QOAuth1Signature Class
Implements OAuth 1 signature methods. More...
| Header: | #include <QOAuth1Signature> |
| qmake: | QT += networkauth |
| Since: | Qt 5.8 |
This class was introduced in Qt 5.8.
Public Types
| enum class | HttpRequestMethod { Head, Get, Put, Post, Delete, …, Unknown } |
Public Functions
| QOAuth1Signature(QOAuth1Signature &&other) | |
| QOAuth1Signature(const QOAuth1Signature &other) | |
| QOAuth1Signature(const QUrl &url, const QString &clientSharedKey, const QString &tokenSecret, QOAuth1Signature::HttpRequestMethod method = HttpRequestMethod::Post, const QVariantMap ¶meters = QVariantMap()) | |
| QOAuth1Signature(const QUrl &url = QUrl(), QOAuth1Signature::HttpRequestMethod method = HttpRequestMethod::Post, const QVariantMap ¶meters = QVariantMap()) | |
| QOAuth1Signature & | operator=(QOAuth1Signature &&other) |
| ~QOAuth1Signature() | |
| void | addRequestBody(const QUrlQuery &body) |
| QString | clientSharedKey() const |
| QByteArray | customMethodString() const |
| QByteArray | hmacSha1() const |
| QOAuth1Signature::HttpRequestMethod | httpRequestMethod() const |
| void | insert(const QString &key, const QVariant &value) |
| QList<QString> | keys() const |
| QVariantMap | parameters() const |
| QByteArray | plainText() const |
| QByteArray | rsaSha1() const |
| void | setClientSharedKey(const QString &secret) |
| void | setCustomMethodString(const QByteArray &verb) |
| void | setHttpRequestMethod(QOAuth1Signature::HttpRequestMethod method) |
| void | setParameters(const QVariantMap ¶meters) |
| void | setTokenSecret(const QString &secret) |
| void | setUrl(const QUrl &url) |
| void | swap(QOAuth1Signature &other) |
| QVariant | take(const QString &key) |
| QString | tokenSecret() const |
| QUrl | url() const |
| QVariant | value(const QString &key, const QVariant &defaultValue = QVariant()) const |
Static Public Members
| QByteArray | plainText(const QString &clientSharedKey, const QString &tokenSecret) |
Detailed Description
OAuth-authenticated requests can have two sets of credentials: those passed via the "oauth_consumer_key" parameter and those in the "oauth_token" parameter. In order for the server to verify the authenticity of the request and prevent unauthorized access, the client needs to prove that it is the rightful owner of the credentials. This is accomplished using the shared-secret (or RSA key) part of each set of credentials.
OAuth specifies three methods for the client to establish its rightful ownership of the credentials: "HMAC-SHA1", "RSA-SHA1", and "PLAINTEXT". Each generates a "signature" with which the request is "signed"; the first two use a digest of the data signed in generating this, though the last does not. The "RSA-SHA1" method is not supported here; it would use an RSA key rather than the shared-secret associated with the client credentials.
Member Type Documentation
enum class QOAuth1Signature::HttpRequestMethod
Indicates the HTTP request method.
| Constant | Value | Description |
|---|---|---|
QOAuth1Signature::HttpRequestMethod::Head | 1 | HEAD method. |
QOAuth1Signature::HttpRequestMethod::Get | 2 | GET method. |
QOAuth1Signature::HttpRequestMethod::Put | 3 | PUT method. |
QOAuth1Signature::HttpRequestMethod::Post | 4 | POST method. |
QOAuth1Signature::HttpRequestMethod::Delete | 5 | DELETE method. |
QOAuth1Signature::HttpRequestMethod::Custom | 6 | Identifies a custom method. |
QOAuth1Signature::HttpRequestMethod::Unknown | 0 | Method not set. |
Member Function Documentation
QOAuth1Signature::QOAuth1Signature(QOAuth1Signature &&other)
Move-constructs a QOAuth1Signature instance, taking over the private data other was using.
QOAuth1Signature::QOAuth1Signature(const QOAuth1Signature &other)
Creates a copy of other.
QOAuth1Signature::QOAuth1Signature(const QUrl &url, const QString &clientSharedKey, const QString &tokenSecret, QOAuth1Signature::HttpRequestMethod method = HttpRequestMethod::Post, const QVariantMap ¶meters = QVariantMap())
Creates a QOAuth1Signature using
- url as the target address
- clientSharedKey as the user token used to verify the signature
- tokenSecret as the negotiated token used to verify the signature
- method as the HTTP method used to send the request
- and the given user parameters to augment the request.
QOAuth1Signature::QOAuth1Signature(const QUrl &url = QUrl(), QOAuth1Signature::HttpRequestMethod method = HttpRequestMethod::Post, const QVariantMap ¶meters = QVariantMap())
Creates a QOAuth1Signature using
- url as the target address
- method as the HTTP method used to send the request
- and the given user parameters to augment the request.
QOAuth1Signature &QOAuth1Signature::operator=(QOAuth1Signature &&other)
Move-assignment operator.
QOAuth1Signature::~QOAuth1Signature()
Destroys the QOAuth1Signature.
void QOAuth1Signature::addRequestBody(const QUrlQuery &body)
Adds the request body to the signature. When a POST request body contains arguments they should be included in the signed data.
QString QOAuth1Signature::clientSharedKey() const
Returns the user secret used to generate the signature.
See also setClientSharedKey().
QByteArray QOAuth1Signature::customMethodString() const
Returns the custom method string.
This function was introduced in Qt 5.13.
See also setCustomMethodString() and httpRequestMethod().
QByteArray QOAuth1Signature::hmacSha1() const
Generates the HMAC-SHA1 signature using the client shared secret and, where available, token secret.
QOAuth1Signature::HttpRequestMethod QOAuth1Signature::httpRequestMethod() const
Returns the request method.
See also setHttpRequestMethod().
void QOAuth1Signature::insert(const QString &key, const QVariant &value)
Inserts a new pair key, value into the signature. When a POST request body contains arguments they should be included in the signed data.
QList<QString> QOAuth1Signature::keys() const
Retrieves the list of keys of parameters included in the signed data.
QVariantMap QOAuth1Signature::parameters() const
Returns the parameters.
See also setParameters().
QByteArray QOAuth1Signature::plainText() const
Generates the PLAINTEXT signature.
[static] QByteArray QOAuth1Signature::plainText(const QString &clientSharedKey, const QString &tokenSecret)
Generates a PLAINTEXT signature from the client secret clientSharedKey and the token secret tokenSecret.
QByteArray QOAuth1Signature::rsaSha1() const
Generates the RSA-SHA1 signature.
Note: Currently this method is not supported.
void QOAuth1Signature::setClientSharedKey(const QString &secret)
Sets secret as the user secret used to generate the signature.
See also clientSharedKey().
void QOAuth1Signature::setCustomMethodString(const QByteArray &verb)
Sets a custom request method. Will set the httpRequestMethod to QOAuth1Signature::HttpRequestMethod::Custom and store the verb to use it for the generation of the signature.
Note: Using this method is required when working with custom verbs. Setting only the request method will fail, as the signure needs to know the actual verb.
This function was introduced in Qt 5.13.
See also customMethodString(), setHttpRequestMethod(), and HttpRequestMethod.
void QOAuth1Signature::setHttpRequestMethod(QOAuth1Signature::HttpRequestMethod method)
Sets the request method.
See also httpRequestMethod().
void QOAuth1Signature::setParameters(const QVariantMap ¶meters)
Sets the parameters.
See also parameters().
void QOAuth1Signature::setTokenSecret(const QString &secret)
Sets secret as the negotiated secret used to generate the signature.
See also tokenSecret().
void QOAuth1Signature::setUrl(const QUrl &url)
Sets the URL to url.
See also url().
void QOAuth1Signature::swap(QOAuth1Signature &other)
Swaps signature other with this signature. This operation is very fast and never fails.
QVariant QOAuth1Signature::take(const QString &key)
Removes key and any associated value from the signed data.
QString QOAuth1Signature::tokenSecret() const
Returns the negotiated secret used to generate the signature.
See also setTokenSecret().
QUrl QOAuth1Signature::url() const
Returns the URL.
See also setUrl().
QVariant QOAuth1Signature::value(const QString &key, const QVariant &defaultValue = QVariant()) const
Returns the value associated with key, if present in the signed data, otherwise defaultValue.