Mostly formatting and a few other bits.
# List of authenticators and the cmake flags to build them
# (currently that's just LDAP, but more can be added here).
####################################################################
-option(WITH_LDAP "Enable LDAP authentication support if present on system" ON)
+option(WITH_LDAP "Enable LDAP authentication support if present on system" ON)
# Setup CMake
#####################################################################
# Setup LDAP Authentication support.
#####################################################################
-if(WITH_LDAP)
+if (WITH_LDAP)
find_package(Ldap)
- if(LDAP_FOUND)
+ if (LDAP_FOUND)
message(STATUS "Enabling LDAP authentication support")
set(HAVE_LDAP true)
- if(HAVE_LDAP)
- add_definitions(-DHAVE_LDAP)
- endif(HAVE_LDAP)
- else(LDAP_FOUND)
+ add_definitions(-DHAVE_LDAP)
+ else()
message(STATUS "Disabling LDAP authentication support")
- endif(LDAP_FOUND)
-else(WITH_LDAP)
+ endif()
+else()
message(STATUS "Not enabling LDAP authentication support")
-endif(WITH_LDAP)
+endif()
# Setup KDE / KDE Frameworks
#####################################################################
/***************************************************************************
- * Copyright (C) 2005-2015 by the Quassel Project *
+ * Copyright (C) 2005-2016 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
/***************************************************************************
- * Copyright (C) 2005-2015 by the Quassel Project *
+ * Copyright (C) 2005-2016 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. *
***************************************************************************/
-#ifndef AUTHENTICATOR_H
-#define AUTHENTICATOR_H
+#pragma once
-#include <QtCore>
+#include <QObject>
+#include <QString>
+#include <QStringList>
+#include <QVariant>
#include "types.h"
virtual ~Authenticator() {};
enum State {
- IsReady, // ready to go
- NeedsSetup, // need basic setup (ask the user for input)
- NotAvailable // remove the authenticator backend from the list of avaliable authenticators.
+ IsReady, // ready to go
+ NeedsSetup, // need basic setup (ask the user for input)
+ NotAvailable // remove the authenticator backend from the list of avaliable authenticators.
};
private:
};
-
-#endif
return tr("Could not setup storage!");
}
- quInfo() << "Selected authenticator: " << authenticator;
+ quInfo() << "Selected authenticator:" << authenticator;
if (!(_configured = initAuthenticator(authenticator, authSetupData, true)))
{
return tr("Could not setup authenticator!");
}
}
+
void Core::unregisterStorageBackends()
{
foreach(Storage *s, _storageBackends.values()) {
#ifdef HAVE_LDAP
registerAuthenticator(new LdapAuthenticator(this));
#endif
-
}
+
bool Core::registerAuthenticator(Authenticator *authenticator)
{
- if (authenticator->isAvailable())
- {
+ if (authenticator->isAvailable()) {
_authenticators[authenticator->backendId()] = authenticator;
return true;
- } else {
+ }
+ else {
authenticator->deleteLater();
return false;
}
}
+
void Core::unregisterAuthenticators()
{
- foreach(Authenticator* a, _authenticators.values())
- {
+ foreach(Authenticator* a, _authenticators.values()) {
a->deleteLater();
}
_authenticators.clear();
}
+
void Core::unregisterAuthenticator(Authenticator *backend)
{
_authenticators.remove(backend->backendId());
return true;
}
+
void Core::syncStorage()
{
if (_storage)
return backends;
}
+
QVariantList Core::authenticatorInfo()
{
QVariantList backends;
saveAuthenticatorSettings(backend, settings);
qWarning() << "Switched auth backend to:" << qPrintable(backend);
}
-
+
_authenticator = authenticator;
- return true;
+ return true;
}
return false;
}
- if (!canChangeUserPassword(userId))
- {
+ if (!canChangeUserPassword(userId)) {
out << "User " << username << " is configured through an auth provider that has forbidden manual password changing." << endl;
return false;
}
bool Core::canChangeUserPassword(UserId userId)
{
QString authProvider = instance()->_storage->getUserAuthenticator(userId);
- if (authProvider != "Database")
- {
+ if (authProvider != "Database") {
if (authProvider != instance()->_authenticator->backendId()) {
return false;
- } else if (instance()->_authenticator->canChangePassword()) {
+ }
+ else if (instance()->_authenticator->canChangePassword()) {
return false;
}
}
return true;
}
+
AbstractSqlMigrationReader *Core::getMigrationReader(Storage *storage)
{
if (!storage)
return s.sync();
}
+
void Core::saveAuthenticatorSettings(const QString &backend, const QVariantMap &settings)
{
QVariantMap dbsettings;
QStringList keys = storage->setupKeys();
QVariantMap defaults = storage->setupDefaults();
return Core::promptForSettings(keys, defaults);
-
}
+
QVariantMap Core::promptForSettings(const Authenticator *authenticator)
{
QStringList keys = authenticator->setupKeys();
QVariantList backends;
QVariantList authenticators;
bool configured = Core::isConfigured();
- if (!configured)
- {
+ if (!configured) {
backends = Core::backendInfo();
authenticators = Core::authenticatorInfo();
}
// Maybe this should be hardcoded elsewhere, i.e. as a define.
QString authenticator = msg.authenticator;
quInfo() << "[" << authenticator << "]";
- if (authenticator.trimmed().isEmpty() || authenticator == 0)
- {
+ if (authenticator.trimmed().isEmpty()) {
authenticator = QString("Database");
}
// First attempt local auth using the real username and password.
// If that fails, move onto the auth provider.
UserId uid = Core::validateUser(msg.user, msg.password);
- if (uid == 0)
- {
+ if (uid == 0) {
uid = Core::authenticateUser(msg.user, msg.password);
}
return localValue("StorageSettings", def);
}
+
QVariant CoreSettings::authSettings(const QVariant &def)
{
return localValue("AuthSettings", def);
}
+
void CoreSettings::setAuthSettings(const QVariant &data)
{
setLocalValue("AuthSettings", data);
/***************************************************************************
- * Copyright (C) 2005-2015 by the Quassel Project *
+ * Copyright (C) 2005-2016 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
LdapAuthenticator::~LdapAuthenticator()
{
- if (_connection != 0)
- {
+ if (_connection != 0) {
ldap_unbind_ext(_connection, 0, 0);
}
}
return true;
}
+
QString LdapAuthenticator::backendId() const
{
// We identify the backend to use for the monolithic core by its displayname.
return QString("LDAP");
}
+
QString LdapAuthenticator::description() const
{
return tr("Authenticate users using an LDAP server.");
return keys;
}
+
QVariantMap LdapAuthenticator::setupDefaults() const
{
QVariantMap map;
return map;
}
+
void LdapAuthenticator::setConnectionProperties(const QVariantMap &properties)
{
_hostName = properties["Hostname"].toString();
UserId LdapAuthenticator::validateUser(const QString &username, const QString &password)
{
bool result = ldapAuth(username, password);
- if (!result)
- {
+ if (!result) {
return UserId();
}
// Users created via LDAP have empty passwords, but authenticator column = LDAP.
// On the other hand, if auth succeeds and the user already exists, do a final
// cross-check to confirm we're using the right auth provider.
- UserId quasselID = Core::validateUser(username, QString());
- if (!quasselID.isValid())
- {
+ UserId quasselId = Core::validateUser(username, QString());
+ if (!quasselId.isValid()) {
return Core::addUser(username, QString(), backendId());
}
- else if (!(Core::checkAuthProvider(quasselID, backendId())))
- {
+ else if (!(Core::checkAuthProvider(quasselId, backendId()))) {
return 0;
}
- return quasselID;
+ return quasselId;
}
+
bool LdapAuthenticator::setup(const QVariantMap &settings)
{
setConnectionProperties(settings);
return status;
}
+
Authenticator::State LdapAuthenticator::init(const QVariantMap &settings)
{
setConnectionProperties(settings);
bool status = ldapConnect();
- if (!status)
- {
+ if (!status) {
quInfo() << qPrintable(backendId()) << "Authenticator cannot connect.";
return NotAvailable;
}
return true;
}
+
void LdapAuthenticator::ldapDisconnect()
{
if (_connection == 0) {
_connection = 0;
}
+
bool LdapAuthenticator::ldapAuth(const QString &username, const QString &password)
{
if (password.isEmpty()) {
// Attempt to establish a connection.
if (_connection == 0) {
- if (not ldapConnect()) {
+ if (!ldapConnect()) {
return false;
}
}
QByteArray baseDN = _baseDN.toLocal8Bit();
QByteArray uidAttribute = _uidAttribute.toLocal8Bit();
- cred.bv_val = const_cast<char*>(bindPassword.size() > 0 ? bindPassword.constData() : NULL);
+ cred.bv_val = (bindPassword.size() > 0 ? bindPassword.data() : NULL);
cred.bv_len = bindPassword.size();
res = ldap_sasl_bind_s(_connection, bindDN.size() > 0 ? bindDN.constData() : 0, LDAP_SASL_SIMPLE, &cred, 0, 0, 0);
return false;
}
- const QByteArray passwordArray = password.toLocal8Bit();
- cred.bv_val = const_cast<char*>(passwordArray.constData());
+ QByteArray passwordArray = password.toLocal8Bit();
+ cred.bv_val = passwordArray.data();
cred.bv_len = password.size();
char *userDN = ldap_get_dn(_connection, entry);
/***************************************************************************
- * Copyright (C) 2005-2015 by the Quassel Project *
+ * Copyright (C) 2005-2016 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
*
*/
-#ifndef LDAPAUTHENTICATOR_H
-#define LDAPAUTHENTICATOR_H
+#pragma once
#include "authenticator.h"
LDAP *_connection;
};
-
-
-#endif
/***************************************************************************
- * Copyright (C) 2005-2015 by the Quassel Project *
+ * Copyright (C) 2005-2016 by the Quassel Project *
* devel@quassel-irc.org *
* *
* This program is free software; you can redistribute it and/or modify *
{
}
+
bool SqlAuthenticator::isAvailable() const
{
// FIXME: probably this should query the current storage (see the ::init routine too).
return true;
}
+
QString SqlAuthenticator::backendId() const
{
// We identify the backend to use for the monolithic core by its displayname.
return QString("Database");
}
+
QString SqlAuthenticator::description() const
{
return tr("Do not auth against any remote authentication service, but instead save a hashed and salted password "
"in the selected database.");
}
+
UserId SqlAuthenticator::validateUser(const QString &user, const QString &password)
{
return Core::validateUser(user, password);
}
+
bool SqlAuthenticator::setup(const QVariantMap &settings)
{
Q_UNUSED(settings)
return true;
}
+
Authenticator::State SqlAuthenticator::init(const QVariantMap &settings)
{
Q_UNUSED(settings)
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. *
***************************************************************************/
-#ifndef SQLAUTHENTICATOR_H
-#define SQLAUTHENTICATOR_H
+#pragma once
#include "authenticator.h"
//virtual UserId getUserId(const QString &username);
};
-
-
-#endif
setAttribute(Qt::WA_DeleteOnClose);
foreach(const QVariant &v, backends)
- _backends[v.toMap()["DisplayName"].toString()] = v;
+ _backends[v.toMap()["DisplayName"].toString()] = v;
foreach(const QVariant &v, authenticators)
- _authenticators[v.toMap()["DisplayName"].toString()] = v;
+ _authenticators[v.toMap()["DisplayName"].toString()] = v;
setPage(IntroPage, new CoreConfigWizardPages::IntroPage(this));
setPage(AdminUserPage, new CoreConfigWizardPages::AdminUserPage(this));
return _backends;
}
+
QHash<QString, QVariant> CoreConfigWizard::authenticators() const
{
return _authenticators;
}
+
void CoreConfigWizard::prepareCoreSetup(const QString &backend, const QVariantMap &properties, const QString &authenticator, const QVariantMap &authProperties)
{
// Prevent the user from changing any settings he already specified...
// FIXME? We need to be able to set up older cores that don't have auth backend support.
// So if the core doesn't support that feature, don't pass those parameters.
- if (!(Client::coreFeatures() & Quassel::Authenticators))
- {
+ if (!(Client::coreFeatures() & Quassel::Authenticators)) {
coreConnection()->setupCore(Protocol::SetupData(field("adminUser.user").toString(), field("adminUser.password").toString(), backend, properties));
- } else {
+ }
+ else {
coreConnection()->setupCore(Protocol::SetupData(field("adminUser.user").toString(), field("adminUser.password").toString(), backend, properties, authenticator, authProperties));
}
}
int AdminUserPage::nextId() const
{
// If the core doesn't support auth backends, skip that page!
- if (!(Client::coreFeatures() & Quassel::Authenticators))
- {
+ if (!(Client::coreFeatures() & Quassel::Authenticators)) {
return CoreConfigWizard::StorageSelectionPage;
- } else {
+ }
+ else {
return CoreConfigWizard::AuthenticationSelectionPage;
}
}
properties[key] = def;
}
}
- qDebug() << properties;
-
-// QVariantMap properties = _backends[backend].toMap()["ConnectionProperties"].toMap();
-// if(!properties.isEmpty() && _connectionBox) {
-// QVariantMap::iterator propertyIter = properties.begin();
-// while(propertyIter != properties.constEnd()) {
-// QWidget *widget = _connectionBox->findChild<QWidget *>(propertyIter.key());
-// switch(propertyIter.value().type()) {
-// case QVariant::Int:
-// {
-// QSpinBox *spinbox = qobject_cast<QSpinBox *>(widget);
-// Q_ASSERT(spinbox);
-// propertyIter.value() = QVariant(spinbox->value());
-// }
-// break;
-// default:
-// {
-// QLineEdit *lineEdit = qobject_cast<QLineEdit *>(widget);
-// Q_ASSERT(lineEdit);
-// propertyIter.value() = QVariant(lineEdit->text());
-// }
-// }
-// propertyIter++;
-// }
-// }
return properties;
}