Skip to content

[Qt][C++] Oauth2 Authorization Code Flow and Implicit Flow Support.#10183

Merged
wing328 merged 9 commits intoOpenAPITools:masterfrom
basyskom-dege:master
Nov 14, 2021
Merged

[Qt][C++] Oauth2 Authorization Code Flow and Implicit Flow Support.#10183
wing328 merged 9 commits intoOpenAPITools:masterfrom
basyskom-dege:master

Conversation

@basyskom-dege
Copy link
Copy Markdown
Contributor

@basyskom-dege basyskom-dege commented Aug 18, 2021
edited
Loading

This PR will enable OAuth2 Support for the Authorization Code Flow, Implicit Flow, Password Flow and Client Credentials Flow. The oauth-class will provide a reply server based on the QTcpserver module. This is a followup PR from #8831. I took some input from @etherealjoy `s comment in the old PR.
But there are some steps unclear:

Where should we store the information for the request? We need the state, ClientId and ClientSecret etc. This Comment refers to the Specification that states we should use the tools we like to provide those variables. Do you have something in mind here? My take would be a config file in some way. By now there are dummy values and once you call the Oauth process you will get incalid Client_id since its just a dummy value.

Another problem might be the fact that the oauth flow can only be used in a QtGuiApplication since it uses the QDesktopServices::openUrl() function to open the oauth pop-up window.

Any feedback or input would be highly appreciated!

EDIT: one more thing. Is there a way to test the Petstore with the Authorization flow? Right now I just use the google API and a local Node.js server that just checks if token is set and if not it will just send QNetworkReply::AuthenticationRequiredError to trigger the authorization process.

EDIT2: I also added the client credential flow. There is the same problem with the client_secret and id as described above.

PR checklist

  • Read the contribution guidelines.
  • Pull Request title clearly describes the work in the pull request and Pull Request description provides details about how to validate the work. Missing information here may result in delayed response from the community.
  • Run the following to build the project and update samples: 
    ./mvnw clean package 
./bin/generate-samples.sh
./bin/utils/export_docs_generators.sh
    Commit all changed files.
    This is important, as CI jobs will verify all generator outputs of your HEAD commit as it would merge with master.
    These must match the expectations made by your contribution.
    You may regenerate an individual generator by passing the relevant config(s) as an argument to the script, for example ./bin/generate-samples.sh bin/configs/java*.
    For Windows users, please run the script in Git BASH.
  • File the PR against the correct branch: master (5.3.0), 6.0.x
  • If your PR is targeting a particular programming language, @mention the technical committee members, so they are more likely to review the pull request.

PING @wing328 @ravinikam (2017/07) @stkrwork (2017/07) @etherealjoy (2018/02) @MartinDelille (2018/03) @muttleyxd (2019/08)

@basyskom-dege basyskom-dege mentioned this pull request Aug 18, 2021
Closed
5 tasks
@basyskom-dege basyskom-dege marked this pull request as draft August 18, 2021 11:57
@basyskom-dege basyskom-dege changed the title [Qt][C++][WIP] Oauth2 Authorization Code Flow support. [Qt][C++] Oauth2 Authorization Code Flow and Implicit Flow Support. Aug 27, 2021
@basyskom-dege basyskom-dege marked this pull request as ready for review August 27, 2021 11:19
MartinDelille
MartinDelille suggested changes Aug 29, 2021
View reviewed changes
Comment thread modules/openapi-generator/src/main/resources/cpp-qt-client/Project.mustache Outdated
MartinDelille
MartinDelille approved these changes Oct 30, 2021
View reviewed changes
Copy link
Copy Markdown
Contributor

@MartinDelille MartinDelille left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not an expert in Oauth2 authorization management so I cannot judge but at least I can say that this PR doesn't break anything.

@basyskom-dege
Copy link
Copy Markdown
Contributor Author

basyskom-dege commented Nov 1, 2021
edited
Loading

I'm not an expert in Oauth2 authorization management so I cannot judge but at least I can say that this PR doesn't break anything.

Im not an expert as well but maybe @etherealjoy has some more knowledge to do a review.

For testing i used multiple "test" server. For the Implicit and Authorization Code Flows, i used the Google Oauth2 API. You have to create an Web-App, set the redirect url to http://127.0.0.1:9999 (the reply server is running on localhost with port 9999). Google provides all infos (client_id, secret) that you have to set in the callback of an API call:
setVariables(tokenUrl , scopeStr ,"clientId", "clientSecret", ...);

For the client credential flow, I used tools from HERE. They also provide the other flows but you cant set the redirect url to localhost...

The password flow has to be tested "manually" because it is deprecated and considered unsafe for obvious reasons. But since its in OpenAPI, I added it aswell. I used a Node.js server with router from Express package. I just added a route and logged the client_id (you can check for all parameters and see if it fits the expected values) and answered with a fixed token since its just for testing:

var express = require('express');
var router = express.Router();
[...]
router.post('/auth',function (req, res, next) {
  var id = req.query.client_id;
  console.log("Client ID: ",id);
  res.setHeader('Content-Type', 'application/json');
  res.json({   token_type: "Bearer",
                    expires_in: 86400,
                    access_token: "E3ySJQtKPFKkzgIin7oNnJ8-39lTKeEI0NDC7apzqfPSIBErHJb8tYJqq5niZQtj8CHZG9u1",
                    scope: "read"});
});

I used the following securitySchemes in the input file:

  securitySchemes:
      clientCred:
        type: oauth2
        flows:
            clientCredentials:
              tokenUrl: https://login-demo.curity.io/oauth/v2/oauth-token
              scopes:
                'read': read your pet
      implicit:
        type: oauth2
        flows:
            implicit:
              authorizationUrl: https://accounts.google.com/o/oauth2/v2/auth
              scopes:
                'https://www.googleapis.com/auth/drive.metadata.readonly': read your pet
      password:
        type: oauth2
        flows:
          password:
            tokenUrl: http://localhost:3000/order/auth
            scopes:
                'read': read your pet
      authCode:
        type: oauth2
        flows:
          authorizationCode:
            authorizationUrl: https://accounts.google.com/o/oauth2/v2/auth
            tokenUrl: https://oauth2.googleapis.com/token
            scopes:
                'https://www.googleapis.com/auth/drive.metadata.readonly': read your pet

@wing328 wing328 added this to the 5.3.1 milestone Nov 14, 2021
@wing328 wing328 merged commit f596b32 into OpenAPITools:master Nov 14, 2021
@wing328
Copy link
Copy Markdown
Member

wing328 commented Nov 15, 2021

@basyskom-dege looks like this breaks the build:

-- Build files have been written to: /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build
/usr/local/cmake-3.12.4/bin/cmake -H/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt -B/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build --check-build-system CMakeFiles/Makefile.cmake 0
/usr/local/cmake-3.12.4/bin/cmake -E cmake_progress_start /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/CMakeFiles /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/CMakeFiles/progress.marks
make -f CMakeFiles/Makefile2 all
make[1]: Entering directory '/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build'
make -f client/CMakeFiles/client_autogen.dir/build.make client/CMakeFiles/client_autogen.dir/depend
make[2]: Entering directory '/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build'
cd /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build && /usr/local/cmake-3.12.4/bin/cmake -E cmake_depends "Unix Makefiles" /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client/CMakeFiles/client_autogen.dir/DependInfo.cmake --color=
Scanning dependencies of target client_autogen
make[2]: Leaving directory '/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build'
make -f client/CMakeFiles/client_autogen.dir/build.make client/CMakeFiles/client_autogen.dir/build
make[2]: Entering directory '/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build'
[  4%] Automatic MOC for target client
cd /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client && /usr/local/cmake-3.12.4/bin/cmake -E cmake_autogen /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client/CMakeFiles/client_autogen.dir/AutogenInfo.cmake ""
make[2]: Leaving directory '/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build'
[  4%] Built target client_autogen
make -f client/CMakeFiles/client.dir/build.make client/CMakeFiles/client.dir/depend
make[2]: Entering directory '/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build'
cd /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build && /usr/local/cmake-3.12.4/bin/cmake -E cmake_depends "Unix Makefiles" /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client/CMakeFiles/client.dir/DependInfo.cmake --color=
Scanning dependencies of target client
make[2]: Leaving directory '/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build'
make -f client/CMakeFiles/client.dir/build.make client/CMakeFiles/client.dir/build
make[2]: Entering directory '/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build'
[  9%] Building CXX object client/CMakeFiles/client.dir/PFXApiResponse.cpp.o
cd /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client && /usr/bin/g++-5  -DQT_CORE_LIB -DQT_NETWORK_LIB -DQT_NO_DEBUG -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client/client_autogen/include -isystem /usr/include/x86_64-linux-gnu/qt5 -isystem /usr/include/x86_64-linux-gnu/qt5/QtCore -isystem /usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++-64 -isystem /usr/include/x86_64-linux-gnu/qt5/QtNetwork  -fPIC -Wall -Wno-unused-variable -fPIC -Wall -Wno-unused-variable   -fPIC -std=c++14 -o CMakeFiles/client.dir/PFXApiResponse.cpp.o -c /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client/PFXApiResponse.cpp
[ 13%] Building CXX object client/CMakeFiles/client.dir/PFXCategory.cpp.o
cd /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client && /usr/bin/g++-5  -DQT_CORE_LIB -DQT_NETWORK_LIB -DQT_NO_DEBUG -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client/client_autogen/include -isystem /usr/include/x86_64-linux-gnu/qt5 -isystem /usr/include/x86_64-linux-gnu/qt5/QtCore -isystem /usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++-64 -isystem /usr/include/x86_64-linux-gnu/qt5/QtNetwork  -fPIC -Wall -Wno-unused-variable -fPIC -Wall -Wno-unused-variable   -fPIC -std=c++14 -o CMakeFiles/client.dir/PFXCategory.cpp.o -c /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client/PFXCategory.cpp
[ 18%] Building CXX object client/CMakeFiles/client.dir/PFXOrder.cpp.o
cd /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client && /usr/bin/g++-5  -DQT_CORE_LIB -DQT_NETWORK_LIB -DQT_NO_DEBUG -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client/client_autogen/include -isystem /usr/include/x86_64-linux-gnu/qt5 -isystem /usr/include/x86_64-linux-gnu/qt5/QtCore -isystem /usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++-64 -isystem /usr/include/x86_64-linux-gnu/qt5/QtNetwork  -fPIC -Wall -Wno-unused-variable -fPIC -Wall -Wno-unused-variable   -fPIC -std=c++14 -o CMakeFiles/client.dir/PFXOrder.cpp.o -c /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client/PFXOrder.cpp
[ 22%] Building CXX object client/CMakeFiles/client.dir/PFXPet.cpp.o
cd /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client && /usr/bin/g++-5  -DQT_CORE_LIB -DQT_NETWORK_LIB -DQT_NO_DEBUG -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client/client_autogen/include -isystem /usr/include/x86_64-linux-gnu/qt5 -isystem /usr/include/x86_64-linux-gnu/qt5/QtCore -isystem /usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++-64 -isystem /usr/include/x86_64-linux-gnu/qt5/QtNetwork  -fPIC -Wall -Wno-unused-variable -fPIC -Wall -Wno-unused-variable   -fPIC -std=c++14 -o CMakeFiles/client.dir/PFXPet.cpp.o -c /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client/PFXPet.cpp
[ 27%] Building CXX object client/CMakeFiles/client.dir/PFXTag.cpp.o
cd /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client && /usr/bin/g++-5  -DQT_CORE_LIB -DQT_NETWORK_LIB -DQT_NO_DEBUG -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client/client_autogen/include -isystem /usr/include/x86_64-linux-gnu/qt5 -isystem /usr/include/x86_64-linux-gnu/qt5/QtCore -isystem /usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++-64 -isystem /usr/include/x86_64-linux-gnu/qt5/QtNetwork  -fPIC -Wall -Wno-unused-variable -fPIC -Wall -Wno-unused-variable   -fPIC -std=c++14 -o CMakeFiles/client.dir/PFXTag.cpp.o -c /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client/PFXTag.cpp
[ 31%] Building CXX object client/CMakeFiles/client.dir/PFXUser.cpp.o
cd /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client && /usr/bin/g++-5  -DQT_CORE_LIB -DQT_NETWORK_LIB -DQT_NO_DEBUG -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client/client_autogen/include -isystem /usr/include/x86_64-linux-gnu/qt5 -isystem /usr/include/x86_64-linux-gnu/qt5/QtCore -isystem /usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++-64 -isystem /usr/include/x86_64-linux-gnu/qt5/QtNetwork  -fPIC -Wall -Wno-unused-variable -fPIC -Wall -Wno-unused-variable   -fPIC -std=c++14 -o CMakeFiles/client.dir/PFXUser.cpp.o -c /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client/PFXUser.cpp
[ 36%] Building CXX object client/CMakeFiles/client.dir/PFXPetApi.cpp.o
cd /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client && /usr/bin/g++-5  -DQT_CORE_LIB -DQT_NETWORK_LIB -DQT_NO_DEBUG -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client -I/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build/client/client_autogen/include -isystem /usr/include/x86_64-linux-gnu/qt5 -isystem /usr/include/x86_64-linux-gnu/qt5/QtCore -isystem /usr/lib/x86_64-linux-gnu/qt5/mkspecs/linux-g++-64 -isystem /usr/include/x86_64-linux-gnu/qt5/QtNetwork  -fPIC -Wall -Wno-unused-variable -fPIC -Wall -Wno-unused-variable   -fPIC -std=c++14 -o CMakeFiles/client.dir/PFXPetApi.cpp.o -c /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client/PFXPetApi.cpp
In file included from /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client/PFXPetApi.h:18:0,
                 from /home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client/PFXPetApi.cpp:12:
/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/client/PFXOauth.h:21:28: fatal error: QDesktopServices: No such file or directory
compilation terminated.
client/CMakeFiles/client.dir/build.make:143: recipe for target 'client/CMakeFiles/client.dir/PFXPetApi.cpp.o' failed
make[2]: Leaving directory '/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build'
make[2]: *** [client/CMakeFiles/client.dir/PFXPetApi.cpp.o] Error 1
make[1]: *** [client/CMakeFiles/client.dir/all] Error 2
CMakeFiles/Makefile2:164: recipe for target 'client/CMakeFiles/client.dir/all' failed
make[1]: Leaving directory '/home/travis/build/OpenAPITools/openapi-generator/samples/client/petstore/cpp-qt/build'
make: *** [all] Error 2
Makefile:132: recipe for target 'all' failed
[ERROR] Failed to execute goal org.codehaus.mojo:exec-maven-plugin:1.2.1:exec (pet-test) on project CppQt5PetstoreClientTests: Command execution failed. Process exited with an error: 2 (Exit value: 2) -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.codehaus.mojo:exec-maven-plugin:1.2.1:exec (pet-test) on project CppQt5PetstoreClientTests: Command execution failed.

Ref: https://app.travis-ci.com/github/OpenAPITools/openapi-generator/builds/241764289

Can you please take a look when you've time?

To run the tests locally, try mvn integration-test -f samples/client/petstore/cpp-qt/pom.xml

@basyskom-dege
Copy link
Copy Markdown
Contributor Author

basyskom-dege commented Nov 15, 2021
edited
Loading

Yes, i forgot to add the QT5Gui Package for Cmake (this is needed to open the authURL in the browser).
I also forgot to update the CMakeLists.txt that caused namespace issues.

Should be fixed now. Integration-test works on my machine. I pushed it to my Branch. Should i open a new PR? -> Commit

@wing328
Copy link
Copy Markdown
Member

wing328 commented Nov 20, 2021

Yes please open a new PR

@basyskom-dege basyskom-dege mentioned this pull request Nov 22, 2021
Merged
5 tasks
@basyskom-dege
Copy link
Copy Markdown
Contributor Author

basyskom-dege commented Nov 22, 2021

Yes please open a new PR

Done -> #10921

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@MartinDelille MartinDelille MartinDelille approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Client: C++ Enhancement: General

Projects

None yet

Milestone

5.3.1

Development

Successfully merging this pull request may close these issues.

3 participants

@basyskom-dege @wing328 @MartinDelille