author | Michael Krelin <hacker@klever.net> | 2008-02-04 22:39:59 (UTC) |
---|---|---|
committer | Michael Krelin <hacker@klever.net> | 2008-02-04 22:39:59 (UTC) |
commit | 9163a26ec8839a31df888920418280a62ebc5595 (patch) (unidiff) | |
tree | 55339b4ecf0a3f24817eb5cc1b0b24f831ac895b /lib | |
parent | c0eeee1cfd41d0f5f6ff6ac3d6fe021421376a69 (diff) | |
download | libopkele-9163a26ec8839a31df888920418280a62ebc5595.zip libopkele-9163a26ec8839a31df888920418280a62ebc5595.tar.gz libopkele-9163a26ec8839a31df888920418280a62ebc5595.tar.bz2 |
reworked extensions framework
* changed {checkid,id_res}_hook to {rp,op}_{checkid,id_res}_hook
* deprecated older hooks, although implemented it in sreg and chain extensions
* added extension processing to basic_op
* added sreg to test OP
Signed-off-by: Michael Krelin <hacker@klever.net>
-rw-r--r-- | lib/basic_op.cc | 5 | ||||
-rw-r--r-- | lib/basic_rp.cc | 4 | ||||
-rw-r--r-- | lib/extension.cc | 25 | ||||
-rw-r--r-- | lib/extension_chain.cc | 27 | ||||
-rw-r--r-- | lib/sreg.cc | 28 |
5 files changed, 67 insertions, 22 deletions
diff --git a/lib/basic_op.cc b/lib/basic_op.cc index c89d1d7..9e2ea5a 100644 --- a/lib/basic_op.cc +++ b/lib/basic_op.cc | |||
@@ -193,9 +193,11 @@ namespace opkele { | |||
193 | "claimed_id and identity must be either both present or both absent"); | 193 | "claimed_id and identity must be either both present or both absent"); |
194 | } | 194 | } |
195 | verify_return_to(); | 195 | verify_return_to(); |
196 | if(ext) ext->op_checkid_hook(inm); | ||
196 | } | 197 | } |
197 | 198 | ||
198 | basic_openid_message& basic_op::id_res(basic_openid_message& om) { | 199 | basic_openid_message& basic_op::id_res(basic_openid_message& om, |
200 | extension_t *ext) { | ||
199 | assert(assoc); | 201 | assert(assoc); |
200 | assert(!return_to.empty()); | 202 | assert(!return_to.empty()); |
201 | assert(!is_id_select()); | 203 | assert(!is_id_select()); |
@@ -224,6 +226,7 @@ namespace opkele { | |||
224 | } | 226 | } |
225 | om.set_field("assoc_handle",assoc->handle()); | 227 | om.set_field("assoc_handle",assoc->handle()); |
226 | om.add_to_signed(ats); | 228 | om.add_to_signed(ats); |
229 | if(ext) ext->op_id_res_hook(om); | ||
227 | om.set_field("sig",util::base64_signature(assoc,om)); | 230 | om.set_field("sig",util::base64_signature(assoc,om)); |
228 | return om; | 231 | return om; |
229 | } | 232 | } |
diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc index a884583..bd45d99 100644 --- a/lib/basic_rp.cc +++ b/lib/basic_rp.cc | |||
@@ -129,7 +129,7 @@ namespace opkele { | |||
129 | rv.set_field("assoc_handle",associate(ep.uri)->handle()); | 129 | rv.set_field("assoc_handle",associate(ep.uri)->handle()); |
130 | }catch(dumb_RP& drp) { } | 130 | }catch(dumb_RP& drp) { } |
131 | } OPKELE_RETHROW | 131 | } OPKELE_RETHROW |
132 | if(ext) ext->checkid_hook(rv); | 132 | if(ext) ext->rp_checkid_hook(rv); |
133 | return rv; | 133 | return rv; |
134 | } | 134 | } |
135 | 135 | ||
@@ -275,7 +275,7 @@ namespace opkele { | |||
275 | } | 275 | } |
276 | 276 | ||
277 | } | 277 | } |
278 | if(ext) ext->id_res_hook(om,signeds); | 278 | if(ext) ext->rp_id_res_hook(om,signeds); |
279 | } | 279 | } |
280 | 280 | ||
281 | void basic_RP::check_authentication(const string& OP, | 281 | void basic_RP::check_authentication(const string& OP, |
diff --git a/lib/extension.cc b/lib/extension.cc index 6451249..f7aaea5 100644 --- a/lib/extension.cc +++ b/lib/extension.cc | |||
@@ -3,13 +3,24 @@ | |||
3 | 3 | ||
4 | namespace opkele { | 4 | namespace opkele { |
5 | 5 | ||
6 | void extension_t::rp_checkid_hook(basic_openid_message&) { | ||
7 | throw not_implemented(OPKELE_CP_ "RP checkid_* hook not implemented"); } | ||
8 | void extension_t::rp_id_res_hook(const basic_openid_message&, | ||
9 | const basic_openid_message&) { | ||
10 | throw not_implemented(OPKELE_CP_ "RP id_res hook not implemented"); } | ||
11 | |||
12 | void extension_t::op_checkid_hook(const basic_openid_message&) { | ||
13 | throw not_implemented(OPKELE_CP_ "OP checkid_* hook not implemented"); } | ||
14 | void extension_t::op_id_res_hook(basic_openid_message& om) { | ||
15 | throw not_implemented(OPKELE_CP_ "OP id_res hook not implemented"); } | ||
16 | |||
17 | |||
6 | void extension_t::checkid_hook(basic_openid_message&) { | 18 | void extension_t::checkid_hook(basic_openid_message&) { |
7 | throw not_implemented(OPKELE_CP_ "Consumer checkid_hook not implemented"); | 19 | throw not_implemented(OPKELE_CP_ "deprecated consumer checkid_* hook not implemented"); } |
8 | } | 20 | void extension_t::id_res_hook(const basic_openid_message&, |
9 | void extension_t::id_res_hook(const basic_openid_message&,const basic_openid_message&) { | 21 | const basic_openid_message&) { |
10 | throw not_implemented(OPKELE_CP_ "Consumer id_res_hook not implemented"); | 22 | throw not_implemented(OPKELE_CP_ "deprecated consumer id_res hook not implemented"); } |
11 | } | 23 | |
12 | void extension_t::checkid_hook(const basic_openid_message&,basic_openid_message&) { | 24 | void extension_t::checkid_hook(const basic_openid_message&,basic_openid_message&) { |
13 | throw not_implemented(OPKELE_CP_ "Server checkid_hook not implemented"); | 25 | throw not_implemented(OPKELE_CP_ "deprecated server checkid hook not implemented"); } |
14 | } | ||
15 | } | 26 | } |
diff --git a/lib/extension_chain.cc b/lib/extension_chain.cc index 5c2afd9..5483740 100644 --- a/lib/extension_chain.cc +++ b/lib/extension_chain.cc | |||
@@ -3,14 +3,25 @@ | |||
3 | 3 | ||
4 | namespace opkele { | 4 | namespace opkele { |
5 | 5 | ||
6 | void extension_chain_t::rp_checkid_hook(basic_openid_message& om) { | ||
7 | for(iterator i=begin();i!=end();++i) (*i)->rp_checkid_hook(om); } | ||
8 | void extension_chain_t::rp_id_res_hook(const basic_openid_message& om, | ||
9 | const basic_openid_message& sp) { | ||
10 | for(iterator i=begin();i!=end();++i) (*i)->rp_id_res_hook(om,sp); } | ||
11 | |||
12 | void extension_chain_t::op_checkid_hook(const basic_openid_message& inm) { | ||
13 | for(iterator i=begin();i!=end();++i) (*i)->op_checkid_hook(inm); } | ||
14 | void extension_chain_t::op_id_res_hook(basic_openid_message& oum) { | ||
15 | for(iterator i=begin();i!=end();++i) (*i)->op_id_res_hook(oum); } | ||
16 | |||
17 | |||
6 | void extension_chain_t::checkid_hook(basic_openid_message& om){ | 18 | void extension_chain_t::checkid_hook(basic_openid_message& om){ |
7 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(om); | 19 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(om); } |
8 | } | 20 | void extension_chain_t::id_res_hook(const basic_openid_message& om, |
9 | void extension_chain_t::id_res_hook(const basic_openid_message& om,const basic_openid_message& sp) { | 21 | const basic_openid_message& sp) { |
10 | for(iterator i=begin();i!=end();++i) (*i)->id_res_hook(om,sp); | 22 | for(iterator i=begin();i!=end();++i) (*i)->id_res_hook(om,sp); } |
11 | } | 23 | void extension_chain_t::checkid_hook(const basic_openid_message& inm, |
12 | void extension_chain_t::checkid_hook(const basic_openid_message& inm,basic_openid_message& oum) { | 24 | basic_openid_message& oum) { |
13 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(inm,oum); | 25 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(inm,oum); } |
14 | } | ||
15 | 26 | ||
16 | } | 27 | } |
diff --git a/lib/sreg.cc b/lib/sreg.cc index 7e2d588..b40cd45 100644 --- a/lib/sreg.cc +++ b/lib/sreg.cc | |||
@@ -28,7 +28,7 @@ namespace opkele { | |||
28 | return fd.fieldname==fn; | 28 | return fd.fieldname==fn; |
29 | } | 29 | } |
30 | 30 | ||
31 | void sreg_t::checkid_hook(basic_openid_message& om) { | 31 | void sreg_t::rp_checkid_hook(basic_openid_message& om) { |
32 | string fr, fo; | 32 | string fr, fo; |
33 | for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { | 33 | for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { |
34 | if(f->fieldbit&fields_required) { | 34 | if(f->fieldbit&fields_required) { |
@@ -46,7 +46,11 @@ namespace opkele { | |||
46 | if(!policy_url.empty()) om.set_field(pfx+".policy_url",policy_url); | 46 | if(!policy_url.empty()) om.set_field(pfx+".policy_url",policy_url); |
47 | } | 47 | } |
48 | 48 | ||
49 | void sreg_t::id_res_hook(const basic_openid_message& om,const basic_openid_message& sp) { | 49 | void sreg_t::checkid_hook(basic_openid_message& om) { |
50 | rp_checkid_hook(om); } | ||
51 | |||
52 | void sreg_t::rp_id_res_hook(const basic_openid_message& om, | ||
53 | const basic_openid_message& sp) { | ||
50 | clear(); | 54 | clear(); |
51 | string pfx; | 55 | string pfx; |
52 | try { | 56 | try { |
@@ -67,6 +71,10 @@ namespace opkele { | |||
67 | } | 71 | } |
68 | } | 72 | } |
69 | 73 | ||
74 | void sreg_t::id_res_hook(const basic_openid_message& om, | ||
75 | const basic_openid_message& sp) { | ||
76 | rp_id_res_hook(om,sp); } | ||
77 | |||
70 | const string& sreg_t::get_field(fieldbit_t fb) const { | 78 | const string& sreg_t::get_field(fieldbit_t fb) const { |
71 | response_t::const_iterator i = response.find(fb); | 79 | response_t::const_iterator i = response.find(fb); |
72 | if(i==response.end()) | 80 | if(i==response.end()) |
@@ -105,7 +113,7 @@ namespace opkele { | |||
105 | return rv; | 113 | return rv; |
106 | } | 114 | } |
107 | 115 | ||
108 | void sreg_t::checkid_hook(const basic_openid_message& inm,basic_openid_message& oum) { | 116 | void sreg_t::op_checkid_hook(const basic_openid_message& inm) { |
109 | string ins = inm.find_ns(OIURI_SREG11,"sreg"); | 117 | string ins = inm.find_ns(OIURI_SREG11,"sreg"); |
110 | fields_optional = 0; fields_required = 0; policy_url.erase(); | 118 | fields_optional = 0; fields_required = 0; policy_url.erase(); |
111 | fields_response = 0; | 119 | fields_response = 0; |
@@ -120,7 +128,9 @@ namespace opkele { | |||
120 | try { | 128 | try { |
121 | policy_url = inm.get_field(ins+".policy_url"); | 129 | policy_url = inm.get_field(ins+".policy_url"); |
122 | }catch(failed_lookup&) { } | 130 | }catch(failed_lookup&) { } |
123 | setup_response(inm,oum); | 131 | } |
132 | |||
133 | void sreg_t::op_id_res_hook(basic_openid_message& oum) { | ||
124 | string ons = oum.allocate_ns(OIURI_SREG11,"sreg"); | 134 | string ons = oum.allocate_ns(OIURI_SREG11,"sreg"); |
125 | fields_response &= has_fields; | 135 | fields_response &= has_fields; |
126 | string signeds = "ns."+ons; | 136 | string signeds = "ns."+ons; |
@@ -134,7 +144,17 @@ namespace opkele { | |||
134 | oum.add_to_signed(signeds); | 144 | oum.add_to_signed(signeds); |
135 | } | 145 | } |
136 | 146 | ||
147 | void sreg_t::checkid_hook(const basic_openid_message& inm, | ||
148 | basic_openid_message& oum) { | ||
149 | op_checkid_hook(inm); | ||
150 | setup_response(inm,oum); | ||
151 | op_id_res_hook(oum); | ||
152 | } | ||
153 | |||
137 | void sreg_t::setup_response(const basic_openid_message& /* inm */,basic_openid_message& /* oum */) { | 154 | void sreg_t::setup_response(const basic_openid_message& /* inm */,basic_openid_message& /* oum */) { |
155 | setup_response(); | ||
156 | } | ||
157 | void sreg_t::setup_response() { | ||
138 | fields_response = (fields_required|fields_optional)&has_fields; | 158 | fields_response = (fields_required|fields_optional)&has_fields; |
139 | } | 159 | } |
140 | } | 160 | } |