2 * Copyright (C) 2010 Collabora Ltd.
4 * This library is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2.1 of the License, or (at your option) any later version.
9 * This library is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with this library; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 #include <glib/gi18n-lib.h>
23 #include "empathy-keyring.h"
27 #include <libsecret/secret.h>
30 #include <libaccounts-glib/ag-account.h>
31 #include <libaccounts-glib/ag-account-service.h>
32 #include <libaccounts-glib/ag-auth-data.h>
33 #include <libaccounts-glib/ag-manager.h>
34 #include <libaccounts-glib/ag-service.h>
35 #include <libsignon-glib/signon-identity.h>
36 #include "empathy-uoa-utils.h"
39 #include "empathy-utils.h"
41 #define DEBUG_FLAG EMPATHY_DEBUG_OTHER
42 #include "empathy-debug.h"
44 static const SecretSchema account_keyring_schema =
45 { "org.gnome.Empathy.Account", SECRET_SCHEMA_DONT_MATCH_NAME,
46 { { "account-id", SECRET_SCHEMA_ATTRIBUTE_STRING },
47 { "param-name", SECRET_SCHEMA_ATTRIBUTE_STRING },
50 static const SecretSchema room_keyring_schema =
51 { "org.gnome.Empathy.Room", SECRET_SCHEMA_DONT_MATCH_NAME,
52 { { "account-id", SECRET_SCHEMA_ATTRIBUTE_STRING },
53 { "room-id", SECRET_SCHEMA_ATTRIBUTE_STRING },
57 empathy_keyring_is_available (void)
65 lookup_item_cb (GObject *source,
69 GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
73 password = secret_password_lookup_finish (result, &error);
76 g_simple_async_result_set_error (simple, TP_ERROR,
77 TP_ERROR_DOES_NOT_EXIST, "%s", error->message);
78 g_clear_error (&error);
84 g_simple_async_result_set_error (simple, TP_ERROR,
85 TP_ERROR_DOES_NOT_EXIST, _("Password not found"));
89 g_simple_async_result_set_op_res_gpointer (simple, password,
90 (GDestroyNotify) secret_password_free);
93 g_simple_async_result_complete (simple);
94 g_object_unref (simple);
98 static AgAccountService *
99 uoa_password_common (TpAccount *tp_account,
100 GSimpleAsyncResult *result,
101 AgAuthData **ret_auth_data)
103 const GValue *storage_id;
104 AgAccountId account_id;
105 AgManager *manager = NULL;
106 AgAccount *account = NULL;
108 AgAccountService *service = NULL;
109 AgAuthData *auth_data = NULL;
111 g_assert (ret_auth_data != NULL);
112 *ret_auth_data = NULL;
114 storage_id = tp_account_get_storage_identifier (tp_account);
115 account_id = g_value_get_uint (storage_id);
118 g_simple_async_result_set_error (result,
119 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
120 "StorageId is invalid, cannot get the AgAccount for this TpAccount");
121 g_simple_async_result_complete_in_idle (result);
125 manager = empathy_uoa_manager_dup ();
126 account = ag_manager_get_account (manager, account_id);
128 /* Assuming there is only one IM service */
129 l = ag_account_list_services_by_type (account, EMPATHY_UOA_SERVICE_TYPE);
132 g_simple_async_result_set_error (result,
133 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
134 "AgAccount has no IM service");
135 g_simple_async_result_complete_in_idle (result);
138 service = ag_account_service_new (account, l->data);
139 ag_service_list_free (l);
141 auth_data = ag_account_service_get_auth_data (service);
142 if (auth_data == NULL)
144 g_simple_async_result_set_error (result,
145 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
146 "Service has no AgAuthData");
147 g_simple_async_result_complete_in_idle (result);
151 if (tp_strdiff (ag_auth_data_get_mechanism (auth_data), "password") ||
152 tp_strdiff (ag_auth_data_get_method (auth_data), "password"))
154 g_simple_async_result_set_error (result,
155 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
156 "Service does not use password authentication");
157 g_simple_async_result_complete_in_idle (result);
161 g_object_unref (manager);
162 g_object_unref (account);
164 *ret_auth_data = auth_data;
168 g_clear_object (&manager);
169 g_clear_object (&account);
170 g_clear_object (&service);
171 tp_clear_pointer (&auth_data, ag_auth_data_unref);
176 uoa_session_process_cb (SignonAuthSession *session,
177 GHashTable *session_data,
181 GSimpleAsyncResult *result = user_data;
182 const gchar *password;
186 g_simple_async_result_set_from_error (result, error);
190 password = tp_asv_get_string (session_data, "Secret");
191 if (tp_str_empty (password))
193 g_simple_async_result_set_error (result, TP_ERROR,
194 TP_ERROR_DOES_NOT_EXIST, _("Password not found"));
198 g_simple_async_result_set_op_res_gpointer (result, g_strdup (password),
202 /* libaccounts-glib API does not guarantee the callback happens after
203 * reentering mainloop */
204 g_simple_async_result_complete_in_idle (result);
205 g_object_unref (result);
206 g_object_unref (session);
210 uoa_get_account_password (TpAccount *tp_account,
211 GSimpleAsyncResult *result)
213 AgAccountService *service;
214 AgAuthData *auth_data;
216 SignonIdentity *identity;
217 SignonAuthSession *session;
218 GError *error = NULL;
220 DEBUG ("Store password for %s in signond",
221 tp_account_get_path_suffix (tp_account));
223 service = uoa_password_common (tp_account, result, &auth_data);
227 cred_id = ag_auth_data_get_credentials_id (auth_data);
230 g_simple_async_result_set_error (result,
231 TP_ERROR, TP_ERROR_INVALID_ARGUMENT,
232 "AgAccount has no CredentialsId");
233 g_simple_async_result_complete_in_idle (result);
237 identity = signon_identity_new_from_db (cred_id);
238 session = signon_identity_create_session (identity,
239 ag_auth_data_get_method (auth_data), &error);
240 g_object_unref (identity);
244 g_simple_async_result_set_from_error (result, error);
245 g_simple_async_result_complete_in_idle (result);
249 signon_auth_session_process (session,
250 ag_auth_data_get_parameters (auth_data),
251 ag_auth_data_get_mechanism (auth_data),
252 uoa_session_process_cb,
253 g_object_ref (result));
256 ag_auth_data_unref (auth_data);
257 g_object_unref (service);
262 empathy_keyring_get_account_password_async (TpAccount *account,
263 GAsyncReadyCallback callback,
266 GSimpleAsyncResult *simple;
267 const gchar *account_id;
269 g_return_if_fail (TP_IS_ACCOUNT (account));
270 g_return_if_fail (callback != NULL);
272 simple = g_simple_async_result_new (G_OBJECT (account), callback,
273 user_data, empathy_keyring_get_account_password_async);
275 account_id = tp_proxy_get_object_path (account) +
276 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
278 DEBUG ("Trying to get password for: %s", account_id);
282 const gchar *provider;
284 provider = tp_account_get_storage_provider (account);
285 if (!tp_strdiff (provider, EMPATHY_UOA_PROVIDER))
287 uoa_get_account_password (account, simple);
288 g_object_unref (simple);
294 secret_password_lookup (&account_keyring_schema, NULL,
295 lookup_item_cb, simple,
296 "account-id", account_id,
297 "param-name", "password",
302 empathy_keyring_get_room_password_async (TpAccount *account,
304 GAsyncReadyCallback callback,
307 GSimpleAsyncResult *simple;
308 const gchar *account_id;
310 g_return_if_fail (TP_IS_ACCOUNT (account));
311 g_return_if_fail (id != NULL);
312 g_return_if_fail (callback != NULL);
314 simple = g_simple_async_result_new (G_OBJECT (account), callback,
315 user_data, empathy_keyring_get_room_password_async);
317 account_id = tp_proxy_get_object_path (account) +
318 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
320 DEBUG ("Trying to get password for room '%s' on account '%s'",
323 secret_password_lookup (&room_keyring_schema, NULL,
324 lookup_item_cb, simple,
325 "account-id", account_id,
331 empathy_keyring_get_account_password_finish (TpAccount *account,
332 GAsyncResult *result,
335 empathy_implement_finish_return_pointer (account,
336 empathy_keyring_get_account_password_async);
340 empathy_keyring_get_room_password_finish (TpAccount *account,
341 GAsyncResult *result,
344 empathy_implement_finish_return_pointer (account,
345 empathy_keyring_get_room_password_async);
351 store_password_cb (GObject *source,
352 GAsyncResult *result,
355 GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
356 GError *error = NULL;
358 if (!secret_password_store_finish (result, &error))
360 g_simple_async_result_set_error (simple, TP_ERROR,
361 TP_ERROR_DOES_NOT_EXIST, "%s", error->message);
362 g_error_free (error);
365 g_simple_async_result_complete (simple);
366 g_object_unref (simple);
372 AgAccountService *service;
375 GSimpleAsyncResult *result;
376 } UoaChangePasswordData;
378 static UoaChangePasswordData *
379 uoa_change_password_data_new (AgAccountService *service,
380 const gchar *password,
382 GSimpleAsyncResult *result)
384 UoaChangePasswordData *data;
386 data = g_slice_new0 (UoaChangePasswordData);
387 data->service = g_object_ref (service);
388 data->password = g_strdup (password);
389 data->remember = remember;
390 data->result = g_object_ref (result);
396 uoa_change_password_data_free (UoaChangePasswordData *data)
398 g_object_unref (data->service);
399 g_free (data->password);
400 g_object_unref (data->result);
401 g_slice_free (UoaChangePasswordData, data);
405 uoa_identity_store_cb (SignonIdentity *identity,
410 UoaChangePasswordData *data = user_data;
413 g_simple_async_result_set_from_error (data->result, error);
415 g_simple_async_result_complete (data->result);
416 uoa_change_password_data_free (data);
417 g_object_unref (identity);
421 uoa_identity_query_info_cb (SignonIdentity *identity,
422 const SignonIdentityInfo *info,
426 UoaChangePasswordData *data = user_data;
430 g_simple_async_result_set_from_error (data->result, error);
431 /* libaccounts-glib API does not guarantee the callback happens after
432 * reentering mainloop */
433 g_simple_async_result_complete_in_idle (data->result);
434 uoa_change_password_data_free (data);
435 g_object_unref (identity);
439 /* const SignonIdentityInfo is a lie, cast it! - Mardy */
440 signon_identity_info_set_secret ((SignonIdentityInfo *) info,
441 data->password, data->remember);
443 signon_identity_store_credentials_with_info (identity, info,
444 uoa_identity_store_cb, data);
448 uoa_initial_account_store_cb (AgAccount *account,
452 UoaChangePasswordData *data = user_data;
455 g_simple_async_result_set_from_error (data->result, error);
457 /* libaccounts-glib API does not guarantee the callback happens after
458 * reentering mainloop */
459 g_simple_async_result_complete_in_idle (data->result);
460 uoa_change_password_data_free (data);
464 uoa_initial_identity_store_cb (SignonIdentity *identity,
469 UoaChangePasswordData *data = user_data;
470 AgAccount *account = ag_account_service_get_account (data->service);
471 GValue value = G_VALUE_INIT;
475 g_simple_async_result_set_from_error (data->result, error);
476 /* libaccounts-glib API does not guarantee the callback happens after
477 * reentering mainloop */
478 g_simple_async_result_complete_in_idle (data->result);
479 uoa_change_password_data_free (data);
480 g_object_unref (identity);
484 g_value_init (&value, G_TYPE_UINT);
485 g_value_set_uint (&value, id);
486 ag_account_select_service (account, NULL);
487 ag_account_set_value (account, "CredentialsId", &value);
488 g_value_unset (&value);
490 ag_account_store (account, uoa_initial_account_store_cb, data);
492 g_object_unref (identity);
496 uoa_set_account_password (TpAccount *tp_account,
497 const gchar *password,
499 GSimpleAsyncResult *result)
501 AgAccountService *service;
502 AgAuthData *auth_data;
504 UoaChangePasswordData *data;
505 SignonIdentity *identity;
507 DEBUG ("Store password for %s in signond",
508 tp_account_get_path_suffix (tp_account));
510 service = uoa_password_common (tp_account, result, &auth_data);
514 data = uoa_change_password_data_new (service, password, remember, result);
516 cred_id = ag_auth_data_get_credentials_id (auth_data);
519 SignonIdentityInfo *info;
520 const GHashTable *params;
521 const gchar *username;
522 const gchar *acl_all[] = { "*", NULL };
524 /* This is the first time we store password for this account.
525 * First check if we have an 'username' param as this is more accurate
526 * in the tp-idle case. */
527 params = tp_account_get_parameters (tp_account);
528 username = tp_asv_get_string (params, "username");
529 if (username == NULL)
530 username = tp_asv_get_string (params, "account");
532 identity = signon_identity_new ();
533 info = signon_identity_info_new ();
534 signon_identity_info_set_username (info, username);
535 signon_identity_info_set_secret (info, password, remember);
536 signon_identity_info_set_access_control_list (info, acl_all);
538 /* Give identity and data ownership to the callback */
539 signon_identity_store_credentials_with_info (identity, info,
540 uoa_initial_identity_store_cb, data);
542 signon_identity_info_free (info);
546 /* There is already a password stored, query info to update it.
547 * Give identity and data ownership to the callback */
548 identity = signon_identity_new_from_db (cred_id);
549 signon_identity_query_info (identity,
550 uoa_identity_query_info_cb, data);
553 g_object_unref (service);
554 ag_auth_data_unref (auth_data);
559 empathy_keyring_set_account_password_async (TpAccount *account,
560 const gchar *password,
562 GAsyncReadyCallback callback,
565 GSimpleAsyncResult *simple;
566 const gchar *account_id;
569 g_return_if_fail (TP_IS_ACCOUNT (account));
570 g_return_if_fail (password != NULL);
572 simple = g_simple_async_result_new (G_OBJECT (account), callback,
573 user_data, empathy_keyring_set_account_password_async);
575 account_id = tp_proxy_get_object_path (account) +
576 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
578 DEBUG ("Remembering password for %s", account_id);
582 const gchar *provider;
584 provider = tp_account_get_storage_provider (account);
585 if (!tp_strdiff (provider, EMPATHY_UOA_PROVIDER))
587 uoa_set_account_password (account, password, remember, simple);
588 g_object_unref (simple);
594 name = g_strdup_printf (_("IM account password for %s (%s)"),
595 tp_account_get_display_name (account), account_id);
597 secret_password_store (&account_keyring_schema,
598 remember ? NULL : SECRET_COLLECTION_SESSION,
600 NULL, store_password_cb, simple,
601 "account-id", account_id,
602 "param-name", "password",
609 empathy_keyring_set_room_password_async (TpAccount *account,
611 const gchar *password,
612 GAsyncReadyCallback callback,
615 GSimpleAsyncResult *simple;
616 const gchar *account_id;
619 g_return_if_fail (TP_IS_ACCOUNT (account));
620 g_return_if_fail (id != NULL);
621 g_return_if_fail (password != NULL);
623 simple = g_simple_async_result_new (G_OBJECT (account), callback,
624 user_data, empathy_keyring_set_room_password_async);
626 account_id = tp_proxy_get_object_path (account) +
627 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
629 DEBUG ("Remembering password for room '%s' on account '%s'", id, account_id);
631 name = g_strdup_printf (_("Password for chatroom '%s' on account %s (%s)"),
632 id, tp_account_get_display_name (account), account_id);
634 secret_password_store (&room_keyring_schema, NULL, name, password,
635 NULL, store_password_cb, simple,
636 "account-id", account_id,
644 empathy_keyring_set_account_password_finish (TpAccount *account,
645 GAsyncResult *result,
648 empathy_implement_finish_void (account, empathy_keyring_set_account_password_async);
652 empathy_keyring_set_room_password_finish (TpAccount *account,
653 GAsyncResult *result,
656 empathy_implement_finish_void (account, empathy_keyring_set_room_password_async);
662 items_delete_cb (GObject *source,
663 GAsyncResult *result,
666 GSimpleAsyncResult *simple = G_SIMPLE_ASYNC_RESULT (user_data);
667 GError *error = NULL;
669 if (!secret_password_clear_finish (result, &error))
671 g_simple_async_result_set_error (simple, TP_ERROR,
672 TP_ERROR_DOES_NOT_EXIST, "%s", error->message);
673 g_error_free (error);
676 g_simple_async_result_complete (simple);
677 g_object_unref (simple);
681 empathy_keyring_delete_account_password_async (TpAccount *account,
682 GAsyncReadyCallback callback,
685 GSimpleAsyncResult *simple;
686 const gchar *account_id;
688 g_return_if_fail (TP_IS_ACCOUNT (account));
690 simple = g_simple_async_result_new (G_OBJECT (account), callback,
691 user_data, empathy_keyring_delete_account_password_async);
693 account_id = tp_proxy_get_object_path (account) +
694 strlen (TP_ACCOUNT_OBJECT_PATH_BASE);
696 DEBUG ("Deleting password for %s", account_id);
700 const gchar *provider;
702 provider = tp_account_get_storage_provider (account);
703 if (!tp_strdiff (provider, EMPATHY_UOA_PROVIDER))
705 /* I see no other way to forget the stored password than overwriting
706 * with an empty one. */
707 uoa_set_account_password (account, "", FALSE, simple);
708 g_object_unref (simple);
714 secret_password_clear (&account_keyring_schema, NULL,
715 items_delete_cb, simple,
716 "account-id", account_id,
717 "param-name", "password",
722 empathy_keyring_delete_account_password_finish (TpAccount *account,
723 GAsyncResult *result,
726 empathy_implement_finish_void (account, empathy_keyring_delete_account_password_async);