Mirrors/overte
3
0
Fork 0
mirror of https://github.com/overte-org/overte.git synced 2025-04-25 20:16:16 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #3441 from birarda/master

Browse source 
remove the access token from API urls and put in Authorization header
This commit is contained in:
Brad Hefta-Gaub 2014-09-17 23:25:54 -07:00
commit c232c07724
2 changed files with 10 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
libraries/networking/src/AccountManager.cpp
View file

@ -25,6 +25,8 @@
const bool VERBOSE_HTTP_REQUEST_DEBUGGING = false; const bool VERBOSE_HTTP_REQUEST_DEBUGGING = false;
const QByteArray ACCESS_TOKEN_AUTHORIZATION_HEADER = "Authorization";
AccountManager& AccountManager::getInstance() { AccountManager& AccountManager::getInstance() {
static AccountManager sharedInstance; static AccountManager sharedInstance;
return sharedInstance; return sharedInstance;
@ -188,7 +190,8 @@ void AccountManager::invokedRequest(const QString& path,
if (requiresAuthentication) { if (requiresAuthentication) {
if (hasValidAccessToken()) { if (hasValidAccessToken()) {
requestURL.setQuery("access_token=" + _accountInfo.getAccessToken().token); networkRequest.setRawHeader(ACCESS_TOKEN_AUTHORIZATION_HEADER,
_accountInfo.getAccessToken().authorizationHeaderValue());
} else { } else {
qDebug() << "No valid access token present. Bailing on authenticated invoked request."; qDebug() << "No valid access token present. Bailing on authenticated invoked request.";
return; return;
@ -405,9 +408,11 @@ void AccountManager::requestProfile() {
QUrl profileURL = _authURL; QUrl profileURL = _authURL;
profileURL.setPath("/api/v1/users/profile"); profileURL.setPath("/api/v1/users/profile");
profileURL.setQuery("access_token=" + _accountInfo.getAccessToken().token);
QNetworkRequest profileRequest(profileURL);
profileRequest.setRawHeader(ACCESS_TOKEN_AUTHORIZATION_HEADER, _accountInfo.getAccessToken().authorizationHeaderValue());
QNetworkReply* profileReply = networkAccessManager.get(QNetworkRequest(profileURL)); QNetworkReply* profileReply = networkAccessManager.get(profileRequest);
connect(profileReply, &QNetworkReply::finished, this, &AccountManager::requestProfileFinished); connect(profileReply, &QNetworkReply::finished, this, &AccountManager::requestProfileFinished);
connect(profileReply, SIGNAL(error(QNetworkReply::NetworkError)), this, SLOT(requestProfileError(QNetworkReply::NetworkError))); connect(profileReply, SIGNAL(error(QNetworkReply::NetworkError)), this, SLOT(requestProfileError(QNetworkReply::NetworkError)));
} }

2
libraries/networking/src/OAuthAccessToken.h
View file

@ -23,6 +23,8 @@ public:
OAuthAccessToken(const QJsonObject& jsonObject); OAuthAccessToken(const QJsonObject& jsonObject);
OAuthAccessToken(const OAuthAccessToken& otherToken); OAuthAccessToken(const OAuthAccessToken& otherToken);
OAuthAccessToken& operator=(const OAuthAccessToken& otherToken); OAuthAccessToken& operator=(const OAuthAccessToken& otherToken);
QByteArray authorizationHeaderValue() const { return QString("Bearer %1").arg(token).toUtf8(); }
bool isExpired() const { return expiryTimestamp <= QDateTime::currentMSecsSinceEpoch(); } bool isExpired() const { return expiryTimestamp <= QDateTime::currentMSecsSinceEpoch(); }