diff options
author | Jörg Frings-Fürst <debian@jff.email> | 2023-06-28 21:35:52 +0200 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff.email> | 2023-06-28 21:35:52 +0200 |
commit | b86540b743f1a87a163ffb811c8fe22a01fefa38 (patch) | |
tree | b47cb3bb83c2377234226fb3987ab3320a987dd9 /plugins/authenticator/shotwell/OAuth1Authenticator.vala | |
parent | ac6e0b731b9f0b2efd392e3309a5c07e2a66adad (diff) | |
parent | e905d8e16eec152d19797937f13ba3cf4b8f8aca (diff) |
Merge branch 'release/debian/0.32.1-1'debian/0.32.1-1
Diffstat (limited to 'plugins/authenticator/shotwell/OAuth1Authenticator.vala')
-rw-r--r-- | plugins/authenticator/shotwell/OAuth1Authenticator.vala | 119 |
1 files changed, 102 insertions, 17 deletions
diff --git a/plugins/authenticator/shotwell/OAuth1Authenticator.vala b/plugins/authenticator/shotwell/OAuth1Authenticator.vala index 39752ec..e79c6fd 100644 --- a/plugins/authenticator/shotwell/OAuth1Authenticator.vala +++ b/plugins/authenticator/shotwell/OAuth1Authenticator.vala @@ -11,10 +11,23 @@ namespace Publishing.Authenticator.Shotwell.OAuth1 { protected GLib.HashTable<string, Variant> params; protected Publishing.RESTSupport.OAuth1.Session session; protected Spit.Publishing.PluginHost host; - - protected Authenticator(string api_key, string api_secret, Spit.Publishing.PluginHost host) { + private Secret.Schema? schema = null; + private const string SECRET_TYPE_USERNAME = "username"; + private const string SECRET_TYPE_AUTH_TOKEN = "auth-token"; + private const string SECRET_TYPE_AUTH_TOKEN_SECRET = "auth-token-secret"; + private const string SCHEMA_KEY_ACCOUNTNAME = "accountname"; + private const string SCHEMA_KEY_PROFILE_ID = "shotwell-profile-id"; + private string service = null; + private string accountname = "default"; + + protected Authenticator(string service, string api_key, string api_secret, Spit.Publishing.PluginHost host) { base(); this.host = host; + this.service = service; + this.schema = new Secret.Schema("org.gnome.Shotwell." + service, Secret.SchemaFlags.NONE, + SCHEMA_KEY_PROFILE_ID, Secret.SchemaAttributeType.STRING, + SCHEMA_KEY_ACCOUNTNAME, Secret.SchemaAttributeType.STRING, + "type", Secret.SchemaAttributeType.STRING); params = new GLib.HashTable<string, Variant>(str_hash, str_equal); params.insert("ConsumerKey", api_key); @@ -42,11 +55,16 @@ namespace Publishing.Authenticator.Shotwell.OAuth1 { public abstract void refresh(); + public virtual void set_accountname(string name) { + this.accountname = name; + } + public void invalidate_persistent_session() { - set_persistent_access_phase_token(""); - set_persistent_access_phase_token_secret(""); - set_persistent_access_phase_username(""); + set_persistent_access_phase_token(null); + set_persistent_access_phase_token_secret(null); + set_persistent_access_phase_username(null); } + protected bool is_persistent_session_valid() { return (get_persistent_access_phase_username() != null && get_persistent_access_phase_token() != null && @@ -54,30 +72,99 @@ namespace Publishing.Authenticator.Shotwell.OAuth1 { } protected string? get_persistent_access_phase_username() { - return host.get_config_string("access_phase_username", null); + try { + return Secret.password_lookup_sync(this.schema, null, + SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(), + SCHEMA_KEY_ACCOUNTNAME, this.accountname, "type", SECRET_TYPE_USERNAME); + } catch (Error err) { + critical("Failed to lookup username from password store: %s", err.message); + return null; + } } - protected void set_persistent_access_phase_username(string username) { - host.set_config_string("access_phase_username", username); + protected void set_persistent_access_phase_username(string? username) { + try { + if (username == null || username == "") { + Secret.password_clear_sync(this.schema, null, + SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(), + SCHEMA_KEY_ACCOUNTNAME, this.accountname, + "type", SECRET_TYPE_USERNAME); + } else { + Secret.password_store_sync(this.schema, Secret.COLLECTION_DEFAULT, + "Shotwell publishing (%s@%s)".printf(this.accountname, this.service), + username, null, + SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(), + SCHEMA_KEY_ACCOUNTNAME, this.accountname, "type", SECRET_TYPE_USERNAME); + } + } catch (Error err) { + critical("Failed to store username in store: %s", err.message); + } } protected string? get_persistent_access_phase_token() { - return host.get_config_string("access_phase_token", null); + try { + return Secret.password_lookup_sync(this.schema, null, + SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(), + SCHEMA_KEY_ACCOUNTNAME, this.accountname, + "type", SECRET_TYPE_AUTH_TOKEN); + } catch (Error err) { + critical("Failed to lookup auth-token from password store: %s", err.message); + return null; + } } - protected void set_persistent_access_phase_token(string token) { - host.set_config_string("access_phase_token", token); + protected void set_persistent_access_phase_token(string? token) { + try { + if (token == null || token == "") { + Secret.password_clear_sync(this.schema, null, + SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(), + SCHEMA_KEY_ACCOUNTNAME, this.accountname, + "type", SECRET_TYPE_AUTH_TOKEN); + } else { + Secret.password_store_sync(this.schema, Secret.COLLECTION_DEFAULT, + "Shotwell publishing (%s@%s)".printf(this.accountname, this.service), + token, null, + SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(), + SCHEMA_KEY_ACCOUNTNAME, this.accountname, + "type", SECRET_TYPE_AUTH_TOKEN); + } + } catch (Error err) { + critical("Failed to store auth-token store: %s", err.message); + } } protected string? get_persistent_access_phase_token_secret() { - return host.get_config_string("access_phase_token_secret", null); + try { + return Secret.password_lookup_sync(this.schema, null, + SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(), + SCHEMA_KEY_ACCOUNTNAME, this.accountname, + "type", SECRET_TYPE_AUTH_TOKEN_SECRET); + } catch (Error err) { + critical("Failed to lookup auth-token-secret from password store: %s", err.message); + return null; + } } - protected void set_persistent_access_phase_token_secret(string secret) { - host.set_config_string("access_phase_token_secret", secret); + protected void set_persistent_access_phase_token_secret(string? secret) { + try { + if (secret == null || secret == "") { + Secret.password_clear_sync(this.schema, null, + SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(), + SCHEMA_KEY_ACCOUNTNAME, this.accountname, + "type", SECRET_TYPE_AUTH_TOKEN_SECRET); + } else { + Secret.password_store_sync(this.schema, Secret.COLLECTION_DEFAULT, + "Shotwell publishing (%s@%s)".printf(this.accountname, this.service), + secret, null, + SCHEMA_KEY_PROFILE_ID, host.get_current_profile_id(), + SCHEMA_KEY_ACCOUNTNAME, this.accountname, + "type", SECRET_TYPE_AUTH_TOKEN_SECRET); + } + } catch (Error err) { + critical("Failed to store auth-token-secret store: %s", err.message); + } } - protected void on_session_authenticated() { params.insert("AuthToken", session.get_access_phase_token()); params.insert("AuthTokenSecret", session.get_access_phase_token_secret()); @@ -90,7 +177,5 @@ namespace Publishing.Authenticator.Shotwell.OAuth1 { this.authenticated(); } - } - } |