Class: QgsAuthManager

class qgis.core.QgsAuthManager

Bases: PyQt5.QtCore.QObject

Singleton offering an interface to manage the authentication configuration database and to utilize configurations through various authentication method plugins

QgsAuthManager should not usually be directly created, but rather accessed through QgsApplication.authManager()

Methods

authDatabaseConfigTable

Name of the authentication database table that stores configs

authDatabaseConnection

Sets up the application instance of the authentication database connection

authDatabaseServersTable

Name of the authentication database table that stores server exceptions/configs

authManTag

Simple text tag describing authentication system for message logs

authMethod

Gets authentication method from the config/provider cache via its key

authMethodEditWidget

Gets authentication method edit widget via its key

authMethodsKeys

Gets keys of supported authentication methods

authSetting

authSetting get an authentication setting (retrieved as string and returned as QVariant( QString ))

authenticationDatabasePath

The standard authentication database file in ~/.qgis3/ or defined location

availableAuthMethodConfigs

Gets mapping of authentication config ids and their base configs (not decrypted data)

backupAuthenticationDatabase

Close connection to current authentication database and back it up

certAuthority

certAuthority get a certificate authority by id (sha hash)

certIdentities

certIdentities get certificate identities

certIdentity

certIdentity get a certificate identity by id (sha hash)

certIdentityBundleToPem

certIdentityBundleToPem get a certificate identity bundle by id (sha hash) returned as PEM text

certIdentityIds

certIdentityIds get list of certificate identity ids from database

certTrustCache

certTrustCache get cache of certificate sha1s, per trust policy

certTrustPolicy

certTrustPolicy get whether certificate cert is trusted by user

certificateTrustPolicy

certificateTrustPolicy get trust policy for a particular certificate cert

childEvent

clearAllCachedConfigs

Clear all authentication configs from authentication method caches

clearCachedConfig

Clear an authentication config from its associated authentication method cache

clearMasterPassword

Clear supplied master password

configAuthMethod

Gets authentication method from the config/provider cache

configAuthMethodKey

Gets key of authentication method associated with config ID

configIdRegex

Returns the regular expression for authcfg=.{7} key/value token for authentication ids

configIdUnique

Verify if provided authentication id is unique

configIds

Gets list of authentication ids from database

connectNotify

customEvent

databaseCAs

databaseCAs get database-stored certificate authorities

defaultCertTrustPolicy

Gets the default certificate trust policy preferred by user

disabledMessage

Standard message for when QCA’s qca-ossl plugin is missing and system is disabled

disconnectNotify

dumpIgnoredSslErrorsCache_

Utility function to dump the cache for debug purposes

eraseAuthenticationDatabase

Erase all rows from all tables in authentication database

existsAuthSetting

Check if an authentication setting exists

existsCertAuthority

Check if a certificate authority exists

existsCertIdentity

Check if a certificate identity exists

existsSslCertCustomConfig

Check if SSL certificate custom config exists

extraFileCAs

extraFileCAs extra file-based certificate authorities

hasConfigId

Returns whether a string includes an authcfg ID token

init

init initialize QCA, prioritize qca-ossl plugin and optionally set up the authentication database

initSslCaches

Initialize various SSL authentication caches

isDisabled

Whether QCA has the qca-ossl plugin, which a base run-time requirement

isSignalConnected

loadAuthenticationConfig

Load an authentication config from the database into subclass

mappedDatabaseCAs

mappedDatabaseCAs get sha1-mapped database-stored certificate authorities

masterPasswordHashInDatabase

Verify a password hash existing in authentication database

masterPasswordIsSet

Whether master password has be input and verified, i.e.

masterPasswordSame

Check whether supplied password is the same as the one already set

passwordHelperEnabled

Password helper enabled getter

passwordHelperSync

Store the password manager into the wallet

rebuildCaCertsCache

Rebuild certificate authority cache

rebuildCertTrustCache

Rebuild certificate authority cache

rebuildIgnoredSslErrorCache

Rebuild ignoredSSL error cache

rebuildTrustedCaCertsCache

Rebuild trusted certificate authorities cache

receivers

registerCoreAuthMethods

Instantiate and register existing C++ core authentication methods from plugins

removeAllAuthenticationConfigs

Clear all authentication configs from table in database and from provider caches

removeAuthSetting

Remove an authentication setting

removeAuthenticationConfig

Remove an authentication config in the database

removeCertAuthority

Remove a certificate authority

removeCertIdentity

Remove a certificate identity

removeCertTrustPolicies

Remove a group certificate authorities

removeCertTrustPolicy

Remove a certificate authority

removeSslCertCustomConfig

Remove an SSL certificate custom config

resetMasterPassword

Reset the master password to a new one, then re-encrypt all previous configs in a new database file, optionally backup curren database

sender

senderSignalIndex

setDefaultCertTrustPolicy

Sets the default certificate trust policy preferred by user

setMasterPassword

Main call to initially set or continually check master password is set

setPasswordHelperEnabled

Password helper enabled setter

setScheduledAuthDatabaseEraseRequestEmitted

Re-emit a signal to schedule an optional erase of authentication database.

sslCertCustomConfig

sslCertCustomConfig get an SSL certificate custom config by id (sha hash) and hostport (host:port)

sslCertCustomConfigByHost

sslCertCustomConfigByHost get an SSL certificate custom config by hostport (host:port)

sslCertCustomConfigs

sslCertCustomConfigs get SSL certificate custom configs

storeAuthSetting

Store an authentication setting (stored as string via QVariant( value ).toString() )

storeAuthenticationConfig

Store an authentication config in the database

storeCertAuthorities

Store multiple certificate authorities

storeCertAuthority

Store a certificate authority

storeCertIdentity

Store a certificate identity

storeCertTrustPolicy

Store user trust value for a certificate

storeSslCertCustomConfig

Store an SSL certificate custom config

supportedAuthMethodExpansions

Gets supported authentication method expansion(s), e.g.

systemRootCAs

systemRootCAs get root system certificate authorities

timerEvent

trustedCaCerts

trustedCaCerts get list of all trusted CA certificates

trustedCaCertsCache

trustedCaCertsCache cache of trusted certificate authorities, ready for network connections

trustedCaCertsPemText

trustedCaCertsPemText get concatenated string of all trusted CA certificates

uniqueConfigId

Gets a unique generated 7-character string to assign to as config id

untrustedCaCerts

untrustedCaCerts get list of untrusted certificate authorities

updateAuthenticationConfig

Update an authentication config in the database

updateConfigAuthMethods

Sync the confg/authentication method cache with what is in database

updateDataSourceUriItems

Provider call to update a QgsDataSourceUri with an authentication config

updateIgnoredSslErrorsCache

Update ignored SSL error cache with possible ignored SSL errors, using sha:host:port key

updateIgnoredSslErrorsCacheFromConfig

Update ignored SSL error cache with possible ignored SSL errors, using server config

updateNetworkProxy

Provider call to update a QNetworkProxy with an authentication config

updateNetworkReply

Provider call to update a QNetworkReply with an authentication config (used to skip known SSL errors, etc.)

updateNetworkRequest

Provider call to update a QNetworkRequest with an authentication config

verifyMasterPassword

Verify the supplied master password against any existing hash in authentication database

Signals

authDatabaseChanged

Emitted when the authentication db is significantly changed, e.g.

authDatabaseEraseRequested

Emitted when a user has indicated they may want to erase the authentication db.

masterPasswordVerified

Emitted when a password has been verify (or not)

messageOut

Custom logging signal to relay to console output and QgsMessageLog

passwordHelperFailure

Signals emitted on password helper failure, mainly used in the tests to exit main application loop [signal]

passwordHelperMessageOut

Custom logging signal to inform the user about master password <-> password manager interactions

passwordHelperSuccess

Signals emitted on password helper success, mainly used in the tests to exit main application loop [signal]

Attributes

AUTH_MAN_TAG

AUTH_PASSWORD_HELPER_DISPLAY_NAME

CRITICAL

INFO

WARNING

AUTH_MAN_TAG = 'Authentication Manager'
AUTH_PASSWORD_HELPER_DISPLAY_NAME = 'Wallet/KeyRing'
CRITICAL = 2
INFO = 0
class MessageLevel

Bases: int

baseClass

alias of QgsAuthManager

WARNING = 1
authDatabaseChanged

Emitted when the authentication db is significantly changed, e.g. large record removal, erased, etc. [signal]

authDatabaseConfigTable(self) → str

Name of the authentication database table that stores configs

Return type

str

authDatabaseConnection(self) → QSqlDatabase

Sets up the application instance of the authentication database connection

Return type

QSqlDatabase

authDatabaseEraseRequested

Emitted when a user has indicated they may want to erase the authentication db. [signal]

authDatabaseServersTable(self) → str

Name of the authentication database table that stores server exceptions/configs

Return type

str

authManTag(self) → str

Simple text tag describing authentication system for message logs

Return type

str

authMethod(self, authMethodKey: str) → QgsAuthMethod

Gets authentication method from the config/provider cache via its key

Parameters

authMethodKey (str) – Authentication method key

Return type

QgsAuthMethod

authMethodEditWidget(self, authMethodKey: str, parent: QWidget) → QWidget

Gets authentication method edit widget via its key

Parameters
  • authMethodKey (str) – Authentication method key

  • parent (QWidget) – Parent widget

Return type

QWidget

authMethodsKeys(self, dataprovider: str = '') → List[str]

Gets keys of supported authentication methods

Parameters

dataprovider (str = '') –

Return type

List[str]

authSetting(self, key: str, defaultValue: Any = None, decrypt: bool = False) → Any

authSetting get an authentication setting (retrieved as string and returned as QVariant( QString ))

Parameters
  • key (str) – setting key

  • defaultValue (Any = None) –

  • decrypt (bool = False) – if the value needs decrypted

Return type

Any

Returns

QVariant( QString ) authentication setting

New in version 3.0.

authenticationDatabasePath(self) → str

The standard authentication database file in ~/.qgis3/ or defined location

Return type

str

availableAuthMethodConfigs(self, dataprovider: str = '') → Dict[str, QgsAuthMethodConfig]

Gets mapping of authentication config ids and their base configs (not decrypted data)

Parameters

dataprovider (str = '') –

Return type

Dict[str, QgsAuthMethodConfig]

backupAuthenticationDatabase(self, backuppath: str = '') → Tuple[bool, str]

Close connection to current authentication database and back it up

Return type

Tuple[bool, str]

Returns

Path to backup

Parameters

backuppath (str = '') –

certAuthority(self, id: str) → QSslCertificate

certAuthority get a certificate authority by id (sha hash)

Parameters

id (str) – sha hash

Return type

QSslCertificate

Returns

a certificate

New in version 3.0.

certIdentities(self) → List[QSslCertificate]

certIdentities get certificate identities

Return type

List[QSslCertificate]

Returns

list of certificates

New in version 3.0.

certIdentity(self, id: str) → QSslCertificate

certIdentity get a certificate identity by id (sha hash)

Parameters

id (str) – sha hash of the cert

Return type

QSslCertificate

Returns

the certificate

New in version 3.0.

certIdentityBundleToPem(self, id: str) → List[str]

certIdentityBundleToPem get a certificate identity bundle by id (sha hash) returned as PEM text

Parameters

id (str) – sha hash

Return type

List[str]

Returns

a list of strings

New in version 3.0.

certIdentityIds(self) → List[str]

certIdentityIds get list of certificate identity ids from database

Return type

List[str]

Returns

list of certificate ids

New in version 3.0.

certTrustCache(self) → Dict[QgsAuthCertUtils.CertTrustPolicy, List[str]]

certTrustCache get cache of certificate sha1s, per trust policy

Return type

Dict[QgsAuthCertUtils.CertTrustPolicy, List[str]]

Returns

trust-policy-mapped certificate sha1s

New in version 3.0.

certTrustPolicy(self, cert: QSslCertificate) → QgsAuthCertUtils.CertTrustPolicy

certTrustPolicy get whether certificate cert is trusted by user

Parameters

cert (QSslCertificate) –

Return type

QgsAuthCertUtils.CertTrustPolicy

Returns

DefaultTrust if certificate sha not in trust table, i.e. follows default trust policy

New in version 3.0.

certificateTrustPolicy(self, cert: QSslCertificate) → QgsAuthCertUtils.CertTrustPolicy

certificateTrustPolicy get trust policy for a particular certificate cert

Parameters

cert (QSslCertificate) –

Return type

QgsAuthCertUtils.CertTrustPolicy

Returns

DefaultTrust if certificate sha not in trust table, i.e. follows default trust policy

New in version 3.0.

childEvent()
clearAllCachedConfigs(self)

Clear all authentication configs from authentication method caches

clearCachedConfig(self, authcfg: str)

Clear an authentication config from its associated authentication method cache

Parameters

authcfg (str) –

clearMasterPassword(self)

Clear supplied master password

Note

This will not necessarily clear authenticated connections cached in network connection managers

configAuthMethod(self, authcfg: str) → QgsAuthMethod

Gets authentication method from the config/provider cache

Parameters

authcfg (str) – Authentication config id

Return type

QgsAuthMethod

configAuthMethodKey(self, authcfg: str) → str

Gets key of authentication method associated with config ID

Parameters

authcfg (str) –

Return type

str

configIdRegex(self) → str

Returns the regular expression for authcfg=.{7} key/value token for authentication ids

Return type

str

configIdUnique(self, id: str) → bool

Verify if provided authentication id is unique

Parameters

id (str) – Id to check

Return type

bool

configIds(self) → List[str]

Gets list of authentication ids from database

Return type

List[str]

connectNotify()
customEvent()
databaseCAs(self) → List[QSslCertificate]

databaseCAs get database-stored certificate authorities

Return type

List[QSslCertificate]

Returns

list of certificate authorities

New in version 3.0.

defaultCertTrustPolicy(self) → QgsAuthCertUtils.CertTrustPolicy

Gets the default certificate trust policy preferred by user

Return type

QgsAuthCertUtils.CertTrustPolicy

disabledMessage(self) → str

Standard message for when QCA’s qca-ossl plugin is missing and system is disabled

Return type

str

disconnectNotify()
dumpIgnoredSslErrorsCache_(self)

Utility function to dump the cache for debug purposes

eraseAuthenticationDatabase(self, backup: bool, backuppath: str = '') → Tuple[bool, str]

Erase all rows from all tables in authentication database

Parameters
  • backup (bool) – Whether to backup of current database

  • backuppath (str = '') – Where the backup is locate

Return type

Tuple[bool, str]

Returns

Whether operation succeeded

existsAuthSetting(self, key: str) → bool

Check if an authentication setting exists

Parameters

key (str) –

Return type

bool

existsCertAuthority(self, cert: QSslCertificate) → bool

Check if a certificate authority exists

Parameters

cert (QSslCertificate) –

Return type

bool

existsCertIdentity(self, id: str) → bool

Check if a certificate identity exists

Parameters

id (str) –

Return type

bool

existsSslCertCustomConfig(self, id: str, hostport: str) → bool

Check if SSL certificate custom config exists

Parameters
  • id (str) –

  • hostport (str) –

Return type

bool

extraFileCAs(self) → List[QSslCertificate]

extraFileCAs extra file-based certificate authorities

Return type

List[QSslCertificate]

Returns

list of certificate authorities

New in version 3.0.

hasConfigId(self, txt: str) → bool

Returns whether a string includes an authcfg ID token

Parameters

txt (str) – String to check

Return type

bool

init(self, pluginPath: str = '', authDatabasePath: str = '') → bool

init initialize QCA, prioritize qca-ossl plugin and optionally set up the authentication database

Parameters
  • pluginPath (str = '') – the plugin path

  • authDatabasePath (str = '') – the authentication DB path

Return type

bool

Returns

True on success

initSslCaches(self) → bool

Initialize various SSL authentication caches

Return type

bool

isDisabled(self) → bool

Whether QCA has the qca-ossl plugin, which a base run-time requirement

Return type

bool

isSignalConnected()
loadAuthenticationConfig(self, authcfg: str, mconfig: QgsAuthMethodConfig, full: bool = False) → Tuple[bool, QgsAuthMethodConfig]

Load an authentication config from the database into subclass

Parameters
  • authcfg (str) – Associated authentication config id

  • mconfig (QgsAuthMethodConfig) – Subclassed config to load into

  • full (bool = False) – Whether to decrypt and populate all sensitive data in subclass

Return type

Tuple[bool, QgsAuthMethodConfig]

Returns

Whether operation succeeded

mappedDatabaseCAs(self) → Dict[str, QSslCertificate]

mappedDatabaseCAs get sha1-mapped database-stored certificate authorities

Return type

Dict[str, QSslCertificate]

Returns

sha1-mapped certificate authorities

New in version 3.0.

masterPasswordHashInDatabase(self) → bool

Verify a password hash existing in authentication database

Return type

bool

masterPasswordIsSet(self) → bool

Whether master password has be input and verified, i.e. authentication database is accessible

Return type

bool

masterPasswordSame(self, pass_: str) → bool

Check whether supplied password is the same as the one already set

Parameters
  • pass (str) – Password to verify

  • pass

Return type

bool

masterPasswordVerified

Emitted when a password has been verify (or not)

Parameters

verified (bool) – The state of password’s verification [signal]

messageOut

Custom logging signal to relay to console output and QgsMessageLog

Parameters
  • message (str) – Message to send

  • tag (str = '') – Associated tag (title)

  • level (QgsAuthManager.MessageLevel = QgsAuthManager.INFO) – Message log level

See also

QgsMessageLog [signal]

passwordHelperEnabled(self) → bool

Password helper enabled getter

Note

Available in Python bindings since QGIS 3.8.0

Return type

bool

passwordHelperFailure

Signals emitted on password helper failure, mainly used in the tests to exit main application loop [signal]

passwordHelperMessageOut

Custom logging signal to inform the user about master password <-> password manager interactions

Parameters
  • message (str) – Message to send

  • tag (str = '') – Associated tag (title)

  • level (QgsAuthManager.MessageLevel = QgsAuthManager.INFO) – Message log level

See also

QgsMessageLog [signal]

passwordHelperSuccess

Signals emitted on password helper success, mainly used in the tests to exit main application loop [signal]

passwordHelperSync(self) → bool

Store the password manager into the wallet

Note

Available in Python bindings since QGIS 3.8.0

Return type

bool

rebuildCaCertsCache(self) → bool

Rebuild certificate authority cache

Return type

bool

rebuildCertTrustCache(self) → bool

Rebuild certificate authority cache

Return type

bool

rebuildIgnoredSslErrorCache(self) → bool

Rebuild ignoredSSL error cache

Return type

bool

rebuildTrustedCaCertsCache(self) → bool

Rebuild trusted certificate authorities cache

Return type

bool

receivers()
registerCoreAuthMethods(self) → bool

Instantiate and register existing C++ core authentication methods from plugins

Return type

bool

removeAllAuthenticationConfigs(self) → bool

Clear all authentication configs from table in database and from provider caches

Return type

bool

Returns

Whether operation succeeded

removeAuthSetting(self, key: str) → bool

Remove an authentication setting

Parameters

key (str) –

Return type

bool

removeAuthenticationConfig(self, authcfg: str) → bool

Remove an authentication config in the database

Parameters

authcfg (str) – Associated authentication config id

Return type

bool

Returns

Whether operation succeeded

removeCertAuthority(self, cert: QSslCertificate) → bool

Remove a certificate authority

Parameters

cert (QSslCertificate) –

Return type

bool

removeCertIdentity(self, id: str) → bool

Remove a certificate identity

Parameters

id (str) –

Return type

bool

removeCertTrustPolicies(self, certs: Iterable[QSslCertificate]) → bool

Remove a group certificate authorities

Parameters

certs (Iterable[QSslCertificate]) –

Return type

bool

removeCertTrustPolicy(self, cert: QSslCertificate) → bool

Remove a certificate authority

Parameters

cert (QSslCertificate) –

Return type

bool

removeSslCertCustomConfig(self, id: str, hostport: str) → bool

Remove an SSL certificate custom config

Parameters
  • id (str) –

  • hostport (str) –

Return type

bool

resetMasterPassword(self, newpass: str, oldpass: str, keepbackup: bool, backuppath: str = '') → Tuple[bool, str]

Reset the master password to a new one, then re-encrypt all previous configs in a new database file, optionally backup curren database

Parameters
  • newpass (str) – New master password to replace existing

  • oldpass (str) – Current master password to replace existing

  • keepbackup (bool) – Whether to keep the generated backup of current database

  • backuppath (str = '') – Where the backup is located, if kept

Return type

Tuple[bool, str]

sender()
senderSignalIndex()
setDefaultCertTrustPolicy(self, policy: QgsAuthCertUtils.CertTrustPolicy) → bool

Sets the default certificate trust policy preferred by user

Parameters

policy (QgsAuthCertUtils.CertTrustPolicy) –

Return type

bool

setMasterPassword(self, verify: bool = False) → bool

Main call to initially set or continually check master password is set

Note

If it is not set, the user is asked for its input

Parameters

verify (bool = False) – Whether password’s hash was saved in authentication database

setMasterPassword(self, pass_: str, verify: bool = False) -> bool Overloaded call to reset master password or set it initially without user interaction

Note

Only use this in trusted reset functions, unit tests or user/app setup scripts!

Parameters
  • pass – Password to use

  • verify – Whether password’s hash was saved in authentication database

Return type

bool

setPasswordHelperEnabled(self, enabled: bool)

Password helper enabled setter

Note

Available in Python bindings since QGIS 3.8.0

Parameters

enabled (bool) –

setScheduledAuthDatabaseEraseRequestEmitted(self, emitted: bool)

Re-emit a signal to schedule an optional erase of authentication database.

Note

This can be called from the slot connected to a previously emitted scheduling signal, so that the slot can ask for another emit later, if the slot noticies the current GUI processing state is not ready for interacting with the user, e.g. project is still loading

Parameters

emitted (bool) – Setting to False will cause signal to be emitted by the schedule timer. Setting to True will stop any emitting, but will not stop the schedule timer.

sslCertCustomConfig(self, id: str, hostport: str) → QgsAuthConfigSslServer

sslCertCustomConfig get an SSL certificate custom config by id (sha hash) and hostport (host:port)

Parameters
  • id (str) – sha hash

  • hostport (str) – string host:port

Return type

QgsAuthConfigSslServer

Returns

a SSL certificate custom config

New in version 3.0.

sslCertCustomConfigByHost(self, hostport: str) → QgsAuthConfigSslServer

sslCertCustomConfigByHost get an SSL certificate custom config by hostport (host:port)

Parameters

hostport (str) – host:port

Return type

QgsAuthConfigSslServer

Returns

a SSL certificate custom config

New in version 3.0.

sslCertCustomConfigs(self) → List[QgsAuthConfigSslServer]

sslCertCustomConfigs get SSL certificate custom configs

Return type

List[QgsAuthConfigSslServer]

Returns

list of SSL certificate custom config

New in version 3.0.

storeAuthSetting(self, key: str, value: Any, encrypt: bool = False) → bool

Store an authentication setting (stored as string via QVariant( value ).toString() )

Parameters
  • key (str) –

  • value (Any) –

  • encrypt (bool = False) –

Return type

bool

storeAuthenticationConfig(self, mconfig: QgsAuthMethodConfig) → Tuple[bool, QgsAuthMethodConfig]

Store an authentication config in the database

Parameters

mconfig (QgsAuthMethodConfig) – Associated authentication config id

Return type

Tuple[bool, QgsAuthMethodConfig]

Returns

Whether operation succeeded

storeCertAuthorities(self, certs: Iterable[QSslCertificate]) → bool

Store multiple certificate authorities

Parameters

certs (Iterable[QSslCertificate]) –

Return type

bool

storeCertAuthority(self, cert: QSslCertificate) → bool

Store a certificate authority

Parameters

cert (QSslCertificate) –

Return type

bool

storeCertIdentity(self, cert: QSslCertificate, key: QSslKey) → bool

Store a certificate identity

Parameters
  • cert (QSslCertificate) –

  • key (QSslKey) –

Return type

bool

storeCertTrustPolicy(self, cert: QSslCertificate, policy: QgsAuthCertUtils.CertTrustPolicy) → bool

Store user trust value for a certificate

Parameters
Return type

bool

storeSslCertCustomConfig(self, config: QgsAuthConfigSslServer) → bool

Store an SSL certificate custom config

Parameters

config (QgsAuthConfigSslServer) –

Return type

bool

supportedAuthMethodExpansions(self, authcfg: str) → QgsAuthMethod.Expansions

Gets supported authentication method expansion(s), e.g. NetworkRequest | DataSourceURI, as flags

Parameters

authcfg (str) –

Return type

QgsAuthMethod.Expansions

systemRootCAs(self) → List[QSslCertificate]

systemRootCAs get root system certificate authorities

Return type

List[QSslCertificate]

Returns

list of certificate authorities

New in version 3.0.

timerEvent()
trustedCaCerts(self, includeinvalid: bool = False) → List[QSslCertificate]

trustedCaCerts get list of all trusted CA certificates

Parameters

includeinvalid (bool = False) – whether invalid certs needs to be returned

Return type

List[QSslCertificate]

Returns

list of certificates

New in version 3.0.

trustedCaCertsCache(self) → List[QSslCertificate]

trustedCaCertsCache cache of trusted certificate authorities, ready for network connections

Return type

List[QSslCertificate]

Returns

list of certificates

New in version 3.0.

trustedCaCertsPemText(self) → QByteArray

trustedCaCertsPemText get concatenated string of all trusted CA certificates

Return type

QByteArray

Returns

bye array with all PEM encoded trusted CAs

New in version 3.0.

uniqueConfigId(self) → str

Gets a unique generated 7-character string to assign to as config id

Return type

str

untrustedCaCerts(self, trustedCAs: Iterable[QSslCertificate] = []) → List[QSslCertificate]

untrustedCaCerts get list of untrusted certificate authorities

Return type

List[QSslCertificate]

Returns

list of certificates

New in version 3.0.

Parameters

trustedCAs (Iterable[QSslCertificate] = []) –

updateAuthenticationConfig(self, config: QgsAuthMethodConfig) → bool

Update an authentication config in the database

Parameters

config (QgsAuthMethodConfig) – Associated authentication config id

Return type

bool

Returns

Whether operation succeeded

updateConfigAuthMethods(self)

Sync the confg/authentication method cache with what is in database

updateDataSourceUriItems(self, connectionItems: Iterable[str], authcfg: str, dataprovider: str = '') → Tuple[bool, List[str]]

Provider call to update a QgsDataSourceUri with an authentication config

Parameters
  • connectionItems (Iterable[str]) – The connection items, e.g. username=myname, of QgsDataSourceUri

  • authcfg (str) – Associated authentication config id

  • dataprovider (str = '') – Provider key filter, offering logic branching in authentication method

Return type

Tuple[bool, List[str]]

Returns

Whether operation succeeded

updateIgnoredSslErrorsCache(self, shahostport: str, errors: Iterable[QSslError]) → bool

Update ignored SSL error cache with possible ignored SSL errors, using sha:host:port key

Parameters
  • shahostport (str) –

  • errors (Iterable[QSslError]) –

Return type

bool

updateIgnoredSslErrorsCacheFromConfig(self, config: QgsAuthConfigSslServer) → bool

Update ignored SSL error cache with possible ignored SSL errors, using server config

Parameters

config (QgsAuthConfigSslServer) –

Return type

bool

updateNetworkProxy(self, proxy: QNetworkProxy, authcfg: str, dataprovider: str = '') → Tuple[bool, QNetworkProxy]

Provider call to update a QNetworkProxy with an authentication config

Parameters
  • proxy (QNetworkProxy) – the QNetworkProxy

  • authcfg (str) – Associated authentication config id

  • dataprovider (str = '') – Provider key filter, offering logic branching in authentication method

Return type

Tuple[bool, QNetworkProxy]

Returns

Whether operation succeeded

updateNetworkReply(self, reply: QNetworkReply, authcfg: str, dataprovider: str = '') → bool

Provider call to update a QNetworkReply with an authentication config (used to skip known SSL errors, etc.)

Parameters
  • reply (QNetworkReply) – The QNetworkReply

  • authcfg (str) – Associated authentication config id

  • dataprovider (str = '') – Provider key filter, offering logic branching in authentication method

Return type

bool

Returns

Whether operation succeeded

updateNetworkRequest(self, request: QNetworkRequest, authcfg: str, dataprovider: str = '') → Tuple[bool, QNetworkRequest]

Provider call to update a QNetworkRequest with an authentication config

Parameters
  • request (QNetworkRequest) – The QNetworkRequest

  • authcfg (str) – Associated authentication config id

  • dataprovider (str = '') – Provider key filter, offering logic branching in authentication method

Return type

Tuple[bool, QNetworkRequest]

Returns

Whether operation succeeded

verifyMasterPassword(self, compare: str = '') → bool

Verify the supplied master password against any existing hash in authentication database

Note

Do not emit verification signals when only comparing

Parameters

compare (str = '') – Password to compare against

Return type

bool