Handle retrieving credentials from HTTP Basic Auth

keepassxreboot · Dec 10, 2018 · f9c244d · f9c244d
1 parent b6eeaba
commit f9c244d
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 10 deletions.
diff --git a/src/browser/BrowserAccessControlDialog.cpp b/src/browser/BrowserAccessControlDialog.cpp
@@ -58,4 +58,4 @@ bool BrowserAccessControlDialog::remember() const
 void BrowserAccessControlDialog::setRemember(bool r)
 {
     m_ui->rememberDecisionCheckBox->setChecked(r);
-}
+}
diff --git a/src/browser/BrowserAction.cpp b/src/browser/BrowserAction.cpp
@@ -251,7 +251,9 @@ QJsonObject BrowserAction::handleGetLogins(const QJsonObject& json, const QStrin
 
     const QString id = decrypted.value("id").toString();
     const QString submit = decrypted.value("submitUrl").toString();
-    const QJsonArray users = m_browserService.findMatchingEntries(id, url, submit, "", keyList);
+    const QString auth = decrypted.value("httpAuth").toString();
+    const bool httpAuth = auth.compare("true", Qt::CaseSensitive) == 0 ? true : false;
+    const QJsonArray users = m_browserService.findMatchingEntries(id, url, submit, "", keyList, httpAuth);
 
     if (users.isEmpty()) {
         return getErrorReply(action, ERROR_KEEPASS_NO_LOGINS_FOUND);

diff --git a/src/browser/BrowserService.cpp b/src/browser/BrowserService.cpp
@@ -207,7 +207,8 @@ QJsonArray BrowserService::findMatchingEntries(const QString& id,
                                                const QString& url,
                                                const QString& submitUrl,
                                                const QString& realm,
-                                               const StringPairList& keyList)
+                                               const StringPairList& keyList,
+                                               const bool httpAuth)
 {
     QJsonArray result;
     if (thread() != QThread::currentThread()) {
@@ -219,7 +220,8 @@ QJsonArray BrowserService::findMatchingEntries(const QString& id,
                                   Q_ARG(QString, url),
                                   Q_ARG(QString, submitUrl),
                                   Q_ARG(QString, realm),
-                                  Q_ARG(StringPairList, keyList));
+                                  Q_ARG(StringPairList, keyList),
+                                  Q_ARG(bool, httpAuth));
         return result;
     }
 
@@ -231,6 +233,12 @@ QJsonArray BrowserService::findMatchingEntries(const QString& id,
     QList<Entry*> pwEntriesToConfirm;
     QList<Entry*> pwEntries;
     for (Entry* entry : searchEntries(url, keyList)) {
+        // HTTP Basic Auth always needs a confirmation
+        if (httpAuth) {
+            pwEntriesToConfirm.append(entry);
+            continue;
+        }
+
         switch (checkAccess(entry, host, submitHost, realm)) {
         case Denied:
             continue;
@@ -250,7 +258,7 @@ QJsonArray BrowserService::findMatchingEntries(const QString& id,
     }
 
     // Confirm entries
-    if (confirmEntries(pwEntriesToConfirm, url, host, submitHost, realm)) {
+    if (confirmEntries(pwEntriesToConfirm, url, host, submitHost, realm, httpAuth)) {
         pwEntries.append(pwEntriesToConfirm);
     }
 
@@ -573,7 +581,8 @@ bool BrowserService::confirmEntries(QList<Entry*>& pwEntriesToConfirm,
                                     const QString& url,
                                     const QString& host,
                                     const QString& submitHost,
-                                    const QString& realm)
+                                    const QString& realm,
+                                    const bool httpAuth)
 {
     if (pwEntriesToConfirm.isEmpty() || m_dialogActive) {
         return false;
@@ -642,7 +651,10 @@ QJsonObject BrowserService::prepareEntry(const Entry* entry)
 }
 
 BrowserService::Access
-BrowserService::checkAccess(const Entry* entry, const QString& host, const QString& submitHost, const QString& realm)
+BrowserService::checkAccess(const Entry* entry,
+                            const QString& host,
+                            const QString& submitHost,
+                            const QString& realm)
 {
     BrowserEntryConfig config;
     if (!config.load(entry)) {

diff --git a/src/browser/BrowserService.h b/src/browser/BrowserService.h
@@ -67,7 +67,8 @@ public slots:
                                    const QString& url,
                                    const QString& submitUrl,
                                    const QString& realm,
-                                   const StringPairList& keyList);
+                                   const StringPairList& keyList,
+                                   const bool httpAuth = false);
     QString storeKey(const QString& key);
     void updateEntry(const QString& id,
                      const QString& uuid,
@@ -99,9 +100,13 @@ public slots:
                         const QString& url,
                         const QString& host,
                         const QString& submitHost,
-                        const QString& realm);
+                        const QString& realm,
+                        const bool httpAuth);
     QJsonObject prepareEntry(const Entry* entry);
-    Access checkAccess(const Entry* entry, const QString& host, const QString& submitHost, const QString& realm);
+    Access checkAccess(const Entry* entry,
+                       const QString& host,
+                       const QString& submitHost,
+                       const QString& realm);
     Group* findCreateAddEntryGroup(QSharedPointer<Database> selectedDb = {});
     int
     sortPriority(const Entry* entry, const QString& host, const QString& submitUrl, const QString& baseSubmitUrl) const;
-Original file line number
+Diff line change
@@ Expand Up / @@ -58,4 +58,4 @@ bool BrowserAccessControlDialog::remember() const @@
     void BrowserAccessControlDialog::setRemember(bool r)
     {
         m_ui->rememberDecisionCheckBox->setChecked(r);
-    }
+    }