Name: @PACKAGE@
Version: @VERSION@
-Release: 3%{?dist}
+Release: 5%{?dist}
Summary: Moonshot Federated Identity User Interface
Group: Security Tools
BuildRequires: shared-mime-info
BuildRequires: gnome-keyring-devel
-#Requires:
+Requires: desktop-file-utils, shared-mime-info
%description
%{_datadir}/moonshot-ui
%{_libexecdir}/moonshot-ui/moonshot-dbus-launch
%{_libdir}/libmoonshot.so.*
+%config(noreplace) %{_sysconfdir}/moonshot/*
%doc webprovisioning/default-identity.msht
%files devel
public Rule[] rules {get; set; default = {};}
public string[] services { get; set; default = {}; }
+ public bool temporary {get; set; default = false; }
public TrustAnchor trust_anchor { get; set; default = new TrustAnchor (); }
}
public void add_card(IdCard card, bool force_flat_file_store) {
+ if (card.temporary)
+ return;
+
string candidate;
IIdentityCardStore.StoreType saved_store_type = get_store_type();
public IdCard update_card(IdCard card) {
IdCard retval;
+ if (card.temporary) {
+ retval = card;
+ return retval;
+ }
+
if (!card.store_password)
password_table.CachePassword(card, store);
else
public IdCard check_add_password(IdCard identity, IdentityRequest request, IdentityManagerModel model)
{
IdCard retval = identity;
- if ((identity.password == "") && !identity.IsNoIdentity())
- {
- var dialog = new AddPasswordDialog (identity, request);
- var result = dialog.run ();
-
- switch (result) {
- case ResponseType.OK:
- identity.password = dialog.password;
- identity.store_password = dialog.remember;
+ bool idcard_has_pw = (identity.password != null) && (identity.password != "");
+ bool request_has_pw = (request.password != null) && (request.password != "");
+ if ((!idcard_has_pw) && (!identity.IsNoIdentity())) {
+ if (request_has_pw) {
+ identity.password = request.password;
retval = model.update_card(identity);
- break;
- default:
- identity = null;
- break;
+ } else {
+ var dialog = new AddPasswordDialog (identity, request);
+ var result = dialog.run ();
+
+ switch (result) {
+ case ResponseType.OK:
+ identity.password = dialog.password;
+ identity.store_password = dialog.remember;
+ if (dialog.remember)
+ identity.temporary = false;
+ retval = model.update_card(identity);
+ break;
+ default:
+ identity = null;
+ break;
+ }
+ dialog.destroy ();
}
-
- dialog.destroy ();
}
return retval;
}
- public void send_identity_cb (IdCard identity)
+ public void send_identity_cb (IdCard id)
{
+ IdCard identity = id;
return_if_fail (request_queue.length > 0);
candidates = null;
var request = this.request_queue.pop_head ();
- check_add_password(identity, request, identities_manager);
+ identity = check_add_password(identity, request, identities_manager);
if (this.request_queue.is_empty())
{
candidates = null;
bool has_nai = request.nai != null && request.nai != "";
bool has_srv = request.service != null && request.service != "";
bool confirm = false;
- IdCard nai_provided = null;
foreach (IdCard id in model.get_card_list())
{
- /* If NAI matches we add id card to the candidate list */
+ /* If NAI matches, use this id card */
if (has_nai && request.nai == id.nai)
{
- nai_provided = id;
- request.candidates.append (id);
- continue;
+ identity = id;
+ break;
}
/* If any service matches we add id card to the candidate list */
}
/* If more than one candidate we dissasociate service from all ids */
- if (has_srv && request.candidates.length() > 1)
+ if ((identity == null) && has_srv && request.candidates.length() > 1)
{
foreach (IdCard id in request.candidates)
{
}
}
-// model.store_id_cards ();
-
/* If there are no candidates we use the service matching rules */
- if (request.candidates.length () == 0)
+ if ((identity==null) && (request.candidates.length () == 0))
{
foreach (IdCard id in model.get_card_list())
{
}
}
- if (request.candidates.length () > 1)
- {
- if (has_nai && nai_provided != null)
- {
- identity = nai_provided;
- confirm = false;
- }
- else
- confirm = true;
- }
- if (identity == null)
- identity = request.candidates.nth_data (0);
- if ((identity != null) &&
- ((identity.password == null) || (identity.password == "")))
+ if ((identity == null) && has_nai) {
+ // create a temp identity
+ string[] components = request.nai.split("@", 2);
+ identity = new IdCard();
+ identity.display_name = request.nai;
+ identity.username = components[0];
+ if (components.length > 1)
+ identity.issuer = components[1];
identity.password = request.password;
+ identity.temporary = true;
+ }
if (identity == null) {
- if (has_nai) {
- // create a temp identity
- string[] components = request.nai.split("@", 2);
- identity = new IdCard();
- identity.display_name = request.nai;
- identity.username = components[0];
- if (components.length > 1)
- identity.issuer = components[1];
- identity.password = request.password;
- } else {
+ if (request.candidates.length () != 1) {
confirm = true;
+ } else {
+ identity = request.candidates.nth_data (0);
}
}
- /* TODO: If candidate list empty return fail */
-
if (confirm && (view != null))
{
if (!explicitly_launched)
if (idcard.display_name == card.display_name)
return idcard;
return null;
- }
+ }
- public void remove_card(IdCard card) {
+ public void remove_card(IdCard card) {
id_card_list.remove(card);
store_id_cards ();
}
- public LinkedList<IdCard> get_card_list() {
- return id_card_list;
- }
+ public LinkedList<IdCard> get_card_list() {
+ return id_card_list;
+ }
- public IIdentityCardStore.StoreType get_store_type() {
- return IIdentityCardStore.StoreType.FLAT_FILE;
- }
+ public IIdentityCardStore.StoreType get_store_type() {
+ return IIdentityCardStore.StoreType.FLAT_FILE;
+ }
- private void load_id_cards() {
+ private void load_id_cards() {
id_card_list.clear();
var key_file = new KeyFile ();
var path = get_data_dir ();
stdout.printf ("Error: %s\n", e.message);
}
}
- }
+ }
private string get_data_dir() {
string path;
/* Rules */
else if (stack.nth_data(0) == "pattern" && pattern_handler (stack))
{
- card.rules[card.rules.length - 1].pattern = text;
+ /* use temp index to workaround valac bug */
+ int index = card.rules.length - 1;
+ card.rules[index].pattern = text;
}
else if (stack.nth_data(0) == "always-confirm" && always_confirm_handler (stack))
{
- if (text == "true" || text == "false")
- card.rules[card.rules.length - 1].always_confirm = text;
+ if (text == "true" || text == "false") {
+ /* use temp index to workaround valac bug */
+ int index = card.rules.length - 1;
+ card.rules[index].always_confirm = text;
+ }
}
/*Trust anchor*/
else if (stack.nth_data(0) == "ca-cert" && ca_cert_handler (stack))
if ((id_card != null) && (id_card.display_name != IdCard.NO_IDENTITY)) {
nai_out = id_card.nai;
- password_out = id_card.password;
+ if ((request.password!=null) && (request.password != ""))
+ password_out = request.password;
+ else
+ password_out = id_card.password;
server_certificate_hash = id_card.trust_anchor.server_cert;
ca_certificate = id_card.trust_anchor.ca_cert;