Top |
Functions
Description
GDataClientLoginAuthorizer provides an implementation of the GDataAuthorizer interface for authentication and authorization using the deprecated
ClientLogin process.As noted, the ClientLogin process is being deprecated in favour of OAuth 2.0. This API is not (yet) deprecated, however. One of the main reasons for ClientLogin being deprecated is that it cannot support two-factor authentication as now available to Google Accounts. Any account which has two-factor authentication enabled has to use a service-specific one-time password instead if a client is authenticating with GDataClientLoginAuthorizer. More documentation about this is
available online.Note that newer services cannot be authenticated against using ClientLogin, and a GDataOAuth2Authorizer must be used instead.
The ClientLogin process is a simple one whereby the user's Google Account username and password are sent over an HTTPS connection to the Google
Account servers (when gdata_client_login_authorizer_authenticate()
is called), which return an authorization token. This token is then attached to
all future requests to the online service. A slight complication is that the Google Accounts service may return a CAPTCHA challenge instead of
immediately returning an authorization token. In this case, the “captcha-challenge” signal will be emitted, and the
user's response to the CAPTCHA should be returned by the handler.
ClientLogin does not natively support authorization against multiple authorization domains concurrently with a single authorization token, so it
has to be simulated by maintaining multiple authorization tokens if multiple authorization domains are used. This means that proportionally more
network requests are made when gdata_client_login_authorizer_authenticate()
is called, which will be proportionally slower. Handling of the
multiple authorization tokens is otherwise transparent to the client.
Each authorization token is long lived, so reauthorization is rarely necessary with GDataClientLoginAuthorizer. Consequently, refreshing
authorization using gdata_authorizer_refresh_authorization()
is not supported by GDataClientLoginAuthorizer, and will immediately return FALSE
with no error set.
Example 6. Authenticating Asynchronously Using ClientLogin
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
GDataSomeService *service; GDataClientLoginAuthorizer *authorizer; /* Create an authorizer and authenticate and authorize the service we're using, asynchronously. */ authorizer = gdata_client_login_authorizer_new ("companyName-applicationName-versionID", GDATA_TYPE_SOME_SERVICE); gdata_client_login_authorizer_authenticate_async (authorizer, username, password, cancellable, (GAsyncReadyCallback) authenticate_cb, user_data); /* Create a service object and link it with the authorizer */ service = gdata_some_service_new (GDATA_AUTHORIZER (authorizer)); static void authenticate_cb (GDataClientLoginAuthorizer *authorizer, GAsyncResult *async_result, gpointer user_data) { GError *error = NULL; if (gdata_client_login_authorizer_authenticate_finish (authorizer, async_result, &error) == FALSE) { /* Notify the user of all errors except cancellation errors */ if (!g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED)) { g_error ("Authentication failed: %s", error->message); } g_error_free (error); return; } /* (The client is now authenticated and authorized against the service. * It can now proceed to execute queries on the service object which require the user to be authenticated.) */ } g_object_unref (service); g_object_unref (authorizer); |
Functions
gdata_client_login_authorizer_new ()
GDataClientLoginAuthorizer * gdata_client_login_authorizer_new (const gchar *client_id
,GType service_type
);
Creates a new GDataClientLoginAuthorizer. The client_id
must be unique for your application, and as registered with Google.
The GDataAuthorizationDomains for the given service_type
(i.e. as returned by gdata_service_get_authorization_domains()
) are the ones the
user will be logged in to using the provided username and password when gdata_client_login_authorizer_authenticate()
is called. Note that the same
username and password will be used for all domains.
Parameters
client_id |
your application's client ID |
|
service_type |
the GType of a GDataService subclass which the GDataClientLoginAuthorizer will be used with |
Since: 0.9.0
gdata_client_login_authorizer_new_for_authorization_domains ()
GDataClientLoginAuthorizer * gdata_client_login_authorizer_new_for_authorization_domains (const gchar *client_id
,GList *authorization_domains
);
Creates a new GDataClientLoginAuthorizer. The client_id
must be unique for your application, and as registered with Google. This function is
intended to be used only when the default authorization domain list for a single GDataService, as used by gdata_client_login_authorizer_new()
,
isn't suitable. For example, this could be because the GDataClientLoginAuthorizer will be used with multiple GDataService subclasses, or because
the client requires a specific set of authorization domains.
The specified GDataAuthorizationDomains are the ones the user will be logged in to using the provided username and password when
gdata_client_login_authorizer_authenticate()
is called. Note that the same username and password will be used for all domains.
Parameters
client_id |
your application's client ID |
|
authorization_domains |
a non-empty list of GDataAuthorizationDomains to be authorized against by the GDataClientLoginAuthorizer. |
[element-type GDataAuthorizationDomain][transfer none] |
Since: 0.9.0
gdata_client_login_authorizer_authenticate ()
gboolean gdata_client_login_authorizer_authenticate (GDataClientLoginAuthorizer *self
,const gchar *username
,const gchar *password
,GCancellable *cancellable
,GError **error
);
Authenticates the GDataClientLoginAuthorizer with the Google Accounts service using username
and password
and authorizes it against all the
service types passed to gdata_client_login_authorizer_new()
; i.e. logs into the service with the given user account. username
should be a full
e-mail address (e.g. john.smith@gmail.com
). If a full e-mail address is not given, username
will have
@gmail.com
appended to create an e-mail address
If cancellable
is not NULL
, then the operation can be cancelled by triggering the cancellable
object from another thread.
If the operation was cancelled, the error G_IO_ERROR_CANCELLED
will be returned.
If the operation errors or is cancelled part-way through, gdata_authorizer_is_authorized_for_domain()
is guaranteed to return FALSE
for all GDataAuthorizationDomains, even if authentication has succeeded for some of them already.
A GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_BAD_AUTHENTICATION
will be returned if authentication failed due to an incorrect username or password.
Other GDataClientLoginAuthorizerError errors can be returned for other conditions.
If the service requires a CAPTCHA to be completed, the “captcha-challenge” signal will be emitted.
The return value from a signal handler for the signal should be a newly allocated string containing the text from the image. If the text is NULL
or empty, authentication will fail with a GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_CAPTCHA_REQUIRED
error. Otherwise, authentication will be
automatically and transparently restarted with the new CAPTCHA details.
A GDATA_SERVICE_ERROR_PROTOCOL_ERROR
will be returned if the server's responses were invalid.
Parameters
self |
||
username |
the user's username |
|
password |
the user's password |
|
cancellable |
optional GCancellable object, or |
[allow-none] |
error |
Returns
TRUE
if authentication and authorization was successful against all the services, FALSE
otherwise
Since: 0.9.0
gdata_client_login_authorizer_authenticate_async ()
void gdata_client_login_authorizer_authenticate_async (GDataClientLoginAuthorizer *self
,const gchar *username
,const gchar *password
,GCancellable *cancellable
,GAsyncReadyCallback callback
,gpointer user_data
);
Authenticates the GDataClientLoginAuthorizer with the Google accounts service using the given username
and password
. self
, username
and
password
are all reffed/copied when this function is called, so can safely be freed after this function returns.
For more details, see gdata_client_login_authorizer_authenticate()
, which is the synchronous version of this function.
When the operation is finished, callback
will be called. You can then call gdata_client_login_authorizer_authenticate_finish()
to get the results of the operation.
Parameters
self |
||
username |
the user's username |
|
password |
the user's password |
|
cancellable |
optional GCancellable object, or |
[allow-none] |
callback |
a GAsyncReadyCallback to call when authentication is finished |
|
user_data |
data to pass to the |
[closure] |
Since: 0.9.0
gdata_client_login_authorizer_authenticate_finish ()
gboolean gdata_client_login_authorizer_authenticate_finish (GDataClientLoginAuthorizer *self
,GAsyncResult *async_result
,GError **error
);
Finishes an asynchronous authentication operation started with gdata_client_login_authorizer_authenticate_async()
.
Since: 0.9.0
gdata_client_login_authorizer_get_client_id ()
const gchar *
gdata_client_login_authorizer_get_client_id
(GDataClientLoginAuthorizer *self
);
Returns the authorizer's client ID, as specified on constructing the GDataClientLoginAuthorizer.
Since: 0.9.0
gdata_client_login_authorizer_get_username ()
const gchar *
gdata_client_login_authorizer_get_username
(GDataClientLoginAuthorizer *self
);
Returns the username of the currently authenticated user, or NULL
if nobody is authenticated.
It is not safe to call this while an authentication operation is ongoing.
Since: 0.9.0
gdata_client_login_authorizer_get_password ()
const gchar *
gdata_client_login_authorizer_get_password
(GDataClientLoginAuthorizer *self
);
Returns the password of the currently authenticated user, or NULL
if nobody is authenticated.
It is not safe to call this while an authentication operation is ongoing.
If libgdata is compiled with libgcr support, the password will be stored in non-pageable memory. Since this function doesn't return a copy of the password, the returned value is guaranteed to not hit disk. It's advised that any copies of the password made in client programs also use non-pageable memory.
Since: 0.9.0
gdata_client_login_authorizer_get_proxy_uri ()
SoupURI *
gdata_client_login_authorizer_get_proxy_uri
(GDataClientLoginAuthorizer *self
);
gdata_client_login_authorizer_get_proxy_uri
has been deprecated since version 0.15.0 and should not be used in newly-written code.
Use gdata_client_login_authorizer_get_proxy_resolver()
instead, which gives more flexibility over the proxy used.
Gets the proxy URI on the GDataClientLoginAuthorizer's SoupSession.
Since: 0.9.0
gdata_client_login_authorizer_set_proxy_uri ()
void gdata_client_login_authorizer_set_proxy_uri (GDataClientLoginAuthorizer *self
,SoupURI *proxy_uri
);
gdata_client_login_authorizer_set_proxy_uri
has been deprecated since version 0.15.0 and should not be used in newly-written code.
Use gdata_client_login_authorizer_set_proxy_resolver()
instead, which gives more flexibility over the proxy used.
Sets the proxy URI on the SoupSession used internally by the GDataClientLoginAuthorizer. This forces all requests through the given proxy.
If proxy_uri
is NULL
, no proxy will be used.
Since: 0.9.0
gdata_client_login_authorizer_get_proxy_resolver ()
GProxyResolver *
gdata_client_login_authorizer_get_proxy_resolver
(GDataClientLoginAuthorizer *self
);
gdata_client_login_authorizer_get_proxy_resolver
is deprecated and should not be used in newly-written code.
Gets the GProxyResolver on the GDataClientLoginAuthorizer's SoupSession.
Since: 0.15.0
gdata_client_login_authorizer_set_proxy_resolver ()
void gdata_client_login_authorizer_set_proxy_resolver (GDataClientLoginAuthorizer *self
,GProxyResolver *proxy_resolver
);
Sets the GProxyResolver on the SoupSession used internally by the given GDataClientLoginAuthorizer.
Setting this will clear the “proxy-uri” property.
Since: 0.15.0
gdata_client_login_authorizer_get_timeout ()
guint
gdata_client_login_authorizer_get_timeout
(GDataClientLoginAuthorizer *self
);
Gets the “timeout” property; the network timeout, in seconds.
Since: 0.9.0
gdata_client_login_authorizer_set_timeout ()
void gdata_client_login_authorizer_set_timeout (GDataClientLoginAuthorizer *self
,guint timeout
);
Sets the “timeout” property; the network timeout, in seconds.
If timeout
is 0
, network operations will never time out.
Since: 0.9.0
Types and Values
GDataClientLoginAuthorizer
typedef struct _GDataClientLoginAuthorizer GDataClientLoginAuthorizer;
All the fields in the GDataClientLoginAuthorizer structure are private and should never be accessed directly.
Since: 0.9.0
GDataClientLoginAuthorizerClass
typedef struct { } GDataClientLoginAuthorizerClass;
All the fields in the GDataClientLoginAuthorizerClass structure are private and should never be accessed directly.
Since: 0.9.0
enum GDataClientLoginAuthorizerError
Error codes for authentication and authorization operations on GDataClientLoginAuthorizer. See the
online ClientLogin documentation formore information.
Members
The login request used a username or password that is not recognized. |
||
The account email address has not been verified. The user will need to access their Google account directly to resolve the issue before logging in using a non-Google application. |
||
The user has not agreed to terms. The user will need to access their Google account directly to resolve the issue before logging in using a non-Google application. |
||
A CAPTCHA is required. (A response with this error code will also contain an image URI and a CAPTCHA token.) |
||
The user account has been deleted. |
||
The user account has been disabled. |
||
The user's access to the specified service has been disabled. (The user account may still be valid.) |
||
The user's account login details have been migrated to a new system. (This is used for the transition from the old YouTube login details to the new ones.) |
||
The user's account requires an application-specific password to be used. |
Since: 0.9.0
Property Details
The “client-id”
property
“client-id” gchar *
A client ID for your application (see the
reference documentation).It is recommended that the ID is of the form
.company name
-application name
-
version ID
Flags: Read / Write / Construct Only
Default value: NULL
Since: 0.9.0
The “password”
property
“password” gchar *
The user's account password for authentication.
This will only be set after authentication using gdata_client_login_authorizer_authenticate()
is completed successfully. It will
then be set to the password passed to gdata_client_login_authorizer_authenticate()
, and a “notify” signal will be emitted. If
authentication fails, it will be set to NULL
.
If libgdata is compiled with libgcr support, the password will be stored in non-pageable memory. However, if it is retrieved
using g_object_get()
(or related functions) it will be copied to non-pageable memory and could end up being written to disk. Accessing
the password using gdata_client_login_authorizer_get_password()
will not perform any copies, and so maintains privacy.
Flags: Read
Default value: NULL
Since: 0.9.0
The “proxy-resolver”
property
“proxy-resolver” GProxyResolver *
The GProxyResolver used to determine a proxy URI. Setting this will clear the “proxy-uri” property.
Flags: Read / Write
Since: 0.15.0
The “proxy-uri”
property
“proxy-uri” SoupURI *
The proxy URI used internally for all network requests.
GDataClientLoginAuthorizer:proxy-uri
has been deprecated since version 0.15.0 and should not be used in newly-written code.
Use “proxy-resolver” instead, which gives more flexibility over the proxy used.
Flags: Read / Write
Since: 0.9.0
The “timeout”
property
“timeout” guint
A timeout, in seconds, for network operations. If the timeout is exceeded, the operation will be cancelled and
GDATA_SERVICE_ERROR_NETWORK_ERROR
will be returned.
If the timeout is 0
, operations will never time out.
Flags: Read / Write
Default value: 0
Since: 0.9.0
The “username”
property
“username” gchar *
The user's Google username for authentication. This will always be a full e-mail address.
This will only be set after authentication using gdata_client_login_authorizer_authenticate()
is completed successfully. It will
then be set to the username passed to gdata_client_login_authorizer_authenticate()
, and a “notify” signal will be emitted. If
authentication fails, it will be set to NULL
.
Flags: Read
Default value: NULL
Since: 0.9.0
Signal Details
The “captcha-challenge”
signal
gchar* user_function (GDataClientLoginAuthorizer *authorizer, gchar *uri, gpointer user_data)
The “captcha-challenge” signal is emitted during the authentication process if the authorizer requires a CAPTCHA to be completed. The URI of a CAPTCHA image is given, and the program should display this to the user, and return their response (the text displayed in the image). There is no timeout imposed by the library for the response.
Parameters
authorizer |
the GDataClientLoginAuthorizer which received the challenge |
|
uri |
the URI of the CAPTCHA image to be used |
|
user_data |
user data set when the signal handler was connected. |
Flags: Run Last
Since: 0.9.0