-
-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[auth][api] QgsAuthConfigurationStorage classes and tests #57992
base: master
Are you sure you want to change the base?
Conversation
* Abstract class that defines the interface for all authentication configuration storage implementations. | ||
* \since QGIS 3.40 | ||
*/ | ||
class CORE_EXPORT QgsAuthConfigurationStorage: public QObject SIP_ABSTRACT |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
class CORE_EXPORT QgsAuthConfigurationStorage: public QObject SIP_ABSTRACT | |
class CORE_EXPORT QgsAbstractAuthConfigurationStorage: public QObject SIP_ABSTRACT |
I'd argue that "storage" in this class name is needlessly restrictive. Perhaps QgsAbstractAuthBackend is a better choice?
|
||
bool QgsAuthConfigurationStorageDb::authDbOpen() const | ||
{ | ||
QMutexLocker locker( &mMutex ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are all these implementations 1:1 copies of the current code? Or are there modifications I should look over specifically?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
They are mostly 1:1 copies but I did not just cut & paste. I'd say that you can defer the review of the CRUD methods after finish writing the tests, I will probably intercept most issues while testing.
54117f8
to
40ddba2
Compare
50b2786
to
d93a8c2
Compare
04b6f9b
to
da447d3
Compare
} | ||
|
||
QSqlQuery query( authDatabaseConnection() ); | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
More of a design question than a code question -- but I'm curious how this method will work in a multi-user setup? Eg a number of plugins I've come across (and some I maintain) use this method to securely store API tokens after a user authenticates with a service. So I'm wondering what would happen if there's a central auth db setup (say on postgres), and then a plugin attempts to store something inherently user-specific like a API token? Either the db will be locked down and prevent this, or they'll clobber their work colleagues' token. Both situations are bad, and would ultimately break the plugin. 😱 (Or is the intention here that a centrally managed auth db is siloed into completely separate user "buckets" via db-level handling? )
Unless this situation is gracefully handled I can see this being a blocker for real-world use cases.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's make a step back: the original goal was to provide a way to store credentials in a real client-server DB to remove the filesystem sqlite DB which is causing a lot of issues with QGIS server deployments in the cloud.
For the desktop there is an enterprise use case which I think is interesting (and I spotted in the wild when working with big government orgs in the past): centrally managed shared credentials for company's services.
With the new API you can have read/only storages and you can have multiple storages, so you can imagine using a read/write local storage for user overrides.
Also, you can subclass QgsAuthConfigurationStorage (if not SIP_ABSTRACT) or QgsAuthConfigurationStorageDb and create your own accessors to the DB with filters for the user.
I thought about adding a 'user' field or something similar to the tables but I thought it was too much specific and it wouldn't ever cover all use cases.
Coming back to your use case (if I get this right): if a plugin uses the auth system for its own secure storage it would probably be capable of managing its own keys naming convention to avoid clashes with other users.
Not yet wired into the the app.
ea9842d
to
a9961a1
Compare
Abstract authentication credentials storage
Implementation of qgis/QGIS-Enhancement-Proposals#248
Goal
Provide an abstract API to manage authentication configurations storage.
The new API supports any database supported by
QSqlDatabase
(https://doc.qt.io/qt-5/qsqldatabase.html) includingSQLite
.Additional features:
QgsAuthConfigurationStorageRegistry
that holds the (ordered) list of authentication storages available to the system