File indexing completed on 2025-03-16 12:58:26
0001 /* 0002 SPDX-FileCopyrightText: 2011 Ilia Kats <ilia-kats@gmx.net> 0003 SPDX-FileCopyrightText: 2011-2013 Lamarque Souza <lamarque@kde.org> 0004 0005 SPDX-License-Identifier: LGPL-2.1-only OR LGPL-3.0-only OR LicenseRef-KDE-Accepted-LGPL 0006 */ 0007 0008 #ifndef NETWORKMANAGERQT_SECRETAGENT_H 0009 #define NETWORKMANAGERQT_SECRETAGENT_H 0010 0011 #include <QDBusContext> 0012 #include <QDBusMessage> 0013 #include <QDBusObjectPath> 0014 #include <QObject> 0015 0016 #include "generictypes.h" 0017 #include <networkmanagerqt/networkmanagerqt_export.h> 0018 0019 namespace NetworkManager 0020 { 0021 class SecretAgentPrivate; 0022 0023 /** 0024 * Implementation of a private D-Bus interface used by secret agents that store and provide secrets to NetworkManager. 0025 * If an agent provides secrets to NetworkManager as part of connection creation, and the some of those secrets are "agent owned" 0026 * the agent should store those secrets itself and should not expect its SaveSecrets() method to be called. 0027 * SaveSecrets() will be called eg if some program other than the agent itself (like a connection editor) changes the secrets out of band. 0028 */ 0029 class NETWORKMANAGERQT_EXPORT SecretAgent : public QObject, protected QDBusContext 0030 { 0031 Q_OBJECT 0032 public: 0033 enum Error { 0034 NotAuthorized, 0035 InvalidConnection, 0036 UserCanceled, 0037 AgentCanceled, 0038 InternalError, 0039 NoSecrets, 0040 }; 0041 0042 /** 0043 * Flags modifying the behavior of GetSecrets request. 0044 */ 0045 enum GetSecretsFlag { 0046 None = 0, /**< No special behavior; by default no user interaction is allowed and requests for secrets are fulfilled from persistent storage, or if no 0047 secrets are available an error is returned. */ 0048 AllowInteraction = 0x01, /**< Allows the request to interact with the user, possibly prompting via UI for secrets if any are required, or if none are 0049 found in persistent storage. */ 0050 RequestNew = 0x02, /**< Explicitly prompt for new secrets from the user. This flag signals that NetworkManager thinks any existing secrets are invalid 0051 or wrong. This flag implies that interaction is allowed. */ 0052 UserRequested = 0x04, /**< Set if the request was initiated by user-requested action via the D-Bus interface, as opposed to automatically initiated by 0053 NetworkManager in response to (for example) scan results or carrier changes. */ 0054 }; 0055 Q_DECLARE_FLAGS(GetSecretsFlags, GetSecretsFlag) 0056 0057 /** 0058 * Capabilities to pass to secret agents 0059 */ 0060 enum Capability { 0061 NoCapability = 0, /**< No capability */ 0062 VpnHints = 0x01, /**< Pass hints to secret agent */ 0063 }; 0064 Q_DECLARE_FLAGS(Capabilities, Capability) 0065 0066 /** 0067 * Registers a SecretAgent with the \p id on NetworkManager 0068 * Optionally add a capabilities argument 0069 */ 0070 explicit SecretAgent(const QString &id, QObject *parent = nullptr); 0071 explicit SecretAgent(const QString &id, NetworkManager::SecretAgent::Capabilities capabilities, QObject *parent = nullptr); 0072 ~SecretAgent() override; 0073 0074 /** 0075 * Send to NetworkManager the \p error the subclass has 0076 * found, the \p explanation is useful for debugging purposes, 0077 * and the \p callMessage is ONLY needed if \ref setDelayedReply() 0078 * was set to @p true when the method was called. 0079 */ 0080 void sendError(Error error, const QString &explanation, const QDBusMessage &callMessage = QDBusMessage()) const; 0081 0082 public Q_SLOTS: 0083 /** 0084 * Called when the subclass should retrieve and return secrets. 0085 * If the request is canceled, called function should call 0086 * \ref sendError(), in this case the return value is ignored. 0087 * 0088 * @param connection Nested settings maps containing the connection for which secrets are being requested. 0089 * This may contain system-owned secrets if the agent has successfully authenticated to modify system network settings 0090 * and the GetSecrets request flags allow user interaction. 0091 * @param connection_path Object path of the connection for which secrets are being requested. 0092 * @param setting_name Setting name for which secrets are being requested. 0093 * @param hints Array of strings of key names in the requested setting for which NetworkManager thinks a secrets may be required, 0094 * and/or well-known identifiers and data that may be useful to the client in processing the secrets request. Note that it's not 0095 * always possible to determine which secret is required, so in some cases no hints may be given. The Agent should return any 0096 * secrets it has, or that it thinks are required, regardless of what hints NetworkManager sends in this request. 0097 * @param flags Flags which modify the behavior of the secrets request (see @ref GetSecretsFlag) 0098 */ 0099 virtual NMVariantMapMap GetSecrets(const NMVariantMapMap &connection, 0100 const QDBusObjectPath &connection_path, 0101 const QString &setting_name, 0102 const QStringList &hints, 0103 uint flags) = 0; 0104 0105 /** 0106 * Called when the subclass should cancel an outstanding request to 0107 * get secrets for a given connection. 0108 * Cancelling the request MUST \ref sendError() with the original 0109 * DBus message using \ref AgentCanceled param as the error type. 0110 * 0111 * @param connection_path Object path of the connection for which, if secrets for the given 'setting_name' are being requested, the request should be 0112 * canceled. 0113 * @param setting_name Setting name for which secrets for this connection were originally being requested. 0114 */ 0115 virtual void CancelGetSecrets(const QDBusObjectPath &connection_path, const QString &setting_name) = 0; 0116 0117 /** 0118 * Called when the subclass should save the secrets contained in the 0119 * connection to backing storage. 0120 * 0121 * @param connection Nested settings maps containing the connection for which secrets are being saved. 0122 * This may contain system-owned secrets if the agent has successfully authenticated to modify system network settings 0123 * and the GetSecrets request flags allow user interaction. 0124 * @param connection_path Object path of the connection for which the agent should save secrets to backing storage. 0125 */ 0126 virtual void SaveSecrets(const NMVariantMapMap &connection, const QDBusObjectPath &connection_path) = 0; 0127 0128 /** 0129 * Called when the subclass should delete the secrets contained in the 0130 * connection from backing storage. 0131 * 0132 * @param connection Nested settings maps containing the connection properties (sans secrets), 0133 * for which the agent should delete the secrets from backing storage. 0134 * @param connection_path Object path of the connection for which the agent should delete secrets from backing storage. 0135 */ 0136 virtual void DeleteSecrets(const NMVariantMapMap &connection, const QDBusObjectPath &connection_path) = 0; 0137 0138 private: 0139 Q_DECLARE_PRIVATE(SecretAgent) 0140 Q_PRIVATE_SLOT(d_func(), void registerAgent()) 0141 Q_PRIVATE_SLOT(d_func(), void registerAgent(const NetworkManager::SecretAgent::Capabilities capabilities)) 0142 Q_PRIVATE_SLOT(d_func(), void dbusInterfacesAdded(const QDBusObjectPath &path, const QVariantMap &interfaces)) 0143 0144 SecretAgentPrivate *const d_ptr; 0145 }; 0146 } 0147 Q_DECLARE_OPERATORS_FOR_FLAGS(NetworkManager::SecretAgent::GetSecretsFlags) 0148 Q_DECLARE_OPERATORS_FOR_FLAGS(NetworkManager::SecretAgent::Capabilities) 0149 0150 #endif // NETWORKMANAGERQT_SECRETAGENT_H