[gnome-software] Allow plugins to choose what is saved inside GsAuth
- From: Richard Hughes <rhughes src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-software] Allow plugins to choose what is saved inside GsAuth
- Date: Tue, 5 Jul 2016 08:03:59 +0000 (UTC)
commit 0c19a5c8d420654737d0750e2d8d753ab4a352d1
Author: Richard Hughes <richard hughsie com>
Date: Tue Jul 5 08:59:55 2016 +0100
Allow plugins to choose what is saved inside GsAuth
We don't want to save the password when we use an OAuth token - the password
should only be used to get the token.
src/gs-auth.c | 90 ++++++++++++++++++++-----------------
src/gs-auth.h | 24 +++++++++-
src/gs-self-test.c | 12 ++++-
src/plugins/gs-plugin-snap.c | 10 +++-
src/plugins/gs-plugin-ubuntuone.c | 10 +++-
5 files changed, 97 insertions(+), 49 deletions(-)
---
diff --git a/src/gs-auth.c b/src/gs-auth.c
index 3a13f4b..87c4944 100644
--- a/src/gs-auth.c
+++ b/src/gs-auth.c
@@ -395,8 +395,9 @@ _g_error_is_set (GError **error)
}
/**
- * gs_auth_load:
+ * gs_auth_store_load:
* @auth: a #GsAuth
+ * @flags: some #GsAuthStoreFlags, e.g. %GS_AUTH_STORE_FLAG_USERNAME
* @cancellable: a #GCancellable or %NULL
* @error: a #GError or %NULL
*
@@ -413,10 +414,9 @@ _g_error_is_set (GError **error)
* Returns: %TRUE if the tokens were loaded correctly.
*/
gboolean
-gs_auth_load (GsAuth *auth, GCancellable *cancellable, GError **error)
+gs_auth_store_load (GsAuth *auth, GsAuthStoreFlags flags,
+ GCancellable *cancellable, GError **error)
{
- GList *l;
- g_autoptr(GList) keys = NULL;
SecretSchema schema = {
auth->provider_schema,
SECRET_SCHEMA_NONE,
@@ -434,7 +434,7 @@ gs_auth_load (GsAuth *auth, GCancellable *cancellable, GError **error)
}
/* username */
- if (auth->username == NULL) {
+ if ((flags & GS_AUTH_STORE_FLAG_USERNAME) > 0 && auth->username == NULL) {
auth->username = secret_password_lookup_sync (&schema,
cancellable,
error,
@@ -445,7 +445,7 @@ gs_auth_load (GsAuth *auth, GCancellable *cancellable, GError **error)
}
/* password */
- if (auth->password == NULL) {
+ if ((flags & GS_AUTH_STORE_FLAG_PASSWORD) > 0 && auth->password == NULL) {
auth->password = secret_password_lookup_sync (&schema,
cancellable,
error,
@@ -456,22 +456,26 @@ gs_auth_load (GsAuth *auth, GCancellable *cancellable, GError **error)
}
/* metadata */
- keys = g_hash_table_get_keys (auth->metadata);
- for (l = keys; l != NULL; l = l->next) {
- g_autofree gchar *tmp = NULL;
- const gchar *key = l->data;
- const gchar *value = g_hash_table_lookup (auth->metadata, key);
- if (value != NULL)
- continue;
- tmp = secret_password_lookup_sync (&schema,
- cancellable,
- error,
- "key", key,
- NULL);
- if (_g_error_is_set (error))
- return FALSE;
- if (tmp != NULL)
- gs_auth_add_metadata (auth, key, tmp);
+ if (flags & GS_AUTH_STORE_FLAG_METADATA) {
+ GList *l;
+ g_autoptr(GList) keys = NULL;
+ keys = g_hash_table_get_keys (auth->metadata);
+ for (l = keys; l != NULL; l = l->next) {
+ g_autofree gchar *tmp = NULL;
+ const gchar *key = l->data;
+ const gchar *value = g_hash_table_lookup (auth->metadata, key);
+ if (value != NULL)
+ continue;
+ tmp = secret_password_lookup_sync (&schema,
+ cancellable,
+ error,
+ "key", key,
+ NULL);
+ if (_g_error_is_set (error))
+ return FALSE;
+ if (tmp != NULL)
+ gs_auth_add_metadata (auth, key, tmp);
+ }
}
/* success */
@@ -479,8 +483,9 @@ gs_auth_load (GsAuth *auth, GCancellable *cancellable, GError **error)
}
/**
- * gs_auth_save:
+ * gs_auth_store_save:
* @auth: a #GsAuth
+ * @flags: some #GsAuthStoreFlags, e.g. %GS_AUTH_STORE_FLAG_USERNAME
* @cancellable: a #GCancellable or %NULL
* @error: a #GError or %NULL
*
@@ -491,10 +496,9 @@ gs_auth_load (GsAuth *auth, GCancellable *cancellable, GError **error)
* Returns: %TRUE if the tokens were all saved correctly.
*/
gboolean
-gs_auth_save (GsAuth *auth, GCancellable *cancellable, GError **error)
+gs_auth_store_save (GsAuth *auth, GsAuthStoreFlags flags,
+ GCancellable *cancellable, GError **error)
{
- GList *l;
- g_autoptr(GList) keys = NULL;
SecretSchema schema = {
auth->provider_schema,
SECRET_SCHEMA_NONE,
@@ -512,7 +516,7 @@ gs_auth_save (GsAuth *auth, GCancellable *cancellable, GError **error)
}
/* username */
- if (auth->username != NULL) {
+ if ((flags & GS_AUTH_STORE_FLAG_USERNAME) > 0 && auth->username != NULL) {
if (!secret_password_store_sync (&schema,
NULL, /* collection */
auth->provider_schema,
@@ -523,7 +527,7 @@ gs_auth_save (GsAuth *auth, GCancellable *cancellable, GError **error)
}
/* password */
- if (auth->password != NULL) {
+ if ((flags & GS_AUTH_STORE_FLAG_PASSWORD) > 0 && auth->password != NULL) {
if (!secret_password_store_sync (&schema,
NULL, /* collection */
auth->provider_schema,
@@ -534,19 +538,23 @@ gs_auth_save (GsAuth *auth, GCancellable *cancellable, GError **error)
}
/* metadata */
- keys = g_hash_table_get_keys (auth->metadata);
- for (l = keys; l != NULL; l = l->next) {
- const gchar *key = l->data;
- const gchar *value = g_hash_table_lookup (auth->metadata, key);
- if (value == NULL)
- continue;
- if (!secret_password_store_sync (&schema,
- NULL, /* collection */
- auth->provider_schema,
- value,
- cancellable, error,
- "key", key, NULL))
- return FALSE;
+ if (flags & GS_AUTH_STORE_FLAG_METADATA) {
+ GList *l;
+ g_autoptr(GList) keys = NULL;
+ keys = g_hash_table_get_keys (auth->metadata);
+ for (l = keys; l != NULL; l = l->next) {
+ const gchar *key = l->data;
+ const gchar *value = g_hash_table_lookup (auth->metadata, key);
+ if (value == NULL)
+ continue;
+ if (!secret_password_store_sync (&schema,
+ NULL, /* collection */
+ auth->provider_schema,
+ value,
+ cancellable, error,
+ "key", key, NULL))
+ return FALSE;
+ }
}
/* success */
diff --git a/src/gs-auth.h b/src/gs-auth.h
index 25a1ba0..9f34e92 100644
--- a/src/gs-auth.h
+++ b/src/gs-auth.h
@@ -65,6 +65,24 @@ typedef enum {
GS_AUTH_ACTION_LAST
} GsAuthAction;
+/**
+ * GsAuthStoreFlags:
+ * @GS_AUTH_STORE_FLAG_NONE: No special flags set
+ * @GS_AUTH_STORE_FLAG_USERNAME: Load or save the username
+ * @GS_AUTH_STORE_FLAG_PASSWORD: Load or save the password
+ * @GS_AUTH_STORE_FLAG_METADATA: Load or save any metadata
+ *
+ * The flags used when loading or saving the authentication to disk.
+ **/
+typedef enum {
+ GS_AUTH_STORE_FLAG_NONE = 0,
+ GS_AUTH_STORE_FLAG_USERNAME = 1 << 0,
+ GS_AUTH_STORE_FLAG_PASSWORD = 1 << 1,
+ GS_AUTH_STORE_FLAG_METADATA = 1 << 2,
+ /*< private >*/
+ GS_AUTH_STORE_FLAG_LAST
+} GsAuthStoreFlags;
+
GsAuth *gs_auth_new (const gchar *provider_id);
const gchar *gs_auth_get_provider_id (GsAuth *auth);
const gchar *gs_auth_get_provider_name (GsAuth *auth);
@@ -100,10 +118,12 @@ const gchar *gs_auth_get_metadata_item (GsAuth *auth,
void gs_auth_add_metadata (GsAuth *auth,
const gchar *key,
const gchar *value);
-gboolean gs_auth_load (GsAuth *auth,
+gboolean gs_auth_store_load (GsAuth *auth,
+ GsAuthStoreFlags flags,
GCancellable *cancellable,
GError **error);
-gboolean gs_auth_save (GsAuth *auth,
+gboolean gs_auth_store_save (GsAuth *auth,
+ GsAuthStoreFlags flags,
GCancellable *cancellable,
GError **error);
diff --git a/src/gs-self-test.c b/src/gs-self-test.c
index 97d0fd5..52084af 100644
--- a/src/gs-self-test.c
+++ b/src/gs-self-test.c
@@ -910,7 +910,11 @@ gs_auth_secret_func (void)
gs_auth_set_username (auth1, "hughsie");
gs_auth_set_password (auth1, "foobarbaz");
gs_auth_add_metadata (auth1, "day", "monday");
- ret = gs_auth_save (auth1, NULL, &error);
+ ret = gs_auth_store_save (auth1,
+ GS_AUTH_STORE_FLAG_USERNAME |
+ GS_AUTH_STORE_FLAG_PASSWORD |
+ GS_AUTH_STORE_FLAG_METADATA,
+ NULL, &error);
g_assert_no_error (error);
g_assert (ret);
@@ -919,7 +923,11 @@ gs_auth_secret_func (void)
gs_auth_add_metadata (auth2, "day", NULL);
gs_auth_add_metadata (auth2, "notgoingtoexist", NULL);
gs_auth_set_provider_schema (auth2, "org.gnome.Software.Dummy");
- ret = gs_auth_load (auth2, NULL, &error);
+ ret = gs_auth_store_load (auth2,
+ GS_AUTH_STORE_FLAG_USERNAME |
+ GS_AUTH_STORE_FLAG_PASSWORD |
+ GS_AUTH_STORE_FLAG_METADATA,
+ NULL, &error);
g_assert_no_error (error);
g_assert (ret);
g_assert_cmpstr (gs_auth_get_username (auth2), ==, "hughsie");
diff --git a/src/plugins/gs-plugin-snap.c b/src/plugins/gs-plugin-snap.c
index 0390b05..766a602 100644
--- a/src/plugins/gs-plugin-snap.c
+++ b/src/plugins/gs-plugin-snap.c
@@ -60,7 +60,10 @@ gs_plugin_setup (GsPlugin *plugin, GCancellable *cancellable, GError **error)
/* load from disk */
gs_auth_add_metadata (priv->auth, "macaroon", NULL);
- if (!gs_auth_load (priv->auth, cancellable, error))
+ if (!gs_auth_store_load (priv->auth,
+ GS_AUTH_STORE_FLAG_USERNAME |
+ GS_AUTH_STORE_FLAG_METADATA,
+ cancellable, error))
return FALSE;
/* success */
@@ -766,7 +769,10 @@ gs_plugin_auth_login (GsPlugin *plugin, GsAuth *auth,
gs_auth_add_metadata (auth, "macaroon", serialized_macaroon);
/* store */
- if (!gs_auth_save (auth, cancellable, error))
+ if (!gs_auth_store_save (auth,
+ GS_AUTH_STORE_FLAG_USERNAME |
+ GS_AUTH_STORE_FLAG_METADATA,
+ cancellable, error))
return FALSE;
gs_auth_add_flags (priv->auth, GS_AUTH_FLAG_VALID);
diff --git a/src/plugins/gs-plugin-ubuntuone.c b/src/plugins/gs-plugin-ubuntuone.c
index ecb31d2..7db06f7 100644
--- a/src/plugins/gs-plugin-ubuntuone.c
+++ b/src/plugins/gs-plugin-ubuntuone.c
@@ -61,7 +61,10 @@ gs_plugin_setup (GsPlugin *plugin, GCancellable *cancellable, GError **error)
gs_auth_add_metadata (priv->auth, "consumer-secret", NULL);
gs_auth_add_metadata (priv->auth, "token-key", NULL);
gs_auth_add_metadata (priv->auth, "token-secret", NULL);
- if (!gs_auth_load (priv->auth, cancellable, error))
+ if (!gs_auth_store_load (priv->auth,
+ GS_AUTH_STORE_FLAG_USERNAME |
+ GS_AUTH_STORE_FLAG_METADATA,
+ cancellable, error))
return FALSE;
/* success */
@@ -217,7 +220,10 @@ gs_plugin_auth_login (GsPlugin *plugin, GsAuth *auth,
gs_auth_add_metadata (auth, "token-secret", tmp);
/* store */
- if (!gs_auth_save (auth, cancellable, error))
+ if (!gs_auth_store_save (auth,
+ GS_AUTH_STORE_FLAG_USERNAME |
+ GS_AUTH_STORE_FLAG_METADATA,
+ cancellable, error))
return FALSE;
gs_auth_add_flags (priv->auth, GS_AUTH_FLAG_VALID);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
