diff options
author | Markus Goetz <Markus.Goetz@nokia.com> | 2011-01-27 13:02:44 (GMT) |
---|---|---|
committer | Markus Goetz <Markus.Goetz@nokia.com> | 2011-02-04 13:18:54 (GMT) |
commit | 7ce32e349da4d9b17495aaf966c59a4233cd6f26 (patch) | |
tree | 6e5a6f81e60efd6b309beb74316a268422e05ce7 | |
parent | 6c39dd04b1fea88e0688ef847e185ebb1013471a (diff) | |
download | Qt-7ce32e349da4d9b17495aaf966c59a4233cd6f26.zip Qt-7ce32e349da4d9b17495aaf966c59a4233cd6f26.tar.gz Qt-7ce32e349da4d9b17495aaf966c59a4233cd6f26.tar.bz2 |
QNAM: Move authentication cache to separate class
Also make the authentication cache thread-safe by using
a mutex and making QNetworkAuthenticationCredential
a value-class.
Reviewed-by: thiago
-rw-r--r-- | src/network/access/access.pri | 2 | ||||
-rw-r--r-- | src/network/access/qnetworkaccessauthenticationmanager.cpp | 297 | ||||
-rw-r--r-- | src/network/access/qnetworkaccessauthenticationmanager_p.h | 107 | ||||
-rw-r--r-- | src/network/access/qnetworkaccessbackend.cpp | 2 | ||||
-rw-r--r-- | src/network/access/qnetworkaccessmanager.cpp | 254 | ||||
-rw-r--r-- | src/network/access/qnetworkaccessmanager_p.h | 7 |
6 files changed, 424 insertions, 245 deletions
diff --git a/src/network/access/access.pri b/src/network/access/access.pri index f8dfda6..7497c1a 100644 --- a/src/network/access/access.pri +++ b/src/network/access/access.pri @@ -8,6 +8,7 @@ HEADERS += \ access/qhttpnetworkreply_p.h \ access/qhttpnetworkconnection_p.h \ access/qhttpnetworkconnectionchannel_p.h \ + access/qnetworkaccessauthenticationmanager_p.h \ access/qnetworkaccessmanager.h \ access/qnetworkaccessmanager_p.h \ access/qnetworkaccesscache_p.h \ @@ -42,6 +43,7 @@ SOURCES += \ access/qhttpnetworkreply.cpp \ access/qhttpnetworkconnection.cpp \ access/qhttpnetworkconnectionchannel.cpp \ + access/qnetworkaccessauthenticationmanager.cpp \ access/qnetworkaccessmanager.cpp \ access/qnetworkaccesscache.cpp \ access/qnetworkaccessbackend.cpp \ diff --git a/src/network/access/qnetworkaccessauthenticationmanager.cpp b/src/network/access/qnetworkaccessauthenticationmanager.cpp new file mode 100644 index 0000000..d2bf00a --- /dev/null +++ b/src/network/access/qnetworkaccessauthenticationmanager.cpp @@ -0,0 +1,297 @@ +/**************************************************************************** +** +** Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies). +** All rights reserved. +** Contact: Nokia Corporation (qt-info@nokia.com) +** +** This file is part of the QtNetwork module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** No Commercial Usage +** This file contains pre-release code and may not be distributed. +** You may use this file in accordance with the terms and conditions +** contained in the Technology Preview License Agreement accompanying +** this package. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 2.1 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 2.1 requirements +** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. +** +** In addition, as a special exception, Nokia gives you certain additional +** rights. These rights are described in the Nokia Qt LGPL Exception +** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. +** +** If you have questions regarding the use of this file, please contact +** Nokia at qt-info@nokia.com. +** +** +** +** +** +** +** +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#include "qnetworkaccessmanager.h" +#include "qnetworkaccessmanager_p.h" +#include "qnetworkaccessauthenticationmanager_p.h" + +#include "QtCore/qbuffer.h" +#include "QtCore/qurl.h" +#include "QtCore/qvector.h" +#include "QtCore/QMutexLocker" +#include "QtNetwork/qauthenticator.h" + +QT_BEGIN_NAMESPACE + + + + +class QNetworkAuthenticationCache: private QVector<QNetworkAuthenticationCredential>, + public QNetworkAccessCache::CacheableObject +{ +public: + QNetworkAuthenticationCache() + { + setExpires(false); + setShareable(true); + reserve(1); + } + + QNetworkAuthenticationCredential *findClosestMatch(const QString &domain) + { + iterator it = qLowerBound(begin(), end(), domain); + if (it == end() && !isEmpty()) + --it; + if (it == end() || !domain.startsWith(it->domain)) + return 0; + return &*it; + } + + void insert(const QString &domain, const QString &user, const QString &password) + { + QNetworkAuthenticationCredential *closestMatch = findClosestMatch(domain); + if (closestMatch && closestMatch->domain == domain) { + // we're overriding the current credentials + closestMatch->user = user; + closestMatch->password = password; + } else { + QNetworkAuthenticationCredential newCredential; + newCredential.domain = domain; + newCredential.user = user; + newCredential.password = password; + + if (closestMatch) + QVector<QNetworkAuthenticationCredential>::insert(++closestMatch, newCredential); + else + QVector<QNetworkAuthenticationCredential>::insert(end(), newCredential); + } + } + + virtual void dispose() { delete this; } +}; + +#ifndef QT_NO_NETWORKPROXY +static QByteArray proxyAuthenticationKey(const QNetworkProxy &proxy, const QString &realm) +{ + QUrl key; + + switch (proxy.type()) { + case QNetworkProxy::Socks5Proxy: + key.setScheme(QLatin1String("proxy-socks5")); + break; + + case QNetworkProxy::HttpProxy: + case QNetworkProxy::HttpCachingProxy: + key.setScheme(QLatin1String("proxy-http")); + break; + + case QNetworkProxy::FtpCachingProxy: + key.setScheme(QLatin1String("proxy-ftp")); + break; + + case QNetworkProxy::DefaultProxy: + case QNetworkProxy::NoProxy: + // shouldn't happen + return QByteArray(); + + // no default: + // let there be errors if a new proxy type is added in the future + } + + if (key.scheme().isEmpty()) + // proxy type not handled + return QByteArray(); + + key.setUserName(proxy.user()); + key.setHost(proxy.hostName()); + key.setPort(proxy.port()); + key.setFragment(realm); + return "auth:" + key.toEncoded(); +} +#endif + +static inline QByteArray authenticationKey(const QUrl &url, const QString &realm) +{ + QUrl copy = url; + copy.setFragment(realm); + return "auth:" + copy.toEncoded(QUrl::RemovePassword | QUrl::RemovePath | QUrl::RemoveQuery); +} + + +#ifndef QT_NO_NETWORKPROXY +void QNetworkAccessAuthenticationManager::cacheProxyCredentials(const QNetworkProxy &p, + const QAuthenticator *authenticator) +{ + Q_ASSERT(authenticator); + Q_ASSERT(p.type() != QNetworkProxy::DefaultProxy); + Q_ASSERT(p.type() != QNetworkProxy::NoProxy); + + QMutexLocker mutexLocker(&mutex); + + QString realm = authenticator->realm(); + QNetworkProxy proxy = p; + proxy.setUser(authenticator->user()); + // Set two credentials: one with the username and one without + do { + // Set two credentials actually: one with and one without the realm + do { + QByteArray cacheKey = proxyAuthenticationKey(proxy, realm); + if (cacheKey.isEmpty()) + return; // should not happen + + QNetworkAuthenticationCache *auth = new QNetworkAuthenticationCache; + auth->insert(QString(), authenticator->user(), authenticator->password()); + authenticationCache.addEntry(cacheKey, auth); // replace the existing one, if there's any + + if (realm.isEmpty()) { + break; + } else { + realm.clear(); + } + } while (true); + + if (proxy.user().isEmpty()) + break; + else + proxy.setUser(QString()); + } while (true); +} + +QNetworkAuthenticationCredential +QNetworkAccessAuthenticationManager::fetchCachedProxyCredentials(const QNetworkProxy &p, + const QAuthenticator *authenticator) +{ + QNetworkProxy proxy = p; + if (proxy.type() == QNetworkProxy::DefaultProxy) { + proxy = QNetworkProxy::applicationProxy(); + } + if (!proxy.password().isEmpty()) + return QNetworkAuthenticationCredential(); // no need to set credentials if it already has them + + QString realm; + if (authenticator) + realm = authenticator->realm(); + + QMutexLocker mutexLocker(&mutex); + QByteArray cacheKey = proxyAuthenticationKey(proxy, realm); + if (cacheKey.isEmpty()) + return QNetworkAuthenticationCredential(); + if (!authenticationCache.hasEntry(cacheKey)) + return QNetworkAuthenticationCredential(); + + QNetworkAuthenticationCache *auth = + static_cast<QNetworkAuthenticationCache *>(authenticationCache.requestEntryNow(cacheKey)); + QNetworkAuthenticationCredential cred = *auth->findClosestMatch(QString()); + authenticationCache.releaseEntry(cacheKey); + + // proxy cache credentials always have exactly one item + Q_ASSERT_X(!cred.isNull(), "QNetworkAccessManager", + "Internal inconsistency: found a cache key for a proxy, but it's empty"); + return cred; +} + +#endif + +void QNetworkAccessAuthenticationManager::cacheCredentials(const QUrl &url, + const QAuthenticator *authenticator) +{ + Q_ASSERT(authenticator); + QString domain = QString::fromLatin1("/"); // FIXME: make QAuthenticator return the domain + QString realm = authenticator->realm(); + + QMutexLocker mutexLocker(&mutex); + + // Set two credentials actually: one with and one without the username in the URL + QUrl copy = url; + copy.setUserName(authenticator->user()); + do { + QByteArray cacheKey = authenticationKey(copy, realm); + if (authenticationCache.hasEntry(cacheKey)) { + QNetworkAuthenticationCache *auth = + static_cast<QNetworkAuthenticationCache *>(authenticationCache.requestEntryNow(cacheKey)); + auth->insert(domain, authenticator->user(), authenticator->password()); + authenticationCache.releaseEntry(cacheKey); + } else { + QNetworkAuthenticationCache *auth = new QNetworkAuthenticationCache; + auth->insert(domain, authenticator->user(), authenticator->password()); + authenticationCache.addEntry(cacheKey, auth); + } + + if (copy.userName().isEmpty()) { + break; + } else { + copy.setUserName(QString()); + } + } while (true); +} + +/*! + Fetch the credential data from the credential cache. + + If auth is 0 (as it is when called from createRequest()), this will try to + look up with an empty realm. That fails in most cases for HTTP (because the + realm is seldom empty for HTTP challenges). In any case, QHttpNetworkConnection + never sends the credentials on the first attempt: it needs to find out what + authentication methods the server supports. + + For FTP, realm is always empty. +*/ +QNetworkAuthenticationCredential +QNetworkAccessAuthenticationManager::fetchCachedCredentials(const QUrl &url, + const QAuthenticator *authentication) +{ + if (!url.password().isEmpty()) + return QNetworkAuthenticationCredential(); // no need to set credentials if it already has them + + QString realm; + if (authentication) + realm = authentication->realm(); + + QByteArray cacheKey = authenticationKey(url, realm); + + QMutexLocker mutexLocker(&mutex); + if (!authenticationCache.hasEntry(cacheKey)) + return QNetworkAuthenticationCredential(); + + QNetworkAuthenticationCache *auth = + static_cast<QNetworkAuthenticationCache *>(authenticationCache.requestEntryNow(cacheKey)); + QNetworkAuthenticationCredential cred = *auth->findClosestMatch(url.path()); + authenticationCache.releaseEntry(cacheKey); + return cred; +} + +void QNetworkAccessAuthenticationManager::clearCache() +{ + authenticationCache.clear(); +} + +QT_END_NAMESPACE + diff --git a/src/network/access/qnetworkaccessauthenticationmanager_p.h b/src/network/access/qnetworkaccessauthenticationmanager_p.h new file mode 100644 index 0000000..d2347b1 --- /dev/null +++ b/src/network/access/qnetworkaccessauthenticationmanager_p.h @@ -0,0 +1,107 @@ +/**************************************************************************** +** +** Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies). +** All rights reserved. +** Contact: Nokia Corporation (qt-info@nokia.com) +** +** This file is part of the QtNetwork module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** No Commercial Usage +** This file contains pre-release code and may not be distributed. +** You may use this file in accordance with the terms and conditions +** contained in the Technology Preview License Agreement accompanying +** this package. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 2.1 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPL included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 2.1 requirements +** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. +** +** In addition, as a special exception, Nokia gives you certain additional +** rights. These rights are described in the Nokia Qt LGPL Exception +** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. +** +** If you have questions regarding the use of this file, please contact +** Nokia at qt-info@nokia.com. +** +** +** +** +** +** +** +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#ifndef QNETWORKACCESSAUTHENTICATIONMANAGER_P_H +#define QNETWORKACCESSAUTHENTICATIONMANAGER_P_H + +// +// W A R N I N G +// ------------- +// +// This file is not part of the Qt API. It exists for the convenience +// of the Network Access API. This header file may change from +// version to version without notice, or even be removed. +// +// We mean it. +// + +#include "qnetworkaccessmanager.h" +#include "qnetworkaccesscache_p.h" +#include "qnetworkaccessbackend_p.h" +#include "QtNetwork/qnetworkproxy.h" +#include "QtCore/QMutex" + +QT_BEGIN_NAMESPACE + +class QAuthenticator; +class QAbstractNetworkCache; +class QNetworkAuthenticationCredential; +class QNetworkCookieJar; + +class QNetworkAuthenticationCredential +{ +public: + QString domain; + QString user; + QString password; + bool isNull() { + return domain.isNull(); + } +}; +Q_DECLARE_TYPEINFO(QNetworkAuthenticationCredential, Q_MOVABLE_TYPE); +inline bool operator<(const QNetworkAuthenticationCredential &t1, const QString &t2) +{ return t1.domain < t2; } + +class QNetworkAccessAuthenticationManager +{ +public: + QNetworkAccessAuthenticationManager() { }; + + void cacheCredentials(const QUrl &url, const QAuthenticator *auth); + QNetworkAuthenticationCredential fetchCachedCredentials(const QUrl &url, + const QAuthenticator *auth = 0); + +#ifndef QT_NO_NETWORKPROXY + void cacheProxyCredentials(const QNetworkProxy &proxy, const QAuthenticator *auth); + QNetworkAuthenticationCredential fetchCachedProxyCredentials(const QNetworkProxy &proxy, + const QAuthenticator *auth = 0); +#endif + + void clearCache(); + +protected: + QNetworkAccessCache authenticationCache; + QMutex mutex; +}; + +QT_END_NAMESPACE + +#endif diff --git a/src/network/access/qnetworkaccessbackend.cpp b/src/network/access/qnetworkaccessbackend.cpp index fd1fa60..53ae29e 100644 --- a/src/network/access/qnetworkaccessbackend.cpp +++ b/src/network/access/qnetworkaccessbackend.cpp @@ -329,7 +329,7 @@ void QNetworkAccessBackend::authenticationRequired(QAuthenticator *authenticator void QNetworkAccessBackend::cacheCredentials(QAuthenticator *authenticator) { - manager->cacheCredentials(this->reply->url, authenticator); + manager->authenticationManager->cacheCredentials(this->reply->url, authenticator); } void QNetworkAccessBackend::metaDataChanged() diff --git a/src/network/access/qnetworkaccessmanager.cpp b/src/network/access/qnetworkaccessmanager.cpp index 8f050d4..562141b 100644 --- a/src/network/access/qnetworkaccessmanager.cpp +++ b/src/network/access/qnetworkaccessmanager.cpp @@ -341,107 +341,6 @@ static void ensureInitialized() QNetworkReply::sslConfiguration(), QNetworkReply::ignoreSslErrors() */ -class QNetworkAuthenticationCredential -{ -public: - QString domain; - QString user; - QString password; -}; -Q_DECLARE_TYPEINFO(QNetworkAuthenticationCredential, Q_MOVABLE_TYPE); -inline bool operator<(const QNetworkAuthenticationCredential &t1, const QString &t2) -{ return t1.domain < t2; } - -class QNetworkAuthenticationCache: private QVector<QNetworkAuthenticationCredential>, - public QNetworkAccessCache::CacheableObject -{ -public: - QNetworkAuthenticationCache() - { - setExpires(false); - setShareable(true); - reserve(1); - } - - QNetworkAuthenticationCredential *findClosestMatch(const QString &domain) - { - iterator it = qLowerBound(begin(), end(), domain); - if (it == end() && !isEmpty()) - --it; - if (it == end() || !domain.startsWith(it->domain)) - return 0; - return &*it; - } - - void insert(const QString &domain, const QString &user, const QString &password) - { - QNetworkAuthenticationCredential *closestMatch = findClosestMatch(domain); - if (closestMatch && closestMatch->domain == domain) { - // we're overriding the current credentials - closestMatch->user = user; - closestMatch->password = password; - } else { - QNetworkAuthenticationCredential newCredential; - newCredential.domain = domain; - newCredential.user = user; - newCredential.password = password; - - if (closestMatch) - QVector<QNetworkAuthenticationCredential>::insert(++closestMatch, newCredential); - else - QVector<QNetworkAuthenticationCredential>::insert(end(), newCredential); - } - } - - virtual void dispose() { delete this; } -}; - -#ifndef QT_NO_NETWORKPROXY -static QByteArray proxyAuthenticationKey(const QNetworkProxy &proxy, const QString &realm) -{ - QUrl key; - - switch (proxy.type()) { - case QNetworkProxy::Socks5Proxy: - key.setScheme(QLatin1String("proxy-socks5")); - break; - - case QNetworkProxy::HttpProxy: - case QNetworkProxy::HttpCachingProxy: - key.setScheme(QLatin1String("proxy-http")); - break; - - case QNetworkProxy::FtpCachingProxy: - key.setScheme(QLatin1String("proxy-ftp")); - break; - - case QNetworkProxy::DefaultProxy: - case QNetworkProxy::NoProxy: - // shouldn't happen - return QByteArray(); - - // no default: - // let there be errors if a new proxy type is added in the future - } - - if (key.scheme().isEmpty()) - // proxy type not handled - return QByteArray(); - - key.setUserName(proxy.user()); - key.setHost(proxy.hostName()); - key.setPort(proxy.port()); - key.setFragment(realm); - return "auth:" + key.toEncoded(); -} -#endif - -static inline QByteArray authenticationKey(const QUrl &url, const QString &realm) -{ - QUrl copy = url; - copy.setFragment(realm); - return "auth:" + copy.toEncoded(QUrl::RemovePassword | QUrl::RemovePath | QUrl::RemoveQuery); -} /*! Constructs a QNetworkAccessManager object that is the center of @@ -1124,10 +1023,10 @@ void QNetworkAccessManagerPrivate::authenticationRequired(QNetworkAccessBackend // also called when last URL is empty, e.g. on first call if (backend->reply->urlForLastAuthentication.isEmpty() || url != backend->reply->urlForLastAuthentication) { - QNetworkAuthenticationCredential *cred = fetchCachedCredentials(url, authenticator); - if (cred) { - authenticator->setUser(cred->user); - authenticator->setPassword(cred->password); + QNetworkAuthenticationCredential cred = authenticationManager->fetchCachedCredentials(url, authenticator); + if (!cred.isNull()) { + authenticator->setUser(cred.user); + authenticator->setPassword(cred.password); backend->reply->urlForLastAuthentication = url; return; } @@ -1140,7 +1039,7 @@ void QNetworkAccessManagerPrivate::authenticationRequired(QNetworkAccessBackend backend->reply->urlForLastAuthentication = url; emit q->authenticationRequired(backend->reply->q_func(), authenticator); - cacheCredentials(url, authenticator); + authenticationManager->cacheCredentials(url, authenticator); } #ifndef QT_NO_NETWORKPROXY @@ -1157,10 +1056,10 @@ void QNetworkAccessManagerPrivate::proxyAuthenticationRequired(QNetworkAccessBac // possible solution: some tracking inside the authenticator // or a new function proxyAuthenticationSucceeded(true|false) if (proxy != backend->reply->lastProxyAuthentication) { - QNetworkAuthenticationCredential *cred = fetchCachedProxyCredentials(proxy); - if (cred) { - authenticator->setUser(cred->user); - authenticator->setPassword(cred->password); + QNetworkAuthenticationCredential cred = authenticationManager->fetchCachedProxyCredentials(proxy); + if (!cred.isNull()) { + authenticator->setUser(cred.user); + authenticator->setPassword(cred.password); return; } } @@ -1172,75 +1071,7 @@ void QNetworkAccessManagerPrivate::proxyAuthenticationRequired(QNetworkAccessBac backend->reply->lastProxyAuthentication = proxy; emit q->proxyAuthenticationRequired(proxy, authenticator); - cacheProxyCredentials(proxy, authenticator); -} - -void QNetworkAccessManagerPrivate::cacheProxyCredentials(const QNetworkProxy &p, - const QAuthenticator *authenticator) -{ - Q_ASSERT(authenticator); - Q_ASSERT(p.type() != QNetworkProxy::DefaultProxy); - Q_ASSERT(p.type() != QNetworkProxy::NoProxy); - - QString realm = authenticator->realm(); - QNetworkProxy proxy = p; - proxy.setUser(authenticator->user()); - // Set two credentials: one with the username and one without - do { - // Set two credentials actually: one with and one without the realm - do { - QByteArray cacheKey = proxyAuthenticationKey(proxy, realm); - if (cacheKey.isEmpty()) - return; // should not happen - - QNetworkAuthenticationCache *auth = new QNetworkAuthenticationCache; - auth->insert(QString(), authenticator->user(), authenticator->password()); - objectCache.addEntry(cacheKey, auth); // replace the existing one, if there's any - - if (realm.isEmpty()) { - break; - } else { - realm.clear(); - } - } while (true); - - if (proxy.user().isEmpty()) - break; - else - proxy.setUser(QString()); - } while (true); -} - -QNetworkAuthenticationCredential * -QNetworkAccessManagerPrivate::fetchCachedProxyCredentials(const QNetworkProxy &p, - const QAuthenticator *authenticator) -{ - QNetworkProxy proxy = p; - if (proxy.type() == QNetworkProxy::DefaultProxy) { - proxy = QNetworkProxy::applicationProxy(); - } - if (!proxy.password().isEmpty()) - return 0; // no need to set credentials if it already has them - - QString realm; - if (authenticator) - realm = authenticator->realm(); - - QByteArray cacheKey = proxyAuthenticationKey(proxy, realm); - if (cacheKey.isEmpty()) - return 0; - if (!objectCache.hasEntry(cacheKey)) - return 0; - - QNetworkAuthenticationCache *auth = - static_cast<QNetworkAuthenticationCache *>(objectCache.requestEntryNow(cacheKey)); - QNetworkAuthenticationCredential *cred = auth->findClosestMatch(QString()); - objectCache.releaseEntry(cacheKey); - - // proxy cache credentials always have exactly one item - Q_ASSERT_X(cred, "QNetworkAccessManager", - "Internal inconsistency: found a cache key for a proxy, but it's empty"); - return cred; + authenticationManager->cacheProxyCredentials(proxy, authenticator); } QList<QNetworkProxy> QNetworkAccessManagerPrivate::queryProxy(const QNetworkProxyQuery &query) @@ -1264,73 +1095,10 @@ QList<QNetworkProxy> QNetworkAccessManagerPrivate::queryProxy(const QNetworkProx } #endif -void QNetworkAccessManagerPrivate::cacheCredentials(const QUrl &url, - const QAuthenticator *authenticator) -{ - Q_ASSERT(authenticator); - QString domain = QString::fromLatin1("/"); // FIXME: make QAuthenticator return the domain - QString realm = authenticator->realm(); - - // Set two credentials actually: one with and one without the username in the URL - QUrl copy = url; - copy.setUserName(authenticator->user()); - do { - QByteArray cacheKey = authenticationKey(copy, realm); - if (objectCache.hasEntry(cacheKey)) { - QNetworkAuthenticationCache *auth = - static_cast<QNetworkAuthenticationCache *>(objectCache.requestEntryNow(cacheKey)); - auth->insert(domain, authenticator->user(), authenticator->password()); - objectCache.releaseEntry(cacheKey); - } else { - QNetworkAuthenticationCache *auth = new QNetworkAuthenticationCache; - auth->insert(domain, authenticator->user(), authenticator->password()); - objectCache.addEntry(cacheKey, auth); - } - - if (copy.userName().isEmpty()) { - break; - } else { - copy.setUserName(QString()); - } - } while (true); -} - -/*! - Fetch the credential data from the credential cache. - - If auth is 0 (as it is when called from createRequest()), this will try to - look up with an empty realm. That fails in most cases for HTTP (because the - realm is seldom empty for HTTP challenges). In any case, QHttpNetworkConnection - never sends the credentials on the first attempt: it needs to find out what - authentication methods the server supports. - - For FTP, realm is always empty. -*/ -QNetworkAuthenticationCredential * -QNetworkAccessManagerPrivate::fetchCachedCredentials(const QUrl &url, - const QAuthenticator *authentication) -{ - if (!url.password().isEmpty()) - return 0; // no need to set credentials if it already has them - - QString realm; - if (authentication) - realm = authentication->realm(); - - QByteArray cacheKey = authenticationKey(url, realm); - if (!objectCache.hasEntry(cacheKey)) - return 0; - - QNetworkAuthenticationCache *auth = - static_cast<QNetworkAuthenticationCache *>(objectCache.requestEntryNow(cacheKey)); - QNetworkAuthenticationCredential *cred = auth->findClosestMatch(url.path()); - objectCache.releaseEntry(cacheKey); - return cred; -} - void QNetworkAccessManagerPrivate::clearCache(QNetworkAccessManager *manager) { manager->d_func()->objectCache.clear(); + manager->d_func()->authenticationManager->clearCache(); } QNetworkAccessManagerPrivate::~QNetworkAccessManagerPrivate() diff --git a/src/network/access/qnetworkaccessmanager_p.h b/src/network/access/qnetworkaccessmanager_p.h index cf4d2f3..dba1fd2 100644 --- a/src/network/access/qnetworkaccessmanager_p.h +++ b/src/network/access/qnetworkaccessmanager_p.h @@ -59,6 +59,7 @@ #include "private/qobject_p.h" #include "QtNetwork/qnetworkproxy.h" #include "QtNetwork/qnetworksession.h" +#include "qnetworkaccessauthenticationmanager_p.h" QT_BEGIN_NAMESPACE @@ -81,7 +82,8 @@ public: online(false), initializeSession(true), #endif - cookieJarCreated(false) + cookieJarCreated(false), + authenticationManager(new QNetworkAccessAuthenticationManager) { } ~QNetworkAccessManagerPrivate(); @@ -137,6 +139,9 @@ public: bool cookieJarCreated; + // The cache with authorization data: + QNetworkAccessAuthenticationManager* authenticationManager; + // this cache can be used by individual backends to cache e.g. their TCP connections to a server // and use the connections for multiple requests. QNetworkAccessCache objectCache; |