QOAuth1Signature Class

Implements OAuth 1 signature methods. More...

Header: #include <QOAuth1Signature>
CMake: find_package(Qt6 COMPONENTS NetworkAuth REQUIRED)
target_link_libraries(mytarget PRIVATE Qt6::NetworkAuth)
qmake: QT += networkauth
Since: Qt 5.8

Public Types

enum class HttpRequestMethod { Head, Get, Put, Post, Delete, …, Unknown }

Public Functions

QOAuth1Signature(QOAuth1Signature &&other)
QOAuth1Signature(const QOAuth1Signature &other)
QOAuth1Signature(const QUrl &url, const QString &clientSharedKey, const QString &tokenSecret, QOAuth1Signature::HttpRequestMethod method = HttpRequestMethod::Post, const QMultiMap<QString, QVariant> &parameters = {})
QOAuth1Signature(const QUrl &url = QUrl(), QOAuth1Signature::HttpRequestMethod method = HttpRequestMethod::Post, const QMultiMap<QString, QVariant> &parameters = {})
QOAuth1Signature &operator=(QOAuth1Signature &&other)
~QOAuth1Signature()
void addRequestBody(const QUrlQuery &body)
QString clientSharedKey() const
QByteArray customMethodString() const
QByteArray hmacSha1() const
QOAuth1Signature::HttpRequestMethod httpRequestMethod() const
void insert(const QString &key, const QVariant &value)
QList<QString> keys() const
QMultiMap<QString, QVariant> parameters() const
QByteArray plainText() const
QByteArray rsaSha1() const
void setClientSharedKey(const QString &secret)
void setCustomMethodString(const QByteArray &verb)
void setHttpRequestMethod(QOAuth1Signature::HttpRequestMethod method)
void setParameters(const QMultiMap<QString, QVariant> &parameters)
void setTokenSecret(const QString &secret)
void setUrl(const QUrl &url)
void swap(QOAuth1Signature &other)
QVariant take(const QString &key)
QString tokenSecret() const
QUrl url() const
QVariant value(const QString &key, const QVariant &defaultValue = QVariant()) const

Static Public Members

QByteArray plainText(const QString &clientSharedKey, const QString &tokenSecret)

Detailed Description

OAuth-authenticated requests can have two sets of credentials: those passed via the "oauth_consumer_key" parameter and those in the "oauth_token" parameter. In order for the server to verify the authenticity of the request and prevent unauthorized access, the client needs to prove that it is the rightful owner of the credentials. This is accomplished using the shared-secret (or RSA key) part of each set of credentials.

OAuth specifies three methods for the client to establish its rightful ownership of the credentials: "HMAC-SHA1", "RSA-SHA1", and "PLAINTEXT". Each generates a "signature" with which the request is "signed"; the first two use a digest of the data signed in generating this, though the last does not. The "RSA-SHA1" method is not supported here; it would use an RSA key rather than the shared-secret associated with the client credentials.

Member Type Documentation

enum class QOAuth1Signature::HttpRequestMethod

Indicates the HTTP request method.

ConstantValueDescription
QOAuth1Signature::HttpRequestMethod::Head1HEAD method.
QOAuth1Signature::HttpRequestMethod::Get2GET method.
QOAuth1Signature::HttpRequestMethod::Put3PUT method.
QOAuth1Signature::HttpRequestMethod::Post4POST method.
QOAuth1Signature::HttpRequestMethod::Delete5DELETE method.
QOAuth1Signature::HttpRequestMethod::Custom6Identifies a custom method.
QOAuth1Signature::HttpRequestMethod::Unknown0Method not set.

Member Function Documentation

QOAuth1Signature::QOAuth1Signature(QOAuth1Signature &&other)

Move-constructs a QOAuth1Signature instance, taking over the private data other was using.

QOAuth1Signature::QOAuth1Signature(const QOAuth1Signature &other)

Creates a copy of other.

QOAuth1Signature::QOAuth1Signature(const QUrl &url, const QString &clientSharedKey, const QString &tokenSecret, QOAuth1Signature::HttpRequestMethod method = HttpRequestMethod::Post, const QMultiMap<QString, QVariant> &parameters = {})

Creates a QOAuth1Signature using

  • url as the target address
  • clientSharedKey as the user token used to verify the signature
  • tokenSecret as the negotiated token used to verify the signature
  • method as the HTTP method used to send the request
  • and the given user parameters to augment the request.

QOAuth1Signature::QOAuth1Signature(const QUrl &url = QUrl(), QOAuth1Signature::HttpRequestMethod method = HttpRequestMethod::Post, const QMultiMap<QString, QVariant> &parameters = {})

Creates a QOAuth1Signature using

  • url as the target address
  • method as the HTTP method used to send the request
  • and the given user parameters to augment the request.

QOAuth1Signature &QOAuth1Signature::operator=(QOAuth1Signature &&other)

Move-assignment operator.

QOAuth1Signature::~QOAuth1Signature()

Destroys the QOAuth1Signature.

void QOAuth1Signature::addRequestBody(const QUrlQuery &body)

Adds the request body to the signature. When a POST request body contains arguments they should be included in the signed data.

QString QOAuth1Signature::clientSharedKey() const

Returns the user secret used to generate the signature.

See also setClientSharedKey().

[since 5.13] QByteArray QOAuth1Signature::customMethodString() const

Returns the custom method string.

This function was introduced in Qt 5.13.

See also setCustomMethodString() and httpRequestMethod().

QByteArray QOAuth1Signature::hmacSha1() const

Generates the HMAC-SHA1 signature using the client shared secret and, where available, token secret.

QOAuth1Signature::HttpRequestMethod QOAuth1Signature::httpRequestMethod() const

Returns the request method.

See also setHttpRequestMethod().

void QOAuth1Signature::insert(const QString &key, const QVariant &value)

Inserts a new pair key, value into the signature. When a POST request body contains arguments they should be included in the signed data.

QList<QString> QOAuth1Signature::keys() const

Retrieves the list of keys of parameters included in the signed data.

QMultiMap<QString, QVariant> QOAuth1Signature::parameters() const

Returns the parameters.

See also setParameters().

QByteArray QOAuth1Signature::plainText() const

Generates the PLAINTEXT signature.

[static] QByteArray QOAuth1Signature::plainText(const QString &clientSharedKey, const QString &tokenSecret)

Generates a PLAINTEXT signature from the client secret clientSharedKey and the token secret tokenSecret.

QByteArray QOAuth1Signature::rsaSha1() const

Generates the RSA-SHA1 signature.

Note: Currently this method is not supported.

void QOAuth1Signature::setClientSharedKey(const QString &secret)

Sets secret as the user secret used to generate the signature.

See also clientSharedKey().

[since 5.13] void QOAuth1Signature::setCustomMethodString(const QByteArray &verb)

Sets a custom request method. Will set the httpRequestMethod to QOAuth1Signature::HttpRequestMethod::Custom and store the verb to use it for the generation of the signature.

Note: Using this method is required when working with custom verbs. Setting only the request method will fail, as the signure needs to know the actual verb.

This function was introduced in Qt 5.13.

See also customMethodString(), setHttpRequestMethod(), and HttpRequestMethod.

void QOAuth1Signature::setHttpRequestMethod(QOAuth1Signature::HttpRequestMethod method)

Sets the request method.

See also httpRequestMethod().

void QOAuth1Signature::setParameters(const QMultiMap<QString, QVariant> &parameters)

Sets the parameters.

See also parameters().

void QOAuth1Signature::setTokenSecret(const QString &secret)

Sets secret as the negotiated secret used to generate the signature.

See also tokenSecret().

void QOAuth1Signature::setUrl(const QUrl &url)

Sets the URL to url.

See also url().

void QOAuth1Signature::swap(QOAuth1Signature &other)

Swaps signature other with this signature. This operation is very fast and never fails.

QVariant QOAuth1Signature::take(const QString &key)

Removes key and any associated value from the signed data.

QString QOAuth1Signature::tokenSecret() const

Returns the negotiated secret used to generate the signature.

See also setTokenSecret().

QUrl QOAuth1Signature::url() const

Returns the URL.

See also setUrl().

QVariant QOAuth1Signature::value(const QString &key, const QVariant &defaultValue = QVariant()) const

Returns the value associated with key, if present in the signed data, otherwise defaultValue.