87 Q_ENUM( MessageLevel )
98 Q_DECL_DEPRECATED
bool init(
const QString &pluginPath = QString(),
const QString &authDatabasePath = QString() )
SIP_DEPRECATED;
110 void setup( const QString &pluginPath = QString(), const QString &authDatabasePath = QString() );
119 bool ensureInitialized() const;
134 Q_DECL_DEPRECATED QSqlDatabase authDatabaseConnection() const
SIP_DEPRECATED;
140 Q_DECL_DEPRECATED const QString authDatabaseConfigTable() const
SIP_DEPRECATED {
return AUTH_CONFIG_TABLE; }
147 const QString methodConfigTableName()
const;
157 bool isDisabled()
const;
160 const QString disabledMessage()
const;
167 Q_DECL_DEPRECATED
const QString authenticationDatabasePath()
const;
172 static bool isFilesystemBasedDatabase(
const QString &uri );
185 const QString authenticationDatabaseUri() const;
191 const QString authenticationDatabaseUriStripped() const;
200 bool createAndStoreRandomMasterPasswordInKeyChain()
SIP_SKIP;
207 bool setMasterPassword(
bool verify = false );
215 bool setMasterPassword( const QString &password,
bool verify = false );
222 bool verifyMasterPassword( const QString &compare = QString() );
225 bool masterPasswordIsSet() const;
228 bool masterPasswordHashInDatabase() const;
234 void clearMasterPassword() { mMasterPass = QString(); }
240 bool masterPasswordSame(
const QString &password )
const;
251 bool resetMasterPassword(
const QString &newpass,
const QString &oldpass,
bool keepbackup, QString *backuppath
SIP_INOUT =
nullptr );
266 bool resetMasterPasswordUsingStoredPasswordHelper(
const QString &newPassword,
bool keepBackup, QString *backupPath =
nullptr )
SIP_SKIP;
272 bool scheduledAuthDatabaseErase()
SIP_SKIP {
return mScheduledDbErase; }
286 void setScheduledAuthDatabaseErase(
bool scheduleErase )
SIP_SKIP;
302 bool registerCoreAuthMethods();
308 void updateConfigAuthMethods();
320 QString configAuthMethodKey(
const QString &authcfg )
const;
325 QStringList authMethodsKeys(
const QString &dataprovider = QString() );
355 QWidget *authMethodEditWidget(
const QString &authMethodKey, QWidget *parent );
366 const QString uniqueConfigId()
const;
372 bool configIdUnique(
const QString &
id )
const;
378 static bool hasConfigId(
const QString &txt );
384 QStringList configIds()
const;
415 bool removeAuthenticationConfig(
const QString &authcfg );
424 bool exportAuthenticationConfigsToXml(
const QString &filename,
const QStringList &authcfgs,
const QString &password = QString() );
433 bool importAuthenticationConfigsFromXml(
const QString &filename,
const QString &password = QString(),
bool overwrite =
false );
439 bool removeAllAuthenticationConfigs();
445 bool backupAuthenticationDatabase( QString *backuppath
SIP_INOUT =
nullptr );
453 bool eraseAuthenticationDatabase(
bool backup, QString *backuppath
SIP_INOUT =
nullptr );
465 bool updateNetworkRequest( QNetworkRequest &request
SIP_INOUT,
const QString &authcfg,
466 const QString &dataprovider = QString() );
475 bool updateNetworkReply( QNetworkReply *reply,
const QString &authcfg,
476 const QString &dataprovider = QString() );
485 bool updateDataSourceUriItems( QStringList &connectionItems
SIP_INOUT,
const QString &authcfg,
486 const QString &dataprovider = QString() );
495 bool updateNetworkProxy( QNetworkProxy &proxy
SIP_INOUT,
const QString &authcfg,
496 const QString &dataprovider = QString() );
507 bool storeAuthSetting(
const QString &key,
const QVariant &value,
bool encrypt =
false );
521 QVariant authSetting(
const QString &key,
const QVariant &defaultValue = QVariant(),
bool decrypt =
false );
524 bool existsAuthSetting(
const QString &key );
527 bool removeAuthSetting(
const QString &key );
533 bool initSslCaches();
536 bool storeCertIdentity(
const QSslCertificate &cert,
const QSslKey &key );
543 const QSslCertificate certIdentity(
const QString &
id );
551 const QPair<QSslCertificate, QSslKey> certIdentityBundle(
const QString &
id )
SIP_SKIP;
558 const QStringList certIdentityBundleToPem(
const QString &
id );
564 const QList<QSslCertificate> certIdentities();
572 QStringList certIdentityIds()
const;
575 bool existsCertIdentity(
const QString &
id );
578 bool removeCertIdentity(
const QString &
id );
603 const QList<QgsAuthConfigSslServer> sslCertCustomConfigs();
606 bool existsSslCertCustomConfig(
const QString &
id,
const QString &hostport );
609 bool removeSslCertCustomConfig(
const QString &
id,
const QString &hostport );
619 void dumpIgnoredSslErrorsCache_();
625 bool updateIgnoredSslErrorsCache(
const QString &shahostport,
const QList<QSslError> &errors );
628 bool rebuildIgnoredSslErrorCache();
632 bool storeCertAuthorities(
const QList<QSslCertificate> &certs );
635 bool storeCertAuthority(
const QSslCertificate &cert );
644 const QSslCertificate certAuthority(
const QString &
id );
647 bool existsCertAuthority(
const QSslCertificate &cert );
650 bool removeCertAuthority(
const QSslCertificate &cert );
656 static const QList<QSslCertificate> systemRootCAs();
662 const QList<QSslCertificate> extraFileCAs();
668 const QList<QSslCertificate> databaseCAs();
674 const QMap<QString, QSslCertificate> mappedDatabaseCAs();
683 return mCaCertsCache;
687 bool rebuildCaCertsCache();
700 bool removeCertTrustPolicies(
const QList<QSslCertificate> &certs );
703 bool removeCertTrustPolicy(
const QSslCertificate &cert );
722 const QMap<QgsAuthCertUtils::CertTrustPolicy, QStringList >
certTrustCache() {
return mCertTrustCache; }
725 bool rebuildCertTrustCache();
732 const QList<QSslCertificate> trustedCaCerts(
bool includeinvalid =
false );
738 const QList<QSslCertificate> untrustedCaCerts( QList<QSslCertificate> trustedCAs = QList<QSslCertificate>() );
741 bool rebuildTrustedCaCertsCache();
753 const QByteArray trustedCaCertsPemText();
767 bool passwordHelperDelete()
SIP_SKIP;
773 static
bool passwordHelperEnabled();
779 void setPasswordHelperEnabled(
bool enabled );
785 static
bool passwordHelperLoggingEnabled()
SIP_SKIP;
791 static
void setPasswordHelperLoggingEnabled(
bool enabled )
SIP_SKIP;
797 bool passwordHelperSync();
805 bool verifyStoredPasswordHelperPassword()
SIP_SKIP;
814 static const QString AUTH_PASSWORD_HELPER_DISPLAY_NAME;
824 static QString passwordHelperDisplayName(
bool titleCase = false );
827 static const QString AUTH_MAN_TAG;
834 QString sqliteDatabasePath() const
SIP_SKIP;
842 void passwordHelperFailure();
848 void passwordHelperSuccess();
894 void masterPasswordVerified(
bool verified );
897 void authDatabaseEraseRequested();
900 void authDatabaseChanged();
904 void clearAllCachedConfigs();
907 void clearCachedConfig( const QString &authcfg );
921 void tryToStartDbErase();
945 static QString generatePassword();
947 bool initPrivate(
const QString &pluginPath );
953 QString passwordHelperName()
const;
956 void passwordHelperLog(
const QString &msg )
const;
959 QString passwordHelperRead(
bool &ok );
962 bool passwordHelperWrite(
const QString &password );
965 void passwordHelperSetErrorMessage(
const QString &errorMessage ) { mPasswordHelperErrorMessage = errorMessage; }
968 void passwordHelperClearErrors();
974 void passwordHelperProcessError();
976 bool masterPasswordInput();
978 bool masterPasswordRowsInDb(
int *rows )
const;
980 bool masterPasswordCheckAgainstDb(
const QString &compare = QString() )
const;
982 bool masterPasswordStoreInDb()
const;
984 bool masterPasswordClearDb();
986 const QString masterPasswordCiv()
const;
988 bool verifyPasswordCanDecryptConfigs()
const;
990 bool reencryptAllAuthenticationConfigs(
const QString &prevpass,
const QString &prevciv );
992 bool reencryptAuthenticationConfig(
const QString &authcfg,
const QString &prevpass,
const QString &prevciv );
994 bool reencryptAllAuthenticationSettings(
const QString &prevpass,
const QString &prevciv );
996 bool reencryptAllAuthenticationIdentities(
const QString &prevpass,
const QString &prevciv );
998 bool reencryptAuthenticationIdentity(
const QString &identid,
const QString &prevpass,
const QString &prevciv );
1004 QString authPasswordHelperKeyName()
const;
1012 static const QString AUTH_CONFIG_TABLE;
1013 static const QString AUTH_SERVERS_TABLE;
1014 static const QString AUTH_CFG_REGEX;
1016 QString mPluginPath;
1017 QString mAuthDatabaseConnectionUri;
1019 mutable bool mLazyInitResult =
false;
1020 bool mAuthInit =
false;
1022 mutable std::unique_ptr<QgsAuthConfigurationStorageRegistry> mAuthConfigurationStorageRegistry;
1024 std::unique_ptr<QCA::Initializer> mQcaInitializer;
1026 QHash<QString, QString> mConfigAuthMethods;
1027 QHash<QString, QgsAuthMethod *> mAuthMethods;
1029 QString mMasterPass;
1031 bool mAuthDisabled =
false;
1032 QString mAuthDisabledMessage;
1033 std::unique_ptr<QTimer> mScheduledDbEraseTimer;
1034 bool mScheduledDbErase =
false;
1035 int mScheduledDbEraseRequestWait = 3 ;
1036 bool mScheduledDbEraseRequestEmitted =
false;
1037 int mScheduledDbEraseRequestCount = 0;
1039 std::unique_ptr<QRecursiveMutex> mMutex;
1040 std::unique_ptr<QRecursiveMutex> mMasterPasswordMutex;
1044 QMap<QString, QPair<QgsAuthCertUtils::CaCertSource, QSslCertificate> > mCaCertsCache;
1046 QMap<QgsAuthCertUtils::CertTrustPolicy, QStringList > mCertTrustCache;
1048 QList<QSslCertificate> mTrustedCaCertsCache;
1050 QHash<QString, QSet<QSslError::SslError> > mIgnoredSslErrorsCache;
1052 bool mHasCustomConfigByHost =
false;
1053 bool mHasCheckedIfCustomConfigByHostExists =
false;
1054 QMap< QString, QgsAuthConfigSslServer > mCustomConfigByHostCache;
1061 bool mPasswordHelperVerificationError =
false;
1064 QString mPasswordHelperErrorMessage;
1067 QKeychain::Error mPasswordHelperErrorCode = QKeychain::NoError;
1070 bool mPasswordHelperLoggingEnabled =
false;
1073 bool mPasswordHelperFailedInit =
false;
1076 static const QLatin1String AUTH_PASSWORD_HELPER_KEY_NAME_BASE;
1079 static const QLatin1String AUTH_PASSWORD_HELPER_FOLDER_NAME;
1081 mutable QMap<QThread *, QMetaObject::Connection> mConnectedThreads;