[oauth] Code cleaning and safety checks before accessing

elpaso · elpaso · commit 2293065cef72 · 2018-07-19T18:39:36.000+02:00
input string lists by index
diff --git a/src/auth/oauth2/qgsauthoauth2edit.cpp b/src/auth/oauth2/qgsauthoauth2edit.cpp
@@ -156,10 +156,6 @@ void QgsAuthOAuth2Edit::setupConnections()
   } );
   connect( btnRegister, &QPushButton::clicked, this, &QgsAuthOAuth2Edit::getSoftwareStatementConfig );
 
-  // FIXME: in the testbed13 code this signal does not exists (but a connection was attempted)
-  //connect( this, &QgsAuthOAuth2Edit::configSucceeded, this, &QgsAuthOAuth2Edit::registerSoftStatement );
-
-
   // Custom config editing connections
   connect( cmbbxGrantFlow, static_cast<void ( QComboBox::* )( int )>( &QComboBox::currentIndexChanged ),
            this, &QgsAuthOAuth2Edit::updateGrantFlow ); // also updates GUI
@@ -267,7 +263,7 @@ void QgsAuthOAuth2Edit::loadConfig( const QgsStringMap &configmap )
 
   //QgsDebugMsg( QStringLiteral( "oauth2config: " ).arg( configmap.value( QStringLiteral( "oauth2config" ) ) ) );
 
-  if ( configmap.contains( QStringLiteral( "oauth2config" ) ) )
+  if ( configmap.contains( QLatin1Literal( "oauth2config" ) ) )
   {
     tabConfigs->setCurrentIndex( customTab() );
     QByteArray configtxt = configmap.value( QStringLiteral( "oauth2config" ) ).toUtf8();
@@ -298,7 +294,7 @@ void QgsAuthOAuth2Edit::loadConfig( const QgsStringMap &configmap )
       QgsDebugMsg( QStringLiteral( "FAILED to load OAuth2 config: empty config txt" ) );
     }
   }
-  else if ( configmap.contains( QStringLiteral( "definedid" ) ) )
+  else if ( configmap.contains( QLatin1Literal( "definedid" ) ) )
   {
     tabConfigs->setCurrentIndex( definedTab() );
     QString definedid = configmap.value( QStringLiteral( "definedid" ) );
@@ -499,7 +495,7 @@ void QgsAuthOAuth2Edit::definedCustomDirChanged( const QString &path )
   QFileInfo pinfo( path );
   bool ok = pinfo.exists() || pinfo.isDir();
 
-  leDefinedDirPath->setStyleSheet( ok ? "" : QgsAuthGuiUtils::redTextStyleSheet() );
+  leDefinedDirPath->setStyleSheet( ok ? QString() : QgsAuthGuiUtils::redTextStyleSheet() );
 
   if ( ok )
   {
@@ -513,7 +509,7 @@ void QgsAuthOAuth2Edit::softwareStatementJwtPathChanged( const QString &path )
   QFileInfo pinfo( path );
   bool ok = pinfo.exists() || pinfo.isFile();
 
-  leSoftwareStatementJwtPath->setStyleSheet( ok ? "" : QgsAuthGuiUtils::redTextStyleSheet() );
+  leSoftwareStatementJwtPath->setStyleSheet( ok ? QString() : QgsAuthGuiUtils::redTextStyleSheet() );
 
   if ( ok )
   {
@@ -592,7 +588,7 @@ void QgsAuthOAuth2Edit::getSoftStatementDir()
   this->raise();
   this->activateWindow();
 
-  if ( softStatementFile.isNull() )
+  if ( softStatementFile.isEmpty() )
   {
     return;
   }
@@ -968,14 +964,20 @@ void QgsAuthOAuth2Edit::parseSoftwareStatement( const QString &path )
   }
   if ( softwareStatementBase64.isEmpty() )
   {
-    QgsDebugMsg( QStringLiteral( "Error software statement is empty: %1" ).arg( QString( path ) ) );
+    QgsDebugMsg( QStringLiteral( "Error software statement is empty: %1" ).arg( path ) );
     file.close();
     return;
   }
   mRegistrationEndpoint = QString();
   file.close();
   mSoftwareStatement.insert( "software_statement", softwareStatementBase64 );
-  QByteArray payload = softwareStatementBase64.split( '.' )[1];
+  QList<QByteArray> payloadParts( softwareStatementBase64.split( '.' ) );
+  if ( payloadParts.count() < 2 )
+  {
+    QgsDebugMsg( QStringLiteral( "Error parsing JSON: base64 decode returned less than 2 parts" ) );
+    return;
+  }
+  QByteArray payload = payloadParts[1];
   QByteArray decoded = QByteArray::fromBase64( payload/*, QByteArray::Base64UrlEncoding*/ );
   QByteArray errStr;
   bool res = false;
@@ -985,24 +987,32 @@ void QgsAuthOAuth2Edit::parseSoftwareStatement( const QString &path )
     QgsDebugMsg( QStringLiteral( "Error parsing JSON: %1" ).arg( QString( errStr ) ) );
     return;
   }
-  if ( jsonData.contains( "grant_types" ) && jsonData.contains( QLatin1Literal( "redirect_uris" ) ) )
+  if ( jsonData.contains( QLatin1Literal( "grant_types" ) ) && jsonData.contains( QLatin1Literal( "redirect_uris" ) ) )
   {
-    QString grantType = jsonData[QLatin1Literal( "grant_types" ) ].toStringList()[0];
-    if ( grantType == QLatin1Literal( "authorization_code" ) )
+    QStringList grantTypes( jsonData[QLatin1Literal( "grant_types" ) ].toStringList() );
+    if ( grantTypes.count( ) )
     {
-      updateGrantFlow( static_cast<int>( QgsAuthOAuth2Config::AuthCode ) );
+      QString grantType = grantTypes[0];
+      if ( grantType == QLatin1Literal( "authorization_code" ) )
+      {
+        updateGrantFlow( static_cast<int>( QgsAuthOAuth2Config::AuthCode ) );
+      }
+      else
+      {
+        updateGrantFlow( static_cast<int>( QgsAuthOAuth2Config::ResourceOwner ) );
+      }
     }
-    else
+    //Set redirect_uri
+    QStringList  redirectUris( jsonData[QLatin1Literal( "redirect_uris" ) ].toStringList() );
+    if ( redirectUris.count( ) )
     {
-      updateGrantFlow( static_cast<int>( QgsAuthOAuth2Config::ResourceOwner ) );
+      QString redirectUri = redirectUris[0];
+      leRedirectUrl->setText( redirectUri );
     }
-    //Set redirect_uri
-    QString redirectUri = jsonData[QLatin1Literal( "redirect_uris" ) ].toStringList()[0];
-    leRedirectUrl->setText( redirectUri );
   }
   else
   {
-    QgsDebugMsgLevel( QStringLiteral( "Error software statement is invalid: %1" ).arg( QString( path ) ), 4 );
+    QgsDebugMsgLevel( QStringLiteral( "Error software statement is invalid: %1" ).arg( path ), 4 );
     return;
   }
   if ( jsonData.contains( QLatin1Literal( "registration_endpoint" ) ) )
@@ -1043,7 +1053,7 @@ void QgsAuthOAuth2Edit::configReplyFinished()
     }
     else
     {
-      QString errorMsg = QStringLiteral( "Downloading configuration failed with error: %1" ).arg( configReply->errorString() );
+      QString errorMsg = tr( "Downloading configuration failed with error: %1" ).arg( configReply->errorString() );
       QgsMessageLog::logMessage( errorMsg, QStringLiteral( "OAuth2" ), Qgis::Critical );
     }
   }

Original file line number	Diff line number	Diff line change
`@@ -156,10 +156,6 @@ void QgsAuthOAuth2Edit::setupConnections()`
`156`	`156`	`} );`
`157`	`157`	`connect( btnRegister, &QPushButton::clicked, this, &QgsAuthOAuth2Edit::getSoftwareStatementConfig );`
`158`	`158`
`159`		`- // FIXME: in the testbed13 code this signal does not exists (but a connection was attempted)`
`160`		`- //connect( this, &QgsAuthOAuth2Edit::configSucceeded, this, &QgsAuthOAuth2Edit::registerSoftStatement );`
`161`		`-`
`162`		`-`
`163`	`159`	`// Custom config editing connections`
`164`	`160`	`connect( cmbbxGrantFlow, static_cast<void ( QComboBox::* )( int )>( &QComboBox::currentIndexChanged ),`
`165`	`161`	`this, &QgsAuthOAuth2Edit::updateGrantFlow ); // also updates GUI`
`@@ -267,7 +263,7 @@ void QgsAuthOAuth2Edit::loadConfig( const QgsStringMap &configmap )`
`267`	`263`
`268`	`264`	`//QgsDebugMsg( QStringLiteral( "oauth2config: " ).arg( configmap.value( QStringLiteral( "oauth2config" ) ) ) );`
`269`	`265`
`270`		`- if ( configmap.contains( QStringLiteral( "oauth2config" ) ) )`
	`266`	`+ if ( configmap.contains( QLatin1Literal( "oauth2config" ) ) )`
`271`	`267`	`{`
`272`	`268`	`tabConfigs->setCurrentIndex( customTab() );`
`273`	`269`	`QByteArray configtxt = configmap.value( QStringLiteral( "oauth2config" ) ).toUtf8();`
`@@ -298,7 +294,7 @@ void QgsAuthOAuth2Edit::loadConfig( const QgsStringMap &configmap )`
`298`	`294`	`QgsDebugMsg( QStringLiteral( "FAILED to load OAuth2 config: empty config txt" ) );`
`299`	`295`	`}`
`300`	`296`	`}`
`301`		`- else if ( configmap.contains( QStringLiteral( "definedid" ) ) )`
	`297`	`+ else if ( configmap.contains( QLatin1Literal( "definedid" ) ) )`
`302`	`298`	`{`
`303`	`299`	`tabConfigs->setCurrentIndex( definedTab() );`
`304`	`300`	`QString definedid = configmap.value( QStringLiteral( "definedid" ) );`
`@@ -499,7 +495,7 @@ void QgsAuthOAuth2Edit::definedCustomDirChanged( const QString &path )`
`499`	`495`	`QFileInfo pinfo( path );`
`500`	`496`	`bool ok = pinfo.exists() \|\| pinfo.isDir();`
`501`	`497`
`502`		`- leDefinedDirPath->setStyleSheet( ok ? "" : QgsAuthGuiUtils::redTextStyleSheet() );`
	`498`	`+ leDefinedDirPath->setStyleSheet( ok ? QString() : QgsAuthGuiUtils::redTextStyleSheet() );`
`503`	`499`
`504`	`500`	`if ( ok )`
`505`	`501`	`{`
`@@ -513,7 +509,7 @@ void QgsAuthOAuth2Edit::softwareStatementJwtPathChanged( const QString &path )`
`513`	`509`	`QFileInfo pinfo( path );`
`514`	`510`	`bool ok = pinfo.exists() \|\| pinfo.isFile();`
`515`	`511`
`516`		`- leSoftwareStatementJwtPath->setStyleSheet( ok ? "" : QgsAuthGuiUtils::redTextStyleSheet() );`
	`512`	`+ leSoftwareStatementJwtPath->setStyleSheet( ok ? QString() : QgsAuthGuiUtils::redTextStyleSheet() );`
`517`	`513`
`518`	`514`	`if ( ok )`
`519`	`515`	`{`
`@@ -592,7 +588,7 @@ void QgsAuthOAuth2Edit::getSoftStatementDir()`
`592`	`588`	`this->raise();`
`593`	`589`	`this->activateWindow();`
`594`	`590`
`595`		`- if ( softStatementFile.isNull() )`
	`591`	`+ if ( softStatementFile.isEmpty() )`
`596`	`592`	`{`
`597`	`593`	`return;`
`598`	`594`	`}`
`@@ -968,14 +964,20 @@ void QgsAuthOAuth2Edit::parseSoftwareStatement( const QString &path )`
`968`	`964`	`}`
`969`	`965`	`if ( softwareStatementBase64.isEmpty() )`
`970`	`966`	`{`
`971`		`- QgsDebugMsg( QStringLiteral( "Error software statement is empty: %1" ).arg( QString( path ) ) );`
	`967`	`+ QgsDebugMsg( QStringLiteral( "Error software statement is empty: %1" ).arg( path ) );`
`972`	`968`	`file.close();`
`973`	`969`	`return;`
`974`	`970`	`}`
`975`	`971`	`mRegistrationEndpoint = QString();`
`976`	`972`	`file.close();`
`977`	`973`	`mSoftwareStatement.insert( "software_statement", softwareStatementBase64 );`
`978`		`- QByteArray payload = softwareStatementBase64.split( '.' )[1];`
	`974`	`+ QList<QByteArray> payloadParts( softwareStatementBase64.split( '.' ) );`
	`975`	`+ if ( payloadParts.count() < 2 )`
	`976`	`+ {`
	`977`	`+ QgsDebugMsg( QStringLiteral( "Error parsing JSON: base64 decode returned less than 2 parts" ) );`
	`978`	`+ return;`
	`979`	`+ }`
	`980`	`+ QByteArray payload = payloadParts[1];`
`979`	`981`	`QByteArray decoded = QByteArray::fromBase64( payload/, QByteArray::Base64UrlEncoding/ );`
`980`	`982`	`QByteArray errStr;`
`981`	`983`	`bool res = false;`
`@@ -985,24 +987,32 @@ void QgsAuthOAuth2Edit::parseSoftwareStatement( const QString &path )`
`985`	`987`	`QgsDebugMsg( QStringLiteral( "Error parsing JSON: %1" ).arg( QString( errStr ) ) );`
`986`	`988`	`return;`
`987`	`989`	`}`
`988`		`- if ( jsonData.contains( "grant_types" ) && jsonData.contains( QLatin1Literal( "redirect_uris" ) ) )`
	`990`	`+ if ( jsonData.contains( QLatin1Literal( "grant_types" ) ) && jsonData.contains( QLatin1Literal( "redirect_uris" ) ) )`
`989`	`991`	`{`
`990`		`- QString grantType = jsonData[QLatin1Literal( "grant_types" ) ].toStringList()[0];`
`991`		`- if ( grantType == QLatin1Literal( "authorization_code" ) )`
	`992`	`+ QStringList grantTypes( jsonData[QLatin1Literal( "grant_types" ) ].toStringList() );`
	`993`	`+ if ( grantTypes.count( ) )`
`992`	`994`	`{`
`993`		`- updateGrantFlow( static_cast<int>( QgsAuthOAuth2Config::AuthCode ) );`
	`995`	`+ QString grantType = grantTypes[0];`
	`996`	`+ if ( grantType == QLatin1Literal( "authorization_code" ) )`
	`997`	`+ {`
	`998`	`+ updateGrantFlow( static_cast<int>( QgsAuthOAuth2Config::AuthCode ) );`
	`999`	`+ }`
	`1000`	`+ else`
	`1001`	`+ {`
	`1002`	`+ updateGrantFlow( static_cast<int>( QgsAuthOAuth2Config::ResourceOwner ) );`
	`1003`	`+ }`
`994`	`1004`	`}`
`995`		`- else`
	`1005`	`+ //Set redirect_uri`
	`1006`	`+ QStringList redirectUris( jsonData[QLatin1Literal( "redirect_uris" ) ].toStringList() );`
	`1007`	`+ if ( redirectUris.count( ) )`
`996`	`1008`	`{`
`997`		`- updateGrantFlow( static_cast<int>( QgsAuthOAuth2Config::ResourceOwner ) );`
	`1009`	`+ QString redirectUri = redirectUris[0];`
	`1010`	`+ leRedirectUrl->setText( redirectUri );`
`998`	`1011`	`}`
`999`		`- //Set redirect_uri`
`1000`		`- QString redirectUri = jsonData[QLatin1Literal( "redirect_uris" ) ].toStringList()[0];`
`1001`		`- leRedirectUrl->setText( redirectUri );`
`1002`	`1012`	`}`
`1003`	`1013`	`else`
`1004`	`1014`	`{`
`1005`		`- QgsDebugMsgLevel( QStringLiteral( "Error software statement is invalid: %1" ).arg( QString( path ) ), 4 );`
	`1015`	`+ QgsDebugMsgLevel( QStringLiteral( "Error software statement is invalid: %1" ).arg( path ), 4 );`
`1006`	`1016`	`return;`
`1007`	`1017`	`}`
`1008`	`1018`	`if ( jsonData.contains( QLatin1Literal( "registration_endpoint" ) ) )`
`@@ -1043,7 +1053,7 @@ void QgsAuthOAuth2Edit::configReplyFinished()`
`1043`	`1053`	`}`
`1044`	`1054`	`else`
`1045`	`1055`	`{`
`1046`		`- QString errorMsg = QStringLiteral( "Downloading configuration failed with error: %1" ).arg( configReply->errorString() );`
	`1056`	`+ QString errorMsg = tr( "Downloading configuration failed with error: %1" ).arg( configReply->errorString() );`
`1047`	`1057`	`QgsMessageLog::logMessage( errorMsg, QStringLiteral( "OAuth2" ), Qgis::Critical );`
`1048`	`1058`	`}`
`1049`	`1059`	`}`