| author | Michael Krelin <hacker@klever.net> | 2007-01-11 00:57:06 (UTC) |
|---|---|---|
| committer | Michael Krelin <hacker@klever.net> | 2007-01-11 00:57:06 (UTC) |
| commit | 06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9 (patch) (side-by-side diff) | |
| tree | ef978c5d86188d2fc4c7e98a921804d7bfeb5557 /lib/server.cc | |
| parent | 100199abfdf7a353f9ba2aa9618e0711213290d3 (diff) | |
| download | libopkele-06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9.zip libopkele-06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9.tar.gz libopkele-06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9.tar.bz2 | |
introduced extension hooks framework
| -rw-r--r-- | lib/server.cc | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/lib/server.cc b/lib/server.cc index 5eee1f3..8c29abb 100644 --- a/lib/server.cc +++ b/lib/server.cc @@ -58,33 +58,33 @@ namespace opkele { switch(st) { case sess_dh_sha1: pout["session_type"] = "DH-SHA1"; pout["dh_server_public"] = util::bignum_to_base64(dh->pub_key); secret.enxor_to_base64(key_sha1,pout["enc_mac_key"]); break; default: secret.to_base64(pout["mac_key"]); break; } } - void server_t::checkid_immediate(const params_t& pin,string& return_to,params_t& pout) { - checkid_(mode_checkid_immediate,pin,return_to,pout); + void server_t::checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { + checkid_(mode_checkid_immediate,pin,return_to,pout,ext); } - void server_t::checkid_setup(const params_t& pin,string& return_to,params_t& pout) { - checkid_(mode_checkid_setup,pin,return_to,pout); + void server_t::checkid_setup(const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { + checkid_(mode_checkid_setup,pin,return_to,pout,ext); } - void server_t::checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout) { + void server_t::checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { if(mode!=mode_checkid_immediate && mode!=mode_checkid_setup) throw bad_input(OPKELE_CP_ "invalid checkid_* mode"); pout.clear(); assoc_t assoc; try { assoc = retrieve_assoc(pin.get_param("openid.assoc_handle")); }catch(failed_lookup& fl) { // no handle specified or no valid handle found, going dumb assoc = alloc_assoc(mode_checkid_setup); if(pin.has_param("openid.assoc_handle")) pout["invalidate_handle"]=pin.get_param("openid.assoc_handle"); } @@ -97,25 +97,27 @@ namespace opkele { validate(*assoc,pin,identity,trust_root); pout["mode"] = "id_res"; pout["assoc_handle"] = assoc->handle(); if(pin.has_param("openid.assoc_handle") && assoc->stateless()) pout["invalidate_handle"] = pin.get_param("openid.assoc_handle"); pout["identity"] = identity; pout["return_to"] = return_to; /* TODO: eventually remove deprecated stuff */ time_t now = time(0); pout["issued"] = util::time_to_w3c(now); pout["valid_to"] = util::time_to_w3c(now+120); pout["exipres_in"] = "120"; - pout.sign(assoc->secret(),pout["sig"],pout["signed"]="mode,identity,return_to"); + pout["signed"]="mode,identity,return_to"; + if(ext) ext->checkid_hook(pin,pout); + pout.sign(assoc->secret(),pout["sig"],pout["signed"]); } void server_t::check_authentication(const params_t& pin,params_t& pout) { vector<unsigned char> sig; mimetic::Base64::Decoder b; const string& sigenc = pin.get_param("openid.sig"); mimetic::decode( sigenc.begin(),sigenc.end(), b, back_insert_iterator<vector<unsigned char> >(sig)); assoc_t assoc; try { assoc = retrieve_assoc(pin.get_param("openid.assoc_handle")); |