mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-04-05 05:27:39 +03:00
Code Issues Projects Releases Packages Wiki Activity

Browser Integration code cleanup (#8489)

Browse source 
Co-authored-by: varjolintu <sami.vanttinen@protonmail.com>
This commit is contained in:
Sami Vänttinen 2023-02-18 22:52:31 +02:00 committed by GitHub
parent ba15981700
commit 4a30417f76
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 321 additions and 336 deletions
Download patch file Download diff file Expand all files Collapse all files

108
src/browser/BrowserService.cpp
View file

@ -314,23 +314,18 @@ QString BrowserService::getCurrentTotp(const QString& uuid)
return {};
}
QJsonArray BrowserService::findMatchingEntries(const QString& dbid,
const QString& siteUrl,
const QString& formUrl,
const QString& realm,
const StringPairList& keyList,
const bool httpAuth)
QJsonArray
BrowserService::findEntries(const EntryParameters& entryParameters, const StringPairList& keyList, const bool httpAuth)
{
Q_UNUSED(dbid);
const bool alwaysAllowAccess = browserSettings()->alwaysAllowAccess();
const bool ignoreHttpAuth = browserSettings()->httpAuthPermission();
const QString siteHost = QUrl(siteUrl).host();
const QString formHost = QUrl(formUrl).host();
const QString siteHost = QUrl(entryParameters.siteUrl).host();
const QString formHost = QUrl(entryParameters.formUrl).host();
// Check entries for authorization
QList<Entry*> pwEntriesToConfirm;
QList<Entry*> pwEntries;
for (auto* entry : searchEntries(siteUrl, formUrl, keyList)) {
for (auto* entry : searchEntries(entryParameters.siteUrl, entryParameters.formUrl, keyList)) {
auto entryCustomData = entry->customData();
if (!httpAuth
@ -353,7 +348,7 @@ QJsonArray BrowserService::findMatchingEntries(const QString& dbid,
continue;
}
switch (checkAccess(entry, siteHost, formHost, realm)) {
switch (checkAccess(entry, siteHost, formHost, entryParameters.realm)) {
case Denied:
continue;
@ -373,7 +368,7 @@ QJsonArray BrowserService::findMatchingEntries(const QString& dbid,
// Confirm entries
QList<Entry*> selectedEntriesToConfirm =
confirmEntries(pwEntriesToConfirm, siteUrl, siteHost, formHost, realm, httpAuth);
confirmEntries(pwEntriesToConfirm, entryParameters, siteHost, formHost, httpAuth);
if (!selectedEntriesToConfirm.isEmpty()) {
pwEntries.append(selectedEntriesToConfirm);
}
@ -388,7 +383,7 @@ QJsonArray BrowserService::findMatchingEntries(const QString& dbid,
}
// Sort results
pwEntries = sortEntries(pwEntries, siteUrl, formUrl);
pwEntries = sortEntries(pwEntries, entryParameters.siteUrl, entryParameters.formUrl);
// Fill the list
QJsonArray result;
@ -400,10 +395,9 @@ QJsonArray BrowserService::findMatchingEntries(const QString& dbid,
}
QList<Entry*> BrowserService::confirmEntries(QList<Entry*>& pwEntriesToConfirm,
const QString& siteUrl,
const EntryParameters& entryParameters,
const QString& siteHost,
const QString& formUrl,
const QString& realm,
const bool httpAuth)
{
if (pwEntriesToConfirm.isEmpty() || m_dialogActive) {
@ -418,10 +412,10 @@ QList<Entry*> BrowserService::confirmEntries(QList<Entry*>& pwEntriesToConfirm,
connect(&accessControlDialog, &BrowserAccessControlDialog::disableAccess, [&](QTableWidgetItem* item) {
auto entry = pwEntriesToConfirm[item->row()];
denyEntry(entry, siteHost, formUrl, realm);
denyEntry(entry, siteHost, formUrl, entryParameters.realm);
});
accessControlDialog.setItems(pwEntriesToConfirm, siteUrl, httpAuth);
accessControlDialog.setItems(pwEntriesToConfirm, entryParameters.siteUrl, httpAuth);
QList<Entry*> allowedEntries;
auto ret = accessControlDialog.exec();
@ -429,7 +423,7 @@ QList<Entry*> BrowserService::confirmEntries(QList<Entry*>& pwEntriesToConfirm,
for (auto item : accessControlDialog.getSelectedEntries()) {
auto entry = pwEntriesToConfirm[item->row()];
if (accessControlDialog.remember()) {
allowEntry(entry, siteHost, formUrl, realm);
allowEntry(entry, siteHost, formUrl, entryParameters.realm);
}
allowedEntries.append(entry);
}
@ -442,10 +436,7 @@ QList<Entry*> BrowserService::confirmEntries(QList<Entry*>& pwEntriesToConfirm,
return allowedEntries;
}
void BrowserService::showPasswordGenerator(QLocalSocket* socket,
const QString& incrementedNonce,
const QString& publicKey,
const QString& secretKey)
void BrowserService::showPasswordGenerator(const KeyPairMessage& keyPairMessage)
{
if (!m_passwordGenerator) {
m_passwordGenerator.reset(PasswordGeneratorWidget::popupGenerator());
@ -454,7 +445,7 @@ void BrowserService::showPasswordGenerator(QLocalSocket* socket,
if (!m_passwordGenerator->isPasswordGenerated()) {
auto errorMessage = browserMessageBuilder()->getErrorReply("generate-password",
ERROR_KEEPASS_ACTION_CANCELLED_OR_DENIED);
m_browserHost->sendClientMessage(socket, errorMessage);
m_browserHost->sendClientMessage(keyPairMessage.socket, errorMessage);
}
m_passwordGenerator.reset();
@ -466,12 +457,13 @@ void BrowserService::showPasswordGenerator(QLocalSocket* socket,
&PasswordGeneratorWidget::appliedPassword,
m_passwordGenerator.data(),
[=](const QString& password) {
QJsonObject message = browserMessageBuilder()->buildMessage(incrementedNonce);
message["password"] = password;
m_browserHost->sendClientMessage(
socket,
browserMessageBuilder()->buildResponse(
"generate-password", message, incrementedNonce, publicKey, secretKey));
const Parameters params{{"password", password}};
m_browserHost->sendClientMessage(keyPairMessage.socket,
browserMessageBuilder()->buildResponse("generate-password",
keyPairMessage.nonce,
params,
keyPairMessage.publicKey,
keyPairMessage.secretKey));
hideWindow();
});
}
@ -549,19 +541,13 @@ QString BrowserService::getKey(const QString& id)
return db->metadata()->customData()->value(CustomData::BrowserKeyPrefix + id);
}
void BrowserService::addEntry(const QString& dbid,
const QString& login,
const QString& password,
const QString& siteUrl,
const QString& formUrl,
const QString& realm,
void BrowserService::addEntry(const EntryParameters& entryParameters,
const QString& group,
const QString& groupUuid,
const bool downloadFavicon,
const QSharedPointer<Database>& selectedDb)
{
// TODO: select database based on this key id
Q_UNUSED(dbid);
auto db = selectedDb ? selectedDb : selectedDatabase();
if (!db) {
return;
@ -569,11 +555,11 @@ void BrowserService::addEntry(const QString& dbid,
auto* entry = new Entry();
entry->setUuid(QUuid::createUuid());
entry->setTitle(QUrl(siteUrl).host());
entry->setUrl(siteUrl);
entry->setTitle(QUrl(entryParameters.siteUrl).host());
entry->setUrl(entryParameters.siteUrl);
entry->setIcon(KEEPASSXCBROWSER_DEFAULT_ICON);
entry->setUsername(login);
entry->setPassword(password);
entry->setUsername(entryParameters.login);
entry->setPassword(entryParameters.password);
// Select a group for the entry
if (!group.isEmpty()) {
@ -589,16 +575,16 @@ void BrowserService::addEntry(const QString& dbid,
entry->setGroup(getDefaultEntryGroup(db));
}
const QString host = QUrl(siteUrl).host();
const QString submitHost = QUrl(formUrl).host();
const QString host = QUrl(entryParameters.siteUrl).host();
const QString submitHost = QUrl(entryParameters.formUrl).host();
BrowserEntryConfig config;
config.allow(host);
if (!submitHost.isEmpty()) {
config.allow(submitHost);
}
if (!realm.isEmpty()) {
config.setRealm(realm);
if (!entryParameters.realm.isEmpty()) {
config.setRealm(entryParameters.realm);
}
config.save(entry);
@ -607,15 +593,9 @@ void BrowserService::addEntry(const QString& dbid,
}
}
bool BrowserService::updateEntry(const QString& dbid,
const QString& uuid,
const QString& login,
const QString& password,
const QString& siteUrl,
const QString& formUrl)
bool BrowserService::updateEntry(const EntryParameters& entryParameters, const QString& uuid)
{
// TODO: select database based on this key id
Q_UNUSED(dbid);
auto db = selectedDatabase();
if (!db) {
return false;
@ -624,7 +604,7 @@ bool BrowserService::updateEntry(const QString& dbid,
Entry* entry = db->rootGroup()->findEntryByUuid(Tools::hexToUuid(uuid));
if (!entry) {
// If entry is not found for update, add a new one to the selected database
addEntry(dbid, login, password, siteUrl, formUrl, "", "", "", db);
addEntry(entryParameters, "", "", false, db);
return true;
}
@ -639,32 +619,32 @@ bool BrowserService::updateEntry(const QString& dbid,
}
}
QString username = entry->username();
auto username = entry->username();
if (username.isEmpty()) {
return false;
}
bool result = false;
if (username.compare(login, Qt::CaseSensitive) != 0
|| entry->password().compare(password, Qt::CaseSensitive) != 0) {
if (username.compare(entryParameters.login, Qt::CaseSensitive) != 0
|| entry->password().compare(entryParameters.password, Qt::CaseSensitive) != 0) {
MessageBox::Button dialogResult = MessageBox::No;
if (!browserSettings()->alwaysAllowUpdate()) {
raiseWindow();
dialogResult = MessageBox::question(
nullptr,
tr("KeePassXC: Update Entry"),
tr("Do you want to update the information in %1 - %2?").arg(QUrl(siteUrl).host(), username),
MessageBox::Save | MessageBox::Cancel,
MessageBox::Cancel,
MessageBox::Raise);
dialogResult = MessageBox::question(nullptr,
tr("KeePassXC: Update Entry"),
tr("Do you want to update the information in %1 - %2?")
.arg(QUrl(entryParameters.siteUrl).host(), username),
MessageBox::Save | MessageBox::Cancel,
MessageBox::Cancel,
MessageBox::Raise);
}
if (browserSettings()->alwaysAllowUpdate() || dialogResult == MessageBox::Save) {
entry->beginUpdate();
if (!entry->attributes()->isReference(EntryAttributes::UserNameKey)) {
entry->setUsername(login);
entry->setUsername(entryParameters.login);
}
entry->setPassword(password);
entry->setPassword(entryParameters.password);
entry->endUpdate();
result = true;
}