Saving/Restoring OAuth2 tokens



  • Ok... so I've just about wrestled this into submission... I can authenticate and get myself a token properly. I've set it up so I save said token so I don't have to re-auth every time I start my app (assuming the token hasn't expired, which is checked). I've utilized the setToken() function from QOAuth2AuthorizationCodeFlow... but I see no means of setting the expiration time. I also can't refresh the token when I set it this way.... I'm not altogether positive it's actually usable when done like this. Has anyone figured out a means of saving/restoring the valid tokens for this purpose? Btw, I'm currently using Qt 5.9.0 beta...

    Also, is there a reasonably secure means of encrypting the token for storage at rest? Or the OAuth2 client data, for that matter (currently stored via a qrc-embedded json file)?

    Here's what I'm working with:

    myClass::myClass(const QString & instance, QNetworkAccessManager * nam, QObject * parent) : QOAuth2AuthorizationCodeFlow(nam, parent)
    {
    	QOAuthHttpServerReplyHandler * handler = new QOAuthHttpServerReplyHandler(8080, this);
    	QFile file(instance);
    	file.open(QIODevice::ReadOnly | QIODevice::Text);
    	Q_ASSERT(file.isOpen());
    	const QString contents = file.readAll();
    	QSettings s;
    	file.close();
    	connect(this, &QOAuth2AuthorizationCodeFlow::authorizeWithBrowser, &QDesktopServices::openUrl);	// works for android & PC
    	connect(this, &QOAuth2AuthorizationCodeFlow::requestFailed, [](const QAbstractOAuth::Error error)
    	{
    		qFatal("OAuth request failed: %d", (int)error);
    	});
    	connect(this, &QAbstractOAuth::granted, [this]()
    	{
    		QSettings s;
    		qDebug("Authorization granted...");
    		s.beginGroup("OAuth2");
    		s.setValue("token", token());
    		s.setValue("expiration", expirationAt());
    		s.endGroup();
    		qDebug("Token:%s\nExpiration:%s", qPrintable(token()), qPrintable(expirationAt().toString()));
    	});
    
    	const QJsonDocument document = QJsonDocument::fromJson(contents.toUtf8());
    	const QJsonObject object = document.object();
    	const QJsonObject settingsObject(object["web"].toObject());
    
    	setClientIdentifier(settingsObject["client_id"].toString());
    	setAuthorizationUrl(settingsObject["auth_uri"].toString());
    	setAccessTokenUrl(settingsObject["token_uri"].toString());
    	setClientIdentifierSharedKey(settingsObject["client_secret"].toString());
    	setScope("https://www.googleapis.com/auth/cloud-platform");
    	setReplyHandler(handler);
    	s.beginGroup("OAuth2");
    	QDateTime expiration = s.value("expiration").toDateTime();
    	if(expiration > QDateTime::currentDateTime())
    	{
    		qDebug("Existing token still valid...");
    		setToken(s.value("token").toString());
    		// refreshAccessToken();	// fails due to a missing "refresh" token?
    		qDebug("Token expires: %s", qPrintable(expirationAt().toString()));	// is blank/unset
    	}
    	else
    	{
    		grant();
    	}
    	s.endGroup();
    }
    


  • Anyone??


  • Lifetime Qt Champion

    Hi,

    The module being pretty new, I'd recommend posting this question on the interest mailing list. You'll find there Qt's developers/maintainers. This forum is more user oriented.



  • Hello,
    you also need the string "refreshToken"
    refreshtoken and accessToken are different,
    but setRefreshToken() and refreshToken() are not implemented.
    when granted is achieved, the variable "refreshToken" is not save. because "missing "refresh" token"


  • Banned

    This post is deleted!

Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.