Handle retrieving credentials from HTTP Basic Auth

2024-12-27 16:29:44 -05:00 · 2018-12-08 12:12:52 +02:00 · 2018-12-08 12:12:52 +02:00 · a070f1bce7
commit a070f1bce7
parent cb3c4893dc
7 changed files with 45 additions and 6 deletions
--- a/src/browser/BrowserAction.cpp
+++ b/src/browser/BrowserAction.cpp
@ -251,7 +251,9 @@ QJsonObject BrowserAction::handleGetLogins(const QJsonObject& json, const QStrin

    const QString id = decrypted.value("id").toString();
    const QString submit = decrypted.value("submitUrl").toString();
-    const QJsonArray users = m_browserService.findMatchingEntries(id, url, submit, "", keyList);
+    const QString auth = decrypted.value("httpAuth").toString();
+    const bool httpAuth = auth.compare("true", Qt::CaseSensitive) == 0 ? true : false;
+    const QJsonArray users = m_browserService.findMatchingEntries(id, url, submit, "", keyList, httpAuth);

    if (users.isEmpty()) {
        return getErrorReply(action, ERROR_KEEPASS_NO_LOGINS_FOUND);
--- a/src/browser/BrowserOptionDialog.cpp
+++ b/src/browser/BrowserOptionDialog.cpp
@ -100,6 +100,7 @@ void BrowserOptionDialog::loadSettings()

    m_ui->alwaysAllowAccess->setChecked(settings->alwaysAllowAccess());
    m_ui->alwaysAllowUpdate->setChecked(settings->alwaysAllowUpdate());
+    m_ui->httpAuthPermission->setChecked(settings->httpAuthPermission());
    m_ui->searchInAllDatabases->setChecked(settings->searchInAllDatabases());
    m_ui->supportKphFields->setChecked(settings->supportKphFields());
    m_ui->supportBrowserProxy->setChecked(settings->supportBrowserProxy());
@ -156,6 +157,7 @@ void BrowserOptionDialog::saveSettings()
    settings->setUpdateBinaryPath(m_ui->updateBinaryPath->isChecked());
    settings->setAlwaysAllowAccess(m_ui->alwaysAllowAccess->isChecked());
    settings->setAlwaysAllowUpdate(m_ui->alwaysAllowUpdate->isChecked());
+    settings->setHttpAuthPermission(m_ui->httpAuthPermission->isChecked());
    settings->setSearchInAllDatabases(m_ui->searchInAllDatabases->isChecked());
    settings->setSupportKphFields(m_ui->supportKphFields->isChecked());

--- a/src/browser/BrowserOptionDialog.ui
+++ b/src/browser/BrowserOptionDialog.ui
@ -267,6 +267,13 @@
         </property>
        </widget>
       </item>
+       <item>
+        <widget class="QCheckBox" name="httpAuthPermission">
+         <property name="text">
+          <string extracomment="An extra HTTP Basic Auth setting">Do not ask permission for HTTP &amp;Basic Auth</string>
+         </property>
+        </widget>
+       </item>
       <item>
        <widget class="QCheckBox" name="searchInAllDatabases">
         <property name="toolTip">
--- a/src/browser/BrowserService.cpp
+++ b/src/browser/BrowserService.cpp
@ -207,7 +207,8 @@ QJsonArray BrowserService::findMatchingEntries(const QString& id,
                                               const QString& url,
                                               const QString& submitUrl,
                                               const QString& realm,
-                                               const StringPairList& keyList)
+                                               const StringPairList& keyList,
+                                               const bool httpAuth)
 {
    QJsonArray result;
    if (thread() != QThread::currentThread()) {
@ -219,11 +220,13 @@ QJsonArray BrowserService::findMatchingEntries(const QString& id,
                                  Q_ARG(QString, url),
                                  Q_ARG(QString, submitUrl),
                                  Q_ARG(QString, realm),
-                                  Q_ARG(StringPairList, keyList));
+                                  Q_ARG(StringPairList, keyList),
+                                  Q_ARG(bool, httpAuth));
        return result;
    }

    const bool alwaysAllowAccess = browserSettings()->alwaysAllowAccess();
+    const bool ignoreHttpAuth = browserSettings()->httpAuthPermission();
    const QString host = QUrl(url).host();
    const QString submitHost = QUrl(submitUrl).host();

@ -231,6 +234,12 @@ QJsonArray BrowserService::findMatchingEntries(const QString& id,
    QList<Entry*> pwEntriesToConfirm;
    QList<Entry*> pwEntries;
    for (Entry* entry : searchEntries(url, keyList)) {
+        // HTTP Basic Auth always needs a confirmation
+        if (!ignoreHttpAuth && httpAuth) {
+            pwEntriesToConfirm.append(entry);
+            continue;
+        }
+
        switch (checkAccess(entry, host, submitHost, realm)) {
        case Denied:
            continue;
@ -642,7 +651,10 @@ QJsonObject BrowserService::prepareEntry(const Entry* entry)
 }

 BrowserService::Access
-BrowserService::checkAccess(const Entry* entry, const QString& host, const QString& submitHost, const QString& realm)
+BrowserService::checkAccess(const Entry* entry,
+                            const QString& host,
+                            const QString& submitHost,
+                            const QString& realm)
 {
    BrowserEntryConfig config;
    if (!config.load(entry)) {
--- a/src/browser/BrowserService.h
+++ b/src/browser/BrowserService.h
@ -67,7 +67,8 @@ public slots:
                                   const QString& url,
                                   const QString& submitUrl,
                                   const QString& realm,
-                                   const StringPairList& keyList);
+                                   const StringPairList& keyList,
+                                   const bool httpAuth = false);
    QString storeKey(const QString& key);
    void updateEntry(const QString& id,
                     const QString& uuid,
@ -101,7 +102,10 @@ private:
                        const QString& submitHost,
                        const QString& realm);
    QJsonObject prepareEntry(const Entry* entry);
-    Access checkAccess(const Entry* entry, const QString& host, const QString& submitHost, const QString& realm);
+    Access checkAccess(const Entry* entry,
+                       const QString& host,
+                       const QString& submitHost,
+                       const QString& realm);
    Group* findCreateAddEntryGroup(QSharedPointer<Database> selectedDb = {});
    int
    sortPriority(const Entry* entry, const QString& host, const QString& submitUrl, const QString& baseSubmitUrl) const;
--- a/src/browser/BrowserSettings.cpp
+++ b/src/browser/BrowserSettings.cpp
@ -121,6 +121,16 @@ void BrowserSettings::setAlwaysAllowUpdate(bool alwaysAllowUpdate)
    config()->set("Browser/AlwaysAllowUpdate", alwaysAllowUpdate);
 }

+bool BrowserSettings::httpAuthPermission()
+{
+    return config()->get("Browser/HttpAuthPermission", false).toBool();
+}
+
+void BrowserSettings::setHttpAuthPermission(bool httpAuthPermission)
+{
+    config()->set("Browser/HttpAuthPermission", httpAuthPermission);
+}
+
 bool BrowserSettings::searchInAllDatabases()
 {
    return config()->get("Browser/SearchInAllDatabases", false).toBool();
--- a/src/browser/BrowserSettings.h
+++ b/src/browser/BrowserSettings.h
@ -51,6 +51,8 @@ public:
    void setAlwaysAllowUpdate(bool alwaysAllowUpdate);
    bool searchInAllDatabases();
    void setSearchInAllDatabases(bool searchInAllDatabases);
+    bool httpAuthPermission();
+    void setHttpAuthPermission(bool httpAuthPermission);
    bool supportKphFields();
    void setSupportKphFields(bool supportKphFields);