| 1 | // Copyright (C) 2016 The Qt Company Ltd. |
|---|
| 2 | // SPDX-License-Identifier: LicenseRef-Qt-Commercial OR LGPL-3.0-only OR GPL-2.0-only OR GPL-3.0-only |
|---|
| 3 | // Qt-Security score:significant reason:default |
|---|
| 4 | |
|---|
| 5 | #ifndef QAUTHENTICATOR_P_H |
|---|
| 6 | #define QAUTHENTICATOR_P_H |
|---|
| 7 | |
|---|
| 8 | // |
|---|
| 9 | // W A R N I N G |
|---|
| 10 | // ------------- |
|---|
| 11 | // |
|---|
| 12 | // This file is not part of the Qt API. It exists purely as an |
|---|
| 13 | // implementation detail. This header file may change from version to |
|---|
| 14 | // version without notice, or even be removed. |
|---|
| 15 | // |
|---|
| 16 | // We mean it. |
|---|
| 17 | // |
|---|
| 18 | |
|---|
| 19 | #include <QtNetwork/private/qtnetworkglobal_p.h> |
|---|
| 20 | #include <qhash.h> |
|---|
| 21 | #include <qbytearray.h> |
|---|
| 22 | #include <qscopedpointer.h> |
|---|
| 23 | #include <qstring.h> |
|---|
| 24 | #include <qauthenticator.h> |
|---|
| 25 | #include <qvariant.h> |
|---|
| 26 | |
|---|
| 27 | QT_BEGIN_NAMESPACE |
|---|
| 28 | |
|---|
| 29 | class ; |
|---|
| 30 | class ; |
|---|
| 31 | #if QT_CONFIG(sspi) // SSPI |
|---|
| 32 | class QSSPIWindowsHandles; |
|---|
| 33 | #elif QT_CONFIG(gssapi) // GSSAPI |
|---|
| 34 | class QGssApiHandles; |
|---|
| 35 | #endif |
|---|
| 36 | |
|---|
| 37 | class Q_NETWORK_EXPORT QAuthenticatorPrivate |
|---|
| 38 | { |
|---|
| 39 | public: |
|---|
| 40 | enum Method { None, Basic, Negotiate, Ntlm, DigestMd5, }; |
|---|
| 41 | QAuthenticatorPrivate(); |
|---|
| 42 | ~QAuthenticatorPrivate(); |
|---|
| 43 | |
|---|
| 44 | QString user; |
|---|
| 45 | QString ; |
|---|
| 46 | QString password; |
|---|
| 47 | QVariantHash options; |
|---|
| 48 | Method method; |
|---|
| 49 | QString realm; |
|---|
| 50 | QByteArray challenge; |
|---|
| 51 | #if QT_CONFIG(sspi) // SSPI |
|---|
| 52 | QScopedPointer<QSSPIWindowsHandles> sspiWindowsHandles; |
|---|
| 53 | #elif QT_CONFIG(gssapi) // GSSAPI |
|---|
| 54 | QScopedPointer<QGssApiHandles> gssApiHandles; |
|---|
| 55 | #endif |
|---|
| 56 | bool hasFailed; //credentials have been tried but rejected by server. |
|---|
| 57 | |
|---|
| 58 | enum Phase { |
|---|
| 59 | Start, |
|---|
| 60 | Phase1, |
|---|
| 61 | Phase2, |
|---|
| 62 | Done, |
|---|
| 63 | Invalid |
|---|
| 64 | }; |
|---|
| 65 | Phase phase; |
|---|
| 66 | |
|---|
| 67 | // digest specific |
|---|
| 68 | QByteArray cnonce; |
|---|
| 69 | int nonceCount; |
|---|
| 70 | |
|---|
| 71 | // ntlm specific |
|---|
| 72 | QString workstation; |
|---|
| 73 | QString userDomain; |
|---|
| 74 | |
|---|
| 75 | QByteArray calculateResponse(QByteArrayView method, QByteArrayView path, QStringView host); |
|---|
| 76 | |
|---|
| 77 | inline static QAuthenticatorPrivate *getPrivate(QAuthenticator &auth) { return auth.d; } |
|---|
| 78 | inline static const QAuthenticatorPrivate *getPrivate(const QAuthenticator &auth) { return auth.d; } |
|---|
| 79 | |
|---|
| 80 | QByteArray digestMd5Response(QByteArrayView challenge, QByteArrayView method, |
|---|
| 81 | QByteArrayView path); |
|---|
| 82 | static QHash<QByteArray, QByteArray> |
|---|
| 83 | parseDigestAuthenticationChallenge(QByteArrayView challenge); |
|---|
| 84 | |
|---|
| 85 | void (const QHttpHeaders &, bool isProxy, QStringView host); |
|---|
| 86 | void updateCredentials(); |
|---|
| 87 | |
|---|
| 88 | static bool isMethodSupported(QByteArrayView method); |
|---|
| 89 | }; |
|---|
| 90 | |
|---|
| 91 | |
|---|
| 92 | QT_END_NAMESPACE |
|---|
| 93 | |
|---|
| 94 | #endif |
|---|
| 95 | |
|---|
