[gnome-boxes/wip/drop-auth-notifications] Drop authentication and credentials support
- From: Felipe Borges <felipeborges src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-boxes/wip/drop-auth-notifications] Drop authentication and credentials support
- Date: Wed, 13 Oct 2021 14:48:34 +0000 (UTC)
commit e9327c75d90d5ff39e50ec03c8f9b025a206c9cd
Author: Felipe Borges <felipeborges gnome org>
Date: Wed Oct 13 16:44:54 2021 +0200
Drop authentication and credentials support
We no longer authenticate against remote connections. Boxes will
only use remote connection protocols for local connections.
data/gnome-boxes.gresource.xml | 1 -
data/ui/auth-notification.ui | 128 -----------------------------------
src/auth-notification.vala | 99 ---------------------------
src/display.vala | 1 -
src/machine.vala | 148 -----------------------------------------
src/meson.build | 1 -
src/notificationbar.vala | 34 ----------
src/rdp-display.vala | 17 -----
src/spice-display.vala | 2 -
src/vnc-display.vala | 43 ------------
10 files changed, 474 deletions(-)
---
diff --git a/data/gnome-boxes.gresource.xml b/data/gnome-boxes.gresource.xml
index d919d452..5fe5d7ed 100644
--- a/data/gnome-boxes.gresource.xml
+++ b/data/gnome-boxes.gresource.xml
@@ -8,7 +8,6 @@
<file>icons/eye-not-looking-symbolic.svg</file>
<file>icons/eye-open-negative-filled-symbolic.svg</file>
<file preprocess="xml-stripblanks">ui/app-window.ui</file>
- <file preprocess="xml-stripblanks">ui/auth-notification.ui</file>
<file preprocess="xml-stripblanks">ui/collection-toolbar.ui</file>
<file preprocess="xml-stripblanks">ui/display-page.ui</file>
<file preprocess="xml-stripblanks">ui/display-toolbar.ui</file>
diff --git a/src/display.vala b/src/display.vala
index 8c5a95dd..ee9c944c 100644
--- a/src/display.vala
+++ b/src/display.vala
@@ -21,7 +21,6 @@
public signal void hide (int display_id);
public signal void disconnected (bool connection_failed);
public signal void got_error (string message);
- public signal void auth_failed (string? message = null);
public delegate int OpenFDFunc ();
diff --git a/src/machine.vala b/src/machine.vala
index 3bb2d6fa..cdc019a9 100644
--- a/src/machine.vala
+++ b/src/machine.vala
@@ -20,12 +20,6 @@
public bool can_delete { get; set; default = true; }
public bool under_construction { get; protected set; default = false; }
- private Cancellable auth_cancellable = new Cancellable ();
- private Secret.Schema secret_auth_schema
- = new Secret.Schema ("org.gnome.Boxes",
- Secret.SchemaFlags.NONE,
- "gnome-boxes-machine-uuid", Secret.SchemaAttributeType.STRING);
-
public signal void got_error (string message);
protected virtual bool should_autosave {
@@ -76,11 +70,8 @@
private ulong show_id;
private ulong hide_id;
private ulong disconnected_id;
- private ulong need_password_id;
- private ulong need_username_id;
private ulong ui_state_id;
private ulong got_error_id;
- private ulong auth_failed_id;
private uint screenshot_id;
public const int SCREENSHOT_WIDTH = 180;
public const int SCREENSHOT_HEIGHT = 134;
@@ -88,9 +79,6 @@
public const int EMBLEM_SIZE = 16;
private static Cairo.Surface grid_surface;
private bool updating_screenshot;
- private string username;
- private string password;
-
private uint autosave_timeout_id;
public Cancellable connecting_cancellable { get; protected set; }
@@ -185,14 +173,8 @@ protected void show_display () {
hide_id = 0;
_display.disconnect (disconnected_id);
disconnected_id = 0;
- _display.disconnect (need_password_id);
- need_password_id = 0;
- _display.disconnect (need_username_id);
- need_username_id = 0;
_display.disconnect (got_error_id);
got_error_id = 0;
- _display.disconnect (auth_failed_id);
- auth_failed_id = 0;
}
_display = value;
@@ -216,13 +198,6 @@ protected void show_display () {
got_error (message);
});
- auth_failed_id = _display.auth_failed.connect ((message) => {
- delete_auth_credentials.begin ();
-
- window.set_state (Boxes.UIState.COLLECTION);
- window.notificationbar.display_error (_("Authentication failed: %s").printf (message));
- });
-
disconnected_id = _display.disconnected.connect ((failed) => {
message (@"display $name disconnected");
if (window == null) // App exitting & no window exists anymore
@@ -241,12 +216,6 @@ protected void show_display () {
disconnect_display ();
}
});
-
- need_password_id = _display.notify["need-password"].connect (handle_auth);
- need_username_id = _display.notify["need-username"].connect (handle_auth);
-
- _display.username = username;
- _display.password = password;
}
}
@@ -583,8 +552,6 @@ public virtual void delete (bool by_user = true) {
ui_state_id = 0;
}
- delete_auth_credentials.begin ();
-
config.delete ();
try {
FileUtils.unlink (get_screenshot_filename ());
@@ -618,13 +585,8 @@ private void ui_state_changed () {
break;
case UIState.COLLECTION:
- if (auth_notification != null)
- auth_notification.dismiss ();
disconnect_display ();
- auth_cancellable.cancel ();
- auth_cancellable = new Cancellable ();
-
break;
}
}
@@ -666,116 +628,6 @@ private async void try_connect_display (ConnectFlags flags = ConnectFlags.NONE)
}
}
- private void store_auth_credentials () {
- if (this.password == "" || this.password == null)
- return;
-
- var builder = new GLib.VariantBuilder (GLib.VariantType.VARDICT);
-
- if (this.username != null)
- builder.add ("{sv}", "username", new GLib.Variant ("s", this.username));
-
- builder.add ("{sv}", "password", new GLib.Variant ("s", this.password));
-
- var credentials_str = builder.end ().print (true);
-
- var label = ("GNOME Boxes credentials for '%s'").printf (config.uuid);
- Secret.password_store.begin (secret_auth_schema,
- Secret.COLLECTION_DEFAULT,
- label,
- credentials_str,
- null,
- (obj, res) => {
- try {
- Secret.password_store.end (res);
- } catch (GLib.Error error) {
- warning ("Failed to store password for '%s' in the keyring: %s", config.uuid, error.message);
- }
- }, "gnome-boxes-machine-uuid", config.uuid);
- }
-
- private Boxes.AuthNotification auth_notification;
-
- private void handle_auth () {
- if (auth_notification != null)
- return;
- var need_username = display.need_username;
- if (!display.need_username && !display.need_password)
- return;
- display = null;
-
- AuthNotification.AuthFunc auth_func = (username, password) => {
- if (username != "")
- this.username = username;
- if (password != "")
- this.password = password;
-
- try_connect_display.begin ();
-
- /* Maybe this can be an optional preference with a toggle in the UI. */
- store_auth_credentials ();
- };
-
- Notification.DismissFunc dismiss_func = () => {
- auth_notification = null;
- window.set_state (UIState.COLLECTION);
- };
-
- Secret.password_lookup.begin (secret_auth_schema, auth_cancellable, (obj, res) => {
- try {
- var parsing_error = new Boxes.Error.INVALID ("couldn't unpack a string for the machine
credentials");
- var credentials_str = Secret.password_lookup.end (res);
- if (credentials_str == null || credentials_str == "")
- throw parsing_error;
-
- try {
- var credentials_variant = GLib.Variant.parse (null, credentials_str, null, null);
-
- string username_str;
- credentials_variant.lookup ("username", "s", out username_str);
- if (username_str != null && username_str != "")
- this.username = username_str;
-
- string password_str;
- credentials_variant.lookup ("password", "s", out password_str);
- if (password_str != null && password_str != "")
- this.password = password_str;
-
- try_connect_display.begin ();
- } catch (GLib.Error error) {
- throw parsing_error;
- }
- } catch (GLib.Error error) {
- debug ("No credentials found in keyring. Prompting user.");
-
- // Translators: %s => name of launched box
- var auth_string = _("ā%sā requires authentication").printf (name);
- auth_notification = window.notificationbar.display_for_auth (auth_string,
- (owned) auth_func,
- (owned) dismiss_func,
- need_username);
- }
- }, "gnome-boxes-machine-uuid", config.uuid);
- }
-
- private async void delete_auth_credentials () {
- if (config.uuid == null) {
- return;
- }
-
- try {
- yield Secret.password_clear (secret_auth_schema, null,
- "gnome-boxes-machine-uuid", config.uuid);
-
- if (auth_notification != null) {
- auth_notification.dismiss ();
- auth_notification = null;
- }
- } catch (GLib.Error error) {
- debug ("Failed to delete credentials for machine %s: %s", config.uuid, error.message);
- }
- }
-
public override int compare (CollectionItem other) {
if (other is Machine) {
var machine = other as Machine;
diff --git a/src/meson.build b/src/meson.build
index 30935996..a84bde5d 100644
--- a/src/meson.build
+++ b/src/meson.build
@@ -47,7 +47,6 @@ vala_sources = [
'actions-popover.vala',
'archive-reader.vala',
'archive-writer.vala',
- 'auth-notification.vala',
'collection.vala',
'collection-toolbar.vala',
'display-page.vala',
diff --git a/src/notificationbar.vala b/src/notificationbar.vala
index 1a2ee102..42fb3822 100644
--- a/src/notificationbar.vala
+++ b/src/notificationbar.vala
@@ -37,40 +37,6 @@
return display (message, MessageType.INFO, action_label, (owned) action_func, (owned) ignore_func,
timeout);
}
- public Boxes.Notification display_for_optional_auth (string broker_name,
- owned AuthNotification.AuthFunc? auth_func,
- owned Notification.DismissFunc? dismiss_func) {
- Notification.OKFunc next_auth_step = () => {
- var auth_string = "<span font-weight=\"bold\">" + _("Sign In to %s").printf(broker_name) +
"</span>";
- display_for_auth (auth_string, (owned) auth_func, (owned) dismiss_func);
- };
- return display_for_action (_("Not connected to %s").printf (broker_name),
- _("Sign In"),
- (owned) next_auth_step,
- (owned) dismiss_func, -1);
- }
-
- public Boxes.AuthNotification display_for_auth (string auth_string,
- owned AuthNotification.AuthFunc? auth_func,
- owned Notification.DismissFunc? dismiss_func,
- bool need_username = true) {
- var notification = new Boxes.AuthNotification (auth_string,
- (owned) auth_func,
- (owned) dismiss_func,
- need_username,
- searchbar);
-
- active_notifications.prepend (notification);
-
- notification.dismissed.connect ( () => {
- active_notifications.remove (notification);
- });
-
- add_notification (notification);
-
- return notification;
- }
-
public Boxes.Notification display_error (string message, int timeout = DEFAULT_TIMEOUT) {
return display (message, MessageType.ERROR, null, null, null, timeout);
}
diff --git a/src/rdp-display.vala b/src/rdp-display.vala
index 17631c45..48b1762f 100644
--- a/src/rdp-display.vala
+++ b/src/rdp-display.vala
@@ -2,13 +2,6 @@
using Gtk;
private class Boxes.FrdpDisplay: Frdp.Display {
- public override bool authenticate (out string username, out string password, out string domain) {
- username = this.username;
- password = this.password;
- domain = null;
-
- return true;
- }
}
private class Boxes.RdpDisplay: Boxes.Display {
@@ -24,8 +17,6 @@ public override bool authenticate (out string username, out string password, out
BoxConfig.SavedProperty () { name = "read-only", default_value = false }
};
display = new FrdpDisplay ();
- display.bind_property ("username", this, "username", BindingFlags.BIDIRECTIONAL);
- display.bind_property ("password", this, "password", BindingFlags.BIDIRECTIONAL);
display.rdp_connected.connect (() => {
show (0);
@@ -37,14 +28,6 @@ public override bool authenticate (out string username, out string password, out
disconnected (true);
});
- display.rdp_needs_authentication.connect (() => {
- need_username = true;
- need_password = true;
-
- auth_failed ();
-
- display.close ();
- });
}
public RdpDisplay (BoxConfig config, string host, int port) {
diff --git a/src/spice-display.vala b/src/spice-display.vala
index d1d4933f..f01d084e 100644
--- a/src/spice-display.vala
+++ b/src/spice-display.vala
@@ -47,7 +47,6 @@ private string get_box_name () {
}
construct {
- need_password = false;
session = new Session ();
audio = Spice.Audio.get (session, null);
gtk_session = GtkSession.get (session);
@@ -325,7 +324,6 @@ private void main_event (ChannelEvent event) {
break;
case ChannelEvent.ERROR_AUTH:
- need_password = true;
break;
case ChannelEvent.ERROR_CONNECT:
diff --git a/src/vnc-display.vala b/src/vnc-display.vala
index dde1d05f..5536a7b6 100644
--- a/src/vnc-display.vala
+++ b/src/vnc-display.vala
@@ -15,7 +15,6 @@
saved_properties = {
BoxConfig.SavedProperty () { name = "read-only", default_value = false }
};
- need_password = false;
display = new Vnc.Display ();
display.set_keyboard_grab (true);
@@ -42,43 +41,6 @@
disconnected (true);
});
- display.vnc_auth_failure.connect ((message) => {
- debug ("auth failure");
-
- need_password = (password != null);
- need_username = (username != null);
-
- auth_failed (message);
- });
- display.vnc_auth_unsupported.connect (() => {
- debug ("auth unsupported");
- });
-
- display.vnc_auth_credential.connect ((creds) => {
- foreach (var cred in creds) {
- var credential = (DisplayCredential) cred;
-
- switch (credential) {
- case DisplayCredential.USERNAME:
- need_username = true;
- break;
-
- case DisplayCredential.PASSWORD:
- need_password = true;
- break;
-
- case DisplayCredential.CLIENTNAME:
- break;
-
- default:
- debug ("Unsupported credential: %s".printf (credential.to_string ()));
- break;
- }
- }
-
- display.close ();
- });
-
display.size_allocate.connect (scale);
}
@@ -140,11 +102,6 @@ public override void connect_it (owned Display.OpenFDFunc? open_fd = null) throw
return;
connected = true;
- // FIXME: we ignore return value which seems to be inconsistent
- display.set_credential (DisplayCredential.USERNAME, username);
- display.set_credential (DisplayCredential.PASSWORD, password);
- display.set_credential (DisplayCredential.CLIENTNAME, "boxes");
-
if (open_fd != null) {
var fd = open_fd ();
display.open_fd_with_hostname (fd, host);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]