author | Michael Krelin <hacker@klever.net> | 2008-02-08 21:26:55 (UTC) |
---|---|---|
committer | Michael Krelin <hacker@klever.net> | 2008-02-08 21:26:55 (UTC) |
commit | 1a4d8acd92d17ec1363886383bd171eabef2e25e (patch) (unidiff) | |
tree | 7c330603957c5f6eff2bfeaa9155ff5ccb701e82 | |
parent | 2e93c9940944edab87c29a2a13d60090f15fea86 (diff) | |
download | libopkele-1a4d8acd92d17ec1363886383bd171eabef2e25e.zip libopkele-1a4d8acd92d17ec1363886383bd171eabef2e25e.tar.gz libopkele-1a4d8acd92d17ec1363886383bd171eabef2e25e.tar.bz2 |
renamed verify_op to verify_OP
Signed-off-by: Michael Krelin <hacker@klever.net>
-rw-r--r-- | include/opkele/basic_op.h | 2 | ||||
-rw-r--r-- | include/opkele/verify_op.h | 2 | ||||
-rw-r--r-- | lib/verify_op.cc | 2 | ||||
-rw-r--r-- | test/OP.cc | 2 |
4 files changed, 4 insertions, 4 deletions
diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h index 0e3231d..0326508 100644 --- a/include/opkele/basic_op.h +++ b/include/opkele/basic_op.h | |||
@@ -121,129 +121,129 @@ namespace opkele { | |||
121 | */ | 121 | */ |
122 | basic_openid_message& associate( | 122 | basic_openid_message& associate( |
123 | basic_openid_message& oum, | 123 | basic_openid_message& oum, |
124 | const basic_openid_message& inm); | 124 | const basic_openid_message& inm); |
125 | 125 | ||
126 | /** | 126 | /** |
127 | * Parse the checkid_* request. The function parses input message, | 127 | * Parse the checkid_* request. The function parses input message, |
128 | * retrieves the information needed for further processing, | 128 | * retrieves the information needed for further processing, |
129 | * verifies what can be verified at this stage. | 129 | * verifies what can be verified at this stage. |
130 | * @param inm incoming OpenID message | 130 | * @param inm incoming OpenID message |
131 | * @param ext extension/chain of extensions supported | 131 | * @param ext extension/chain of extensions supported |
132 | */ | 132 | */ |
133 | void checkid_(const basic_openid_message& inm,extension_t *ext=0); | 133 | void checkid_(const basic_openid_message& inm,extension_t *ext=0); |
134 | /** | 134 | /** |
135 | * Build and sign a positive assertion message | 135 | * Build and sign a positive assertion message |
136 | * @param om outpu OpenID message | 136 | * @param om outpu OpenID message |
137 | * @param ext extension/chain of extensions supported | 137 | * @param ext extension/chain of extensions supported |
138 | * @return reference to om | 138 | * @return reference to om |
139 | */ | 139 | */ |
140 | basic_openid_message& id_res(basic_openid_message& om, | 140 | basic_openid_message& id_res(basic_openid_message& om, |
141 | extension_t *ext=0); | 141 | extension_t *ext=0); |
142 | /** | 142 | /** |
143 | * Build a 'cancel' negative assertion | 143 | * Build a 'cancel' negative assertion |
144 | * @param om output OpenID message | 144 | * @param om output OpenID message |
145 | * @return reference to om | 145 | * @return reference to om |
146 | */ | 146 | */ |
147 | basic_openid_message& cancel(basic_openid_message& om); | 147 | basic_openid_message& cancel(basic_openid_message& om); |
148 | /** | 148 | /** |
149 | * Build an 'error' reply | 149 | * Build an 'error' reply |
150 | * @param om output OpenID message | 150 | * @param om output OpenID message |
151 | * @param error a human-readable message indicating the cause | 151 | * @param error a human-readable message indicating the cause |
152 | * @param contact contact address for the server administrator (can be empty) | 152 | * @param contact contact address for the server administrator (can be empty) |
153 | * @param reference a reference token (can be empty) | 153 | * @param reference a reference token (can be empty) |
154 | * @return reference to om | 154 | * @return reference to om |
155 | */ | 155 | */ |
156 | basic_openid_message& error(basic_openid_message& om, | 156 | basic_openid_message& error(basic_openid_message& om, |
157 | const string& error,const string& contact, | 157 | const string& error,const string& contact, |
158 | const string& reference ); | 158 | const string& reference ); |
159 | /** | 159 | /** |
160 | * Build a setup_needed reply to checkid_immediate request | 160 | * Build a setup_needed reply to checkid_immediate request |
161 | * @param oum output OpenID message | 161 | * @param oum output OpenID message |
162 | * @param inm incoming OpenID request being processed | 162 | * @param inm incoming OpenID request being processed |
163 | * @return reference to oum | 163 | * @return reference to oum |
164 | */ | 164 | */ |
165 | basic_openid_message& setup_needed( | 165 | basic_openid_message& setup_needed( |
166 | basic_openid_message& oum,const basic_openid_message& inm); | 166 | basic_openid_message& oum,const basic_openid_message& inm); |
167 | 167 | ||
168 | /** | 168 | /** |
169 | * Process check_authentication request | 169 | * Process check_authentication request |
170 | * @param oum output OpenID message | 170 | * @param oum output OpenID message |
171 | * @param inm incoming request | 171 | * @param inm incoming request |
172 | * @return reference to oum | 172 | * @return reference to oum |
173 | */ | 173 | */ |
174 | basic_openid_message& check_authentication( | 174 | basic_openid_message& check_authentication( |
175 | basic_openid_message& oum,const basic_openid_message& inm); | 175 | basic_openid_message& oum,const basic_openid_message& inm); |
176 | /** | 176 | /** |
177 | * @} | 177 | * @} |
178 | */ | 178 | */ |
179 | 179 | ||
180 | /** | 180 | /** |
181 | * Verify return_to url. The default implementation checks whether | 181 | * Verify return_to url. The default implementation checks whether |
182 | * return_to URI matches the realm | 182 | * return_to URI matches the realm |
183 | * @throw bad_realm in case of invalid realm | 183 | * @throw bad_realm in case of invalid realm |
184 | * @throw bad_return_to if return_to doesn't match the realm | 184 | * @throw bad_return_to if return_to doesn't match the realm |
185 | * @see verify_op::verify_return_to() | 185 | * @see verify_OP::verify_return_to() |
186 | */ | 186 | */ |
187 | virtual void verify_return_to(); | 187 | virtual void verify_return_to(); |
188 | 188 | ||
189 | /** | 189 | /** |
190 | * @name Global persistent store API | 190 | * @name Global persistent store API |
191 | * These functions are related to the associations with RPs storage | 191 | * These functions are related to the associations with RPs storage |
192 | * and retrieval and nonce management. | 192 | * and retrieval and nonce management. |
193 | * @{ | 193 | * @{ |
194 | */ | 194 | */ |
195 | /** | 195 | /** |
196 | * Allocate association. | 196 | * Allocate association. |
197 | * @param type association type | 197 | * @param type association type |
198 | * @param kl association key length | 198 | * @param kl association key length |
199 | * @param sl true if the association is stateless | 199 | * @param sl true if the association is stateless |
200 | * @return association object | 200 | * @return association object |
201 | */ | 201 | */ |
202 | virtual assoc_t alloc_assoc(const string& type,size_t kl,bool sl) = 0; | 202 | virtual assoc_t alloc_assoc(const string& type,size_t kl,bool sl) = 0; |
203 | /** | 203 | /** |
204 | * Retrieve valid unexpired association | 204 | * Retrieve valid unexpired association |
205 | * @param handle association handle | 205 | * @param handle association handle |
206 | * @return association object | 206 | * @return association object |
207 | */ | 207 | */ |
208 | virtual assoc_t retrieve_assoc(const string& handle) = 0; | 208 | virtual assoc_t retrieve_assoc(const string& handle) = 0; |
209 | /** | 209 | /** |
210 | * Allocate nonce. | 210 | * Allocate nonce. |
211 | * @param nonce input-output parameter containing timestamp part of | 211 | * @param nonce input-output parameter containing timestamp part of |
212 | * the nonce on input | 212 | * the nonce on input |
213 | * @param sl true if the nonce is | 213 | * @param sl true if the nonce is |
214 | * @return reference to nonce | 214 | * @return reference to nonce |
215 | * @throw failed_lookup if no such valid unexpired association | 215 | * @throw failed_lookup if no such valid unexpired association |
216 | * could be retrieved | 216 | * could be retrieved |
217 | */ | 217 | */ |
218 | virtual string& alloc_nonce(string& nonce) = 0; | 218 | virtual string& alloc_nonce(string& nonce) = 0; |
219 | /** | 219 | /** |
220 | * Check nonce validity | 220 | * Check nonce validity |
221 | * @param nonce nonce to check | 221 | * @param nonce nonce to check |
222 | * @return true if nonce found and isn't yet invalidated | 222 | * @return true if nonce found and isn't yet invalidated |
223 | */ | 223 | */ |
224 | virtual bool check_nonce(const string& nonce) = 0; | 224 | virtual bool check_nonce(const string& nonce) = 0; |
225 | /** | 225 | /** |
226 | * Invalidate nonce | 226 | * Invalidate nonce |
227 | * @param nonce nonce to check | 227 | * @param nonce nonce to check |
228 | */ | 228 | */ |
229 | virtual void invalidate_nonce(const string& nonce) = 0; | 229 | virtual void invalidate_nonce(const string& nonce) = 0; |
230 | /** | 230 | /** |
231 | * @} | 231 | * @} |
232 | */ | 232 | */ |
233 | 233 | ||
234 | /** | 234 | /** |
235 | * @name Site particulars API | 235 | * @name Site particulars API |
236 | * @{ | 236 | * @{ |
237 | */ | 237 | */ |
238 | /** | 238 | /** |
239 | * Query the absolute URL of the op endpoint | 239 | * Query the absolute URL of the op endpoint |
240 | * @return fully qualified url of the OP endpoint | 240 | * @return fully qualified url of the OP endpoint |
241 | */ | 241 | */ |
242 | virtual const string get_op_endpoint() const = 0; | 242 | virtual const string get_op_endpoint() const = 0; |
243 | /** | 243 | /** |
244 | * @} | 244 | * @} |
245 | */ | 245 | */ |
246 | 246 | ||
247 | }; | 247 | }; |
248 | } | 248 | } |
249 | 249 | ||
diff --git a/include/opkele/verify_op.h b/include/opkele/verify_op.h index 6b94240..9e29bac 100644 --- a/include/opkele/verify_op.h +++ b/include/opkele/verify_op.h | |||
@@ -1,26 +1,26 @@ | |||
1 | #ifndef __OPKELE_VERIFY_OP_H | 1 | #ifndef __OPKELE_VERIFY_OP_H |
2 | #define __OPKELE_VERIFY_OP_H | 2 | #define __OPKELE_VERIFY_OP_H |
3 | 3 | ||
4 | #include <opkele/basic_op.h> | 4 | #include <opkele/basic_op.h> |
5 | 5 | ||
6 | namespace opkele { | 6 | namespace opkele { |
7 | 7 | ||
8 | /** | 8 | /** |
9 | * The OP implementation that does discovery verification on RP | 9 | * The OP implementation that does discovery verification on RP |
10 | */ | 10 | */ |
11 | class verify_op : public basic_OP { | 11 | class verify_OP : public basic_OP { |
12 | public: | 12 | public: |
13 | 13 | ||
14 | /** | 14 | /** |
15 | * In addition to basic_OP::verify_return_to() functionality this | 15 | * In addition to basic_OP::verify_return_to() functionality this |
16 | * implementation does the discovery on RP to see if return_to matches | 16 | * implementation does the discovery on RP to see if return_to matches |
17 | * the realm | 17 | * the realm |
18 | * @throw bad_return_to in case we fail to discover corresponding | 18 | * @throw bad_return_to in case we fail to discover corresponding |
19 | * service endpoint | 19 | * service endpoint |
20 | */ | 20 | */ |
21 | void verify_return_to(); | 21 | void verify_return_to(); |
22 | }; | 22 | }; |
23 | 23 | ||
24 | } | 24 | } |
25 | 25 | ||
26 | #endif /* __OPKELE_VERIFY_OP_H */ | 26 | #endif /* __OPKELE_VERIFY_OP_H */ |
diff --git a/lib/verify_op.cc b/lib/verify_op.cc index 0beca2d..ab21b4f 100644 --- a/lib/verify_op.cc +++ b/lib/verify_op.cc | |||
@@ -1,53 +1,53 @@ | |||
1 | #include <opkele/verify_op.h> | 1 | #include <opkele/verify_op.h> |
2 | #include <opkele/discovery.h> | 2 | #include <opkele/discovery.h> |
3 | #include <opkele/exception.h> | 3 | #include <opkele/exception.h> |
4 | #include <opkele/util.h> | 4 | #include <opkele/util.h> |
5 | #include <opkele/uris.h> | 5 | #include <opkele/uris.h> |
6 | 6 | ||
7 | namespace opkele { | 7 | namespace opkele { |
8 | using std::output_iterator_tag; | 8 | using std::output_iterator_tag; |
9 | 9 | ||
10 | class __RP_verifier_good_input : public exception { | 10 | class __RP_verifier_good_input : public exception { |
11 | public: | 11 | public: |
12 | __RP_verifier_good_input(OPKELE_E_PARS) | 12 | __RP_verifier_good_input(OPKELE_E_PARS) |
13 | : exception(OPKELE_E_CONS) { } | 13 | : exception(OPKELE_E_CONS) { } |
14 | }; | 14 | }; |
15 | 15 | ||
16 | class RP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> { | 16 | class RP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> { |
17 | public: | 17 | public: |
18 | int seen; | 18 | int seen; |
19 | const string& return_to; | 19 | const string& return_to; |
20 | 20 | ||
21 | RP_verifier(const string& rt) | 21 | RP_verifier(const string& rt) |
22 | : return_to(rt), seen(0) { } | 22 | : return_to(rt), seen(0) { } |
23 | 23 | ||
24 | RP_verifier& operator*() { return *this; } | 24 | RP_verifier& operator*() { return *this; } |
25 | RP_verifier& operator=(const openid_endpoint_t& oep) { | 25 | RP_verifier& operator=(const openid_endpoint_t& oep) { |
26 | if(util::uri_matches_realm(return_to,oep.uri)) | 26 | if(util::uri_matches_realm(return_to,oep.uri)) |
27 | throw __RP_verifier_good_input(OPKELE_CP_ "Found matching realm"); | 27 | throw __RP_verifier_good_input(OPKELE_CP_ "Found matching realm"); |
28 | return *this; | 28 | return *this; |
29 | } | 29 | } |
30 | 30 | ||
31 | RP_verifier& operator++() { ++seen; return *this; } | 31 | RP_verifier& operator++() { ++seen; return *this; } |
32 | RP_verifier& operator++(int) { +seen; return *this; } | 32 | RP_verifier& operator++(int) { +seen; return *this; } |
33 | }; | 33 | }; |
34 | 34 | ||
35 | void verify_op::verify_return_to() { | 35 | void verify_OP::verify_return_to() { |
36 | basic_OP::verify_return_to(); | 36 | basic_OP::verify_return_to(); |
37 | try { | 37 | try { |
38 | RP_verifier rpv(return_to); | 38 | RP_verifier rpv(return_to); |
39 | string drealm = realm; | 39 | string drealm = realm; |
40 | string::size_type csss = drealm.find("://*."); | 40 | string::size_type csss = drealm.find("://*."); |
41 | if(csss==4 || csss==5) | 41 | if(csss==4 || csss==5) |
42 | drealm.replace(csss+3,1,"www"); | 42 | drealm.replace(csss+3,1,"www"); |
43 | const char *rtt[] = { STURI_OPENID20_RT, 0 }; | 43 | const char *rtt[] = { STURI_OPENID20_RT, 0 }; |
44 | yadiscover(rpv,drealm,rtt,false); | 44 | yadiscover(rpv,drealm,rtt,false); |
45 | if(rpv.seen) | 45 | if(rpv.seen) |
46 | throw bad_return_to(OPKELE_CP_ "return_to URL doesn't match any found while doing discovery on RP"); | 46 | throw bad_return_to(OPKELE_CP_ "return_to URL doesn't match any found while doing discovery on RP"); |
47 | }catch(__RP_verifier_good_input&) { | 47 | }catch(__RP_verifier_good_input&) { |
48 | }catch(bad_return_to& brt) { | 48 | }catch(bad_return_to& brt) { |
49 | throw; | 49 | throw; |
50 | }catch(exception_network&) { } | 50 | }catch(exception_network&) { } |
51 | } | 51 | } |
52 | 52 | ||
53 | } | 53 | } |
@@ -1,119 +1,119 @@ | |||
1 | #include <uuid/uuid.h> | 1 | #include <uuid/uuid.h> |
2 | #include <iostream> | 2 | #include <iostream> |
3 | #include <cassert> | 3 | #include <cassert> |
4 | #include <string> | 4 | #include <string> |
5 | #include <ext/algorithm> | 5 | #include <ext/algorithm> |
6 | using namespace std; | 6 | using namespace std; |
7 | #include <kingate/exception.h> | 7 | #include <kingate/exception.h> |
8 | #include <kingate/plaincgi.h> | 8 | #include <kingate/plaincgi.h> |
9 | #include <kingate/cgi_gateway.h> | 9 | #include <kingate/cgi_gateway.h> |
10 | #include <opkele/exception.h> | 10 | #include <opkele/exception.h> |
11 | #include <opkele/util.h> | 11 | #include <opkele/util.h> |
12 | #include <opkele/uris.h> | 12 | #include <opkele/uris.h> |
13 | #include <opkele/extension.h> | 13 | #include <opkele/extension.h> |
14 | #include <opkele/association.h> | 14 | #include <opkele/association.h> |
15 | #include <opkele/debug.h> | 15 | #include <opkele/debug.h> |
16 | #include <opkele/verify_op.h> | 16 | #include <opkele/verify_op.h> |
17 | #include <opkele/sreg.h> | 17 | #include <opkele/sreg.h> |
18 | 18 | ||
19 | #include "sqlite.h" | 19 | #include "sqlite.h" |
20 | #include "kingate_openid_message.h" | 20 | #include "kingate_openid_message.h" |
21 | 21 | ||
22 | static const string get_self_url(const kingate::cgi_gateway& gw) { | 22 | static const string get_self_url(const kingate::cgi_gateway& gw) { |
23 | bool s = gw.has_meta("SSL_PROTOCOL_VERSION"); | 23 | bool s = gw.has_meta("SSL_PROTOCOL_VERSION"); |
24 | string rv = s?"https://":"http://"; | 24 | string rv = s?"https://":"http://"; |
25 | rv += gw.http_request_header("Host"); | 25 | rv += gw.http_request_header("Host"); |
26 | const string& port = gw.get_meta("SERVER_PORT"); | 26 | const string& port = gw.get_meta("SERVER_PORT"); |
27 | if( port!=(s?"443":"80") ) { | 27 | if( port!=(s?"443":"80") ) { |
28 | rv += ':'; rv += port; | 28 | rv += ':'; rv += port; |
29 | } | 29 | } |
30 | rv += gw.get_meta("REQUEST_URI"); | 30 | rv += gw.get_meta("REQUEST_URI"); |
31 | string::size_type q = rv.find('?'); | 31 | string::size_type q = rv.find('?'); |
32 | if(q!=string::npos) | 32 | if(q!=string::npos) |
33 | rv.erase(q); | 33 | rv.erase(q); |
34 | return rv; | 34 | return rv; |
35 | } | 35 | } |
36 | 36 | ||
37 | class opdb_t : public sqlite3_t { | 37 | class opdb_t : public sqlite3_t { |
38 | public: | 38 | public: |
39 | opdb_t() | 39 | opdb_t() |
40 | : sqlite3_t("/tmp/OP.db") { | 40 | : sqlite3_t("/tmp/OP.db") { |
41 | assert(_D); | 41 | assert(_D); |
42 | char **resp; int nr,nc; char *errm; | 42 | char **resp; int nr,nc; char *errm; |
43 | if(sqlite3_get_table( | 43 | if(sqlite3_get_table( |
44 | _D, "SELECT a_op FROM assoc LIMIT 0", | 44 | _D, "SELECT a_op FROM assoc LIMIT 0", |
45 | &resp,&nr,&nc,&errm)!=SQLITE_OK) { | 45 | &resp,&nr,&nc,&errm)!=SQLITE_OK) { |
46 | extern const char *__OP_db_bootstrap; | 46 | extern const char *__OP_db_bootstrap; |
47 | DOUT_("Bootstrapping DB"); | 47 | DOUT_("Bootstrapping DB"); |
48 | if(sqlite3_exec(_D,__OP_db_bootstrap,NULL,NULL,&errm)!=SQLITE_OK) | 48 | if(sqlite3_exec(_D,__OP_db_bootstrap,NULL,NULL,&errm)!=SQLITE_OK) |
49 | throw opkele::exception(OPKELE_CP_ string("Failed to boostrap SQLite database: ")+errm); | 49 | throw opkele::exception(OPKELE_CP_ string("Failed to boostrap SQLite database: ")+errm); |
50 | }else | 50 | }else |
51 | sqlite3_free_table(resp); | 51 | sqlite3_free_table(resp); |
52 | } | 52 | } |
53 | }; | 53 | }; |
54 | 54 | ||
55 | class example_op_t : public opkele::verify_op { | 55 | class example_op_t : public opkele::verify_OP { |
56 | public: | 56 | public: |
57 | kingate::cgi_gateway& gw; | 57 | kingate::cgi_gateway& gw; |
58 | opdb_t db; | 58 | opdb_t db; |
59 | kingate::cookie htc; | 59 | kingate::cookie htc; |
60 | 60 | ||
61 | 61 | ||
62 | example_op_t(kingate::cgi_gateway& gw) | 62 | example_op_t(kingate::cgi_gateway& gw) |
63 | : gw(gw) { | 63 | : gw(gw) { |
64 | try { | 64 | try { |
65 | htc = gw.cookies.get_cookie("htop_session"); | 65 | htc = gw.cookies.get_cookie("htop_session"); |
66 | sqlite3_mem_t<char*> S = sqlite3_mprintf( | 66 | sqlite3_mem_t<char*> S = sqlite3_mprintf( |
67 | "SELECT 1 FROM ht_sessions WHERE hts_id=%Q", | 67 | "SELECT 1 FROM ht_sessions WHERE hts_id=%Q", |
68 | htc.get_value().c_str()); | 68 | htc.get_value().c_str()); |
69 | sqlite3_table_t T; int nr,nc; | 69 | sqlite3_table_t T; int nr,nc; |
70 | db.get_table(S,T,&nr,&nc); | 70 | db.get_table(S,T,&nr,&nc); |
71 | if(nr<1) | 71 | if(nr<1) |
72 | throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation"); | 72 | throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation"); |
73 | }catch(kingate::exception_notfound& kenf) { | 73 | }catch(kingate::exception_notfound& kenf) { |
74 | uuid_t uuid; uuid_generate(uuid); | 74 | uuid_t uuid; uuid_generate(uuid); |
75 | htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid))); | 75 | htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid))); |
76 | sqlite3_mem_t<char*> S = sqlite3_mprintf( | 76 | sqlite3_mem_t<char*> S = sqlite3_mprintf( |
77 | "INSERT INTO ht_sessions (hts_id) VALUES (%Q)", | 77 | "INSERT INTO ht_sessions (hts_id) VALUES (%Q)", |
78 | htc.get_value().c_str()); | 78 | htc.get_value().c_str()); |
79 | db.exec(S); | 79 | db.exec(S); |
80 | } | 80 | } |
81 | } | 81 | } |
82 | 82 | ||
83 | void set_authorized(bool a) { | 83 | void set_authorized(bool a) { |
84 | sqlite3_mem_t<char*> | 84 | sqlite3_mem_t<char*> |
85 | S = sqlite3_mprintf( | 85 | S = sqlite3_mprintf( |
86 | "UPDATE ht_sessions" | 86 | "UPDATE ht_sessions" |
87 | " SET authorized=%d" | 87 | " SET authorized=%d" |
88 | " WHERE hts_id=%Q", | 88 | " WHERE hts_id=%Q", |
89 | (int)a,htc.get_value().c_str()); | 89 | (int)a,htc.get_value().c_str()); |
90 | db.exec(S); | 90 | db.exec(S); |
91 | } | 91 | } |
92 | bool get_authorized() { | 92 | bool get_authorized() { |
93 | sqlite3_mem_t<char*> | 93 | sqlite3_mem_t<char*> |
94 | S = sqlite3_mprintf( | 94 | S = sqlite3_mprintf( |
95 | "SELECT authorized" | 95 | "SELECT authorized" |
96 | " FROM ht_sessions" | 96 | " FROM ht_sessions" |
97 | " WHERE hts_id=%Q", | 97 | " WHERE hts_id=%Q", |
98 | htc.get_value().c_str()); | 98 | htc.get_value().c_str()); |
99 | sqlite3_table_t T; int nr,nc; | 99 | sqlite3_table_t T; int nr,nc; |
100 | db.get_table(S,T,&nr,&nc); | 100 | db.get_table(S,T,&nr,&nc); |
101 | assert(nr==1); assert(nc=1); | 101 | assert(nr==1); assert(nc=1); |
102 | return opkele::util::string_to_long(T.get(1,0,nc)); | 102 | return opkele::util::string_to_long(T.get(1,0,nc)); |
103 | } | 103 | } |
104 | 104 | ||
105 | ostream& cookie_header(ostream& o) const { | 105 | ostream& cookie_header(ostream& o) const { |
106 | o << "Set-Cookie: " << htc.set_cookie_header() << "\n"; | 106 | o << "Set-Cookie: " << htc.set_cookie_header() << "\n"; |
107 | return o; | 107 | return o; |
108 | } | 108 | } |
109 | 109 | ||
110 | opkele::assoc_t alloc_assoc(const string& type,size_t klength,bool sl) { | 110 | opkele::assoc_t alloc_assoc(const string& type,size_t klength,bool sl) { |
111 | uuid_t uuid; uuid_generate(uuid); | 111 | uuid_t uuid; uuid_generate(uuid); |
112 | string a_handle = opkele::util::encode_base64(uuid,sizeof(uuid)); | 112 | string a_handle = opkele::util::encode_base64(uuid,sizeof(uuid)); |
113 | opkele::secret_t a_secret; | 113 | opkele::secret_t a_secret; |
114 | generate_n( | 114 | generate_n( |
115 | back_insert_iterator<opkele::secret_t>(a_secret),klength, | 115 | back_insert_iterator<opkele::secret_t>(a_secret),klength, |
116 | rand ); | 116 | rand ); |
117 | string ssecret; a_secret.to_base64(ssecret); | 117 | string ssecret; a_secret.to_base64(ssecret); |
118 | time_t now = time(0); | 118 | time_t now = time(0); |
119 | int expires_in = sl?3600*2:3600*24*7*2; | 119 | int expires_in = sl?3600*2:3600*24*7*2; |