2 * Copyright (C) 2010 Collabora Ltd.
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 #include "empathy-keyring.h"
22 #include <glib/gi18n-lib.h>
23 #include <libsecret/secret.h>
26 #include <libaccounts-glib/ag-account.h>
27 #include <libaccounts-glib/ag-account-service.h>
28 #include <libaccounts-glib/ag-auth-data.h>
29 #include <libaccounts-glib/ag-manager.h>
30 #include <libaccounts-glib/ag-service.h>
31 #include <libsignon-glib/signon-identity.h>
32 #include "empathy-uoa-utils.h"
35 #include "empathy-utils.h"
37 #define DEBUG_FLAG EMPATHY_DEBUG_OTHER
38 #include "empathy-debug.h"
40 static const SecretSchema account_keyring_schema =
41 { "org.gnome.Empathy.Account", SECRET_SCHEMA_DONT_MATCH_NAME,
42 { { "account-id", SECRET_SCHEMA_ATTRIBUTE_STRING },
43 { "param-name", SECRET_SCHEMA_ATTRIBUTE_STRING },
46 static const SecretSchema room_keyring_schema =
47 { "org.gnome.Empathy.Room", SECRET_SCHEMA_DONT_MATCH_NAME,
48 { { "account-id", SECRET_SCHEMA_ATTRIBUTE_STRING },
49 { "room-id", SECRET_SCHEMA_ATTRIBUTE_STRING },
55 lookup_item_cb (GObject *source,
59 GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
63 password = secret_password_lookup_finish (result, &error);
66 g_simple_async_result_set_error (simple, TP_ERROR,
67 TP_ERROR_DOES_NOT_EXIST, "%s", error->message);
68 g_clear_error (&error);
74 g_simple_async_result_set_error (simple, TP_ERROR,
75 TP_ERROR_DOES_NOT_EXIST, _("Password not found"));
79 g_simple_async_result_set_op_res_gpointer (simple, password,
80 (GDestroyNotify) secret_password_free);
83 g_simple_async_result_complete (simple);
84 g_object_unref (simple);
88 static AgAccountService *
89 uoa_password_common (TpAccount *tp_account,
90 GSimpleAsyncResult *result,
91 AgAuthData **ret_auth_data)
93 const GValue *storage_id;
94 AgAccountId account_id;
95 AgManager *manager = NULL;
96 AgAccount *account = NULL;
98 AgAccountService *service = NULL;
99 AgAuthData *auth_data = NULL;
101 g_assert (ret_auth_data != NULL);
102 *ret_auth_data = NULL;
104 storage_id = tp_account_get_storage_identifier (tp_account);
105 account_id = g_value_get_uint (storage_id);
108 g_simple_async_result_set_error (result,
109 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
110 "StorageId is invalid, cannot get the AgAccount for this TpAccount");
111 g_simple_async_result_complete_in_idle (result);
115 manager = empathy_uoa_manager_dup ();
116 account = ag_manager_get_account (manager, account_id);
118 /* Assuming there is only one IM service */
119 l = ag_account_list_services_by_type (account, EMPATHY_UOA_SERVICE_TYPE);
122 g_simple_async_result_set_error (result,
123 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
124 "AgAccount has no IM service");
125 g_simple_async_result_complete_in_idle (result);
128 service = ag_account_service_new (account, l->data);
129 ag_service_list_free (l);
131 auth_data = ag_account_service_get_auth_data (service);
132 if (auth_data == NULL)
134 g_simple_async_result_set_error (result,
135 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
136 "Service has no AgAuthData");
137 g_simple_async_result_complete_in_idle (result);
141 if (tp_strdiff (ag_auth_data_get_mechanism (auth_data), "password") ||
142 tp_strdiff (ag_auth_data_get_method (auth_data), "password"))
144 g_simple_async_result_set_error (result,
145 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
146 "Service does not use password authentication");
147 g_simple_async_result_complete_in_idle (result);
151 g_object_unref (manager);
152 g_object_unref (account);
154 *ret_auth_data = auth_data;
158 g_clear_object (&manager);
159 g_clear_object (&account);
160 g_clear_object (&service);
161 tp_clear_pointer (&auth_data, ag_auth_data_unref);
166 uoa_session_process_cb (SignonAuthSession *session,
167 GHashTable *session_data,
171 GSimpleAsyncResult *result = user_data;
172 const gchar *password;
176 g_simple_async_result_set_from_error (result, error);
180 password = tp_asv_get_string (session_data, "Secret");
181 if (tp_str_empty (password))
183 g_simple_async_result_set_error (result, TP_ERROR,
184 TP_ERROR_DOES_NOT_EXIST, _("Password not found"));
188 g_simple_async_result_set_op_res_gpointer (result, g_strdup (password),
192 /* libaccounts-glib API does not guarantee the callback happens after
193 * reentering mainloop */
194 g_simple_async_result_complete_in_idle (result);
195 g_object_unref (result);
196 g_object_unref (session);
200 uoa_get_account_password (TpAccount *tp_account,
201 GSimpleAsyncResult *result)
203 AgAccountService *service;
204 AgAuthData *auth_data;
206 SignonIdentity *identity;
207 SignonAuthSession *session;
208 GError *error = NULL;
210 DEBUG ("Store password for %s in signond",
211 tp_account_get_path_suffix (tp_account));
213 service = uoa_password_common (tp_account, result, &auth_data);
217 cred_id = ag_auth_data_get_credentials_id (auth_data);
220 g_simple_async_result_set_error (result,
221 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
222 "AgAccount has no CredentialsId");
223 g_simple_async_result_complete_in_idle (result);
227 identity = signon_identity_new_from_db (cred_id);
228 session = signon_identity_create_session (identity,
229 ag_auth_data_get_method (auth_data), &error);
230 g_object_unref (identity);
234 g_simple_async_result_set_from_error (result, error);
235 g_simple_async_result_complete_in_idle (result);
239 signon_auth_session_process (session,
240 ag_auth_data_get_parameters (auth_data),
241 ag_auth_data_get_mechanism (auth_data),
242 uoa_session_process_cb,
243 g_object_ref (result));
246 ag_auth_data_unref (auth_data);
247 g_object_unref (service);
252 empathy_keyring_get_account_password_async (TpAccount *account,
253 GAsyncReadyCallback callback,
256 GSimpleAsyncResult *simple;
257 const gchar *account_id;
259 g_return_if_fail (TP_IS_ACCOUNT (account));
260 g_return_if_fail (callback != NULL);
262 simple = g_simple_async_result_new (G_OBJECT (account), callback,
263 user_data, empathy_keyring_get_account_password_async);
265 account_id = tp_proxy_get_object_path (account) +
266 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
268 DEBUG ("Trying to get password for: %s", account_id);
272 const gchar *provider;
274 provider = tp_account_get_storage_provider (account);
275 if (!tp_strdiff (provider, EMPATHY_UOA_PROVIDER))
277 uoa_get_account_password (account, simple);
278 g_object_unref (simple);
284 secret_password_lookup (&account_keyring_schema, NULL,
285 lookup_item_cb, simple,
286 "account-id", account_id,
287 "param-name", "password",
292 empathy_keyring_get_room_password_async (TpAccount *account,
294 GAsyncReadyCallback callback,
297 GSimpleAsyncResult *simple;
298 const gchar *account_id;
300 g_return_if_fail (TP_IS_ACCOUNT (account));
301 g_return_if_fail (id != NULL);
302 g_return_if_fail (callback != NULL);
304 simple = g_simple_async_result_new (G_OBJECT (account), callback,
305 user_data, empathy_keyring_get_room_password_async);
307 account_id = tp_proxy_get_object_path (account) +
308 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
310 DEBUG ("Trying to get password for room '%s' on account '%s'",
313 secret_password_lookup (&room_keyring_schema, NULL,
314 lookup_item_cb, simple,
315 "account-id", account_id,
321 empathy_keyring_get_account_password_finish (TpAccount *account,
322 GAsyncResult *result,
325 empathy_implement_finish_return_pointer (account,
326 empathy_keyring_get_account_password_async);
330 empathy_keyring_get_room_password_finish (TpAccount *account,
331 GAsyncResult *result,
334 empathy_implement_finish_return_pointer (account,
335 empathy_keyring_get_room_password_async);
341 store_password_cb (GObject *source,
342 GAsyncResult *result,
345 GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
346 GError *error = NULL;
348 if (!secret_password_store_finish (result, &error))
350 g_simple_async_result_set_error (simple, TP_ERROR,
351 TP_ERROR_DOES_NOT_EXIST, "%s", error->message);
352 g_error_free (error);
355 g_simple_async_result_complete (simple);
356 g_object_unref (simple);
362 AgAccountService *service;
365 GSimpleAsyncResult *result;
366 } UoaChangePasswordData;
368 static UoaChangePasswordData *
369 uoa_change_password_data_new (AgAccountService *service,
370 const gchar *password,
372 GSimpleAsyncResult *result)
374 UoaChangePasswordData *data;
376 data = g_slice_new0 (UoaChangePasswordData);
377 data->service = g_object_ref (service);
378 data->password = g_strdup (password);
379 data->remember = remember;
380 data->result = g_object_ref (result);
386 uoa_change_password_data_free (UoaChangePasswordData *data)
388 g_object_unref (data->service);
389 g_free (data->password);
390 g_object_unref (data->result);
391 g_slice_free (UoaChangePasswordData, data);
395 uoa_identity_store_cb (SignonIdentity *identity,
400 UoaChangePasswordData *data = user_data;
403 g_simple_async_result_set_from_error (data->result, error);
405 g_simple_async_result_complete (data->result);
406 uoa_change_password_data_free (data);
407 g_object_unref (identity);
411 uoa_identity_query_info_cb (SignonIdentity *identity,
412 const SignonIdentityInfo *info,
416 UoaChangePasswordData *data = user_data;
420 g_simple_async_result_set_from_error (data->result, error);
421 /* libaccounts-glib API does not guarantee the callback happens after
422 * reentering mainloop */
423 g_simple_async_result_complete_in_idle (data->result);
424 uoa_change_password_data_free (data);
425 g_object_unref (identity);
429 /* const SignonIdentityInfo is a lie, cast it! - Mardy */
430 signon_identity_info_set_secret ((SignonIdentityInfo *) info,
431 data->password, data->remember);
433 signon_identity_store_credentials_with_info (identity, info,
434 uoa_identity_store_cb, data);
438 uoa_initial_account_store_cb (AgAccount *account,
442 UoaChangePasswordData *data = user_data;
445 g_simple_async_result_set_from_error (data->result, error);
447 /* libaccounts-glib API does not guarantee the callback happens after
448 * reentering mainloop */
449 g_simple_async_result_complete_in_idle (data->result);
450 uoa_change_password_data_free (data);
454 uoa_initial_identity_store_cb (SignonIdentity *identity,
459 UoaChangePasswordData *data = user_data;
460 AgAccount *account = ag_account_service_get_account (data->service);
461 GValue value = G_VALUE_INIT;
465 g_simple_async_result_set_from_error (data->result, error);
466 /* libaccounts-glib API does not guarantee the callback happens after
467 * reentering mainloop */
468 g_simple_async_result_complete_in_idle (data->result);
469 uoa_change_password_data_free (data);
470 g_object_unref (identity);
474 g_value_init (&value, G_TYPE_UINT);
475 g_value_set_uint (&value, id);
476 ag_account_select_service (account, NULL);
477 ag_account_set_value (account, "CredentialsId", &value);
478 g_value_unset (&value);
480 ag_account_store (account, uoa_initial_account_store_cb, data);
482 g_object_unref (identity);
486 uoa_set_account_password (TpAccount *tp_account,
487 const gchar *password,
489 GSimpleAsyncResult *result)
491 AgAccountService *service;
492 AgAuthData *auth_data;
494 UoaChangePasswordData *data;
495 SignonIdentity *identity;
497 DEBUG ("Store password for %s in signond",
498 tp_account_get_path_suffix (tp_account));
500 service = uoa_password_common (tp_account, result, &auth_data);
504 data = uoa_change_password_data_new (service, password, remember, result);
506 cred_id = ag_auth_data_get_credentials_id (auth_data);
509 SignonIdentityInfo *info;
510 const GHashTable *params;
511 const gchar *username;
512 const gchar *acl_all[] = { "*", NULL };
514 /* This is the first time we store password for this account.
515 * First check if we have an 'username' param as this is more accurate
516 * in the tp-idle case. */
517 params = tp_account_get_parameters (tp_account);
518 username = tp_asv_get_string (params, "username");
519 if (username == NULL)
520 username = tp_asv_get_string (params, "account");
522 identity = signon_identity_new ();
523 info = signon_identity_info_new ();
524 signon_identity_info_set_username (info, username);
525 signon_identity_info_set_secret (info, password, remember);
526 signon_identity_info_set_access_control_list (info, acl_all);
528 /* Give identity and data ownership to the callback */
529 signon_identity_store_credentials_with_info (identity, info,
530 uoa_initial_identity_store_cb, data);
532 signon_identity_info_free (info);
536 /* There is already a password stored, query info to update it.
537 * Give identity and data ownership to the callback */
538 identity = signon_identity_new_from_db (cred_id);
539 signon_identity_query_info (identity,
540 uoa_identity_query_info_cb, data);
543 g_object_unref (service);
544 ag_auth_data_unref (auth_data);
549 empathy_keyring_set_account_password_async (TpAccount *account,
550 const gchar *password,
552 GAsyncReadyCallback callback,
555 GSimpleAsyncResult *simple;
556 const gchar *account_id;
559 g_return_if_fail (TP_IS_ACCOUNT (account));
560 g_return_if_fail (password != NULL);
562 simple = g_simple_async_result_new (G_OBJECT (account), callback,
563 user_data, empathy_keyring_set_account_password_async);
565 account_id = tp_proxy_get_object_path (account) +
566 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
568 DEBUG ("Remembering password for %s", account_id);
572 const gchar *provider;
574 provider = tp_account_get_storage_provider (account);
575 if (!tp_strdiff (provider, EMPATHY_UOA_PROVIDER))
577 uoa_set_account_password (account, password, remember, simple);
578 g_object_unref (simple);
584 name = g_strdup_printf (_("IM account password for %s (%s)"),
585 tp_account_get_display_name (account), account_id);
587 secret_password_store (&account_keyring_schema,
588 remember ? NULL : SECRET_COLLECTION_SESSION,
590 NULL, store_password_cb, simple,
591 "account-id", account_id,
592 "param-name", "password",
599 empathy_keyring_set_room_password_async (TpAccount *account,
601 const gchar *password,
602 GAsyncReadyCallback callback,
605 GSimpleAsyncResult *simple;
606 const gchar *account_id;
609 g_return_if_fail (TP_IS_ACCOUNT (account));
610 g_return_if_fail (id != NULL);
611 g_return_if_fail (password != NULL);
613 simple = g_simple_async_result_new (G_OBJECT (account), callback,
614 user_data, empathy_keyring_set_room_password_async);
616 account_id = tp_proxy_get_object_path (account) +
617 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
619 DEBUG ("Remembering password for room '%s' on account '%s'", id, account_id);
621 name = g_strdup_printf (_("Password for chatroom '%s' on account %s (%s)"),
622 id, tp_account_get_display_name (account), account_id);
624 secret_password_store (&room_keyring_schema, NULL, name, password,
625 NULL, store_password_cb, simple,
626 "account-id", account_id,
634 empathy_keyring_set_account_password_finish (TpAccount *account,
635 GAsyncResult *result,
638 empathy_implement_finish_void (account, empathy_keyring_set_account_password_async);
642 empathy_keyring_set_room_password_finish (TpAccount *account,
643 GAsyncResult *result,
646 empathy_implement_finish_void (account, empathy_keyring_set_room_password_async);
652 items_delete_cb (GObject *source,
653 GAsyncResult *result,
656 GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
657 GError *error = NULL;
659 secret_password_clear_finish (result, &error);
662 g_simple_async_result_set_error (simple, TP_ERROR,
663 TP_ERROR_DOES_NOT_EXIST, "%s", error->message);
664 g_error_free (error);
667 g_simple_async_result_complete (simple);
668 g_object_unref (simple);
672 empathy_keyring_delete_account_password_async (TpAccount *account,
673 GAsyncReadyCallback callback,
676 GSimpleAsyncResult *simple;
677 const gchar *account_id;
679 g_return_if_fail (TP_IS_ACCOUNT (account));
681 simple = g_simple_async_result_new (G_OBJECT (account), callback,
682 user_data, empathy_keyring_delete_account_password_async);
684 account_id = tp_proxy_get_object_path (account) +
685 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
687 DEBUG ("Deleting password for %s", account_id);
691 const gchar *provider;
693 provider = tp_account_get_storage_provider (account);
694 if (!tp_strdiff (provider, EMPATHY_UOA_PROVIDER))
696 /* I see no other way to forget the stored password than overwriting
697 * with an empty one. */
698 uoa_set_account_password (account, "", FALSE, simple);
699 g_object_unref (simple);
705 secret_password_clear (&account_keyring_schema, NULL,
706 items_delete_cb, simple,
707 "account-id", account_id,
708 "param-name", "password",
713 empathy_keyring_delete_account_password_finish (TpAccount *account,
714 GAsyncResult *result,
717 empathy_implement_finish_void (account, empathy_keyring_delete_account_password_async);