Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package qt6-networkauth for openSUSE:Factory
checked in at 2026-05-28 17:24:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/qt6-networkauth (Old)
and /work/SRC/openSUSE:Factory/.qt6-networkauth.new.1937 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "qt6-networkauth"
Thu May 28 17:24:53 2026 rev:42 rq:1355427 version:6.11.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/qt6-networkauth/qt6-networkauth.changes
2026-03-28 20:13:03.884713871 +0100
+++
/work/SRC/openSUSE:Factory/.qt6-networkauth.new.1937/qt6-networkauth.changes
2026-05-28 17:25:41.336613916 +0200
@@ -1,0 +2,6 @@
+Thu May 14 14:55:14 UTC 2026 - Christophe Marin <[email protected]>
+
+- Update to 6.11.1
+ https://www.qt.io/blog/qt-6.11.1-released
+
+-------------------------------------------------------------------
Old:
----
qtnetworkauth-everywhere-src-6.11.0.tar.xz
New:
----
qtnetworkauth-everywhere-src-6.11.1.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ qt6-networkauth.spec ++++++
--- /var/tmp/diff_new_pack.YYM1wG/_old 2026-05-28 17:25:42.116646204 +0200
+++ /var/tmp/diff_new_pack.YYM1wG/_new 2026-05-28 17:25:42.120646369 +0200
@@ -16,7 +16,7 @@
#
-%define real_version 6.11.0
+%define real_version 6.11.1
%define short_version 6.11
%define short_name qtnetworkauth
%define tar_name qtnetworkauth-everywhere-src
@@ -28,7 +28,7 @@
%endif
#
Name: qt6-networkauth%{?pkg_suffix}
-Version: 6.11.0
+Version: 6.11.1
Release: 0
Summary: Set of APIs to obtain limited access to online accounts and
HTTP services
License: GPL-3.0-only WITH Qt-GPL-exception-1.0
++++++ qtnetworkauth-everywhere-src-6.11.0.tar.xz ->
qtnetworkauth-everywhere-src-6.11.1.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/qtnetworkauth-everywhere-src-6.11.0/.cmake.conf
new/qtnetworkauth-everywhere-src-6.11.1/.cmake.conf
--- old/qtnetworkauth-everywhere-src-6.11.0/.cmake.conf 2026-03-09
10:39:33.000000000 +0100
+++ new/qtnetworkauth-everywhere-src-6.11.1/.cmake.conf 2026-05-07
21:59:28.000000000 +0200
@@ -1,8 +1,9 @@
-set(QT_REPO_MODULE_VERSION "6.11.0")
+set(QT_REPO_MODULE_VERSION "6.11.1")
set(QT_REPO_MODULE_PRERELEASE_VERSION_SEGMENT "alpha1")
set(QT_EXTRA_INTERNAL_TARGET_DEFINES
- "QT_NO_CONTEXTLESS_CONNECT=1"
- "QT_NO_FOREACH=1"
- "QT_NO_QASCONST=1"
- "QT_NO_URL_CAST_FROM_STRING=1"
+ "QT_ENABLE_STRICT_MODE_UP_TO=QT_VERSION_CHECK(6,11,0)"
+ # not yet in strict mode:
+ "QT_LEAN_HEADERS=2"
+ "QT_NO_SINGLE_ARGUMENT_QHASH_OVERLOAD=1"
+ "QT_NO_QPAIR=1"
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/qtnetworkauth-everywhere-src-6.11.0/.tag
new/qtnetworkauth-everywhere-src-6.11.1/.tag
--- old/qtnetworkauth-everywhere-src-6.11.0/.tag 2026-03-09
10:39:33.000000000 +0100
+++ new/qtnetworkauth-everywhere-src-6.11.1/.tag 2026-05-07
21:59:28.000000000 +0200
@@ -1 +1 @@
-4af2f29b09c0e6e80bb99fb2360a8c9395ee3a1d
+a804d2581006e827c8966b7514f98e0bfc599b02
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/qtnetworkauth-everywhere-src-6.11.0/dependencies.yaml
new/qtnetworkauth-everywhere-src-6.11.1/dependencies.yaml
--- old/qtnetworkauth-everywhere-src-6.11.0/dependencies.yaml 2026-03-09
10:39:33.000000000 +0100
+++ new/qtnetworkauth-everywhere-src-6.11.1/dependencies.yaml 2026-05-07
21:59:28.000000000 +0200
@@ -1,4 +1,4 @@
dependencies:
../qtbase:
- ref: 8ba7ea4b77a4b8f1948760221e264917ddc9e1c8
+ ref: 59c81a3c2247b821b9b84b4eb8d939b77e07e276
required: true
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/qtnetworkauth-everywhere-src-6.11.0/qt_cmdline.cmake
new/qtnetworkauth-everywhere-src-6.11.1/qt_cmdline.cmake
--- old/qtnetworkauth-everywhere-src-6.11.0/qt_cmdline.cmake 1970-01-01
01:00:00.000000000 +0100
+++ new/qtnetworkauth-everywhere-src-6.11.1/qt_cmdline.cmake 2026-05-07
21:59:28.000000000 +0200
@@ -0,0 +1,4 @@
+# Copyright (C) 2026 The Qt Company Ltd.
+# SPDX-License-Identifier: BSD-3-Clause
+
+qt_commandline_subconfig(src/oauth)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qabstractoauth2.cpp
new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qabstractoauth2.cpp
--- old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qabstractoauth2.cpp
2026-03-09 10:39:33.000000000 +0100
+++ new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qabstractoauth2.cpp
2026-05-07 21:59:28.000000000 +0200
@@ -728,17 +728,25 @@
#endif
}
- // An id_token must be included if this was an OIDC request
+ // An id_token must be included if this was an OIDC request and the server
granted it.
// https://openid.net/specs/openid-connect-core-1_0-final.html#AuthRequest
(cf. 'scope')
//
https://openid.net/specs/openid-connect-core-1_0-final.html#TokenResponse
+ //
+ // However token refresh responses 'might not' contain an id_token
+ //
https://openid.net/specs/openid-connect-core-1_0-final.html#RefreshTokenResponse
const QString receivedIdToken =
values.value(QtOAuth2RfcKeywords::idToken).toString();
- if (grantedScopeTokens.contains("openid") && receivedIdToken.isEmpty()) {
+ if (requestedScopeTokens.contains("openid") &&
grantedScopeTokens.contains("openid")
+ && receivedIdToken.isEmpty() && status !=
QAbstractOAuth::Status::RefreshingToken) {
setIdToken({});
_q_tokenRequestFailed(QAbstractOAuth::Error::OAuthTokenNotFoundError,
- "ID token not received"_L1);
+ "'openid' scope requested and granted but ID
token not received"_L1);
return;
}
- setIdToken(receivedIdToken);
+
+ // Update the id_token. However if we were refreshing tokens and didn't
receive a new
+ // id_token, keep the original
+ if (status != QAbstractOAuth::Status::RefreshingToken ||
!receivedIdToken.isEmpty())
+ setIdToken(receivedIdToken);
if (tokenLifetime > 0)
setExpiresAt(QDateTime::currentDateTimeUtc().addSecs(tokenLifetime));
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qabstractoauth2_p.h
new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qabstractoauth2_p.h
--- old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qabstractoauth2_p.h
2026-03-09 10:39:33.000000000 +0100
+++ new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qabstractoauth2_p.h
2026-05-07 21:59:28.000000000 +0200
@@ -23,12 +23,18 @@
#include <QtNetworkAuth/qoauthglobal.h>
#include <QtNetworkAuth/qabstractoauth2.h>
+#include <QtCore/qbytearray.h>
#include <QtCore/qchronotimer.h>
+#include <QtCore/qdatetime.h>
#include <QtCore/qurl.h>
+#include <QtCore/qset.h>
#include <QtCore/qstring.h>
#include <QtCore/qpointer.h>
#include <QtNetwork/qnetworkreply.h>
+#ifndef QT_NO_SSL
+#include <QtNetwork/qsslconfiguration.h>
+#endif
#include <utility>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qoauth1.cpp
new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qoauth1.cpp
--- old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qoauth1.cpp
2026-03-09 10:39:33.000000000 +0100
+++ new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qoauth1.cpp
2026-05-07 21:59:28.000000000 +0200
@@ -862,8 +862,9 @@
return;
}
- QMetaObject::Connection connection;
- connection = connect(this, &QAbstractOAuth::statusChanged, this,
[&](Status status) {
+ auto connection = std::make_shared<QMetaObject::Connection>();
+ *connection = connect(this, &QAbstractOAuth::statusChanged, this,
+ [this, connection](Status status) {
Q_D(QOAuth1);
if (status == Status::TemporaryCredentialsReceived) {
@@ -885,7 +886,7 @@
} else if (status == Status::NotAuthenticated) {
// Inherit class called
QAbstractOAuth::setStatus(Status::NotAuthenticated);
setTokenCredentials(QString(), QString());
- disconnect(connection);
+ disconnect(*connection);
}
});
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qoauth1signature.h
new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qoauth1signature.h
--- old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qoauth1signature.h
2026-03-09 10:39:33.000000000 +0100
+++ new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qoauth1signature.h
2026-05-07 21:59:28.000000000 +0200
@@ -8,6 +8,7 @@
#ifndef QT_NO_HTTP
+#include <QtCore/qmap.h>
#include <QtCore/qurl.h>
#include <QtCore/qvariant.h>
#include <QtCore/qshareddata.h>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qoauthhttpserverreplyhandler_p.h
new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qoauthhttpserverreplyhandler_p.h
---
old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qoauthhttpserverreplyhandler_p.h
2026-03-09 10:39:33.000000000 +0100
+++
new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qoauthhttpserverreplyhandler_p.h
2026-05-07 21:59:28.000000000 +0200
@@ -23,6 +23,11 @@
#include <QtNetwork/qhostaddress.h>
#include <QtNetwork/qtcpserver.h>
+#include <QtCore/qbytearray.h>
+#include <QtCore/qhash.h>
+#include <QtCore/qmap.h>
+#include <QtCore/qurl.h>
+
#include <utility>
QT_BEGIN_NAMESPACE
@@ -83,7 +88,7 @@
QMap<QByteArray, QByteArray> headers;
};
- QMap<QTcpSocket *, QHttpRequest> clients;
+ QHash<QTcpSocket *, QHttpRequest> clients;
QOAuthHttpServerReplyHandler *q_ptr;
};
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qoauthurischemereplyhandler.cpp
new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qoauthurischemereplyhandler.cpp
---
old/qtnetworkauth-everywhere-src-6.11.0/src/oauth/qoauthurischemereplyhandler.cpp
2026-03-09 10:39:33.000000000 +0100
+++
new/qtnetworkauth-everywhere-src-6.11.1/src/oauth/qoauthurischemereplyhandler.cpp
2026-05-07 21:59:28.000000000 +0200
@@ -143,7 +143,7 @@
(\c apple-app-site-association)
\endlist
- \section2 \l {Qt for Windows}{Windows}, \l {Qt for Linux/X11}{Linux}
+ \section2 \l {Qt for Windows}{Windows}, \l {Qt for Linux}{Linux}
Currently not supported. However platforms and use cases supporting
\l {Qt WebEngine Platform Notes}{Qt WebEngine} can still use this reply
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/qtnetworkauth-everywhere-src-6.11.0/tests/auto/oauth2codeflow/tst_oauth2codeflow.cpp
new/qtnetworkauth-everywhere-src-6.11.1/tests/auto/oauth2codeflow/tst_oauth2codeflow.cpp
---
old/qtnetworkauth-everywhere-src-6.11.0/tests/auto/oauth2codeflow/tst_oauth2codeflow.cpp
2026-03-09 10:39:33.000000000 +0100
+++
new/qtnetworkauth-everywhere-src-6.11.1/tests/auto/oauth2codeflow/tst_oauth2codeflow.cpp
2026-05-07 21:59:28.000000000 +0200
@@ -821,6 +821,30 @@
QVERIFY(idTokenSpy.isEmpty());
QVERIFY(oauth2.idToken().isEmpty());
+ // Test granted openid scope when none was requested (QTBUG-145561), first
test:
+ // - 'openid' scope not requested by client but
+ // - 'openid' scope is granted by server and
+ // - 'id_token' not provided by server
+ oauth2.setRequestedScopeTokens({"read"});
+ oauth2.grant();
+ replyHandler.emitCallbackReceived({{"code"_L1, "acode"_L1}, {"state"_L1,
"a_state"_L1}});
+ replyHandler.emitTokensReceived({{"access_token"_L1, "at"_L1},
{"scope"_L1, "read openid"_L1}});
+ QTRY_COMPARE(oauth2.status(), QAbstractOAuth::Status::Granted);
+ QVERIFY(idTokenSpy.isEmpty());
+ QVERIFY(oauth2.idToken().isEmpty());
+ // - 'openid' scope not requested by client but
+ // - 'openid' scope is granted by server and
+ // - 'id_token' is provided by server
+ oauth2.setRequestedScopeTokens({"read"});
+ oauth2.grant();
+ replyHandler.emitCallbackReceived({{"code"_L1, "acode"_L1}, {"state"_L1,
"a_state"_L1}});
+ replyHandler.emitTokensReceived({{"access_token"_L1, "at"_L1},
{"scope"_L1, "read openid"_L1},
+ {"id_token"_L1,
"unsolicited_id_token"_L1}});
+ QTRY_COMPARE(oauth2.status(), QAbstractOAuth::Status::Granted);
+ QVERIFY(!idTokenSpy.isEmpty());
+ QCOMPARE(oauth2.idToken(), "unsolicited_id_token"_L1);
+ idTokenSpy.clear();
+
// Test with openid
// Note: using a proper JWT or setting the matching 'nonce' is not
required for this tests
// purpose as we don't currently validate the received token, but no harm
in being thorough
@@ -833,10 +857,28 @@
QCOMPARE(oauth2.idToken(), idToken);
QCOMPARE(idTokenSpy.size(), 1);
QCOMPARE(idTokenSpy.at(0).at(0).toByteArray(), idToken);
+ idTokenSpy.clear();
+
+ // Providing an id_token is not mandatory when refreshing tokens. Test
first with the id_token
+ oauth2.setRefreshToken("refresh_token"_L1);
+ oauth2.refreshTokens();
+ QTRY_COMPARE(oauth2.status(), QAbstractOAuth::Status::RefreshingToken);
+ replyHandler.emitTokensReceived({{"access_token"_L1, "at"_L1},
{"id_token"_L1, "fresh_id"}});
+ QCOMPARE(oauth2.status(), QAbstractOAuth::Status::Granted);
+ QCOMPARE(idTokenSpy.size(), 1);
+ QCOMPARE(oauth2.idToken(), "fresh_id"_L1);
+ // Test without providing id_token (also must not clear the pre-existing
id_token)
+ oauth2.refreshTokens();
+ QTRY_COMPARE(oauth2.status(), QAbstractOAuth::Status::RefreshingToken);
+ replyHandler.emitTokensReceived({{"access_token"_L1, "at"_L1}});
+ QCOMPARE(oauth2.status(), QAbstractOAuth::Status::Granted);
+ QCOMPARE(idTokenSpy.size(), 1);
+ QCOMPARE(oauth2.idToken(), "fresh_id"_L1);
// Test missing id_token error
QVERIFY(requestFailedSpy.isEmpty());
- const QRegularExpression tokenWarning{"Token request failed: \"ID token
not received\""};
+ const QRegularExpression tokenWarning{
+ "Token request failed: \"'openid' scope requested and granted but ID
token not received\""};
QTest::ignoreMessage(QtWarningMsg, tokenWarning);
oauth2.grant();
replyHandler.emitCallbackReceived({{"code"_L1, "acode"_L1}, {"state"_L1,
"a_state"_L1}});
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/qtnetworkauth-everywhere-src-6.11.0/tests/auto/oauthhttpserverreplyhandler/tst_oauthhttpserverreplyhandler.cpp
new/qtnetworkauth-everywhere-src-6.11.1/tests/auto/oauthhttpserverreplyhandler/tst_oauthhttpserverreplyhandler.cpp
---
old/qtnetworkauth-everywhere-src-6.11.0/tests/auto/oauthhttpserverreplyhandler/tst_oauthhttpserverreplyhandler.cpp
2026-03-09 10:39:33.000000000 +0100
+++
new/qtnetworkauth-everywhere-src-6.11.1/tests/auto/oauthhttpserverreplyhandler/tst_oauthhttpserverreplyhandler.cpp
2026-05-07 21:59:28.000000000 +0200
@@ -282,8 +282,9 @@
if (!success) {
QByteArray httpUri = callback.toEncoded(QUrl::RemoveScheme |
QUrl::RemoveAuthority | QUrl::RemoveFragment);
- QTest::ignoreMessage(QtWarningMsg, "Invalid request: " + httpUri);
- QTest::ignoreMessage(QtWarningMsg, "Invalid request: " + httpUri);
+ const QByteArray msg = "Invalid request: " + httpUri;
+ for (int i = 0; i < 2; ++i) // emitted more than once
+ QTest::ignoreMessage(QtWarningMsg, msg.data());
}
QTestEventLoop::instance().enterLoop(Timeout);
QCOMPARE(count > 0, success);
@@ -385,7 +386,8 @@
connect(&socket, &QTcpSocket::disconnected, &QTestEventLoop::instance(),
&QTestEventLoop::exitLoop);
- QTest::ignoreMessage(QtWarningMsg, "Invalid request: " +
uri.toLocal8Bit());
+ QTest::ignoreMessage(QtWarningMsg,
+ QByteArray{"Invalid request: " +
uri.toLocal8Bit()}.constData());
QTest::ignoreMessage(QtWarningMsg, "Invalid URL");
QTestEventLoop::instance().enterLoop(Timeout);
