Remove Shibboleth support

Issue #6451

8 files changed, 0 insertions, 907 deletions

diff --git a/src/gui/creds/credentialsfactory.cpp b/src/gui/creds/credentialsfactory.cpp
deleted file mode 100644
index f9574f096..000000000
--- a/src/gui/creds/credentialsfactory.cpp
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (C) by Krzesimir Nowak <krzesimir@endocode.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <QLoggingCategory>
-#include <QString>
-
-#include "creds/credentialsfactory.h"
-#include "creds/httpcredentialsgui.h"
-#include "creds/dummycredentials.h"
-#ifndef NO_SHIBBOLETH
-#include "creds/shibbolethcredentials.h"
-#endif
-
-namespace OCC {
-
-Q_LOGGING_CATEGORY(lcGuiCredentials, "gui.credentials", QtInfoMsg)
-
-namespace CredentialsFactory {
-
-    AbstractCredentials *create(const QString &type)
-    {
-        // empty string might happen for old version of configuration
-        if (type == "http" || type == "") {
-            return new HttpCredentialsGui;
-        } else if (type == "dummy") {
-            return new DummyCredentials;
-#ifndef NO_SHIBBOLETH
-        } else if (type == "shibboleth") {
-            return new ShibbolethCredentials;
-#endif
-        } else {
-            qCWarning(lcGuiCredentials, "Unknown credentials type: %s", qPrintable(type));
-            return new DummyCredentials;
-        }
-    }
-
-} // ns CredentialsFactory
-
-} // namespace OCC
diff --git a/src/gui/creds/credentialsfactory.h b/src/gui/creds/credentialsfactory.h
deleted file mode 100644
index d346a2f71..000000000
--- a/src/gui/creds/credentialsfactory.h
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright (C) by Krzesimir Nowak <krzesimir@endocode.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef MIRALL_CREDS_CREDENTIALS_FACTORY_H
-#define MIRALL_CREDS_CREDENTIALS_FACTORY_H
-
-#include "owncloudlib.h"
-
-class QString;
-
-namespace OCC {
-class AbstractCredentials;
-
-
-/**
- * @brief The HttpCredentialsGui namespace
- * @ingroup gui
- */
-namespace CredentialsFactory {
-
-    AbstractCredentials *create(const QString &type);
-
-} // ns CredentialsFactory
-
-} // namespace OCC
-
-#endif
diff --git a/src/gui/creds/shibboleth/shibbolethuserjob.cpp b/src/gui/creds/shibboleth/shibbolethuserjob.cpp
deleted file mode 100644
index 24c164b26..000000000
--- a/src/gui/creds/shibboleth/shibbolethuserjob.cpp
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright (C) by Olivier Goffart <ogoffart@owncloud.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "shibbolethuserjob.h"
-#include <account.h>
-
-#include <QJsonDocument>
-#include <QJsonObject>
-#include <QLoggingCategory>
-
-namespace OCC {
-
-Q_DECLARE_LOGGING_CATEGORY(lcShibboleth)
-
-ShibbolethUserJob::ShibbolethUserJob(AccountPtr account, QObject *parent)
-    : JsonApiJob(account, QLatin1String("ocs/v1.php/cloud/user"), parent)
-{
-    setIgnoreCredentialFailure(true);
-    connect(this, &JsonApiJob::jsonReceived, this, &ShibbolethUserJob::slotJsonReceived);
-}
-
-void ShibbolethUserJob::slotJsonReceived(const QJsonDocument &json, int statusCode)
-{
-    if (statusCode != 100) {
-        qCWarning(lcShibboleth) << "JSON Api call resulted in status code != 100";
-    }
-    QString user = json.object().value("ocs").toObject().value("data").toObject().value("id").toString();
-    emit userFetched(user);
-}
-}
diff --git a/src/gui/creds/shibboleth/shibbolethuserjob.h b/src/gui/creds/shibboleth/shibbolethuserjob.h
deleted file mode 100644
index 22706b1c1..000000000
--- a/src/gui/creds/shibboleth/shibbolethuserjob.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright (C) by Olivier Goffart <ogoffart@owncloud.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#pragma once
-
-#include <networkjobs.h>
-
-class QJsonDocument;
-
-namespace OCC {
-
-/**
- * @brief Fetch the user name of the shibboleth connection
- * @ingroup gui
- */
-class ShibbolethUserJob : public JsonApiJob
-{
-    Q_OBJECT
-public:
-    explicit ShibbolethUserJob(AccountPtr account, QObject *parent = 0);
-
-signals:
-    // is always emitted when the job is finished.  user is empty in case of error.
-    void userFetched(const QString &user);
-
-private slots:
-    void slotJsonReceived(const QJsonDocument &, int statusCode);
-};
-
-
-} // namespace OCC
diff --git a/src/gui/creds/shibboleth/shibbolethwebview.cpp b/src/gui/creds/shibboleth/shibbolethwebview.cpp
deleted file mode 100644
index 53fad96fa..000000000
--- a/src/gui/creds/shibboleth/shibbolethwebview.cpp
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * Copyright (C) by Krzesimir Nowak <krzesimir@endocode.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <QApplication>
-#include <QNetworkCookie>
-#include <QNetworkCookieJar>
-#include <QWebFrame>
-#include <QWebPage>
-#include <QMessageBox>
-#include <QNetworkReply>
-#include <QSettings>
-#include <QMainWindow>
-
-#include "creds/shibboleth/shibbolethwebview.h"
-#include "creds/shibbolethcredentials.h"
-#include "account.h"
-#include "logger.h"
-#include "accessmanager.h"
-#include "theme.h"
-#include "configfile.h"
-#include "cookiejar.h"
-
-namespace {
-const char ShibbolethWebViewGeometryC[] = "ShibbolethWebView/Geometry";
-}
-
-namespace OCC {
-
-class UserAgentWebPage : public QWebPage
-{
-public:
-    UserAgentWebPage(QObject *parent)
-        : QWebPage(parent)
-    {
-        if (!qEnvironmentVariableIsEmpty("OWNCLOUD_SHIBBOLETH_DEBUG")) {
-            settings()->setAttribute(QWebSettings::DeveloperExtrasEnabled, true);
-        }
-    }
-    QString userAgentForUrl(const QUrl &url) const
-    {
-        return QWebPage::userAgentForUrl(url) + " " + Utility::userAgentString();
-    }
-};
-
-ShibbolethWebView::ShibbolethWebView(AccountPtr account, QWidget *parent)
-    : QWebView(parent)
-    , _account(account)
-    , _accepted(false)
-    , _cursorOverriden(false)
-{
-    // no minimize
-    setWindowFlags(Qt::Dialog);
-    setAttribute(Qt::WA_DeleteOnClose);
-
-    QWebPage *page = new UserAgentWebPage(this);
-    connect(page, &QWebPage::loadStarted,
-        this, &ShibbolethWebView::slotLoadStarted);
-    connect(page, &QWebPage::loadFinished,
-        this, &ShibbolethWebView::slotLoadFinished);
-
-    // Make sure to accept the same SSL certificate issues as the regular QNAM we use for syncing
-    QObject::connect(page->networkAccessManager(), &QNetworkAccessManager::sslErrors,
-        _account.data(), &Account::slotHandleSslErrors);
-
-    // The Account keeps ownership of the cookie jar, it must outlive this webview.
-    account->lendCookieJarTo(page->networkAccessManager());
-    connect(static_cast<CookieJar *>(page->networkAccessManager()->cookieJar()), &CookieJar::newCookiesForUrl,
-        this, &ShibbolethWebView::onNewCookiesForUrl);
-
-    page->mainFrame()->load(account->url());
-    this->setPage(page);
-    setWindowTitle(tr("%1 - Authenticate").arg(Theme::instance()->appNameGUI()));
-
-    // Debug view to display the cipher suite
-    if (!qEnvironmentVariableIsEmpty("OWNCLOUD_SHIBBOLETH_DEBUG")) {
-        // open an additional window to display some cipher debug info
-        QWebPage *debugPage = new UserAgentWebPage(this);
-        debugPage->mainFrame()->load(QUrl("https://cc.dcsec.uni-hannover.de/"));
-        QWebView *debugView = new QWebView(this);
-        debugView->setPage(debugPage);
-        QMainWindow *window = new QMainWindow(this);
-        window->setWindowTitle(tr("SSL Chipher Debug View"));
-        window->setCentralWidget(debugView);
-        window->show();
-    }
-    // If we have a valid cookie, it's most likely expired. We can use this as
-    // as a criteria to tell the user why the browser window pops up
-    QNetworkCookie shibCookie = ShibbolethCredentials::findShibCookie(_account.data(), ShibbolethCredentials::accountCookies(_account.data()));
-    if (shibCookie != QNetworkCookie()) {
-        Logger::instance()->postOptionalGuiLog(tr("Reauthentication required"), tr("Your session has expired. You need to re-login to continue to use the client."));
-    }
-
-    ConfigFile config;
-    QSettings settings(config.configFile());
-    resize(900, 700); // only effective the first time, later overridden by restoreGeometry
-    restoreGeometry(settings.value(ShibbolethWebViewGeometryC).toByteArray());
-}
-
-ShibbolethWebView::~ShibbolethWebView()
-{
-    ConfigFile config;
-    QSettings settings(config.configFile());
-    settings.setValue(ShibbolethWebViewGeometryC, saveGeometry());
-}
-
-void ShibbolethWebView::onNewCookiesForUrl(const QList<QNetworkCookie> &cookieList, const QUrl &url)
-{
-    if (url.host() == _account->url().host()) {
-        QNetworkCookie shibCookie = ShibbolethCredentials::findShibCookie(_account.data(), cookieList);
-        if (shibCookie != QNetworkCookie()) {
-            Q_EMIT shibbolethCookieReceived(shibCookie);
-            accept();
-            close();
-        }
-    }
-}
-
-void ShibbolethWebView::closeEvent(QCloseEvent *event)
-{
-    if (_cursorOverriden) {
-        QApplication::restoreOverrideCursor();
-    }
-
-    if (!_accepted) {
-        Q_EMIT rejected();
-    }
-    QWebView::closeEvent(event);
-}
-
-void ShibbolethWebView::slotLoadStarted()
-{
-    if (!_cursorOverriden) {
-        QApplication::setOverrideCursor(QCursor(Qt::WaitCursor));
-        _cursorOverriden = true;
-    }
-}
-
-void ShibbolethWebView::slotLoadFinished(bool success)
-{
-    if (_cursorOverriden) {
-        QApplication::restoreOverrideCursor();
-    }
-
-    if (!title().isNull()) {
-        setWindowTitle(QString::fromLatin1("%1 - %2 (%3)").arg(Theme::instance()->appNameGUI(), title(), url().host()));
-    }
-
-    if (!success) {
-        qCWarning(lcShibboleth) << "Could not load Shibboleth login page to log you in.";
-    }
-}
-
-void ShibbolethWebView::accept()
-{
-    _accepted = true;
-}
-
-} // namespace OCC
diff --git a/src/gui/creds/shibboleth/shibbolethwebview.h b/src/gui/creds/shibboleth/shibbolethwebview.h
deleted file mode 100644
index b2b45c1ab..000000000
--- a/src/gui/creds/shibboleth/shibbolethwebview.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright (C) by Krzesimir Nowak <krzesimir@endocode.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef MIRALL_WIZARD_SHIBBOLETH_WEB_VIEW_H
-#define MIRALL_WIZARD_SHIBBOLETH_WEB_VIEW_H
-
-#include "owncloudlib.h"
-#include <QList>
-#include <QPointer>
-#include <QWebView>
-#include "accountfwd.h"
-
-class QNetworkCookie;
-class QUrl;
-
-namespace OCC {
-
-class ShibbolethCookieJar;
-
-/**
- * @brief The ShibbolethWebView class
- * @ingroup gui
- */
-class ShibbolethWebView : public QWebView
-{
-    Q_OBJECT
-
-public:
-    ShibbolethWebView(AccountPtr account, QWidget *parent = 0);
-    ShibbolethWebView(AccountPtr account, ShibbolethCookieJar *jar, QWidget *parent = 0);
-    ~ShibbolethWebView();
-
-    void closeEvent(QCloseEvent *event) Q_DECL_OVERRIDE;
-
-Q_SIGNALS:
-    void shibbolethCookieReceived(const QNetworkCookie &cookie);
-    void rejected();
-
-private Q_SLOTS:
-    void onNewCookiesForUrl(const QList<QNetworkCookie> &cookieList, const QUrl &url);
-    void slotLoadStarted();
-    void slotLoadFinished(bool success);
-
-protected:
-    void accept();
-
-private:
-    void setup(AccountPtr account, ShibbolethCookieJar *jar);
-    AccountPtr _account;
-    bool _accepted;
-    bool _cursorOverriden;
-};
-
-} // namespace OCC
-
-#endif
diff --git a/src/gui/creds/shibbolethcredentials.cpp b/src/gui/creds/shibbolethcredentials.cpp
deleted file mode 100644
index ae15699bb..000000000
--- a/src/gui/creds/shibbolethcredentials.cpp
+++ /dev/null
@@ -1,396 +0,0 @@
-/*
- * Copyright (C) by Krzesimir Nowak <krzesimir@endocode.com>
- * Copyright (C) by Klaas Freitag <freitag@owncloud.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <QSettings>
-#include <QNetworkReply>
-#include <QMessageBox>
-#include <QAuthenticator>
-
-#include "creds/shibbolethcredentials.h"
-#include "creds/shibboleth/shibbolethwebview.h"
-#include "creds/shibbolethcredentials.h"
-#include "shibboleth/shibbolethuserjob.h"
-#include "creds/credentialscommon.h"
-#include "creds/httpcredentialsgui.h"
-
-#include "accessmanager.h"
-#include "account.h"
-#include "configfile.h"
-#include "theme.h"
-#include "cookiejar.h"
-#include "owncloudgui.h"
-#include "syncengine.h"
-
-#include <keychain.h>
-
-using namespace QKeychain;
-
-namespace OCC {
-
-Q_LOGGING_CATEGORY(lcShibboleth, "gui.credentials.shibboleth", QtInfoMsg)
-
-namespace {
-
-    // Not "user" because it has a special meaning for http
-    const char userC[] = "shib_user";
-    const char shibCookieNameC[] = "_shibsession_";
-
-} // ns
-
-ShibbolethCredentials::ShibbolethCredentials()
-    : AbstractCredentials()
-    , _url()
-    , _ready(false)
-    , _stillValid(false)
-    , _browser(0)
-    , _keychainMigration(false)
-{
-}
-
-ShibbolethCredentials::ShibbolethCredentials(const QNetworkCookie &cookie)
-    : _ready(true)
-    , _stillValid(true)
-    , _browser(0)
-    , _shibCookie(cookie)
-    , _keychainMigration(false)
-{
-}
-
-void ShibbolethCredentials::setAccount(Account *account)
-{
-    AbstractCredentials::setAccount(account);
-
-    // This is for existing saved accounts.
-    if (_user.isEmpty()) {
-        _user = _account->credentialSetting(QLatin1String(userC)).toString();
-    }
-
-    // When constructed with a cookie (by the wizard), we usually don't know the
-    // user name yet. Request it now from the server.
-    if (_ready && _user.isEmpty()) {
-        QTimer::singleShot(1234, this, &ShibbolethCredentials::slotFetchUser);
-    }
-}
-
-QString ShibbolethCredentials::authType() const
-{
-    return QString::fromLatin1("shibboleth");
-}
-
-QString ShibbolethCredentials::user() const
-{
-    return _user;
-}
-
-QNetworkAccessManager *ShibbolethCredentials::createQNAM() const
-{
-    QNetworkAccessManager *qnam(new AccessManager);
-    connect(qnam, &QNetworkAccessManager::finished,
-        this, &ShibbolethCredentials::slotReplyFinished);
-    return qnam;
-}
-
-void ShibbolethCredentials::slotReplyFinished(QNetworkReply *r)
-{
-    if (!_browser.isNull()) {
-        return;
-    }
-
-    QVariant target = r->attribute(QNetworkRequest::RedirectionTargetAttribute);
-    if (target.isValid()) {
-        _stillValid = false;
-        // The Login window will be opened in NetworkJob's finished signal
-        qCWarning(lcShibboleth) << "detected redirect, will open Login Window";
-    } else {
-        //_stillValid = true; // gets set when reading from keychain or getting it from browser
-    }
-}
-
-bool ShibbolethCredentials::ready() const
-{
-    return _ready;
-}
-
-void ShibbolethCredentials::fetchFromKeychain()
-{
-    _wasFetched = true;
-
-    if (_user.isEmpty()) {
-        _user = _account->credentialSetting(QLatin1String(userC)).toString();
-    }
-    if (_ready) {
-        Q_EMIT fetched();
-    } else {
-        _url = _account->url();
-        _keychainMigration = false;
-        fetchFromKeychainHelper();
-    }
-}
-
-void ShibbolethCredentials::fetchFromKeychainHelper()
-{
-    ReadPasswordJob *job = new ReadPasswordJob(Theme::instance()->appName());
-    job->setSettings(ConfigFile::settingsWithGroup(Theme::instance()->appName(), job).release());
-    job->setInsecureFallback(false);
-    job->setKey(keychainKey(_url.toString(), user(),
-        _keychainMigration ? QString() : _account->id()));
-    connect(job, &Job::finished, this, &ShibbolethCredentials::slotReadJobDone);
-    job->start();
-}
-
-void ShibbolethCredentials::askFromUser()
-{
-    // First, we do a DetermineAuthTypeJob to make sure that the server is still using shibboleth and did not upgrade to oauth
-    DetermineAuthTypeJob *job = new DetermineAuthTypeJob(_account->sharedFromThis(), this);
-    connect(job, &DetermineAuthTypeJob::authType, [this, job](DetermineAuthTypeJob::AuthType type) {
-        if (type == DetermineAuthTypeJob::Shibboleth) {
-            // Normal case, still shibboleth
-            showLoginWindow();
-        } else if (type == DetermineAuthTypeJob::OAuth) {
-            // Hack: upgrade to oauth
-            auto newCred = new HttpCredentialsGui;
-            job->setParent(0);
-            job->deleteLater();
-            auto account = this->_account;
-            auto user = this->_user;
-            account->setCredentials(newCred); // delete this
-            account->setCredentialSetting(QLatin1String("user"), user);
-            newCred->fetchUser();
-            newCred->askFromUser();
-        } else {
-            // Basic auth or unkown. Since it may be unkown it might be a temporary failure, don't replace the credentials here
-            // Still show the login window in that case not to break the flow.
-            showLoginWindow();
-        }
-
-    });
-    job->start();
-}
-
-bool ShibbolethCredentials::stillValid(QNetworkReply *reply)
-{
-    Q_UNUSED(reply)
-    return _stillValid;
-}
-
-void ShibbolethCredentials::persist()
-{
-    storeShibCookie(_shibCookie);
-    if (!_user.isEmpty()) {
-        _account->setCredentialSetting(QLatin1String(userC), _user);
-    }
-}
-
-void ShibbolethCredentials::invalidateToken()
-{
-    _ready = false;
-
-    CookieJar *jar = static_cast<CookieJar *>(_account->networkAccessManager()->cookieJar());
-
-    // Remove the _shibCookie
-    auto cookies = jar->allCookies();
-    for (auto it = cookies.begin(); it != cookies.end();) {
-        if (it->name() == _shibCookie.name()) {
-            it = cookies.erase(it);
-        } else {
-            ++it;
-        }
-    }
-    jar->setAllCookies(cookies);
-
-    // Clear all other temporary cookies
-    jar->clearSessionCookies();
-    removeShibCookie();
-    _shibCookie = QNetworkCookie();
-}
-
-void ShibbolethCredentials::forgetSensitiveData()
-{
-    invalidateToken();
-}
-
-void ShibbolethCredentials::onShibbolethCookieReceived(const QNetworkCookie &shibCookie)
-{
-    storeShibCookie(shibCookie);
-    _shibCookie = shibCookie;
-    addToCookieJar(shibCookie);
-
-    slotFetchUser();
-}
-
-void ShibbolethCredentials::slotFetchUser()
-{
-    // We must first do a request to webdav so the session is enabled.
-    // (because for some reason we can't access the API without that..  a bug in the server maybe?)
-    EntityExistsJob *job = new EntityExistsJob(_account->sharedFromThis(), _account->davPath(), this);
-    connect(job, &EntityExistsJob::exists, this, &ShibbolethCredentials::slotFetchUserHelper);
-    job->setIgnoreCredentialFailure(true);
-    job->start();
-}
-
-void ShibbolethCredentials::slotFetchUserHelper()
-{
-    ShibbolethUserJob *job = new ShibbolethUserJob(_account->sharedFromThis(), this);
-    connect(job, &ShibbolethUserJob::userFetched, this, &ShibbolethCredentials::slotUserFetched);
-    job->start();
-}
-
-void ShibbolethCredentials::slotUserFetched(const QString &user)
-{
-    if (_user.isEmpty()) {
-        if (user.isEmpty()) {
-            qCWarning(lcShibboleth) << "Failed to fetch the shibboleth user";
-        }
-        _user = user;
-    } else if (user != _user) {
-        qCWarning(lcShibboleth) << "Wrong user: " << user << "!=" << _user;
-        QMessageBox::warning(_browser, tr("Login Error"), tr("You must sign in as user %1").arg(_user));
-        invalidateToken();
-        showLoginWindow();
-        return;
-    }
-
-    _stillValid = true;
-    _ready = true;
-    Q_EMIT asked();
-}
-
-
-void ShibbolethCredentials::slotBrowserRejected()
-{
-    _ready = false;
-    Q_EMIT asked();
-}
-
-void ShibbolethCredentials::slotReadJobDone(QKeychain::Job *job)
-{
-    // If we can't find the credentials at the keys that include the account id,
-    // try to read them from the legacy locations that don't have a account id.
-    if (!_keychainMigration && job->error() == QKeychain::EntryNotFound) {
-        qCWarning(lcShibboleth)
-            << "Could not find keychain entry, attempting to read from legacy location";
-        _keychainMigration = true;
-        fetchFromKeychainHelper();
-        return;
-    }
-
-    if (job->error() == QKeychain::NoError) {
-        ReadPasswordJob *readJob = static_cast<ReadPasswordJob *>(job);
-        delete readJob->settings();
-        QList<QNetworkCookie> cookies = QNetworkCookie::parseCookies(readJob->textData().toUtf8());
-        if (cookies.count() > 0) {
-            _shibCookie = cookies.first();
-            addToCookieJar(_shibCookie);
-        }
-        // access
-        job->setSettings(ConfigFile::settingsWithGroup(Theme::instance()->appName(), job).release());
-
-        _ready = true;
-        _stillValid = true;
-        Q_EMIT fetched();
-    } else {
-        _ready = false;
-        Q_EMIT fetched();
-    }
-
-
-    // If keychain data was read from legacy location, wipe these entries and store new ones
-    if (_keychainMigration && _ready) {
-        persist();
-
-        DeletePasswordJob *job = new DeletePasswordJob(Theme::instance()->appName());
-        job->setSettings(ConfigFile::settingsWithGroup(Theme::instance()->appName(), job).release());
-        job->setKey(keychainKey(_account->url().toString(), user(), QString()));
-        job->start();
-
-        qCWarning(lcShibboleth) << "Migrated old keychain entries";
-    }
-}
-
-void ShibbolethCredentials::showLoginWindow()
-{
-    if (!_browser.isNull()) {
-        ownCloudGui::raiseDialog(_browser);
-        return;
-    }
-
-    CookieJar *jar = static_cast<CookieJar *>(_account->networkAccessManager()->cookieJar());
-    // When opening a new window clear all the session cookie that might keep the user from logging in
-    // (or the session may already be open in the server, and there will not be redirect asking for the
-    // real long term cookie we want to store)
-    jar->clearSessionCookies();
-
-    _browser = new ShibbolethWebView(_account->sharedFromThis());
-    connect(_browser.data(), &ShibbolethWebView::shibbolethCookieReceived,
-        this, &ShibbolethCredentials::onShibbolethCookieReceived, Qt::QueuedConnection);
-    connect(_browser.data(), &ShibbolethWebView::rejected, this, &ShibbolethCredentials::slotBrowserRejected);
-
-    ownCloudGui::raiseDialog(_browser);
-}
-
-QList<QNetworkCookie> ShibbolethCredentials::accountCookies(Account *account)
-{
-    return account->networkAccessManager()->cookieJar()->cookiesForUrl(account->davUrl());
-}
-
-QNetworkCookie ShibbolethCredentials::findShibCookie(Account *account, QList<QNetworkCookie> cookies)
-{
-    if (cookies.isEmpty()) {
-        cookies = accountCookies(account);
-    }
-
-    Q_FOREACH (QNetworkCookie cookie, cookies) {
-        if (cookie.name().startsWith(shibCookieNameC)) {
-            return cookie;
-        }
-    }
-    return QNetworkCookie();
-}
-
-QByteArray ShibbolethCredentials::shibCookieName()
-{
-    return QByteArray(shibCookieNameC);
-}
-
-void ShibbolethCredentials::storeShibCookie(const QNetworkCookie &cookie)
-{
-    WritePasswordJob *job = new WritePasswordJob(Theme::instance()->appName());
-    job->setSettings(ConfigFile::settingsWithGroup(Theme::instance()->appName(), job).release());
-    // we don't really care if it works...
-    //connect(job, SIGNAL(finished(QKeychain::Job*)), SLOT(slotWriteJobDone(QKeychain::Job*)));
-    job->setKey(keychainKey(_account->url().toString(), user(), _account->id()));
-    job->setTextData(QString::fromUtf8(cookie.toRawForm()));
-    job->start();
-}
-
-void ShibbolethCredentials::removeShibCookie()
-{
-    DeletePasswordJob *job = new DeletePasswordJob(Theme::instance()->appName());
-    job->setSettings(ConfigFile::settingsWithGroup(Theme::instance()->appName(), job).release());
-    job->setKey(keychainKey(_account->url().toString(), user(), _account->id()));
-    job->start();
-}
-
-void ShibbolethCredentials::addToCookieJar(const QNetworkCookie &cookie)
-{
-    QList<QNetworkCookie> cookies;
-    cookies << cookie;
-    QNetworkCookieJar *jar = _account->networkAccessManager()->cookieJar();
-    jar->blockSignals(true); // otherwise we'd call ourselves
-    jar->setCookiesFromUrl(cookies, _account->url());
-    jar->blockSignals(false);
-}
-
-} // namespace OCC
diff --git a/src/gui/creds/shibbolethcredentials.h b/src/gui/creds/shibbolethcredentials.h
deleted file mode 100644
index 3ff519a29..000000000
--- a/src/gui/creds/shibbolethcredentials.h
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * Copyright (C) by Krzesimir Nowak <krzesimir@endocode.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef MIRALL_CREDS_SHIBBOLETH_CREDENTIALS_H
-#define MIRALL_CREDS_SHIBBOLETH_CREDENTIALS_H
-
-#include <QList>
-#include <QLoggingCategory>
-#include <QMap>
-#include <QNetworkCookie>
-#include <QUrl>
-#include <QPointer>
-
-#include "creds/abstractcredentials.h"
-
-namespace QKeychain {
-class Job;
-}
-
-class QAuthenticator;
-
-namespace OCC {
-
-Q_DECLARE_LOGGING_CATEGORY(lcShibboleth)
-
-class ShibbolethWebView;
-
-/**
- * @brief The ShibbolethCredentials class
- * @ingroup gui
- */
-class ShibbolethCredentials : public AbstractCredentials
-{
-    Q_OBJECT
-
-public:
-    ShibbolethCredentials();
-
-    /* create credentials for an already connected account */
-    ShibbolethCredentials(const QNetworkCookie &cookie);
-
-    void setAccount(Account *account) Q_DECL_OVERRIDE;
-    QString authType() const Q_DECL_OVERRIDE;
-    QString user() const Q_DECL_OVERRIDE;
-    QNetworkAccessManager *createQNAM() const Q_DECL_OVERRIDE;
-    bool ready() const Q_DECL_OVERRIDE;
-    void fetchFromKeychain() Q_DECL_OVERRIDE;
-    void askFromUser() Q_DECL_OVERRIDE;
-    bool stillValid(QNetworkReply *reply) Q_DECL_OVERRIDE;
-    void persist() Q_DECL_OVERRIDE;
-    void invalidateToken() Q_DECL_OVERRIDE;
-    void forgetSensitiveData() Q_DECL_OVERRIDE;
-
-    void showLoginWindow();
-
-    static QList<QNetworkCookie> accountCookies(Account *);
-    static QNetworkCookie findShibCookie(Account *, QList<QNetworkCookie> cookies = QList<QNetworkCookie>());
-    static QByteArray shibCookieName();
-
-private Q_SLOTS:
-    void onShibbolethCookieReceived(const QNetworkCookie &);
-    void slotBrowserRejected();
-    void slotReadJobDone(QKeychain::Job *);
-    void slotReplyFinished(QNetworkReply *);
-    void slotUserFetched(const QString &user);
-    void slotFetchUser();
-    void slotFetchUserHelper();
-
-Q_SIGNALS:
-    void newCookie(const QNetworkCookie &cookie);
-
-private:
-    void storeShibCookie(const QNetworkCookie &cookie);
-    void removeShibCookie();
-    void addToCookieJar(const QNetworkCookie &cookie);
-
-    /// Reads data from keychain, progressing to slotReadJobDone
-    void fetchFromKeychainHelper();
-
-    QUrl _url;
-    QByteArray prepareCookieData() const;
-
-    bool _ready;
-    bool _stillValid;
-    QPointer<ShibbolethWebView> _browser;
-    QNetworkCookie _shibCookie;
-    QString _user;
-    bool _keychainMigration;
-};
-
-} // namespace OCC
-
-#endif