diff --git a/domain-server/src/DomainServer.cpp b/domain-server/src/DomainServer.cpp index f169cd26d0..943895a4a0 100644 --- a/domain-server/src/DomainServer.cpp +++ b/domain-server/src/DomainServer.cpp @@ -55,7 +55,7 @@ DomainServer::DomainServer(int argc, char* argv[]) : _argumentVariantMap = HifiConfigVariantMap::mergeCLParametersWithJSONConfig(arguments()); - if (optionallySetupDTLS()) { + if (optionallySetupTLS()) { // we either read a certificate and private key or were not passed one, good to load assignments // and set up the node list qDebug() << "Setting up LimitedNodeList and assignments."; @@ -88,7 +88,7 @@ DomainServer::~DomainServer() { gnutls_global_deinit(); } -bool DomainServer::optionallySetupDTLS() { +bool DomainServer::optionallySetupTLS() { if (readX509KeyAndCertificate()) { if (_x509Credentials) { qDebug() << "Generating Diffie-Hellman parameters."; @@ -159,6 +159,22 @@ bool DomainServer::readX509KeyAndCertificate() { qDebug() << "Successfully read certificate and private key."; + // we need to also pass this certificate and private key to the HTTPS manager + // this is used for Oauth callbacks when authorizing users against a data server + + QFile certFile(certPath); + certFile.open(QIODevice::ReadOnly); + + QFile keyFile(keyPath); + keyFile.open(QIODevice::ReadOnly); + + QSslCertificate sslCertificate(&certFile); + QSslKey privateKey(&keyFile, QSsl::Rsa, QSsl::Pem, QSsl::PrivateKey, keyPassphraseString.toUtf8()); + + _httpsManager = new HTTPSManager(DOMAIN_SERVER_HTTPS_PORT, sslCertificate, privateKey, QString(), this, this); + + qDebug() << "TCP server listening for HTTPS connections on" << DOMAIN_SERVER_HTTPS_PORT; + } else if (!certPath.isEmpty() || !keyPath.isEmpty()) { qDebug() << "Missing certificate or private key. domain-server will now quit."; QMetaObject::invokeMethod(this, "quit", Qt::QueuedConnection); diff --git a/domain-server/src/DomainServer.h b/domain-server/src/DomainServer.h index 52aee24682..5c970748f1 100644 --- a/domain-server/src/DomainServer.h +++ b/domain-server/src/DomainServer.h @@ -53,7 +53,7 @@ private slots: void readAvailableDTLSDatagrams(); private: void setupNodeListAndAssignments(const QUuid& sessionUUID = QUuid::createUuid()); - bool optionallySetupDTLS(); + bool optionallySetupTLS(); bool readX509KeyAndCertificate(); void processDatagram(const QByteArray& receivedPacket, const HifiSockAddr& senderSockAddr); diff --git a/libraries/embedded-webserver/src/HTTPSManager.cpp b/libraries/embedded-webserver/src/HTTPSManager.cpp index ed988a6e65..575a52fac9 100644 --- a/libraries/embedded-webserver/src/HTTPSManager.cpp +++ b/libraries/embedded-webserver/src/HTTPSManager.cpp @@ -15,10 +15,11 @@ #include "HTTPSManager.h" -HTTPSManager::HTTPSManager(quint16 port, const QString& documentRoot, HTTPRequestHandler* requestHandler, QObject* parent) : +HTTPSManager::HTTPSManager(quint16 port, const QSslCertificate& certificate, const QSslKey& privateKey, + const QString& documentRoot, HTTPRequestHandler* requestHandler, QObject* parent) : HTTPManager(port, documentRoot, requestHandler, parent), - _certificate(), - _privateKey() + _certificate(certificate), + _privateKey(privateKey) { } diff --git a/libraries/embedded-webserver/src/HTTPSManager.h b/libraries/embedded-webserver/src/HTTPSManager.h index e0210c9ee9..8940b2e79d 100644 --- a/libraries/embedded-webserver/src/HTTPSManager.h +++ b/libraries/embedded-webserver/src/HTTPSManager.h @@ -21,6 +21,8 @@ class HTTPSManager : public HTTPManager { Q_OBJECT public: HTTPSManager(quint16 port, + const QSslCertificate& certificate, + const QSslKey& privateKey, const QString& documentRoot, HTTPRequestHandler* requestHandler = NULL, QObject* parent = 0);