| -rw-r--r-- | include/Makefile.am | 3 | ||||
| -rw-r--r-- | include/opkele/consumer.h | 25 | ||||
| -rw-r--r-- | include/opkele/exception.h | 10 | ||||
| -rw-r--r-- | include/opkele/extension.h | 59 | ||||
| -rw-r--r-- | include/opkele/server.h | 10 | ||||
| -rw-r--r-- | lib/Makefile.am | 3 | ||||
| -rw-r--r-- | lib/consumer.cc | 16 | ||||
| -rw-r--r-- | lib/extension.cc | 15 | ||||
| -rw-r--r-- | lib/server.cc | 14 |
9 files changed, 127 insertions, 28 deletions
diff --git a/include/Makefile.am b/include/Makefile.am index b014752..72931eb 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -7,3 +7,4 @@ nobase_include_HEADERS = \ opkele/server.h \ - opkele/consumer.h + opkele/consumer.h \ + opkele/extension.h EXTRA_DIST = \ diff --git a/include/opkele/consumer.h b/include/opkele/consumer.h index 9932315..f9939cf 100644 --- a/include/opkele/consumer.h +++ b/include/opkele/consumer.h @@ -4,2 +4,3 @@ #include <opkele/types.h> +#include <opkele/extension.h> @@ -84,2 +85,3 @@ namespace opkele { * @param trust_root the trust root to advertise with the request + * @param ext pointer to an extension(s) hooks object * @return the location string @@ -87,3 +89,3 @@ namespace opkele { */ - string checkid_immediate(const string& identity,const string& return_to,const string& trust_root=""); + string checkid_immediate(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); /** @@ -94,2 +96,3 @@ namespace opkele { * @param trust_root the trust root to advertise with the request + * @param ext pointer to an extension(s) hooks object * @return the location string @@ -97,3 +100,3 @@ namespace opkele { */ - string checkid_setup(const string& identity,const string& return_to,const string& trust_root=""); + string checkid_setup(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); /** @@ -105,2 +108,3 @@ namespace opkele { * @param trust_root the trust root to advertise with the request + * @param ext pointer to an extension(s) hooks object * @return the location string @@ -108,3 +112,3 @@ namespace opkele { */ - string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root=""); + string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); /** @@ -112,9 +116,8 @@ namespace opkele { * @param pin the response parameters - * @param identity the identity being checked (if not specified, extracted - * from the openid.identity parameter - * @throw id_res_mismatch in case of signature - * mismatch - * @throw id_res_setup in case of - * openid.user_setup_url failure (supposedly - * checkid_immediate only) + * @param identity the identity being checked (if not specified, + * @param ext pointer to an extension(s) hooks object + * extracted from the openid.identity parameter + * @throw id_res_mismatch in case of signature mismatch + * @throw id_res_setup in case of openid.user_setup_url failure + * (supposedly checkid_immediate only) * @throw id_res_failed in case of failure @@ -122,3 +125,3 @@ namespace opkele { */ - void id_res(const params_t& pin,const string& identity=""); + void id_res(const params_t& pin,const string& identity="",extension_t *ext=0); /** diff --git a/include/opkele/exception.h b/include/opkele/exception.h index c5f5811..9fc9bd3 100644 --- a/include/opkele/exception.h +++ b/include/opkele/exception.h @@ -207,2 +207,12 @@ namespace opkele { + /** + * not implemented (think pure virtual) member function executed, signfies + * programmer error + */ + class not_implemented : public exception { + public: + not_implemented(OPKELE_E_PARS) + : exception(OPKELE_E_CONS) { } + }; + } diff --git a/include/opkele/extension.h b/include/opkele/extension.h new file mode 100644 index 0000000..3fb5f6e --- a/dev/null +++ b/include/opkele/extension.h @@ -0,0 +1,59 @@ +#ifndef __OPKELE_EXTENSIONS_H +#define __OPKELE_EXTENSIONS_H + +/** + * @file + * @brief extensions framework basics + */ + +#include <opkele/types.h> + +/** + * @brief the main opkele namespace + */ +namespace opkele { + + /** + * OpenID consumer extension hooks base class + */ + class extension_t { + public: + /** + * hook called by consumer before submitting data to OpenID server. + * It is supposed to manipulate parameters list. + * @param p parameters about to be submitted to server + * @param identity identity being verified. It may differ from the + * one available in parameters list in case of delegation + */ + virtual void checkid_hook(params_t& p,const string& identity); + /** + * hook called by consumer after identity information received from + * OpenID server is verified. + * @param p parameters received from server + * @param sp signed parameters received from server with 'openid.' + * leader stripped + * @param identity identity confirmed. May differ from the one + * available in parameters list in case of delegation. May also be + * empty which means - extract one from parameters + */ + virtual void id_res_hook(const params_t& p,const params_t& sp,const string& identity); + + /** + * hook called by server before returning information to consumer. + * The hook may manipulate output parameters. It is important to + * note that modified pout["signed"] is used for signing response. + * @param pin request parameters list + * @param put response parameters list + */ + virtual void checkid_hook(const params_t& pin,params_t& pout); + + /** + * Casts the object to pointer to itself. For convenient passing + * of pointer. + */ + operator extension_t*(void) { return this; } + }; + +} + +#endif /* __OPKELE_EXTENSIONS_H */ diff --git a/include/opkele/server.h b/include/opkele/server.h index fe07448..bf131d8 100644 --- a/include/opkele/server.h +++ b/include/opkele/server.h @@ -9,2 +9,3 @@ #include <opkele/types.h> +#include <opkele/extension.h> @@ -62,5 +63,6 @@ namespace opkele { * @param pout the response parameters + * @param ext pointer to the extension hooks object * @throw exception in case of errors or negative reply */ - void checkid_immediate(const params_t& pin,string& return_to,params_t& pout); + void checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0); /** @@ -70,5 +72,6 @@ namespace opkele { * @param pout the response parameters + * @param ext pointer to the extension hooks object * @throw exception in case of errors or negative reply */ - void checkid_setup(const params_t& pin,string& return_to,params_t& pout); + void checkid_setup(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0); /** @@ -81,5 +84,6 @@ namespace opkele { * @param pout the response parameters + * @param ext pointer to the extension hooks object * @throw exception in case of errors or negative reply */ - void checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout); + void checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0); /** diff --git a/lib/Makefile.am b/lib/Makefile.am index 6f3f9f3..69c749e 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -23,2 +23,3 @@ libopkele_la_SOURCES = \ consumer.cc \ - exception.cc + exception.cc \ + extension.cc diff --git a/lib/consumer.cc b/lib/consumer.cc index bb6358c..10c2fa0 100644 --- a/lib/consumer.cc +++ b/lib/consumer.cc @@ -125,9 +125,9 @@ namespace opkele { - string consumer_t::checkid_immediate(const string& identity,const string& return_to,const string& trust_root) { - return checkid_(mode_checkid_immediate,identity,return_to,trust_root); + string consumer_t::checkid_immediate(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) { + return checkid_(mode_checkid_immediate,identity,return_to,trust_root,ext); } - string consumer_t::checkid_setup(const string& identity,const string& return_to,const string& trust_root) { - return checkid_(mode_checkid_setup,identity,return_to,trust_root); + string consumer_t::checkid_setup(const string& identity,const string& return_to,const string& trust_root,extension_t *ext) { + return checkid_(mode_checkid_setup,identity,return_to,trust_root,ext); } - string consumer_t::checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root) { + string consumer_t::checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root,extension_t *ext) { params_t p; @@ -155,2 +155,3 @@ namespace opkele { }catch(exception& e) { } + if(ext) ext->checkid_hook(p,identity); return p.append_query(server); @@ -158,3 +159,3 @@ namespace opkele { - void consumer_t::id_res(const params_t& pin,const string& identity) { + void consumer_t::id_res(const params_t& pin,const string& identity,extension_t *ext) { if(pin.has_param("openid.user_setup_url")) @@ -163,2 +164,3 @@ namespace opkele { retrieve_links(identity.empty()?pin.get_param("openid.identity"):canonicalize(identity),server,delegate); + params_t ps; try { @@ -182,2 +184,3 @@ namespace opkele { kv += '\n'; + if(ext) ps[f.substr(sizeof("openid."))] = pin.get_param(f); if(co==string::npos) @@ -221,2 +224,3 @@ namespace opkele { } + if(ext) ext->id_res_hook(pin,ps,identity); } diff --git a/lib/extension.cc b/lib/extension.cc new file mode 100644 index 0000000..bd2195d --- a/dev/null +++ b/lib/extension.cc @@ -0,0 +1,15 @@ +#include <opkele/exception.h> +#include <opkele/extension.h> + +namespace opkele { + + void extension_t::checkid_hook(params_t& p,const string& identity) { + throw not_implemented(OPKELE_CP_ "Consumer checkid_hook not implemented"); + } + void id_res_hook(const params_t& p,const params_t& sp,const string& identity) { + throw not_implemented(OPKELE_CP_ "Consumer id_res_hook not implemented"); + } + void checkid_hook(const params_t& pin,params_t& pout) { + throw not_implemented(OPKELE_CP_ "Server checkid_hook not implemented"); + } +} diff --git a/lib/server.cc b/lib/server.cc index 5eee1f3..8c29abb 100644 --- a/lib/server.cc +++ b/lib/server.cc @@ -69,11 +69,11 @@ namespace opkele { - void server_t::checkid_immediate(const params_t& pin,string& return_to,params_t& pout) { - checkid_(mode_checkid_immediate,pin,return_to,pout); + void server_t::checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { + checkid_(mode_checkid_immediate,pin,return_to,pout,ext); } - void server_t::checkid_setup(const params_t& pin,string& return_to,params_t& pout) { - checkid_(mode_checkid_setup,pin,return_to,pout); + void server_t::checkid_setup(const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { + checkid_(mode_checkid_setup,pin,return_to,pout,ext); } - void server_t::checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout) { + void server_t::checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout,extension_t *ext) { if(mode!=mode_checkid_immediate && mode!=mode_checkid_setup) @@ -108,3 +108,5 @@ namespace opkele { pout["exipres_in"] = "120"; - pout.sign(assoc->secret(),pout["sig"],pout["signed"]="mode,identity,return_to"); + pout["signed"]="mode,identity,return_to"; + if(ext) ext->checkid_hook(pin,pout); + pout.sign(assoc->secret(),pout["sig"],pout["signed"]); } |