search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
update tests/interactive/.gitignore
[empathy-mirror.git] / libempathy / empathy-keyring.c
bloba67c510949841125635ecf986b68e81876266552
1 /*
2 * Copyright (C) 2010 Collabora Ltd.
3 *
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
8 *
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 #include "config.h"
20
21 #include <glib/gi18n-lib.h>
22
23 #include "empathy-keyring.h"
24
25 #include <string.h>
26
27 #include <libsecret/secret.h>
28
29 #ifdef HAVE_UOA
30 #include <libaccounts-glib/ag-account.h>
31 #include <libaccounts-glib/ag-account-service.h>
32 #include <libaccounts-glib/ag-auth-data.h>
33 #include <libaccounts-glib/ag-manager.h>
34 #include <libaccounts-glib/ag-service.h>
35 #include <libsignon-glib/signon-identity.h>
36 #include "empathy-uoa-utils.h"
37 #endif
38
39 #include "empathy-utils.h"
40
41 #define DEBUG_FLAG EMPATHY_DEBUG_OTHER
42 #include "empathy-debug.h"
43
44 static const SecretSchema account_keyring_schema =
45 { "org.gnome.Empathy.Account", SECRET_SCHEMA_DONT_MATCH_NAME,
46 { { "account-id", SECRET_SCHEMA_ATTRIBUTE_STRING },
47 { "param-name", SECRET_SCHEMA_ATTRIBUTE_STRING },
48 { NULL } } };
49
50 static const SecretSchema room_keyring_schema =
51 { "org.gnome.Empathy.Room", SECRET_SCHEMA_DONT_MATCH_NAME,
52 { { "account-id", SECRET_SCHEMA_ATTRIBUTE_STRING },
53 { "room-id", SECRET_SCHEMA_ATTRIBUTE_STRING },
54 { NULL } } };
55
56 gboolean
57 empathy_keyring_is_available (void)
58 {
59 return TRUE;
60 }
61
62 /* get */
63
64 static void
65 lookup_item_cb (GObject *source,
66 GAsyncResult *result,
67 gpointer user_data)
68 {
69 GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
70 GError *error = NULL;
71 gchar *password;
72
73 password = secret_password_lookup_finish (result, &error);
74 if (error != NULL)
75 {
76 g_simple_async_result_set_error (simple, TP_ERROR,
77 TP_ERROR_DOES_NOT_EXIST, "%s", error->message);
78 g_clear_error (&error);
79 goto out;
80 }
81
82 if (password == NULL)
83 {
84 g_simple_async_result_set_error (simple, TP_ERROR,
85 TP_ERROR_DOES_NOT_EXIST, _("Password not found"));
86 goto out;
87 }
88
89 g_simple_async_result_set_op_res_gpointer (simple, password,
90 (GDestroyNotify) secret_password_free);
91
92 out:
93 g_simple_async_result_complete (simple);
94 g_object_unref (simple);
95 }
96
97 #ifdef HAVE_UOA
98 static AgAccountService *
99 uoa_password_common (TpAccount *tp_account,
100 GSimpleAsyncResult *result,
101 AgAuthData **ret_auth_data)
102 {
103 const GValue *storage_id;
104 AgAccountId account_id;
105 AgManager *manager = NULL;
106 AgAccount *account = NULL;
107 GList *l;
108 AgAccountService *service = NULL;
109 AgAuthData *auth_data = NULL;
110
111 g_assert (ret_auth_data != NULL);
112 *ret_auth_data = NULL;
113
114 storage_id = tp_account_get_storage_identifier (tp_account);
115 account_id = g_value_get_uint (storage_id);
116 if (account_id == 0)
117 {
118 g_simple_async_result_set_error (result,
119 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
120 "StorageId is invalid, cannot get the AgAccount for this TpAccount");
121 g_simple_async_result_complete_in_idle (result);
122 goto error;
123 }
124
125 manager = empathy_uoa_manager_dup ();
126 account = ag_manager_get_account (manager, account_id);
127
128 /* Assuming there is only one IM service */
129 l = ag_account_list_services_by_type (account, EMPATHY_UOA_SERVICE_TYPE);
130 if (l == NULL)
131 {
132 g_simple_async_result_set_error (result,
133 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
134 "AgAccount has no IM service");
135 g_simple_async_result_complete_in_idle (result);
136 goto error;
137 }
138 service = ag_account_service_new (account, l->data);
139 ag_service_list_free (l);
140
141 auth_data = ag_account_service_get_auth_data (service);
142 if (auth_data == NULL)
143 {
144 g_simple_async_result_set_error (result,
145 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
146 "Service has no AgAuthData");
147 g_simple_async_result_complete_in_idle (result);
148 goto error;
149 }
150
151 if (tp_strdiff (ag_auth_data_get_mechanism (auth_data), "password") ||
152 tp_strdiff (ag_auth_data_get_method (auth_data), "password"))
153 {
154 g_simple_async_result_set_error (result,
155 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
156 "Service does not use password authentication");
157 g_simple_async_result_complete_in_idle (result);
158 goto error;
159 }
160
161 g_object_unref (manager);
162 g_object_unref (account);
163
164 *ret_auth_data = auth_data;
165 return service;
166
167 error:
168 g_clear_object (&manager);
169 g_clear_object (&account);
170 g_clear_object (&service);
171 tp_clear_pointer (&auth_data, ag_auth_data_unref);
172 return NULL;
173 }
174
175 static void
176 uoa_session_process_cb (SignonAuthSession *session,
177 GHashTable *session_data,
178 const GError *error,
179 gpointer user_data)
180 {
181 GSimpleAsyncResult *result = user_data;
182 const gchar *password;
183
184 if (error != NULL)
185 {
186 g_simple_async_result_set_from_error (result, error);
187 goto out;
188 }
189
190 password = tp_asv_get_string (session_data, "Secret");
191 if (tp_str_empty (password))
192 {
193 g_simple_async_result_set_error (result, TP_ERROR,
194 TP_ERROR_DOES_NOT_EXIST, _("Password not found"));
195 goto out;
196 }
197
198 g_simple_async_result_set_op_res_gpointer (result, g_strdup (password),
199 g_free);
200
201 out:
202 /* libaccounts-glib API does not guarantee the callback happens after
203 * reentering mainloop */
204 g_simple_async_result_complete_in_idle (result);
205 g_object_unref (result);
206 g_object_unref (session);
207 }
208
209 static void
210 uoa_get_account_password (TpAccount *tp_account,
211 GSimpleAsyncResult *result)
212 {
213 AgAccountService *service;
214 AgAuthData *auth_data;
215 guint cred_id;
216 SignonIdentity *identity;
217 SignonAuthSession *session;
218 GError *error = NULL;
219
220 DEBUG ("Store password for %s in signond",
221 tp_account_get_path_suffix (tp_account));
222
223 service = uoa_password_common (tp_account, result, &auth_data);
224 if (service == NULL)
225 return;
226
227 cred_id = ag_auth_data_get_credentials_id (auth_data);
228 if (cred_id == 0)
229 {
230 g_simple_async_result_set_error (result,
231 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
232 "AgAccount has no CredentialsId");
233 g_simple_async_result_complete_in_idle (result);
234 goto out;
235 }
236
237 identity = signon_identity_new_from_db (cred_id);
238 session = signon_identity_create_session (identity,
239 ag_auth_data_get_method (auth_data), &error);
240 g_object_unref (identity);
241
242 if (session == NULL)
243 {
244 g_simple_async_result_set_from_error (result, error);
245 g_simple_async_result_complete_in_idle (result);
246 goto out;
247 }
248
249 signon_auth_session_process (session,
250 ag_auth_data_get_parameters (auth_data),
251 ag_auth_data_get_mechanism (auth_data),
252 uoa_session_process_cb,
253 g_object_ref (result));
254
255 out:
256 ag_auth_data_unref (auth_data);
257 g_object_unref (service);
258 }
259 #endif
260
261 void
262 empathy_keyring_get_account_password_async (TpAccount *account,
263 GAsyncReadyCallback callback,
264 gpointer user_data)
265 {
266 GSimpleAsyncResult *simple;
267 const gchar *account_id;
268
269 g_return_if_fail (TP_IS_ACCOUNT (account));
270 g_return_if_fail (callback != NULL);
271
272 simple = g_simple_async_result_new (G_OBJECT (account), callback,
273 user_data, empathy_keyring_get_account_password_async);
274
275 account_id = tp_proxy_get_object_path (account) +
276 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
277
278 DEBUG ("Trying to get password for: %s", account_id);
279
280 #ifdef HAVE_UOA
281 {
282 const gchar *provider;
283
284 provider = tp_account_get_storage_provider (account);
285 if (!tp_strdiff (provider, EMPATHY_UOA_PROVIDER))
286 {
287 uoa_get_account_password (account, simple);
288 g_object_unref (simple);
289 return;
290 }
291 }
292 #endif
293
294 secret_password_lookup (&account_keyring_schema, NULL,
295 lookup_item_cb, simple,
296 "account-id", account_id,
297 "param-name", "password",
298 NULL);
299 }
300
301 void
302 empathy_keyring_get_room_password_async (TpAccount *account,
303 const gchar *id,
304 GAsyncReadyCallback callback,
305 gpointer user_data)
306 {
307 GSimpleAsyncResult *simple;
308 const gchar *account_id;
309
310 g_return_if_fail (TP_IS_ACCOUNT (account));
311 g_return_if_fail (id != NULL);
312 g_return_if_fail (callback != NULL);
313
314 simple = g_simple_async_result_new (G_OBJECT (account), callback,
315 user_data, empathy_keyring_get_room_password_async);
316
317 account_id = tp_proxy_get_object_path (account) +
318 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
319
320 DEBUG ("Trying to get password for room '%s' on account '%s'",
321 id, account_id);
322
323 secret_password_lookup (&room_keyring_schema, NULL,
324 lookup_item_cb, simple,
325 "account-id", account_id,
326 "room-id", id,
327 NULL);
328 }
329
330 const gchar *
331 empathy_keyring_get_account_password_finish (TpAccount *account,
332 GAsyncResult *result,
333 GError **error)
334 {
335 empathy_implement_finish_return_pointer (account,
336 empathy_keyring_get_account_password_async);
337 }
338
339 const gchar *
340 empathy_keyring_get_room_password_finish (TpAccount *account,
341 GAsyncResult *result,
342 GError **error)
343 {
344 empathy_implement_finish_return_pointer (account,
345 empathy_keyring_get_room_password_async);
346 }
347
348 /* set */
349
350 static void
351 store_password_cb (GObject *source,
352 GAsyncResult *result,
353 gpointer user_data)
354 {
355 GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
356 GError *error = NULL;
357
358 if (!secret_password_store_finish (result, &error))
359 {
360 g_simple_async_result_set_error (simple, TP_ERROR,
361 TP_ERROR_DOES_NOT_EXIST, "%s", error->message);
362 g_error_free (error);
363 }
364
365 g_simple_async_result_complete (simple);
366 g_object_unref (simple);
367 }
368
369 #ifdef HAVE_UOA
370 typedef struct
371 {
372 AgAccountService *service;
373 gchar *password;
374 gboolean remember;
375 GSimpleAsyncResult *result;
376 } UoaChangePasswordData;
377
378 static UoaChangePasswordData *
379 uoa_change_password_data_new (AgAccountService *service,
380 const gchar *password,
381 gboolean remember,
382 GSimpleAsyncResult *result)
383 {
384 UoaChangePasswordData *data;
385
386 data = g_slice_new0 (UoaChangePasswordData);
387 data->service = g_object_ref (service);
388 data->password = g_strdup (password);
389 data->remember = remember;
390 data->result = g_object_ref (result);
391
392 return data;
393 }
394
395 static void
396 uoa_change_password_data_free (UoaChangePasswordData *data)
397 {
398 g_object_unref (data->service);
399 g_free (data->password);
400 g_object_unref (data->result);
401 g_slice_free (UoaChangePasswordData, data);
402 }
403
404 static void
405 uoa_identity_store_cb (SignonIdentity *identity,
406 guint32 id,
407 const GError *error,
408 gpointer user_data)
409 {
410 UoaChangePasswordData *data = user_data;
411
412 if (error != NULL)
413 g_simple_async_result_set_from_error (data->result, error);
414
415 g_simple_async_result_complete (data->result);
416 uoa_change_password_data_free (data);
417 g_object_unref (identity);
418 }
419
420 static void
421 uoa_identity_query_info_cb (SignonIdentity *identity,
422 const SignonIdentityInfo *info,
423 const GError *error,
424 gpointer user_data)
425 {
426 UoaChangePasswordData *data = user_data;
427
428 if (error != NULL)
429 {
430 g_simple_async_result_set_from_error (data->result, error);
431 /* libaccounts-glib API does not guarantee the callback happens after
432 * reentering mainloop */
433 g_simple_async_result_complete_in_idle (data->result);
434 uoa_change_password_data_free (data);
435 g_object_unref (identity);
436 return;
437 }
438
439 /* const SignonIdentityInfo is a lie, cast it! - Mardy */
440 signon_identity_info_set_secret ((SignonIdentityInfo *) info,
441 data->password, data->remember);
442
443 signon_identity_store_credentials_with_info (identity, info,
444 uoa_identity_store_cb, data);
445 }
446
447 static void
448 uoa_initial_account_store_cb (AgAccount *account,
449 const GError *error,
450 gpointer user_data)
451 {
452 UoaChangePasswordData *data = user_data;
453
454 if (error != NULL)
455 g_simple_async_result_set_from_error (data->result, error);
456
457 /* libaccounts-glib API does not guarantee the callback happens after
458 * reentering mainloop */
459 g_simple_async_result_complete_in_idle (data->result);
460 uoa_change_password_data_free (data);
461 }
462
463 static void
464 uoa_initial_identity_store_cb (SignonIdentity *identity,
465 guint32 id,
466 const GError *error,
467 gpointer user_data)
468 {
469 UoaChangePasswordData *data = user_data;
470 AgAccount *account = ag_account_service_get_account (data->service);
471 GValue value = G_VALUE_INIT;
472
473 if (error != NULL)
474 {
475 g_simple_async_result_set_from_error (data->result, error);
476 /* libaccounts-glib API does not guarantee the callback happens after
477 * reentering mainloop */
478 g_simple_async_result_complete_in_idle (data->result);
479 uoa_change_password_data_free (data);
480 g_object_unref (identity);
481 return;
482 }
483
484 g_value_init (&value, G_TYPE_UINT);
485 g_value_set_uint (&value, id);
486 ag_account_select_service (account, NULL);
487 ag_account_set_value (account, "CredentialsId", &value);
488 g_value_unset (&value);
489
490 ag_account_store (account, uoa_initial_account_store_cb, data);
491
492 g_object_unref (identity);
493 }
494
495 static void
496 uoa_set_account_password (TpAccount *tp_account,
497 const gchar *password,
498 gboolean remember,
499 GSimpleAsyncResult *result)
500 {
501 AgAccountService *service;
502 AgAuthData *auth_data;
503 guint cred_id;
504 UoaChangePasswordData *data;
505 SignonIdentity *identity;
506
507 DEBUG ("Store password for %s in signond",
508 tp_account_get_path_suffix (tp_account));
509
510 service = uoa_password_common (tp_account, result, &auth_data);
511 if (service == NULL)
512 return;
513
514 data = uoa_change_password_data_new (service, password, remember, result);
515
516 cred_id = ag_auth_data_get_credentials_id (auth_data);
517 if (cred_id == 0)
518 {
519 SignonIdentityInfo *info;
520 const GHashTable *params;
521 const gchar *username;
522 const gchar *acl_all[] = { "*", NULL };
523
524 /* This is the first time we store password for this account.
525 * First check if we have an 'username' param as this is more accurate
526 * in the tp-idle case. */
527 params = tp_account_get_parameters (tp_account);
528 username = tp_asv_get_string (params, "username");
529 if (username == NULL)
530 username = tp_asv_get_string (params, "account");
531
532 identity = signon_identity_new ();
533 info = signon_identity_info_new ();
534 signon_identity_info_set_username (info, username);
535 signon_identity_info_set_secret (info, password, remember);
536 signon_identity_info_set_access_control_list (info, acl_all);
537
538 /* Give identity and data ownership to the callback */
539 signon_identity_store_credentials_with_info (identity, info,
540 uoa_initial_identity_store_cb, data);
541
542 signon_identity_info_free (info);
543 }
544 else
545 {
546 /* There is already a password stored, query info to update it.
547 * Give identity and data ownership to the callback */
548 identity = signon_identity_new_from_db (cred_id);
549 signon_identity_query_info (identity,
550 uoa_identity_query_info_cb, data);
551 }
552
553 g_object_unref (service);
554 ag_auth_data_unref (auth_data);
555 }
556 #endif
557
558 void
559 empathy_keyring_set_account_password_async (TpAccount *account,
560 const gchar *password,
561 gboolean remember,
562 GAsyncReadyCallback callback,
563 gpointer user_data)
564 {
565 GSimpleAsyncResult *simple;
566 const gchar *account_id;
567 gchar *name;
568
569 g_return_if_fail (TP_IS_ACCOUNT (account));
570 g_return_if_fail (password != NULL);
571
572 simple = g_simple_async_result_new (G_OBJECT (account), callback,
573 user_data, empathy_keyring_set_account_password_async);
574
575 account_id = tp_proxy_get_object_path (account) +
576 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
577
578 DEBUG ("Remembering password for %s", account_id);
579
580 #ifdef HAVE_UOA
581 {
582 const gchar *provider;
583
584 provider = tp_account_get_storage_provider (account);
585 if (!tp_strdiff (provider, EMPATHY_UOA_PROVIDER))
586 {
587 uoa_set_account_password (account, password, remember, simple);
588 g_object_unref (simple);
589 return;
590 }
591 }
592 #endif
593
594 name = g_strdup_printf (_("IM account password for %s (%s)"),
595 tp_account_get_display_name (account), account_id);
596
597 secret_password_store (&account_keyring_schema,
598 remember ? NULL : SECRET_COLLECTION_SESSION,
599 name, password,
600 NULL, store_password_cb, simple,
601 "account-id", account_id,
602 "param-name", "password",
603 NULL);
604
605 g_free (name);
606 }
607
608 void
609 empathy_keyring_set_room_password_async (TpAccount *account,
610 const gchar *id,
611 const gchar *password,
612 GAsyncReadyCallback callback,
613 gpointer user_data)
614 {
615 GSimpleAsyncResult *simple;
616 const gchar *account_id;
617 gchar *name;
618
619 g_return_if_fail (TP_IS_ACCOUNT (account));
620 g_return_if_fail (id != NULL);
621 g_return_if_fail (password != NULL);
622
623 simple = g_simple_async_result_new (G_OBJECT (account), callback,
624 user_data, empathy_keyring_set_room_password_async);
625
626 account_id = tp_proxy_get_object_path (account) +
627 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
628
629 DEBUG ("Remembering password for room '%s' on account '%s'", id, account_id);
630
631 name = g_strdup_printf (_("Password for chatroom '%s' on account %s (%s)"),
632 id, tp_account_get_display_name (account), account_id);
633
634 secret_password_store (&room_keyring_schema, NULL, name, password,
635 NULL, store_password_cb, simple,
636 "account-id", account_id,
637 "room-id", id,
638 NULL);
639
640 g_free (name);
641 }
642
643 gboolean
644 empathy_keyring_set_account_password_finish (TpAccount *account,
645 GAsyncResult *result,
646 GError **error)
647 {
648 empathy_implement_finish_void (account, empathy_keyring_set_account_password_async);
649 }
650
651 gboolean
652 empathy_keyring_set_room_password_finish (TpAccount *account,
653 GAsyncResult *result,
654 GError **error)
655 {
656 empathy_implement_finish_void (account, empathy_keyring_set_room_password_async);
657 }
658
659 /* delete */
660
661 static void
662 items_delete_cb (GObject *source,
663 GAsyncResult *result,
664 gpointer user_data)
665 {
666 GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
667 GError *error = NULL;
668
669 if (!secret_password_clear_finish (result, &error))
670 {
671 g_simple_async_result_set_error (simple, TP_ERROR,
672 TP_ERROR_DOES_NOT_EXIST, "%s", error->message);
673 g_error_free (error);
674 }
675
676 g_simple_async_result_complete (simple);
677 g_object_unref (simple);
678 }
679
680 void
681 empathy_keyring_delete_account_password_async (TpAccount *account,
682 GAsyncReadyCallback callback,
683 gpointer user_data)
684 {
685 GSimpleAsyncResult *simple;
686 const gchar *account_id;
687
688 g_return_if_fail (TP_IS_ACCOUNT (account));
689
690 simple = g_simple_async_result_new (G_OBJECT (account), callback,
691 user_data, empathy_keyring_delete_account_password_async);
692
693 account_id = tp_proxy_get_object_path (account) +
694 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
695
696 DEBUG ("Deleting password for %s", account_id);
697
698 #ifdef HAVE_UOA
699 {
700 const gchar *provider;
701
702 provider = tp_account_get_storage_provider (account);
703 if (!tp_strdiff (provider, EMPATHY_UOA_PROVIDER))
704 {
705 /* I see no other way to forget the stored password than overwriting
706 * with an empty one. */
707 uoa_set_account_password (account, "", FALSE, simple);
708 g_object_unref (simple);
709 return;
710 }
711 }
712 #endif
713
714 secret_password_clear (&account_keyring_schema, NULL,
715 items_delete_cb, simple,
716 "account-id", account_id,
717 "param-name", "password",
718 NULL);
719 }
720
721 gboolean
722 empathy_keyring_delete_account_password_finish (TpAccount *account,
723 GAsyncResult *result,
724 GError **error)
725 {
726 empathy_implement_finish_void (account, empathy_keyring_delete_account_password_async);
727 }
empathy mirror