mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-05-24 08:51:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

Authenticator: Add extra a{sv} args for future use

Browse Source 
These are not used atm, but make the APIs future proof.
This commit is contained in:
Alexander Larsson
2019-12-12 13:20:29 +01:00
committed by Alexander Larsson
parent 134e01f606
commit 38c86bdf0f
8 changed files with 95 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/flatpak-cli-transaction.c
View File

@@ -506,6 +506,7 @@ static gboolean
webflow_start (FlatpakTransaction *transaction,
const char *remote,
const char *url,
GVariant *options,
guint id)
{
FlatpakCliTransaction *self = FLATPAK_CLI_TRANSACTION (transaction);
@@ -541,6 +542,7 @@ webflow_start (FlatpakTransaction *transaction,
static void
webflow_done (FlatpakTransaction *transaction,
GVariant *options,
guint id)
{
g_print ("Browser done\n");
@@ -550,6 +552,7 @@ static gboolean
basic_auth_start (FlatpakTransaction *transaction,
const char *remote,
const char *realm,
GVariant *options,
guint id)
{
FlatpakCliTransaction *self = FLATPAK_CLI_TRANSACTION (transaction);
@@ -569,7 +572,7 @@ basic_auth_start (FlatpakTransaction *transaction,
if (password == NULL)
return FALSE;
flatpak_transaction_complete_basic_auth (transaction, id, user, password);
flatpak_transaction_complete_basic_auth (transaction, id, user, password, NULL);
return TRUE;
}

11
common/flatpak-auth-private.h
View File

@@ -54,7 +54,7 @@ gboolean flatpak_auth_request_ref_tokens (FlatpakAuth
const char *remote,
const char *remote_uri,
GVariant *refs,
GVariant *extra_data,
GVariant *options,
const char *parent_window,
GCancellable *cancellable,
GError **error);
@@ -67,11 +67,14 @@ void flatpak_auth_request_emit_response (FlatpakAuth
GVariant *arg_results);
void flatpak_auth_request_emit_webflow (FlatpakAuthenticatorRequest *request,
const gchar *destination_bus_name,
const char *arg_uri);
const char *arg_uri,
GVariant *options);
void flatpak_auth_request_emit_webflow_done (FlatpakAuthenticatorRequest *request,
const gchar *destination_bus_name);
const gchar *destination_bus_name,
GVariant *options);
void flatpak_auth_request_emit_basic_auth (FlatpakAuthenticatorRequest *request,
const char *destination_bus_name,
const char *arg_realm);
const char *arg_realm,
GVariant *options);
#endif /* __FLATPAK_AUTH_H__ */

47
common/flatpak-auth.c
View File

@@ -132,20 +132,20 @@ flatpak_auth_request_ref_tokens (FlatpakAuthenticator *authenticator,
const char *remote,
const char *remote_uri,
GVariant *refs,
GVariant *extra_data,
GVariant *options,
const char *parent_window,
GCancellable *cancellable,
GError **error)
{
const char *token;
GVariant *options;
GVariant *auth_options;
g_autofree char *handle = NULL;
token = strrchr (g_dbus_proxy_get_object_path (G_DBUS_PROXY (request)), '/') + 1;
options = g_object_get_data (G_OBJECT (authenticator), "authenticator-options");
auth_options = g_object_get_data (G_OBJECT (authenticator), "authenticator-options");
if (!flatpak_authenticator_call_request_ref_tokens_sync (authenticator, token, options, remote, remote_uri, refs, extra_data,
if (!flatpak_authenticator_call_request_ref_tokens_sync (authenticator, token, auth_options, remote, remote_uri, refs, options,
parent_window ? parent_window : "",
&handle, cancellable, error))
return FALSE;
@@ -187,14 +187,23 @@ flatpak_auth_request_emit_response (FlatpakAuthenticatorRequest *request,
void
flatpak_auth_request_emit_webflow (FlatpakAuthenticatorRequest *request,
const gchar *destination_bus_name,
const char *arg_uri)
const char *arg_uri,
GVariant *options)
{
FlatpakAuthenticatorRequestSkeleton *skeleton = FLATPAK_AUTHENTICATOR_REQUEST_SKELETON (request);
GList *connections, *l;
g_autoptr(GVariant) signal_variant = NULL;
g_autoptr(GVariant) default_options = NULL;
if (options == NULL)
{
default_options = g_variant_ref_sink (g_variant_new_array (G_VARIANT_TYPE ("{sv}"), NULL, 0));
options = default_options;
}
connections = g_dbus_interface_skeleton_get_connections (G_DBUS_INTERFACE_SKELETON (skeleton));
signal_variant = g_variant_ref_sink (g_variant_new ("(s)", arg_uri));
signal_variant = g_variant_ref_sink (g_variant_new ("(s@a{sv})", arg_uri, options));
for (l = connections; l != NULL; l = l->next)
{
GDBusConnection *connection = l->data;
@@ -208,14 +217,23 @@ flatpak_auth_request_emit_webflow (FlatpakAuthenticatorRequest *request,
void
flatpak_auth_request_emit_webflow_done (FlatpakAuthenticatorRequest *request,
const gchar *destination_bus_name)
const gchar *destination_bus_name,
GVariant *options)
{
FlatpakAuthenticatorRequestSkeleton *skeleton = FLATPAK_AUTHENTICATOR_REQUEST_SKELETON (request);
GList *connections, *l;
g_autoptr(GVariant) signal_variant = NULL;
g_autoptr(GVariant) default_options = NULL;
if (options == NULL)
{
default_options = g_variant_ref_sink (g_variant_new_array (G_VARIANT_TYPE ("{sv}"), NULL, 0));
options = default_options;
}
connections = g_dbus_interface_skeleton_get_connections (G_DBUS_INTERFACE_SKELETON (skeleton));
signal_variant = g_variant_ref_sink (g_variant_new ("()"));
signal_variant = g_variant_ref_sink (g_variant_new ("(@a{sv})", options));
for (l = connections; l != NULL; l = l->next)
{
GDBusConnection *connection = l->data;
@@ -230,14 +248,23 @@ flatpak_auth_request_emit_webflow_done (FlatpakAuthenticatorRequest *request,
void
flatpak_auth_request_emit_basic_auth (FlatpakAuthenticatorRequest *request,
const char *destination_bus_name,
const char *arg_realm)
const char *arg_realm,
GVariant *options)
{
FlatpakAuthenticatorRequestSkeleton *skeleton = FLATPAK_AUTHENTICATOR_REQUEST_SKELETON (request);
GList *connections, *l;
g_autoptr(GVariant) signal_variant = NULL;
g_autoptr(GVariant) default_options = NULL;
if (options == NULL)
{
default_options = g_variant_ref_sink (g_variant_new_array (G_VARIANT_TYPE ("{sv}"), NULL, 0));
options = default_options;
}
connections = g_dbus_interface_skeleton_get_connections (G_DBUS_INTERFACE_SKELETON (skeleton));
signal_variant = g_variant_ref_sink (g_variant_new ("(s)", arg_realm));
signal_variant = g_variant_ref_sink (g_variant_new ("(s@a{sv})", arg_realm, options));
for (l = connections; l != NULL; l = l->next)
{
GDBusConnection *connection = l->data;

30
common/flatpak-transaction.c
View File

@@ -1150,6 +1150,7 @@ flatpak_transaction_class_init (FlatpakTransactionClass *klass)
* @object: A #FlatpakTransaction
* @remote: The remote we're authenticating with
* @url: The url to show
* @options: Extra options, currently unused
* @id: The id of the operation, can be used to cancel it
*
* The ::webflow-start signal gets emitted when some kind of user
@@ -1177,10 +1178,11 @@ flatpak_transaction_class_init (FlatpakTransactionClass *klass)
G_STRUCT_OFFSET (FlatpakTransactionClass, webflow_start),
NULL, NULL,
NULL,
G_TYPE_BOOLEAN, 3, G_TYPE_STRING, G_TYPE_STRING, G_TYPE_INT);
G_TYPE_BOOLEAN, 4, G_TYPE_STRING, G_TYPE_STRING, G_TYPE_VARIANT, G_TYPE_INT);
/**
* FlatpakTransaction::webflow-done:
* @object: A #FlatpakTransaction
* @options: Extra options, currently unused
* @id: The id of the operation
*
* The ::webflow-done signal gets emitted when the authentication
@@ -1196,12 +1198,13 @@ flatpak_transaction_class_init (FlatpakTransactionClass *klass)
G_STRUCT_OFFSET (FlatpakTransactionClass, webflow_done),
NULL, NULL,
NULL,
G_TYPE_NONE, 1, G_TYPE_INT);
G_TYPE_NONE, 2, G_TYPE_VARIANT, G_TYPE_INT);
/**
* FlatpakTransaction::basic-auth-start:
* @object: A #FlatpakTransaction
* @remote: The remote we're authenticating with
* @realm: The url to show
* @options: Extra options, currently unused
* @id: The id of the operation, can be used to finish it
*
* The ::basic-auth-start signal gets emitted when a basic user/password
@@ -1224,7 +1227,7 @@ flatpak_transaction_class_init (FlatpakTransactionClass *klass)
G_STRUCT_OFFSET (FlatpakTransactionClass, basic_auth_start),
NULL, NULL,
NULL,
G_TYPE_BOOLEAN, 3, G_TYPE_STRING, G_TYPE_STRING, G_TYPE_INT);
G_TYPE_BOOLEAN, 4, G_TYPE_STRING, G_TYPE_STRING, G_TYPE_VARIANT, G_TYPE_INT);
}
@@ -2784,6 +2787,7 @@ request_tokens_response (FlatpakAuthenticatorRequest *object,
static void
request_tokens_webflow (FlatpakAuthenticatorRequest *object,
const gchar *arg_uri,
GVariant *options,
RequestData *data)
{
g_autoptr(FlatpakTransaction) transaction = g_object_ref (data->transaction);
@@ -2797,7 +2801,7 @@ request_tokens_webflow (FlatpakAuthenticatorRequest *object,
priv->active_request_id = ++priv->next_request_id;
g_debug ("Webflow start %s", arg_uri);
g_signal_emit (transaction, signals[WEBFLOW_START], 0, data->remote, arg_uri, priv->active_request_id, &retval);
g_signal_emit (transaction, signals[WEBFLOW_START], 0, data->remote, arg_uri, options, priv->active_request_id, &retval);
if (!retval)
{
g_autoptr(GError) local_error = NULL;
@@ -2812,6 +2816,7 @@ request_tokens_webflow (FlatpakAuthenticatorRequest *object,
static void
request_tokens_webflow_done (FlatpakAuthenticatorRequest *object,
GVariant *options,
RequestData *data)
{
g_autoptr(FlatpakTransaction) transaction = g_object_ref (data->transaction);
@@ -2826,12 +2831,13 @@ request_tokens_webflow_done (FlatpakAuthenticatorRequest *object,
priv->active_request_id = 0;
g_debug ("Webflow done");
g_signal_emit (transaction, signals[WEBFLOW_DONE], 0, id);
g_signal_emit (transaction, signals[WEBFLOW_DONE], 0, options, id);
}
static void
request_tokens_basic_auth (FlatpakAuthenticatorRequest *object,
const gchar *arg_realm,
GVariant *options,
RequestData *data)
{
g_autoptr(FlatpakTransaction) transaction = g_object_ref (data->transaction);
@@ -2845,7 +2851,7 @@ request_tokens_basic_auth (FlatpakAuthenticatorRequest *object,
priv->active_request_id = ++priv->next_request_id;
g_debug ("BasicAuth start %s", arg_realm);
g_signal_emit (transaction, signals[BASIC_AUTH_START], 0, data->remote, arg_realm, priv->active_request_id, &retval);
g_signal_emit (transaction, signals[BASIC_AUTH_START], 0, data->remote, arg_realm, options, priv->active_request_id, &retval);
if (!retval)
{
g_autoptr(GError) local_error = NULL;
@@ -2902,6 +2908,7 @@ flatpak_transaction_abort_webflow (FlatpakTransaction *self,
* @id: The webflow id, as passed into the webflow-start signal
* @user: The user name, or %NULL if aborting request
* @password: The password
* @options: Extra a{sv] variant with options (or %NULL), currently unused.
*
* Finishes (or aborts) an ongoing basic auth request.
*
@@ -2911,10 +2918,18 @@ void
flatpak_transaction_complete_basic_auth (FlatpakTransaction *self,
guint id,
const char *user,
const char *password)
const char *password,
GVariant *options)
{
FlatpakTransactionPrivate *priv = flatpak_transaction_get_instance_private (self);
g_autoptr(GError) local_error = NULL;
g_autoptr(GVariant) default_options = NULL;
if (options == NULL)
{
default_options = g_variant_ref_sink (g_variant_new_array (G_VARIANT_TYPE ("{sv}"), NULL, 0));
options = default_options;
}
if (priv->active_request_id == id)
{
@@ -2932,6 +2947,7 @@ flatpak_transaction_complete_basic_auth (FlatpakTransaction *self,
{
if (!flatpak_authenticator_request_call_basic_auth_reply_sync (data->request,
user, password,
options,
NULL, &local_error))
g_debug ("Failed to reply to basic auth request: %s", local_error->message);
}

6
common/flatpak-transaction.h
View File

@@ -135,13 +135,16 @@ struct _FlatpakTransactionClass
gboolean (*webflow_start) (FlatpakTransaction *transaction,
const char *remote,
const char *url,
GVariant *options,
guint id);
void (*webflow_done) (FlatpakTransaction *transaction,
GVariant *options,
guint id);
gboolean (*basic_auth_start) (FlatpakTransaction *transaction,
const char *remote,
const char *realm,
GVariant *options,
guint id);
gpointer padding[5];
};
@@ -246,7 +249,8 @@ FLATPAK_EXTERN
void flatpak_transaction_complete_basic_auth (FlatpakTransaction *self,
guint id,
const char *user,
const char *password);
const char *password,
GVariant *options);
FLATPAK_EXTERN
gboolean flatpak_transaction_add_install (FlatpakTransaction *self,

15
data/org.freedesktop.Flatpak.Authenticator.xml
View File

@@ -77,7 +77,7 @@
@remote: The name of the remote we're pulling from.
@remote_uri: The uri of the remote we're pulling from.
@refs: An array of ref that flatpak wants to pull and info about each ref.
@extra_data: An extensible dict with extra data for the request.
@options: An extensible dict with extra options.
@parent_window: Identifier for the application window, see <link linkend="https://flatpak.github.io/xdg-desktop-portal/portal-docs.html#parent_window">xdg-desktop-portal docs</link> for details on its format.
@handle: Object path for the #org.freedesktop.Flatpak.AuthenticatorRequest object representing this call.
@@ -124,7 +124,7 @@
that can be used to get the user to interactively authenticate. This kind of authentication is quite limited, but
if used it can allow nice interactive authentication even in the command line case.
Currently used keys in the @extra_data argument:
Currently used keys in the @options argument:
<variablelist>
<varlistentry>
<term>xa.oci-registry-uri s</term>
@@ -142,7 +142,7 @@
<arg type='s' name='remote_uri' direction='in'/>
<!-- This is the ref and its token-type -->
<arg type='a(ssia{sv})' name='refs' direction='in'/>
<arg type='a{sv}' name='extra_data' direction='in'/>
<arg type='a{sv}' name='options' direction='in'/>
<arg type='s' name='parent_window' direction='in'/>
<arg type='o' name='handle' direction='out'/>
</method>
@@ -187,6 +187,8 @@
</method>
<!--
Webflow:
@uri: The uri to show
@options: An extensible dict with extra options.
Emitted by the authenticator when it needs to do web-based interaction. The
client handles this by showing the URI in a graphical web view. Typically the uri
@@ -200,18 +202,22 @@
-->
<signal name="Webflow">
<arg type="s" name="uri"/>
<arg type="a{sv}" name="options" direction="in"/>
</signal>
<!--
WebflowDone:
@options: An extensible dict with extra options.
Emitted by the authenticator when the web view is done, at this point the client
can close the WebView.
-->
<signal name="WebflowDone">
<arg type="a{sv}" name="options" direction="in"/>
</signal>
<!--
BasicAuth:
@realm: String showing what the auth is for, similar to http basic auth realm.
@options: An extensible dict with extra options.
Emitted by the authenticator when it needs to do a simple user + password authentication.
This is only useful for very simple authentication interaction, but this is still used (for
@@ -220,17 +226,20 @@
-->
<signal name="BasicAuth">
<arg type="s" name="realm"/>
<arg type="a{sv}" name="options" direction="in"/>
</signal>
<!--
BasicAuthReply:
@user: The user
@password: The password
@options: An extensible dict with extra options.
Call to finish the request started with the BasicAuth signal.
-->
<method name="BasicAuthReply">
<arg type="s" name="user"/>
<arg type="s" name="password"/>
<arg type="a{sv}" name="options" direction="in"/>
</method>
<!--
Response:

7
oci-authenticator/flatpak-oci-authenticator.c
View File

@@ -193,6 +193,7 @@ handle_request_ref_tokens_basic_auth_reply (FlatpakAuthenticatorRequest *object,
GDBusMethodInvocation *invocation,
const gchar *arg_user,
const gchar *arg_password,
GVariant *options,
gpointer user_data)
{
BasicAuthData *auth = user_data;
@@ -233,7 +234,7 @@ run_basic_auth (FlatpakAuthenticatorRequest *request,
id1 = g_signal_connect (request, "handle-close", G_CALLBACK (handle_request_ref_tokens_close), &auth);
id2 = g_signal_connect (request, "handle-basic-auth-reply", G_CALLBACK (handle_request_ref_tokens_basic_auth_reply), &auth);
flatpak_auth_request_emit_basic_auth (request, sender, realm);
flatpak_auth_request_emit_basic_auth (request, sender, realm, NULL);
while (!auth.done)
g_cond_wait (&auth.cond, &auth.mutex);
@@ -417,7 +418,7 @@ handle_request_ref_tokens (FlatpakAuthenticator *authenticator,
const gchar *arg_remote,
const gchar *arg_remote_uri,
GVariant *arg_refs,
GVariant *arg_extra_data,
GVariant *arg_options,
const gchar *arg_parent_window)
{
g_autofree char *request_path = NULL;
@@ -435,7 +436,7 @@ handle_request_ref_tokens (FlatpakAuthenticator *authenticator,
g_variant_lookup (arg_authenticator_options, "auth", "&s", &auth);
if (!g_variant_lookup (arg_extra_data, "xa.oci-registry-uri", "&s", &oci_registry_uri))
if (!g_variant_lookup (arg_options, "xa.oci-registry-uri", "&s", &oci_registry_uri))
{
g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR,
G_DBUS_ERROR_INVALID_ARGS,

6
tests/test-authenticator.c
View File

@@ -125,7 +125,7 @@ http_incoming (GSocketService *service,
g_debug ("handling incomming http request for %s", data->sender);
g_debug ("emiting webflow done");
flatpak_auth_request_emit_webflow_done (data->request, data->sender);
flatpak_auth_request_emit_webflow_done (data->request, data->sender, NULL);
finish_request_ref_tokens (data);
@@ -175,7 +175,7 @@ handle_request_ref_tokens (FlatpakAuthenticator *authenticator,
const gchar *arg_remote,
const gchar *arg_remote_uri,
GVariant *arg_refs,
GVariant *arg_extra_data,
GVariant *arg_options,
const gchar *arg_parent_window)
{
g_autoptr(GError) error = NULL;
@@ -243,7 +243,7 @@ handle_request_ref_tokens (FlatpakAuthenticator *authenticator,
{
uri = g_strdup_printf ("http://localhost:%d", (int)port);
g_debug ("Requesting webflow %s", uri);
flatpak_auth_request_emit_webflow (request, g_dbus_method_invocation_get_sender (invocation), uri);
flatpak_auth_request_emit_webflow (request, g_dbus_method_invocation_get_sender (invocation), uri, NULL);
}
else
{