QOAuth1 Class

The QOAuth1 class provides an implementation of the OAuth 1 Protocol. More...

Header: #include <QOAuth1>
CMake: find_package(Qt6 COMPONENTS NetworkAuth REQUIRED)
target_link_libraries(mytarget PRIVATE Qt6::NetworkAuth)
qmake: QT += networkauth
Since: Qt 5.8
Inherits: QAbstractOAuth

Public Types

enum class SignatureMethod { Hmac_Sha1, Rsa_Sha1, PlainText }

Public Functions

QOAuth1(const QString &clientIdentifier, const QString &clientSharedSecret, QNetworkAccessManager *manager, QObject *parent = nullptr)
QOAuth1(QNetworkAccessManager *manager, QObject *parent = nullptr)
QOAuth1(QObject *parent = nullptr)
QPair<QString, QString> clientCredentials() const
QString clientSharedSecret() const
void setClientCredentials(const QPair<QString, QString> &clientCredentials)
void setClientCredentials(const QString &clientIdentifier, const QString &clientSharedSecret)
void setClientSharedSecret(const QString &clientSharedSecret)
void setSignatureMethod(QOAuth1::SignatureMethod value)
void setTemporaryCredentialsUrl(const QUrl &url)
void setTokenCredentials(const QPair<QString, QString> &tokenCredentials)
void setTokenCredentials(const QString &token, const QString &tokenSecret)
void setTokenCredentialsUrl(const QUrl &url)
void setTokenSecret(const QString &tokenSecret)
QOAuth1::SignatureMethod signatureMethod() const
QUrl temporaryCredentialsUrl() const
QPair<QString, QString> tokenCredentials() const
QUrl tokenCredentialsUrl() const
QString tokenSecret() const

Reimplemented Public Functions

virtual QNetworkReply *deleteResource(const QUrl &url, const QVariantMap &parameters = QVariantMap()) override
virtual QNetworkReply *get(const QUrl &url, const QVariantMap &parameters = QVariantMap()) override
virtual QNetworkReply *head(const QUrl &url, const QVariantMap &parameters = QVariantMap()) override
virtual QNetworkReply *post(const QUrl &url, const QVariantMap &parameters = QVariantMap()) override
virtual void prepareRequest(QNetworkRequest *request, const QByteArray &verb, const QByteArray &body = QByteArray()) override
virtual QNetworkReply *put(const QUrl &url, const QVariantMap &parameters = QVariantMap()) override

Public Slots

void continueGrantWithVerifier(const QString &verifier)
virtual void grant() override

Protected Functions

QNetworkReply *requestTemporaryCredentials(QNetworkAccessManager::Operation operation, const QUrl &url, const QVariantMap &parameters = QVariantMap())
QNetworkReply *requestTokenCredentials(QNetworkAccessManager::Operation operation, const QUrl &url, const QPair<QString, QString> &temporaryToken, const QVariantMap &parameters = QVariantMap())
void setup(QNetworkRequest *request, const QVariantMap &signingParameters, QNetworkAccessManager::Operation operation)
void setup(QNetworkRequest *request, const QVariantMap &signingParameters, const QByteArray &operationVerb)

Static Protected Members

QByteArray generateAuthorizationHeader(const QVariantMap &oauthParams)
QByteArray nonce()

Detailed Description

QOAuth1 provides a method for clients to access server resources on behalf of a resource owner (such as a different client or an end-user). It also provides a process for end-users to authorize third-party access to their server resources without sharing their credentials (typically, a username and password pair), using user-agent redirections.

QOAuth1 uses tokens to represent the authorization granted to the client by the resource owner. Typically, token credentials are issued by the server at the resource owner's request, after authenticating the resource owner's identity (usually using a username and password).

When making the temporary credentials request, the client authenticates using only the client credentials. When making the token request, the client authenticates using the client credentials as well as the temporary credentials. Once the client receives and stores the token credentials, it can proceed to access protected resources on behalf of the resource owner by making authenticated requests using the client credentials together with the token credentials received.

Member Type Documentation

enum class QOAuth1::SignatureMethod

Indicates the signature method to be used to sign requests.

ConstantValueDescription
QOAuth1::SignatureMethod::Hmac_Sha10HMAC-SHA1 signature method.
QOAuth1::SignatureMethod::Rsa_Sha11RSA-SHA1 signature method (not supported).
QOAuth1::SignatureMethod::PlainText2PLAINTEXT signature method.

Member Function Documentation

QOAuth1::QOAuth1(const QString &clientIdentifier, const QString &clientSharedSecret, QNetworkAccessManager *manager, QObject *parent = nullptr)

Constructs a QOAuth1 object with parent object parent, using manager to access the network. Also sets clientIdentifier and clientSharedSecret to sign the calls to the web server and identify the application.

QOAuth1::QOAuth1(QNetworkAccessManager *manager, QObject *parent = nullptr)

Constructs a QOAuth1 object with parent object parent, using manager to access the network.

QOAuth1::QOAuth1(QObject *parent = nullptr)

Constructs a QOAuth1 object with parent object parent.

[slot] void QOAuth1::continueGrantWithVerifier(const QString &verifier)

Continues the Redirection-Based Authorization flow using verifier. Call this function when using an Out-of-band reply handler to supply the verifier provided by the web server.

[override virtual slot] void QOAuth1::grant()

Reimplements: QAbstractOAuth::grant().

Starts the Redirection-Based Authorization flow.

Note: For an out-of-band reply handler, a verifier string is received after the call to this function; pass that to continueGrantWithVerifier() to continue the grant process.

See also: The OAuth 1.0 Protocol: Redirection-Based Authorization

See also continueGrantWithVerifier().

QPair<QString, QString> QOAuth1::clientCredentials() const

Returns the pair of QString used to identify the application and sign requests to the web server.

See also setClientCredentials().

QString QOAuth1::clientSharedSecret() const

Returns the current shared secret used to sign requests to the web server.

See also setClientSharedSecret() and clientCredentials().

[override virtual] QNetworkReply *QOAuth1::deleteResource(const QUrl &url, const QVariantMap &parameters = QVariantMap())

Reimplements: QAbstractOAuth::deleteResource(const QUrl &url, const QVariantMap &parameters).

Sends an authenticated DELETE request and returns a new QNetworkReply. The url and parameters are used to create the request.

See also: Hypertext Transfer Protocol -- HTTP/1.1: DELETE

[static protected] QByteArray QOAuth1::generateAuthorizationHeader(const QVariantMap &oauthParams)

Generates an authorization header using oauthParams.

See also: The OAuth 1.0 Protocol: Authorization Header

[override virtual] QNetworkReply *QOAuth1::get(const QUrl &url, const QVariantMap &parameters = QVariantMap())

Reimplements: QAbstractOAuth::get(const QUrl &url, const QVariantMap &parameters).

Sends an authenticated GET request and returns a new QNetworkReply. The url and parameters are used to create the request.

See also: Hypertext Transfer Protocol -- HTTP/1.1: GET

Reimplements: QAbstractOAuth::head(const QUrl &url, const QVariantMap &parameters).

Sends an authenticated HEAD request and returns a new QNetworkReply. The url and parameters are used to create the request.

See also: Hypertext Transfer Protocol -- HTTP/1.1: HEAD

[static protected] QByteArray QOAuth1::nonce()

Generates a nonce.

See also: The OAuth 1.0 Protocol: Nonce and Timestamp

[override virtual] QNetworkReply *QOAuth1::post(const QUrl &url, const QVariantMap &parameters = QVariantMap())

Reimplements: QAbstractOAuth::post(const QUrl &url, const QVariantMap &parameters).

Sends an authenticated POST request and returns a new QNetworkReply. The url and parameters are used to create the request.

See also: Hypertext Transfer Protocol -- HTTP/1.1: POST

[override virtual] void QOAuth1::prepareRequest(QNetworkRequest *request, const QByteArray &verb, const QByteArray &body = QByteArray())

Reimplements: QAbstractOAuth::prepareRequest(QNetworkRequest *request, const QByteArray &verb, const QByteArray &body).

[override virtual] QNetworkReply *QOAuth1::put(const QUrl &url, const QVariantMap &parameters = QVariantMap())

Reimplements: QAbstractOAuth::put(const QUrl &url, const QVariantMap &parameters).

Sends an authenticated PUT request and returns a new QNetworkReply. The url and parameters are used to create the request.

See also: Hypertext Transfer Protocol -- HTTP/1.1: PUT

[protected] QNetworkReply *QOAuth1::requestTemporaryCredentials(QNetworkAccessManager::Operation operation, const QUrl &url, const QVariantMap &parameters = QVariantMap())

Starts the a request for temporary credentials using the request method operation. The request URL is url and the parameters shall encoded and sent during the request.

See also: The OAuth 1.0 Protocol: Temporary Credentials

[protected] QNetworkReply *QOAuth1::requestTokenCredentials(QNetworkAccessManager::Operation operation, const QUrl &url, const QPair<QString, QString> &temporaryToken, const QVariantMap &parameters = QVariantMap())

Starts a request for token credentials using the request method operation. The request URL is url and the parameters shall be encoded and sent during the request. The temporaryToken pair of string is used to identify and sign the request.

See also: The OAuth 1.0 Protocol: Token Credentials

void QOAuth1::setClientCredentials(const QPair<QString, QString> &clientCredentials)

Sets clientCredentials as the pair of QString used to identify the application and sign requests to the web server.

See also clientCredentials().

void QOAuth1::setClientCredentials(const QString &clientIdentifier, const QString &clientSharedSecret)

Sets clientIdentifier and clientSharedSecret as the pair of QString used to identify the application and sign requests to the web server. clientIdentifier identifies the application and clientSharedSecret is used to sign requests.

See also clientCredentials().

void QOAuth1::setClientSharedSecret(const QString &clientSharedSecret)

Sets clientSharedSecret as the string used to sign the requests to the web server.

See also clientSharedSecret() and setClientCredentials().

void QOAuth1::setSignatureMethod(QOAuth1::SignatureMethod value)

Sets value as the method used to sign requests to the web server.

See also signatureMethod().

void QOAuth1::setTemporaryCredentialsUrl(const QUrl &url)

Sets url as the URL to request temporary credentials to start the authentication process.

See also temporaryCredentialsUrl().

void QOAuth1::setTokenCredentials(const QPair<QString, QString> &tokenCredentials)

Sets tokenCredentials as the pair of QString used to identify and sign authenticated requests to the web server.

See also tokenCredentials().

void QOAuth1::setTokenCredentials(const QString &token, const QString &tokenSecret)

Sets token and tokenSecret as the pair of QString used to identify and sign authenticated requests to the web server. Once the client receives and stores the token credentials, it can proceed to access protected resources on behalf of the resource owner by making authenticated requests using the client credentials together with the token credentials received.

See also tokenCredentials().

void QOAuth1::setTokenCredentialsUrl(const QUrl &url)

Sets url as the URL to request the token credentials to continue the authentication process.

See also tokenCredentialsUrl().

void QOAuth1::setTokenSecret(const QString &tokenSecret)

Sets tokenSecret as the current token secret used to sign authenticated calls to the web server.

See also tokenSecret() and setTokenCredentials().

[protected] void QOAuth1::setup(QNetworkRequest *request, const QVariantMap &signingParameters, QNetworkAccessManager::Operation operation)

Signs the request using signingParameters and operation.

This is an overloaded function.

[protected, since 5.13] void QOAuth1::setup(QNetworkRequest *request, const QVariantMap &signingParameters, const QByteArray &operationVerb)

Signs the request using signingParameters and operationVerb.

This is an overloaded function.

This function was introduced in Qt 5.13.

QOAuth1::SignatureMethod QOAuth1::signatureMethod() const

Returns the method used to sign the request to the web server.

See also setSignatureMethod().

QUrl QOAuth1::temporaryCredentialsUrl() const

Returns the url used to request temporary credentials to start the authentication process.

See also setTemporaryCredentialsUrl().

QPair<QString, QString> QOAuth1::tokenCredentials() const

Returns the pair of QString used to identify and sign authenticated requests to the web server.

See also setTokenCredentials().

QUrl QOAuth1::tokenCredentialsUrl() const

Returns the url used to request token credentials to continue the authentication process.

See also setTokenCredentialsUrl().

QString QOAuth1::tokenSecret() const

Returns the current token secret used to sign authenticated requests to the web server.

See also setTokenSecret() and tokenCredentials().