13 #include <QAuthenticator>
14 #include <QCryptographicHash>
17 #include <QNetworkReply>
18 #if QT_VERSION >= QT_VERSION_CHECK(5, 10, 0)
19 #include <QRandomGenerator>
22 class KDSoapAuthentication::Private
36 d->usePasswordDigest =
true;
98 return d->usePasswordDigest;
103 return d->useWSUsernameToken;
108 return d->overrideWSUsernameCreatedTime;
113 return d->overrideWSUsernameNonce;
118 return !d->user.isEmpty() || !d->password.isEmpty();
121 void KDSoapAuthentication::handleAuthenticationRequired(QNetworkReply *reply, QAuthenticator *authenticator)
127 if (
hasAuth() && !reply->property(
"authAdded").toBool()) {
128 authenticator->setUser(d->user);
129 authenticator->setPassword(d->password);
130 reply->setProperty(
"authAdded",
true);
134 bool KDSoapAuthentication::hasWSUsernameTokenHeader()
const
136 return hasAuth() && d->useWSUsernameToken;
139 void KDSoapAuthentication::writeWSUsernameTokenHeader(QXmlStreamWriter &writer)
const
147 #if QT_VERSION >= QT_VERSION_CHECK(5, 10, 0)
148 static QRandomGenerator generator;
149 QByteArray nonce =
"kdsoap" + QByteArray::number(generator.generate64());
151 QByteArray nonce =
"kdsoap" + QByteArray::number(qrand());
153 if (!d->overrideWSUsernameNonce.isEmpty()) {
154 nonce = d->overrideWSUsernameNonce;
156 QDateTime time = QDateTime::currentDateTimeUtc();
157 if (d->overrideWSUsernameCreatedTime.isValid()) {
158 time = d->overrideWSUsernameCreatedTime;
160 QString timestamp = time.toString(QLatin1String(
"yyyy-MM-ddTHH:mm:ssZ"));
162 writer.writeStartElement(securityExtentionNS, QLatin1String(
"Security"));
163 writer.writeStartElement(securityExtentionNS, QLatin1String(
"UsernameToken"));
165 writer.writeStartElement(securityExtentionNS, QLatin1String(
"Nonce"));
166 writer.writeCharacters(QString::fromLatin1(nonce.toBase64().constData()));
167 writer.writeEndElement();
169 writer.writeStartElement(securityUtilityNS, QLatin1String(
"Created"));
170 writer.writeCharacters(timestamp);
171 writer.writeEndElement();
173 writer.writeStartElement(securityExtentionNS, QLatin1String(
"Password"));
174 if (d->usePasswordDigest) {
175 writer.writeAttribute(QLatin1String(
"Type"),
176 QLatin1String(
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"));
177 QByteArray passwordConcat = nonce + timestamp.toUtf8() + d->password.toUtf8();
178 QByteArray passwordHash = QCryptographicHash::hash(passwordConcat, QCryptographicHash::Sha1);
179 writer.writeCharacters(QString::fromLatin1(passwordHash.toBase64().constData()));
181 writer.writeAttribute(QLatin1String(
"Type"),
182 QLatin1String(
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"));
183 writer.writeCharacters(d->password);
185 writer.writeEndElement();
187 writer.writeStartElement(securityExtentionNS, QLatin1String(
"Username"));
188 writer.writeCharacters(d->user);
189 writer.writeEndElement();
191 writer.writeEndElement();
192 writer.writeEndElement();
bool useWSUsernameToken() const
void setPassword(const QString &password)
void setUseWSUsernameToken(bool useWSUsernameToken)
void setUsePasswordDigest(const bool usePasswordDigest)
void setOverrideWSUsernameCreatedTime(QDateTime overrideWSUsernameCreatedTime)
void setOverrideWSUsernameNonce(QByteArray overrideWSUsernameNonce)
QDateTime overrideWSUsernameCreatedTime() const
KDSoapAuthentication & operator=(const KDSoapAuthentication &other)
bool usePasswordDigest() const
QByteArray overrideWSUsernameNonce() const
void setUser(const QString &user)
static QString soapSecurityUtility()
static QString soapSecurityExtention()