 |
ImFusion C++ SDK 4.4.0
|
|
ImFusion C++ SDK 4.4.0
|
#include <ImFusionLabels/lib/include/ImFusion/Labels/Core/LabelsAuthorizationProvider.h>
Provides authorization for the remote project as well as DICOMweb and other web resources. More...
Provides authorization for the remote project as well as DICOMweb and other web resources.
It automatically fetches a potential Keycloak configuration from the server and can share tokens between different servers. E.g. if the user logged into the project with Keycloak and the server regards a specific DICOMweb server as trusted, the access token from the project is send to the DICOMweb server instead of showing another login dialog for the same user.
Classes | |
| struct | KeycloakConfig |
Public Member Functions | |
| LabelsAuthorizationProvider (const std::string &projectUrl, std::optional< KeycloakConfig > keycloakConfig) | |
| std::string | authorization (const Filesystem::Url &url) const override |
| Get the Authorization header for the given url. | |
| bool | refreshAuthorization (const Filesystem::Url &url, int numFailedRequests) override |
| Try to refresh the authorization without user interaction. | |
| bool | acquireAuthorization (const Filesystem::Url &serverUrl, const std::string &message) override |
| Acquire authorization by e.g. | |
| Public Member Functions inherited from ImFusion::QtAuthorizationProvider | |
| std::optional< Network::AccessToken > | accessToken (const Filesystem::Url &url) const override |
| Like authorization, but returns the full AccessToken. | |
| std::string | authorization (const Filesystem::Url &url) const override |
| Get the Authorization header for the given url. | |
| bool | refreshAuthorization (const Filesystem::Url &url, int numFailedRequests) override |
| Try to refresh the authorization without user interaction. | |
| bool | acquireAuthorization (const Filesystem::Url &serverUrl, const std::string &message) override |
| Acquire authorization by e.g. | |
| void | removeAuthorization (const Filesystem::Url &url) override |
| Remove any cached authorization for the given server. | |
| void | addBasicAuthorization () |
| void | addOAuth2DeviceFlow (Network::OAuth2::DeviceFlowConfig config) |
| void | addOAuth2AuthCodeFlow (Network::OAuth2::AuthorizationCodeFlowConfig config) |
| void | setDialogParent (QWidget *parent) |
| Sets the parent that will be used for the LoginDialog. | |
| Public Member Functions inherited from ImFusion::Network::AuthorizationProvider | |
| Filesystem::Url | extractServerUrl (const Filesystem::Url &url) const |
| Extract the server part of the URL. | |
Static Public Member Functions | |
| static std::shared_ptr< LabelsAuthorizationProvider > | acquireProjectAuthorization (const Filesystem::Url &serverUrl, QWidget *parent) |
| Tries to get a KeycloakConfig from the given server and shows a login dialog. | |
| static std::optional< KeycloakConfig > | getKeycloakConfig (const std::string &serverUrl) |
| Gets the keycloak configuration from a Labels server. | |
Additional Inherited Members | |
| Protected Types inherited from ImFusion::QtAuthorizationProvider | |
| using | ServerUrl = std::string |
| Protected Attributes inherited from ImFusion::QtAuthorizationProvider | |
| QWidget * | m_parent = nullptr |
| std::shared_mutex | m_serverAuthorizationsMutex |
| std::unordered_map< ServerUrl, Network::AccessToken > | m_serverAuthorizations |
| bool | m_useBasicAuth = false |
| std::optional< Network::OAuth2::DeviceFlowConfig > | m_useOAuth2DeviceFlow |
| std::optional< Network::OAuth2::AuthorizationCodeFlowConfig > | m_useOAuth2AuthCodeFlow |
|
static |
Tries to get a KeycloakConfig from the given server and shows a login dialog.
Returns nullptr if the user did not login successfully.
|
overridevirtual |
Get the Authorization header for the given url.
The url is the complete url for the request that is going to be performed. Implementation should cache the value according to the server URL (see extractServerUrl). When an empty string is returned, no Authorization header should be send. This method will be called from multiple threads.
Implements ImFusion::Network::AuthorizationProvider.
|
overridevirtual |
Try to refresh the authorization without user interaction.
Implementations should stop retrying after a certain number of failed attempts. This method will be called from multiple threads. If an auth scheme does not support refreshing without user interaction, implementations should return false after the first failed attempt.
Implementations that cache authorization according to the url, should remove entries from the cache that cannot be refreshed after one failed request.
This method can also be called without a previously failed request (numFailedRequests == 0) in case the token should be refreshed before it expires.
E.g. if this method fails, the authorization method should return an empty string until acquireAuthorization was called again.
Implements ImFusion::Network::AuthorizationProvider.
|
overridevirtual |
Acquire authorization by e.g.
asking the user.
This method might get called from another thread. In this case, implementations that require the main thread to show a GUI should just return false.
An optional message can be provided (e.g. to display an error from a previous login attempt).
Should return true if authorization could be acquired or false otherwise.
This method is not expected to check whether the acquired authorization actually works, because this is simply not possible with some auth schemes.
Code that requires authorization should call this method from the main thread before performing requests. If those requests fail with 401, this method should be called again from the main thread before retrying the requests. If multiple requests are run in parallel, it must be avoided to call this method multiple times simultaneous, because this might popup multiple dialogs.
Implements ImFusion::Network::AuthorizationProvider.