QGIS API Documentation  3.21.0-Master (56b4176581)
qgsauthconfig.h
Go to the documentation of this file.
1 /***************************************************************************
2  qgsauthconfig.h
3  ---------------------
4  begin : October 5, 2014
5  copyright : (C) 2014 by Boundless Spatial, Inc. USA
6  author : Larry Shaffer
7  email : lshaffer at boundlessgeo dot com
8  ***************************************************************************
9  * *
10  * This program is free software; you can redistribute it and/or modify *
11  * it under the terms of the GNU General Public License as published by *
12  * the Free Software Foundation; either version 2 of the License, or *
13  * (at your option) any later version. *
14  * *
15  ***************************************************************************/
16 
17 #ifndef QGSAUTHCONFIG_H
18 #define QGSAUTHCONFIG_H
19 
20 #include "qgis_core.h"
21 
22 #include <QHash>
23 #include <QString>
24 #include <QDomElement>
25 #include <QDomDocument>
26 
27 #ifndef QT_NO_SSL
28 #include <QSslCertificate>
29 #include <QSslKey>
30 #include <QSslError>
31 #include <QSslSocket>
32 #endif
33 
34 #include "qgis.h"
35 
36 
41 class CORE_EXPORT QgsAuthMethodConfig
42 {
43  public:
44 
50  QgsAuthMethodConfig( const QString &method = QString(), int version = 0 );
51 
52  // TODO c++20 - replace with = default
53 
55  bool operator==( const QgsAuthMethodConfig &other ) const;
56 
58  bool operator!=( const QgsAuthMethodConfig &other ) const;
59 
64  const QString id() const { return mId; }
66  void setId( const QString &id ) { mId = id; }
67 
69  const QString name() const { return mName; }
71  void setName( const QString &name ) { mName = name; }
72 
74  const QString uri() const { return mUri; }
75  void setUri( const QString &uri ) { mUri = uri; }
76 
78  QString method() const { return mMethod; }
79  void setMethod( const QString &method ) { mMethod = method; }
80 
82  int version() const { return mVersion; }
84  void setVersion( int version ) { mVersion = version; }
85 
90  bool isValid( bool validateid = false ) const;
91 
96  const QString configString() const;
97 
102  void loadConfigString( const QString &configstr );
103 
105  QgsStringMap configMap() const { return mConfigMap; }
106 
111  void setConfigMap( const QgsStringMap &map ) { mConfigMap = map; }
112 
119  void setConfig( const QString &key, const QString &value );
120 
127  void setConfigList( const QString &key, const QStringList &value );
128 
134  int removeConfig( const QString &key );
135 
141  QString config( const QString &key, const QString &defaultvalue = QString() ) const;
142 
147  QStringList configList( const QString &key ) const;
148 
153  bool hasConfig( const QString &key ) const;
154 
156  void clearConfigMap() { mConfigMap.clear(); }
157 
166  static bool uriToResource( const QString &accessurl, QString *resource, bool withpath = false );
167 
175  bool writeXml( QDomElement &parentElement, QDomDocument &document );
176 
182  bool readXml( const QDomElement &element );
183 
184  private:
185  QString mId;
186  QString mName;
187  QString mUri;
188  QString mMethod;
189  int mVersion;
190 
191  QgsStringMap mConfigMap;
192 
193  static const QString CONFIG_SEP;
194  static const QString CONFIG_KEY_SEP;
195  static const QString CONFIG_LIST_SEP;
196 
197  static const int CONFIG_VERSION;
198 };
199 
200 typedef QHash<QString, QgsAuthMethodConfig> QgsAuthMethodConfigsMap;
201 
202 
203 #ifndef QT_NO_SSL
204 
210 class CORE_EXPORT QgsPkiBundle
211 {
212  public:
213 
220  QgsPkiBundle( const QSslCertificate &clientCert = QSslCertificate(),
221  const QSslKey &clientKey = QSslKey(),
222  const QList<QSslCertificate> &caChain = QList<QSslCertificate>() );
223 
231  static const QgsPkiBundle fromPemPaths( const QString &certPath,
232  const QString &keyPath,
233  const QString &keyPass = QString(),
234  const QList<QSslCertificate> &caChain = QList<QSslCertificate>() );
235 
241  static const QgsPkiBundle fromPkcs12Paths( const QString &bundlepath,
242  const QString &bundlepass = QString() );
243 
245  bool isNull() const;
246 
248  bool isValid() const;
249 
251  const QString certId() const;
252 
254  const QSslCertificate clientCert() const { return mCert; }
256  void setClientCert( const QSslCertificate &cert );
257 
259  const QSslKey clientKey() const { return mCertKey; }
261  void setClientKey( const QSslKey &certkey );
262 
264  const QList<QSslCertificate> caChain() const { return mCaChain; }
266  void setCaChain( const QList<QSslCertificate> &cachain ) { mCaChain = cachain; }
267 
268  private:
269  QSslCertificate mCert;
270  QSslKey mCertKey;
271  QList<QSslCertificate> mCaChain;
272 };
273 
274 
279 class CORE_EXPORT QgsPkiConfigBundle
280 {
281  public:
282 
291  const QSslCertificate &cert,
292  const QSslKey &certkey,
293  const QList<QSslCertificate> &cachain = QList<QSslCertificate>( ) );
294 
296  bool isValid();
297 
299  const QgsAuthMethodConfig config() const { return mConfig; }
300 
302  void setConfig( const QgsAuthMethodConfig &config ) { mConfig = config; }
303 
305  const QSslCertificate clientCert() const { return mCert; }
306 
308  void setClientCert( const QSslCertificate &cert ) { mCert = cert; }
309 
311  const QSslKey clientCertKey() const { return mCertKey; }
312 
314  void setClientCertKey( const QSslKey &certkey ) { mCertKey = certkey; }
315 
320  QList<QSslCertificate> caChain() const { return mCaChain; }
321 
326  void setCaChain( const QList<QSslCertificate> &caChain ) { mCaChain = caChain; }
327 
328  private:
329  QgsAuthMethodConfig mConfig;
330  QSslCertificate mCert;
331  QSslKey mCertKey;
332  QList<QSslCertificate> mCaChain;
333 };
334 
335 
336 
337 #ifdef SIP_RUN
338 % MappedType QList<QSslError::SslError>
339 {
340  % TypeHeaderCode
341 #include <QList>
342  % End
343 
344  % ConvertFromTypeCode
345  // Create the list.
346  PyObject *l;
347 
348  if ( ( l = PyList_New( sipCpp->size() ) ) == NULL )
349  return NULL;
350 
351  // Set the list elements.
352  QList<QSslError::SslError>::iterator it = sipCpp->begin();
353  for ( int i = 0; it != sipCpp->end(); ++it, ++i )
354  {
355  PyObject *tobj;
356 
357  if ( ( tobj = sipConvertFromEnum( *it, sipType_QSslError_SslError ) ) == NULL )
358  {
359  Py_DECREF( l );
360  return NULL;
361  }
362  PyList_SET_ITEM( l, i, tobj );
363  }
364 
365  return l;
366  % End
367 
368  % ConvertToTypeCode
369  // Check the type if that is all that is required.
370  if ( sipIsErr == NULL )
371  return PyList_Check( sipPy );
372 
373  QList<QSslError::SslError> *qlist = new QList<QSslError::SslError>;
374 
375  for ( int i = 0; i < PyList_GET_SIZE( sipPy ); ++i )
376  {
377  *qlist << ( QSslError::SslError )SIPLong_AsLong( PyList_GET_ITEM( sipPy, i ) );
378  }
379 
380  *sipCppPtr = qlist;
381  return sipGetState( sipTransferObj );
382  % End
383 };
384 #endif
385 
386 
387 
392 class CORE_EXPORT QgsAuthConfigSslServer
393 {
394  public:
397 
399  const QSslCertificate sslCertificate() const { return mSslCert; }
401  void setSslCertificate( const QSslCertificate &cert ) { mSslCert = cert; }
402 
404  const QString sslHostPort() const { return mSslHostPort; }
406  void setSslHostPort( const QString &hostport ) { mSslHostPort = hostport; }
407 
409  QSsl::SslProtocol sslProtocol() const { return mSslProtocol; }
411  void setSslProtocol( QSsl::SslProtocol protocol ) { mSslProtocol = protocol; }
412 
414  const QList<QSslError> sslIgnoredErrors() const;
416  const QList<QSslError::SslError> sslIgnoredErrorEnums() const { return mSslIgnoredErrors; }
418  void setSslIgnoredErrorEnums( const QList<QSslError::SslError> &errors ) { mSslIgnoredErrors = errors; }
419 
421  QSslSocket::PeerVerifyMode sslPeerVerifyMode() const { return mSslPeerVerifyMode; }
423  void setSslPeerVerifyMode( QSslSocket::PeerVerifyMode mode ) { mSslPeerVerifyMode = mode; }
424 
429  int sslPeerVerifyDepth() const { return mSslPeerVerifyDepth; }
430 
435  void setSslPeerVerifyDepth( int depth ) { mSslPeerVerifyDepth = depth; }
436 
438  int version() const { return mVersion; }
440  void setVersion( int version ) { mVersion = version; }
441 
443  int qtVersion() const { return mQtVersion; }
445  void setQtVersion( int version ) { mQtVersion = version; }
446 
448  const QString configString() const;
450  void loadConfigString( const QString &config = QString() );
451 
453  bool isNull() const;
454 
455  private:
456 
457  QString mSslHostPort;
458  QSslCertificate mSslCert;
459 
460  QSsl::SslProtocol mSslProtocol;
461  int mQtVersion;
462  QList<QSslError::SslError> mSslIgnoredErrors;
463  QSslSocket::PeerVerifyMode mSslPeerVerifyMode = QSslSocket::VerifyPeer;
464  int mSslPeerVerifyDepth = 0;
465  int mVersion = 1;
466 
467  static const QString CONF_SEP;
468 };
469 #endif
470 
471 #endif // QGSAUTHCONFIG_H
Configuration container for SSL server connection exceptions or overrides.
void setSslProtocol(QSsl::SslProtocol protocol)
Sets SSL server protocol to use in connections.
void setSslCertificate(const QSslCertificate &cert)
Sets server certificate object.
void setSslHostPort(const QString &hostport)
Sets server host:port string.
int version() const
Version of the configuration (used for future upgrading)
QSsl::SslProtocol sslProtocol() const
SSL server protocol to use in connections.
void setSslPeerVerifyMode(QSslSocket::PeerVerifyMode mode)
Sets SSL client's peer verify mode to use in connections.
void setVersion(int version)
Sets version of the configuration (used for future upgrading)
void setSslPeerVerifyDepth(int depth)
Set number or SSL client's peer to verify in connections.
const QList< QSslError::SslError > sslIgnoredErrorEnums() const
SSL server errors (as enum list) to ignore in connections.
int sslPeerVerifyDepth() const
Number or SSL client's peer to verify in connections.
void setSslIgnoredErrorEnums(const QList< QSslError::SslError > &errors)
Sets SSL server errors (as enum list) to ignore in connections.
int qtVersion() const
Qt version when the configuration was made (SSL protocols may differ)
QSslSocket::PeerVerifyMode sslPeerVerifyMode() const
SSL client's peer verify mode to use in connections.
const QSslCertificate sslCertificate() const
Server certificate object.
const QString sslHostPort() const
Server host:port string.
void setQtVersion(int version)
Sets Qt version when the configuration was made (SSL protocols may differ)
Configuration storage class for authentication method configurations.
Definition: qgsauthconfig.h:42
QString method() const
Textual key of the associated authentication method.
Definition: qgsauthconfig.h:78
const QString uri() const
A URI to auto-select a config when connecting to a resource.
Definition: qgsauthconfig.h:74
void setName(const QString &name)
Sets name of configuration.
Definition: qgsauthconfig.h:71
void setConfigMap(const QgsStringMap &map)
Set extended configuration map.
void setVersion(int version)
Sets version of the configuration.
Definition: qgsauthconfig.h:84
const QString name() const
Gets name of configuration.
Definition: qgsauthconfig.h:69
const QString id() const
Gets 'authcfg' 7-character alphanumeric ID of the config.
Definition: qgsauthconfig.h:64
void clearConfigMap()
Clear all configs.
int version() const
Gets version of the configuration.
Definition: qgsauthconfig.h:82
QgsStringMap configMap() const
Gets extended configuration, mapped to key/value pairs of QStrings.
void setMethod(const QString &method)
Definition: qgsauthconfig.h:79
void setUri(const QString &uri)
Definition: qgsauthconfig.h:75
void setId(const QString &id)
Sets auth config ID.
Definition: qgsauthconfig.h:66
Storage set for PKI bundle: SSL certificate, key, optional CA cert chain.
const QSslKey clientKey() const
Private key object.
void setCaChain(const QList< QSslCertificate > &cachain)
Sets chain of Certificate Authorities for client certificate.
const QList< QSslCertificate > caChain() const
Chain of Certificate Authorities for client certificate.
const QSslCertificate clientCert() const
Client certificate object.
Storage set for constructed SSL certificate, key, associated with an authentication config.
void setClientCertKey(const QSslKey &certkey)
Sets private key object.
QList< QSslCertificate > caChain() const
caChain return the CA chain
const QSslCertificate clientCert() const
Client certificate object.
const QgsAuthMethodConfig config() const
Authentication method configuration.
void setConfig(const QgsAuthMethodConfig &config)
Sets authentication method configuration.
const QSslKey clientCertKey() const
Private key object.
void setClientCert(const QSslCertificate &cert)
Sets client certificate object.
void setCaChain(const QList< QSslCertificate > &caChain)
setCaChain set the CA chain
QMap< QString, QString > QgsStringMap
Definition: qgis.h:1590
QHash< QString, QgsAuthMethodConfig > QgsAuthMethodConfigsMap
bool operator==(const QgsFeatureIterator &fi1, const QgsFeatureIterator &fi2)
bool operator!=(const QgsFeatureIterator &fi1, const QgsFeatureIterator &fi2)