2 * Copyright (C) 2010 Collabora Ltd.
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 #include <glib/gi18n-lib.h>
23 #include "empathy-keyring.h"
27 #include <libsecret/secret.h>
30 #include <libaccounts-glib/ag-account.h>
31 #include <libaccounts-glib/ag-account-service.h>
32 #include <libaccounts-glib/ag-auth-data.h>
33 #include <libaccounts-glib/ag-manager.h>
34 #include <libaccounts-glib/ag-service.h>
35 #include <libsignon-glib/signon-identity.h>
36 #include "empathy-uoa-utils.h"
39 #include "empathy-utils.h"
41 #define DEBUG_FLAG EMPATHY_DEBUG_OTHER
42 #include "empathy-debug.h"
44 static const SecretSchema account_keyring_schema
=
45 { "org.gnome.Empathy.Account", SECRET_SCHEMA_DONT_MATCH_NAME
,
46 { { "account-id", SECRET_SCHEMA_ATTRIBUTE_STRING
},
47 { "param-name", SECRET_SCHEMA_ATTRIBUTE_STRING
},
50 static const SecretSchema room_keyring_schema
=
51 { "org.gnome.Empathy.Room", SECRET_SCHEMA_DONT_MATCH_NAME
,
52 { { "account-id", SECRET_SCHEMA_ATTRIBUTE_STRING
},
53 { "room-id", SECRET_SCHEMA_ATTRIBUTE_STRING
},
57 empathy_keyring_is_available (void)
65 lookup_item_cb (GObject
*source
,
69 GSimpleAsyncResult
*simple
= G_SIMPLE_ASYNC_RESULT (user_data
);
73 password
= secret_password_lookup_finish (result
, &error
);
76 g_simple_async_result_set_error (simple
, TP_ERROR
,
77 TP_ERROR_DOES_NOT_EXIST
, "%s", error
->message
);
78 g_clear_error (&error
);
84 g_simple_async_result_set_error (simple
, TP_ERROR
,
85 TP_ERROR_DOES_NOT_EXIST
, _("Password not found"));
89 g_simple_async_result_set_op_res_gpointer (simple
, password
,
90 (GDestroyNotify
) secret_password_free
);
93 g_simple_async_result_complete (simple
);
94 g_object_unref (simple
);
98 static AgAccountService
*
99 uoa_password_common (TpAccount
*tp_account
,
100 GSimpleAsyncResult
*result
,
101 AgAuthData
**ret_auth_data
)
103 const GValue
*storage_id
;
104 AgAccountId account_id
;
105 AgManager
*manager
= NULL
;
106 AgAccount
*account
= NULL
;
108 AgAccountService
*service
= NULL
;
109 AgAuthData
*auth_data
= NULL
;
111 g_assert (ret_auth_data
!= NULL
);
112 *ret_auth_data
= NULL
;
114 storage_id
= tp_account_get_storage_identifier (tp_account
);
115 account_id
= g_value_get_uint (storage_id
);
118 g_simple_async_result_set_error (result
,
119 TP_ERROR
, TP_ERROR_INVALID_ARGUMENT
,
120 "StorageId is invalid, cannot get the AgAccount for this TpAccount");
121 g_simple_async_result_complete_in_idle (result
);
125 manager
= empathy_uoa_manager_dup ();
126 account
= ag_manager_get_account (manager
, account_id
);
128 /* Assuming there is only one IM service */
129 l
= ag_account_list_services_by_type (account
, EMPATHY_UOA_SERVICE_TYPE
);
132 g_simple_async_result_set_error (result
,
133 TP_ERROR
, TP_ERROR_INVALID_ARGUMENT
,
134 "AgAccount has no IM service");
135 g_simple_async_result_complete_in_idle (result
);
138 service
= ag_account_service_new (account
, l
->data
);
139 ag_service_list_free (l
);
141 auth_data
= ag_account_service_get_auth_data (service
);
142 if (auth_data
== NULL
)
144 g_simple_async_result_set_error (result
,
145 TP_ERROR
, TP_ERROR_INVALID_ARGUMENT
,
146 "Service has no AgAuthData");
147 g_simple_async_result_complete_in_idle (result
);
151 if (tp_strdiff (ag_auth_data_get_mechanism (auth_data
), "password") ||
152 tp_strdiff (ag_auth_data_get_method (auth_data
), "password"))
154 g_simple_async_result_set_error (result
,
155 TP_ERROR
, TP_ERROR_INVALID_ARGUMENT
,
156 "Service does not use password authentication");
157 g_simple_async_result_complete_in_idle (result
);
161 g_object_unref (manager
);
162 g_object_unref (account
);
164 *ret_auth_data
= auth_data
;
168 g_clear_object (&manager
);
169 g_clear_object (&account
);
170 g_clear_object (&service
);
171 tp_clear_pointer (&auth_data
, ag_auth_data_unref
);
176 uoa_session_process_cb (SignonAuthSession
*session
,
177 GHashTable
*session_data
,
181 GSimpleAsyncResult
*result
= user_data
;
182 const gchar
*password
;
186 g_simple_async_result_set_from_error (result
, error
);
190 password
= tp_asv_get_string (session_data
, "Secret");
191 if (tp_str_empty (password
))
193 g_simple_async_result_set_error (result
, TP_ERROR
,
194 TP_ERROR_DOES_NOT_EXIST
, _("Password not found"));
198 g_simple_async_result_set_op_res_gpointer (result
, g_strdup (password
),
202 /* libaccounts-glib API does not guarantee the callback happens after
203 * reentering mainloop */
204 g_simple_async_result_complete_in_idle (result
);
205 g_object_unref (result
);
206 g_object_unref (session
);
210 uoa_get_account_password (TpAccount
*tp_account
,
211 GSimpleAsyncResult
*result
)
213 AgAccountService
*service
;
214 AgAuthData
*auth_data
;
216 SignonIdentity
*identity
;
217 SignonAuthSession
*session
;
218 GError
*error
= NULL
;
220 DEBUG ("Store password for %s in signond",
221 tp_account_get_path_suffix (tp_account
));
223 service
= uoa_password_common (tp_account
, result
, &auth_data
);
227 cred_id
= ag_auth_data_get_credentials_id (auth_data
);
230 g_simple_async_result_set_error (result
,
231 TP_ERROR
, TP_ERROR_INVALID_ARGUMENT
,
232 "AgAccount has no CredentialsId");
233 g_simple_async_result_complete_in_idle (result
);
237 identity
= signon_identity_new_from_db (cred_id
);
238 session
= signon_identity_create_session (identity
,
239 ag_auth_data_get_method (auth_data
), &error
);
240 g_object_unref (identity
);
244 g_simple_async_result_set_from_error (result
, error
);
245 g_simple_async_result_complete_in_idle (result
);
249 signon_auth_session_process (session
,
250 ag_auth_data_get_parameters (auth_data
),
251 ag_auth_data_get_mechanism (auth_data
),
252 uoa_session_process_cb
,
253 g_object_ref (result
));
256 ag_auth_data_unref (auth_data
);
257 g_object_unref (service
);
262 empathy_keyring_get_account_password_async (TpAccount
*account
,
263 GAsyncReadyCallback callback
,
266 GSimpleAsyncResult
*simple
;
267 const gchar
*account_id
;
269 g_return_if_fail (TP_IS_ACCOUNT (account
));
270 g_return_if_fail (callback
!= NULL
);
272 simple
= g_simple_async_result_new (G_OBJECT (account
), callback
,
273 user_data
, empathy_keyring_get_account_password_async
);
275 account_id
= tp_proxy_get_object_path (account
) +
276 strlen (TP_ACCOUNT_OBJECT_PATH_BASE
);
278 DEBUG ("Trying to get password for: %s", account_id
);
282 const gchar
*provider
;
284 provider
= tp_account_get_storage_provider (account
);
285 if (!tp_strdiff (provider
, EMPATHY_UOA_PROVIDER
))
287 uoa_get_account_password (account
, simple
);
288 g_object_unref (simple
);
294 secret_password_lookup (&account_keyring_schema
, NULL
,
295 lookup_item_cb
, simple
,
296 "account-id", account_id
,
297 "param-name", "password",
302 empathy_keyring_get_room_password_async (TpAccount
*account
,
304 GAsyncReadyCallback callback
,
307 GSimpleAsyncResult
*simple
;
308 const gchar
*account_id
;
310 g_return_if_fail (TP_IS_ACCOUNT (account
));
311 g_return_if_fail (id
!= NULL
);
312 g_return_if_fail (callback
!= NULL
);
314 simple
= g_simple_async_result_new (G_OBJECT (account
), callback
,
315 user_data
, empathy_keyring_get_room_password_async
);
317 account_id
= tp_proxy_get_object_path (account
) +
318 strlen (TP_ACCOUNT_OBJECT_PATH_BASE
);
320 DEBUG ("Trying to get password for room '%s' on account '%s'",
323 secret_password_lookup (&room_keyring_schema
, NULL
,
324 lookup_item_cb
, simple
,
325 "account-id", account_id
,
331 empathy_keyring_get_account_password_finish (TpAccount
*account
,
332 GAsyncResult
*result
,
335 empathy_implement_finish_return_pointer (account
,
336 empathy_keyring_get_account_password_async
);
340 empathy_keyring_get_room_password_finish (TpAccount
*account
,
341 GAsyncResult
*result
,
344 empathy_implement_finish_return_pointer (account
,
345 empathy_keyring_get_room_password_async
);
351 store_password_cb (GObject
*source
,
352 GAsyncResult
*result
,
355 GSimpleAsyncResult
*simple
= G_SIMPLE_ASYNC_RESULT (user_data
);
356 GError
*error
= NULL
;
358 if (!secret_password_store_finish (result
, &error
))
360 g_simple_async_result_set_error (simple
, TP_ERROR
,
361 TP_ERROR_DOES_NOT_EXIST
, "%s", error
->message
);
362 g_error_free (error
);
365 g_simple_async_result_complete (simple
);
366 g_object_unref (simple
);
372 AgAccountService
*service
;
375 GSimpleAsyncResult
*result
;
376 } UoaChangePasswordData
;
378 static UoaChangePasswordData
*
379 uoa_change_password_data_new (AgAccountService
*service
,
380 const gchar
*password
,
382 GSimpleAsyncResult
*result
)
384 UoaChangePasswordData
*data
;
386 data
= g_slice_new0 (UoaChangePasswordData
);
387 data
->service
= g_object_ref (service
);
388 data
->password
= g_strdup (password
);
389 data
->remember
= remember
;
390 data
->result
= g_object_ref (result
);
396 uoa_change_password_data_free (UoaChangePasswordData
*data
)
398 g_object_unref (data
->service
);
399 g_free (data
->password
);
400 g_object_unref (data
->result
);
401 g_slice_free (UoaChangePasswordData
, data
);
405 uoa_identity_store_cb (SignonIdentity
*identity
,
410 UoaChangePasswordData
*data
= user_data
;
413 g_simple_async_result_set_from_error (data
->result
, error
);
415 g_simple_async_result_complete (data
->result
);
416 uoa_change_password_data_free (data
);
417 g_object_unref (identity
);
421 uoa_identity_query_info_cb (SignonIdentity
*identity
,
422 const SignonIdentityInfo
*info
,
426 UoaChangePasswordData
*data
= user_data
;
430 g_simple_async_result_set_from_error (data
->result
, error
);
431 /* libaccounts-glib API does not guarantee the callback happens after
432 * reentering mainloop */
433 g_simple_async_result_complete_in_idle (data
->result
);
434 uoa_change_password_data_free (data
);
435 g_object_unref (identity
);
439 /* const SignonIdentityInfo is a lie, cast it! - Mardy */
440 signon_identity_info_set_secret ((SignonIdentityInfo
*) info
,
441 data
->password
, data
->remember
);
443 signon_identity_store_credentials_with_info (identity
, info
,
444 uoa_identity_store_cb
, data
);
448 uoa_initial_account_store_cb (AgAccount
*account
,
452 UoaChangePasswordData
*data
= user_data
;
455 g_simple_async_result_set_from_error (data
->result
, error
);
457 /* libaccounts-glib API does not guarantee the callback happens after
458 * reentering mainloop */
459 g_simple_async_result_complete_in_idle (data
->result
);
460 uoa_change_password_data_free (data
);
464 uoa_initial_identity_store_cb (SignonIdentity
*identity
,
469 UoaChangePasswordData
*data
= user_data
;
470 AgAccount
*account
= ag_account_service_get_account (data
->service
);
471 GValue value
= G_VALUE_INIT
;
475 g_simple_async_result_set_from_error (data
->result
, error
);
476 /* libaccounts-glib API does not guarantee the callback happens after
477 * reentering mainloop */
478 g_simple_async_result_complete_in_idle (data
->result
);
479 uoa_change_password_data_free (data
);
480 g_object_unref (identity
);
484 g_value_init (&value
, G_TYPE_UINT
);
485 g_value_set_uint (&value
, id
);
486 ag_account_select_service (account
, NULL
);
487 ag_account_set_value (account
, "CredentialsId", &value
);
488 g_value_unset (&value
);
490 ag_account_store (account
, uoa_initial_account_store_cb
, data
);
492 g_object_unref (identity
);
496 uoa_set_account_password (TpAccount
*tp_account
,
497 const gchar
*password
,
499 GSimpleAsyncResult
*result
)
501 AgAccountService
*service
;
502 AgAuthData
*auth_data
;
504 UoaChangePasswordData
*data
;
505 SignonIdentity
*identity
;
507 DEBUG ("Store password for %s in signond",
508 tp_account_get_path_suffix (tp_account
));
510 service
= uoa_password_common (tp_account
, result
, &auth_data
);
514 data
= uoa_change_password_data_new (service
, password
, remember
, result
);
516 cred_id
= ag_auth_data_get_credentials_id (auth_data
);
519 SignonIdentityInfo
*info
;
520 const GHashTable
*params
;
521 const gchar
*username
;
522 const gchar
*acl_all
[] = { "*", NULL
};
524 /* This is the first time we store password for this account.
525 * First check if we have an 'username' param as this is more accurate
526 * in the tp-idle case. */
527 params
= tp_account_get_parameters (tp_account
);
528 username
= tp_asv_get_string (params
, "username");
529 if (username
== NULL
)
530 username
= tp_asv_get_string (params
, "account");
532 identity
= signon_identity_new ();
533 info
= signon_identity_info_new ();
534 signon_identity_info_set_username (info
, username
);
535 signon_identity_info_set_secret (info
, password
, remember
);
536 signon_identity_info_set_access_control_list (info
, acl_all
);
538 /* Give identity and data ownership to the callback */
539 signon_identity_store_credentials_with_info (identity
, info
,
540 uoa_initial_identity_store_cb
, data
);
542 signon_identity_info_free (info
);
546 /* There is already a password stored, query info to update it.
547 * Give identity and data ownership to the callback */
548 identity
= signon_identity_new_from_db (cred_id
);
549 signon_identity_query_info (identity
,
550 uoa_identity_query_info_cb
, data
);
553 g_object_unref (service
);
554 ag_auth_data_unref (auth_data
);
559 empathy_keyring_set_account_password_async (TpAccount
*account
,
560 const gchar
*password
,
562 GAsyncReadyCallback callback
,
565 GSimpleAsyncResult
*simple
;
566 const gchar
*account_id
;
569 g_return_if_fail (TP_IS_ACCOUNT (account
));
570 g_return_if_fail (password
!= NULL
);
572 simple
= g_simple_async_result_new (G_OBJECT (account
), callback
,
573 user_data
, empathy_keyring_set_account_password_async
);
575 account_id
= tp_proxy_get_object_path (account
) +
576 strlen (TP_ACCOUNT_OBJECT_PATH_BASE
);
578 DEBUG ("Remembering password for %s", account_id
);
582 const gchar
*provider
;
584 provider
= tp_account_get_storage_provider (account
);
585 if (!tp_strdiff (provider
, EMPATHY_UOA_PROVIDER
))
587 uoa_set_account_password (account
, password
, remember
, simple
);
588 g_object_unref (simple
);
594 name
= g_strdup_printf (_("IM account password for %s (%s)"),
595 tp_account_get_display_name (account
), account_id
);
597 secret_password_store (&account_keyring_schema
,
598 remember
? NULL
: SECRET_COLLECTION_SESSION
,
600 NULL
, store_password_cb
, simple
,
601 "account-id", account_id
,
602 "param-name", "password",
609 empathy_keyring_set_room_password_async (TpAccount
*account
,
611 const gchar
*password
,
612 GAsyncReadyCallback callback
,
615 GSimpleAsyncResult
*simple
;
616 const gchar
*account_id
;
619 g_return_if_fail (TP_IS_ACCOUNT (account
));
620 g_return_if_fail (id
!= NULL
);
621 g_return_if_fail (password
!= NULL
);
623 simple
= g_simple_async_result_new (G_OBJECT (account
), callback
,
624 user_data
, empathy_keyring_set_room_password_async
);
626 account_id
= tp_proxy_get_object_path (account
) +
627 strlen (TP_ACCOUNT_OBJECT_PATH_BASE
);
629 DEBUG ("Remembering password for room '%s' on account '%s'", id
, account_id
);
631 name
= g_strdup_printf (_("Password for chatroom '%s' on account %s (%s)"),
632 id
, tp_account_get_display_name (account
), account_id
);
634 secret_password_store (&room_keyring_schema
, NULL
, name
, password
,
635 NULL
, store_password_cb
, simple
,
636 "account-id", account_id
,
644 empathy_keyring_set_account_password_finish (TpAccount
*account
,
645 GAsyncResult
*result
,
648 empathy_implement_finish_void (account
, empathy_keyring_set_account_password_async
);
652 empathy_keyring_set_room_password_finish (TpAccount
*account
,
653 GAsyncResult
*result
,
656 empathy_implement_finish_void (account
, empathy_keyring_set_room_password_async
);
662 items_delete_cb (GObject
*source
,
663 GAsyncResult
*result
,
666 GSimpleAsyncResult
*simple
= G_SIMPLE_ASYNC_RESULT (user_data
);
667 GError
*error
= NULL
;
669 if (!secret_password_clear_finish (result
, &error
))
671 g_simple_async_result_set_error (simple
, TP_ERROR
,
672 TP_ERROR_DOES_NOT_EXIST
, "%s", error
->message
);
673 g_error_free (error
);
676 g_simple_async_result_complete (simple
);
677 g_object_unref (simple
);
681 empathy_keyring_delete_account_password_async (TpAccount
*account
,
682 GAsyncReadyCallback callback
,
685 GSimpleAsyncResult
*simple
;
686 const gchar
*account_id
;
688 g_return_if_fail (TP_IS_ACCOUNT (account
));
690 simple
= g_simple_async_result_new (G_OBJECT (account
), callback
,
691 user_data
, empathy_keyring_delete_account_password_async
);
693 account_id
= tp_proxy_get_object_path (account
) +
694 strlen (TP_ACCOUNT_OBJECT_PATH_BASE
);
696 DEBUG ("Deleting password for %s", account_id
);
700 const gchar
*provider
;
702 provider
= tp_account_get_storage_provider (account
);
703 if (!tp_strdiff (provider
, EMPATHY_UOA_PROVIDER
))
705 /* I see no other way to forget the stored password than overwriting
706 * with an empty one. */
707 uoa_set_account_password (account
, "", FALSE
, simple
);
708 g_object_unref (simple
);
714 secret_password_clear (&account_keyring_schema
, NULL
,
715 items_delete_cb
, simple
,
716 "account-id", account_id
,
717 "param-name", "password",
722 empathy_keyring_delete_account_password_finish (TpAccount
*account
,
723 GAsyncResult
*result
,
726 empathy_implement_finish_void (account
, empathy_keyring_delete_account_password_async
);