| -rw-r--r-- | include/opkele/basic_op.h | 2 | ||||
| -rw-r--r-- | include/opkele/verify_op.h | 2 | ||||
| -rw-r--r-- | lib/verify_op.cc | 2 | ||||
| -rw-r--r-- | test/OP.cc | 2 |
4 files changed, 4 insertions, 4 deletions
diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h index 0e3231d..0326508 100644 --- a/include/opkele/basic_op.h +++ b/include/opkele/basic_op.h | |||
| @@ -173,25 +173,25 @@ namespace opkele { | |||
| 173 | */ | 173 | */ |
| 174 | basic_openid_message& check_authentication( | 174 | basic_openid_message& check_authentication( |
| 175 | basic_openid_message& oum,const basic_openid_message& inm); | 175 | basic_openid_message& oum,const basic_openid_message& inm); |
| 176 | /** | 176 | /** |
| 177 | * @} | 177 | * @} |
| 178 | */ | 178 | */ |
| 179 | 179 | ||
| 180 | /** | 180 | /** |
| 181 | * Verify return_to url. The default implementation checks whether | 181 | * Verify return_to url. The default implementation checks whether |
| 182 | * return_to URI matches the realm | 182 | * return_to URI matches the realm |
| 183 | * @throw bad_realm in case of invalid realm | 183 | * @throw bad_realm in case of invalid realm |
| 184 | * @throw bad_return_to if return_to doesn't match the realm | 184 | * @throw bad_return_to if return_to doesn't match the realm |
| 185 | * @see verify_op::verify_return_to() | 185 | * @see verify_OP::verify_return_to() |
| 186 | */ | 186 | */ |
| 187 | virtual void verify_return_to(); | 187 | virtual void verify_return_to(); |
| 188 | 188 | ||
| 189 | /** | 189 | /** |
| 190 | * @name Global persistent store API | 190 | * @name Global persistent store API |
| 191 | * These functions are related to the associations with RPs storage | 191 | * These functions are related to the associations with RPs storage |
| 192 | * and retrieval and nonce management. | 192 | * and retrieval and nonce management. |
| 193 | * @{ | 193 | * @{ |
| 194 | */ | 194 | */ |
| 195 | /** | 195 | /** |
| 196 | * Allocate association. | 196 | * Allocate association. |
| 197 | * @param type association type | 197 | * @param type association type |
diff --git a/include/opkele/verify_op.h b/include/opkele/verify_op.h index 6b94240..9e29bac 100644 --- a/include/opkele/verify_op.h +++ b/include/opkele/verify_op.h | |||
| @@ -1,23 +1,23 @@ | |||
| 1 | #ifndef __OPKELE_VERIFY_OP_H | 1 | #ifndef __OPKELE_VERIFY_OP_H |
| 2 | #define __OPKELE_VERIFY_OP_H | 2 | #define __OPKELE_VERIFY_OP_H |
| 3 | 3 | ||
| 4 | #include <opkele/basic_op.h> | 4 | #include <opkele/basic_op.h> |
| 5 | 5 | ||
| 6 | namespace opkele { | 6 | namespace opkele { |
| 7 | 7 | ||
| 8 | /** | 8 | /** |
| 9 | * The OP implementation that does discovery verification on RP | 9 | * The OP implementation that does discovery verification on RP |
| 10 | */ | 10 | */ |
| 11 | class verify_op : public basic_OP { | 11 | class verify_OP : public basic_OP { |
| 12 | public: | 12 | public: |
| 13 | 13 | ||
| 14 | /** | 14 | /** |
| 15 | * In addition to basic_OP::verify_return_to() functionality this | 15 | * In addition to basic_OP::verify_return_to() functionality this |
| 16 | * implementation does the discovery on RP to see if return_to matches | 16 | * implementation does the discovery on RP to see if return_to matches |
| 17 | * the realm | 17 | * the realm |
| 18 | * @throw bad_return_to in case we fail to discover corresponding | 18 | * @throw bad_return_to in case we fail to discover corresponding |
| 19 | * service endpoint | 19 | * service endpoint |
| 20 | */ | 20 | */ |
| 21 | void verify_return_to(); | 21 | void verify_return_to(); |
| 22 | }; | 22 | }; |
| 23 | 23 | ||
diff --git a/lib/verify_op.cc b/lib/verify_op.cc index 0beca2d..ab21b4f 100644 --- a/lib/verify_op.cc +++ b/lib/verify_op.cc | |||
| @@ -23,25 +23,25 @@ namespace opkele { | |||
| 23 | 23 | ||
| 24 | RP_verifier& operator*() { return *this; } | 24 | RP_verifier& operator*() { return *this; } |
| 25 | RP_verifier& operator=(const openid_endpoint_t& oep) { | 25 | RP_verifier& operator=(const openid_endpoint_t& oep) { |
| 26 | if(util::uri_matches_realm(return_to,oep.uri)) | 26 | if(util::uri_matches_realm(return_to,oep.uri)) |
| 27 | throw __RP_verifier_good_input(OPKELE_CP_ "Found matching realm"); | 27 | throw __RP_verifier_good_input(OPKELE_CP_ "Found matching realm"); |
| 28 | return *this; | 28 | return *this; |
| 29 | } | 29 | } |
| 30 | 30 | ||
| 31 | RP_verifier& operator++() { ++seen; return *this; } | 31 | RP_verifier& operator++() { ++seen; return *this; } |
| 32 | RP_verifier& operator++(int) { +seen; return *this; } | 32 | RP_verifier& operator++(int) { +seen; return *this; } |
| 33 | }; | 33 | }; |
| 34 | 34 | ||
| 35 | void verify_op::verify_return_to() { | 35 | void verify_OP::verify_return_to() { |
| 36 | basic_OP::verify_return_to(); | 36 | basic_OP::verify_return_to(); |
| 37 | try { | 37 | try { |
| 38 | RP_verifier rpv(return_to); | 38 | RP_verifier rpv(return_to); |
| 39 | string drealm = realm; | 39 | string drealm = realm; |
| 40 | string::size_type csss = drealm.find("://*."); | 40 | string::size_type csss = drealm.find("://*."); |
| 41 | if(csss==4 || csss==5) | 41 | if(csss==4 || csss==5) |
| 42 | drealm.replace(csss+3,1,"www"); | 42 | drealm.replace(csss+3,1,"www"); |
| 43 | const char *rtt[] = { STURI_OPENID20_RT, 0 }; | 43 | const char *rtt[] = { STURI_OPENID20_RT, 0 }; |
| 44 | yadiscover(rpv,drealm,rtt,false); | 44 | yadiscover(rpv,drealm,rtt,false); |
| 45 | if(rpv.seen) | 45 | if(rpv.seen) |
| 46 | throw bad_return_to(OPKELE_CP_ "return_to URL doesn't match any found while doing discovery on RP"); | 46 | throw bad_return_to(OPKELE_CP_ "return_to URL doesn't match any found while doing discovery on RP"); |
| 47 | }catch(__RP_verifier_good_input&) { | 47 | }catch(__RP_verifier_good_input&) { |
| @@ -43,25 +43,25 @@ class opdb_t : public sqlite3_t { | |||
| 43 | if(sqlite3_get_table( | 43 | if(sqlite3_get_table( |
| 44 | _D, "SELECT a_op FROM assoc LIMIT 0", | 44 | _D, "SELECT a_op FROM assoc LIMIT 0", |
| 45 | &resp,&nr,&nc,&errm)!=SQLITE_OK) { | 45 | &resp,&nr,&nc,&errm)!=SQLITE_OK) { |
| 46 | extern const char *__OP_db_bootstrap; | 46 | extern const char *__OP_db_bootstrap; |
| 47 | DOUT_("Bootstrapping DB"); | 47 | DOUT_("Bootstrapping DB"); |
| 48 | if(sqlite3_exec(_D,__OP_db_bootstrap,NULL,NULL,&errm)!=SQLITE_OK) | 48 | if(sqlite3_exec(_D,__OP_db_bootstrap,NULL,NULL,&errm)!=SQLITE_OK) |
| 49 | throw opkele::exception(OPKELE_CP_ string("Failed to boostrap SQLite database: ")+errm); | 49 | throw opkele::exception(OPKELE_CP_ string("Failed to boostrap SQLite database: ")+errm); |
| 50 | }else | 50 | }else |
| 51 | sqlite3_free_table(resp); | 51 | sqlite3_free_table(resp); |
| 52 | } | 52 | } |
| 53 | }; | 53 | }; |
| 54 | 54 | ||
| 55 | class example_op_t : public opkele::verify_op { | 55 | class example_op_t : public opkele::verify_OP { |
| 56 | public: | 56 | public: |
| 57 | kingate::cgi_gateway& gw; | 57 | kingate::cgi_gateway& gw; |
| 58 | opdb_t db; | 58 | opdb_t db; |
| 59 | kingate::cookie htc; | 59 | kingate::cookie htc; |
| 60 | 60 | ||
| 61 | 61 | ||
| 62 | example_op_t(kingate::cgi_gateway& gw) | 62 | example_op_t(kingate::cgi_gateway& gw) |
| 63 | : gw(gw) { | 63 | : gw(gw) { |
| 64 | try { | 64 | try { |
| 65 | htc = gw.cookies.get_cookie("htop_session"); | 65 | htc = gw.cookies.get_cookie("htop_session"); |
| 66 | sqlite3_mem_t<char*> S = sqlite3_mprintf( | 66 | sqlite3_mem_t<char*> S = sqlite3_mprintf( |
| 67 | "SELECT 1 FROM ht_sessions WHERE hts_id=%Q", | 67 | "SELECT 1 FROM ht_sessions WHERE hts_id=%Q", |