sharpetronics/QGIS
1
0
Fork 0
mirror of https://github.com/qgis/QGIS.git synced 2025-10-06 00:07:29 -04:00
Code Issues Packages Projects Releases Wiki Activity

[oauth] Fix tests and rebase agains current master

Browse Source
This commit is contained in:
Alessandro Pasotti 2018-06-20 11:30:20 +02:00
parent b9c2c5cb6c
commit 0a67592d2c
5 changed files with 46 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/auth/oauth2/CMakeLists.txt
View File

@ -124,11 +124,11 @@ IF(WITH_INTERNAL_O2 AND CMAKE_GENERATOR MATCHES "Ninja")
COMMAND
)
ENDIF()
QT4_WRAP_UI(OAUTH2_UIS_H ${OAUTH2_UIS})
QT5_WRAP_UI(OAUTH2_UIS_H ${OAUTH2_UIS})
QT4_WRAP_CPP(OAUTH2_MOC_SRCS ${OAUTH2_MOC_HDRS})
QT5_WRAP_CPP(OAUTH2_MOC_SRCS ${OAUTH2_MOC_HDRS})
QT4_ADD_RESOURCES(OAUTH2_RCC_SRCS ${OAUTH2_RCCS})
QT5_ADD_RESOURCES(OAUTH2_RCC_SRCS ${OAUTH2_RCCS})
############################################################
# Set up plugin targets

52
src/auth/oauth2/qgsauthoauth2method.cpp
View File

@ -114,7 +114,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const
if ( !o2 )
{
msg = QStringLiteral( "Update request FAILED for authcfg %1: null object for requestor" ).arg( authcfg );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
return false;
}
@ -125,7 +125,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const
if ( !QFile::exists( tokencache ) )
{
msg = QStringLiteral( "Token cache removed for authcfg %1: unlinking authenticator" ).arg( authcfg );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
o2->unlink();
}
}
@ -143,7 +143,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const
if ( expired )
{
msg = QStringLiteral( "Token expired, attempting refresh for authcfg %1" ).arg( authcfg );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
// Try to get a refresh token first
// go into local event loop and wait for a fired refresh-related slot
@ -220,7 +220,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const
if ( !o2->linked() )
{
msg = QStringLiteral( "Update request FAILED for authcfg %1: requestor could not link app" ).arg( authcfg );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
return false;
}
}
@ -228,7 +228,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const
if ( o2->token().isEmpty() )
{
msg = QStringLiteral( "Update request FAILED for authcfg %1: access token is empty" ).arg( authcfg );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
return false;
}
@ -243,13 +243,13 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const
case QgsAuthOAuth2Config::Header:
request.setRawHeader( O2_HTTP_AUTHORIZATION_HEADER, QStringLiteral( "Bearer %1" ).arg( o2->token() ).toAscii() );
msg = QStringLiteral( "Updated request HEADER with access token for authcfg: %1" ).arg( authcfg );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
break;
case QgsAuthOAuth2Config::Form:
// FIXME: what to do here if the parent request is not POST?
// probably have to skip this until auth system support is moved into QgsNetworkAccessManager
msg = QStringLiteral( "Update request FAILED for authcfg %1: form POST token update is unsupported" ).arg( authcfg );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
break;
case QgsAuthOAuth2Config::Query:
if ( !query.hasQueryItem( O2_OAUTH2_ACCESS_TOKEN ) )
@ -263,7 +263,7 @@ bool QgsAuthOAuth2Method::updateNetworkRequest( QNetworkRequest &request, const
{
msg = QStringLiteral( "Updated request QUERY with access token SKIPPED (existing token) for authcfg: %1" ).arg( authcfg );
}
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
break;
}
@ -284,7 +284,7 @@ bool QgsAuthOAuth2Method::updateNetworkReply( QNetworkReply *reply, const QStrin
{
QString msg = QStringLiteral( "Updated reply with token refresh connection FAILED"
" for authcfg %1: null reply object" ).arg( authcfg );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
return false;
}
reply->setProperty( "authcfg", authcfg );
@ -296,7 +296,7 @@ bool QgsAuthOAuth2Method::updateNetworkReply( QNetworkReply *reply, const QStrin
// this, &QgsAuthOAuth2Method::onNetworkError, Qt::QueuedConnection );
QString msg = QStringLiteral( "Updated reply with token refresh connection for authcfg: %1" ).arg( authcfg );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
return true;
}
@ -311,7 +311,7 @@ void QgsAuthOAuth2Method::onLinkedChanged()
void QgsAuthOAuth2Method::onLinkingFailed()
{
// Login has failed
QgsMessageLog::logMessage( tr( "Authenticator linking (login) has failed" ), AUTH_METHOD_KEY, QgsMessageLog::WARNING );
QgsMessageLog::logMessage( tr( "Authenticator linking (login) has failed" ), AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
}
void QgsAuthOAuth2Method::onLinkingSucceeded()
@ -320,18 +320,18 @@ void QgsAuthOAuth2Method::onLinkingSucceeded()
if ( !o2 )
{
QgsMessageLog::logMessage( tr( "Linking succeeded, but authenticator access FAILED: null object" ),
AUTH_METHOD_KEY, QgsMessageLog::WARNING );
AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
return;
}
if ( !o2->linked() )
{
QgsMessageLog::logMessage( tr( "Linking apparently succeeded, but authenticator FAILED to verify it is linked" ),
AUTH_METHOD_KEY, QgsMessageLog::WARNING );
AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
return;
}
QgsMessageLog::logMessage( tr( "Linking succeeded" ), AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( tr( "Linking succeeded" ), AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
//###################### DO NOT LEAVE ME UNCOMMENTED ######################
//QgsDebugMsg( QStringLiteral( "Access token: %1" ).arg( o2->token() ) );
@ -357,7 +357,7 @@ void QgsAuthOAuth2Method::onOpenBrowser( const QUrl &url )
// The user will interact with this browser window to
// enter login name, password, and authorize your application
// to access the Twitter account
QgsMessageLog::logMessage( tr( "Open browser requested" ), AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( tr( "Open browser requested" ), AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
QDesktopServices::openUrl( url );
}
@ -365,7 +365,7 @@ void QgsAuthOAuth2Method::onOpenBrowser( const QUrl &url )
void QgsAuthOAuth2Method::onCloseBrowser()
{
// Close the browser window opened in openBrowser()
QgsMessageLog::logMessage( tr( "Close browser requested" ), AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( tr( "Close browser requested" ), AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
// Bring focus back to QGIS app
if ( qobject_cast<QApplication *>( qApp ) )
@ -385,10 +385,10 @@ void QgsAuthOAuth2Method::onCloseBrowser()
void QgsAuthOAuth2Method::onReplyFinished()
{
QgsMessageLog::logMessage( tr( "Network reply finished" ), AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( tr( "Network reply finished" ), AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
QNetworkReply *reply = qobject_cast<QNetworkReply *>( sender() );
QgsMessageLog::logMessage( tr( "Results: %1" ).arg( QString( reply->readAll() ) ),
AUTH_METHOD_KEY, QgsMessageLog::INFO );
AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
}
void QgsAuthOAuth2Method::onNetworkError( QNetworkReply::NetworkError err )
@ -399,13 +399,13 @@ void QgsAuthOAuth2Method::onNetworkError( QNetworkReply::NetworkError err )
if ( !reply )
{
msg = tr( "Network error but no reply object accessible" );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
return;
}
if ( err != QNetworkReply::NoError )
{
msg = tr( "Network error: %1" ).arg( reply->errorString() );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
}
// TODO: update debug messages to output to QGIS
@ -413,18 +413,18 @@ void QgsAuthOAuth2Method::onNetworkError( QNetworkReply::NetworkError err )
int status = reply->attribute( QNetworkRequest::HttpStatusCodeAttribute ).toInt();
msg = tr( "Network error, HTTP status: %1" ).arg(
reply->attribute( QNetworkRequest::HttpReasonPhraseAttribute ).toString() );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
if ( status == 401 )
{
msg = tr( "Attempting token refresh..." );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
QString authcfg = reply->property( "authcfg" ).toString();
if ( authcfg.isEmpty() )
{
msg = tr( "Token refresh FAILED: authcfg empty" );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
return;
}
@ -438,12 +438,12 @@ void QgsAuthOAuth2Method::onNetworkError( QNetworkReply::NetworkError err )
o2->refresh();
msg = tr( "Background token refresh underway for authcfg: %1" ).arg( authcfg );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::INFO );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Info );
}
else
{
msg = tr( "Background token refresh FAILED for authcfg %1: could not get authenticator object" ).arg( authcfg );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, QgsMessageLog::WARNING );
QgsMessageLog::logMessage( msg, AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
}
}
}
@ -454,7 +454,7 @@ void QgsAuthOAuth2Method::onRefreshFinished( QNetworkReply::NetworkError err )
if ( err != QNetworkReply::NoError )
{
QgsMessageLog::logMessage( tr( "Token fefresh error: %1" ).arg( reply->errorString() ),
AUTH_METHOD_KEY, QgsMessageLog::WARNING );
AUTH_METHOD_KEY, Qgis::MessageLevel::Warning );
}
}

13
tests/src/auth/CMakeLists.txt
View File

@ -57,12 +57,15 @@ MACRO (ADD_QGIS_TEST testname testsrc)
TARGET_LINK_LIBRARIES(qgis_${testname} ${APP_SERVICES_LIBRARY})
ENDIF(APPLE)
TARGET_LINK_LIBRARIES(qgis_${testname}
${QT_QTCORE_LIBRARY}
${QT_QTGUI_LIBRARY}
${QT_QTNETWORK_LIBRARY}
${QT_QTXML_LIBRARY}
${Qt5Core_LIBRARIES}
${Qt5Xml_LIBRARIES}
${Qt5Svg_LIBRARIES}
${Qt5Test_LIBRARIES}
${Qt5Network_LIBRARIES}
${PROJ_LIBRARY}
${GEOS_LIBRARY}
${GDAL_LIBRARY}
${OPTIONAL_QTWEBKIT}
${QT_QTTEST_LIBRARY}
${PROJ_LIBRARY}
${GEOS_LIBRARY}
${GDAL_LIBRARY}

27
tests/src/python/qgis_wrapped_server.py
View File

@ -203,12 +203,8 @@ qgs_app = QgsApplication([], False)
qgs_server = QgsServer()
<<<<<<< a929de58a77eb0040b173a59df22ef510cd51023
if os.environ.get('QGIS_SERVER_HTTP_BASIC_AUTH') is not None:
=======
if QGIS_SERVER_HTTP_BASIC_AUTH:
from qgis.server import QgsServerFilter
>>>>>>> [oauth2] Added test for resource owner password grant flow
import base64
class HTTPBasicFilter(QgsServerFilter):
@ -242,7 +238,6 @@ if QGIS_SERVER_HTTP_BASIC_AUTH:
qgs_server.serverInterface().registerFilter(filter)
<<<<<<< a929de58a77eb0040b173a59df22ef510cd51023
def num2deg(xtile, ytile, zoom):
"""This returns the NW-corner of the square. Use the function with xtile+1 and/or ytile+1
to get the other corners. With xtile+0.5 & ytile+0.5 it will return the center of the tile."""
@ -277,7 +272,7 @@ class XYZFilter(QgsServerFilter):
xyzfilter = XYZFilter(qgs_server.serverInterface())
qgs_server.serverInterface().registerFilter(xyzfilter)
=======
if QGIS_SERVER_OAUTH2_AUTH:
from qgis.server import QgsServerFilter
from oauthlib.oauth2 import RequestValidator, LegacyApplicationServer
@ -415,7 +410,6 @@ if QGIS_SERVER_OAUTH2_AUTH:
filter = OAuth2Filter(qgs_server.serverInterface())
qgs_server.serverInterface().registerFilter(filter)
>>>>>>> [oauth2] Added test for resource owner password grant flow
class Handler(BaseHTTPRequestHandler):
@ -424,17 +418,11 @@ class Handler(BaseHTTPRequestHandler):
# CGI vars:
headers = {}
for k, v in self.headers.items():
<<<<<<< a7fb4238893336c8d5b2b4802f63588175e70c83
headers['HTTP_%s' % k.replace(' ', '-').replace('-', '_').replace(' ', '-').upper()] = v
if not self.path.startswith('http'):
self.path = "%s://%s:%s%s" % ('https' if https else 'http', QGIS_SERVER_HOST, self.server.server_port, self.path)
request = QgsBufferServerRequest(self.path, (QgsServerRequest.PostMethod if post_body is not None else QgsServerRequest.GetMethod), headers, post_body)
=======
headers['HTTP_%s' % k.replace(
' ', '-').replace('-', '_').replace(' ', '-').upper()] = v
self.path = "%s://%s:%s%s" % ('https' if HTTPS_ENABLED else 'http', QGIS_SERVER_HOST, self.server.server_port, self.path)
request = QgsBufferServerRequest(
self.path, (QgsServerRequest.PostMethod if post_body is not None else QgsServerRequest.GetMethod), headers, post_body)
>>>>>>> Pass urlencoded URL to the oauth handler
response = QgsBufferServerResponse()
qgs_server.handleRequest(request, response)
@ -461,20 +449,10 @@ class ThreadedHTTPServer(ThreadingMixIn, HTTPServer):
if __name__ == '__main__':
<<<<<<< a929de58a77eb0040b173a59df22ef510cd51023
if os.environ.get('MULTITHREADING') == '1':
server = ThreadedHTTPServer((QGIS_SERVER_HOST, QGIS_SERVER_PORT), Handler)
else:
server = HTTPServer((QGIS_SERVER_HOST, QGIS_SERVER_PORT), Handler)
if https:
server.socket = ssl.wrap_socket(server.socket,
certfile=QGIS_SERVER_PKI_CERTIFICATE,
keyfile=QGIS_SERVER_PKI_KEY,
ca_certs=QGIS_SERVER_PKI_AUTHORITY,
cert_reqs=ssl.CERT_REQUIRED,
server_side=True,
ssl_version=ssl.PROTOCOL_TLSv1)
=======
server = HTTPServer((QGIS_SERVER_HOST, QGIS_SERVER_PORT), Handler)
# HTTPS is enabled if any of PKI or OAuth2 are enabled too
if HTTPS_ENABLED:
@ -497,7 +475,6 @@ if __name__ == '__main__':
server_side=True,
ssl_version=ssl.PROTOCOL_TLSv1)
>>>>>>> [oauth2] Added test for resource owner password grant flow
print('Starting server on %s://%s:%s, use <Ctrl-C> to stop' %
('https' if HTTPS_ENABLED else 'http', QGIS_SERVER_HOST, server.server_port), flush=True)

14
tests/src/python/test_authmanager_oauth2_ows.py
View File

@ -36,7 +36,7 @@ from shutil import rmtree
from utilities import unitTestDataPath, waitServer
from qgis.core import (
QgsAuthManager,
QgsApplication,
QgsAuthMethodConfig,
QgsVectorLayer,
QgsRasterLayer,
@ -87,19 +87,19 @@ def setup_oauth(username, password, token_uri, refresh_token_uri='', authcfg_id=
"version": 1
}
if authcfg_id not in QgsAuthManager.instance().availableAuthMethodConfigs():
if authcfg_id not in QgsApplication.authManager().availableAuthMethodConfigs():
authConfig = QgsAuthMethodConfig('OAuth2')
authConfig.setId(authcfg_id)
authConfig.setName(authcfg_name)
authConfig.setConfig('oauth2config', json.dumps(cfgjson))
if QgsAuthManager.instance().storeAuthenticationConfig(authConfig):
if QgsApplication.authManager().storeAuthenticationConfig(authConfig):
return authcfg_id
else:
authConfig = QgsAuthMethodConfig()
QgsAuthManager.instance().loadAuthenticationConfig(authcfg_id, authConfig, True)
QgsApplication.authManager().loadAuthenticationConfig(authcfg_id, authConfig, True)
authConfig.setName(authcfg_name)
authConfig.setConfig('oauth2config', json.dumps(cfgjson))
if QgsAuthManager.instance().updateAuthenticationConfig(authConfig):
if QgsApplication.authManager().updateAuthenticationConfig(authConfig):
return authcfg_id
return None
@ -109,7 +109,7 @@ class TestAuthManager(unittest.TestCase):
@classmethod
def setUpAuth(cls):
"""Run before all tests and set up authentication"""
authm = QgsAuthManager.instance()
authm = QgsApplication.authManager()
assert (authm.setMasterPassword('masterpassword', True))
cls.sslrootcert_path = os.path.join(cls.certsdata_path, 'chains_subissuer-issuer-root_issuer2-root2.pem')
assert os.path.isfile(cls.sslrootcert_path)
@ -178,7 +178,7 @@ class TestAuthManager(unittest.TestCase):
# This is to test wrong credentials
cls.wrong_authcfg_id = setup_oauth('wrong', 'wrong', cls.token_uri, cls.refresh_token_uri, str(random.randint(0, 10000000)))
# Get the authentication configuration instance:
cls.auth_config = QgsAuthManager.instance().availableAuthMethodConfigs()[cls.authcfg_id]
cls.auth_config = QgsApplication.authManager().availableAuthMethodConfigs()[cls.authcfg_id]
assert cls.auth_config.isValid()
# Wait for the server process to start