Refactor browser settings and TOTP #2284
Conversation
droidmonkey
force-pushed
the
refactor/static-init
branch
2 times, most recently
from
5399b23 to
46fe646
Compare
src/core/Entry.cpp
Outdated
| } | ||
| m_attributes->set("TOTP Settings", data); | ||
| m_attributes->set("TOTP Seed", m_data.totpSettings->key, true); | ||
| m_attributes->set("TOTP Settings", text); |
There was a problem hiding this comment.
I wonder if we could make this translatable somehow. But I think you should at least use a static symbol for this instead of repeating the raw string everywhere.
There was a problem hiding this comment.
I would not translate an attribute key. That would also break compat with the KeePass2 plugins.
src/gui/SetupTotpDialog.h
Outdated
| private Q_SLOTS: | ||
| void toggleDefault(bool status); | ||
| void toggleSteam(bool status); | ||
| explicit SetupTotpDialog(QWidget *parent = nullptr, Entry* entry = nullptr); |
There was a problem hiding this comment.
QWidget*
This class should also be called TotpSetupDialog.
There was a problem hiding this comment.
I agree with the name, I did consider that change
src/gui/TotpDialog.cpp
Outdated
| m_ui->progressBar->update(); | ||
| uCounter++; | ||
| m_counter++; |
src/totp/totp.h
Outdated
| static const QString STEAM_SHORTNAME = "S"; | ||
|
|
||
| QSharedPointer<Totp::Settings> parseSettings(const QString& rawSettings, const QString& key=QString()); | ||
| QSharedPointer<Totp::Settings> createSettings(const QString& key, const uint digits, const uint step, |
There was a problem hiding this comment.
Spaces around operators and use {} instead of QString().
droidmonkey
force-pushed
the
refactor/static-init
branch
from
c7185a3 to
7bc74bb
Compare
|
All requested changes were made @phoerious |
|
Ok good test, I agree the tests passed and was worried about this exact scenario. Check your system time. |
src/totp/totp.cpp
Outdated
|
|
||
| quint64 current; | ||
| if (time == 0) { | ||
| current = qToBigEndian(QDateTime::currentDateTime().toTime_t() / step); |
There was a problem hiding this comment.
Found the bug!
toTime_t() returns a 32bit uint, but it worked with the old code because it was stored in a quint64 variable before being passed to qToBigEndian.
toTime_t() is also obsolete since qt 5.8 and we should eventually replace it with toSecsSinceEpoch(), which already returns a qint64.
There was a problem hiding this comment.
I'll use the new function, seems the old one is way overdue for deletion. The tests don't pick this up since it requires "real time" to work.
There was a problem hiding this comment.
toSecsSinceEpoch() was introduced in 5.8 so we would need to increase the minimum Qt version requirement at https://github.com/keepassxreboot/keepassxc/blob/develop/INSTALL.md too
* Convert BrowserSettings into instanced class * Moved HostInstaller init into class constructor
* CSV Import and Entry Model
* Eliminate TOTP logic from GUI elements * Consolidate TOTP functionality under the Totp namespace * Eliminate guessing about state and encoders * Increased test cases * Add entry view column for TOTP [#2132] * General code cleanup, reduction of unnecessary steps, separation of concerns * Rename SetupTotpDialog to TotpSetupDialog for consistency
droidmonkey
force-pushed
the
refactor/static-init
branch
from
7bc74bb to
96d4ce2
Compare
|
Fixed the TOTP fail and cleaned up the commit list, this is ready for merge once approvals are granted. |
droidmonkey
force-pushed
the
refactor/static-init
branch
from
96d4ce2 to
f4afda6
Compare
droidmonkey
force-pushed
the
refactor/static-init
branch
from
f4afda6 to
1d525c8
Compare
droidmonkey
force-pushed
the
refactor/static-init
branch
from
1d525c8 to
823a916
Compare
- New Database Wizard [#1952] - Advanced Search [#1797] - Automatic update checker [#2648] - KeeShare database synchronization [#2109, #1992, #2738, #2742, #2746, #2739] - Improve favicon fetching; transition to Duck-Duck-Go [#2795, #2011, #2439] - Remove KeePassHttp support [#1752] - CLI: output info to stderr for easier scripting [#2558] - CLI: Add --quiet option [#2507] - CLI: Add create command [#2540] - CLI: Add recursive listing of entries [#2345] - CLI: Fix stdin/stdout encoding on Windows [#2425] - SSH Agent: Support OpenSSH for Windows [#1994] - macOS: TouchID Quick Unlock [#1851] - macOS: Multiple improvements; include CLI in DMG [#2165, #2331, #2583] - Linux: Prevent Klipper from storing secrets in clipboard [#1969] - Linux: Use polling based file watching for NFS [#2171] - Linux: Enable use of browser plugin in Snap build [#2802] - TOTP QR Code Generator [#1167] - High-DPI Scaling for 4k screens [#2404] - Make keyboard shortcuts more consistent [#2431] - Warn user if deleting referenced entries [#1744] - Allow toolbar to be hidden and repositioned [#1819, #2357] - Increase max allowed database timeout to 12 hours [#2173] - Password generator uses existing password length by default [#2318] - Improve alert message box button labels [#2376] - Show message when a database merge makes no changes [#2551] - Browser Integration Enhancements [#1497, #2253, #1904, #2232, #1850, #2218, #2391, #2396, #2542, #2622, #2637, #2790] - Overall Code Improvements [#2316, #2284, #2351, #2402, #2410, #2419, #2422, #2443, #2491, #2506, #2610, #2667, #2709, #2731]
Description
This is a pretty hefty refactor, but well needed (especially TOTP). This aligns BrowserSettings to be similar in design and function to Config and other settings classes. It is now dynamically initialized and accessed using an inline function. Some other static methods/vars were made dynamic due to them being private to their class and only initialized once.
TOTP was completely overhauled, every single function was changed and cleaned up. It was also placed into a namespace instead of a class since all its members are static (desired convention). The previous implementation was extremely brittle and required state to be stored across several different classes. Users of the previous TOTP class were required to know how it worked and when to supply proper variables (BAD!!). The new implementation is completely plug-and-play, no manual required!
Closes #2132
Motivation and context
Clean code == happy maintainers
How has this been tested?
Manually and with written tests
Screenshots (if appropriate):
No GUI layouts were harmed in this refactor. The SetupTotpDialog.ui only changes to using SettingsGroups to control radio buttons.
Types of changes
Checklist:
-DWITH_ASAN=ON. [REQUIRED]