definition qgsauthconfig.h:249

QgsPkiBundle::setCaChain
void setCaChain(const QList< QSslCertificate > &cachain)
Sets chain of Certificate Authorities for client certificate.
Definition qgsauthconfig.h:256

QgsPkiBundle::caChain
const QList< QSslCertificate > caChain() const
Chain of Certificate Authorities for client certificate.
Definition qgsauthconfig.h:254

QgsPkiBundle::fromPemPaths
static const QgsPkiBundle fromPemPaths(const QString &certPath, const QString &keyPath, const QString &keyPass=QString(), const QList< QSslCertificate > &caChain=QList< QSslCertificate >())
Construct a bundle of PKI components from PEM-formatted file paths.
Definition qgsauthconfig.cpp:211

QgsPkiBundle::clientCert
const QSslCertificate clientCert() const
Client certificate object.
Definition qgsauthconfig.h:244

QgsPkiBundle::isValid
bool isValid() const
Whether the bundle is valid.
Definition qgsauthconfig.cpp:285

QgsPkiConfigBundle::config
const QgsAuthMethodConfig config() const
Authentication method configuration.
Definition qgsauthconfig.h:285

QgsPkiConfigBundle::QgsPkiConfigBundle
QgsPkiConfigBundle(const QgsAuthMethodConfig &config, const QSslCertificate &cert, const QSslKey &certkey, const QList< QSslCertificate > &cachain=QList< QSslCertificate >())
Construct a bundle from existing PKI components and authentication method configuration.
Definition qgsauthconfig.cpp:322

QgsPkiConfigBundle::isValid
bool isValid()
Whether the bundle is valid.
Definition qgsauthconfig.cpp:329

QgsStringMap
QMap< QString, QString > QgsStringMap
Definition qgis.h:7475

qgsauthcertutils.h

qgsauthconfig.h

qgslogger.h

QgsDebugError
#define QgsDebugError(str)
Definition qgslogger.h:59

qgsxmlutils.h