如何使用 QOAuth2AuthorizationCodeFlow 和 QOAuthHttpServerReplyHandler 设置 redirect_uri
对于使用 QT 的 networkauth 和新的 QOAuth2AuthorizationCodeFlow 对象的 OAuth 2.0,我该如何设置 redirect_uri?我的代码如下.这会导致发送以下身份验证 URL:
For OAuth 2.0 using QT's networkauth and the new QOAuth2AuthorizationCodeFlow object, how can I set the redirect_uri? My code is below. It results in the following authenticate url being sent:
QOAuth2AuthorizationCodeFlow::buildAuthenticateUrl:https://accounts.google.com/o/oauth2/auth?client_id=123-abc.apps.googleusercontent.com&redirect_uri=http://localhost:65535/cb&response_type=code&scope=email&state=iEIYn5sN
QOAuth2AuthorizationCodeFlow::buildAuthenticateUrl: https://accounts.google.com/o/oauth2/auth?client_id=123-abc.apps.googleusercontent.com&redirect_uri=http://localhost:65535/cb&response_type=code&scope=email&state=iEIYn5sN
将 redirect_uri 设置为http://localhost",导致来自谷歌的错误 400 redirect_uri_mismatch,这显然是期待要提供的实际重定向主机名.
The setting of redirect_uri to "http://localhost", results in an Error 400 redirect_uri_mismatch from google which is obviously expecting the actual redirect hostname to be provided.
GoogleGateway::GoogleGateway() {
auto google = new QOAuth2AuthorizationCodeFlow;
google->setScope("email");
this->connect(google, &QOAuth2AuthorizationCodeFlow::authorizeWithBrowser, &QDesktopServices::openUrl);
QString val;
QFile file;
file.setFileName("/home/me/client_secret.json");
file.open(QIODevice::ReadOnly | QIODevice::Text);
val = file.readAll();
file.close();
QJsonDocument document = QJsonDocument::fromJson(val.toUtf8());
QJsonObject object = document.object();
const auto settingsObject = object["web"].toObject();
const QUrl authUri(settingsObject["auth_uri"].toString());
const auto clientId = settingsObject["client_id"].toString();
const QUrl tokenUri(settingsObject["token_uri"].toString());
const auto clientSecret(settingsObject["client_secret"].toString());
const auto redirectUris = settingsObject["redirect_uris"].toArray();
const QUrl redirectUri(redirectUris[0].toString());
const auto port = static_cast<quint16>(redirectUri.port());
google->setAuthorizationUrl(authUri);
google->setClientIdentifier(clientId);
google->setAccessTokenUrl(tokenUri);
google->setClientIdentifierSharedKey(clientSecret);
auto replyHandler = new QOAuthHttpServerReplyHandler(port, this);
google->setReplyHandler(replyHandler);
google->grant();
}
要设置redirect_uri,我试过替换:
To set the redirect_uri, I've tried replacing:
auto replyHandler = new QOAuthHttpServerReplyHandler(port, this);
与
QHostAddress hostaddress = QHostAddress(quint32(1233...));
auto replyHandler = new QOAuthHttpServerReplyHandler(hostaddress, port, this);
结果没有变化.
也试过插入:
replyHandler->setProperty("redirect_uri", "http://abc.xyz.com:65535/cb");
结果也没有变化.
在 Qt/5.8/Src/qtnetworkauth/src/oauth/qoauthhttpserverreplyhandler.cpp 中,我们看到回调地址看起来很可疑:
In Qt/5.8/Src/qtnetworkauth/src/oauth/qoauthhttpserverreplyhandler.cpp, we see that the callback address looks suspiciously hard-coded:
QString QOAuthHttpServerReplyHandler::callback() const
{
Q_D(const QOAuthHttpServerReplyHandler);
Q_ASSERT(d->httpServer.isListening());
const QUrl url(QString::fromLatin1("http://localhost:%1/cb").arg(d->httpServer.serverPort()));
return url.toString(QUrl::EncodeDelimiters);
}
这个callback()依次在Qt/5.8/Src/qtnetworkauth/src/oauth/qoauth2authorizationcodeflow.cpp中用来设置redirectUri值:
This callback() is in turn used in Qt/5.8/Src/qtnetworkauth/src/oauth/qoauth2authorizationcodeflow.cpp to set the redirectUri value:
QUrl QOAuth2AuthorizationCodeFlow::buildAuthenticateUrl(const QVariantMap ¶meters)
{
Q_D(QOAuth2AuthorizationCodeFlow);
using Key = QAbstractOAuth2Private::OAuth2KeyString;
if (d->state.isEmpty())
setState(QAbstractOAuth2Private::generateRandomState());
Q_ASSERT(!d->state.isEmpty());
const QString state = d->state;
QVariantMap p(parameters);
QUrl url(d->authorizationUrl);
p.insert(Key::responseType, responseType());
p.insert(Key::clientIdentifier, d->clientCredentials.first);
p.insert(Key::redirectUri, callback());
p.insert(Key::scope, d->scope);
p.insert(Key::state, state);
if (d->modifyParametersFunction)
d->modifyParametersFunction(Stage::RequestingAuthorization, &p);
url.setQuery(d->createQuery(p));
connect(d->replyHandler.data(), &QAbstractOAuthReplyHandler::callbackReceived, this,
&QOAuth2AuthorizationCodeFlow::authorizationCallbackReceived, Qt::UniqueConnection);
setStatus(QAbstractOAuth::Status::NotAuthenticated);
qDebug("QOAuth2AuthorizationCodeFlow::buildAuthenticateUrl: %s", qPrintable(url.toString()));
return url;
}
这是一个错误吗?
推荐答案
我刚刚通过子类化 MyOAuthHttpServerReplyHandler
并覆盖 callback()
的定义来返回 URI 解决了这个问题我想要.
I just solved this by subclassing MyOAuthHttpServerReplyHandler
and overriding the definition of callback()
to return the URI I wanted.
相关文章