mirror of
https://github.com/keepassxreboot/keepassxc.git
synced 2024-12-27 08:19:47 -05:00
Handle retrieving credentials from HTTP Basic Auth
This commit is contained in:
varjolintu
Jonathan White
parent
cb3c4893dc
commit
a070f1bce7
@ -251,7 +251,9 @@ QJsonObject BrowserAction::handleGetLogins(const QJsonObject& json, const QStrin
|
|||||||
|
|
||||||
const QString id = decrypted.value("id").toString();
|
const QString id = decrypted.value("id").toString();
|
||||||
const QString submit = decrypted.value("submitUrl").toString();
|
const QString submit = decrypted.value("submitUrl").toString();
|
||||||
const QJsonArray users = m_browserService.findMatchingEntries(id, url, submit, "", keyList);
|
const QString auth = decrypted.value("httpAuth").toString();
|
||||||
|
const bool httpAuth = auth.compare("true", Qt::CaseSensitive) == 0 ? true : false;
|
||||||
|
const QJsonArray users = m_browserService.findMatchingEntries(id, url, submit, "", keyList, httpAuth);
|
||||||
|
|
||||||
if (users.isEmpty()) {
|
if (users.isEmpty()) {
|
||||||
return getErrorReply(action, ERROR_KEEPASS_NO_LOGINS_FOUND);
|
return getErrorReply(action, ERROR_KEEPASS_NO_LOGINS_FOUND);
|
||||||
|
|||||||
@ -100,6 +100,7 @@ void BrowserOptionDialog::loadSettings()
|
|||||||
|
|
||||||
m_ui->alwaysAllowAccess->setChecked(settings->alwaysAllowAccess());
|
m_ui->alwaysAllowAccess->setChecked(settings->alwaysAllowAccess());
|
||||||
m_ui->alwaysAllowUpdate->setChecked(settings->alwaysAllowUpdate());
|
m_ui->alwaysAllowUpdate->setChecked(settings->alwaysAllowUpdate());
|
||||||
|
m_ui->httpAuthPermission->setChecked(settings->httpAuthPermission());
|
||||||
m_ui->searchInAllDatabases->setChecked(settings->searchInAllDatabases());
|
m_ui->searchInAllDatabases->setChecked(settings->searchInAllDatabases());
|
||||||
m_ui->supportKphFields->setChecked(settings->supportKphFields());
|
m_ui->supportKphFields->setChecked(settings->supportKphFields());
|
||||||
m_ui->supportBrowserProxy->setChecked(settings->supportBrowserProxy());
|
m_ui->supportBrowserProxy->setChecked(settings->supportBrowserProxy());
|
||||||
@ -156,6 +157,7 @@ void BrowserOptionDialog::saveSettings()
|
|||||||
settings->setUpdateBinaryPath(m_ui->updateBinaryPath->isChecked());
|
settings->setUpdateBinaryPath(m_ui->updateBinaryPath->isChecked());
|
||||||
settings->setAlwaysAllowAccess(m_ui->alwaysAllowAccess->isChecked());
|
settings->setAlwaysAllowAccess(m_ui->alwaysAllowAccess->isChecked());
|
||||||
settings->setAlwaysAllowUpdate(m_ui->alwaysAllowUpdate->isChecked());
|
settings->setAlwaysAllowUpdate(m_ui->alwaysAllowUpdate->isChecked());
|
||||||
|
settings->setHttpAuthPermission(m_ui->httpAuthPermission->isChecked());
|
||||||
settings->setSearchInAllDatabases(m_ui->searchInAllDatabases->isChecked());
|
settings->setSearchInAllDatabases(m_ui->searchInAllDatabases->isChecked());
|
||||||
settings->setSupportKphFields(m_ui->supportKphFields->isChecked());
|
settings->setSupportKphFields(m_ui->supportKphFields->isChecked());
|
||||||
|
|
||||||
|
|||||||
@ -267,6 +267,13 @@
|
|||||||
</property>
|
</property>
|
||||||
</widget>
|
</widget>
|
||||||
</item>
|
</item>
|
||||||
|
<item>
|
||||||
|
<widget class="QCheckBox" name="httpAuthPermission">
|
||||||
|
<property name="text">
|
||||||
|
<string extracomment="An extra HTTP Basic Auth setting">Do not ask permission for HTTP &Basic Auth</string>
|
||||||
|
</property>
|
||||||
|
</widget>
|
||||||
|
</item>
|
||||||
<item>
|
<item>
|
||||||
<widget class="QCheckBox" name="searchInAllDatabases">
|
<widget class="QCheckBox" name="searchInAllDatabases">
|
||||||
<property name="toolTip">
|
<property name="toolTip">
|
||||||
|
|||||||
@ -207,7 +207,8 @@ QJsonArray BrowserService::findMatchingEntries(const QString& id,
|
|||||||
const QString& url,
|
const QString& url,
|
||||||
const QString& submitUrl,
|
const QString& submitUrl,
|
||||||
const QString& realm,
|
const QString& realm,
|
||||||
const StringPairList& keyList)
|
const StringPairList& keyList,
|
||||||
|
const bool httpAuth)
|
||||||
{
|
{
|
||||||
QJsonArray result;
|
QJsonArray result;
|
||||||
if (thread() != QThread::currentThread()) {
|
if (thread() != QThread::currentThread()) {
|
||||||
@ -219,11 +220,13 @@ QJsonArray BrowserService::findMatchingEntries(const QString& id,
|
|||||||
Q_ARG(QString, url),
|
Q_ARG(QString, url),
|
||||||
Q_ARG(QString, submitUrl),
|
Q_ARG(QString, submitUrl),
|
||||||
Q_ARG(QString, realm),
|
Q_ARG(QString, realm),
|
||||||
Q_ARG(StringPairList, keyList));
|
Q_ARG(StringPairList, keyList),
|
||||||
|
Q_ARG(bool, httpAuth));
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
const bool alwaysAllowAccess = browserSettings()->alwaysAllowAccess();
|
const bool alwaysAllowAccess = browserSettings()->alwaysAllowAccess();
|
||||||
|
const bool ignoreHttpAuth = browserSettings()->httpAuthPermission();
|
||||||
const QString host = QUrl(url).host();
|
const QString host = QUrl(url).host();
|
||||||
const QString submitHost = QUrl(submitUrl).host();
|
const QString submitHost = QUrl(submitUrl).host();
|
||||||
|
|
||||||
@ -231,6 +234,12 @@ QJsonArray BrowserService::findMatchingEntries(const QString& id,
|
|||||||
QList<Entry*> pwEntriesToConfirm;
|
QList<Entry*> pwEntriesToConfirm;
|
||||||
QList<Entry*> pwEntries;
|
QList<Entry*> pwEntries;
|
||||||
for (Entry* entry : searchEntries(url, keyList)) {
|
for (Entry* entry : searchEntries(url, keyList)) {
|
||||||
|
// HTTP Basic Auth always needs a confirmation
|
||||||
|
if (!ignoreHttpAuth && httpAuth) {
|
||||||
|
pwEntriesToConfirm.append(entry);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
switch (checkAccess(entry, host, submitHost, realm)) {
|
switch (checkAccess(entry, host, submitHost, realm)) {
|
||||||
case Denied:
|
case Denied:
|
||||||
continue;
|
continue;
|
||||||
@ -642,7 +651,10 @@ QJsonObject BrowserService::prepareEntry(const Entry* entry)
|
|||||||
}
|
}
|
||||||
|
|
||||||
BrowserService::Access
|
BrowserService::Access
|
||||||
BrowserService::checkAccess(const Entry* entry, const QString& host, const QString& submitHost, const QString& realm)
|
BrowserService::checkAccess(const Entry* entry,
|
||||||
|
const QString& host,
|
||||||
|
const QString& submitHost,
|
||||||
|
const QString& realm)
|
||||||
{
|
{
|
||||||
BrowserEntryConfig config;
|
BrowserEntryConfig config;
|
||||||
if (!config.load(entry)) {
|
if (!config.load(entry)) {
|
||||||
|
|||||||
@ -67,7 +67,8 @@ public slots:
|
|||||||
const QString& url,
|
const QString& url,
|
||||||
const QString& submitUrl,
|
const QString& submitUrl,
|
||||||
const QString& realm,
|
const QString& realm,
|
||||||
const StringPairList& keyList);
|
const StringPairList& keyList,
|
||||||
|
const bool httpAuth = false);
|
||||||
QString storeKey(const QString& key);
|
QString storeKey(const QString& key);
|
||||||
void updateEntry(const QString& id,
|
void updateEntry(const QString& id,
|
||||||
const QString& uuid,
|
const QString& uuid,
|
||||||
@ -101,7 +102,10 @@ private:
|
|||||||
const QString& submitHost,
|
const QString& submitHost,
|
||||||
const QString& realm);
|
const QString& realm);
|
||||||
QJsonObject prepareEntry(const Entry* entry);
|
QJsonObject prepareEntry(const Entry* entry);
|
||||||
Access checkAccess(const Entry* entry, const QString& host, const QString& submitHost, const QString& realm);
|
Access checkAccess(const Entry* entry,
|
||||||
|
const QString& host,
|
||||||
|
const QString& submitHost,
|
||||||
|
const QString& realm);
|
||||||
Group* findCreateAddEntryGroup(QSharedPointer<Database> selectedDb = {});
|
Group* findCreateAddEntryGroup(QSharedPointer<Database> selectedDb = {});
|
||||||
int
|
int
|
||||||
sortPriority(const Entry* entry, const QString& host, const QString& submitUrl, const QString& baseSubmitUrl) const;
|
sortPriority(const Entry* entry, const QString& host, const QString& submitUrl, const QString& baseSubmitUrl) const;
|
||||||
|
|||||||
@ -121,6 +121,16 @@ void BrowserSettings::setAlwaysAllowUpdate(bool alwaysAllowUpdate)
|
|||||||
config()->set("Browser/AlwaysAllowUpdate", alwaysAllowUpdate);
|
config()->set("Browser/AlwaysAllowUpdate", alwaysAllowUpdate);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool BrowserSettings::httpAuthPermission()
|
||||||
|
{
|
||||||
|
return config()->get("Browser/HttpAuthPermission", false).toBool();
|
||||||
|
}
|
||||||
|
|
||||||
|
void BrowserSettings::setHttpAuthPermission(bool httpAuthPermission)
|
||||||
|
{
|
||||||
|
config()->set("Browser/HttpAuthPermission", httpAuthPermission);
|
||||||
|
}
|
||||||
|
|
||||||
bool BrowserSettings::searchInAllDatabases()
|
bool BrowserSettings::searchInAllDatabases()
|
||||||
{
|
{
|
||||||
return config()->get("Browser/SearchInAllDatabases", false).toBool();
|
return config()->get("Browser/SearchInAllDatabases", false).toBool();
|
||||||
|
|||||||
@ -51,6 +51,8 @@ public:
|
|||||||
void setAlwaysAllowUpdate(bool alwaysAllowUpdate);
|
void setAlwaysAllowUpdate(bool alwaysAllowUpdate);
|
||||||
bool searchInAllDatabases();
|
bool searchInAllDatabases();
|
||||||
void setSearchInAllDatabases(bool searchInAllDatabases);
|
void setSearchInAllDatabases(bool searchInAllDatabases);
|
||||||
|
bool httpAuthPermission();
|
||||||
|
void setHttpAuthPermission(bool httpAuthPermission);
|
||||||
bool supportKphFields();
|
bool supportKphFields();
|
||||||
void setSupportKphFields(bool supportKphFields);
|
void setSupportKphFields(bool supportKphFields);
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user