| author | Michael Krelin <hacker@klever.net> | 2007-01-11 00:57:06 (UTC) |
|---|---|---|
| committer | Michael Krelin <hacker@klever.net> | 2007-01-11 00:57:06 (UTC) |
| commit | 06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9 (patch) (side-by-side diff) | |
| tree | ef978c5d86188d2fc4c7e98a921804d7bfeb5557 /include/opkele | |
| parent | 100199abfdf7a353f9ba2aa9618e0711213290d3 (diff) | |
| download | libopkele-06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9.zip libopkele-06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9.tar.gz libopkele-06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9.tar.bz2 | |
introduced extension hooks framework
| -rw-r--r-- | include/opkele/consumer.h | 25 | ||||
| -rw-r--r-- | include/opkele/exception.h | 10 | ||||
| -rw-r--r-- | include/opkele/extension.h | 59 | ||||
| -rw-r--r-- | include/opkele/server.h | 10 |
4 files changed, 90 insertions, 14 deletions
diff --git a/include/opkele/consumer.h b/include/opkele/consumer.h index 9932315..f9939cf 100644 --- a/include/opkele/consumer.h +++ b/include/opkele/consumer.h @@ -1,142 +1,145 @@ #ifndef __OPKELE_CONSUMER_H #define __OPKELE_CONSUMER_H #include <opkele/types.h> +#include <opkele/extension.h> /** * @file * @brief OpenID consumer-side functionality */ /** * @brief the main opkele namespace */ namespace opkele { /** * implementation of basic consumer functionality */ class consumer_t { public: /** * store association. The function should be overridden in the real * implementation to provide persistent associations store. * @param server the OpenID server * @param handle association handle * @param secret the secret associated with the server and handle * @param expires_in the number of seconds until the handle is expired * @return the auto_ptr<> for the newly allocated association_t object */ virtual assoc_t store_assoc(const string& server,const string& handle,const secret_t& secret,int expires_in) = 0; /** * retrieve stored association. The function should be overridden * in the real implementation to provide persistent assocations * store. * @param server the OpenID server * @param handle association handle * @return the autho_ptr<> for the newly allocated association_t object * @throw failed_lookup in case of error */ virtual assoc_t retrieve_assoc(const string& server,const string& handle) = 0; /** * invalidate stored association. The function should be overridden * in the real implementation of the consumer. * @param server the OpenID server * @param handle association handle */ virtual void invalidate_assoc(const string& server,const string& handle) = 0; /** * retrieve any unexpired association for the server. If the * function is not overridden in the real implementation, the new * association will be established for each request. * @param server the OpenID server * @return the auto_ptr<> for the newly allocated association_t object * @throw failed_lookup in case of absence of the handle */ virtual assoc_t find_assoc(const string& server); /** * retrieve the metainformation contained in link tags from the * page pointed by url. the function may implement caching of the * information. * @param url url to harvest for link tags * @param server reference to the string object where to put * openid.server value * @param delegate reference to the string object where to put the * openid.delegate value (if any) */ virtual void retrieve_links(const string& url,string& server,string& delegate); /** * perform the associate request to OpenID server. * @param server the OpenID server * @return the auto_ptr<> for the newly allocated association_t * object, representing established association * @throw exception in case of error */ assoc_t associate(const string& server); /** * prepare the parameters for the checkid_immediate * request. * @param identity the identity to verify * @param return_to the return_to url to pass with the request * @param trust_root the trust root to advertise with the request + * @param ext pointer to an extension(s) hooks object * @return the location string * @throw exception in case of error */ - string checkid_immediate(const string& identity,const string& return_to,const string& trust_root=""); + string checkid_immediate(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); /** * prepare the parameters for the checkid_setup * request. * @param identity the identity to verify * @param return_to the return_to url to pass with the request * @param trust_root the trust root to advertise with the request + * @param ext pointer to an extension(s) hooks object * @return the location string * @throw exception in case of error */ - string checkid_setup(const string& identity,const string& return_to,const string& trust_root=""); + string checkid_setup(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); /** * the actual implementation behind checkid_immediate() and * checkid_setup() functions. * @param mode checkid_* mode - either mode_checkid_immediate or mode_checkid_setup * @param identity the identity to verify * @param return_to the return_to url to pass with the request * @param trust_root the trust root to advertise with the request + * @param ext pointer to an extension(s) hooks object * @return the location string * @throw exception in case of error */ - string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root=""); + string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); /** * verify the id_res response * @param pin the response parameters - * @param identity the identity being checked (if not specified, extracted - * from the openid.identity parameter - * @throw id_res_mismatch in case of signature - * mismatch - * @throw id_res_setup in case of - * openid.user_setup_url failure (supposedly - * checkid_immediate only) + * @param identity the identity being checked (if not specified, + * @param ext pointer to an extension(s) hooks object + * extracted from the openid.identity parameter + * @throw id_res_mismatch in case of signature mismatch + * @throw id_res_setup in case of openid.user_setup_url failure + * (supposedly checkid_immediate only) * @throw id_res_failed in case of failure * @throw exception in case of other failures */ - void id_res(const params_t& pin,const string& identity=""); + void id_res(const params_t& pin,const string& identity="",extension_t *ext=0); /** * perform a check_authentication request. * @param server the OpenID server * @param p request parameters */ void check_authentication(const string& server,const params_t& p); /** * make URL canonical, by adding http:// and trailing slash, if needed. * @param url * @return canonicalized url */ static string canonicalize(const string& url); }; } #endif /* __OPKELE_CONSUMER_H */ diff --git a/include/opkele/exception.h b/include/opkele/exception.h index c5f5811..9fc9bd3 100644 --- a/include/opkele/exception.h +++ b/include/opkele/exception.h @@ -144,67 +144,77 @@ namespace opkele { failed_check_authentication(OPKELE_E_PARS) : exception(OPKELE_E_CONS) { } }; /** * thrown if the id_res request result is negative */ class id_res_failed : public exception { public: id_res_failed(OPKELE_E_PARS) : exception(OPKELE_E_CONS) { } }; /** * thrown if the user_setup_url is provided with negative response */ class id_res_setup : public id_res_failed { public: string setup_url; id_res_setup(OPKELE_E_PARS,const string& su) : id_res_failed(OPKELE_E_CONS), setup_url(su) { } ~id_res_setup() throw() { } }; /** * thrown in case of signature mismatch */ class id_res_mismatch : public id_res_failed { public: id_res_mismatch(OPKELE_E_PARS) : id_res_failed(OPKELE_E_CONS) { } }; /** * openssl malfunction occured */ class exception_openssl : public exception { public: unsigned long _error; string _ssl_string; exception_openssl(OPKELE_E_PARS); ~exception_openssl() throw() { } }; /** * network operation related error occured */ class exception_network : public exception { public: exception_network(OPKELE_E_PARS) : exception(OPKELE_E_CONS) { } }; /** * network operation related error occured, specifically, related to * libcurl */ class exception_curl : public exception_network { public: CURLcode _error; string _curl_string; exception_curl(OPKELE_E_PARS); exception_curl(OPKELE_E_PARS,CURLcode e); ~exception_curl() throw() { } }; + /** + * not implemented (think pure virtual) member function executed, signfies + * programmer error + */ + class not_implemented : public exception { + public: + not_implemented(OPKELE_E_PARS) + : exception(OPKELE_E_CONS) { } + }; + } #endif /* __OPKELE_EXCEPTION_H */ diff --git a/include/opkele/extension.h b/include/opkele/extension.h new file mode 100644 index 0000000..3fb5f6e --- a/dev/null +++ b/include/opkele/extension.h @@ -0,0 +1,59 @@ +#ifndef __OPKELE_EXTENSIONS_H +#define __OPKELE_EXTENSIONS_H + +/** + * @file + * @brief extensions framework basics + */ + +#include <opkele/types.h> + +/** + * @brief the main opkele namespace + */ +namespace opkele { + + /** + * OpenID consumer extension hooks base class + */ + class extension_t { + public: + /** + * hook called by consumer before submitting data to OpenID server. + * It is supposed to manipulate parameters list. + * @param p parameters about to be submitted to server + * @param identity identity being verified. It may differ from the + * one available in parameters list in case of delegation + */ + virtual void checkid_hook(params_t& p,const string& identity); + /** + * hook called by consumer after identity information received from + * OpenID server is verified. + * @param p parameters received from server + * @param sp signed parameters received from server with 'openid.' + * leader stripped + * @param identity identity confirmed. May differ from the one + * available in parameters list in case of delegation. May also be + * empty which means - extract one from parameters + */ + virtual void id_res_hook(const params_t& p,const params_t& sp,const string& identity); + + /** + * hook called by server before returning information to consumer. + * The hook may manipulate output parameters. It is important to + * note that modified pout["signed"] is used for signing response. + * @param pin request parameters list + * @param put response parameters list + */ + virtual void checkid_hook(const params_t& pin,params_t& pout); + + /** + * Casts the object to pointer to itself. For convenient passing + * of pointer. + */ + operator extension_t*(void) { return this; } + }; + +} + +#endif /* __OPKELE_EXTENSIONS_H */ diff --git a/include/opkele/server.h b/include/opkele/server.h index fe07448..bf131d8 100644 --- a/include/opkele/server.h +++ b/include/opkele/server.h @@ -1,95 +1,99 @@ #ifndef __OPKELE_SERVER_H #define __OPKELE_SERVER_H /** * @file * @brief OpenID server-side functionality */ #include <opkele/types.h> +#include <opkele/extension.h> /** * @brief the main opkele namespace */ namespace opkele { /** * implementation of basic server functionality */ class server_t { public: /** * allocate the new association. The function should be overridden * in the real implementation to provide persistent assocations * store. * @param mode the mode of request being processed to base the * statelessness of the association upon * @return the auto_ptr<> for the newly allocated association_t object */ virtual assoc_t alloc_assoc(mode_t mode) = 0; /** * retrieve the association. The function should be overridden in * the reqal implementation to provide persistent assocations * store. * @param h association handle * @return the auto_ptr<> for the newly allocated association_t object * @throw failed_lookup in case of failure */ virtual assoc_t retrieve_assoc(const string& h) = 0; /** * validate the identity. * @param assoc association object * @param pin incoming request parameters * @param identity being verified * @param trust_root presented in the request * @throw exception if identity can not be confirmed */ virtual void validate(const association_t& assoc,const params_t& pin,const string& identity,const string& trust_root) = 0; /** * process the associate request. * @param pin the incoming request parameters * @param pout the store for the response parameters */ void associate(const params_t& pin,params_t& pout); /** * process the checkid_immediate request. * @param pin the incoming request parameters * @param return_to reference to the object to store return_to url to * @param pout the response parameters + * @param ext pointer to the extension hooks object * @throw exception in case of errors or negative reply */ - void checkid_immediate(const params_t& pin,string& return_to,params_t& pout); + void checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0); /** * process the checkid_setup request. * @param pin the incoming request parameters * @param return_to reference to the object to store return_to url to * @param pout the response parameters + * @param ext pointer to the extension hooks object * @throw exception in case of errors or negative reply */ - void checkid_setup(const params_t& pin,string& return_to,params_t& pout); + void checkid_setup(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0); /** * the actual functionality behind checkid_immediate() and * checkid_setup() * @param mode the request being processed (either * mode_checkid_immediate or mode_checkid_setup) * @param pin the incoming request parameters * @param return_to reference to the object to store return_to url to * @param pout the response parameters + * @param ext pointer to the extension hooks object * @throw exception in case of errors or negative reply */ - void checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout); + void checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0); /** * process the check_authentication request. * @param pin incoming request parameters * @param pout response parameters */ void check_authentication(const params_t& pin,params_t& pout); }; } #endif /* __OPKELE_SERVER_H */ |