diff options
Diffstat (limited to 'src/webview.cpp')
-rw-r--r-- | src/webview.cpp | 42 |
1 files changed, 32 insertions, 10 deletions
diff --git a/src/webview.cpp b/src/webview.cpp index 54d19eb..4fb8511 100644 --- a/src/webview.cpp +++ b/src/webview.cpp @@ -1,6 +1,7 @@ #include "webview.h" #include "nam.h" #include "global.h" +#include "settings.h" #include <QWebFrame> #include <QNetworkReply> @@ -14,9 +15,7 @@ #include <QWebElement> #include <QRegularExpression> #include <QWebPage> - -static QRegularExpression R_USER("^[a-z_A-Z][a-zA-Z0-9_@.-]{1,32}$"); -static QRegularExpression R_PASS("^[a-z0-9]{1,32}$"); +#include <QWebFrame> static QRegularExpression urlListToRegExp(const QStringList &list); @@ -35,13 +34,21 @@ QRegularExpression UaWebPage::re("(\\S+)$"); WebView::WebView(QWidget* parent) : QWebView(parent), - _timerAbortMessage(new QTimer(this)), - _abortedDownload(false), - _inErrorState(false), - _timerReset(new QTimer(this)), - _firstLoad(false) + _timerAbortMessage(new QTimer(this)), + _abortedDownload(false), + _inErrorState(false), + _timerReset(new QTimer(this)), + _firstLoad(false) { - this->setPage(new UaWebPage); + auto p = new UaWebPage; + if (!Settings::allowedShibbolethDomains().trimmed().isEmpty()) { + QObject::connect(p, &UaWebPage::frameCreated, [this](QWebFrame *frame) { + QObject::connect(frame, &QWebFrame::javaScriptWindowObjectCleared, [this, frame]() { + this->jsInjector(frame); + }); + }); + } + this->setPage(p); _timerAbortMessage->setSingleShot(true); _timerReset->setSingleShot(true); connect(page(), SIGNAL(windowCloseRequested()), this, SLOT(windowCloseRequested())); @@ -63,6 +70,14 @@ WebView::WebView(QWidget* parent) connect(this, &QWebView::loadFinished, this, &WebView::onLoadFinished); } +void WebView::jsInjector(QWebFrame *frame) +{ + QString str = Settings::allowedShibbolethDomains().replace( + QRegularExpression("[^\\w. -]", QRegularExpression::UseUnicodePropertiesOption), + QStringLiteral("")); + frame->evaluateJavaScript(QStringLiteral("var slxIdpFilter ='") + str + QStringLiteral("'")); +} + void WebView::windowCloseRequested() { // If we have an old URL stored on the stack, navigate back to it, otherwise we return and nothing happens @@ -137,6 +152,7 @@ void WebView::onLoadFinished(bool ok) auto pass = this->page()->mainFrame()->documentElement().findFirst("#bwlp-password"); auto err = this->page()->mainFrame()->documentElement().findFirst("#bwlp-error"); auto hash = this->page()->mainFrame()->documentElement().findFirst("#bwlp-hash"); + auto adminToken = this->page()->mainFrame()->documentElement().findFirst("#bwlp-cow-token"); if (!user.isNull() && !pass.isNull() && !hash.isNull()) { if (hash.toPlainText() != QCryptographicHash::hash(_token.toLatin1(), QCryptographicHash::Md5).toHex()) { qDebug() << " *** Invalid security hash ***"; @@ -145,8 +161,14 @@ void WebView::onLoadFinished(bool ok) } auto ustr = user.toPlainText(); auto upass = pass.toPlainText(); - if (ustr.contains('@') && R_USER.match(ustr).hasMatch() && R_PASS.match(upass).hasMatch()) { + if (Global::isValidShibCreds(ustr, upass)) { + QString token = adminToken.toPlainText(); + if (!token.isEmpty()) { + Global::writeCowToken(ustr, token); + } emit startAuthentication(ustr, "shib=" + _token + upass); + } else { + emit triggerReset("Invalid user or passhash format"); } } else if (!err.isNull()) { this->stop(); |