Merge 99342372d2 into edc13ed14d

fix link in Readme

GPClient/CMakeLists.txt

@@ -17,6 +17,7 @@ add_executable(gpclient
     cdpcommand.cpp
     cdpcommandmanager.cpp
     enhancedwebview.cpp
+    enhancedwebpage.cpp
     gatewayauthenticator.cpp
     gatewayauthenticatorparams.cpp
     gpgateway.cpp
@@ -95,6 +96,7 @@ target_link_libraries(gpclient
     Qt5::DBus
     QtSignals
     ${QTKEYCHAIN_LIBRARIES}
+    inih
 )
 
 if (CMAKE_CXX_COMPILER_VERSION VERSION_GREATER 8.0 AND CMAKE_BUILD_TYPE STREQUAL Release)

GPClient/enhancedwebpage.cpp

@@ -0,0 +1,8 @@
+#include "enhancedwebpage.h"
+#include <QWebEngineCertificateError>
+#include <plog/Log.h>
+
+bool EnhancedWebPage::certificateError(const QWebEngineCertificateError &certificateError) {
+    LOGI << "An error occurred during certificate verification for " << certificateError.url().toString() << "; " << certificateError.errorDescription();
+    return certificateError.isOverridable();
+};

GPClient/enhancedwebpage.h

@@ -0,0 +1,12 @@
+#ifndef ENHANCEDWEBPAGE_H
+#define ENHANCEDWEBPAGE_H
+
+#include <QtWebEngineWidgets/qwebenginepage.h>
+
+class EnhancedWebPage : public QWebEnginePage
+{
+protected:
+    bool certificateError(const QWebEngineCertificateError &certificateError) override;
+};
+
+#endif // !ECHANCEDWEBPAG

GPClient/enhancedwebview.cpp

@@ -1,6 +1,7 @@
 #include <QtCore/QProcessEnvironment>
 #include <QtWebEngineWidgets/QWebEngineView>
 
+#include "enhancedwebpage.h"
 #include "enhancedwebview.h"
 #include "cdpcommandmanager.h"
 
@@ -14,6 +15,7 @@ EnhancedWebView::EnhancedWebView(QWidget *parent)
 
 void EnhancedWebView::initialize()
 {
+    setPage(new EnhancedWebPage());
     auto port = QProcessEnvironment::systemEnvironment().value(ENV_CDP_PORT);
     cdp->initialize("http://127.0.0.1:" + port + "/json");
 }

GPClient/gatewayauthenticator.cpp

@@ -151,7 +151,7 @@ void GatewayAuthenticator::samlAuth(QString samlMethod, QString samlRequest, QSt
 {
     LOGI << "Trying to perform SAML login with saml-method " << samlMethod;
 
-    auto *loginWindow = new SAMLLoginWindow;
+    auto *loginWindow = new SAMLLoginWindow(gateway);
 
     connect(loginWindow, &SAMLLoginWindow::success, [this, loginWindow](const QMap<QString, QString> &samlResult) {
         this->onSAMLLoginSuccess(samlResult);

GPClient/gatewayauthenticatorparams.cpp

@@ -64,4 +64,3 @@ void GatewayAuthenticatorParams::setInputStr(const QString &inputStr)
 {
     m_inputStr = inputStr;
 }
-

GPClient/gpclient.cpp

@@ -339,7 +339,7 @@ void GPClient::onPortalFail(const QString &msg)
 
 void GPClient::tryGatewayLogin()
 {
-    LOGI << "Try to preform login on the the gateway interface...";
+    LOGI << "Try to perform login on the the gateway interface...";
 
     // Treat the portal input as the gateway address
     GPGateway g;

GPClient/portalauthenticator.cpp

@@ -32,7 +32,7 @@ void PortalAuthenticator::authenticate()
 {
     attempts++;
 
-    LOGI << QString("(%1/%2) attempts").arg(attempts).arg(MAX_ATTEMPTS) << ", preform portal prelogin at " << preloginUrl;
+    LOGI << QString("(%1/%2) attempts").arg(attempts).arg(MAX_ATTEMPTS) << ", perform portal prelogin at " << preloginUrl;
 
     QNetworkReply *reply = createRequest(preloginUrl);
     connect(reply, &QNetworkReply::finished, this, &PortalAuthenticator::onPreloginFinished);
@@ -118,7 +118,7 @@ void PortalAuthenticator::samlAuth()
 {
     LOGI << "Trying to perform SAML login with saml-method " << preloginResponse.samlMethod();
 
-    auto *loginWindow = new SAMLLoginWindow;
+    auto *loginWindow = new SAMLLoginWindow(this->portal);
 
     connect(loginWindow, &SAMLLoginWindow::success, [this, loginWindow](const QMap<QString, QString> samlResult) {
         this->onSAMLLoginSuccess(samlResult);

GPClient/portalconfigresponse.cpp

@@ -172,4 +172,3 @@ void PortalConfigResponse::setPrelogonUserAuthCookie(const QString cookie)
 {
     m_prelogonAuthCookie = cookie;
 }
-

GPClient/samlloginwindow.cpp

@@ -4,9 +4,10 @@
 #include <QWebEngineCookieStore>
 #include <plog/Log.h>
 
+#include "INIReader.h"
 #include "samlloginwindow.h"
 
-SAMLLoginWindow::SAMLLoginWindow(QWidget *parent)
+SAMLLoginWindow::SAMLLoginWindow(QString portal, QWidget *parent)
     : QDialog(parent)
     , webView(new EnhancedWebView(this))
 {
@@ -23,6 +24,9 @@ SAMLLoginWindow::SAMLLoginWindow(QWidget *parent)
     connect(webView, &EnhancedWebView::responseReceived, this, &SAMLLoginWindow::onResponseReceived);
     connect(webView, &EnhancedWebView::loadFinished, this, &SAMLLoginWindow::onLoadFinished);
 
+    // Portal
+    this->portal = portal;
+
     // Show the login window automatically when exceeds the MAX_WAIT_TIME
     QTimer::singleShot(MAX_WAIT_TIME, this, [this]() {
         if (failed) {
@@ -108,6 +112,9 @@ void SAMLLoginWindow::onLoadFinished()
 {
      LOGI << "Load finished " << webView->page()->url().toString();
      webView->page()->toHtml([this] (const QString &html) { this->handleHtml(html); });
+     QMap<QString, QString> credentials = this->loadCredentials();
+     webView->page()->runJavaScript("document.getElementById('username').value='" + credentials["username"] + "';");
+     webView->page()->runJavaScript("document.getElementById('password').value='" + credentials["password"] + "';");
 }
 
 void SAMLLoginWindow::handleHtml(const QString &html)
@@ -134,3 +141,25 @@ QString SAMLLoginWindow::parseTag(const QString &tag, const QString &html) {
     const QRegularExpression expression(QString("<%1>(.*)</%1>").arg(tag));
     return expression.match(html).captured(1);
 }
+
+QMap<QString, QString> SAMLLoginWindow::loadCredentials()
+{
+    std::string home = getenv("HOME");
+    std::string iniFile = home + "/.gpclient-credentials";
+    INIReader reader(iniFile);
+
+    QMap<QString, QString> credentials;
+    if (reader.ParseError() < 0) {
+        LOGE << "File '" << iniFile << "' not found.";
+        return credentials;
+    }
+
+    if (reader.HasSection(this->portal.toStdString())) {
+        credentials.insert(QString("username"), QString::fromStdString(reader.Get(this->portal.toStdString(), "username", "")));
+        credentials.insert(QString("password"), QString::fromStdString(reader.Get(this->portal.toStdString(), "password", "")));
+    } else {
+        LOGE << "No credentials found for '" << this->portal.toStdString() << "' in '" << iniFile << "'";
+    }
+
+    return credentials;
+}

GPClient/samlloginwindow.h

@@ -12,9 +12,10 @@ class SAMLLoginWindow : public QDialog
     Q_OBJECT
 
 public:
-    explicit SAMLLoginWindow(QWidget *parent = nullptr);
+    explicit SAMLLoginWindow(QString portal, QWidget *parent = nullptr);
 
     void login(const QString samlMethod, const QString samlRequest, const QString preloginUrl);
+    QMap<QString, QString> loadCredentials();
 
 signals:
     void success(QMap<QString, QString> samlResult);
@@ -31,6 +32,7 @@ private:
     bool failed { false };
     EnhancedWebView *webView { nullptr };
     QMap<QString, QString> samlResult;
+    QString portal;
 
     void closeEvent(QCloseEvent *event);
     void handleHtml(const QString &html);

GPService/gpservice.cpp

@@ -34,9 +34,9 @@ GPService::~GPService()
 
 QString GPService::findBinary()
 {
-    for (int i = 0; i < binaryPaths->length(); i++) {
+    for (auto& binaryPath : binaryPaths) {
-        if (QFileInfo::exists(binaryPaths[i])) {
+        if (QFileInfo::exists(binaryPath)) {
-            return binaryPaths[i];
+            return binaryPath;
         }
     }
     return nullptr;
@@ -136,7 +136,7 @@ void GPService::connect(QString server, QString username, QString passwd)
          << "--cookie-on-stdin"
          << server;
 
-    log("Start process with arugments: " + args.join(", "));
+    log("Start process with arguments: " + args.join(", "));
 
     openconnect->start(bin, args);
     openconnect->write((passwd + "\n").toUtf8());

GPService/gpservice.h

@@ -4,14 +4,13 @@
 #include <QtCore/QObject>
 #include <QtCore/QProcess>
 
-static const QString binaryPaths[] {
+static QList<QString> binaryPaths = QList<QString>() <<
-    "/usr/local/bin/openconnect",
+    "/usr/local/bin/openconnect" <<
-    "/usr/local/sbin/openconnect",
+     "/usr/local/sbin/openconnect" <<
-    "/usr/bin/openconnect",
+     "/usr/bin/openconnect" <<
-    "/usr/sbin/openconnect",
+     "/usr/sbin/openconnect" <<
-    "/opt/bin/openconnect",
+     "/opt/bin/openconnect" <<
-    "/opt/sbin/openconnect"
+     "/opt/sbin/openconnect";
-};
 
 class GPService : public QObject
 {

README.md

@@ -23,7 +23,7 @@ A GlobalProtect VPN client (GUI) for Linux based on Openconnect and built with Q
 |OS|Stable version | Development version|
 |---|--------------|--------------------|
 |Linux Mint, Ubuntu 18.04 or later|[ppa:yuezk/globalprotect-openconnect](https://launchpad.net/~yuezk/+archive/ubuntu/globalprotect-openconnect)|[ppa:yuezk/globalprotect-openconnect-snapshot](https://launchpad.net/~yuezk/+archive/ubuntu/globalprotect-openconnect-snapshot)|
-|Arch, Manjaro|[globalprotect-openconnect](https://archlinux.org/packages/community/x86_64/globalprotect-openconnect/)|[AUR: globalprotect-openconnect-git](https://aur.archlinux.org/packages/globalprotect-openconnect-git/)|
+|Arch, Manjaro|[globalprotect-openconnect](https://archlinux.org/packages/extra/x86_64/globalprotect-openconnect/)|[AUR: globalprotect-openconnect-git](https://aur.archlinux.org/packages/globalprotect-openconnect-git/)|
 |Fedora|[copr: yuezk/globalprotect-openconnect](https://copr.fedorainfracloud.org/coprs/yuezk/globalprotect-openconnect/)|[copr: yuezk/globalprotect-openconnect](https://copr.fedorainfracloud.org/coprs/yuezk/globalprotect-openconnect/)|
 |openSUSE, CentOS 8|[OBS: globalprotect-openconnect](https://build.opensuse.org/package/show/home:yuezk/globalprotect-openconnect)|[OBS: globalprotect-openconnect-snapshot](https://build.opensuse.org/package/show/home:yuezk/globalprotect-openconnect-snapshot)|
 
@@ -78,7 +78,8 @@ sudo dnf install globalprotect-openconnect
 - openSUSE Leap
 
   ```sh  
-  sudo zypper ar https://download.opensuse.org/repositories/home:/yuezk/openSUSE_Leap_15.2/home:yuezk.repo
+  sudo zypper ar https://download.opensuse.org/repositories/home:/yuezk/15.4/home:yuezk.repo
+  
   sudo zypper ref
   sudo zypper install globalprotect-openconnect
   ```

cmakew

@@ -36,7 +36,7 @@ fi
 cmake_base="./.cmake"
 cmake_bin="${cmake_base}/cmake-$cmake_version/bin/cmake"
 
-# download cmake if neccessary
+# download cmake if necessary
 if [ ! -f "$cmake_bin" ]; then
     download_link=""
 

debian/changelog

@@ -57,7 +57,7 @@ globalprotect-openconnect (1.4.6-1) unstable; urgency=medium
 
   * Updated VERSION, Bumped 1.4.5 –> 1.4.6
   * feat: display address in gateway menu item
-  * fix: fix bug of parsing the portal respponse
+  * fix: fix bug of parsing the portal response
 
  -- Kevin Yue <k3vinyue@gmail.com>  Wed, 01 Jun 2022 23:55:50 +0800
 
@@ -70,7 +70,7 @@ globalprotect-openconnect (1.4.5-1) unstable; urgency=medium
   * packaging: fix postinst for debian
   * packaging: add postinst for debian
   * test: test debian packaging
-  * ci: fix the foder path
+  * ci: fix the folder path
   * chore: apt -> apt-get
   * ci: verify debian package
   * Revert "Revert "fix: improve the dbus security""

packaging/obs/globalprotect-openconnect.changes

@@ -25,7 +25,7 @@ Sun Jan  8 12:58:32 UTC 2023 - k3vinyue@gmail.com - 1.4.9
   * Credentials autocompleting (secure version) (#179)
   * Read all saved Gateways (for selecting in Systray) (#181)
   * copy install script for debian (#180)
-  * add es and pt support to shange status when connected to vpn (#162)
+  * add es and pt support to change status when connected to vpn (#162)
   * fix: improve the cli support
   * feat: add --reset option to gpclient
 
@@ -59,7 +59,7 @@ Wed Jun  1 15:55:50 UTC 2022 - k3vinyue@gmail.com - 1.4.6
 - Update to 1.4.6
   * Updated VERSION, Bumped 1.4.5 –> 1.4.6
   * feat: display address in gateway menu item
-  * fix: fix bug of parsing the portal respponse
+  * fix: fix bug of parsing the portal response
 
 -------------------------------------------------------------------
 Sun May 29 13:15:40 UTC 2022 - k3vinyue@gmail.com - 1.4.5
@@ -72,7 +72,7 @@ Sun May 29 13:15:40 UTC 2022 - k3vinyue@gmail.com - 1.4.5
   * packaging: fix postinst for debian
   * packaging: add postinst for debian
   * test: test debian packaging
-  * ci: fix the foder path
+  * ci: fix the folder path
   * chore: apt -> apt-get
   * ci: verify debian package
   * Revert "Revert "fix: improve the dbus security""