summaryrefslogtreecommitdiff
path: root/plugins/authenticator/shotwell/OAuth1Authenticator.vala
diff options
context:
space:
mode:
authorJörg Frings-Fürst <debian@jff.email>2023-06-28 21:35:52 +0200
committerJörg Frings-Fürst <debian@jff.email>2023-06-28 21:35:52 +0200
commitb86540b743f1a87a163ffb811c8fe22a01fefa38 (patch)
treeb47cb3bb83c2377234226fb3987ab3320a987dd9 /plugins/authenticator/shotwell/OAuth1Authenticator.vala
parentac6e0b731b9f0b2efd392e3309a5c07e2a66adad (diff)
parente905d8e16eec152d19797937f13ba3cf4b8f8aca (diff)
Merge branch 'release/debian/0.32.1-1'debian/0.32.1-1
Diffstat (limited to 'plugins/authenticator/shotwell/OAuth1Authenticator.vala')
-rw-r--r--plugins/authenticator/shotwell/OAuth1Authenticator.vala119
1 files changed, 102 insertions, 17 deletions
diff --git a/plugins/authenticator/shotwell/OAuth1Authenticator.vala b/plugins/authenticator/shotwell/OAuth1Authenticator.vala
index 39752ec..e79c6fd 100644
--- a/plugins/authenticator/shotwell/OAuth1Authenticator.vala
+++ b/plugins/authenticator/shotwell/OAuth1Authenticator.vala
@@ -11,10 +11,23 @@ namespace Publishing.Authenticator.Shotwell.OAuth1 {
protected GLib.HashTable<string, Variant> params;
protected Publishing.RESTSupport.OAuth1.Session session;
protected Spit.Publishing.PluginHost host;
-
- protected Authenticator(string api_key, string api_secret, Spit.Publishing.PluginHost host) {
+ private Secret.Schema? schema = null;
+ private const string SECRET_TYPE_USERNAME = "username";
+ private const string SECRET_TYPE_AUTH_TOKEN = "auth-token";
+ private const string SECRET_TYPE_AUTH_TOKEN_SECRET = "auth-token-secret";
+ private const string SCHEMA_KEY_ACCOUNTNAME = "accountname";
+ private const string SCHEMA_KEY_PROFILE_ID = "shotwell-profile-id";
+ private string service = null;
+ private string accountname = "default";
+
+ protected Authenticator(string service, string api_key, string api_secret, Spit.Publishing.PluginHost host) {
base();
this.host = host;
+ this.service = service;
+ this.schema = new Secret.Schema("org.gnome.Shotwell." + service, Secret.SchemaFlags.NONE,
+ SCHEMA_KEY_PROFILE_ID, Secret.SchemaAttributeType.STRING,
+ SCHEMA_KEY_ACCOUNTNAME, Secret.SchemaAttributeType.STRING,
+ "type", Secret.SchemaAttributeType.STRING);
params = new GLib.HashTable<string, Variant>(str_hash, str_equal);
params.insert("ConsumerKey", api_key);
@@ -42,11 +55,16 @@ namespace Publishing.Authenticator.Shotwell.OAuth1 {
public abstract void refresh();
+ public virtual void set_accountname(string name) {
+ this.accountname = name;
+ }
+
public void invalidate_persistent_session() {
- set_persistent_access_phase_token("");
- set_persistent_access_phase_token_secret("");
- set_persistent_access_phase_username("");
+ set_persistent_access_phase_token(null);
+ set_persistent_access_phase_token_secret(null);
+ set_persistent_access_phase_username(null);
}
+
protected bool is_persistent_session_valid() {
return (get_persistent_access_phase_username() != null &&
get_persistent_access_phase_token() != null &&
@@ -54,30 +72,99 @@ namespace Publishing.Authenticator.Shotwell.OAuth1 {
}
protected string? get_persistent_access_phase_username() {
- return host.get_config_string("access_phase_username", null);
+ try {
+ return Secret.password_lookup_sync(this.schema, null,
+ SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(),
+ SCHEMA_KEY_ACCOUNTNAME, this.accountname, "type", SECRET_TYPE_USERNAME);
+ } catch (Error err) {
+ critical("Failed to lookup username from password store: %s", err.message);
+ return null;
+ }
}
- protected void set_persistent_access_phase_username(string username) {
- host.set_config_string("access_phase_username", username);
+ protected void set_persistent_access_phase_username(string? username) {
+ try {
+ if (username == null || username == "") {
+ Secret.password_clear_sync(this.schema, null,
+ SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(),
+ SCHEMA_KEY_ACCOUNTNAME, this.accountname,
+ "type", SECRET_TYPE_USERNAME);
+ } else {
+ Secret.password_store_sync(this.schema, Secret.COLLECTION_DEFAULT,
+ "Shotwell publishing (%s@%s)".printf(this.accountname, this.service),
+ username, null,
+ SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(),
+ SCHEMA_KEY_ACCOUNTNAME, this.accountname, "type", SECRET_TYPE_USERNAME);
+ }
+ } catch (Error err) {
+ critical("Failed to store username in store: %s", err.message);
+ }
}
protected string? get_persistent_access_phase_token() {
- return host.get_config_string("access_phase_token", null);
+ try {
+ return Secret.password_lookup_sync(this.schema, null,
+ SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(),
+ SCHEMA_KEY_ACCOUNTNAME, this.accountname,
+ "type", SECRET_TYPE_AUTH_TOKEN);
+ } catch (Error err) {
+ critical("Failed to lookup auth-token from password store: %s", err.message);
+ return null;
+ }
}
- protected void set_persistent_access_phase_token(string token) {
- host.set_config_string("access_phase_token", token);
+ protected void set_persistent_access_phase_token(string? token) {
+ try {
+ if (token == null || token == "") {
+ Secret.password_clear_sync(this.schema, null,
+ SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(),
+ SCHEMA_KEY_ACCOUNTNAME, this.accountname,
+ "type", SECRET_TYPE_AUTH_TOKEN);
+ } else {
+ Secret.password_store_sync(this.schema, Secret.COLLECTION_DEFAULT,
+ "Shotwell publishing (%s@%s)".printf(this.accountname, this.service),
+ token, null,
+ SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(),
+ SCHEMA_KEY_ACCOUNTNAME, this.accountname,
+ "type", SECRET_TYPE_AUTH_TOKEN);
+ }
+ } catch (Error err) {
+ critical("Failed to store auth-token store: %s", err.message);
+ }
}
protected string? get_persistent_access_phase_token_secret() {
- return host.get_config_string("access_phase_token_secret", null);
+ try {
+ return Secret.password_lookup_sync(this.schema, null,
+ SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(),
+ SCHEMA_KEY_ACCOUNTNAME, this.accountname,
+ "type", SECRET_TYPE_AUTH_TOKEN_SECRET);
+ } catch (Error err) {
+ critical("Failed to lookup auth-token-secret from password store: %s", err.message);
+ return null;
+ }
}
- protected void set_persistent_access_phase_token_secret(string secret) {
- host.set_config_string("access_phase_token_secret", secret);
+ protected void set_persistent_access_phase_token_secret(string? secret) {
+ try {
+ if (secret == null || secret == "") {
+ Secret.password_clear_sync(this.schema, null,
+ SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(),
+ SCHEMA_KEY_ACCOUNTNAME, this.accountname,
+ "type", SECRET_TYPE_AUTH_TOKEN_SECRET);
+ } else {
+ Secret.password_store_sync(this.schema, Secret.COLLECTION_DEFAULT,
+ "Shotwell publishing (%s@%s)".printf(this.accountname, this.service),
+ secret, null,
+ SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(),
+ SCHEMA_KEY_ACCOUNTNAME, this.accountname,
+ "type", SECRET_TYPE_AUTH_TOKEN_SECRET);
+ }
+ } catch (Error err) {
+ critical("Failed to store auth-token-secret store: %s", err.message);
+ }
}
-
protected void on_session_authenticated() {
params.insert("AuthToken", session.get_access_phase_token());
params.insert("AuthTokenSecret", session.get_access_phase_token_secret());
@@ -90,7 +177,5 @@ namespace Publishing.Authenticator.Shotwell.OAuth1 {
this.authenticated();
}
-
}
-
}