summaryrefslogtreecommitdiffabout
path: root/lib/server.cc
authorMichael Krelin <hacker@klever.net>2007-01-11 00:57:06 (UTC)
committer Michael Krelin <hacker@klever.net>2007-01-11 00:57:06 (UTC)
commit06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9 (patch) (unidiff)
treeef978c5d86188d2fc4c7e98a921804d7bfeb5557 /lib/server.cc
parent100199abfdf7a353f9ba2aa9618e0711213290d3 (diff)
downloadlibopkele-06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9.zip
libopkele-06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9.tar.gz
libopkele-06eaf00c48fc563245b85c2be4b8b5a03ef2cfe9.tar.bz2
introduced extension hooks framework
Diffstat (limited to 'lib/server.cc') (more/less context) (show whitespace changes)
-rw-r--r--lib/server.cc14
1 files changed, 8 insertions, 6 deletions
diff --git a/lib/server.cc b/lib/server.cc
index 5eee1f3..8c29abb 100644
--- a/lib/server.cc
+++ b/lib/server.cc
@@ -58,33 +58,33 @@ namespace opkele {
58 switch(st) { 58 switch(st) {
59 case sess_dh_sha1: 59 case sess_dh_sha1:
60 pout["session_type"] = "DH-SHA1"; 60 pout["session_type"] = "DH-SHA1";
61 pout["dh_server_public"] = util::bignum_to_base64(dh->pub_key); 61 pout["dh_server_public"] = util::bignum_to_base64(dh->pub_key);
62 secret.enxor_to_base64(key_sha1,pout["enc_mac_key"]); 62 secret.enxor_to_base64(key_sha1,pout["enc_mac_key"]);
63 break; 63 break;
64 default: 64 default:
65 secret.to_base64(pout["mac_key"]); 65 secret.to_base64(pout["mac_key"]);
66 break; 66 break;
67 } 67 }
68 } 68 }
69 69
70 void server_t::checkid_immediate(const params_t& pin,string& return_to,params_t& pout) { 70 void server_t::checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext) {
71 checkid_(mode_checkid_immediate,pin,return_to,pout); 71 checkid_(mode_checkid_immediate,pin,return_to,pout,ext);
72 } 72 }
73 73
74 void server_t::checkid_setup(const params_t& pin,string& return_to,params_t& pout) { 74 void server_t::checkid_setup(const params_t& pin,string& return_to,params_t& pout,extension_t *ext) {
75 checkid_(mode_checkid_setup,pin,return_to,pout); 75 checkid_(mode_checkid_setup,pin,return_to,pout,ext);
76 } 76 }
77 77
78 void server_t::checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout) { 78 void server_t::checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout,extension_t *ext) {
79 if(mode!=mode_checkid_immediate && mode!=mode_checkid_setup) 79 if(mode!=mode_checkid_immediate && mode!=mode_checkid_setup)
80 throw bad_input(OPKELE_CP_ "invalid checkid_* mode"); 80 throw bad_input(OPKELE_CP_ "invalid checkid_* mode");
81 pout.clear(); 81 pout.clear();
82 assoc_t assoc; 82 assoc_t assoc;
83 try { 83 try {
84 assoc = retrieve_assoc(pin.get_param("openid.assoc_handle")); 84 assoc = retrieve_assoc(pin.get_param("openid.assoc_handle"));
85 }catch(failed_lookup& fl) { 85 }catch(failed_lookup& fl) {
86 // no handle specified or no valid handle found, going dumb 86 // no handle specified or no valid handle found, going dumb
87 assoc = alloc_assoc(mode_checkid_setup); 87 assoc = alloc_assoc(mode_checkid_setup);
88 if(pin.has_param("openid.assoc_handle")) 88 if(pin.has_param("openid.assoc_handle"))
89 pout["invalidate_handle"]=pin.get_param("openid.assoc_handle"); 89 pout["invalidate_handle"]=pin.get_param("openid.assoc_handle");
90 } 90 }
@@ -97,25 +97,27 @@ namespace opkele {
97 validate(*assoc,pin,identity,trust_root); 97 validate(*assoc,pin,identity,trust_root);
98 pout["mode"] = "id_res"; 98 pout["mode"] = "id_res";
99 pout["assoc_handle"] = assoc->handle(); 99 pout["assoc_handle"] = assoc->handle();
100 if(pin.has_param("openid.assoc_handle") && assoc->stateless()) 100 if(pin.has_param("openid.assoc_handle") && assoc->stateless())
101 pout["invalidate_handle"] = pin.get_param("openid.assoc_handle"); 101 pout["invalidate_handle"] = pin.get_param("openid.assoc_handle");
102 pout["identity"] = identity; 102 pout["identity"] = identity;
103 pout["return_to"] = return_to; 103 pout["return_to"] = return_to;
104 /* TODO: eventually remove deprecated stuff */ 104 /* TODO: eventually remove deprecated stuff */
105 time_t now = time(0); 105 time_t now = time(0);
106 pout["issued"] = util::time_to_w3c(now); 106 pout["issued"] = util::time_to_w3c(now);
107 pout["valid_to"] = util::time_to_w3c(now+120); 107 pout["valid_to"] = util::time_to_w3c(now+120);
108 pout["exipres_in"] = "120"; 108 pout["exipres_in"] = "120";
109 pout.sign(assoc->secret(),pout["sig"],pout["signed"]="mode,identity,return_to"); 109 pout["signed"]="mode,identity,return_to";
110 if(ext) ext->checkid_hook(pin,pout);
111 pout.sign(assoc->secret(),pout["sig"],pout["signed"]);
110 } 112 }
111 113
112 void server_t::check_authentication(const params_t& pin,params_t& pout) { 114 void server_t::check_authentication(const params_t& pin,params_t& pout) {
113 vector<unsigned char> sig; 115 vector<unsigned char> sig;
114 mimetic::Base64::Decoder b; 116 mimetic::Base64::Decoder b;
115 const string& sigenc = pin.get_param("openid.sig"); 117 const string& sigenc = pin.get_param("openid.sig");
116 mimetic::decode( 118 mimetic::decode(
117 sigenc.begin(),sigenc.end(), b, 119 sigenc.begin(),sigenc.end(), b,
118 back_insert_iterator<vector<unsigned char> >(sig)); 120 back_insert_iterator<vector<unsigned char> >(sig));
119 assoc_t assoc; 121 assoc_t assoc;
120 try { 122 try {
121 assoc = retrieve_assoc(pin.get_param("openid.assoc_handle")); 123 assoc = retrieve_assoc(pin.get_param("openid.assoc_handle"));