Avoid storing the password in the configuration

The password (or any other secret), is now cached in the client process (in-memory only), and delivered to the resource via command. The resource avoids doing any operations against the source until the secret is available.
author: Christian Mollekopf <chrigi_1@fastmail.fm> 2017-09-18 11:40:41 +0200
committer: Christian Mollekopf <chrigi_1@fastmail.fm> 2017-09-18 11:40:45 +0200
commit: a7e7f7fdd2a9d38921476d57f305c9cd4459a556 (patch)
tree: d9ad3bdc3e275004a54f508025f0d52227ab18cb /examples/imapresource
parent: ea2e02ad656640c17d520b5a22c168c3c1faef56 (diff)
download: sink-a7e7f7fdd2a9d38921476d57f305c9cd4459a556.tar.gz
sink-a7e7f7fdd2a9d38921476d57f305c9cd4459a556.zip
3 files changed, 12 insertions, 8 deletions
diff --git a/examples/imapresource/imapresource.cpp b/examples/imapresource/imapresource.cpp
index 3ae7fd7..2aba6b0 100644
--- a/examples/imapresource/imapresource.cpp
+++ b/examples/imapresource/imapresource.cpp
@@ -470,7 +470,7 @@ public:
    {
        SinkTrace() << "Connecting to:" << mServer << mPort;
        SinkTrace() << "as:" << mUser;
-        return imap->login(mUser, mPassword)
+        return imap->login(mUser, secret())
        .addToContext(imap);
    }
@@ -513,6 +513,8 @@ public:
                    return {ApplicationDomain::NoServerError, error.errorMessage};
                case Imap::ConnectionLost:
                    return {ApplicationDomain::ConnectionLostError, error.errorMessage};
+                case Imap::MissingCredentialsError:
+                    return {ApplicationDomain::MissingCredentialsError, error.errorMessage};
                default:
                    return {ApplicationDomain::UnknownError, error.errorMessage};
            }
@@ -631,7 +633,7 @@ public:
            }
        }
        auto imap = QSharedPointer<ImapServerProxy>::create(mServer, mPort, &mSessionCache);
-        auto login = imap->login(mUser, mPassword);
+        auto login = imap->login(mUser, secret());
        KAsync::Job<QByteArray> job = KAsync::null<QByteArray>();
        if (operation == Sink::Operation_Creation) {
            const QString mailbox = syncStore().resolveLocalId(ENTITY_TYPE_FOLDER, mail.getFolder());
@@ -716,7 +718,7 @@ public:
            }
        }
        auto imap = QSharedPointer<ImapServerProxy>::create(mServer, mPort, &mSessionCache);
-        auto login = imap->login(mUser, mPassword);
+        auto login = imap->login(mUser, secret());
        if (operation == Sink::Operation_Creation) {
            QString parentFolder;
            if (!folder.getParent().isEmpty()) {
@@ -736,7 +738,7 @@ public:
                    });
            } else { //We try to merge special purpose folders first
                auto  specialPurposeFolders = QSharedPointer<QHash<QByteArray, QString>>::create();
-                auto mergeJob = imap->login(mUser, mPassword)
+                auto mergeJob = imap->login(mUser, secret())
                    .then(imap->fetchFolders([=](const Imap::Folder &folder) {
                        if (SpecialPurpose::isSpecialPurposeFolderName(folder.name())) {
                            specialPurposeFolders->insert(SpecialPurpose::getSpecialPurposeType(folder.name()), folder.path());
@@ -790,7 +792,6 @@ public:
    QString mServer;
    int mPort;
    QString mUser;
-    QString mPassword;
    int mDaysToSync = 0;
    QByteArray mResourceInstanceIdentifier;
    Imap::SessionCache mSessionCache;
@@ -959,7 +960,6 @@ ImapResource::ImapResource(const ResourceContext &resourceContext)
    auto server = config.value("server").toString();
    auto port = config.value("port").toInt();
    auto user = config.value("username").toString();
-    auto password = config.value("password").toString();
    if (server.startsWith("imap")) {
        server.remove("imap://");
        server.remove("imaps://");
@@ -974,7 +974,6 @@ ImapResource::ImapResource(const ResourceContext &resourceContext)
    synchronizer->mServer = server;
    synchronizer->mPort = port;
    synchronizer->mUser = user;
-    synchronizer->mPassword = password;
    synchronizer->mDaysToSync = 14;
    setupSynchronizer(synchronizer);
@@ -982,7 +981,8 @@ ImapResource::ImapResource(const ResourceContext &resourceContext)
    inspector->mServer = server;
    inspector->mPort = port;
    inspector->mUser = user;
-    inspector->mPassword = password;
+    //TODO
+    // inspector->mPassword = password;
    setupInspector(inspector);
    setupPreprocessors(ENTITY_TYPE_MAIL, QVector<Sink::Preprocessor*>() << new SpecialPurposeProcessor << new MailPropertyExtractor);
diff --git a/examples/imapresource/imapserverproxy.cpp b/examples/imapresource/imapserverproxy.cpp
index 16887b1..317fbdc 100644
--- a/examples/imapresource/imapserverproxy.cpp
+++ b/examples/imapresource/imapserverproxy.cpp
@@ -139,6 +139,9 @@ ImapServerProxy::ImapServerProxy(const QString &serverUrl, int port, SessionCach
 KAsync::Job<void> ImapServerProxy::login(const QString &username, const QString &password)
 {
+    if (password.isEmpty()) {
+        return KAsync::error(Imap::MissingCredentialsError);
+    }
    if (mSessionCache) {
        auto session = mSessionCache->getSession();
        if (session.isValid()) {
diff --git a/examples/imapresource/imapserverproxy.h b/examples/imapresource/imapserverproxy.h
index 86e3378..9e73f68 100644
--- a/examples/imapresource/imapserverproxy.h
+++ b/examples/imapresource/imapserverproxy.h
@@ -35,6 +35,7 @@ enum ErrorCode {
    CouldNotConnectError,
    SslHandshakeError,
    ConnectionLost,
+    MissingCredentialsError,
    UnknownError
 };
author	Christian Mollekopf <chrigi_1@fastmail.fm>	2017-09-18 11:40:41 +0200
committer	Christian Mollekopf <chrigi_1@fastmail.fm>	2017-09-18 11:40:45 +0200
commit	a7e7f7fdd2a9d38921476d57f305c9cd4459a556 (patch)
tree	d9ad3bdc3e275004a54f508025f0d52227ab18cb /examples/imapresource
parent	ea2e02ad656640c17d520b5a22c168c3c1faef56 (diff)
download	sink-a7e7f7fdd2a9d38921476d57f305c9cd4459a556.tar.gz sink-a7e7f7fdd2a9d38921476d57f305c9cd4459a556.zip