summaryrefslogtreecommitdiffabout
path: root/include
authorMichael Krelin <hacker@klever.net>2008-02-04 22:39:59 (UTC)
committer Michael Krelin <hacker@klever.net>2008-02-04 22:39:59 (UTC)
commit9163a26ec8839a31df888920418280a62ebc5595 (patch) (unidiff)
tree55339b4ecf0a3f24817eb5cc1b0b24f831ac895b /include
parentc0eeee1cfd41d0f5f6ff6ac3d6fe021421376a69 (diff)
downloadlibopkele-9163a26ec8839a31df888920418280a62ebc5595.zip
libopkele-9163a26ec8839a31df888920418280a62ebc5595.tar.gz
libopkele-9163a26ec8839a31df888920418280a62ebc5595.tar.bz2
reworked extensions framework
* changed {checkid,id_res}_hook to {rp,op}_{checkid,id_res}_hook * deprecated older hooks, although implemented it in sreg and chain extensions * added extension processing to basic_op * added sreg to test OP Signed-off-by: Michael Krelin <hacker@klever.net>
Diffstat (limited to 'include') (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/basic_op.h3
-rw-r--r--include/opkele/extension.h49
-rw-r--r--include/opkele/extension_chain.h6
-rw-r--r--include/opkele/sreg.h31
4 files changed, 46 insertions, 43 deletions
diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h
index 7f4e481..5bba1bf 100644
--- a/include/opkele/basic_op.h
+++ b/include/opkele/basic_op.h
@@ -1,68 +1,69 @@
1#ifndef __OPKELE_BASIC_OP_H 1#ifndef __OPKELE_BASIC_OP_H
2#define __OPKELE_BASIC_OP_H 2#define __OPKELE_BASIC_OP_H
3 3
4#include <string> 4#include <string>
5#include <opkele/types.h> 5#include <opkele/types.h>
6#include <opkele/extension.h> 6#include <opkele/extension.h>
7 7
8namespace opkele { 8namespace opkele {
9 using std::string; 9 using std::string;
10 10
11 class basic_op { 11 class basic_op {
12 public: 12 public:
13 mode_t mode; 13 mode_t mode;
14 assoc_t assoc; 14 assoc_t assoc;
15 bool openid2; 15 bool openid2;
16 string return_to; 16 string return_to;
17 string realm; 17 string realm;
18 string claimed_id; 18 string claimed_id;
19 string identity; 19 string identity;
20 string invalidate_handle; 20 string invalidate_handle;
21 21
22 void reset_vars(); 22 void reset_vars();
23 23
24 bool has_return_to() const; 24 bool has_return_to() const;
25 const string& get_return_to() const; 25 const string& get_return_to() const;
26 26
27 const string& get_realm() const; 27 const string& get_realm() const;
28 28
29 bool has_identity() const; 29 bool has_identity() const;
30 const string& get_claimed_id() const; 30 const string& get_claimed_id() const;
31 const string& get_identity() const; 31 const string& get_identity() const;
32 32
33 bool is_id_select() const; 33 bool is_id_select() const;
34 34
35 void select_identity(const string& c,const string& i); 35 void select_identity(const string& c,const string& i);
36 void set_claimed_id(const string& c); 36 void set_claimed_id(const string& c);
37 37
38 basic_openid_message& associate( 38 basic_openid_message& associate(
39 basic_openid_message& oum, 39 basic_openid_message& oum,
40 const basic_openid_message& inm); 40 const basic_openid_message& inm);
41 41
42 void checkid_(const basic_openid_message& inm,extension_t *ext=0); 42 void checkid_(const basic_openid_message& inm,extension_t *ext=0);
43 basic_openid_message& id_res(basic_openid_message& om); 43 basic_openid_message& id_res(basic_openid_message& om,
44 extension_t *ext=0);
44 basic_openid_message& cancel(basic_openid_message& om); 45 basic_openid_message& cancel(basic_openid_message& om);
45 basic_openid_message& error(basic_openid_message& om, 46 basic_openid_message& error(basic_openid_message& om,
46 const string& error,const string& contact, 47 const string& error,const string& contact,
47 const string& reference ); 48 const string& reference );
48 basic_openid_message& setup_needed( 49 basic_openid_message& setup_needed(
49 basic_openid_message& oum,const basic_openid_message& inm); 50 basic_openid_message& oum,const basic_openid_message& inm);
50 51
51 basic_openid_message& check_authentication( 52 basic_openid_message& check_authentication(
52 basic_openid_message& oum,const basic_openid_message& inm); 53 basic_openid_message& oum,const basic_openid_message& inm);
53 54
54 virtual void verify_return_to(); 55 virtual void verify_return_to();
55 56
56 virtual assoc_t alloc_assoc(const string& t,size_t kl,bool sl) = 0; 57 virtual assoc_t alloc_assoc(const string& t,size_t kl,bool sl) = 0;
57 virtual assoc_t retrieve_assoc(const string& h) = 0; 58 virtual assoc_t retrieve_assoc(const string& h) = 0;
58 59
59 virtual string& alloc_nonce(string& nonce,bool sl) = 0; 60 virtual string& alloc_nonce(string& nonce,bool sl) = 0;
60 virtual bool check_nonce(const string& nonce) = 0; 61 virtual bool check_nonce(const string& nonce) = 0;
61 virtual void invalidate_nonce(const string& nonce) = 0; 62 virtual void invalidate_nonce(const string& nonce) = 0;
62 63
63 virtual const string get_op_endpoint() const = 0; 64 virtual const string get_op_endpoint() const = 0;
64 65
65 }; 66 };
66} 67}
67 68
68#endif /* __OPKELE_BASIC_OP_H */ 69#endif /* __OPKELE_BASIC_OP_H */
diff --git a/include/opkele/extension.h b/include/opkele/extension.h
index 3ee25ee..37bcb90 100644
--- a/include/opkele/extension.h
+++ b/include/opkele/extension.h
@@ -1,66 +1,61 @@
1#ifndef __OPKELE_EXTENSION_H 1#ifndef __OPKELE_EXTENSION_H
2#define __OPKELE_EXTENSION_H 2#define __OPKELE_EXTENSION_H
3 3
4/** 4/**
5 * @file 5 * @file
6 * @brief extensions framework basics 6 * @brief extensions framework basics
7 */ 7 */
8 8
9#include <opkele/opkele-config.h>
9#include <opkele/types.h> 10#include <opkele/types.h>
10 11
11namespace opkele { 12namespace opkele {
12 13
13 /** 14 /**
14 * OpenID extension hooks base class 15 * OpenID extension hooks base class
15 */ 16 */
16 class extension_t { 17 class extension_t {
17 public: 18 public:
18 19
19 virtual ~extension_t() { } 20 virtual ~extension_t() { }
20 21
21 /** 22 /**
22 * hook called by consumer before submitting data to OpenID server. 23 * hook called by RP before submitting the message to OP.
23 * It is supposed to manipulate parameters list. 24 * @param om openid message to be submit
24 * @param p parameters about to be submitted to server
25 * @param identity identity being verified. It may differ from the
26 * one available in parameters list in case of delegation
27 * @see consumer_t::checkid_
28 * @see consumer_t::checkid_immediate
29 * @see consumer_t::checkid_setup
30 */ 25 */
31 virtual void checkid_hook(basic_openid_message& om); 26 virtual void rp_checkid_hook(basic_openid_message& om);
27
32 /** 28 /**
33 * hook called by consumer after identity information received from 29 * hook called by RP after verifying information received from OP.
34 * OpenID server is verified. 30 * @param om openid message received
35 * @param p parameters received from server 31 * @param sp signed part of the message
36 * @param sp signed parameters received from server with 'openid.'
37 * leader stripped
38 * @param identity identity confirmed. May differ from the one
39 * available in parameters list in case of delegation. May also be
40 * empty which means - extract one from parameters
41 * @see consumer_t::id_res
42 */ 32 */
43 virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp); 33 virtual void rp_id_res_hook(const basic_openid_message& om,
34 const basic_openid_message& sp);
44 35
45 /** 36 /**
46 * hook called by server before returning information to consumer. 37 * hook called by OP after parsing incoming message
47 * The hook may manipulate output parameters. It is important to 38 * @param inm message received from RP
48 * note that modified pout["signed"] is used for signing response. 39 */
49 * @param pin request parameters list with "openid." prefix 40 virtual void op_checkid_hook(const basic_openid_message& inm);
50 * @param pout response parameters list without "openid." prefix 41 /**
51 * @see server_t::checkid_ 42 * hook called by OP before signing the reply to RP
52 * @see server_t::checkid_immediate 43 * @param oum message to be sent to RP
53 * @see server_t::checkid_setup
54 */ 44 */
45 virtual void op_id_res_hook(basic_openid_message& oum);
46
47 virtual void checkid_hook(basic_openid_message& om) OPKELE_DEPRECATE;
48 virtual void id_res_hook(const basic_openid_message& om,
49 const basic_openid_message& sp) OPKELE_DEPRECATE;
55 virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum); 50 virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum);
56 51
57 /** 52 /**
58 * Casts the object to pointer to itself. For convenient passing 53 * Casts the object to pointer to itself. For convenient passing
59 * of pointer. 54 * of pointer.
60 */ 55 */
61 operator extension_t*(void) { return this; } 56 operator extension_t*(void) { return this; }
62 }; 57 };
63 58
64} 59}
65 60
66#endif /* __OPKELE_EXTENSION_H */ 61#endif /* __OPKELE_EXTENSION_H */
diff --git a/include/opkele/extension_chain.h b/include/opkele/extension_chain.h
index fb9bc84..9692934 100644
--- a/include/opkele/extension_chain.h
+++ b/include/opkele/extension_chain.h
@@ -1,38 +1,44 @@
1#ifndef __OPKELE_EXTENSION_CHAIN_H 1#ifndef __OPKELE_EXTENSION_CHAIN_H
2#define __OPKELE_EXTENSION_CHAIN_H 2#define __OPKELE_EXTENSION_CHAIN_H
3 3
4/** 4/**
5 * @file 5 * @file
6 * @brief extension chain extension 6 * @brief extension chain extension
7 */ 7 */
8 8
9#include <list> 9#include <list>
10#include <opkele/extension.h> 10#include <opkele/extension.h>
11 11
12namespace opkele { 12namespace opkele {
13 using std::list; 13 using std::list;
14 14
15 /** 15 /**
16 * OpenID extensions chain used to combine extensions, it is actually an 16 * OpenID extensions chain used to combine extensions, it is actually an
17 * stl list of pointers to extensions. 17 * stl list of pointers to extensions.
18 */ 18 */
19 class extension_chain_t : public extension_t, public list<extension_t*> { 19 class extension_chain_t : public extension_t, public list<extension_t*> {
20 public: 20 public:
21 21
22 /** 22 /**
23 * Default constructor creates an empty chain 23 * Default constructor creates an empty chain
24 */ 24 */
25 extension_chain_t() { } 25 extension_chain_t() { }
26 /** 26 /**
27 * Create extension chain with a single extension in it 27 * Create extension chain with a single extension in it
28 */ 28 */
29 extension_chain_t(extension_t *e) { push_back(e); } 29 extension_chain_t(extension_t *e) { push_back(e); }
30 30
31 virtual void rp_checkid_hook(basic_openid_message& om);
32 virtual void rp_id_res_hook(const basic_openid_message& om,
33 const basic_openid_message& sp);
34 virtual void op_checkid_hook(const basic_openid_message& inm);
35 virtual void op_id_res_hook(basic_openid_message& oum);
36
31 virtual void checkid_hook(basic_openid_message& om); 37 virtual void checkid_hook(basic_openid_message& om);
32 virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp); 38 virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp);
33 virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum); 39 virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum);
34 }; 40 };
35 41
36} 42}
37 43
38#endif /* __OPKELE_EXTENSION_CHAIN_H */ 44#endif /* __OPKELE_EXTENSION_CHAIN_H */
diff --git a/include/opkele/sreg.h b/include/opkele/sreg.h
index 24cb315..513e221 100644
--- a/include/opkele/sreg.h
+++ b/include/opkele/sreg.h
@@ -1,203 +1,204 @@
1#ifndef __OPKELE_SREG_H 1#ifndef __OPKELE_SREG_H
2#define __OPKELE_SREG_H 2#define __OPKELE_SREG_H
3 3
4/** 4/**
5 * @file 5 * @file
6 * @brief Simple registration extension 6 * @brief Simple registration extension
7 */ 7 */
8 8
9#include <opkele/extension.h> 9#include <opkele/extension.h>
10 10
11namespace opkele { 11namespace opkele {
12 using std::map; 12 using std::map;
13 13
14 /** 14 /**
15 * OpenID simple registration extension implementation 15 * OpenID simple registration extension implementation
16 * http://openid.net/specs/openid-simple-registration-extension-1_0.html 16 * http://openid.net/specs/openid-simple-registration-extension-1_0.html
17 */ 17 */
18 class sreg_t : public extension_t { 18 class sreg_t : public extension_t {
19 public: 19 public:
20 /** 20 /**
21 * sreg fields enumeration 21 * sreg fields enumeration
22 */ 22 */
23 enum fieldbit_t { 23 enum fieldbit_t {
24 /** 24 /**
25 * Any UTF-8 string that the End User wants to use as a nickname. 25 * Any UTF-8 string that the End User wants to use as a nickname.
26 */ 26 */
27 field_nickname = 1, 27 field_nickname = 1,
28 /** 28 /**
29 * The email address of the End User as specified in section 3.4.1 of [RFC2822] 29 * The email address of the End User as specified in section 3.4.1 of [RFC2822]
30 */ 30 */
31 field_email = 2, 31 field_email = 2,
32 /** 32 /**
33 * UTF-8 string free text representation of the End User's full name. 33 * UTF-8 string free text representation of the End User's full name.
34 */ 34 */
35 field_fullname = 4, 35 field_fullname = 4,
36 /** 36 /**
37 * The End User's date of birth as YYYY-MM-DD. Any values whose 37 * The End User's date of birth as YYYY-MM-DD. Any values whose
38 * representation uses fewer than the specified number of 38 * representation uses fewer than the specified number of
39 * digits should be zero-padded. The length of this value MUST 39 * digits should be zero-padded. The length of this value MUST
40 * always be 10. If the End User user does not want to reveal 40 * always be 10. If the End User user does not want to reveal
41 * any particular component of this value, it MUST be set to 41 * any particular component of this value, it MUST be set to
42 * zero. 42 * zero.
43 * 43 *
44 * For instance, if a End User wants to specify that his date 44 * For instance, if a End User wants to specify that his date
45 * of birth is in 1980, but not the month or day, the value 45 * of birth is in 1980, but not the month or day, the value
46 * returned SHALL be "1980-00-00". 46 * returned SHALL be "1980-00-00".
47 */ 47 */
48 field_dob = 8, 48 field_dob = 8,
49 /** 49 /**
50 * Alias to field_dob 50 * Alias to field_dob
51 */ 51 */
52 field_birthdate = field_dob, 52 field_birthdate = field_dob,
53 /** 53 /**
54 * The End User's gender, "M" for male, "F" for female. 54 * The End User's gender, "M" for male, "F" for female.
55 */ 55 */
56 field_gender = 16, 56 field_gender = 16,
57 /** 57 /**
58 * Alias to field_gender 58 * Alias to field_gender
59 */ 59 */
60 field_sex = field_gender, 60 field_sex = field_gender,
61 /** 61 /**
62 * UTF-8 string free text that SHOULD conform to the End User's 62 * UTF-8 string free text that SHOULD conform to the End User's
63 * country's postal system. 63 * country's postal system.
64 */ 64 */
65 field_postcode = 32, 65 field_postcode = 32,
66 /** 66 /**
67 * The End User's country of residence as specified by ISO3166 67 * The End User's country of residence as specified by ISO3166
68 */ 68 */
69 field_country = 64, 69 field_country = 64,
70 /** 70 /**
71 * End User's preferred language as specified by ISO639 71 * End User's preferred language as specified by ISO639
72 */ 72 */
73 field_language = 128, 73 field_language = 128,
74 /** 74 /**
75 * ASCII string from TimeZone database 75 * ASCII string from TimeZone database
76 * 76 *
77 * For example, "Europe/Paris" or "America/Los_Angeles". 77 * For example, "Europe/Paris" or "America/Los_Angeles".
78 */ 78 */
79 field_timezone = 256, 79 field_timezone = 256,
80 /** 80 /**
81 * All fields bits combined 81 * All fields bits combined
82 */ 82 */
83 fields_ALL = 511, 83 fields_ALL = 511,
84 /** 84 /**
85 * No fields 85 * No fields
86 */ 86 */
87 fields_NONE = 0 87 fields_NONE = 0
88 }; 88 };
89 /** 89 /**
90 * Bitmask for fields which, if absent from the response, will 90 * Bitmask for fields which, if absent from the response, will
91 * prevent the Consumer from completing the registration without 91 * prevent the Consumer from completing the registration without
92 * End User interation. 92 * End User interation.
93 */ 93 */
94 long fields_required; 94 long fields_required;
95 /** 95 /**
96 * Bitmask for fields that will be used by the Consumer, but whose 96 * Bitmask for fields that will be used by the Consumer, but whose
97 * absence will not prevent the registration from completing. 97 * absence will not prevent the registration from completing.
98 */ 98 */
99 long fields_optional; 99 long fields_optional;
100 /** 100 /**
101 * A URL which the Consumer provides to give the End User a place 101 * A URL which the Consumer provides to give the End User a place
102 * to read about the how the profile data will be used. The 102 * to read about the how the profile data will be used. The
103 * Identity Provider SHOULD display this URL to the End User if it 103 * Identity Provider SHOULD display this URL to the End User if it
104 * is given. 104 * is given.
105 */ 105 */
106 string policy_url; 106 string policy_url;
107 107
108 /** 108 /**
109 * Bitmask for fields present in response 109 * Bitmask for fields present in response
110 */ 110 */
111 long has_fields; 111 long has_fields;
112 /** 112 /**
113 * Container type for response fields values 113 * Container type for response fields values
114 */ 114 */
115 typedef map<fieldbit_t,string> response_t; 115 typedef map<fieldbit_t,string> response_t;
116 /** 116 /**
117 * Response contents 117 * Response contents
118 */ 118 */
119 response_t response; 119 response_t response;
120 120
121 /** 121 /**
122 * Fields bitmask to send in response 122 * Fields bitmask to send in response
123 */ 123 */
124 long fields_response; 124 long fields_response;
125 125
126 /** 126 /**
127 * Consumer constructor. 127 * Consumer constructor.
128 * @param fr required fields 128 * @param fr required fields
129 * @see fields_required 129 * @see fields_required
130 * @param fo optional fields 130 * @param fo optional fields
131 * @see fields_optional 131 * @see fields_optional
132 * @param pu policy url 132 * @param pu policy url
133 * @see policy_url 133 * @see policy_url
134 */ 134 */
135 sreg_t(long fr=fields_NONE,long fo=fields_NONE,const string& pu="") 135 sreg_t(long fr=fields_NONE,long fo=fields_NONE,const string& pu="")
136 : fields_required(fr), fields_optional(fo), policy_url(pu), has_fields(0) { } 136 : fields_required(fr), fields_optional(fo), policy_url(pu), has_fields(0) { }
137 137
138 /** 138 virtual void rp_checkid_hook(basic_openid_message& om);
139 * Implementation of consumer's checkid hook 139 virtual void rp_id_res_hook(const basic_openid_message& om,
140 */ 140 const basic_openid_message& sp);
141 virtual void op_checkid_hook(const basic_openid_message& inm);
142 virtual void op_id_res_hook(basic_openid_message& oum);
143
141 virtual void checkid_hook(basic_openid_message& om); 144 virtual void checkid_hook(basic_openid_message& om);
142 /** 145 virtual void id_res_hook(const basic_openid_message& om,
143 * Implementation of consumer's id_res hook 146 const basic_openid_message& sp);
144 */ 147 virtual void checkid_hook(const basic_openid_message& inm,
145 virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp); 148 basic_openid_message& oum);
146 /**
147 * Implementation of server's checkid_hook
148 */
149 virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum);
150 149
151 /** 150 /**
152 * Check and see if we have value for some particular field. 151 * Check and see if we have value for some particular field.
153 * @param fb field in question 152 * @param fb field in question
154 * @see fieldbit_t 153 * @see fieldbit_t
155 * @return true if the value is available 154 * @return true if the value is available
156 */ 155 */
157 bool has_field(fieldbit_t fb) const { return has_fields&fb; } 156 bool has_field(fieldbit_t fb) const { return has_fields&fb; }
158 157
159 /** 158 /**
160 * Retrieve the value for a field. 159 * Retrieve the value for a field.
161 * @param fb field in question 160 * @param fb field in question
162 * @see fieldbit_t 161 * @see fieldbit_t
163 * @return field value 162 * @return field value
164 * @throw failed_lookup if no data avaialble 163 * @throw failed_lookup if no data avaialble
165 */ 164 */
166 const string& get_field(fieldbit_t fb) const; 165 const string& get_field(fieldbit_t fb) const;
167 166
168 /** 167 /**
169 * Set the value for a field. 168 * Set the value for a field.
170 * @param fb field in question 169 * @param fb field in question
171 * @see fieldbit_t 170 * @see fieldbit_t
172 * @param fv field value 171 * @param fv field value
173 */ 172 */
174 void set_field(fieldbit_t fb,const string& fv); 173 void set_field(fieldbit_t fb,const string& fv);
175 174
176 /** 175 /**
177 * Remove the value for a field. 176 * Remove the value for a field.
178 * @param fb field in question 177 * @param fb field in question
179 * @see fieldbit_t 178 * @see fieldbit_t
180 */ 179 */
181 void reset_field(fieldbit_t fb); 180 void reset_field(fieldbit_t fb);
182 181
183 /** 182 /**
184 * Reset field data 183 * Reset field data
185 */ 184 */
186 void clear(); 185 void clear();
187 186
188 /** 187 /**
189 * Function called after parsing sreg request to set up response 188 * Function called after parsing sreg request to set up response
190 * fields. The default implementation tries to send as much fields 189 * fields. The default implementation tries to send as much fields
191 * as we have. The function is supposed to set the data and 190 * as we have. The function is supposed to set the data and
192 * fields_response. 191 * fields_response.
193 * @see fields_response 192 * @see fields_response
194 * @param pin input request parameters with "openid." prefix 193 * @param inm incoming openid message
195 * @param pout output request parameters without "openid." prefix. 194 * @param oum outgoing openid message
196 * @see checkid_hook(const params_t&,params_t&)
197 */ 195 */
198 virtual void setup_response(const basic_openid_message& inm,basic_openid_message& oum); 196 virtual void setup_response(const basic_openid_message& inm,
197 basic_openid_message& oum);
198
199 virtual void setup_response();
199 200
200 }; 201 };
201} 202}
202 203
203#endif /* __OPKELE_SREG_H */ 204#endif /* __OPKELE_SREG_H */