qgis · Jun 26, 2018
diff --git a/‎doc/CMakeLists.txt
Lines changed: 2 additions & 0 deletions b/‎doc/CMakeLists.txt
Lines changed: 2 additions & 0 deletions
diff --git a/‎doc/modules.dox
Lines changed: 11 additions & 0 deletions b/‎doc/modules.dox
Lines changed: 11 additions & 0 deletions
diff --git a/‎src/auth/oauth2/qgsauthoauth2config.cpp
Lines changed: 159 additions & 133 deletions b/‎src/auth/oauth2/qgsauthoauth2config.cpp
Lines changed: 159 additions & 133 deletions
diff --git a/‎src/auth/oauth2/qgsauthoauth2config.h
Lines changed: 123 additions & 60 deletions b/‎src/auth/oauth2/qgsauthoauth2config.h
Lines changed: 123 additions & 60 deletions
diff --git a/‎src/auth/oauth2/qgsauthoauth2edit.cpp
Lines changed: 28 additions & 39 deletions b/‎src/auth/oauth2/qgsauthoauth2edit.cpp
Lines changed: 28 additions & 39 deletions
diff --git a/‎src/auth/oauth2/qgsauthoauth2edit.h
Lines changed: 23 additions & 8 deletions b/‎src/auth/oauth2/qgsauthoauth2edit.h
Lines changed: 23 additions & 8 deletions
diff --git a/‎src/auth/oauth2/qgsauthoauth2method.h
Lines changed: 21 additions & 1 deletion b/‎src/auth/oauth2/qgsauthoauth2method.h
Lines changed: 21 additions & 1 deletion
diff --git a/‎src/auth/oauth2/qgso2.h
Lines changed: 12 additions & 0 deletions b/‎src/auth/oauth2/qgso2.h
Lines changed: 12 additions & 0 deletions
@@ -57,6 +57,8 @@ IF(WITH_APIDOC)
       ${CMAKE_SOURCE_DIR}/src/core/3d
       ${CMAKE_SOURCE_DIR}/src/core/annotations
       ${CMAKE_SOURCE_DIR}/src/core/auth
+      ${CMAKE_SOURCE_DIR}/src/auth
+      ${CMAKE_SOURCE_DIR}/src/auth/oauth2
       ${CMAKE_SOURCE_DIR}/src/core/diagram
       ${CMAKE_SOURCE_DIR}/src/core/dxf
       ${CMAKE_SOURCE_DIR}/src/core/effects
 
@@ -42,3 +42,14 @@ Contains classes related to implementation of QGIS plugins.
 The QgsQuick library is built on top of the CORE library and Qt Quick/QML framework. It adds reusable GUI Quick Components, mainly for mobile devices.
 
 */
+
+
+
+*/
+
+/** @defgroup auth_plugins Authentication plugins
+
+The QGIS authentication manager uses authentication plugins to provide most common authentication methods.
+
+*/
+
@@ -22,35 +22,64 @@
 
 #include "qgis.h"
 
-
+/**
+ * The QgsAuthOAuth2Config class stores the configuration for OAuth2 authentication plugin
+ * \ingroup auth_plugins
+ */
 class QgsAuthOAuth2Config : public QObject
 {
     Q_OBJECT
     Q_ENUMS( ConfigType )
     Q_ENUMS( GrantFlow )
     Q_ENUMS( ConfigFormat )
     Q_ENUMS( AccessMethod )
+    Q_PROPERTY( QString id READ id WRITE setId NOTIFY idChanged )
+    Q_PROPERTY( int version READ version WRITE setVersion NOTIFY versionChanged )
+    Q_PROPERTY( ConfigType configType READ configType WRITE setConfigType NOTIFY configTypeChanged )
+    Q_PROPERTY( GrantFlow grantFlow READ grantFlow WRITE setGrantFlow NOTIFY grantFlowChanged )
+    Q_PROPERTY( QString name READ name WRITE setName NOTIFY nameChanged )
+    Q_PROPERTY( QString description READ description WRITE setDescription NOTIFY descriptionChanged )
+    Q_PROPERTY( QString requestUrl READ requestUrl WRITE setRequestUrl NOTIFY requestUrlChanged )
+    Q_PROPERTY( QString tokenUrl READ tokenUrl WRITE setTokenUrl NOTIFY tokenUrlChanged )
+    Q_PROPERTY( QString refreshTokenUrl READ refreshTokenUrl WRITE setRefreshTokenUrl NOTIFY refreshTokenUrlChanged )
+    Q_PROPERTY( QString redirectUrl READ redirectUrl WRITE setRedirectUrl NOTIFY redirectUrlChanged )
+    Q_PROPERTY( int redirectPort READ redirectPort WRITE setRedirectPort NOTIFY redirectPortChanged )
+    Q_PROPERTY( QString clientId READ clientId WRITE setClientId NOTIFY clientIdChanged )
+    Q_PROPERTY( QString clientSecret READ clientSecret WRITE setClientSecret NOTIFY clientSecretChanged )
+    Q_PROPERTY( QString username READ username WRITE setUsername NOTIFY usernameChanged )
+    Q_PROPERTY( QString password READ password WRITE setPassword NOTIFY passwordChanged )
+    Q_PROPERTY( QString scope READ scope WRITE setScope NOTIFY scopeChanged )
+    Q_PROPERTY( QString state READ state WRITE setState NOTIFY stateChanged )
+    Q_PROPERTY( QString apiKey READ apiKey WRITE setApiKey NOTIFY apiKeyChanged )
+    Q_PROPERTY( bool persistToken READ persistToken WRITE setPersistToken NOTIFY persistTokenChanged )
+    Q_PROPERTY( AccessMethod accessMethod READ accessMethod WRITE setAccessMethod NOTIFY accessMethodChanged )
+    Q_PROPERTY( int requestTimeout READ requestTimeout WRITE setRequestTimeout NOTIFY requestTimeoutChanged )
+    Q_PROPERTY( QVariantMap queryPairs READ queryPairs WRITE setQueryPairs NOTIFY queryPairsChanged )
 
   public:
 
+    //! Configuration type
     enum ConfigType
     {
       Predefined,
       Custom,
     };
 
+    //! OAuth2 grant flow
     enum GrantFlow
     {
       AuthCode,      //!< @see http://tools.ietf.org/html/rfc6749#section-4.1
       Implicit,      //!< @see http://tools.ietf.org/html/rfc6749#section-4.2
       ResourceOwner, //!< @see http://tools.ietf.org/html/rfc6749#section-4.3
     };
 
+    //! Configuration format for serialize/unserialize operations
     enum ConfigFormat
     {
       JSON,
     };
 
+    //! Access method
     enum AccessMethod
     {
       Header,
@@ -60,94 +89,70 @@ class QgsAuthOAuth2Config : public QObject
 
     explicit QgsAuthOAuth2Config( QObject *parent = nullptr );
 
-    ~QgsAuthOAuth2Config();
-
     //! Unique ID
-    Q_PROPERTY( QString id READ id WRITE setId NOTIFY idChanged )
     QString id() const { return mId; }
 
     //! Increment this if method is significantly updated, allow updater code to be written
-    Q_PROPERTY( int version READ version WRITE setVersion NOTIFY versionChanged )
     int version() const { return mVersion; }
 
     //! Configuration type
-    Q_PROPERTY( ConfigType configType READ configType WRITE setConfigType NOTIFY configTypeChanged )
     ConfigType configType() const { return mConfigType; }
 
     //! Authorization flow
-    Q_PROPERTY( GrantFlow grantFlow READ grantFlow WRITE setGrantFlow NOTIFY grantFlowChanged )
     GrantFlow grantFlow()  const { return mGrantFlow; }
 
     //! Configuration name
-    Q_PROPERTY( QString name READ name WRITE setName NOTIFY nameChanged )
     QString name() const { return mName; }
 
     //! Configuration description
-    Q_PROPERTY( QString description READ description WRITE setDescription NOTIFY descriptionChanged )
     QString description() const { return mDescription; }
 
-    //!
-    Q_PROPERTY( QString requestUrl READ requestUrl WRITE setRequestUrl NOTIFY requestUrlChanged )
+    //! Request url
     QString requestUrl() const { return mRequestUrl; }
 
-    //!
-    Q_PROPERTY( QString tokenUrl READ tokenUrl WRITE setTokenUrl NOTIFY tokenUrlChanged )
+    //! Token url
     QString tokenUrl() const { return mTokenUrl; }
 
-    //!
-    Q_PROPERTY( QString refreshTokenUrl READ refreshTokenUrl WRITE setRefreshTokenUrl NOTIFY refreshTokenUrlChanged )
+    //! Refresh token url
     QString refreshTokenUrl() const { return mRefreshTokenUrl; }
 
-    //!
-    Q_PROPERTY( QString redirectUrl READ redirectUrl WRITE setRedirectUrl NOTIFY redirectUrlChanged )
+    //! Redirect url
     QString redirectUrl() const { return mRedirectURL; }
 
-    //!
-    Q_PROPERTY( int redirectPort READ redirectPort WRITE setRedirectPort NOTIFY redirectPortChanged )
+    //! Redirect port
     int redirectPort() const { return mRedirectPort; }
 
-    //!
-    Q_PROPERTY( QString clientId READ clientId WRITE setClientId NOTIFY clientIdChanged )
+    //! Client id
     QString clientId() const { return mClientId; }
 
-    //!
-    Q_PROPERTY( QString clientSecret READ clientSecret WRITE setClientSecret NOTIFY clientSecretChanged )
+    //! Client secret
     QString clientSecret() const { return mClientSecret; }
 
     //! Resource owner username
-    Q_PROPERTY( QString username READ username WRITE setUsername NOTIFY usernameChanged )
     QString username() const { return mUsername; }
 
     //! Resource owner password
-    Q_PROPERTY( QString password READ password WRITE setPassword NOTIFY passwordChanged )
     QString password() const { return mPassword; }
 
     //! Scope of authentication
-    Q_PROPERTY( QString scope READ scope WRITE setScope NOTIFY scopeChanged )
     QString scope() const { return mScope; }
 
     //! State passed with request
-    Q_PROPERTY( QString state READ state WRITE setState NOTIFY stateChanged )
     QString state() const { return mState; }
 
-    //!
-    Q_PROPERTY( QString apiKey READ apiKey WRITE setApiKey NOTIFY apiKeyChanged )
+    //! API key
     QString apiKey() const { return mApiKey; }
 
-    //!
-    Q_PROPERTY( bool persistToken READ persistToken WRITE setPersistToken NOTIFY persistTokenChanged )
+    //! Return true if the token is persistant
     bool persistToken() const { return mPersistToken; }
 
-    //!
-    Q_PROPERTY( AccessMethod accessMethod READ accessMethod WRITE setAccessMethod NOTIFY accessMethodChanged )
+    //! Access method
     AccessMethod accessMethod() const { return mAccessMethod; }
 
-    //!
-    Q_PROPERTY( int requestTimeout READ requestTimeout WRITE setRequestTimeout NOTIFY requestTimeoutChanged )
+    //! Request timeout
     int requestTimeout() const { return mRequestTimeout; }
 
-    //!
-    Q_PROPERTY( QVariantMap queryPairs READ queryPairs WRITE setQueryPairs NOTIFY queryPairsChanged )
+    //! Query pairs
     QVariantMap queryPairs() const { return mQueryPairs; }
 
     //! Operator used to compare configs' equality
@@ -159,7 +164,7 @@ class QgsAuthOAuth2Config : public QObject
     //! Check whether config is valid, then return it
     bool isValid() const;
 
-    //! @see http://tools.ietf.org/html/rfc6749 for required data per flow
+    //! \see http://tools.ietf.org/html/rfc6749 for required data per flow
     void validateConfigId( bool needsId = false );
 
     //! Load a string (e.g. JSON) of a config
@@ -168,16 +173,29 @@ class QgsAuthOAuth2Config : public QObject
     //! Save a config to a string (e.g. JSON)
     QByteArray saveConfigTxt( ConfigFormat format = JSON, bool pretty = false, bool *ok = nullptr ) const;
 
-    //!
+    //! Return the configuration as a QVariant map
     QVariantMap mappedProperties() const;
 
-    //!
+    /**
+     * Serialize the configuration \a variant according to \a format
+     * \param variant map where configuration is stored
+     * \param format output format
+     * \param pretty indentation in output
+     * \param ok is set to false in case something goes wrong, true otherwise
+     * \return serialized config
+     */
     static QByteArray serializeFromVariant( const QVariantMap &variant,
                                             ConfigFormat format = JSON,
                                             bool pretty = false,
                                             bool *ok = nullptr );
 
-    //!
+    /**
+     * Unserialize the configuration in \a serial according to \a format
+     * \param serial serialized configuration
+     * \param format output format
+     * \param ok is set to false in case something goes wrong, true otherwise
+     * \return config map
+     */
     static QVariantMap variantFromSerialized( const QByteArray &serial,
         ConfigFormat format = JSON,
         bool *ok = nullptr );
@@ -205,112 +223,157 @@ class QgsAuthOAuth2Config : public QObject
     //! Load and parse standard directories of configs (e.g. JSON) to a mapped cache
     static QgsStringMap mappedOAuth2ConfigsCache( QObject *parent, const QString &extradir = QString::null );
 
-    //!
+    //! Path where config is stored
     static QString oauth2ConfigsPkgDataDir();
 
-    //!
+    //! Path where user settings are stored
     static QString oauth2ConfigsUserSettingsDir();
 
-    //!
+    //! User readable name of the \a configtype
     static QString configTypeString( ConfigType configtype );
 
-    //!
+    //! User readable name of the grant \a flow
     static QString grantFlowString( GrantFlow flow );
 
-    //!
+    //! User readable name of the access \a method
     static QString accessMethodString( AccessMethod method );
 
-    //!
+    //! Path of the token cache \a temporary directory
     static QString tokenCacheDirectory( bool temporary = false );
 
-    //!
+    //! Path of the token cache file, with optional \a suffix
     static QString tokenCacheFile( const QString &suffix = QString::null );
 
-    //!
+    //! Path of the token cache file, with optional \a suffix and \a temporary flag
     static QString tokenCachePath( const QString &suffix = QString::null, bool temporary = false );
 
   public slots:
+    //! Set the id to \a value
     void setId( const QString &value );
+    //! Set version to \a value
     void setVersion( int value );
+    //! Set config type to \a value
     void setConfigType( ConfigType value );
+    //! Set grant flow to \a value
     void setGrantFlow( GrantFlow value );
+    //! Set name to \a value
     void setName( const QString &value );
+    //! Set description to \a value
     void setDescription( const QString &value );
+    //! Set request url to \a value
     void setRequestUrl( const QString &value );
+    //! Set token url to \a value
     void setTokenUrl( const QString &value );
+    //! Set refresh token url to \a value
     void setRefreshTokenUrl( const QString &value );
+    //! Set redirect url to \a value
     void setRedirectUrl( const QString &value );
+    //! Set redirect port to \a value
     void setRedirectPort( int value );
+    //! Set client id to \a value
     void setClientId( const QString &value );
+    //! Set client secret to \a value
     void setClientSecret( const QString &value );
+    //! Set username to \a value
     void setUsername( const QString &value );
+    //! Set password to \a value
     void setPassword( const QString &value );
+    //! Set scope to \a value
     void setScope( const QString &value );
+    //! Set state to \a value
     void setState( const QString &value );
+    //! Set api key to \a value
     void setApiKey( const QString &value );
     // advanced
+    //! Set persistent token flag to \a persist
     void setPersistToken( bool persist );
+    //! Set access method to \a value
     void setAccessMethod( AccessMethod value );
+    //! Set request timeout to \a value
     void setRequestTimeout( int value );
+    //! Set query pairs to \a pairs
     void setQueryPairs( const QVariantMap &pairs );
-
+    //! Reset configuration to defaults
     void setToDefaults();
-
+    //! Validate configuration
     void validateConfig();
 
   signals:
+    //! Emitted when configuration has changed
     void configChanged();
+    //! Emitted when configuration id has changed
     void idChanged( const QString & );
+    //! Emitted when configuration version has changed
     void versionChanged( int );
+    //! Emitted when configuration type has changed
     void configTypeChanged( ConfigType );
+    //! Emitted when configuration grant flow has changed
     void grantFlowChanged( GrantFlow );
+    //! Emitted when configuration grant flow has changed
     void nameChanged( const QString & );
+    //! Emitted when configuration name has changed
     void descriptionChanged( const QString & );
+    //! Emitted when configuration request urlhas changed
     void requestUrlChanged( const QString & );
+    //! Emitted when configuration token url has changed
     void tokenUrlChanged( const QString & );
+    //! Emitted when configuration refresh token url has changed
     void refreshTokenUrlChanged( const QString & );
+    //! Emitted when configuration redirect url has changed
     void redirectUrlChanged( const QString & );
+    //! Emitted when configuration redirect port has changed
     void redirectPortChanged( int );
+    //! Emitted when configuration client id has changed
     void clientIdChanged( const QString & );
+    //! Emitted when configuration client secret has changed
     void clientSecretChanged( const QString & );
+    //! Emitted when configuration username has changed
     void usernameChanged( const QString & );
+    //! Emitted when configuration password has changed
     void passwordChanged( const QString & );
+    //! Emitted when configuration scope has changed
     void scopeChanged( const QString & );
+    //! Emitted when configuration state has changed
     void stateChanged( const QString & );
+    //! Emitted when configuration API key has changed
     void apiKeyChanged( const QString & );
 
     // advanced
+    //! Emitted when configuration persiste token flag has changed
     void persistTokenChanged( bool );
+    //! Emitted when configuration access method has changed
     void accessMethodChanged( AccessMethod );
+    //! Emitted when configuration request timeout has changed
     void requestTimeoutChanged( int );
+    //! Emitted when configuration query pair has changed
     void queryPairsChanged( const QVariantMap & );
-
+    //! Emitted when configuration validity has changed
     void validityChanged( bool );
 
   private:
     QString mId;
-    int mVersion;
-    ConfigType mConfigType;
-    GrantFlow mGrantFlow;
+    int mVersion = 1;
+    ConfigType mConfigType = ConfigType::Custom;
+    GrantFlow mGrantFlow = GrantFlow::AuthCode;
     QString mName;
     QString mDescription;
     QString mRequestUrl;
     QString mTokenUrl;
     QString mRefreshTokenUrl;
     QString mRedirectURL;
-    int mRedirectPort;
+    int mRedirectPort = 7070;
     QString mClientId;
     QString mClientSecret;
     QString mUsername;
     QString mPassword;
     QString mScope;
     QString mState;
     QString mApiKey;
-    bool mPersistToken;
-    AccessMethod mAccessMethod;
-    int mRequestTimeout; // in seconds
+    bool mPersistToken = false;
+    AccessMethod mAccessMethod = AccessMethod::Header;
+    int mRequestTimeout = 30 ; // in seconds
     QVariantMap mQueryPairs;
-    bool mValid;
+    bool mValid = false;
 };
 
 #endif // QGSAUTHOAUTH2CONFIG_H
@@ -27,13 +27,7 @@
 
 QgsAuthOAuth2Edit::QgsAuthOAuth2Edit( QWidget *parent )
   : QgsAuthMethodEdit( parent )
-  , mOAuthConfigCustom( nullptr )
   , mDefinedConfigsCache( QgsStringMap() )
-  , mParentName( nullptr )
-  , mValid( false )
-  , mCurTab( 0 )
-  , mPrevPersistToken( false )
-  , btnTokenClear( nullptr )
 {
   setupUi( this );
 
@@ -52,13 +46,9 @@ QgsAuthOAuth2Edit::QgsAuthOAuth2Edit( QWidget *parent )
 
   setupConnections();
 
-  loadFromOAuthConfig( mOAuthConfigCustom );
+  loadFromOAuthConfig( mOAuthConfigCustom.get() );
 }
 
-QgsAuthOAuth2Edit::~QgsAuthOAuth2Edit()
-{
-  deleteConfigObjs();
-}
 
 void QgsAuthOAuth2Edit::initGui()
 {
@@ -160,26 +150,26 @@ void QgsAuthOAuth2Edit::setupConnections()
   connect( cmbbxGrantFlow, static_cast<void ( QComboBox::* )( int )>( &QComboBox::currentIndexChanged ),
            this, &QgsAuthOAuth2Edit::updateGrantFlow ); // also updates GUI
   connect( pteDescription, &QPlainTextEdit::textChanged, this, &QgsAuthOAuth2Edit::descriptionChanged );
-  connect( leRequestUrl, &QLineEdit::textChanged, mOAuthConfigCustom, &QgsAuthOAuth2Config::setRequestUrl );
-  connect( leTokenUrl, &QLineEdit::textChanged, mOAuthConfigCustom, &QgsAuthOAuth2Config::setTokenUrl );
-  connect( leRefreshTokenUrl, &QLineEdit::textChanged, mOAuthConfigCustom, &QgsAuthOAuth2Config::setRefreshTokenUrl );
-  connect( leRedirectUrl, &QLineEdit::textChanged, mOAuthConfigCustom, &QgsAuthOAuth2Config::setRedirectUrl );
+  connect( leRequestUrl, &QLineEdit::textChanged, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setRequestUrl );
+  connect( leTokenUrl, &QLineEdit::textChanged, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setTokenUrl );
+  connect( leRefreshTokenUrl, &QLineEdit::textChanged, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setRefreshTokenUrl );
+  connect( leRedirectUrl, &QLineEdit::textChanged, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setRedirectUrl );
   connect( spnbxRedirectPort, static_cast<void ( QSpinBox::* )( int )>( &QSpinBox::valueChanged ),
-           mOAuthConfigCustom, &QgsAuthOAuth2Config::setRedirectPort );
-  connect( leClientId, &QLineEdit::textChanged, mOAuthConfigCustom, &QgsAuthOAuth2Config::setClientId );
-  connect( leClientSecret, &QgsPasswordLineEdit::textChanged, mOAuthConfigCustom, &QgsAuthOAuth2Config::setClientSecret );
-  connect( leUsername, &QLineEdit::textChanged, mOAuthConfigCustom, &QgsAuthOAuth2Config::setUsername );
-  connect( lePassword, &QgsPasswordLineEdit::textChanged, mOAuthConfigCustom, &QgsAuthOAuth2Config::setPassword );
-  connect( leScope, &QLineEdit::textChanged, mOAuthConfigCustom, &QgsAuthOAuth2Config::setScope );
-  connect( leState, &QLineEdit::textChanged, mOAuthConfigCustom, &QgsAuthOAuth2Config::setState );
-  connect( leApiKey, &QLineEdit::textChanged, mOAuthConfigCustom, &QgsAuthOAuth2Config::setApiKey );
-  connect( chkbxTokenPersist, &QCheckBox::toggled, mOAuthConfigCustom, &QgsAuthOAuth2Config::setPersistToken );
+           mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setRedirectPort );
+  connect( leClientId, &QLineEdit::textChanged, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setClientId );
+  connect( leClientSecret, &QgsPasswordLineEdit::textChanged, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setClientSecret );
+  connect( leUsername, &QLineEdit::textChanged, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setUsername );
+  connect( lePassword, &QgsPasswordLineEdit::textChanged, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setPassword );
+  connect( leScope, &QLineEdit::textChanged, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setScope );
+  connect( leState, &QLineEdit::textChanged, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setState );
+  connect( leApiKey, &QLineEdit::textChanged, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setApiKey );
+  connect( chkbxTokenPersist, &QCheckBox::toggled, mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setPersistToken );
   connect( cmbbxAccessMethod, static_cast<void ( QComboBox::* )( int )>( &QComboBox::currentIndexChanged ),
            this, &QgsAuthOAuth2Edit::updateConfigAccessMethod );
   connect( spnbxRequestTimeout, static_cast<void ( QSpinBox::* )( int )>( &QSpinBox::valueChanged ),
-           mOAuthConfigCustom, &QgsAuthOAuth2Config::setRequestTimeout );
+           mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::setRequestTimeout );
 
-  connect( mOAuthConfigCustom, &QgsAuthOAuth2Config::validityChanged, this, &QgsAuthOAuth2Edit::configValidityChanged );
+  connect( mOAuthConfigCustom.get(), &QgsAuthOAuth2Config::validityChanged, this, &QgsAuthOAuth2Edit::configValidityChanged );
 
   if ( mParentName )
   {
@@ -286,7 +276,7 @@ void QgsAuthOAuth2Edit::loadConfig( const QgsStringMap &configmap )
       //###################### DO NOT LEAVE ME UNCOMMENTED #####################
 
       // could only be loading defaults at this point
-      loadFromOAuthConfig( mOAuthConfigCustom );
+      loadFromOAuthConfig( mOAuthConfigCustom.get() );
 
       mPrevPersistToken = mOAuthConfigCustom->persistToken();
     }
@@ -361,7 +351,7 @@ void QgsAuthOAuth2Edit::clearConfig()
   // reload predefined table
   loadDefinedConfigs();
 
-  loadFromOAuthConfig( mOAuthConfigCustom );
+  loadFromOAuthConfig( mOAuthConfigCustom.get() );
 }
 
 // slot
@@ -571,16 +561,11 @@ void QgsAuthOAuth2Edit::getDefinedCustomDir()
 
 void QgsAuthOAuth2Edit::initConfigObjs()
 {
-  mOAuthConfigCustom = new QgsAuthOAuth2Config( this );
+  mOAuthConfigCustom = qgis::make_unique<QgsAuthOAuth2Config>( nullptr );
   mOAuthConfigCustom->setConfigType( QgsAuthOAuth2Config::Custom );
   mOAuthConfigCustom->setToDefaults();
 }
 
-void QgsAuthOAuth2Edit::deleteConfigObjs()
-{
-  delete mOAuthConfigCustom;
-  mOAuthConfigCustom = nullptr;
-}
 
 bool QgsAuthOAuth2Edit::hasTokenCacheFile()
 {
@@ -710,25 +695,29 @@ void QgsAuthOAuth2Edit::updateGrantFlow( int indx )
 
   lblRequestUrl->setVisible( !resowner );
   leRequestUrl->setVisible( !resowner );
-  if ( resowner ) leRequestUrl->setText( QString() );
+  if ( resowner )
+    leRequestUrl->setText( QString() );
 
   lblRedirectUrl->setVisible( !resowner );
   frameRedirectUrl->setVisible( !resowner );
 
   lblClientSecret->setVisible( !implicit );
   leClientSecret->setVisible( !implicit );
-  if ( implicit ) leClientSecret->setText( QString() );
+  if ( implicit )
+    leClientSecret->setText( QString() );
 
   leClientId->setPlaceholderText( resowner ? tr( "Optional" ) : tr( "Required" ) );
   leClientSecret->setPlaceholderText( resowner ? tr( "Optional" ) : tr( "Required" ) );
 
 
   lblUsername->setVisible( resowner );
   leUsername->setVisible( resowner );
-  if ( !resowner ) leUsername->setText( QString() );
+  if ( !resowner )
+    leUsername->setText( QString() );
   lblPassword->setVisible( resowner );
   lePassword->setVisible( resowner );
-  if ( !resowner ) lePassword->setText( QString() );
+  if ( !resowner )
+    lePassword->setText( QString() );
 }
 
 // slot
@@ -762,7 +751,7 @@ void QgsAuthOAuth2Edit::exportOAuthConfig()
     mOAuthConfigCustom->setName( mParentName->text() );
   }
 
-  if ( !QgsAuthOAuth2Config::writeOAuth2Config( configpath, mOAuthConfigCustom,
+  if ( !QgsAuthOAuth2Config::writeOAuth2Config( configpath, mOAuthConfigCustom.get(),
        QgsAuthOAuth2Config::JSON, true ) )
   {
     QgsDebugMsg( QStringLiteral( "FAILED to export OAuth2 config file" ) );
 
@@ -23,23 +23,39 @@
 #include "qgsauthoauth2config.h"
 
 
+/**
+ * The QgsAuthOAuth2Edit class allows editing of an OAuth2 authentication configuration
+ * \ingroup auth_plugins
+ */
 class QgsAuthOAuth2Edit : public QgsAuthMethodEdit, private Ui::QgsAuthOAuth2Edit
 {
     Q_OBJECT
 
   public:
     explicit QgsAuthOAuth2Edit( QWidget *parent = nullptr );
-    virtual ~QgsAuthOAuth2Edit();
+    virtual ~QgsAuthOAuth2Edit() = default;
 
+    /**
+     * Validate current configuration
+     * \return true if current configuration is valid
+     */
     bool validateConfig() override;
 
+    /**
+     * Current configuration
+     * \return current configuration map
+     */
     QgsStringMap configMap() const override;
 
   public slots:
+
+    //! Load the configuration from \a configMap
     void loadConfig( const QgsStringMap &configmap ) override;
 
+    //! Reset configuration to defaults
     void resetConfig() override;
 
+    //! Clear configuration
     void clearConfig() override;
 
   private slots:
@@ -91,7 +107,6 @@ class QgsAuthOAuth2Edit : public QgsAuthMethodEdit, private Ui::QgsAuthOAuth2Edi
     QString parentConfigId() const;
 
     void initConfigObjs();
-    void deleteConfigObjs();
 
     bool hasTokenCacheFile();
 
@@ -105,15 +120,15 @@ class QgsAuthOAuth2Edit : public QgsAuthMethodEdit, private Ui::QgsAuthOAuth2Edi
 
     QString currentDefinedConfig() const { return mDefinedId; }
 
-    QgsAuthOAuth2Config *mOAuthConfigCustom;
+    std::unique_ptr<QgsAuthOAuth2Config> mOAuthConfigCustom;
     QgsStringMap mDefinedConfigsCache;
     QString mDefinedId;
-    QLineEdit *mParentName;
+    QLineEdit *mParentName = nullptr;
     QgsStringMap mConfigMap;
-    bool mValid;
-    int mCurTab;
-    bool mPrevPersistToken;
-    QToolButton *btnTokenClear;
+    bool mValid = false;
+    int mCurTab = 0;
+    bool mPrevPersistToken = false;
+    QToolButton *btnTokenClear = nullptr;
 };
 
 #endif // QGSAUTHOAUTH2EDIT_H
@@ -27,6 +27,10 @@
 
 class QgsO2;
 
+/**
+ * The QgsAuthOAuth2Method class handles all network connection operation for the OAuth2 authentication plugin
+ * \ingroup auth_plugins
+ */
 class QgsAuthOAuth2Method : public QgsAuthMethod
 {
     Q_OBJECT
@@ -35,35 +39,51 @@ class QgsAuthOAuth2Method : public QgsAuthMethod
     explicit QgsAuthOAuth2Method();
     ~QgsAuthOAuth2Method();
 
-    // QgsAuthMethod interface
+    //! OAuth2 method key
     QString key() const override;
 
+    //! OAuth2 method description
     QString description() const override;
 
+    //! Human readable description
     QString displayDescription() const override;
 
+    //! Update network \a request with given \a authcfg and optional \a dataprovider
     bool updateNetworkRequest( QNetworkRequest &request, const QString &authcfg,
                                const QString &dataprovider = QString() ) override;
 
+    //! Update network \a reply with given \a authcfg and optional \a dataprovider
     bool updateNetworkReply( QNetworkReply *reply, const QString &authcfg,
                              const QString &dataprovider ) override;
 
+    //! Update data source \a connectionItems with given \a authcfg and optional \a dataprovider
     bool updateDataSourceUriItems( QStringList &connectionItems, const QString &authcfg,
                                    const QString &dataprovider = QString() ) override;
 
+    //! Clear cached configuration for given \a authcfg
     void clearCachedConfig( const QString &authcfg ) override;
 
+    //! Update OAuth2 method configuration with \a config
     void updateMethodConfig( QgsAuthMethodConfig &mconfig ) override;
 
   public slots:
+
+    //! Triggered when linked condition has changed
     void onLinkedChanged();
+    //! Triggered when linking operation failed
     void onLinkingFailed();
+    //! Triggered when linking operation succeeded
     void onLinkingSucceeded();
 
+    //! Triggered when the browser needs to be opened at \a url
     void onOpenBrowser( const QUrl &url );
+    //! Triggered on browser close
     void onCloseBrowser();
+    //! Triggered on reply finished
     void onReplyFinished();
+    //! Triggered on network error
     void onNetworkError( QNetworkReply::NetworkError err );
+    //! Triggered on refresh finished
     void onRefreshFinished( QNetworkReply::NetworkError err );
 
   private:
 
@@ -29,15 +29,27 @@ class QgsO2: public O2
     Q_OBJECT
 
   public:
+
+    /**
+     * Construct QgsO2
+     * \param authcfg authentication configuration id
+     * \param oauth2config OAuth2 configuration
+     * \param parent
+     * \param manager QGIS network access manager instance
+     */
     explicit QgsO2( const QString &authcfg, QgsAuthOAuth2Config *oauth2config = nullptr,
                     QObject *parent = nullptr, QNetworkAccessManager *manager = nullptr );
 
     ~QgsO2();
 
+    //! Authentication configuration id
     QString authcfg() const { return mAuthcfg; }
+    //! OAuth2 configuration
     QgsAuthOAuth2Config *oauth2config() { return mOAuth2Config; }
 
   public slots:
+
+    //! Clear all properties
     void clearProperties();
 
   private: