GNOME.org

GDataClientLoginAuthorizer

GDataClientLoginAuthorizer — GData ClientLogin authorization interface

Stability Level

Stable, unless otherwise indicated

Functions

GDataClientLoginAuthorizer * gdata_client_login_authorizer_new ()
GDataClientLoginAuthorizer * gdata_client_login_authorizer_new_for_authorization_domains ()
gboolean gdata_client_login_authorizer_authenticate ()
void gdata_client_login_authorizer_authenticate_async ()
gboolean gdata_client_login_authorizer_authenticate_finish ()
const gchar * gdata_client_login_authorizer_get_client_id ()
const gchar * gdata_client_login_authorizer_get_username ()
const gchar * gdata_client_login_authorizer_get_password ()
SoupURI * gdata_client_login_authorizer_get_proxy_uri ()
void gdata_client_login_authorizer_set_proxy_uri ()
GProxyResolver * gdata_client_login_authorizer_get_proxy_resolver ()
void gdata_client_login_authorizer_set_proxy_resolver ()
guint gdata_client_login_authorizer_get_timeout ()
void gdata_client_login_authorizer_set_timeout ()

Properties

gchar * client-id Read / Write / Construct Only
gchar * password Read
GProxyResolver * proxy-resolver Read / Write
SoupURI * proxy-uri Read / Write
guint timeout Read / Write
gchar * username Read

Signals

gchar* captcha-challenge Run Last

Types and Values

  GDataClientLoginAuthorizer
  GDataClientLoginAuthorizerClass
enum GDataClientLoginAuthorizerError

Object Hierarchy

    GObject
    ╰── GDataClientLoginAuthorizer

Implemented Interfaces

GDataClientLoginAuthorizer implements GDataAuthorizer.

Includes

#include <gdata/gdata-client-login-authorizer.h>

Description

GDataClientLoginAuthorizer provides an implementation of the GDataAuthorizer interface for authentication and authorization using the deprecated

ClientLogin process.

As noted, the ClientLogin process is being deprecated in favour of OAuth 2.0. This API is not (yet) deprecated, however. One of the main reasons for ClientLogin being deprecated is that it cannot support two-factor authentication as now available to Google Accounts. Any account which has two-factor authentication enabled has to use a service-specific one-time password instead if a client is authenticating with GDataClientLoginAuthorizer. More documentation about this is

available online.

Note that newer services cannot be authenticated against using ClientLogin, and a GDataOAuth2Authorizer must be used instead.

The ClientLogin process is a simple one whereby the user's Google Account username and password are sent over an HTTPS connection to the Google Account servers (when gdata_client_login_authorizer_authenticate() is called), which return an authorization token. This token is then attached to all future requests to the online service. A slight complication is that the Google Accounts service may return a CAPTCHA challenge instead of immediately returning an authorization token. In this case, the “captcha-challenge” signal will be emitted, and the user's response to the CAPTCHA should be returned by the handler.

ClientLogin does not natively support authorization against multiple authorization domains concurrently with a single authorization token, so it has to be simulated by maintaining multiple authorization tokens if multiple authorization domains are used. This means that proportionally more network requests are made when gdata_client_login_authorizer_authenticate() is called, which will be proportionally slower. Handling of the multiple authorization tokens is otherwise transparent to the client.

Each authorization token is long lived, so reauthorization is rarely necessary with GDataClientLoginAuthorizer. Consequently, refreshing authorization using gdata_authorizer_refresh_authorization() is not supported by GDataClientLoginAuthorizer, and will immediately return FALSE with no error set.

Example 6. Authenticating Asynchronously Using ClientLogin

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
GDataSomeService *service;
GDataClientLoginAuthorizer *authorizer;

/* Create an authorizer and authenticate and authorize the service we're using, asynchronously. */
authorizer = gdata_client_login_authorizer_new ("companyName-applicationName-versionID", GDATA_TYPE_SOME_SERVICE);
gdata_client_login_authorizer_authenticate_async (authorizer, username, password, cancellable,
                                                  (GAsyncReadyCallback) authenticate_cb, user_data);

/* Create a service object and link it with the authorizer */
service = gdata_some_service_new (GDATA_AUTHORIZER (authorizer));

static void
authenticate_cb (GDataClientLoginAuthorizer *authorizer, GAsyncResult *async_result, gpointer user_data)
{
	GError *error = NULL;

	if (gdata_client_login_authorizer_authenticate_finish (authorizer, async_result, &error) == FALSE) {
		/* Notify the user of all errors except cancellation errors */
		if (!g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED)) {
			g_error ("Authentication failed: %s", error->message);
		}
		g_error_free (error);
		return;
	}

	/* (The client is now authenticated and authorized against the service.
	 * It can now proceed to execute queries on the service object which require the user to be authenticated.) */
}

g_object_unref (service);
g_object_unref (authorizer);


Functions

gdata_client_login_authorizer_new ()

GDataClientLoginAuthorizer *
gdata_client_login_authorizer_new (const gchar *client_id,
                                   GType service_type);

Creates a new GDataClientLoginAuthorizer. The client_id must be unique for your application, and as registered with Google.

The GDataAuthorizationDomains for the given service_type (i.e. as returned by gdata_service_get_authorization_domains()) are the ones the user will be logged in to using the provided username and password when gdata_client_login_authorizer_authenticate() is called. Note that the same username and password will be used for all domains.

Parameters

client_id

your application's client ID

  

service_type

the GType of a GDataService subclass which the GDataClientLoginAuthorizer will be used with

  

Returns

a new GDataClientLoginAuthorizer, or NULL; unref with g_object_unref().

[transfer full]

Since 0.9.0

gdata_client_login_authorizer_new_for_authorization_domains ()

GDataClientLoginAuthorizer *
gdata_client_login_authorizer_new_for_authorization_domains
                               (const gchar *client_id,
                                GList *authorization_domains);

Creates a new GDataClientLoginAuthorizer. The client_id must be unique for your application, and as registered with Google. This function is intended to be used only when the default authorization domain list for a single GDataService, as used by gdata_client_login_authorizer_new(), isn't suitable. For example, this could be because the GDataClientLoginAuthorizer will be used with multiple GDataService subclasses, or because the client requires a specific set of authorization domains.

The specified GDataAuthorizationDomains are the ones the user will be logged in to using the provided username and password when gdata_client_login_authorizer_authenticate() is called. Note that the same username and password will be used for all domains.

Parameters

client_id

your application's client ID

  

authorization_domains

a non-empty list of GDataAuthorizationDomains to be authorized against by the GDataClientLoginAuthorizer.

[element-type GDataAuthorizationDomain][transfer none]

Returns

a new GDataClientLoginAuthorizer, or NULL; unref with g_object_unref().

[transfer full]

Since 0.9.0

gdata_client_login_authorizer_authenticate ()

gboolean
gdata_client_login_authorizer_authenticate
                               (GDataClientLoginAuthorizer *self,
                                const gchar *username,
                                const gchar *password,
                                GCancellable *cancellable,
                                GError **error);

Authenticates the GDataClientLoginAuthorizer with the Google Accounts service using username and password and authorizes it against all the service types passed to gdata_client_login_authorizer_new(); i.e. logs into the service with the given user account. username should be a full e-mail address (e.g. john.smith@gmail.com). If a full e-mail address is not given, username will have @gmail.com appended to create an e-mail address

If cancellable is not NULL, then the operation can be cancelled by triggering the cancellable object from another thread. If the operation was cancelled, the error G_IO_ERROR_CANCELLED will be returned.

If the operation errors or is cancelled part-way through, gdata_authorizer_is_authorized_for_domain() is guaranteed to return FALSE for all GDataAuthorizationDomains, even if authentication has succeeded for some of them already.

A GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_BAD_AUTHENTICATION will be returned if authentication failed due to an incorrect username or password. Other GDataClientLoginAuthorizerError errors can be returned for other conditions.

If the service requires a CAPTCHA to be completed, the “captcha-challenge” signal will be emitted. The return value from a signal handler for the signal should be a newly allocated string containing the text from the image. If the text is NULL or empty, authentication will fail with a GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_CAPTCHA_REQUIRED error. Otherwise, authentication will be automatically and transparently restarted with the new CAPTCHA details.

A GDATA_SERVICE_ERROR_PROTOCOL_ERROR will be returned if the server's responses were invalid.

Parameters

self

a GDataClientLoginAuthorizer

  

username

the user's username

  

password

the user's password

  

cancellable

optional GCancellable object, or NULL.

[allow-none]

error

a GError, or NULL

  

Returns

TRUE if authentication and authorization was successful against all the services, FALSE otherwise

Since 0.9.0

gdata_client_login_authorizer_authenticate_async ()

void
gdata_client_login_authorizer_authenticate_async
                               (GDataClientLoginAuthorizer *self,
                                const gchar *username,
                                const gchar *password,
                                GCancellable *cancellable,
                                GAsyncReadyCallback callback,
                                gpointer user_data);

Authenticates the GDataClientLoginAuthorizer with the Google accounts service using the given username and password . self , username and password are all reffed/copied when this function is called, so can safely be freed after this function returns.

For more details, see gdata_client_login_authorizer_authenticate(), which is the synchronous version of this function.

When the operation is finished, callback will be called. You can then call gdata_client_login_authorizer_authenticate_finish() to get the results of the operation.

Parameters

self

a GDataClientLoginAuthorizer

  

username

the user's username

  

password

the user's password

  

cancellable

optional GCancellable object, or NULL.

[allow-none]

callback

a GAsyncReadyCallback to call when authentication is finished

  

user_data

data to pass to the callback function.

[closure]

Since 0.9.0

gdata_client_login_authorizer_authenticate_finish ()

gboolean
gdata_client_login_authorizer_authenticate_finish
                               (GDataClientLoginAuthorizer *self,
                                GAsyncResult *async_result,
                                GError **error);

Finishes an asynchronous authentication operation started with gdata_client_login_authorizer_authenticate_async().

Parameters

self

a GDataClientLoginAuthorizer

  

async_result

a GAsyncResult

  

error

a GError, or NULL

  

Returns

TRUE if authentication was successful, FALSE otherwise

Since 0.9.0

gdata_client_login_authorizer_get_client_id ()

const gchar *
gdata_client_login_authorizer_get_client_id
                               (GDataClientLoginAuthorizer *self);

Returns the authorizer's client ID, as specified on constructing the GDataClientLoginAuthorizer.

Parameters

self

a GDataClientLoginAuthorizer

  

Returns

the authorizer's client ID

Since 0.9.0

gdata_client_login_authorizer_get_username ()

const gchar *
gdata_client_login_authorizer_get_username
                               (GDataClientLoginAuthorizer *self);

Returns the username of the currently authenticated user, or NULL if nobody is authenticated.

It is not safe to call this while an authentication operation is ongoing.

Parameters

self

a GDataClientLoginAuthorizer

  

Returns

the username of the currently authenticated user, or NULL

Since 0.9.0

gdata_client_login_authorizer_get_password ()

const gchar *
gdata_client_login_authorizer_get_password
                               (GDataClientLoginAuthorizer *self);

Returns the password of the currently authenticated user, or NULL if nobody is authenticated.

It is not safe to call this while an authentication operation is ongoing.

If libgdata is compiled with libgcr support, the password will be stored in non-pageable memory. Since this function doesn't return a copy of the password, the returned value is guaranteed to not hit disk. It's advised that any copies of the password made in client programs also use non-pageable memory.

Parameters

self

a GDataClientLoginAuthorizer

  

Returns

the password of the currently authenticated user, or NULL

Since 0.9.0

gdata_client_login_authorizer_get_proxy_uri ()

SoupURI *
gdata_client_login_authorizer_get_proxy_uri
                               (GDataClientLoginAuthorizer *self);

gdata_client_login_authorizer_get_proxy_uri has been deprecated since version 0.15.0 and should not be used in newly-written code.

Use gdata_client_login_authorizer_get_proxy_resolver() instead, which gives more flexibility over the proxy used.

Gets the proxy URI on the GDataClientLoginAuthorizer's SoupSession.

Parameters

self

a GDataClientLoginAuthorizer

  

Returns

the proxy URI, or NULL; free with soup_uri_free().

[transfer full]

Since 0.9.0

gdata_client_login_authorizer_set_proxy_uri ()

void
gdata_client_login_authorizer_set_proxy_uri
                               (GDataClientLoginAuthorizer *self,
                                SoupURI *proxy_uri);

gdata_client_login_authorizer_set_proxy_uri has been deprecated since version 0.15.0 and should not be used in newly-written code.

Use gdata_client_login_authorizer_set_proxy_resolver() instead, which gives more flexibility over the proxy used.

Sets the proxy URI on the SoupSession used internally by the GDataClientLoginAuthorizer. This forces all requests through the given proxy.

If proxy_uri is NULL, no proxy will be used.

Parameters

self

a GDataClientLoginAuthorizer

  

proxy_uri

the proxy URI, or NULL.

[allow-none]

Since 0.9.0

gdata_client_login_authorizer_get_proxy_resolver ()

GProxyResolver *
gdata_client_login_authorizer_get_proxy_resolver
                               (GDataClientLoginAuthorizer *self);

gdata_client_login_authorizer_get_proxy_resolver is deprecated and should not be used in newly-written code.

Gets the GProxyResolver on the GDataClientLoginAuthorizer's SoupSession.

Parameters

self

a GDataClientLoginAuthorizer

  

Returns

a GProxyResolver, or NULL.

[transfer none][allow-none]

Since 0.15.0

gdata_client_login_authorizer_set_proxy_resolver ()

void
gdata_client_login_authorizer_set_proxy_resolver
                               (GDataClientLoginAuthorizer *self,
                                GProxyResolver *proxy_resolver);

Sets the GProxyResolver on the SoupSession used internally by the given GDataClientLoginAuthorizer.

Setting this will clear the “proxy-uri” property.

Parameters

self

a GDataClientLoginAuthorizer

  

proxy_resolver

a GProxyResolver, or NULL.

[allow-none]

Since 0.15.0

gdata_client_login_authorizer_get_timeout ()

guint
gdata_client_login_authorizer_get_timeout
                               (GDataClientLoginAuthorizer *self);

Gets the “timeout” property; the network timeout, in seconds.

Parameters

self

a GDataClientLoginAuthorizer

  

Returns

the timeout, or 0

Since 0.9.0

gdata_client_login_authorizer_set_timeout ()

void
gdata_client_login_authorizer_set_timeout
                               (GDataClientLoginAuthorizer *self,
                                guint timeout);

Sets the “timeout” property; the network timeout, in seconds.

If timeout is 0, network operations will never time out.

Parameters

self

a GDataClientLoginAuthorizer

  

timeout

the timeout, or 0

  

Since 0.9.0

Types and Values

GDataClientLoginAuthorizer

typedef struct _GDataClientLoginAuthorizer GDataClientLoginAuthorizer;

All the fields in the GDataClientLoginAuthorizer structure are private and should never be accessed directly.

Since 0.9.0

GDataClientLoginAuthorizerClass

typedef struct {
} GDataClientLoginAuthorizerClass;

All the fields in the GDataClientLoginAuthorizerClass structure are private and should never be accessed directly.

Since 0.9.0

enum GDataClientLoginAuthorizerError

Error codes for authentication and authorization operations on GDataClientLoginAuthorizer. See the

online ClientLogin documentation for

more information.

Members

GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_BAD_AUTHENTICATION

The login request used a username or password that is not recognized.

  

GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_NOT_VERIFIED

The account email address has not been verified. The user will need to access their Google account directly to resolve the issue before logging in using a non-Google application.

  

GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_TERMS_NOT_AGREED

The user has not agreed to terms. The user will need to access their Google account directly to resolve the issue before logging in using a non-Google application.

  

GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_CAPTCHA_REQUIRED

A CAPTCHA is required. (A response with this error code will also contain an image URI and a CAPTCHA token.)

  

GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_ACCOUNT_DELETED

The user account has been deleted.

  

GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_ACCOUNT_DISABLED

The user account has been disabled.

  

GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_SERVICE_DISABLED

The user's access to the specified service has been disabled. (The user account may still be valid.)

  

GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_ACCOUNT_MIGRATED

The user's account login details have been migrated to a new system. (This is used for the transition from the old YouTube login details to the new ones.)

  

GDATA_CLIENT_LOGIN_AUTHORIZER_ERROR_INVALID_SECOND_FACTOR

The user's account requires an application-specific password to be used.

  

Since 0.9.0

Property Details

The “client-id” property

  “client-id”                gchar *

A client ID for your application (see the

reference documentation).

It is recommended that the ID is of the form company name-application name- version ID.

Flags: Read / Write / Construct Only

Default value: NULL

Since 0.9.0

The “password” property

  “password”                 gchar *

The user's account password for authentication.

This will only be set after authentication using gdata_client_login_authorizer_authenticate() is completed successfully. It will then be set to the password passed to gdata_client_login_authorizer_authenticate(), and a “notify” signal will be emitted. If authentication fails, it will be set to NULL.

If libgdata is compiled with libgcr support, the password will be stored in non-pageable memory. However, if it is retrieved using g_object_get() (or related functions) it will be copied to non-pageable memory and could end up being written to disk. Accessing the password using gdata_client_login_authorizer_get_password() will not perform any copies, and so maintains privacy.

Flags: Read

Default value: NULL

Since 0.9.0

The “proxy-resolver” property

  “proxy-resolver”           GProxyResolver *

The GProxyResolver used to determine a proxy URI. Setting this will clear the “proxy-uri” property.

Flags: Read / Write

Since 0.15.0

The “proxy-uri” property

  “proxy-uri”                SoupURI *

The proxy URI used internally for all network requests.

GDataClientLoginAuthorizer:proxy-uri has been deprecated since version 0.15.0 and should not be used in newly-written code.

Use “proxy-resolver” instead, which gives more flexibility over the proxy used.

Flags: Read / Write

Since 0.9.0

The “timeout” property

  “timeout”                  guint

A timeout, in seconds, for network operations. If the timeout is exceeded, the operation will be cancelled and GDATA_SERVICE_ERROR_NETWORK_ERROR will be returned.

If the timeout is 0, operations will never time out.

Flags: Read / Write

Default value: 0

Since 0.9.0

The “username” property

  “username”                 gchar *

The user's Google username for authentication. This will always be a full e-mail address.

This will only be set after authentication using gdata_client_login_authorizer_authenticate() is completed successfully. It will then be set to the username passed to gdata_client_login_authorizer_authenticate(), and a “notify” signal will be emitted. If authentication fails, it will be set to NULL.

Flags: Read

Default value: NULL

Since 0.9.0

Signal Details

The “captcha-challenge” signal

gchar*
user_function (GDataClientLoginAuthorizer *authorizer,
               gchar                      *uri,
               gpointer                    user_data)

The “captcha-challenge” signal is emitted during the authentication process if the authorizer requires a CAPTCHA to be completed. The URI of a CAPTCHA image is given, and the program should display this to the user, and return their response (the text displayed in the image). There is no timeout imposed by the library for the response.

Parameters

authorizer

the GDataClientLoginAuthorizer which received the challenge

  

uri

the URI of the CAPTCHA image to be used

  

user_data

user data set when the signal handler was connected.

  

Returns

a newly allocated string containing the text in the CAPTCHA image

Flags: Run Last

Since 0.9.0

Generated by GTK-Doc V1.21.1