From bf2cad28af652fea4f4a8dfde008391bc7b37a95 Mon Sep 17 00:00:00 2001
From: Christof Klaus <christof.klaus@myrasecurity.com>
Date: Sun, 6 Sep 2020 14:53:51 +0200
Subject: [PATCH] Add feature to ignore entries for HTTP-Auth Logins

---
 src/browser/BrowserService.cpp          |  6 ++++++
 src/browser/BrowserService.h            |  1 +
 src/gui/entry/EditEntryWidget.cpp       | 11 +++++++++++
 src/gui/entry/EditEntryWidgetBrowser.ui | 10 ++++++++++
 4 files changed, 28 insertions(+)

diff --git a/src/browser/BrowserService.cpp b/src/browser/BrowserService.cpp
index 3c06aceb5..5bc16eb36 100644
--- a/src/browser/BrowserService.cpp
+++ b/src/browser/BrowserService.cpp
@@ -55,6 +55,7 @@ static const QString KEEPASSHTTP_GROUP_NAME = QStringLiteral("KeePassHttp Passwo
 const QString BrowserService::OPTION_SKIP_AUTO_SUBMIT = QStringLiteral("BrowserSkipAutoSubmit");
 const QString BrowserService::OPTION_HIDE_ENTRY = QStringLiteral("BrowserHideEntry");
 const QString BrowserService::OPTION_ONLY_HTTP_AUTH = QStringLiteral("BrowserOnlyHttpAuth");
+const QString BrowserService::OPTION_NOT_HTTP_AUTH = QStringLiteral("BrowserNotHttpAuth");
 // Multiple URL's
 const QString BrowserService::ADDITIONAL_URL = QStringLiteral("KP2A_URL");
 
@@ -397,6 +398,11 @@ QJsonArray BrowserService::findMatchingEntries(const QString& dbid,
             continue;
         }
 
+        if (httpAuth && entry->customData()->contains(BrowserService::OPTION_NOT_HTTP_AUTH)
+            && entry->customData()->value(BrowserService::OPTION_NOT_HTTP_AUTH) == TRUE_STR) {
+            continue;
+        }
+
         // HTTP Basic Auth always needs a confirmation
         if (!ignoreHttpAuth && httpAuth) {
             pwEntriesToConfirm.append(entry);
diff --git a/src/browser/BrowserService.h b/src/browser/BrowserService.h
index 2c7a7c95c..8f477b4a8 100644
--- a/src/browser/BrowserService.h
+++ b/src/browser/BrowserService.h
@@ -90,6 +90,7 @@ public:
     static const QString OPTION_SKIP_AUTO_SUBMIT;
     static const QString OPTION_HIDE_ENTRY;
     static const QString OPTION_ONLY_HTTP_AUTH;
+    static const QString OPTION_NOT_HTTP_AUTH;
     static const QString ADDITIONAL_URL;
 
 signals:
diff --git a/src/gui/entry/EditEntryWidget.cpp b/src/gui/entry/EditEntryWidget.cpp
index 0d0193cc5..c3dc21ec8 100644
--- a/src/gui/entry/EditEntryWidget.cpp
+++ b/src/gui/entry/EditEntryWidget.cpp
@@ -283,6 +283,7 @@ void EditEntryWidget::setupBrowser()
         connect(m_browserUi->skipAutoSubmitCheckbox, SIGNAL(toggled(bool)), SLOT(updateBrowserModified()));
         connect(m_browserUi->hideEntryCheckbox, SIGNAL(toggled(bool)), SLOT(updateBrowserModified()));
         connect(m_browserUi->onlyHttpAuthCheckbox, SIGNAL(toggled(bool)), SLOT(updateBrowserModified()));
+        connect(m_browserUi->notHttpAuthCheckbox, SIGNAL(toggled(bool)), SLOT(updateBrowserModified()));
         connect(m_browserUi->addURLButton, SIGNAL(clicked()), SLOT(insertURL()));
         connect(m_browserUi->removeURLButton, SIGNAL(clicked()), SLOT(removeCurrentURL()));
         connect(m_browserUi->editURLButton, SIGNAL(clicked()), SLOT(editCurrentURL()));
@@ -310,9 +311,11 @@ void EditEntryWidget::updateBrowser()
     auto skip = m_browserUi->skipAutoSubmitCheckbox->isChecked();
     auto hide = m_browserUi->hideEntryCheckbox->isChecked();
     auto onlyHttpAuth = m_browserUi->onlyHttpAuthCheckbox->isChecked();
+    auto notHttpAuth = m_browserUi->notHttpAuthCheckbox->isChecked();
     m_customData->set(BrowserService::OPTION_SKIP_AUTO_SUBMIT, (skip ? TRUE_STR : FALSE_STR));
     m_customData->set(BrowserService::OPTION_HIDE_ENTRY, (hide ? TRUE_STR : FALSE_STR));
     m_customData->set(BrowserService::OPTION_ONLY_HTTP_AUTH, (onlyHttpAuth ? TRUE_STR : FALSE_STR));
+    m_customData->set(BrowserService::OPTION_NOT_HTTP_AUTH, (notHttpAuth ? TRUE_STR : FALSE_STR));
 }
 
 void EditEntryWidget::insertURL()
@@ -482,6 +485,7 @@ void EditEntryWidget::setupEntryUpdate()
         connect(m_browserUi->skipAutoSubmitCheckbox, SIGNAL(toggled(bool)), SLOT(setModified()));
         connect(m_browserUi->hideEntryCheckbox, SIGNAL(toggled(bool)), SLOT(setModified()));
         connect(m_browserUi->onlyHttpAuthCheckbox, SIGNAL(toggled(bool)), SLOT(setModified()));
+        connect(m_browserUi->notHttpAuthCheckbox, SIGNAL(toggled(bool)), SLOT(setModified()));
         connect(m_browserUi->addURLButton, SIGNAL(toggled(bool)), SLOT(setModified()));
         connect(m_browserUi->removeURLButton, SIGNAL(toggled(bool)), SLOT(setModified()));
         connect(m_browserUi->editURLButton, SIGNAL(toggled(bool)), SLOT(setModified()));
@@ -961,6 +965,13 @@ void EditEntryWidget::setForms(Entry* entry, bool restore)
         m_browserUi->onlyHttpAuthCheckbox->setChecked(false);
     }
 
+    if (m_customData->contains(BrowserService::OPTION_NOT_HTTP_AUTH)) {
+        m_browserUi->notHttpAuthCheckbox->setChecked(m_customData->value(BrowserService::OPTION_NOT_HTTP_AUTH)
+                                                     == TRUE_STR);
+    } else {
+        m_browserUi->notHttpAuthCheckbox->setChecked(false);
+    }
+
     m_browserUi->addURLButton->setEnabled(!m_history);
     m_browserUi->removeURLButton->setEnabled(false);
     m_browserUi->editURLButton->setEnabled(false);
diff --git a/src/gui/entry/EditEntryWidgetBrowser.ui b/src/gui/entry/EditEntryWidgetBrowser.ui
index 9d1e0f511..5f117e987 100644
--- a/src/gui/entry/EditEntryWidgetBrowser.ui
+++ b/src/gui/entry/EditEntryWidgetBrowser.ui
@@ -60,6 +60,16 @@
         </property>
        </widget>
       </item>
+      <item>
+       <widget class="QCheckBox" name="notHttpAuthCheckbox">
+        <property name="toolTip">
+         <string>Do not send this setting to the browser for HTTP Auth dialogs. If enabled, HTTP Auth dialogs will not show this entry for selection.</string>
+        </property>
+        <property name="text">
+         <string>Do not use this entry with HTTP Basic Auth</string>
+        </property>
+       </widget>
+      </item>      
      </layout>
     </widget>
    </item>