This is a preliminary statement about my intentions, via Boundless sponsored development, of a refactoring, simplification and hardening of the authentication system, which will mostly be covered in an upcoming QEP.
While most of the changes will not affect the API, like porting Qt4-dependent code to Qt5, I would like to accomplish the following in its C++ API for:
QgsAuthManager
Simplify the API of the class
Move most SSL functionality out of it
Possibly adjust its singleton pattern design (as discussed in #42)
QgsAuthMethodRegistry
Add a means of creating/registering/deleting authentication methods, for PyQGIS binding.
QgsAuthCertUtils
Remove all QCA-specific code/functions that can now be accomplished with Qt5
QgsNetworkAccessManager
Updating QgsNetworkAccessManager to be authentication-system-aware, by being able to react to an authcfg token in a URL, would allow for automated selection of authentication relative to the endpoints base URL, i.e. offering a recommended existing auth config instead of requiring a user to pre-assign authentication configurations for every endpoint connection. The API change to QgsNetworkAccessManager would be minimal, possibly just an optionalauthcfg parameter for calls that already have the token stripped from the request URL.
For PyQGIS, there should be discussion on a hardening of the API to reduce attack vectors from possibly nefarious Python plugins or scripts. Granted, there are pluses/minuses to every approach I have thought of (to be outlined in QEP). These are the basic changes.
PyQGIS API:
Reduce binding coverage to the auth system to the bare minimum needed to interact with it.
Stabilize on methodology and API for accessing credentials (generally not needed if QgsAuthManager is handling authentication). Several potential approaches can be used, user-authorization per plugin or plugins are distributed code signing certificates from QGIS, etc.
Possibly add a means of creating/registering/deleting authentication methods via PyQGIS. This will aid in creation of third-party authentication methods, though does open QGIS to further attack vectors (like hijacking an existing auth method) is not done correctly.
This is a preliminary statement about my intentions, via Boundless sponsored development, of a refactoring, simplification and hardening of the authentication system, which will mostly be covered in an upcoming QEP.
While most of the changes will not affect the API, like porting Qt4-dependent code to Qt5, I would like to accomplish the following in its C++ API for:
QgsAuthManagerQgsAuthMethodRegistryQgsAuthCertUtilsQgsNetworkAccessManagerQgsNetworkAccessManagerto be authentication-system-aware, by being able to react to anauthcfgtoken in a URL, would allow for automated selection of authentication relative to the endpoints base URL, i.e. offering a recommended existing auth config instead of requiring a user to pre-assign authentication configurations for every endpoint connection. The API change toQgsNetworkAccessManagerwould be minimal, possibly just an optionalauthcfgparameter for calls that already have the token stripped from the request URL.For PyQGIS, there should be discussion on a hardening of the API to reduce attack vectors from possibly nefarious Python plugins or scripts. Granted, there are pluses/minuses to every approach I have thought of (to be outlined in QEP). These are the basic changes.
PyQGIS API: