basic_RP: add methods for accessing identity information passed from OP.

Signed-off-by: Michael Krelin <hacker@klever.net>

2 files changed, 63 insertions, 2 deletions

diff --git a/include/opkele/basic_rp.h b/include/opkele/basic_rp.h
index d5356aa..d096e0a 100644
--- a/include/opkele/basic_rp.h
+++ b/include/opkele/basic_rp.h
@@ -10,9 +10,45 @@ namespace opkele {
 
     class basic_RP {
         public:
+            /**
+             * Claimed identifier from a parsed id_res message.
+             */
+            string claimed_id;
+            /**
+             * OP-Local identifier from a parsed id_res message.
+             */
+            string identity;
 
             virtual ~basic_RP() { }
 
+            void reset_vars();
+
+            /**
+             * @name Assertion information retrieval
+             * Retrieval of the information passed with openid message
+             * @{
+             */
+            /**
+             * Find out if the assertion is about identity
+             * @return true if so
+             */
+            bool has_identity() const;
+            /**
+             * Get claimed identifier supplied with the request
+             * @return claimed identifier
+             * @throw non_identity if request is not about identity
+             */
+            const string& get_claimed_id() const;
+            /**
+             * Get the identity (OP-Local identifier) confirmed
+             * @return identity
+             * @throw non_identity if request is not about identity
+             */
+            const string& get_identity() const;
+            /**
+             * @}
+             */
+
             /**
              * @name Global persistent store API
              * These are functions related to the associations with OP storage
diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc
index e65d9fb..3357d0b 100644
--- a/lib/basic_rp.cc
+++ b/lib/basic_rp.cc
@@ -8,9 +8,28 @@
 #include <opkele/util.h>
 #include <opkele/util-internal.h>
 #include <opkele/curl.h>
+#include <opkele/debug.h>
 
 namespace opkele {
 
+    void basic_RP::reset_vars() {
+        claimed_id.clear(); identity.clear();
+    }
+
+    const string& basic_RP::get_claimed_id() const {
+        if(claimed_id.empty())
+            throw non_identity(OPKELE_CP_ "attempting to retreive claimed_id of non-identity assertion");
+        assert(!identity.empty());
+        return claimed_id;
+    }
+
+    const string& basic_RP::get_identity() const {
+        if(identity.empty())
+            throw non_identity(OPKELE_CP_ "attempting to retrieve identity of non-identity related assertion");
+        assert(!claimed_id.empty());
+        return identity;
+    }
+
     static void dh_get_secret(
             secret_t& secret, const basic_openid_message& om,
             const char *exp_assoc, const char *exp_sess,
@@ -196,6 +215,7 @@ namespace opkele {
     }
 
     void basic_RP::id_res(const basic_openid_message& om,extension_t *ext) {
+        reset_vars();
         bool o2 = om.has_field("ns")
             && om.get_field("ns")==OIURI_OPENID20;
         if( (!o2) && om.has_field("user_setup_url"))
@@ -271,12 +291,17 @@ namespace opkele {
             }
 
             if(om.has_field("claimed_id")) {
+                claimed_id = om.get_field("claimed_id");
+                identity = om.get_field("identity");
                 verify_OP(
                         om.get_field("op_endpoint"),
-                        om.get_field("claimed_id"),
-                        om.get_field("identity") );
+                        claimed_id, identity );
             }
 
+        }else{
+            claimed_id = get_endpoint().claimed_id;
+            /* TODO: check if this is the identity we asked for */
+            identity = om.get_field("identity");
         }
         if(ext) ext->rp_id_res_hook(om,signeds);
     }