| author | Michael Krelin <hacker@klever.net> | 2008-02-04 22:39:59 (UTC) |
|---|---|---|
| committer | Michael Krelin <hacker@klever.net> | 2008-02-04 22:39:59 (UTC) |
| commit | 9163a26ec8839a31df888920418280a62ebc5595 (patch) (unidiff) | |
| tree | 55339b4ecf0a3f24817eb5cc1b0b24f831ac895b | |
| parent | c0eeee1cfd41d0f5f6ff6ac3d6fe021421376a69 (diff) | |
| download | libopkele-9163a26ec8839a31df888920418280a62ebc5595.zip libopkele-9163a26ec8839a31df888920418280a62ebc5595.tar.gz libopkele-9163a26ec8839a31df888920418280a62ebc5595.tar.bz2 | |
reworked extensions framework
* changed {checkid,id_res}_hook to {rp,op}_{checkid,id_res}_hook
* deprecated older hooks, although implemented it in sreg and chain extensions
* added extension processing to basic_op
* added sreg to test OP
Signed-off-by: Michael Krelin <hacker@klever.net>
| -rw-r--r-- | include/opkele/basic_op.h | 3 | ||||
| -rw-r--r-- | include/opkele/extension.h | 49 | ||||
| -rw-r--r-- | include/opkele/extension_chain.h | 6 | ||||
| -rw-r--r-- | include/opkele/sreg.h | 31 | ||||
| -rw-r--r-- | lib/basic_op.cc | 5 | ||||
| -rw-r--r-- | lib/basic_rp.cc | 4 | ||||
| -rw-r--r-- | lib/extension.cc | 25 | ||||
| -rw-r--r-- | lib/extension_chain.cc | 27 | ||||
| -rw-r--r-- | lib/sreg.cc | 28 | ||||
| -rw-r--r-- | test/OP.cc | 10 |
10 files changed, 121 insertions, 67 deletions
diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h index 7f4e481..5bba1bf 100644 --- a/include/opkele/basic_op.h +++ b/include/opkele/basic_op.h | |||
| @@ -42,3 +42,4 @@ namespace opkele { | |||
| 42 | void checkid_(const basic_openid_message& inm,extension_t *ext=0); | 42 | void checkid_(const basic_openid_message& inm,extension_t *ext=0); |
| 43 | basic_openid_message& id_res(basic_openid_message& om); | 43 | basic_openid_message& id_res(basic_openid_message& om, |
| 44 | extension_t *ext=0); | ||
| 44 | basic_openid_message& cancel(basic_openid_message& om); | 45 | basic_openid_message& cancel(basic_openid_message& om); |
diff --git a/include/opkele/extension.h b/include/opkele/extension.h index 3ee25ee..37bcb90 100644 --- a/include/opkele/extension.h +++ b/include/opkele/extension.h | |||
| @@ -8,2 +8,3 @@ | |||
| 8 | 8 | ||
| 9 | #include <opkele/opkele-config.h> | ||
| 9 | #include <opkele/types.h> | 10 | #include <opkele/types.h> |
| @@ -21,35 +22,29 @@ namespace opkele { | |||
| 21 | /** | 22 | /** |
| 22 | * hook called by consumer before submitting data to OpenID server. | 23 | * hook called by RP before submitting the message to OP. |
| 23 | * It is supposed to manipulate parameters list. | 24 | * @param om openid message to be submit |
| 24 | * @param p parameters about to be submitted to server | ||
| 25 | * @param identity identity being verified. It may differ from the | ||
| 26 | * one available in parameters list in case of delegation | ||
| 27 | * @see consumer_t::checkid_ | ||
| 28 | * @see consumer_t::checkid_immediate | ||
| 29 | * @see consumer_t::checkid_setup | ||
| 30 | */ | 25 | */ |
| 31 | virtual void checkid_hook(basic_openid_message& om); | 26 | virtual void rp_checkid_hook(basic_openid_message& om); |
| 27 | |||
| 32 | /** | 28 | /** |
| 33 | * hook called by consumer after identity information received from | 29 | * hook called by RP after verifying information received from OP. |
| 34 | * OpenID server is verified. | 30 | * @param om openid message received |
| 35 | * @param p parameters received from server | 31 | * @param sp signed part of the message |
| 36 | * @param sp signed parameters received from server with 'openid.' | ||
| 37 | * leader stripped | ||
| 38 | * @param identity identity confirmed. May differ from the one | ||
| 39 | * available in parameters list in case of delegation. May also be | ||
| 40 | * empty which means - extract one from parameters | ||
| 41 | * @see consumer_t::id_res | ||
| 42 | */ | 32 | */ |
| 43 | virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp); | 33 | virtual void rp_id_res_hook(const basic_openid_message& om, |
| 34 | const basic_openid_message& sp); | ||
| 44 | 35 | ||
| 45 | /** | 36 | /** |
| 46 | * hook called by server before returning information to consumer. | 37 | * hook called by OP after parsing incoming message |
| 47 | * The hook may manipulate output parameters. It is important to | 38 | * @param inm message received from RP |
| 48 | * note that modified pout["signed"] is used for signing response. | 39 | */ |
| 49 | * @param pin request parameters list with "openid." prefix | 40 | virtual void op_checkid_hook(const basic_openid_message& inm); |
| 50 | * @param pout response parameters list without "openid." prefix | 41 | /** |
| 51 | * @see server_t::checkid_ | 42 | * hook called by OP before signing the reply to RP |
| 52 | * @see server_t::checkid_immediate | 43 | * @param oum message to be sent to RP |
| 53 | * @see server_t::checkid_setup | ||
| 54 | */ | 44 | */ |
| 45 | virtual void op_id_res_hook(basic_openid_message& oum); | ||
| 46 | |||
| 47 | virtual void checkid_hook(basic_openid_message& om) OPKELE_DEPRECATE; | ||
| 48 | virtual void id_res_hook(const basic_openid_message& om, | ||
| 49 | const basic_openid_message& sp) OPKELE_DEPRECATE; | ||
| 55 | virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum); | 50 | virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum); |
diff --git a/include/opkele/extension_chain.h b/include/opkele/extension_chain.h index fb9bc84..9692934 100644 --- a/include/opkele/extension_chain.h +++ b/include/opkele/extension_chain.h | |||
| @@ -30,2 +30,8 @@ namespace opkele { | |||
| 30 | 30 | ||
| 31 | virtual void rp_checkid_hook(basic_openid_message& om); | ||
| 32 | virtual void rp_id_res_hook(const basic_openid_message& om, | ||
| 33 | const basic_openid_message& sp); | ||
| 34 | virtual void op_checkid_hook(const basic_openid_message& inm); | ||
| 35 | virtual void op_id_res_hook(basic_openid_message& oum); | ||
| 36 | |||
| 31 | virtual void checkid_hook(basic_openid_message& om); | 37 | virtual void checkid_hook(basic_openid_message& om); |
diff --git a/include/opkele/sreg.h b/include/opkele/sreg.h index 24cb315..513e221 100644 --- a/include/opkele/sreg.h +++ b/include/opkele/sreg.h | |||
| @@ -137,14 +137,13 @@ namespace opkele { | |||
| 137 | 137 | ||
| 138 | /** | 138 | virtual void rp_checkid_hook(basic_openid_message& om); |
| 139 | * Implementation of consumer's checkid hook | 139 | virtual void rp_id_res_hook(const basic_openid_message& om, |
| 140 | */ | 140 | const basic_openid_message& sp); |
| 141 | virtual void op_checkid_hook(const basic_openid_message& inm); | ||
| 142 | virtual void op_id_res_hook(basic_openid_message& oum); | ||
| 143 | |||
| 141 | virtual void checkid_hook(basic_openid_message& om); | 144 | virtual void checkid_hook(basic_openid_message& om); |
| 142 | /** | 145 | virtual void id_res_hook(const basic_openid_message& om, |
| 143 | * Implementation of consumer's id_res hook | 146 | const basic_openid_message& sp); |
| 144 | */ | 147 | virtual void checkid_hook(const basic_openid_message& inm, |
| 145 | virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp); | 148 | basic_openid_message& oum); |
| 146 | /** | ||
| 147 | * Implementation of server's checkid_hook | ||
| 148 | */ | ||
| 149 | virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum); | ||
| 150 | 149 | ||
| @@ -193,7 +192,9 @@ namespace opkele { | |||
| 193 | * @see fields_response | 192 | * @see fields_response |
| 194 | * @param pin input request parameters with "openid." prefix | 193 | * @param inm incoming openid message |
| 195 | * @param pout output request parameters without "openid." prefix. | 194 | * @param oum outgoing openid message |
| 196 | * @see checkid_hook(const params_t&,params_t&) | ||
| 197 | */ | 195 | */ |
| 198 | virtual void setup_response(const basic_openid_message& inm,basic_openid_message& oum); | 196 | virtual void setup_response(const basic_openid_message& inm, |
| 197 | basic_openid_message& oum); | ||
| 198 | |||
| 199 | virtual void setup_response(); | ||
| 199 | 200 | ||
diff --git a/lib/basic_op.cc b/lib/basic_op.cc index c89d1d7..9e2ea5a 100644 --- a/lib/basic_op.cc +++ b/lib/basic_op.cc | |||
| @@ -195,5 +195,7 @@ namespace opkele { | |||
| 195 | verify_return_to(); | 195 | verify_return_to(); |
| 196 | if(ext) ext->op_checkid_hook(inm); | ||
| 196 | } | 197 | } |
| 197 | 198 | ||
| 198 | basic_openid_message& basic_op::id_res(basic_openid_message& om) { | 199 | basic_openid_message& basic_op::id_res(basic_openid_message& om, |
| 200 | extension_t *ext) { | ||
| 199 | assert(assoc); | 201 | assert(assoc); |
| @@ -226,2 +228,3 @@ namespace opkele { | |||
| 226 | om.add_to_signed(ats); | 228 | om.add_to_signed(ats); |
| 229 | if(ext) ext->op_id_res_hook(om); | ||
| 227 | om.set_field("sig",util::base64_signature(assoc,om)); | 230 | om.set_field("sig",util::base64_signature(assoc,om)); |
diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc index a884583..bd45d99 100644 --- a/lib/basic_rp.cc +++ b/lib/basic_rp.cc | |||
| @@ -131,3 +131,3 @@ namespace opkele { | |||
| 131 | } OPKELE_RETHROW | 131 | } OPKELE_RETHROW |
| 132 | if(ext) ext->checkid_hook(rv); | 132 | if(ext) ext->rp_checkid_hook(rv); |
| 133 | return rv; | 133 | return rv; |
| @@ -277,3 +277,3 @@ namespace opkele { | |||
| 277 | } | 277 | } |
| 278 | if(ext) ext->id_res_hook(om,signeds); | 278 | if(ext) ext->rp_id_res_hook(om,signeds); |
| 279 | } | 279 | } |
diff --git a/lib/extension.cc b/lib/extension.cc index 6451249..f7aaea5 100644 --- a/lib/extension.cc +++ b/lib/extension.cc | |||
| @@ -5,11 +5,22 @@ namespace opkele { | |||
| 5 | 5 | ||
| 6 | void extension_t::rp_checkid_hook(basic_openid_message&) { | ||
| 7 | throw not_implemented(OPKELE_CP_ "RP checkid_* hook not implemented"); } | ||
| 8 | void extension_t::rp_id_res_hook(const basic_openid_message&, | ||
| 9 | const basic_openid_message&) { | ||
| 10 | throw not_implemented(OPKELE_CP_ "RP id_res hook not implemented"); } | ||
| 11 | |||
| 12 | void extension_t::op_checkid_hook(const basic_openid_message&) { | ||
| 13 | throw not_implemented(OPKELE_CP_ "OP checkid_* hook not implemented"); } | ||
| 14 | void extension_t::op_id_res_hook(basic_openid_message& om) { | ||
| 15 | throw not_implemented(OPKELE_CP_ "OP id_res hook not implemented"); } | ||
| 16 | |||
| 17 | |||
| 6 | void extension_t::checkid_hook(basic_openid_message&) { | 18 | void extension_t::checkid_hook(basic_openid_message&) { |
| 7 | throw not_implemented(OPKELE_CP_ "Consumer checkid_hook not implemented"); | 19 | throw not_implemented(OPKELE_CP_ "deprecated consumer checkid_* hook not implemented"); } |
| 8 | } | 20 | void extension_t::id_res_hook(const basic_openid_message&, |
| 9 | void extension_t::id_res_hook(const basic_openid_message&,const basic_openid_message&) { | 21 | const basic_openid_message&) { |
| 10 | throw not_implemented(OPKELE_CP_ "Consumer id_res_hook not implemented"); | 22 | throw not_implemented(OPKELE_CP_ "deprecated consumer id_res hook not implemented"); } |
| 11 | } | 23 | |
| 12 | void extension_t::checkid_hook(const basic_openid_message&,basic_openid_message&) { | 24 | void extension_t::checkid_hook(const basic_openid_message&,basic_openid_message&) { |
| 13 | throw not_implemented(OPKELE_CP_ "Server checkid_hook not implemented"); | 25 | throw not_implemented(OPKELE_CP_ "deprecated server checkid hook not implemented"); } |
| 14 | } | ||
| 15 | } | 26 | } |
diff --git a/lib/extension_chain.cc b/lib/extension_chain.cc index 5c2afd9..5483740 100644 --- a/lib/extension_chain.cc +++ b/lib/extension_chain.cc | |||
| @@ -5,11 +5,22 @@ namespace opkele { | |||
| 5 | 5 | ||
| 6 | void extension_chain_t::rp_checkid_hook(basic_openid_message& om) { | ||
| 7 | for(iterator i=begin();i!=end();++i) (*i)->rp_checkid_hook(om); } | ||
| 8 | void extension_chain_t::rp_id_res_hook(const basic_openid_message& om, | ||
| 9 | const basic_openid_message& sp) { | ||
| 10 | for(iterator i=begin();i!=end();++i) (*i)->rp_id_res_hook(om,sp); } | ||
| 11 | |||
| 12 | void extension_chain_t::op_checkid_hook(const basic_openid_message& inm) { | ||
| 13 | for(iterator i=begin();i!=end();++i) (*i)->op_checkid_hook(inm); } | ||
| 14 | void extension_chain_t::op_id_res_hook(basic_openid_message& oum) { | ||
| 15 | for(iterator i=begin();i!=end();++i) (*i)->op_id_res_hook(oum); } | ||
| 16 | |||
| 17 | |||
| 6 | void extension_chain_t::checkid_hook(basic_openid_message& om){ | 18 | void extension_chain_t::checkid_hook(basic_openid_message& om){ |
| 7 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(om); | 19 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(om); } |
| 8 | } | 20 | void extension_chain_t::id_res_hook(const basic_openid_message& om, |
| 9 | void extension_chain_t::id_res_hook(const basic_openid_message& om,const basic_openid_message& sp) { | 21 | const basic_openid_message& sp) { |
| 10 | for(iterator i=begin();i!=end();++i) (*i)->id_res_hook(om,sp); | 22 | for(iterator i=begin();i!=end();++i) (*i)->id_res_hook(om,sp); } |
| 11 | } | 23 | void extension_chain_t::checkid_hook(const basic_openid_message& inm, |
| 12 | void extension_chain_t::checkid_hook(const basic_openid_message& inm,basic_openid_message& oum) { | 24 | basic_openid_message& oum) { |
| 13 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(inm,oum); | 25 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(inm,oum); } |
| 14 | } | ||
| 15 | 26 | ||
diff --git a/lib/sreg.cc b/lib/sreg.cc index 7e2d588..b40cd45 100644 --- a/lib/sreg.cc +++ b/lib/sreg.cc | |||
| @@ -30,3 +30,3 @@ namespace opkele { | |||
| 30 | 30 | ||
| 31 | void sreg_t::checkid_hook(basic_openid_message& om) { | 31 | void sreg_t::rp_checkid_hook(basic_openid_message& om) { |
| 32 | string fr, fo; | 32 | string fr, fo; |
| @@ -48,3 +48,7 @@ namespace opkele { | |||
| 48 | 48 | ||
| 49 | void sreg_t::id_res_hook(const basic_openid_message& om,const basic_openid_message& sp) { | 49 | void sreg_t::checkid_hook(basic_openid_message& om) { |
| 50 | rp_checkid_hook(om); } | ||
| 51 | |||
| 52 | void sreg_t::rp_id_res_hook(const basic_openid_message& om, | ||
| 53 | const basic_openid_message& sp) { | ||
| 50 | clear(); | 54 | clear(); |
| @@ -69,2 +73,6 @@ namespace opkele { | |||
| 69 | 73 | ||
| 74 | void sreg_t::id_res_hook(const basic_openid_message& om, | ||
| 75 | const basic_openid_message& sp) { | ||
| 76 | rp_id_res_hook(om,sp); } | ||
| 77 | |||
| 70 | const string& sreg_t::get_field(fieldbit_t fb) const { | 78 | const string& sreg_t::get_field(fieldbit_t fb) const { |
| @@ -107,3 +115,3 @@ namespace opkele { | |||
| 107 | 115 | ||
| 108 | void sreg_t::checkid_hook(const basic_openid_message& inm,basic_openid_message& oum) { | 116 | void sreg_t::op_checkid_hook(const basic_openid_message& inm) { |
| 109 | string ins = inm.find_ns(OIURI_SREG11,"sreg"); | 117 | string ins = inm.find_ns(OIURI_SREG11,"sreg"); |
| @@ -122,3 +130,5 @@ namespace opkele { | |||
| 122 | }catch(failed_lookup&) { } | 130 | }catch(failed_lookup&) { } |
| 123 | setup_response(inm,oum); | 131 | } |
| 132 | |||
| 133 | void sreg_t::op_id_res_hook(basic_openid_message& oum) { | ||
| 124 | string ons = oum.allocate_ns(OIURI_SREG11,"sreg"); | 134 | string ons = oum.allocate_ns(OIURI_SREG11,"sreg"); |
| @@ -136,3 +146,13 @@ namespace opkele { | |||
| 136 | 146 | ||
| 147 | void sreg_t::checkid_hook(const basic_openid_message& inm, | ||
| 148 | basic_openid_message& oum) { | ||
| 149 | op_checkid_hook(inm); | ||
| 150 | setup_response(inm,oum); | ||
| 151 | op_id_res_hook(oum); | ||
| 152 | } | ||
| 153 | |||
| 137 | void sreg_t::setup_response(const basic_openid_message& /* inm */,basic_openid_message& /* oum */) { | 154 | void sreg_t::setup_response(const basic_openid_message& /* inm */,basic_openid_message& /* oum */) { |
| 155 | setup_response(); | ||
| 156 | } | ||
| 157 | void sreg_t::setup_response() { | ||
| 138 | fields_response = (fields_required|fields_optional)&has_fields; | 158 | fields_response = (fields_required|fields_optional)&has_fields; |
| @@ -16,2 +16,3 @@ using namespace std; | |||
| 16 | #include <opkele/verify_op.h> | 16 | #include <opkele/verify_op.h> |
| 17 | #include <opkele/sreg.h> | ||
| 17 | 18 | ||
| @@ -271,3 +272,4 @@ int main(int argc,char *argv[]) { | |||
| 271 | throw opkele::exception(OPKELE_CP_ "toying around, huh?"); | 272 | throw opkele::exception(OPKELE_CP_ "toying around, huh?"); |
| 272 | OP.checkid_(inm,0); | 273 | opkele::sreg_t sreg; |
| 274 | OP.checkid_(inm,sreg); | ||
| 273 | OP.cookie_header(cout); | 275 | OP.cookie_header(cout); |
| @@ -280,5 +282,9 @@ int main(int argc,char *argv[]) { | |||
| 280 | } | 282 | } |
| 283 | sreg.set_field(opkele::sreg_t::field_nickname,"anonymous"); | ||
| 284 | sreg.set_field(opkele::sreg_t::field_fullname,"Ann O'Nymus"); | ||
| 285 | sreg.set_field(opkele::sreg_t::field_gender,"F"); | ||
| 286 | sreg.setup_response(); | ||
| 281 | cout << | 287 | cout << |
| 282 | "Status: 302 Going back to RP with id_res\n" | 288 | "Status: 302 Going back to RP with id_res\n" |
| 283 | "Location: " << OP.id_res(om).append_query(OP.get_return_to()) | 289 | "Location: " << OP.id_res(om,sreg).append_query(OP.get_return_to()) |
| 284 | << "\n\n"; | 290 | << "\n\n"; |