Hi,

I am trying to implement Google Account Authentication for Installed Apps using the API provided by google.

http://code.google.com/apis/accounts/AuthForInstalledApps.html

One of the requirement for this is to know how to make HTTPS POST requests and handle responses.

Is there a Qt way to do this?

Thanks a lot.

QHttp::post() or QHttp::request()

Thanks for your reply.

The Qt Assistant doesn't talk anything about Https and therefore I got the doubt.

"s" stands for "secure", you need an SSL layer to have https. In Qt3 you can use a Qt Cryptographic Architecture (QCA - see our links section) or QtSSLSocket - a Qt Solution from Trolltech. With Qt4 you can use the Qt Solution as well. Alternatively you'll need to provide your own SSL layer implementation. The application layer (HTTP) remains the same.

"s" stands for "secure", you need an SSL layer to have https.

I am aware of that.


In Qt3 you can use a Qt Cryptographic Architecture (QCA - see our links section) or QtSSLSocket - a Qt Solution from Trolltech. With Qt4 you can use the Qt Solution as well.

oh, I thought Qt does that. Thanks for clarifying it.


Alternatively you'll need to provide your own SSL layer implementation.

openSSL will do, rite?

Thanks a lot

oh, I thought Qt does that.
Not out of the box.


openSSL will do, rite?
Yes, but you need to implement a layer which you can use to wrap Qt sockets into. That's essentially what QtSSLSocket does, but you have to pay for it.

I found this python code which does not perform any kind of encryption




import re, httplib2

h = httplib2.Http()
auth_uri = 'https://www.google.com/accounts/ClientLogin'
headers = {'Content-Type': 'application/x-www-form-urlencoded'}
myrequest =
"Email=YOUR_GMAIL_ADDRESS&Passwd=GMAIL_PASSWORD&service=blogger&service=Whatever-TestApp-0.0"
response, content = h.request(auth_uri, 'POST', body=myrequest,
headers=headers)

# Extract the auth token from the returned content, and print it to
stdout.
print re.search('Auth=(\S*)', content).group(1)



There is also similar perl code which does not perform any encryption.

Will the correspoding Qt code work or will I still need to encrypt the data and then send ?

I would be greatful to you if can explain this to me like I am a 4 year old kid, with some example.

Thanks a lot.

How do you know the code doesn't perform encryption? Maybe the library does that transparently? You could just post a regular http request and see what happens...

This is what I did




connect(&http,SIGNAL(done(bool)),this,SLOT(httpDone(bool))) ;
connect(&http,SIGNAL(readyRead(const QHttpResponseHeader &)),this,SLOT(readyRead(const QHttpResponseHeader &)));

http.setHost("www.google.com");

QString str = "Email=somename@gmail.com&Passwd=somepassword"
"&service=cl&source=Gulp-CalGulp-1.05";
QHttpRequestHeader header( "POST", "/accounts/ClientLogin") ;
header.setValue("Host", "https://www.google.com") ;
header.setContentType( "application/x-www-form-urlencoded" ) ;
http.request(header,QVariant(str).toByteArray());






void UpdateChecker::readyRead(const QHttpResponseHeader &header)
{
//QString str = header.reasonPhrase();
result = QString(http.readAll().data());
}



I got result as




<HTML>
<HEAD>
<TITLE>Moved Temporarily</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Temporarily</H1>
The document has moved <A HREF="https://https/accounts/ClientLogin">here</A>.
</BODY>
</HTML>



Probably Qt itself is generating this.

Can you please give me some minimal example on how I encrypt the data and send ?

Thanks a lot.

I did one more experiment. Here it is




<html>
<body>
<form action="https://www.google.com/accounts/ClientLogin" method="post">

<input type="hidden" name="service" value="cl" />
<input type="hidden" name="source" value="some-app-1.0" />

Email :
<input type="text" name="Email" />
<br/>
Password:
<input type="password" name="Passwd" />
<br/>
<input type="submit" name="Submit" value="Login">

</form>
</body>
</html>



The response to this was what google sends and this code works correctly.

Isn't this similar to the code above?

Maybe I have got the basics itself wrong.

Please help.
Thanks a lot

The problem is that QHttp doesn't handle https (SSL). Without introducing the SSL layer you won't be able to send a https request.