author | Michael Krelin <hacker@klever.net> | 2008-03-04 21:30:28 (UTC) |
---|---|---|
committer | Michael Krelin <hacker@klever.net> | 2008-03-04 21:34:13 (UTC) |
commit | 748a2a29a5667f372bf355ed737208a952ff79f0 (patch) (unidiff) | |
tree | 1739374b0cb82ad2758af8feddbef1b6a6bf5eee | |
parent | 1e3ed01c149aaeed5a64aacff218a5486128fc92 (diff) | |
download | libopkele-748a2a29a5667f372bf355ed737208a952ff79f0.zip libopkele-748a2a29a5667f372bf355ed737208a952ff79f0.tar.gz libopkele-748a2a29a5667f372bf355ed737208a952ff79f0.tar.bz2 |
comitting perliminary oauth consumer api
* added the said consumer api and test consumer
* added trivial map-based opkele::fields_t container
* added UUID flags to libopkele.la build
* fixed query_append so that it doesn't append '?' in absence of query
parameters
* added basic_fields::from_query()
Signed-off-by: Michael Krelin <hacker@klever.net>
-rw-r--r-- | include/Makefile.am | 1 | ||||
-rw-r--r-- | include/opkele/oauth.h | 22 | ||||
-rw-r--r-- | include/opkele/oauth/consumer.h | 124 | ||||
-rw-r--r-- | include/opkele/types.h | 18 | ||||
-rw-r--r-- | lib/Makefile.am | 9 | ||||
-rw-r--r-- | lib/fields.cc | 59 | ||||
-rw-r--r-- | lib/oauth-consumer.cc | 240 | ||||
-rw-r--r-- | test/.gitignore | 1 | ||||
-rw-r--r-- | test/Makefile.am | 17 | ||||
-rw-r--r-- | test/test-oauth-consumer.cc | 83 |
10 files changed, 559 insertions, 15 deletions
diff --git a/include/Makefile.am b/include/Makefile.am index f842bb9..b41e6cc 100644 --- a/include/Makefile.am +++ b/include/Makefile.am | |||
@@ -1,33 +1,34 @@ | |||
1 | NODIST_HEADERS_ = \ | 1 | NODIST_HEADERS_ = \ |
2 | opkele/acconfig.h \ | 2 | opkele/acconfig.h \ |
3 | opkele/tr1-mem.h | 3 | opkele/tr1-mem.h |
4 | 4 | ||
5 | nobase_include_HEADERS = \ | 5 | nobase_include_HEADERS = \ |
6 | opkele/opkele-config.h \ | 6 | opkele/opkele-config.h \ |
7 | opkele/types.h \ | 7 | opkele/types.h \ |
8 | opkele/association.h \ | 8 | opkele/association.h \ |
9 | opkele/exception.h \ | 9 | opkele/exception.h \ |
10 | opkele/server.h \ | 10 | opkele/server.h \ |
11 | opkele/consumer.h \ | 11 | opkele/consumer.h \ |
12 | opkele/extension.h \ | 12 | opkele/extension.h \ |
13 | opkele/sreg.h \ | 13 | opkele/sreg.h \ |
14 | opkele/extension_chain.h \ | 14 | opkele/extension_chain.h \ |
15 | opkele/xconsumer.h \ | 15 | opkele/xconsumer.h \ |
16 | opkele/xserver.h \ | 16 | opkele/xserver.h \ |
17 | opkele/uris.h \ | 17 | opkele/uris.h \ |
18 | opkele/tr1-mem.h \ | 18 | opkele/tr1-mem.h \ |
19 | opkele/basic_rp.h opkele/prequeue_rp.h \ | 19 | opkele/basic_rp.h opkele/prequeue_rp.h \ |
20 | opkele/iterator.h \ | 20 | opkele/iterator.h \ |
21 | opkele/basic_op.h opkele/verify_op.h \ | 21 | opkele/basic_op.h opkele/verify_op.h \ |
22 | opkele/util.h \ | 22 | opkele/util.h \ |
23 | opkele/oauth.h opkele/oauth/consumer.h \ | ||
23 | ${NODIST_HEADERS_} | 24 | ${NODIST_HEADERS_} |
24 | 25 | ||
25 | noinst_HEADERS = \ | 26 | noinst_HEADERS = \ |
26 | opkele/data.h \ | 27 | opkele/data.h \ |
27 | opkele/curl.h opkele/expat.h opkele/tidy.h \ | 28 | opkele/curl.h opkele/expat.h opkele/tidy.h \ |
28 | opkele/util-internal.h \ | 29 | opkele/util-internal.h \ |
29 | opkele/debug.h \ | 30 | opkele/debug.h \ |
30 | opkele/discovery.h | 31 | opkele/discovery.h |
31 | 32 | ||
32 | dist-hook: | 33 | dist-hook: |
33 | rm -f $(addprefix ${distdir}/,${NODIST_HEADERS_}) | 34 | rm -f $(addprefix ${distdir}/,${NODIST_HEADERS_}) |
diff --git a/include/opkele/oauth.h b/include/opkele/oauth.h new file mode 100644 index 0000000..14d0586 --- a/dev/null +++ b/include/opkele/oauth.h | |||
@@ -0,0 +1,22 @@ | |||
1 | #ifndef __OPKELE_OAUTH_H | ||
2 | #define __OPKELE_OAUTH_H | ||
3 | |||
4 | #include <string> | ||
5 | |||
6 | namespace opkele { | ||
7 | namespace oauth { | ||
8 | using std::string; | ||
9 | |||
10 | struct token_t { | ||
11 | string key; | ||
12 | string secret; | ||
13 | |||
14 | token_t() { } | ||
15 | token_t(const string& k,const string& s) | ||
16 | : key(k), secret(s) { } | ||
17 | }; | ||
18 | |||
19 | } | ||
20 | } | ||
21 | |||
22 | #endif /* __OPKELE_OAUTH_H */ | ||
diff --git a/include/opkele/oauth/consumer.h b/include/opkele/oauth/consumer.h new file mode 100644 index 0000000..1e2784c --- a/dev/null +++ b/include/opkele/oauth/consumer.h | |||
@@ -0,0 +1,124 @@ | |||
1 | #ifndef __OPKELE_OAUTH_CONSUMER_H | ||
2 | #define __OPKELE_OAUTH_CONSUMER_H | ||
3 | |||
4 | #include <string> | ||
5 | #include <opkele/types.h> | ||
6 | #include <opkele/oauth.h> | ||
7 | |||
8 | namespace opkele { | ||
9 | namespace oauth { | ||
10 | using std::string; | ||
11 | |||
12 | enum oauth_method_t { | ||
13 | oauth_auth_header, oauth_post_body, oauth_url_query | ||
14 | }; | ||
15 | |||
16 | struct service_endpoint_t { | ||
17 | string url; | ||
18 | string signature_method; | ||
19 | oauth_method_t oauth_method; | ||
20 | |||
21 | service_endpoint_t(const string& u,const string& sm,oauth_method_t om) | ||
22 | : url(u), signature_method(sm), oauth_method(om) { } | ||
23 | }; | ||
24 | |||
25 | class basic_provider_endpoints { | ||
26 | public: | ||
27 | |||
28 | virtual ~basic_provider_endpoints() { } | ||
29 | |||
30 | virtual const service_endpoint_t& get_request_token_endpoint() const = 0; | ||
31 | virtual const service_endpoint_t& get_authorize_user_endpoint() const = 0; | ||
32 | virtual const service_endpoint_t& get_access_token_endpoint() const = 0; | ||
33 | |||
34 | virtual service_endpoint_t& get_url_endpoint(service_endpoint_t& sep, | ||
35 | const string& url) const = 0; | ||
36 | }; | ||
37 | |||
38 | struct http_request_t { | ||
39 | string authorize_header; | ||
40 | string method; | ||
41 | string url; | ||
42 | string body; | ||
43 | |||
44 | http_request_t(const string& m,const string& u) | ||
45 | : method(m), url(u) { } | ||
46 | }; | ||
47 | |||
48 | class basic_consumer { | ||
49 | public: | ||
50 | token_t consumer_token; | ||
51 | |||
52 | basic_consumer(const token_t& ct) | ||
53 | : consumer_token(ct) { } | ||
54 | virtual ~basic_consumer() { } | ||
55 | |||
56 | virtual const basic_provider_endpoints& get_endpoints() const = 0; | ||
57 | virtual const string allocate_nonce(time_t ts) = 0; | ||
58 | |||
59 | token_t get_request_token(); | ||
60 | const string get_authorize_url(const token_t& rt,const string& callback=""); | ||
61 | token_t get_access_token(const token_t& rt); | ||
62 | |||
63 | void prepare_request( | ||
64 | http_request_t& req, | ||
65 | const basic_fields& qf,const basic_fields& pf, | ||
66 | oauth_method_t om,const string& sm, | ||
67 | const token_t *t=0,const string& realm=""); | ||
68 | void prepare_request( | ||
69 | http_request_t& req, | ||
70 | const basic_fields& qf,const basic_fields& pf, | ||
71 | const service_endpoint_t& sep, | ||
72 | const token_t *t=0,const string& realm=""); | ||
73 | |||
74 | const string signature( | ||
75 | const string& method, | ||
76 | const string& url, | ||
77 | const basic_fields& fields, | ||
78 | const token_t* rt=0); | ||
79 | |||
80 | token_t acquire_token( | ||
81 | const service_endpoint_t& sep, | ||
82 | const token_t* rt=0); | ||
83 | }; | ||
84 | |||
85 | class simple_provider_endpoints : public basic_provider_endpoints { | ||
86 | public: | ||
87 | service_endpoint_t sep_request_token; | ||
88 | service_endpoint_t sep_authorize_user; | ||
89 | service_endpoint_t sep_access_token; | ||
90 | service_endpoint_t sep_generic; | ||
91 | |||
92 | simple_provider_endpoints( | ||
93 | const string& rt,const string& au,const string& at, | ||
94 | const string& sm, | ||
95 | oauth_method_t ams=oauth_post_body, | ||
96 | oauth_method_t amr=oauth_auth_header ) | ||
97 | : sep_request_token(rt,sm,ams), | ||
98 | sep_authorize_user(au,sm,oauth_url_query), | ||
99 | sep_access_token(at,sm,ams), | ||
100 | sep_generic("",sm,amr) { } | ||
101 | |||
102 | const service_endpoint_t& get_request_token_endpoint() const; | ||
103 | const service_endpoint_t& get_authorize_user_endpoint() const; | ||
104 | const service_endpoint_t& get_access_token_endpoint() const; | ||
105 | service_endpoint_t& get_url_endpoint(service_endpoint_t& sep, | ||
106 | const string& url) const; | ||
107 | }; | ||
108 | |||
109 | class simple_consumer : public basic_consumer { | ||
110 | public: | ||
111 | simple_provider_endpoints peps; | ||
112 | |||
113 | simple_consumer(const simple_provider_endpoints& eps, | ||
114 | const token_t& ct) | ||
115 | : basic_consumer(ct), peps(eps) { } | ||
116 | |||
117 | const basic_provider_endpoints& get_endpoints() const; | ||
118 | const string allocate_nonce(time_t ts); | ||
119 | }; | ||
120 | |||
121 | } | ||
122 | } | ||
123 | |||
124 | #endif /* __OPKELE_OAUTH_CONSUMER_H */ | ||
diff --git a/include/opkele/types.h b/include/opkele/types.h index f63bf5d..4471e6a 100644 --- a/include/opkele/types.h +++ b/include/opkele/types.h | |||
@@ -1,243 +1,261 @@ | |||
1 | #ifndef __OPKELE_TYPES_H | 1 | #ifndef __OPKELE_TYPES_H |
2 | #define __OPKELE_TYPES_H | 2 | #define __OPKELE_TYPES_H |
3 | 3 | ||
4 | /** | 4 | /** |
5 | * @file | 5 | * @file |
6 | * @brief various types declarations | 6 | * @brief various types declarations |
7 | */ | 7 | */ |
8 | 8 | ||
9 | #include <cstring> | 9 | #include <cstring> |
10 | #include <ostream> | 10 | #include <ostream> |
11 | #include <vector> | 11 | #include <vector> |
12 | #include <string> | 12 | #include <string> |
13 | #include <map> | 13 | #include <map> |
14 | #include <set> | 14 | #include <set> |
15 | #include <list> | 15 | #include <list> |
16 | #include <opkele/iterator.h> | 16 | #include <opkele/iterator.h> |
17 | #include <opkele/tr1-mem.h> | 17 | #include <opkele/tr1-mem.h> |
18 | 18 | ||
19 | namespace opkele { | 19 | namespace opkele { |
20 | using std::vector; | 20 | using std::vector; |
21 | using std::string; | 21 | using std::string; |
22 | using std::map; | 22 | using std::map; |
23 | using std::ostream; | 23 | using std::ostream; |
24 | using std::multimap; | 24 | using std::multimap; |
25 | using std::set; | 25 | using std::set; |
26 | using std::list; | 26 | using std::list; |
27 | using std::iterator; | 27 | using std::iterator; |
28 | using std::forward_iterator_tag; | 28 | using std::forward_iterator_tag; |
29 | 29 | ||
30 | /** | 30 | /** |
31 | * the OpenID operation mode | 31 | * the OpenID operation mode |
32 | */ | 32 | */ |
33 | typedef enum _mode_t { | 33 | typedef enum _mode_t { |
34 | mode_unknown = 0, | 34 | mode_unknown = 0, |
35 | mode_associate, | 35 | mode_associate, |
36 | mode_checkid_immediate, | 36 | mode_checkid_immediate, |
37 | mode_checkid_setup, | 37 | mode_checkid_setup, |
38 | mode_check_association | 38 | mode_check_association |
39 | } mode_t; | 39 | } mode_t; |
40 | 40 | ||
41 | /** | 41 | /** |
42 | * the association secret container | 42 | * the association secret container |
43 | */ | 43 | */ |
44 | class secret_t : public vector<unsigned char> { | 44 | class secret_t : public vector<unsigned char> { |
45 | public: | 45 | public: |
46 | 46 | ||
47 | /** | 47 | /** |
48 | * xor the secret and hmac together and encode, using base64 | 48 | * xor the secret and hmac together and encode, using base64 |
49 | * @param key_d pointer to the message digest | 49 | * @param key_d pointer to the message digest |
50 | * @param rv reference to the return value | 50 | * @param rv reference to the return value |
51 | */ | 51 | */ |
52 | void enxor_to_base64(const unsigned char *key_d,string& rv) const; | 52 | void enxor_to_base64(const unsigned char *key_d,string& rv) const; |
53 | /** | 53 | /** |
54 | * decode base64-encoded secret and xor it with the message digest | 54 | * decode base64-encoded secret and xor it with the message digest |
55 | * @param key_d pointer to the message digest | 55 | * @param key_d pointer to the message digest |
56 | * @param b64 base64-encoded secret value | 56 | * @param b64 base64-encoded secret value |
57 | */ | 57 | */ |
58 | void enxor_from_base64(const unsigned char *key_d,const string& b64); | 58 | void enxor_from_base64(const unsigned char *key_d,const string& b64); |
59 | /** | 59 | /** |
60 | * plainly encode to base64 representation | 60 | * plainly encode to base64 representation |
61 | * @param rv reference to the return value | 61 | * @param rv reference to the return value |
62 | */ | 62 | */ |
63 | void to_base64(string& rv) const; | 63 | void to_base64(string& rv) const; |
64 | /** | 64 | /** |
65 | * decode cleartext secret from base64 | 65 | * decode cleartext secret from base64 |
66 | * @param b64 base64-encoded representation of the secret value | 66 | * @param b64 base64-encoded representation of the secret value |
67 | */ | 67 | */ |
68 | void from_base64(const string& b64); | 68 | void from_base64(const string& b64); |
69 | }; | 69 | }; |
70 | 70 | ||
71 | /** | 71 | /** |
72 | * Interface to the association. | 72 | * Interface to the association. |
73 | */ | 73 | */ |
74 | class association_t { | 74 | class association_t { |
75 | public: | 75 | public: |
76 | 76 | ||
77 | virtual ~association_t() { } | 77 | virtual ~association_t() { } |
78 | 78 | ||
79 | /** | 79 | /** |
80 | * retrieve the server with which association was established. | 80 | * retrieve the server with which association was established. |
81 | * @return server name | 81 | * @return server name |
82 | */ | 82 | */ |
83 | virtual string server() const = 0; | 83 | virtual string server() const = 0; |
84 | /** | 84 | /** |
85 | * retrieve the association handle. | 85 | * retrieve the association handle. |
86 | * @return handle | 86 | * @return handle |
87 | */ | 87 | */ |
88 | virtual string handle() const = 0; | 88 | virtual string handle() const = 0; |
89 | /** | 89 | /** |
90 | * retrieve the association type. | 90 | * retrieve the association type. |
91 | * @return association type | 91 | * @return association type |
92 | */ | 92 | */ |
93 | virtual string assoc_type() const = 0; | 93 | virtual string assoc_type() const = 0; |
94 | /** | 94 | /** |
95 | * retrieve the association secret. | 95 | * retrieve the association secret. |
96 | * @return association secret | 96 | * @return association secret |
97 | */ | 97 | */ |
98 | virtual secret_t secret() const = 0; | 98 | virtual secret_t secret() const = 0; |
99 | /** | 99 | /** |
100 | * retrieve the number of seconds the association expires in. | 100 | * retrieve the number of seconds the association expires in. |
101 | * @return seconds till expiration | 101 | * @return seconds till expiration |
102 | */ | 102 | */ |
103 | virtual int expires_in() const = 0; | 103 | virtual int expires_in() const = 0; |
104 | /** | 104 | /** |
105 | * check whether the association is stateless. | 105 | * check whether the association is stateless. |
106 | * @return true if stateless | 106 | * @return true if stateless |
107 | */ | 107 | */ |
108 | virtual bool stateless() const = 0; | 108 | virtual bool stateless() const = 0; |
109 | /** | 109 | /** |
110 | * check whether the association is expired. | 110 | * check whether the association is expired. |
111 | * @return true if expired | 111 | * @return true if expired |
112 | */ | 112 | */ |
113 | virtual bool is_expired() const = 0; | 113 | virtual bool is_expired() const = 0; |
114 | }; | 114 | }; |
115 | 115 | ||
116 | /** | 116 | /** |
117 | * the shared_ptr<> for association_t object type | 117 | * the shared_ptr<> for association_t object type |
118 | */ | 118 | */ |
119 | typedef tr1mem::shared_ptr<association_t> assoc_t; | 119 | typedef tr1mem::shared_ptr<association_t> assoc_t; |
120 | 120 | ||
121 | class basic_fields { | 121 | class basic_fields { |
122 | public: | 122 | public: |
123 | typedef util::forward_iterator_proxy< | 123 | typedef util::forward_iterator_proxy< |
124 | string,const string&,const string* | 124 | string,const string&,const string* |
125 | > fields_iterator; | 125 | > fields_iterator; |
126 | 126 | ||
127 | basic_fields() { } | 127 | basic_fields() { } |
128 | virtual ~basic_fields() { } | 128 | virtual ~basic_fields() { } |
129 | basic_fields(const basic_fields& x); | 129 | basic_fields(const basic_fields& x); |
130 | void copy_to(basic_fields& x) const; | 130 | void copy_to(basic_fields& x) const; |
131 | void append_to(basic_fields& x) const; | 131 | void append_to(basic_fields& x) const; |
132 | 132 | ||
133 | virtual bool has_field(const string& n) const = 0; | 133 | virtual bool has_field(const string& n) const = 0; |
134 | virtual const string& get_field(const string& n) const = 0; | 134 | virtual const string& get_field(const string& n) const = 0; |
135 | 135 | ||
136 | virtual fields_iterator fields_begin() const = 0; | 136 | virtual fields_iterator fields_begin() const = 0; |
137 | virtual fields_iterator fields_end() const = 0; | 137 | virtual fields_iterator fields_end() const = 0; |
138 | 138 | ||
139 | virtual string append_query(const string& url,const char *pfx=0) const; | 139 | virtual string append_query(const string& url,const char *pfx=0) const; |
140 | virtual string query_string(const char *pfx=0) const; | 140 | virtual string query_string(const char *pfx=0) const; |
141 | 141 | ||
142 | virtual void reset_fields(); | 142 | virtual void reset_fields(); |
143 | virtual void set_field(const string& n,const string& v); | 143 | virtual void set_field(const string& n,const string& v); |
144 | virtual void reset_field(const string& n); | 144 | virtual void reset_field(const string& n); |
145 | 145 | ||
146 | void from_query(const string& qs); | ||
147 | }; | ||
148 | |||
149 | class fields_t : public basic_fields, public map<string,string> { | ||
150 | public: | ||
151 | fields_t() { } | ||
152 | fields_t(const basic_fields& x) | ||
153 | : basic_fields(x) { } | ||
154 | |||
155 | bool has_field(const string& n) const; | ||
156 | const string& get_field(const string& n) const; | ||
157 | |||
158 | virtual fields_iterator fields_begin() const; | ||
159 | virtual fields_iterator fields_end() const; | ||
160 | |||
161 | virtual void reset_fields(); | ||
162 | virtual void set_field(const string& n,const string& v); | ||
163 | virtual void reset_field(const string& n); | ||
146 | }; | 164 | }; |
147 | 165 | ||
148 | class basic_openid_message : public basic_fields { | 166 | class basic_openid_message : public basic_fields { |
149 | public: | 167 | public: |
150 | 168 | ||
151 | basic_openid_message() { } | 169 | basic_openid_message() { } |
152 | basic_openid_message(const basic_openid_message& x); | 170 | basic_openid_message(const basic_openid_message& x); |
153 | 171 | ||
154 | virtual bool has_ns(const string& uri) const; | 172 | virtual bool has_ns(const string& uri) const; |
155 | virtual string get_ns(const string& uri) const; | 173 | virtual string get_ns(const string& uri) const; |
156 | 174 | ||
157 | virtual string append_query(const string& url,const char *pfx="openid.") const { | 175 | virtual string append_query(const string& url,const char *pfx="openid.") const { |
158 | return basic_fields::append_query(url,pfx); } | 176 | return basic_fields::append_query(url,pfx); } |
159 | virtual string query_string(const char *pfx="openid.") const { | 177 | virtual string query_string(const char *pfx="openid.") const { |
160 | return basic_fields::query_string(pfx); } | 178 | return basic_fields::query_string(pfx); } |
161 | 179 | ||
162 | virtual void from_keyvalues(const string& kv); | 180 | virtual void from_keyvalues(const string& kv); |
163 | virtual void to_keyvalues(ostream& o) const; | 181 | virtual void to_keyvalues(ostream& o) const; |
164 | 182 | ||
165 | virtual void to_htmlhiddens(ostream& o,const char* pfx=0) const; | 183 | virtual void to_htmlhiddens(ostream& o,const char* pfx=0) const; |
166 | 184 | ||
167 | void add_to_signed(const string& fields); | 185 | void add_to_signed(const string& fields); |
168 | string find_ns(const string& uri,const char *pfx) const; | 186 | string find_ns(const string& uri,const char *pfx) const; |
169 | string allocate_ns(const string& uri,const char *pfx); | 187 | string allocate_ns(const string& uri,const char *pfx); |
170 | }; | 188 | }; |
171 | 189 | ||
172 | class openid_message_t : public basic_openid_message, public map<string,string> { | 190 | class openid_message_t : public basic_openid_message, public map<string,string> { |
173 | public: | 191 | public: |
174 | openid_message_t() { } | 192 | openid_message_t() { } |
175 | openid_message_t(const basic_openid_message& x) | 193 | openid_message_t(const basic_openid_message& x) |
176 | : basic_openid_message(x) { } | 194 | : basic_openid_message(x) { } |
177 | 195 | ||
178 | bool has_field(const string& n) const; | 196 | bool has_field(const string& n) const; |
179 | const string& get_field(const string& n) const; | 197 | const string& get_field(const string& n) const; |
180 | virtual fields_iterator fields_begin() const; | 198 | virtual fields_iterator fields_begin() const; |
181 | virtual fields_iterator fields_end() const; | 199 | virtual fields_iterator fields_end() const; |
182 | 200 | ||
183 | void reset_fields(); | 201 | void reset_fields(); |
184 | void set_field(const string& n,const string& v); | 202 | void set_field(const string& n,const string& v); |
185 | void reset_field(const string& n); | 203 | void reset_field(const string& n); |
186 | }; | 204 | }; |
187 | 205 | ||
188 | /** | 206 | /** |
189 | * request/response parameters map | 207 | * request/response parameters map |
190 | */ | 208 | */ |
191 | class params_t : public openid_message_t { | 209 | class params_t : public openid_message_t { |
192 | public: | 210 | public: |
193 | 211 | ||
194 | /** | 212 | /** |
195 | * check whether the parameter is present. | 213 | * check whether the parameter is present. |
196 | * @param n the parameter name | 214 | * @param n the parameter name |
197 | * @return true if yes | 215 | * @return true if yes |
198 | */ | 216 | */ |
199 | bool has_param(const string& n) const { | 217 | bool has_param(const string& n) const { |
200 | return has_field(n); } | 218 | return has_field(n); } |
201 | /** | 219 | /** |
202 | * retrieve the parameter (const version) | 220 | * retrieve the parameter (const version) |
203 | * @param n the parameter name | 221 | * @param n the parameter name |
204 | * @return the parameter value | 222 | * @return the parameter value |
205 | * @throw failed_lookup if there is no such parameter | 223 | * @throw failed_lookup if there is no such parameter |
206 | */ | 224 | */ |
207 | const string& get_param(const string& n) const { | 225 | const string& get_param(const string& n) const { |
208 | return get_field(n); } | 226 | return get_field(n); } |
209 | 227 | ||
210 | /** | 228 | /** |
211 | * parse the OpenID key/value data. | 229 | * parse the OpenID key/value data. |
212 | * @param kv the OpenID key/value data | 230 | * @param kv the OpenID key/value data |
213 | */ | 231 | */ |
214 | void parse_keyvalues(const string& kv) { | 232 | void parse_keyvalues(const string& kv) { |
215 | from_keyvalues(kv); } | 233 | from_keyvalues(kv); } |
216 | 234 | ||
217 | string append_query(const string& url,const char *prefix="openid.") const; | 235 | string append_query(const string& url,const char *prefix="openid.") const; |
218 | 236 | ||
219 | }; | 237 | }; |
220 | 238 | ||
221 | struct openid_endpoint_t { | 239 | struct openid_endpoint_t { |
222 | string uri; | 240 | string uri; |
223 | string claimed_id; | 241 | string claimed_id; |
224 | string local_id; | 242 | string local_id; |
225 | 243 | ||
226 | openid_endpoint_t() { } | 244 | openid_endpoint_t() { } |
227 | openid_endpoint_t(const string& u,const string& cid,const string& lid) | 245 | openid_endpoint_t(const string& u,const string& cid,const string& lid) |
228 | : uri(u), claimed_id(cid), local_id(lid) { } | 246 | : uri(u), claimed_id(cid), local_id(lid) { } |
229 | 247 | ||
230 | bool operator==(const openid_endpoint_t& x) const { | 248 | bool operator==(const openid_endpoint_t& x) const { |
231 | return uri==x.uri && local_id==x.local_id; } | 249 | return uri==x.uri && local_id==x.local_id; } |
232 | bool operator<(const openid_endpoint_t& x) const { | 250 | bool operator<(const openid_endpoint_t& x) const { |
233 | int c; | 251 | int c; |
234 | return (c=strcmp(uri.c_str(),x.uri.c_str())) | 252 | return (c=strcmp(uri.c_str(),x.uri.c_str())) |
235 | ? (c<0) : (strcmp(local_id.c_str(),x.local_id.c_str())<0); } | 253 | ? (c<0) : (strcmp(local_id.c_str(),x.local_id.c_str())<0); } |
236 | }; | 254 | }; |
237 | 255 | ||
238 | typedef util::output_iterator_proxy<openid_endpoint_t> | 256 | typedef util::output_iterator_proxy<openid_endpoint_t> |
239 | openid_endpoint_output_iterator; | 257 | openid_endpoint_output_iterator; |
240 | 258 | ||
241 | } | 259 | } |
242 | 260 | ||
243 | #endif /* __OPKELE_TYPES_H */ | 261 | #endif /* __OPKELE_TYPES_H */ |
diff --git a/lib/Makefile.am b/lib/Makefile.am index 20d15b8..6b1fad6 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am | |||
@@ -1,34 +1,37 @@ | |||
1 | lib_LTLIBRARIES = libopkele.la | 1 | lib_LTLIBRARIES = libopkele.la |
2 | 2 | ||
3 | AM_CPPFLAGS = ${CPPFLAGS_DEBUG} | 3 | AM_CPPFLAGS = ${CPPFLAGS_DEBUG} |
4 | DEFAULT_INCLUDES = -I${top_builddir} | 4 | DEFAULT_INCLUDES = -I${top_builddir} |
5 | INCLUDES = \ | 5 | INCLUDES = \ |
6 | -I${top_builddir}/include/ -I${top_srcdir}/include/ \ | 6 | -I${top_builddir}/include/ -I${top_srcdir}/include/ \ |
7 | ${KONFORKA_CFLAGS} \ | 7 | ${KONFORKA_CFLAGS} \ |
8 | ${OPENSSL_CFLAGS} \ | 8 | ${OPENSSL_CFLAGS} \ |
9 | ${LIBCURL_CPPFLAGS} \ | 9 | ${LIBCURL_CPPFLAGS} \ |
10 | ${PCRE_CFLAGS} ${EXPAT_CFLAGS} ${TIDY_CFLAGS} | 10 | ${PCRE_CFLAGS} ${EXPAT_CFLAGS} ${TIDY_CFLAGS} \ |
11 | ${UUID_CFLAGS} | ||
11 | libopkele_la_LIBADD = \ | 12 | libopkele_la_LIBADD = \ |
12 | ${LIBCURL} \ | 13 | ${LIBCURL} \ |
13 | ${PCRE_LIBS} ${EXPAT_LIBS} \ | 14 | ${PCRE_LIBS} ${EXPAT_LIBS} \ |
14 | ${OPENSSL_LIBS} \ | 15 | ${OPENSSL_LIBS} \ |
15 | ${KONFORKA_LIBS} ${TIDY_LIBS} | 16 | ${KONFORKA_LIBS} ${TIDY_LIBS} \ |
17 | ${UUID_LIBS} | ||
16 | 18 | ||
17 | libopkele_la_SOURCES = \ | 19 | libopkele_la_SOURCES = \ |
18 | params.cc \ | 20 | params.cc \ |
19 | util.cc \ | 21 | util.cc \ |
20 | server.cc \ | 22 | server.cc \ |
21 | secret.cc \ | 23 | secret.cc \ |
22 | data.cc \ | 24 | data.cc \ |
23 | consumer.cc \ | 25 | consumer.cc \ |
24 | exception.cc \ | 26 | exception.cc \ |
25 | extension.cc \ | 27 | extension.cc \ |
26 | sreg.cc \ | 28 | sreg.cc \ |
27 | extension_chain.cc \ | 29 | extension_chain.cc \ |
28 | curl.cc expat.cc \ | 30 | curl.cc expat.cc \ |
29 | discovery.cc \ | 31 | discovery.cc \ |
30 | basic_rp.cc prequeue_rp.cc \ | 32 | basic_rp.cc prequeue_rp.cc \ |
31 | fields.cc message.cc \ | 33 | fields.cc message.cc \ |
32 | basic_op.cc verify_op.cc | 34 | basic_op.cc verify_op.cc \ |
35 | oauth-consumer.cc | ||
33 | libopkele_la_LDFLAGS = \ | 36 | libopkele_la_LDFLAGS = \ |
34 | -version-info 2:0:0 | 37 | -version-info 2:0:0 |
diff --git a/lib/fields.cc b/lib/fields.cc index d494098..916b603 100644 --- a/lib/fields.cc +++ b/lib/fields.cc | |||
@@ -1,86 +1,135 @@ | |||
1 | #include <opkele/types.h> | 1 | #include <opkele/types.h> |
2 | #include <opkele/exception.h> | 2 | #include <opkele/exception.h> |
3 | #include <opkele/util.h> | 3 | #include <opkele/util.h> |
4 | 4 | ||
5 | namespace opkele { | 5 | namespace opkele { |
6 | using std::unary_function; | 6 | using std::unary_function; |
7 | 7 | ||
8 | struct __om_copier : public unary_function<const string&,void> { | 8 | struct __om_copier : public unary_function<const string&,void> { |
9 | public: | 9 | public: |
10 | const basic_fields& from; | 10 | const basic_fields& from; |
11 | basic_fields& to; | 11 | basic_fields& to; |
12 | 12 | ||
13 | __om_copier(basic_fields& t,const basic_fields& f) | 13 | __om_copier(basic_fields& t,const basic_fields& f) |
14 | : from(f), to(t) { } | 14 | : from(f), to(t) { } |
15 | 15 | ||
16 | result_type operator()(argument_type f) { | 16 | result_type operator()(argument_type f) { |
17 | to.set_field(f,from.get_field(f)); } | 17 | to.set_field(f,from.get_field(f)); } |
18 | }; | 18 | }; |
19 | 19 | ||
20 | basic_fields::basic_fields(const basic_fields& x) { | 20 | basic_fields::basic_fields(const basic_fields& x) { |
21 | x.copy_to(*this); | 21 | x.copy_to(*this); |
22 | } | 22 | } |
23 | void basic_fields::copy_to(basic_fields& x) const { | 23 | void basic_fields::copy_to(basic_fields& x) const { |
24 | x.reset_fields(); | 24 | x.reset_fields(); |
25 | for_each(fields_begin(),fields_end(), | 25 | for_each(fields_begin(),fields_end(), |
26 | __om_copier(x,*this) ); | 26 | __om_copier(x,*this) ); |
27 | } | 27 | } |
28 | void basic_fields::append_to(basic_fields& x) const { | 28 | void basic_fields::append_to(basic_fields& x) const { |
29 | for_each(fields_begin(),fields_end(), | 29 | for_each(fields_begin(),fields_end(), |
30 | __om_copier(x,*this) ); | 30 | __om_copier(x,*this) ); |
31 | } | 31 | } |
32 | 32 | ||
33 | struct __om_query_builder : public unary_function<const string&,void> { | 33 | struct __om_query_builder : public unary_function<const string&,void> { |
34 | public: | 34 | public: |
35 | const basic_fields& om; | 35 | const basic_fields& om; |
36 | bool first; | 36 | bool first; |
37 | string& rv; | 37 | string& rv; |
38 | const char *pfx; | 38 | const char *pfx; |
39 | 39 | ||
40 | __om_query_builder(const char *p,string& r,const basic_fields& m) | 40 | __om_query_builder(const char *p,string& r,const basic_fields& m) |
41 | : om(m), first(true), rv(r), pfx(p) { | 41 | : om(m), first(true), rv(r), pfx(p) { |
42 | for_each(om.fields_begin(),om.fields_end(),*this); | 42 | for_each(om.fields_begin(),om.fields_end(),*this); |
43 | } | 43 | } |
44 | __om_query_builder(const char *p,string& r,const basic_fields& m,const string& u) | 44 | __om_query_builder(const char *p,string& r,const basic_fields& m,const string& u) |
45 | : om(m), first(true), rv(r), pfx(p) { | 45 | : om(m), first(true), rv(r), pfx(p) { |
46 | basic_fields::fields_iterator i=om.fields_begin(), | ||
47 | ie=om.fields_end(); | ||
46 | rv = u; | 48 | rv = u; |
47 | if(rv.find('?')==string::npos) | 49 | if(i!=ie) { |
48 | rv += '?'; | 50 | if(rv.find('?')==string::npos) |
49 | else | 51 | rv += '?'; |
50 | first = false; | 52 | else |
51 | for_each(om.fields_begin(),om.fields_end(),*this); | 53 | first = false; |
54 | for_each(i,ie,*this); | ||
55 | } | ||
52 | } | 56 | } |
53 | 57 | ||
54 | result_type operator()(argument_type f) { | 58 | result_type operator()(argument_type f) { |
55 | if(first) | 59 | if(first) |
56 | first = false; | 60 | first = false; |
57 | else | 61 | else |
58 | rv += '&'; | 62 | rv += '&'; |
59 | if(pfx) rv += pfx; | 63 | if(pfx) rv += pfx; |
60 | rv+= f; | 64 | rv+= f; |
61 | rv += '='; | 65 | rv += '='; |
62 | rv += util::url_encode(om.get_field(f)); | 66 | rv += util::url_encode(om.get_field(f)); |
63 | } | 67 | } |
64 | }; | 68 | }; |
65 | 69 | ||
66 | string basic_fields::append_query(const string& url,const char *pfx) const { | 70 | string basic_fields::append_query(const string& url,const char *pfx) const { |
67 | string rv; | 71 | string rv; |
68 | return __om_query_builder(pfx,rv,*this,url).rv; | 72 | return __om_query_builder(pfx,rv,*this,url).rv; |
69 | } | 73 | } |
70 | string basic_fields::query_string(const char *pfx) const { | 74 | string basic_fields::query_string(const char *pfx) const { |
71 | string rv; | 75 | string rv; |
72 | return __om_query_builder(pfx,rv,*this).rv; | 76 | return __om_query_builder(pfx,rv,*this).rv; |
73 | } | 77 | } |
74 | 78 | ||
75 | void basic_fields::reset_fields() { | 79 | void basic_fields::reset_fields() { |
76 | throw not_implemented(OPKELE_CP_ "reset_fields() not implemented"); | 80 | throw not_implemented(OPKELE_CP_ "reset_fields() not implemented"); |
77 | } | 81 | } |
78 | void basic_fields::set_field(const string&,const string&) { | 82 | void basic_fields::set_field(const string&,const string&) { |
79 | throw not_implemented(OPKELE_CP_ "set_field() not implemented"); | 83 | throw not_implemented(OPKELE_CP_ "set_field() not implemented"); |
80 | } | 84 | } |
81 | void basic_fields::reset_field(const string&) { | 85 | void basic_fields::reset_field(const string&) { |
82 | throw not_implemented(OPKELE_CP_ "reset_field() not implemented"); | 86 | throw not_implemented(OPKELE_CP_ "reset_field() not implemented"); |
83 | } | 87 | } |
84 | 88 | ||
89 | void basic_fields::from_query(const string& qs) { | ||
90 | for(string::size_type p=0,np;;p=np+1) { | ||
91 | np = qs.find('&',p); | ||
92 | string::size_type eq = qs.find('=',p); | ||
93 | if(eq==string::npos) break; | ||
94 | if(np==string::npos) { | ||
95 | set_field( | ||
96 | util::url_decode(qs.substr(p,eq-p)), | ||
97 | util::url_decode(qs.substr(eq+1)) ); | ||
98 | break; | ||
99 | }else if(eq<np) { | ||
100 | set_field( | ||
101 | util::url_decode(qs.substr(p,eq-p)), | ||
102 | util::url_decode(qs.substr(eq+1,np-eq-1)) ); | ||
103 | } | ||
104 | } | ||
105 | } | ||
106 | |||
107 | |||
108 | bool fields_t::has_field(const string& n) const { | ||
109 | return find(n)!=end(); | ||
110 | } | ||
111 | const string& fields_t::get_field(const string& n) const { | ||
112 | const_iterator i=find(n); | ||
113 | if(i==end()) | ||
114 | throw failed_lookup(OPKELE_CP_ n+": no such field"); | ||
115 | return i->second; | ||
116 | } | ||
117 | |||
118 | fields_t::fields_iterator fields_t::fields_begin() const { | ||
119 | return util::map_keys_iterator<const_iterator,string,const string&,const string*>(begin(),end()); | ||
120 | } | ||
121 | fields_t::fields_iterator fields_t::fields_end() const { | ||
122 | return util::map_keys_iterator<const_iterator,string,const string&,const string*>(end(),end()); | ||
123 | } | ||
124 | |||
125 | void fields_t::reset_fields() { | ||
126 | clear(); | ||
127 | } | ||
128 | void fields_t::set_field(const string& n,const string& v) { | ||
129 | (*this)[n]=v; | ||
130 | } | ||
131 | void fields_t::reset_field(const string& n) { | ||
132 | erase(n); | ||
133 | } | ||
85 | 134 | ||
86 | } | 135 | } |
diff --git a/lib/oauth-consumer.cc b/lib/oauth-consumer.cc new file mode 100644 index 0000000..d717ed3 --- a/dev/null +++ b/lib/oauth-consumer.cc | |||
@@ -0,0 +1,240 @@ | |||
1 | #include <openssl/sha.h> | ||
2 | #include <openssl/evp.h> | ||
3 | #include <openssl/hmac.h> | ||
4 | #include <opkele/oauth/consumer.h> | ||
5 | #include <opkele/exception.h> | ||
6 | #include <opkele/util.h> | ||
7 | #include <opkele/curl.h> | ||
8 | #include <opkele/debug.h> | ||
9 | |||
10 | #include "config.h" | ||
11 | #ifdef HAVE_LIBUUID | ||
12 | # include <uuid/uuid.h> | ||
13 | #endif | ||
14 | |||
15 | namespace opkele { | ||
16 | namespace oauth { | ||
17 | |||
18 | const service_endpoint_t& | ||
19 | simple_provider_endpoints::get_request_token_endpoint() const { | ||
20 | return sep_request_token; } | ||
21 | const service_endpoint_t& | ||
22 | simple_provider_endpoints::get_authorize_user_endpoint() const { | ||
23 | return sep_authorize_user; } | ||
24 | const service_endpoint_t& | ||
25 | simple_provider_endpoints::get_access_token_endpoint() const { | ||
26 | return sep_access_token; } | ||
27 | service_endpoint_t& | ||
28 | simple_provider_endpoints::get_url_endpoint(service_endpoint_t& sep, | ||
29 | const string& url) const { | ||
30 | sep = sep_generic; | ||
31 | sep.url = url; | ||
32 | return sep; } | ||
33 | |||
34 | token_t basic_consumer::get_request_token() { | ||
35 | return acquire_token(get_endpoints().get_request_token_endpoint()); | ||
36 | } | ||
37 | |||
38 | const string basic_consumer::get_authorize_url(const token_t& rt,const string& callback) { | ||
39 | fields_t f; | ||
40 | f.set_field("oauth_token",rt.key); | ||
41 | if(!callback.empty()) | ||
42 | f.set_field("oauth_callback",callback); | ||
43 | return f.append_query( | ||
44 | get_endpoints().get_authorize_user_endpoint().url ); | ||
45 | } | ||
46 | |||
47 | token_t basic_consumer::get_access_token(const token_t& rt) { | ||
48 | return acquire_token(get_endpoints().get_access_token_endpoint(),&rt); | ||
49 | } | ||
50 | |||
51 | const string basic_consumer::signature( | ||
52 | const string& method, const string& url, | ||
53 | const basic_fields& fields, | ||
54 | const token_t* at) { | ||
55 | if(fields.get_field("oauth_signature_method")!="HMAC-SHA1") | ||
56 | throw opkele::not_implemented(OPKELE_CP_ | ||
57 | "only HMAC-SHA1 signature is implemented"); | ||
58 | string key = util::url_encode(consumer_token.secret); | ||
59 | key += '&'; | ||
60 | if(at) | ||
61 | key += util::url_encode(at->secret); | ||
62 | /* TODO: do not build the whole subject */ | ||
63 | string subject = method; | ||
64 | subject += '&'; | ||
65 | string u = util::rfc_3986_normalize_uri(url); | ||
66 | string::size_type uco = u.find_first_of("#?"); | ||
67 | if(uco!=string::npos) u.erase(uco); | ||
68 | subject += util::url_encode(u); | ||
69 | subject += '&'; | ||
70 | subject += util::url_encode( fields.query_string() ); | ||
71 | unsigned char md[SHA_DIGEST_LENGTH]; | ||
72 | unsigned int md_len = 0; | ||
73 | HMAC( EVP_sha1(), | ||
74 | key.c_str(),key.size(), | ||
75 | (const unsigned char *)subject.c_str(),subject.size(), | ||
76 | md,&md_len ); | ||
77 | assert(md_len==sizeof(md)); | ||
78 | return util::encode_base64(md,md_len); | ||
79 | } | ||
80 | |||
81 | static void noquerize_url(string& url,const string& sepurl,basic_fields& f) { | ||
82 | string::size_type q = sepurl.find('?'), | ||
83 | p = sepurl.find('#'); | ||
84 | if(q==string::npos) { | ||
85 | url = sepurl.substr(0,p); | ||
86 | }else{ | ||
87 | fields_t tmp; | ||
88 | tmp.from_query(sepurl.substr( | ||
89 | q+1, | ||
90 | (p==string::npos)?string::npos:(p-q-q))); | ||
91 | tmp.append_to(f); | ||
92 | url = sepurl.substr(0,(p==string::npos)?q:min(p,q)); | ||
93 | } | ||
94 | } | ||
95 | |||
96 | token_t basic_consumer::acquire_token( | ||
97 | const service_endpoint_t& sep, | ||
98 | const token_t* rt) { | ||
99 | util::curl_pick_t curl = util::curl_t::easy_init(); | ||
100 | CURLcode r; | ||
101 | (r=curl.misc_sets()) | ||
102 | || (r=curl.set_write()); | ||
103 | if(r) | ||
104 | throw exception_curl(OPKELE_CP_ "failed to set basic curly options",r); | ||
105 | http_request_t hr( | ||
106 | (sep.oauth_method==oauth_post_body)?"POST":"GET", | ||
107 | ""); | ||
108 | fields_t uq; | ||
109 | noquerize_url(hr.url,sep.url,uq); | ||
110 | prepare_request(hr,uq,fields_t(),sep,rt); | ||
111 | switch(sep.oauth_method) { | ||
112 | case oauth_auth_header: | ||
113 | throw opkele::not_implemented(OPKELE_CP_ | ||
114 | "auth header for token acquisition isn't (yet?) supported"); | ||
115 | break; | ||
116 | case oauth_post_body: | ||
117 | (r=curl.easy_setopt(CURLOPT_POST,1)) | ||
118 | || (r=curl.easy_setopt(CURLOPT_POSTFIELDS,hr.body.c_str())) | ||
119 | || (r=curl.easy_setopt(CURLOPT_POSTFIELDSIZE,hr.body.size())); | ||
120 | break; | ||
121 | case oauth_url_query: | ||
122 | break; | ||
123 | default: | ||
124 | throw opkele::exception(OPKELE_CP_ /* TODO: specialize */ | ||
125 | "invalid oauth_method for request_token endpoint"); | ||
126 | }; | ||
127 | if(r) | ||
128 | throw exception_curl(OPKELE_CP_ "failed to set curly options",r); | ||
129 | if( (r=curl.easy_setopt(CURLOPT_URL,hr.url.c_str())) ) | ||
130 | throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r); | ||
131 | if( (r=curl.easy_perform()) ) | ||
132 | throw exception_curl(OPKELE_CP_ "failed to perform curly request",r); | ||
133 | token_t rv; | ||
134 | string::size_type p=0; | ||
135 | while(p!=string::npos) { | ||
136 | string::size_type np = curl.response.find('&',p); | ||
137 | string part; | ||
138 | if(np==string::npos) { | ||
139 | part.assign(curl.response.c_str()+p); p = string::npos; | ||
140 | }else{ | ||
141 | part.assign(curl.response,p,np-p); p = np+1; | ||
142 | } | ||
143 | string::size_type eq = part.find('='); | ||
144 | if(eq==string::npos) continue; | ||
145 | string n(part,0,eq); | ||
146 | if(n=="oauth_token") { | ||
147 | if(!rv.key.empty()) /* TODO: specialize */ | ||
148 | throw opkele::exception(OPKELE_CP_ "found oauth_token twice"); | ||
149 | rv.key = util::url_decode(part.substr(eq+1)); | ||
150 | }else if(n=="oauth_token_secret") { | ||
151 | if(!rv.secret.empty()) /* TODO: specialize */ | ||
152 | throw opkele::exception(OPKELE_CP_ "found oauth_secret twice"); | ||
153 | rv.secret = util::url_decode(part.substr(eq+1)); | ||
154 | } | ||
155 | } | ||
156 | return rv; | ||
157 | } | ||
158 | |||
159 | void basic_consumer::prepare_request( | ||
160 | http_request_t& req, | ||
161 | const basic_fields& qf,const basic_fields& pf, | ||
162 | oauth_method_t om,const string& sm, | ||
163 | const token_t *t,const string& realm) { | ||
164 | fields_t op; | ||
165 | op.set_field("oauth_consumer_key",consumer_token.key); | ||
166 | if(t) op.set_field("oauth_token",t->key); | ||
167 | op.set_field("oauth_signature_method",sm); | ||
168 | time_t now; | ||
169 | op.set_field("oauth_timestamp", | ||
170 | util::long_to_string(time(&now))); | ||
171 | op.set_field("oauth_nonce",allocate_nonce(now)); | ||
172 | op.set_field("oauth_version","1.0"); | ||
173 | /* TODO: normalize and strip down url */ | ||
174 | { | ||
175 | fields_t af; /* TODO: optimize, I don't want it to be copied */ | ||
176 | qf.copy_to(af); pf.append_to(af); op.append_to(af); | ||
177 | op.set_field("oauth_signature", signature( | ||
178 | req.method,req.url,af,t) ); | ||
179 | } | ||
180 | req.authorize_header.clear(); | ||
181 | if(om==oauth_auth_header) { | ||
182 | req.authorize_header = "OAuth "; | ||
183 | req.authorize_header += "realm=\""; | ||
184 | req.authorize_header += util::url_encode(realm); | ||
185 | req.authorize_header += '\"'; | ||
186 | for(basic_fields::fields_iterator | ||
187 | i=op.fields_begin(),ie=op.fields_end(); | ||
188 | i!=ie;++i) { | ||
189 | req.authorize_header += ", "; | ||
190 | req.authorize_header += *i; | ||
191 | req.authorize_header += "=\""; | ||
192 | req.authorize_header += util::url_encode(op.get_field(*i)); | ||
193 | req.authorize_header += "\""; | ||
194 | } | ||
195 | req.url = qf.append_query(req.url); | ||
196 | req.body = pf.query_string(); | ||
197 | }else if(om==oauth_post_body) { | ||
198 | assert(req.method=="POST"); | ||
199 | /* TODO: optimize, don't copy it over and over */ | ||
200 | fields_t p; | ||
201 | pf.append_to(p); op.append_to(p); | ||
202 | req.url = qf.append_query(req.url); | ||
203 | req.body = p.query_string(); | ||
204 | }else if(om==oauth_url_query) { | ||
205 | fields_t q; | ||
206 | qf.append_to(q); op.append_to(q); | ||
207 | req.url = q.append_query(req.url); | ||
208 | req.body = pf.query_string(); | ||
209 | }else | ||
210 | throw opkele::exception(OPKELE_CP_ /* TODO: specialize */ | ||
211 | "Unknown oauth method"); | ||
212 | } | ||
213 | |||
214 | void basic_consumer::prepare_request( | ||
215 | http_request_t& req, | ||
216 | const basic_fields& qf,const basic_fields& pf, | ||
217 | const service_endpoint_t& sep, | ||
218 | const token_t *t,const string& realm) { | ||
219 | prepare_request( | ||
220 | req, qf, pf, | ||
221 | sep.oauth_method,sep.signature_method, | ||
222 | t,realm); | ||
223 | } | ||
224 | |||
225 | |||
226 | const basic_provider_endpoints& simple_consumer::get_endpoints() const { | ||
227 | return peps; } | ||
228 | |||
229 | const string simple_consumer::allocate_nonce(time_t ts) { | ||
230 | # ifndef HAVE_LIBUUID | ||
231 | throw opkele::not_implemented(OPKELE_CP_ | ||
232 | "not implemented consumer's allocate_nonce()"); | ||
233 | # else /* HAVE_LIBUUID */ | ||
234 | uuid_t uuid; uuid_generate(uuid); | ||
235 | return util::encode_base64(uuid,sizeof(uuid)); | ||
236 | # endif /* HAVE_LIBUUID */ | ||
237 | } | ||
238 | |||
239 | } | ||
240 | } | ||
diff --git a/test/.gitignore b/test/.gitignore index 3d88495..7b234bd 100644 --- a/test/.gitignore +++ b/test/.gitignore | |||
@@ -1,9 +1,10 @@ | |||
1 | /.deps | 1 | /.deps |
2 | /.libs | 2 | /.libs |
3 | /test | 3 | /test |
4 | *.o | 4 | *.o |
5 | /idiscover | 5 | /idiscover |
6 | /RP.cgi | 6 | /RP.cgi |
7 | /RP-db.cc | 7 | /RP-db.cc |
8 | /OP.cgi | 8 | /OP.cgi |
9 | /OP-db.cc | 9 | /OP-db.cc |
10 | /test-oauth-consumer | ||
diff --git a/test/Makefile.am b/test/Makefile.am index 8fedf48..f0c0ea8 100644 --- a/test/Makefile.am +++ b/test/Makefile.am | |||
@@ -1,51 +1,54 @@ | |||
1 | noinst_PROGRAMS = test idiscover RP.cgi OP.cgi | 1 | noinst_PROGRAMS = test idiscover RP.cgi OP.cgi test-oauth-consumer |
2 | 2 | ||
3 | AM_CPPFLAGS=${CPPFLAGS_DEBUG} | 3 | AM_CPPFLAGS=${CPPFLAGS_DEBUG} |
4 | DEFAULT_INCLUDES = -I${top_builddir} | 4 | DEFAULT_INCLUDES = -I${top_builddir} |
5 | INCLUDES = -I${top_srcdir}/test/ -I${top_builddir}/include/ -I${top_srcdir}/include/ ${KONFORKA_CFLAGS} ${LIBCURL_CPPFLAGS} | 5 | INCLUDES = -I${top_srcdir}/test/ -I${top_builddir}/include/ -I${top_srcdir}/include/ ${KONFORKA_CFLAGS} ${LIBCURL_CPPFLAGS} |
6 | 6 | ||
7 | test_SOURCES = test.cc | 7 | test_SOURCES = test.cc |
8 | test_LDADD = ${top_builddir}/lib/libopkele.la | 8 | test_LDADD = ${top_builddir}/lib/libopkele.la |
9 | 9 | ||
10 | EXTRA_DIST= \ | 10 | EXTRA_DIST= \ |
11 | sqlite.h kingate_openid_message.h \ | 11 | sqlite.h kingate_openid_message.h \ |
12 | RP-db.sql OP-db.sql | 12 | RP-db.sql OP-db.sql |
13 | 13 | ||
14 | idiscover_SOURCES = idiscover.cc | 14 | idiscover_SOURCES = idiscover.cc |
15 | idiscover_LDADD = ${top_builddir}/lib/libopkele.la | 15 | idiscover_LDADD = ${top_builddir}/lib/libopkele.la |
16 | 16 | ||
17 | test_oauth_consumer_SOURCES = test-oauth-consumer.cc | ||
18 | test_oauth_consumer_LDADD = ${top_builddir}/lib/libopkele.la | ||
19 | |||
17 | if HAVE_SQLITE3 | 20 | if HAVE_SQLITE3 |
18 | if HAVE_KINGATE | 21 | if HAVE_UUID |
19 | if HAVE_UUID | 22 | if HAVE_KINGATE |
20 | 23 | ||
21 | RP_cgi_SOURCES = RP.cc | 24 | RP_cgi_SOURCES = RP.cc |
22 | nodist_RP_cgi_SOURCES = RP-db.cc | 25 | nodist_RP_cgi_SOURCES = RP-db.cc |
23 | RP_cgi_LDADD = ${top_builddir}/lib/libopkele.la \ | 26 | RP_cgi_LDADD = ${top_builddir}/lib/libopkele.la \ |
24 | ${SQLITE3_LIBS} ${KINGATE_LIBS} ${UUID_LIBS} | 27 | ${SQLITE3_LIBS} ${KINGATE_LIBS} |
25 | RP_cgi_CFLAGS = ${SQLITE3_CFLAGS} ${KINGATE_CFLAGS} ${UUID_CFLAGS} | 28 | RP_cgi_CFLAGS = ${SQLITE3_CFLAGS} ${KINGATE_CFLAGS} |
26 | 29 | ||
27 | RP-db.cc: RP-db.sql | 30 | RP-db.cc: RP-db.sql |
28 | ( \ | 31 | ( \ |
29 | echo 'const char * __RP_db_bootstrap = ' && \ | 32 | echo 'const char * __RP_db_bootstrap = ' && \ |
30 | sed -e 's/^/"/' -e 's/$$/"/' $< && \ | 33 | sed -e 's/^/"/' -e 's/$$/"/' $< && \ |
31 | echo ';' \ | 34 | echo ';' \ |
32 | ) >$@ | 35 | ) >$@ |
33 | 36 | ||
34 | OP_cgi_SOURCES = OP.cc | 37 | OP_cgi_SOURCES = OP.cc |
35 | nodist_OP_cgi_SOURCES = OP-db.cc | 38 | nodist_OP_cgi_SOURCES = OP-db.cc |
36 | OP_cgi_LDADD = ${RP_cgi_LDADD} | 39 | OP_cgi_LDADD = ${RP_cgi_LDADD} |
37 | OP_cgi_CFLAGS = ${RP_cgi_CFLAGS} | 40 | OP_cgi_CFLAGS = ${RP_cgi_CFLAGS} |
38 | 41 | ||
39 | OP-db.cc: OP-db.sql | 42 | OP-db.cc: OP-db.sql |
40 | ( \ | 43 | ( \ |
41 | echo 'const char * __OP_db_bootstrap = ' && \ | 44 | echo 'const char * __OP_db_bootstrap = ' && \ |
42 | sed -e 's/^/"/' -e 's/$$/"/' $< && \ | 45 | sed -e 's/^/"/' -e 's/$$/"/' $< && \ |
43 | echo ';' \ | 46 | echo ';' \ |
44 | ) >$@ | 47 | ) >$@ |
45 | 48 | ||
46 | clean-local: | 49 | clean-local: |
47 | rm -f RP-db.cc OP-db.cc | 50 | rm -f RP-db.cc OP-db.cc |
48 | 51 | ||
49 | endif #HAVE_UUID | 52 | endif #HAVE_KINGATE |
50 | endif #HAVE_KINGATE | 53 | endif #HAVE_UUID |
51 | endif #HAVE_SQLITE3 | 54 | endif #HAVE_SQLITE3 |
diff --git a/test/test-oauth-consumer.cc b/test/test-oauth-consumer.cc new file mode 100644 index 0000000..3b3ca70 --- a/dev/null +++ b/test/test-oauth-consumer.cc | |||
@@ -0,0 +1,83 @@ | |||
1 | #include <iostream> | ||
2 | #include <cassert> | ||
3 | #include <stdexcept> | ||
4 | using namespace std; | ||
5 | #include <openssl/sha.h> | ||
6 | #include <openssl/evp.h> | ||
7 | #include <openssl/hmac.h> | ||
8 | #include <opkele/exception.h> | ||
9 | #include <opkele/debug.h> | ||
10 | #include <opkele/util.h> | ||
11 | #include <opkele/util-internal.h> | ||
12 | #include <opkele/curl.h> | ||
13 | #include <opkele/oauth/consumer.h> | ||
14 | |||
15 | ostream& operator<<(ostream& o,const opkele::oauth::token_t& t) { | ||
16 | o << "{ key: \"" << t.key << "\", secret: \"" << t.secret <<"\" }"; | ||
17 | return o; | ||
18 | } | ||
19 | |||
20 | int main(int,char**) { | ||
21 | try { | ||
22 | opkele::oauth::simple_consumer sc( | ||
23 | opkele::oauth::simple_provider_endpoints( | ||
24 | "http://term.ie/oauth/example/request_token.php", | ||
25 | "http://term.ie/oauth/example/user_authorization.php", | ||
26 | "http://term.ie/oauth/example/access_token.php", | ||
27 | "HMAC-SHA1", opkele::oauth::oauth_post_body, | ||
28 | opkele::oauth::oauth_auth_header), | ||
29 | opkele::oauth::token_t( "key","secret" ) ); | ||
30 | opkele::oauth::token_t rt = sc.get_request_token(); | ||
31 | cout << "Request token: " << rt << endl; | ||
32 | cout << "Authorize URL: " << sc.get_authorize_url(rt) << endl; | ||
33 | opkele::oauth::token_t at = sc.get_access_token(rt); | ||
34 | cout << "Access token: " << at << endl; | ||
35 | |||
36 | opkele::fields_t test; | ||
37 | test.set_field("foo","bar"); | ||
38 | opkele::util::curl_pick_t curl = opkele::util::curl_t::easy_init(); | ||
39 | opkele::oauth::http_request_t hr("POST", | ||
40 | "http://term.ie/oauth/example/echo_api.php"); | ||
41 | sc.prepare_request(hr, | ||
42 | opkele::fields_t(),test, | ||
43 | opkele::oauth::oauth_auth_header,"HMAC-SHA1", | ||
44 | &at,"realm"); | ||
45 | DOUT_("url: " << hr.url << endl | ||
46 | << "body: " << hr.body << endl | ||
47 | << "header: " << hr.authorize_header); | ||
48 | opkele::util::curl_slist_t rh; | ||
49 | rh.append("Authorization: "+hr.authorize_header); | ||
50 | CURLcode r; | ||
51 | (r=curl.misc_sets()) | ||
52 | || (r=curl.set_write()) | ||
53 | || (r=curl.easy_setopt(CURLOPT_HTTPHEADER,rh) ) | ||
54 | || (r=curl.easy_setopt(CURLOPT_URL,hr.url.c_str())) | ||
55 | || (r=curl.easy_setopt(CURLOPT_POST,1)) | ||
56 | || (r=curl.easy_setopt(CURLOPT_POSTFIELDS,hr.body.c_str())) | ||
57 | || (r=curl.easy_setopt(CURLOPT_POSTFIELDSIZE,hr.body.size())); | ||
58 | if(r) | ||
59 | throw opkele::exception_curl(OPKELE_CP_ "failed to set curly options",r); | ||
60 | if( (r=curl.easy_perform()) ) | ||
61 | throw opkele::exception_curl(OPKELE_CP_ "failed to perform curly request",r); | ||
62 | DOUT_("Response: " << endl << curl.response); | ||
63 | |||
64 | #ifdef OPKELE_HAVE_KONFORKA | ||
65 | }catch(konforka::exception& e) { | ||
66 | cerr | ||
67 | << "oops, caught " << opkele::util::abi_demangle(typeid(e).name()) << endl | ||
68 | << " what: " << e.what() << endl | ||
69 | << " where: " << e.where() << endl; | ||
70 | if(!e._seen.empty()) { | ||
71 | cerr << " seen:" << endl; | ||
72 | for(list<konforka::code_point>::const_iterator | ||
73 | i=e._seen.begin();i!=e._seen.end();++i) { | ||
74 | cerr << " " << i->c_str() << endl; | ||
75 | } | ||
76 | } | ||
77 | #endif | ||
78 | }catch(std::exception& e){ | ||
79 | cerr | ||
80 | << "oops, caught " << opkele::util::abi_demangle(typeid(e).name()) << endl | ||
81 | << " what: " << e.what() << endl; | ||
82 | } | ||
83 | } | ||