[gnome-online-accounts/gnome-3-6] kerberos: Discover and validate realm before use
- From: Debarshi Ray <debarshir src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-online-accounts/gnome-3-6] kerberos: Discover and validate realm before use
- Date: Mon, 29 Oct 2012 16:54:46 +0000 (UTC)
commit e7a045b441a9cb440ead886bb664cc1859fb781b
Author: Stef Walter <stefw gnome org>
Date: Sun Oct 21 23:40:07 2012 -0400
kerberos: Discover and validate realm before use
GoaKerberosProvider now talks directly with realmd
to get its list of available realms.
Since it talks to realmd directly it now has
an opportunity to validate what the user is typing,
and e.g. map domains the user types into realms.
This commit adds that additional discovery logic,
rather than passing what the user types blindly
to the identity service.
https://bugzilla.gnome.org/show_bug.cgi?id=686416
src/goabackend/goakerberosprovider.c | 138 ++++++++++++++++++++++++++++++++++
1 files changed, 138 insertions(+), 0 deletions(-)
---
diff --git a/src/goabackend/goakerberosprovider.c b/src/goabackend/goakerberosprovider.c
index e36f68a..221ea17 100644
--- a/src/goabackend/goakerberosprovider.c
+++ b/src/goabackend/goakerberosprovider.c
@@ -121,6 +121,67 @@ translate_error (GError **error)
g_dbus_error_strip_remote_error (*error);
}
+static gboolean
+query_tooltip (GtkWidget *widget,
+ gint x,
+ gint y,
+ gboolean keyboard_mode,
+ GtkTooltip *tooltip,
+ gpointer user_data)
+{
+ gchar *tip;
+
+ if (GTK_ENTRY_ICON_SECONDARY == gtk_entry_get_icon_at_pos (GTK_ENTRY (widget), x, y))
+ {
+ tip = gtk_entry_get_icon_tooltip_text (GTK_ENTRY (widget),
+ GTK_ENTRY_ICON_SECONDARY);
+ gtk_tooltip_set_text (tooltip, tip);
+ g_free (tip);
+ return TRUE;
+ }
+
+ return FALSE;
+}
+
+static void
+icon_released (GtkEntry *entry,
+ GtkEntryIconPosition pos,
+ GdkEvent *event,
+ gpointer user_data)
+{
+ GtkSettings *settings;
+ gint timeout;
+
+ settings = gtk_widget_get_settings (GTK_WIDGET (entry));
+
+ g_object_get (settings, "gtk-tooltip-timeout", &timeout, NULL);
+ g_object_set (settings, "gtk-tooltip-timeout", 1, NULL);
+ gtk_tooltip_trigger_tooltip_query (gtk_widget_get_display (GTK_WIDGET (entry)));
+ g_object_set (settings, "gtk-tooltip-timeout", timeout, NULL);
+}
+
+static void
+set_entry_validation_error (GtkEntry *entry,
+ GError *error)
+{
+ translate_error (&error);
+ gtk_entry_set_icon_from_icon_name (entry, GTK_ENTRY_ICON_SECONDARY,
+ "dialog-error-symbolic");
+ gtk_entry_set_icon_activatable (entry, GTK_ENTRY_ICON_SECONDARY, TRUE);
+ g_signal_connect (entry, "icon-release", G_CALLBACK (icon_released), FALSE);
+ g_signal_connect (entry, "query-tooltip", G_CALLBACK (query_tooltip), NULL);
+ g_object_set (entry, "has-tooltip", TRUE, NULL);
+ gtk_entry_set_icon_tooltip_text (entry, GTK_ENTRY_ICON_SECONDARY,
+ error->message);
+}
+
+static void
+clear_entry_validation_error (GtkEntry *entry)
+{
+ g_object_set (entry, "has-tooltip", FALSE, NULL);
+ gtk_entry_set_icon_from_pixbuf (entry, GTK_ENTRY_ICON_SECONDARY, NULL);
+}
+
static void
on_identity_signed_in (GoaIdentityServiceManager *manager,
GAsyncResult *result,
@@ -1050,6 +1111,7 @@ create_account_details_ui (GoaKerberosProvider *self,
request->realm_store,
&request->realm_combo_box,
&request->realm_entry);
+ g_signal_connect (request->realm_entry, "changed", G_CALLBACK (clear_entry_validation_error), NULL);
gtk_combo_box_set_entry_text_column (GTK_COMBO_BOX (request->realm_combo_box), 0);
add_entry (grid1, grid2, _("User_name"), &request->username);
@@ -1354,6 +1416,55 @@ release_realmd (GDBusProxy *proxy)
}
}
+static void
+on_discover_realm (GObject *source,
+ GAsyncResult *result,
+ gpointer user_data)
+{
+ SignInRequest *request = user_data;
+ GError *error = NULL;
+ gchar **realm_paths = NULL;
+ GDBusObject *object = NULL;
+ GoaRealmKerberos *kerberos = NULL;
+ gint unused;
+
+ goa_realm_provider_call_discover_finish (request->realm_provider, &unused,
+ &realm_paths, result, &error);
+
+ if (error == NULL && realm_paths)
+ {
+ if (realm_paths[0])
+ object = g_dbus_object_manager_get_object (request->realm_manager,
+ realm_paths[0]);
+ if (object)
+ {
+ kerberos = goa_realm_object_get_kerberos (GOA_REALM_OBJECT (object));
+ g_object_unref (object);
+ }
+ g_strfreev (realm_paths);
+ }
+
+ g_clear_error (&request->error);
+
+ if (kerberos)
+ {
+ gtk_entry_set_text (GTK_ENTRY (request->realm_entry),
+ goa_realm_kerberos_get_realm_name (kerberos));
+ g_object_unref (kerberos);
+ }
+ else if (error)
+ {
+ request->error = error;
+ }
+ else
+ {
+ g_set_error (&request->error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ _("The domain is not valid"));
+ }
+
+ g_main_loop_quit (request->loop);
+}
+
static GoaObject *
add_account (GoaProvider *provider,
GoaClient *client,
@@ -1373,6 +1484,7 @@ add_account (GoaProvider *provider,
gchar *principal;
gchar *principal_for_display;
gint response;
+ GVariant *options;
object = NULL;
principal = NULL;
@@ -1400,6 +1512,32 @@ start_over:
}
realm = get_realm (&request);
+
+ /* Would have been set by dialog above, otherwise no realmd */
+ if (request.realm_provider && request.realm_manager)
+ {
+ options = g_variant_new_array (G_VARIANT_TYPE ("{sv}"), NULL, 0);
+ goa_realm_provider_call_discover (request.realm_provider, realm, options,
+ request.cancellable, on_discover_realm,
+ &request);
+ g_free (realm);
+
+ goa_spinner_button_start (GOA_SPINNER_BUTTON (request.spinner_button));
+ g_main_loop_run (request.loop);
+ goa_spinner_button_stop (GOA_SPINNER_BUTTON (request.spinner_button));
+
+ if (request.error)
+ {
+ set_entry_validation_error (GTK_ENTRY (request.realm_entry), request.error);
+ g_clear_error (&request.error);
+ goto start_over;
+ }
+
+ /* The realm was updated by on_discover_realm */
+ clear_entry_validation_error (GTK_ENTRY (request.realm_entry));
+ realm = get_realm (&request);
+ }
+
username = gtk_entry_get_text (GTK_ENTRY (request.username));
g_free (principal);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
