author | Michael Krelin <hacker@klever.net> | 2005-07-19 13:08:32 (UTC) |
---|---|---|
committer | Michael Krelin <hacker@klever.net> | 2005-07-19 13:08:32 (UTC) |
commit | 4c82851dd5d5644a89d4f269079bf901f763ee33 (patch) (unidiff) | |
tree | b64c8b3c9a1be88e2a9c3f762272e0b4509ba7d9 /include/opkele | |
parent | 907343b0c973eb295bec8795902a6d49744e9174 (diff) | |
download | libopkele-4c82851dd5d5644a89d4f269079bf901f763ee33.zip libopkele-4c82851dd5d5644a89d4f269079bf901f763ee33.tar.gz libopkele-4c82851dd5d5644a89d4f269079bf901f763ee33.tar.bz2 |
initial commit of libopkele - OpenID support library
-rw-r--r-- | include/opkele/.gitignore | 2 | ||||
-rw-r--r-- | include/opkele/acconfig.h.in | 3 | ||||
-rw-r--r-- | include/opkele/association.h | 89 | ||||
-rw-r--r-- | include/opkele/consumer.h | 135 | ||||
-rw-r--r-- | include/opkele/data.h | 12 | ||||
-rw-r--r-- | include/opkele/exception.h | 206 | ||||
-rw-r--r-- | include/opkele/opkele-config.h | 6 | ||||
-rw-r--r-- | include/opkele/server.h | 95 | ||||
-rw-r--r-- | include/opkele/types.h | 168 | ||||
-rw-r--r-- | include/opkele/util.h | 60 |
10 files changed, 776 insertions, 0 deletions
diff --git a/include/opkele/.gitignore b/include/opkele/.gitignore new file mode 100644 index 0000000..ffa24dc --- a/dev/null +++ b/include/opkele/.gitignore | |||
@@ -0,0 +1,2 @@ | |||
1 | acconfig.h | ||
2 | stamp-h2 | ||
diff --git a/include/opkele/acconfig.h.in b/include/opkele/acconfig.h.in new file mode 100644 index 0000000..d56a1cd --- a/dev/null +++ b/include/opkele/acconfig.h.in | |||
@@ -0,0 +1,3 @@ | |||
1 | |||
2 | /* defined in presence of konforka library */ | ||
3 | #undef OPKELE_HAVE_KONFORKA | ||
diff --git a/include/opkele/association.h b/include/opkele/association.h new file mode 100644 index 0000000..5eb1cc3 --- a/dev/null +++ b/include/opkele/association.h | |||
@@ -0,0 +1,89 @@ | |||
1 | #ifndef __OPKELE_ASSOCIATION_H | ||
2 | #define __OPKELE_ASSOCIATION_H | ||
3 | |||
4 | #include <time.h> | ||
5 | #include <opkele/types.h> | ||
6 | |||
7 | /** | ||
8 | * @file | ||
9 | * @brief reference implementation of association_t | ||
10 | */ | ||
11 | |||
12 | /** | ||
13 | * @brief the main opkele namespace | ||
14 | */ | ||
15 | namespace opkele { | ||
16 | |||
17 | /** | ||
18 | * reference implementation of association_t class. | ||
19 | */ | ||
20 | class association : public association_t { | ||
21 | public: | ||
22 | /** | ||
23 | * OpenID server name | ||
24 | */ | ||
25 | string _server; | ||
26 | /** | ||
27 | * association handle | ||
28 | */ | ||
29 | string _handle; | ||
30 | /** | ||
31 | * association type | ||
32 | */ | ||
33 | string _assoc_type; | ||
34 | /** | ||
35 | * the secret | ||
36 | */ | ||
37 | secret_t _secret; | ||
38 | /** | ||
39 | * expiration time | ||
40 | */ | ||
41 | time_t _expires; | ||
42 | /** | ||
43 | * statelessness of the assoc_handle | ||
44 | */ | ||
45 | bool _stateless; | ||
46 | |||
47 | /** | ||
48 | * @param __server the server name | ||
49 | * @param __handle association handle | ||
50 | * @param __assoc_type association type | ||
51 | * @param __secret the secret | ||
52 | * @param __expires expiration time | ||
53 | * @param __stateless statelessness of the assoc_handle | ||
54 | */ | ||
55 | association(const string& __server, const string& __handle, | ||
56 | const string& __assoc_type, const secret_t& __secret, | ||
57 | time_t __expires, bool __stateless) | ||
58 | : _server(__server), _handle(__handle), _assoc_type(__assoc_type), | ||
59 | _secret(__secret), _expires(__expires), _stateless(__stateless) { } | ||
60 | |||
61 | /** | ||
62 | * @overload association_t::server() | ||
63 | */ | ||
64 | virtual string server() const { return _server; } | ||
65 | /** | ||
66 | * @overload association_t::handle() | ||
67 | */ | ||
68 | virtual string handle() const { return _handle; } | ||
69 | /** | ||
70 | * @overload association_t::assoc_type() | ||
71 | */ | ||
72 | virtual string assoc_type() const { return _assoc_type; } | ||
73 | /** | ||
74 | * @overload association_t::secret() | ||
75 | */ | ||
76 | virtual secret_t secret() const { return _secret; } | ||
77 | /** | ||
78 | * @overload association_t::expires_in() | ||
79 | */ | ||
80 | virtual int expires_in() const { return _expires-time(0); } | ||
81 | /** | ||
82 | * @overload associationn_t::stateless() | ||
83 | */ | ||
84 | virtual bool stateless() const { return _stateless; } | ||
85 | }; | ||
86 | |||
87 | } | ||
88 | |||
89 | #endif /* __OPKELE_ASSOCIATION_H */ | ||
diff --git a/include/opkele/consumer.h b/include/opkele/consumer.h new file mode 100644 index 0000000..b9c29bd --- a/dev/null +++ b/include/opkele/consumer.h | |||
@@ -0,0 +1,135 @@ | |||
1 | #ifndef __OPKELE_CONSUMER_H | ||
2 | #define __OPKELE_CONSUMER_H | ||
3 | |||
4 | #include <opkele/types.h> | ||
5 | |||
6 | /** | ||
7 | * @file | ||
8 | * @brief OpenID consumer-side functionality | ||
9 | */ | ||
10 | |||
11 | /** | ||
12 | * @brief the main opkele namespace | ||
13 | */ | ||
14 | namespace opkele { | ||
15 | |||
16 | /** | ||
17 | * implementation of basic consumer functionality | ||
18 | */ | ||
19 | class consumer_t { | ||
20 | public: | ||
21 | |||
22 | /** | ||
23 | * store association. The function should be overridden in the real | ||
24 | * implementation to provide persistent associations store. | ||
25 | * @param server the OpenID server | ||
26 | * @param handle association handle | ||
27 | * @param secret the secret associated with the server and handle | ||
28 | * @param expires_in the number of seconds until the handle is expired | ||
29 | * @return the auto_ptr<> for the newly allocated association_t object | ||
30 | */ | ||
31 | virtual assoc_t store_assoc(const string& server,const string& handle,const secret_t& secret,int expires_in) = 0; | ||
32 | /** | ||
33 | * retrieve stored association. The function should be overridden | ||
34 | * in the real implementation to provide persistent assocations | ||
35 | * store. | ||
36 | * @param server the OpenID server | ||
37 | * @param handle association handle | ||
38 | * @return the autho_ptr<> for the newly allocated association_t object | ||
39 | * @throw failed_lookup in case of error | ||
40 | */ | ||
41 | virtual assoc_t retrieve_assoc(const string& server,const string& handle) = 0; | ||
42 | /** | ||
43 | * invalidate stored association. The function should be overridden | ||
44 | * in the real implementation of the consumer. | ||
45 | * @param server the OpenID server | ||
46 | * @param handle association handle | ||
47 | */ | ||
48 | virtual void invalidate_assoc(const string& server,const string& handle) = 0; | ||
49 | /** | ||
50 | * retrieve any unexpired association for the server. If the | ||
51 | * function is not overridden in the real implementation, the new | ||
52 | * association will be established for each request. | ||
53 | * @param server the OpenID server | ||
54 | * @return the auto_ptr<> for the newly allocated association_t object | ||
55 | * @throw failed_lookup in case of absence of the handle | ||
56 | */ | ||
57 | virtual assoc_t find_assoc(const string& server); | ||
58 | |||
59 | /** | ||
60 | * retrieve the metainformation contained in link tags from the | ||
61 | * page pointed by url. the function may implement caching of the | ||
62 | * information. | ||
63 | * @param url url to harvest for link tags | ||
64 | * @param server reference to the string object where to put | ||
65 | * openid.server value | ||
66 | * @param delegate reference to the string object where to put the | ||
67 | * openid.delegate value (if any) | ||
68 | */ | ||
69 | virtual void retrieve_links(const string& url,string& server,string& delegate); | ||
70 | |||
71 | /** | ||
72 | * perform the associate request to OpenID server. | ||
73 | * @param server the OpenID server | ||
74 | * @return the auto_ptr<> for the newly allocated association_t | ||
75 | * object, representing established association | ||
76 | * @throw exception in case of error | ||
77 | */ | ||
78 | assoc_t associate(const string& server); | ||
79 | /** | ||
80 | * prepare the parameters for the checkid_immediate | ||
81 | * request. | ||
82 | * @param identity the identity to verify | ||
83 | * @param return_to the return_to url to pass with the request | ||
84 | * @param trust_root the trust root to advertise with the request | ||
85 | * @return the location string | ||
86 | * @throw exception in case of error | ||
87 | */ | ||
88 | string checkid_immediate(const string& identity,const string& return_to,const string& trust_root=""); | ||
89 | /** | ||
90 | * prepare the parameters for the checkid_setup | ||
91 | * request. | ||
92 | * @param identity the identity to verify | ||
93 | * @param return_to the return_to url to pass with the request | ||
94 | * @param trust_root the trust root to advertise with the request | ||
95 | * @return the location string | ||
96 | * @throw exception in case of error | ||
97 | */ | ||
98 | string checkid_setup(const string& identity,const string& return_to,const string& trust_root=""); | ||
99 | /** | ||
100 | * the actual implementation behind checkid_immediate() and | ||
101 | * checkid_setup() functions. | ||
102 | * @param mode checkid_* mode - either mode_checkid_immediate or mode_checkid_setup | ||
103 | * @param identity the identity to verify | ||
104 | * @param return_to the return_to url to pass with the request | ||
105 | * @param trust_root the trust root to advertise with the request | ||
106 | * @return the location string | ||
107 | * @throw exception in case of error | ||
108 | */ | ||
109 | string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root=""); | ||
110 | /** | ||
111 | * verify the id_res response | ||
112 | * @param pin the response parameters | ||
113 | * @param identity the identity being checked (if not specified, extracted | ||
114 | * from the openid.identity parameter | ||
115 | * @throw id_res_mismatch in case of signature | ||
116 | * mismatch | ||
117 | * @throw id_res_setup in case of | ||
118 | * openid.user_setup_url failure (supposedly | ||
119 | * checkid_immediate only) | ||
120 | * @throw id_res_failed in case of failure | ||
121 | * @throw exception in case of other failures | ||
122 | */ | ||
123 | void id_res(const params_t& pin,const string& identity=""); | ||
124 | /** | ||
125 | * perform a check_authentication request. | ||
126 | * @param server the OpenID server | ||
127 | * @param p request parameters | ||
128 | */ | ||
129 | void check_authentication(const string& server,const params_t& p); | ||
130 | |||
131 | }; | ||
132 | |||
133 | } | ||
134 | |||
135 | #endif /* __OPKELE_CONSUMER_H */ | ||
diff --git a/include/opkele/data.h b/include/opkele/data.h new file mode 100644 index 0000000..7fc635b --- a/dev/null +++ b/include/opkele/data.h | |||
@@ -0,0 +1,12 @@ | |||
1 | #ifndef __OPKELE_DATA_H | ||
2 | #define __OPKELE_DATA_H | ||
3 | |||
4 | namespace opkele { | ||
5 | |||
6 | namespace data { | ||
7 | extern const char *_default_p; | ||
8 | extern const char *_default_g; | ||
9 | } | ||
10 | } | ||
11 | |||
12 | #endif /* __OPKELE_DATA_H */ | ||
diff --git a/include/opkele/exception.h b/include/opkele/exception.h new file mode 100644 index 0000000..2ac0661 --- a/dev/null +++ b/include/opkele/exception.h | |||
@@ -0,0 +1,206 @@ | |||
1 | #ifndef __OPKELE_EXCEPTION_H | ||
2 | #define __OPKELE_EXCEPTION_H | ||
3 | |||
4 | /** | ||
5 | * @file | ||
6 | * @brief opkele exceptions | ||
7 | */ | ||
8 | |||
9 | #include <curl/curl.h> | ||
10 | |||
11 | #include <opkele/opkele-config.h> | ||
12 | #ifdef OPKELE_HAVE_KONFORKA | ||
13 | # include <konforka/exception.h> | ||
14 | /** | ||
15 | * the exception parameters declaration | ||
16 | */ | ||
17 | # define OPKELE_E_PARS const string& fi,const string&fu,int l,const string& w | ||
18 | /** | ||
19 | * the exception parameters list to pass to constructor | ||
20 | */ | ||
21 | # define OPKELE_E_CONS_ fi,fu,l, | ||
22 | /** | ||
23 | * the exception codepoint specification | ||
24 | */ | ||
25 | # define OPKELE_CP_ CODEPOINT, | ||
26 | /** | ||
27 | * the simple rethrow of konforka-based exception | ||
28 | */ | ||
29 | # define OPKELE_RETHROW catch(konforka::exception& e) { e.see(CODEPOINT); throw } | ||
30 | #else /* OPKELE_HAVE_KONFORKA */ | ||
31 | # include <stdexcept> | ||
32 | /** | ||
33 | * the exception parameter declaration | ||
34 | */ | ||
35 | # define OPKELE_E_PARS const string& w | ||
36 | /** | ||
37 | * the dummy prefix for exception parameters list to prepend in the absence of | ||
38 | * konforka library | ||
39 | */ | ||
40 | # define OPKELE_E_CONS_ | ||
41 | /** | ||
42 | * the dummy placeholder for konforka exception codepoint specification | ||
43 | */ | ||
44 | # define OPKELE_CP_ | ||
45 | /** | ||
46 | * the dummy define for the konforka-based rethrow of exception | ||
47 | */ | ||
48 | # define OPKELE_RETHROW | ||
49 | #endif /* OPKELE_HAVE_KONFORKA */ | ||
50 | /** | ||
51 | * the exception parameters list to pass to constructor | ||
52 | */ | ||
53 | # define OPKELE_E_CONS OPKELE_E_CONS_ w | ||
54 | |||
55 | /* | ||
56 | * @brief the main opkele namespace | ||
57 | */ | ||
58 | namespace opkele { | ||
59 | using std::string; | ||
60 | |||
61 | /** | ||
62 | * the base opkele exception class | ||
63 | */ | ||
64 | class exception : public | ||
65 | # ifdef OPKELE_HAVE_KONFORKA | ||
66 | konforka::exception | ||
67 | # else | ||
68 | std::exception | ||
69 | # endif | ||
70 | { | ||
71 | public: | ||
72 | # ifdef OPKELE_HAVE_KONFORKA | ||
73 | explicit | ||
74 | exception(const string& fi,const string& fu,int l,const string& w) | ||
75 | : konforka::exception(fi,fu,l,w) { } | ||
76 | # else /* OPKELE_HAVE_KONFORKA */ | ||
77 | explicit | ||
78 | exception(const string& w) | ||
79 | : std::exception(w) { } | ||
80 | # endif /* OPKELE_HAVE_KONFORKA */ | ||
81 | }; | ||
82 | |||
83 | /** | ||
84 | * thrown in case of failed conversion | ||
85 | */ | ||
86 | class failed_conversion : public exception { | ||
87 | public: | ||
88 | failed_conversion(OPKELE_E_PARS) | ||
89 | : exception(OPKELE_E_CONS) { } | ||
90 | }; | ||
91 | /** | ||
92 | * thrown in case of failed lookup (either parameter or persistent store) | ||
93 | */ | ||
94 | class failed_lookup : public exception { | ||
95 | public: | ||
96 | failed_lookup(OPKELE_E_PARS) | ||
97 | : exception(OPKELE_E_CONS) { } | ||
98 | }; | ||
99 | /** | ||
100 | * thrown in case of bad input (either local or network) | ||
101 | */ | ||
102 | class bad_input : public exception { | ||
103 | public: | ||
104 | bad_input(OPKELE_E_PARS) | ||
105 | : exception(OPKELE_E_CONS) { } | ||
106 | }; | ||
107 | |||
108 | /** | ||
109 | * thrown on failed assertion | ||
110 | */ | ||
111 | class failed_assertion : public exception { | ||
112 | public: | ||
113 | failed_assertion(OPKELE_E_PARS) | ||
114 | : exception(OPKELE_E_CONS) { } | ||
115 | }; | ||
116 | |||
117 | /** | ||
118 | * thrown if the handle being retrieved is invalid | ||
119 | */ | ||
120 | class invalid_handle : public exception { | ||
121 | public: | ||
122 | invalid_handle(OPKELE_E_PARS) | ||
123 | : exception(OPKELE_E_CONS) { } | ||
124 | }; | ||
125 | /** | ||
126 | * thrown if the handle passed to check_authentication request is not | ||
127 | * stateless | ||
128 | */ | ||
129 | class stateful_handle : public exception { | ||
130 | public: | ||
131 | stateful_handle(OPKELE_E_PARS) | ||
132 | : exception(OPKELE_E_CONS) { } | ||
133 | }; | ||
134 | |||
135 | /** | ||
136 | * thrown if check_authentication request fails | ||
137 | */ | ||
138 | class failed_check_authentication : public exception { | ||
139 | public: | ||
140 | failed_check_authentication(OPKELE_E_PARS) | ||
141 | : exception(OPKELE_E_CONS) { } | ||
142 | }; | ||
143 | |||
144 | /** | ||
145 | * thrown if the id_res request result is negative | ||
146 | */ | ||
147 | class id_res_failed : public exception { | ||
148 | public: | ||
149 | id_res_failed(OPKELE_E_PARS) | ||
150 | : exception(OPKELE_E_CONS) { } | ||
151 | }; | ||
152 | /** | ||
153 | * thrown if the user_setup_url is provided with negative response | ||
154 | */ | ||
155 | class id_res_setup : public id_res_failed { | ||
156 | public: | ||
157 | string setup_url; | ||
158 | id_res_setup(OPKELE_E_PARS,const string& su) | ||
159 | : id_res_failed(OPKELE_E_CONS), setup_url(su) { } | ||
160 | ~id_res_setup() throw() { } | ||
161 | }; | ||
162 | /** | ||
163 | * thrown in case of signature mismatch | ||
164 | */ | ||
165 | class id_res_mismatch : public id_res_failed { | ||
166 | public: | ||
167 | id_res_mismatch(OPKELE_E_PARS) | ||
168 | : id_res_failed(OPKELE_E_CONS) { } | ||
169 | }; | ||
170 | |||
171 | /** | ||
172 | * openssl malfunction occured | ||
173 | */ | ||
174 | class exception_openssl : public exception { | ||
175 | public: | ||
176 | unsigned long _error; | ||
177 | string _ssl_string; | ||
178 | exception_openssl(OPKELE_E_PARS); | ||
179 | ~exception_openssl() throw() { } | ||
180 | }; | ||
181 | |||
182 | /** | ||
183 | * network operation related error occured | ||
184 | */ | ||
185 | class exception_network : public exception { | ||
186 | public: | ||
187 | exception_network(OPKELE_E_PARS) | ||
188 | : exception(OPKELE_E_CONS) { } | ||
189 | }; | ||
190 | |||
191 | /** | ||
192 | * network operation related error occured, specifically, related to | ||
193 | * libcurl | ||
194 | */ | ||
195 | class exception_curl : public exception_network { | ||
196 | public: | ||
197 | CURLcode _error; | ||
198 | string _curl_string; | ||
199 | exception_curl(OPKELE_E_PARS); | ||
200 | exception_curl(OPKELE_E_PARS,CURLcode e); | ||
201 | ~exception_curl() throw() { } | ||
202 | }; | ||
203 | |||
204 | } | ||
205 | |||
206 | #endif /* __OPKELE_EXCEPTION_H */ | ||
diff --git a/include/opkele/opkele-config.h b/include/opkele/opkele-config.h new file mode 100644 index 0000000..70c2d26 --- a/dev/null +++ b/include/opkele/opkele-config.h | |||
@@ -0,0 +1,6 @@ | |||
1 | #ifndef __OPKELE_OPKELE_CONFIG_H | ||
2 | #define __OPKELE_OPKELE_CONFIG_H | ||
3 | |||
4 | #include "opkele/acconfig.h" | ||
5 | |||
6 | #endif /* __OPKELE_OPKELE_CONFIG_H */ | ||
diff --git a/include/opkele/server.h b/include/opkele/server.h new file mode 100644 index 0000000..fe07448 --- a/dev/null +++ b/include/opkele/server.h | |||
@@ -0,0 +1,95 @@ | |||
1 | #ifndef __OPKELE_SERVER_H | ||
2 | #define __OPKELE_SERVER_H | ||
3 | |||
4 | /** | ||
5 | * @file | ||
6 | * @brief OpenID server-side functionality | ||
7 | */ | ||
8 | |||
9 | #include <opkele/types.h> | ||
10 | |||
11 | /** | ||
12 | * @brief the main opkele namespace | ||
13 | */ | ||
14 | namespace opkele { | ||
15 | |||
16 | /** | ||
17 | * implementation of basic server functionality | ||
18 | */ | ||
19 | class server_t { | ||
20 | public: | ||
21 | |||
22 | /** | ||
23 | * allocate the new association. The function should be overridden | ||
24 | * in the real implementation to provide persistent assocations | ||
25 | * store. | ||
26 | * @param mode the mode of request being processed to base the | ||
27 | * statelessness of the association upon | ||
28 | * @return the auto_ptr<> for the newly allocated association_t object | ||
29 | */ | ||
30 | virtual assoc_t alloc_assoc(mode_t mode) = 0; | ||
31 | /** | ||
32 | * retrieve the association. The function should be overridden in | ||
33 | * the reqal implementation to provide persistent assocations | ||
34 | * store. | ||
35 | * @param h association handle | ||
36 | * @return the auto_ptr<> for the newly allocated association_t object | ||
37 | * @throw failed_lookup in case of failure | ||
38 | */ | ||
39 | virtual assoc_t retrieve_assoc(const string& h) = 0; | ||
40 | |||
41 | /** | ||
42 | * validate the identity. | ||
43 | * @param assoc association object | ||
44 | * @param pin incoming request parameters | ||
45 | * @param identity being verified | ||
46 | * @param trust_root presented in the request | ||
47 | * @throw exception if identity can not be confirmed | ||
48 | */ | ||
49 | virtual void validate(const association_t& assoc,const params_t& pin,const string& identity,const string& trust_root) = 0; | ||
50 | |||
51 | |||
52 | /** | ||
53 | * process the associate request. | ||
54 | * @param pin the incoming request parameters | ||
55 | * @param pout the store for the response parameters | ||
56 | */ | ||
57 | void associate(const params_t& pin,params_t& pout); | ||
58 | /** | ||
59 | * process the checkid_immediate request. | ||
60 | * @param pin the incoming request parameters | ||
61 | * @param return_to reference to the object to store return_to url to | ||
62 | * @param pout the response parameters | ||
63 | * @throw exception in case of errors or negative reply | ||
64 | */ | ||
65 | void checkid_immediate(const params_t& pin,string& return_to,params_t& pout); | ||
66 | /** | ||
67 | * process the checkid_setup request. | ||
68 | * @param pin the incoming request parameters | ||
69 | * @param return_to reference to the object to store return_to url to | ||
70 | * @param pout the response parameters | ||
71 | * @throw exception in case of errors or negative reply | ||
72 | */ | ||
73 | void checkid_setup(const params_t& pin,string& return_to,params_t& pout); | ||
74 | /** | ||
75 | * the actual functionality behind checkid_immediate() and | ||
76 | * checkid_setup() | ||
77 | * @param mode the request being processed (either | ||
78 | * mode_checkid_immediate or mode_checkid_setup) | ||
79 | * @param pin the incoming request parameters | ||
80 | * @param return_to reference to the object to store return_to url to | ||
81 | * @param pout the response parameters | ||
82 | * @throw exception in case of errors or negative reply | ||
83 | */ | ||
84 | void checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout); | ||
85 | /** | ||
86 | * process the check_authentication request. | ||
87 | * @param pin incoming request parameters | ||
88 | * @param pout response parameters | ||
89 | */ | ||
90 | void check_authentication(const params_t& pin,params_t& pout); | ||
91 | }; | ||
92 | |||
93 | } | ||
94 | |||
95 | #endif /* __OPKELE_SERVER_H */ | ||
diff --git a/include/opkele/types.h b/include/opkele/types.h new file mode 100644 index 0000000..ba06776 --- a/dev/null +++ b/include/opkele/types.h | |||
@@ -0,0 +1,168 @@ | |||
1 | #ifndef __OPKELE_TYPES_H | ||
2 | #define __OPKELE_TYPES_H | ||
3 | |||
4 | /** | ||
5 | * @file | ||
6 | * @brief various types declarations | ||
7 | */ | ||
8 | |||
9 | #include <ostream> | ||
10 | #include <vector> | ||
11 | #include <string> | ||
12 | #include <map> | ||
13 | #include <memory> | ||
14 | |||
15 | /** | ||
16 | * @brief the main opkele namespace | ||
17 | */ | ||
18 | namespace opkele { | ||
19 | using std::vector; | ||
20 | using std::string; | ||
21 | using std::map; | ||
22 | using std::ostream; | ||
23 | using std::auto_ptr; | ||
24 | |||
25 | /** | ||
26 | * the OpenID operation mode | ||
27 | */ | ||
28 | typedef enum _mode_t { | ||
29 | mode_associate, | ||
30 | mode_checkid_immediate, | ||
31 | mode_checkid_setup, | ||
32 | mode_check_association | ||
33 | } mode_t; | ||
34 | |||
35 | /** | ||
36 | * the association secret container | ||
37 | */ | ||
38 | class secret_t : public vector<unsigned char> { | ||
39 | public: | ||
40 | |||
41 | /** | ||
42 | * xor the secret and hmac together and encode, using base64 | ||
43 | * @param key_sha1 pointer to the sha1 digest | ||
44 | * @param rv reference to the return value | ||
45 | */ | ||
46 | void enxor_to_base64(const unsigned char *key_sha1,string& rv) const; | ||
47 | /** | ||
48 | * decode base64-encoded secret and xor it with the sha1 digest | ||
49 | * @param key_sha1 pointer to the message digest | ||
50 | * @param b64 base64-encoded secret value | ||
51 | */ | ||
52 | void enxor_from_base64(const unsigned char *key_sha1,const string& b64); | ||
53 | /** | ||
54 | * plainly encode to base64 representation | ||
55 | * @param rv reference to the return value | ||
56 | */ | ||
57 | void to_base64(string& rv) const; | ||
58 | /** | ||
59 | * decode cleartext secret from base64 | ||
60 | * @param b64 base64-encoded representation of the secret value | ||
61 | */ | ||
62 | void from_base64(const string& b64); | ||
63 | }; | ||
64 | |||
65 | /** | ||
66 | * Interface to the association. | ||
67 | */ | ||
68 | class association_t { | ||
69 | public: | ||
70 | |||
71 | /** | ||
72 | * retrieve the server with which association was established. | ||
73 | * @return server name | ||
74 | */ | ||
75 | virtual string server() const = 0; | ||
76 | /** | ||
77 | * retrieve the association handle. | ||
78 | * @return handle | ||
79 | */ | ||
80 | virtual string handle() const = 0; | ||
81 | /** | ||
82 | * retrieve the association type. | ||
83 | * @return association type | ||
84 | */ | ||
85 | virtual string assoc_type() const = 0; | ||
86 | /** | ||
87 | * retrieve the association secret. | ||
88 | * @return association secret | ||
89 | */ | ||
90 | virtual secret_t secret() const = 0; | ||
91 | /** | ||
92 | * retrieve the number of seconds the association expires in. | ||
93 | * @return seconds till expiration | ||
94 | */ | ||
95 | virtual int expires_in() const = 0; | ||
96 | /** | ||
97 | * check whether the association is stateless. | ||
98 | * @return true if stateless | ||
99 | */ | ||
100 | virtual bool stateless() const = 0; | ||
101 | }; | ||
102 | |||
103 | /** | ||
104 | * the auto_ptr<> for association_t object type | ||
105 | */ | ||
106 | typedef auto_ptr<association_t> assoc_t; | ||
107 | |||
108 | /** | ||
109 | * request/response parameters map | ||
110 | */ | ||
111 | class params_t : public map<string,string> { | ||
112 | public: | ||
113 | |||
114 | /** | ||
115 | * check whether the parameter is present. | ||
116 | * @param n the parameter name | ||
117 | * @return true if yes | ||
118 | */ | ||
119 | bool has_param(const string& n) const; | ||
120 | /** | ||
121 | * retrieve the parameter (const version) | ||
122 | * @param n the parameter name | ||
123 | * @return the parameter value | ||
124 | * @throw failed_lookup if there is no such parameter | ||
125 | */ | ||
126 | const string& get_param(const string& n) const; | ||
127 | /** | ||
128 | * retrieve the parameter. | ||
129 | * @param n the parameter name | ||
130 | * @return the parameter value | ||
131 | * @throw failed_lookup if there is no such parameter | ||
132 | */ | ||
133 | string& get_param(const string& n); | ||
134 | |||
135 | /** | ||
136 | * parse the OpenID key/value data. | ||
137 | * @param kv the OpenID key/value data | ||
138 | */ | ||
139 | void parse_keyvalues(const string& kv); | ||
140 | /** | ||
141 | * sign the fields. | ||
142 | * @param secret the secret used for signing | ||
143 | * @param sig reference to the string, containing base64-encoded | ||
144 | * result | ||
145 | * @param slist the comma-separated list of fields to sign | ||
146 | * @param prefix the string to prepend to parameter names | ||
147 | */ | ||
148 | void sign(secret_t secret,string& sig,const string& slist,const char *prefix=0) const; | ||
149 | |||
150 | /** | ||
151 | * append parameters to the URL as a GET-request parameters. | ||
152 | * @param url the base URL | ||
153 | * @param prefix the string to prepend to parameter names | ||
154 | * @return the ready-to-use location | ||
155 | */ | ||
156 | string append_query(const string& url,const char *prefix = "openid.") const; | ||
157 | }; | ||
158 | |||
159 | /** | ||
160 | * dump the key/value pairs for the parameters to the stream. | ||
161 | * @param o output stream | ||
162 | * @param p the parameters | ||
163 | */ | ||
164 | ostream& operator << (ostream& o,const params_t& p); | ||
165 | |||
166 | } | ||
167 | |||
168 | #endif /* __OPKELE_TYPES_H */ | ||
diff --git a/include/opkele/util.h b/include/opkele/util.h new file mode 100644 index 0000000..fbbef93 --- a/dev/null +++ b/include/opkele/util.h | |||
@@ -0,0 +1,60 @@ | |||
1 | #ifndef __OPKELE_UTIL_H | ||
2 | #define __OPKELE_UTIL_H | ||
3 | |||
4 | #include <time.h> | ||
5 | #include <string> | ||
6 | #include <openssl/bn.h> | ||
7 | #include <openssl/dh.h> | ||
8 | |||
9 | namespace opkele { | ||
10 | using std::string; | ||
11 | |||
12 | namespace util { | ||
13 | |||
14 | class bignum_t { | ||
15 | public: | ||
16 | BIGNUM *_bn; | ||
17 | |||
18 | bignum_t() : _bn(0) { } | ||
19 | bignum_t(BIGNUM *bn) : _bn(bn) { } | ||
20 | ~bignum_t() throw() { if(_bn) BN_free(_bn); } | ||
21 | |||
22 | bignum_t& operator=(BIGNUM *bn) { if(_bn) BN_free(_bn); _bn = bn; return *this; } | ||
23 | |||
24 | operator const BIGNUM*(void) const { return _bn; } | ||
25 | operator BIGNUM*(void) { return _bn; } | ||
26 | }; | ||
27 | class dh_t { | ||
28 | public: | ||
29 | DH *_dh; | ||
30 | |||
31 | dh_t() : _dh(0) { } | ||
32 | dh_t(DH *dh) : _dh(dh) { } | ||
33 | ~dh_t() throw() { if(_dh) DH_free(_dh); } | ||
34 | |||
35 | dh_t& operator=(DH *dh) { if(_dh) DH_free(_dh); _dh = dh; return *this; } | ||
36 | |||
37 | operator const DH*(void) const { return _dh; } | ||
38 | operator DH*(void) { return _dh; } | ||
39 | |||
40 | DH* operator->() { return _dh; } | ||
41 | const DH* operator->() const { return _dh; } | ||
42 | }; | ||
43 | |||
44 | BIGNUM *base64_to_bignum(const string& b64); | ||
45 | BIGNUM *dec_to_bignum(const string& dec); | ||
46 | string bignum_to_base64(const BIGNUM *bn); | ||
47 | |||
48 | string time_to_w3c(time_t t); | ||
49 | time_t w3c_to_time(const string& w); | ||
50 | |||
51 | string canonicalize_url(const string& url); | ||
52 | string url_encode(const string& str); | ||
53 | |||
54 | string long_to_string(long l); | ||
55 | long string_to_long(const string& s); | ||
56 | } | ||
57 | |||
58 | } | ||
59 | |||
60 | #endif /* __OPKELE_UTIL_H */ | ||