/************************************************************************
 * This file has been generated automatically from                      *
 *                                                                      *
 * src/core/auth/qgsauthmanager.h                                       *
 *                                                                      *
 * Do not edit manually ! Edit header and run scripts/sipify.pl again   *
 ************************************************************************/








class QgsAuthManager : QObject
{
%Docstring
Singleton offering an interface to manage the authentication configuration database
and to utilize configurations through various authentication method plugins

QgsAuthManager should not usually be directly created, but rather accessed through
:py:func:`QgsApplication.authManager()`
%End

%TypeHeaderCode
#include "qgsauthmanager.h"
%End
  public:

    enum MessageLevel
    {
      INFO,
      WARNING,
      CRITICAL
    };

    bool init( const QString &pluginPath = QString(),  const QString &authDatabasePath = QString() );
%Docstring
init initialize QCA, prioritize qca-ossl plugin and optionally set up the authentication database

:param pluginPath: the plugin path
:param authDatabasePath: the authentication DB path

:return: true on success

.. seealso:: :py:func:`QgsApplication.pluginPath`

.. seealso:: :py:func:`QgsApplication.qgisAuthDatabaseFilePath`
%End

    ~QgsAuthManager();

    QSqlDatabase authDatabaseConnection() const;
%Docstring
Sets up the application instance of the authentication database connection
%End

    const QString authDatabaseConfigTable() const;
%Docstring
Name of the authentication database table that stores configs
%End

    const QString authDatabaseServersTable() const;
%Docstring
Name of the authentication database table that stores server exceptions/configs
%End


    bool isDisabled() const;
%Docstring
Whether QCA has the qca-ossl plugin, which a base run-time requirement
%End

    const QString disabledMessage() const;
%Docstring
Standard message for when QCA's qca-ossl plugin is missing and system is disabled
%End

    const QString authenticationDatabasePath() const;
%Docstring
The standard authentication database file in ~/.qgis3/ or defined location

.. seealso:: :py:func:`QgsApplication.qgisAuthDatabaseFilePath`
%End

    bool setMasterPassword( bool verify = false );
%Docstring
Main call to initially set or continually check master password is set

.. note::

   If it is not set, the user is asked for its input

:param verify: Whether password's hash was saved in authentication database
%End

    bool setMasterPassword( const QString &pass, bool verify = false );
%Docstring
Overloaded call to reset master password or set it initially without user interaction

.. note::

   Only use this in trusted reset functions, unit tests or user/app setup scripts!

:param pass: Password to use
:param verify: Whether password's hash was saved in authentication database
%End

    bool verifyMasterPassword( const QString &compare = QString() );
%Docstring
Verify the supplied master password against any existing hash in authentication database

.. note::

   Do not emit verification signals when only comparing

:param compare: Password to compare against
%End

    bool masterPasswordIsSet() const;
%Docstring
Whether master password has be input and verified, i.e. authentication database is accessible
%End

    bool masterPasswordHashInDatabase() const;
%Docstring
Verify a password hash existing in authentication database
%End

    void clearMasterPassword();
%Docstring
Clear supplied master password

.. note::

   This will not necessarily clear authenticated connections cached in network connection managers
%End

    bool masterPasswordSame( const QString &pass ) const;
%Docstring
Check whether supplied password is the same as the one already set

:param pass: Password to verify
%End

    bool resetMasterPassword( const QString &newpass, const QString &oldpass, bool keepbackup, QString *backuppath /In,Out/ = 0 );
%Docstring
Reset the master password to a new one, then re-encrypt all previous
configs in a new database file, optionally backup curren database

:param newpass: New master password to replace existing
:param oldpass: Current master password to replace existing
:param keepbackup: Whether to keep the generated backup of current database
:param backuppath: Where the backup is located, if kept
%End



    void setScheduledAuthDatabaseEraseRequestEmitted( bool emitted );
%Docstring
Re-emit a signal to schedule an optional erase of authentication database.

.. note::

   This can be called from the slot connected to a previously emitted scheduling signal,
   so that the slot can ask for another emit later, if the slot noticies the current GUI
   processing state is not ready for interacting with the user, e.g. project is still loading

:param emitted: Setting to false will cause signal to be emitted by the schedule timer.
                Setting to true will stop any emitting, but will not stop the schedule timer.
%End

    QString authManTag() const;
%Docstring
Simple text tag describing authentication system for message logs
%End

    bool registerCoreAuthMethods();
%Docstring
Instantiate and register existing C++ core authentication methods from plugins
%End

    QgsAuthMethodConfigsMap availableAuthMethodConfigs( const QString &dataprovider = QString() );
%Docstring
Gets mapping of authentication config ids and their base configs (not decrypted data)
%End

    void updateConfigAuthMethods();
%Docstring
Sync the confg/authentication method cache with what is in database
%End

    QgsAuthMethod *configAuthMethod( const QString &authcfg );
%Docstring
Gets authentication method from the config/provider cache

:param authcfg: Authentication config id
%End

    QString configAuthMethodKey( const QString &authcfg ) const;
%Docstring
Gets key of authentication method associated with config ID

:param authcfg:
%End

    QStringList authMethodsKeys( const QString &dataprovider = QString() );
%Docstring
Gets keys of supported authentication methods
%End

    QgsAuthMethod *authMethod( const QString &authMethodKey );
%Docstring
Gets authentication method from the config/provider cache via its key

:param authMethodKey: Authentication method key
%End


    QWidget *authMethodEditWidget( const QString &authMethodKey, QWidget *parent );
%Docstring
Gets authentication method edit widget via its key

:param authMethodKey: Authentication method key
:param parent: Parent widget
%End

    QgsAuthMethod::Expansions supportedAuthMethodExpansions( const QString &authcfg );
%Docstring
Gets supported authentication method expansion(s), e.g. NetworkRequest | DataSourceURI, as flags

:param authcfg:
%End

    const QString uniqueConfigId() const;
%Docstring
Gets a unique generated 7-character string to assign to as config id
%End

    bool configIdUnique( const QString &id ) const;
%Docstring
Verify if provided authentication id is unique

:param id: Id to check
%End

    bool hasConfigId( const QString &txt ) const;
%Docstring
Returns whether a string includes an authcfg ID token

:param txt: String to check
%End

    QString configIdRegex() const;
%Docstring
Returns the regular expression for authcfg=.{7} key/value token for authentication ids
%End

    QStringList configIds() const;
%Docstring
Gets list of authentication ids from database
%End

    bool storeAuthenticationConfig( QgsAuthMethodConfig &mconfig /In,Out/ );
%Docstring
Store an authentication config in the database

:param mconfig: Associated authentication config id

:return: Whether operation succeeded
%End

    bool updateAuthenticationConfig( const QgsAuthMethodConfig &config );
%Docstring
Update an authentication config in the database

:param config: Associated authentication config id

:return: Whether operation succeeded
%End

    bool loadAuthenticationConfig( const QString &authcfg, QgsAuthMethodConfig &mconfig /In,Out/, bool full = false );
%Docstring
Load an authentication config from the database into subclass

:param authcfg: Associated authentication config id
:param mconfig: Subclassed config to load into
:param full: Whether to decrypt and populate all sensitive data in subclass

:return: Whether operation succeeded
%End

    bool removeAuthenticationConfig( const QString &authcfg );
%Docstring
Remove an authentication config in the database

:param authcfg: Associated authentication config id

:return: Whether operation succeeded
%End

    bool removeAllAuthenticationConfigs();
%Docstring
Clear all authentication configs from table in database and from provider caches

:return: Whether operation succeeded
%End

    bool backupAuthenticationDatabase( QString *backuppath /In,Out/ = 0 );
%Docstring
Close connection to current authentication database and back it up

:return: Path to backup
%End

    bool eraseAuthenticationDatabase( bool backup, QString *backuppath /In,Out/ = 0 );
%Docstring
Erase all rows from all tables in authentication database

:param backup: Whether to backup of current database
:param backuppath: Where the backup is locate

:return: Whether operation succeeded
%End



    bool updateNetworkRequest( QNetworkRequest &request /In,Out/, const QString &authcfg,
                               const QString &dataprovider = QString() );
%Docstring
Provider call to update a QNetworkRequest with an authentication config

:param request: The QNetworkRequest
:param authcfg: Associated authentication config id
:param dataprovider: Provider key filter, offering logic branching in authentication method

:return: Whether operation succeeded
%End

    bool updateNetworkReply( QNetworkReply *reply, const QString &authcfg,
                             const QString &dataprovider = QString() );
%Docstring
Provider call to update a QNetworkReply with an authentication config (used to skip known SSL errors, etc.)

:param reply: The QNetworkReply
:param authcfg: Associated authentication config id
:param dataprovider: Provider key filter, offering logic branching in authentication method

:return: Whether operation succeeded
%End

    bool updateDataSourceUriItems( QStringList &connectionItems /In,Out/, const QString &authcfg,
                                   const QString &dataprovider = QString() );
%Docstring
Provider call to update a QgsDataSourceUri with an authentication config

:param connectionItems: The connection items, e.g. username=myname, of :py:class:`QgsDataSourceUri`
:param authcfg: Associated authentication config id
:param dataprovider: Provider key filter, offering logic branching in authentication method

:return: Whether operation succeeded
%End

    bool updateNetworkProxy( QNetworkProxy &proxy /In,Out/, const QString &authcfg,
                             const QString &dataprovider = QString() );
%Docstring
Provider call to update a QNetworkProxy with an authentication config

:param proxy: the QNetworkProxy
:param authcfg: Associated authentication config id
:param dataprovider: Provider key filter, offering logic branching in authentication method

:return: Whether operation succeeded
%End


    bool storeAuthSetting( const QString &key, const QVariant &value, bool encrypt = false );
%Docstring
Store an authentication setting (stored as string via QVariant( value ).toString() )
%End

    QVariant authSetting( const QString &key, const QVariant &defaultValue = QVariant(), bool decrypt = false );
%Docstring
authSetting get an authentication setting (retrieved as string and returned as QVariant( QString ))

:param key: setting key
:param defaultValue:
:param decrypt: if the value needs decrypted

:return: QVariant( QString ) authentication setting

.. versionadded:: 3.0
%End

    bool existsAuthSetting( const QString &key );
%Docstring
Check if an authentication setting exists
%End

    bool removeAuthSetting( const QString &key );
%Docstring
Remove an authentication setting
%End


    bool initSslCaches();
%Docstring
Initialize various SSL authentication caches
%End

    bool storeCertIdentity( const QSslCertificate &cert, const QSslKey &key );
%Docstring
Store a certificate identity
%End

    const QSslCertificate certIdentity( const QString &id );
%Docstring
certIdentity get a certificate identity by ``id`` (sha hash)

:param id: sha hash of the cert

:return: the certificate

.. versionadded:: 3.0
%End


    const QStringList certIdentityBundleToPem( const QString &id );
%Docstring
certIdentityBundleToPem get a certificate identity bundle by ``id`` (sha hash) returned as PEM text

:param id: sha hash

:return: a list of strings

.. versionadded:: 3.0
%End

    const QList<QSslCertificate> certIdentities();
%Docstring
certIdentities get certificate identities

:return: list of certificates

.. versionadded:: 3.0
%End


    QStringList certIdentityIds() const;
%Docstring
certIdentityIds get list of certificate identity ids from database

:return: list of certificate ids

.. versionadded:: 3.0
%End

    bool existsCertIdentity( const QString &id );
%Docstring
Check if a certificate identity exists
%End

    bool removeCertIdentity( const QString &id );
%Docstring
Remove a certificate identity
%End


    bool storeSslCertCustomConfig( const QgsAuthConfigSslServer &config );
%Docstring
Store an SSL certificate custom config
%End

    const QgsAuthConfigSslServer sslCertCustomConfig( const QString &id, const QString &hostport );
%Docstring
sslCertCustomConfig get an SSL certificate custom config by ``id`` (sha hash) and ``hostport`` (host:port)

:param id: sha hash
:param hostport: string host:port

:return: a SSL certificate custom config

.. versionadded:: 3.0
%End

    const QgsAuthConfigSslServer sslCertCustomConfigByHost( const QString &hostport );
%Docstring
sslCertCustomConfigByHost get an SSL certificate custom config by ``hostport`` (host:port)

:param hostport: host:port

:return: a SSL certificate custom config

.. versionadded:: 3.0
%End

    const QList<QgsAuthConfigSslServer> sslCertCustomConfigs();
%Docstring
sslCertCustomConfigs get SSL certificate custom configs

:return: list of SSL certificate custom config

.. versionadded:: 3.0
%End

    bool existsSslCertCustomConfig( const QString &id, const QString &hostport );
%Docstring
Check if SSL certificate custom config exists
%End

    bool removeSslCertCustomConfig( const QString &id, const QString &hostport );
%Docstring
Remove an SSL certificate custom config
%End


    void dumpIgnoredSslErrorsCache_();
%Docstring
Utility function to dump the cache for debug purposes
%End

    bool updateIgnoredSslErrorsCacheFromConfig( const QgsAuthConfigSslServer &config );
%Docstring
Update ignored SSL error cache with possible ignored SSL errors, using server config
%End

    bool updateIgnoredSslErrorsCache( const QString &shahostport, const QList<QSslError> &errors );
%Docstring
Update ignored SSL error cache with possible ignored SSL errors, using sha:host:port key
%End

    bool rebuildIgnoredSslErrorCache();
%Docstring
Rebuild ignoredSSL error cache
%End


    bool storeCertAuthorities( const QList<QSslCertificate> &certs );
%Docstring
Store multiple certificate authorities
%End

    bool storeCertAuthority( const QSslCertificate &cert );
%Docstring
Store a certificate authority
%End


    const QSslCertificate certAuthority( const QString &id );
%Docstring
certAuthority get a certificate authority by ``id`` (sha hash)

:param id: sha hash

:return: a certificate

.. versionadded:: 3.0
%End

    bool existsCertAuthority( const QSslCertificate &cert );
%Docstring
Check if a certificate authority exists
%End

    bool removeCertAuthority( const QSslCertificate &cert );
%Docstring
Remove a certificate authority
%End

    const QList<QSslCertificate> systemRootCAs();
%Docstring
systemRootCAs get root system certificate authorities

:return: list of certificate authorities

.. versionadded:: 3.0
%End

    const QList<QSslCertificate> extraFileCAs();
%Docstring
extraFileCAs extra file-based certificate authorities

:return: list of certificate authorities

.. versionadded:: 3.0
%End

    const QList<QSslCertificate> databaseCAs();
%Docstring
databaseCAs get database-stored certificate authorities

:return: list of certificate authorities

.. versionadded:: 3.0
%End

    const QMap<QString, QSslCertificate> mappedDatabaseCAs();
%Docstring
mappedDatabaseCAs get sha1-mapped database-stored certificate authorities

:return: sha1-mapped certificate authorities

.. versionadded:: 3.0
%End


    bool rebuildCaCertsCache();
%Docstring
Rebuild certificate authority cache
%End

    bool storeCertTrustPolicy( const QSslCertificate &cert, QgsAuthCertUtils::CertTrustPolicy policy );
%Docstring
Store user trust value for a certificate
%End

    QgsAuthCertUtils::CertTrustPolicy certTrustPolicy( const QSslCertificate &cert );
%Docstring
certTrustPolicy get whether certificate ``cert`` is trusted by user

:param cert:

:return: DefaultTrust if certificate sha not in trust table, i.e. follows default trust policy

.. versionadded:: 3.0
%End

    bool removeCertTrustPolicies( const QList<QSslCertificate> &certs );
%Docstring
Remove a group certificate authorities
%End

    bool removeCertTrustPolicy( const QSslCertificate &cert );
%Docstring
Remove a certificate authority
%End

    QgsAuthCertUtils::CertTrustPolicy certificateTrustPolicy( const QSslCertificate &cert );
%Docstring
certificateTrustPolicy get trust policy for a particular certificate ``cert``

:param cert:

:return: DefaultTrust if certificate sha not in trust table, i.e. follows default trust policy

.. versionadded:: 3.0
%End

    bool setDefaultCertTrustPolicy( QgsAuthCertUtils::CertTrustPolicy policy );
%Docstring
Sets the default certificate trust policy preferred by user
%End

    QgsAuthCertUtils::CertTrustPolicy defaultCertTrustPolicy();
%Docstring
Gets the default certificate trust policy preferred by user
%End

    const QMap<QgsAuthCertUtils::CertTrustPolicy, QStringList > certTrustCache();
%Docstring
certTrustCache get cache of certificate sha1s, per trust policy

:return: trust-policy-mapped certificate sha1s

.. versionadded:: 3.0
%End

    bool rebuildCertTrustCache();
%Docstring
Rebuild certificate authority cache
%End

    const QList<QSslCertificate> trustedCaCerts( bool includeinvalid = false );
%Docstring
trustedCaCerts get list of all trusted CA certificates

:param includeinvalid: whether invalid certs needs to be returned

:return: list of certificates

.. versionadded:: 3.0
%End

    const QList<QSslCertificate> untrustedCaCerts( QList<QSslCertificate> trustedCAs = QList<QSslCertificate>() );
%Docstring
untrustedCaCerts get list of untrusted certificate authorities

:return: list of certificates

.. versionadded:: 3.0
%End

    bool rebuildTrustedCaCertsCache();
%Docstring
Rebuild trusted certificate authorities cache
%End

    const QList<QSslCertificate> trustedCaCertsCache();
%Docstring
trustedCaCertsCache cache of trusted certificate authorities, ready for network connections

:return: list of certificates

.. versionadded:: 3.0
%End

    const QByteArray trustedCaCertsPemText();
%Docstring
trustedCaCertsPemText get concatenated string of all trusted CA certificates

:return: bye array with all PEM encoded trusted CAs

.. versionadded:: 3.0
%End









    static const QString AUTH_PASSWORD_HELPER_DISPLAY_NAME;

    static const QString AUTH_MAN_TAG;

  signals:

    void passwordHelperFailure();
%Docstring
Signals emitted on password helper failure,
mainly used in the tests to exit main application loop
%End

    void passwordHelperSuccess();
%Docstring
Signals emitted on password helper success,
mainly used in the tests to exit main application loop
%End

    void messageOut( const QString &message, const QString &tag = QgsAuthManager::AUTH_MAN_TAG, QgsAuthManager::MessageLevel level = QgsAuthManager::INFO ) const;
%Docstring
Custom logging signal to relay to console output and :py:class:`QgsMessageLog`

:param message: Message to send
:param tag: Associated tag (title)
:param level: Message log level

.. seealso:: :py:class:`QgsMessageLog`
%End

    void passwordHelperMessageOut( const QString &message, const QString &tag = QgsAuthManager::AUTH_MAN_TAG, QgsAuthManager::MessageLevel level = QgsAuthManager::INFO );
%Docstring
Custom logging signal to inform the user about master password <-> password manager interactions

:param message: Message to send
:param tag: Associated tag (title)
:param level: Message log level

.. seealso:: :py:class:`QgsMessageLog`
%End


    void masterPasswordVerified( bool verified );
%Docstring
Emitted when a password has been verify (or not)

:param verified: The state of password's verification
%End

    void authDatabaseEraseRequested();
%Docstring
Emitted when a user has indicated they may want to erase the authentication db.
%End

    void authDatabaseChanged();
%Docstring
Emitted when the authentication db is significantly changed, e.g. large record removal, erased, etc.
%End

  public slots:
    void clearAllCachedConfigs();
%Docstring
Clear all authentication configs from authentication method caches
%End

    void clearCachedConfig( const QString &authcfg );
%Docstring
Clear an authentication config from its associated authentication method cache
%End

  protected:



};

/************************************************************************
 * This file has been generated automatically from                      *
 *                                                                      *
 * src/core/auth/qgsauthmanager.h                                       *
 *                                                                      *
 * Do not edit manually ! Edit header and run scripts/sipify.pl again   *
 ************************************************************************/