summaryrefslogtreecommitdiffabout
Side-by-side diff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/types.h18
-rw-r--r--lib/params.cc13
-rw-r--r--lib/secret.cc12
3 files changed, 30 insertions, 13 deletions
diff --git a/include/opkele/types.h b/include/opkele/types.h
index 520618d..ca07df5 100644
--- a/include/opkele/types.h
+++ b/include/opkele/types.h
@@ -1,235 +1,243 @@
#ifndef __OPKELE_TYPES_H
#define __OPKELE_TYPES_H
/**
* @file
* @brief various types declarations
*/
#include <ostream>
#include <vector>
#include <string>
#include <map>
#include <memory>
#include <set>
namespace opkele {
using std::vector;
using std::string;
using std::map;
using std::ostream;
using std::auto_ptr;
using std::multimap;
using std::set;
/**
* the OpenID operation mode
*/
typedef enum _mode_t {
mode_associate,
mode_checkid_immediate,
mode_checkid_setup,
mode_check_association
} mode_t;
/**
* the association secret container
*/
class secret_t : public vector<unsigned char> {
public:
/**
* xor the secret and hmac together and encode, using base64
- * @param key_sha1 pointer to the sha1 digest
+ * @param key_d pointer to the message digest
* @param rv reference to the return value
*/
- void enxor_to_base64(const unsigned char *key_sha1,string& rv) const;
+ void enxor_to_base64(const unsigned char *key_d,string& rv) const;
/**
- * decode base64-encoded secret and xor it with the sha1 digest
- * @param key_sha1 pointer to the message digest
+ * decode base64-encoded secret and xor it with the message digest
+ * @param key_d pointer to the message digest
* @param b64 base64-encoded secret value
*/
- void enxor_from_base64(const unsigned char *key_sha1,const string& b64);
+ void enxor_from_base64(const unsigned char *key_d,const string& b64);
/**
* plainly encode to base64 representation
* @param rv reference to the return value
*/
void to_base64(string& rv) const;
/**
* decode cleartext secret from base64
* @param b64 base64-encoded representation of the secret value
*/
void from_base64(const string& b64);
};
/**
* Interface to the association.
*/
class association_t {
public:
virtual ~association_t() { }
/**
* retrieve the server with which association was established.
* @return server name
*/
virtual string server() const = 0;
/**
* retrieve the association handle.
* @return handle
*/
virtual string handle() const = 0;
/**
* retrieve the association type.
* @return association type
*/
virtual string assoc_type() const = 0;
/**
* retrieve the association secret.
* @return association secret
*/
virtual secret_t secret() const = 0;
/**
* retrieve the number of seconds the association expires in.
* @return seconds till expiration
*/
virtual int expires_in() const = 0;
/**
* check whether the association is stateless.
* @return true if stateless
*/
virtual bool stateless() const = 0;
/**
* check whether the association is expired.
* @return true if expired
*/
virtual bool is_expired() const = 0;
};
/**
* the auto_ptr<> for association_t object type
*/
typedef auto_ptr<association_t> assoc_t;
/**
* request/response parameters map
*/
class params_t : public map<string,string> {
public:
/**
* check whether the parameter is present.
* @param n the parameter name
* @return true if yes
*/
bool has_param(const string& n) const;
/**
* retrieve the parameter (const version)
* @param n the parameter name
* @return the parameter value
* @throw failed_lookup if there is no such parameter
*/
const string& get_param(const string& n) const;
/**
* retrieve the parameter.
* @param n the parameter name
* @return the parameter value
* @throw failed_lookup if there is no such parameter
*/
string& get_param(const string& n);
/**
* parse the OpenID key/value data.
* @param kv the OpenID key/value data
*/
void parse_keyvalues(const string& kv);
/**
* sign the fields.
* @param secret the secret used for signing
* @param sig reference to the string, containing base64-encoded
* result
* @param slist the comma-separated list of fields to sign
* @param prefix the string to prepend to parameter names
*/
void sign(secret_t secret,string& sig,const string& slist,const char *prefix=0) const;
/**
* append parameters to the URL as a GET-request parameters.
* @param url the base URL
* @param prefix the string to prepend to parameter names
* @return the ready-to-use location
*/
string append_query(const string& url,const char *prefix = "openid.") const;
+
+ /**
+ * make up a query string suitable for use in GET and POST
+ * requests.
+ * @param prefix string to prened to parameter names
+ * @return query string
+ */
+ string query_string(const char *prefix = "openid.") const;
};
/**
* dump the key/value pairs for the parameters to the stream.
* @param o output stream
* @param p the parameters
*/
ostream& operator << (ostream& o,const params_t& p);
namespace xrd {
struct priority_compare {
inline bool operator()(long a,long b) const {
return (a<0) ? false : (b<0) ? false : (a<b);
}
};
template <typename _DT>
class priority_map : public multimap<long,_DT,priority_compare> {
typedef multimap<long,_DT,priority_compare> map_type;
public:
inline _DT& add(long priority,const _DT& d) {
return insert(typename map_type::value_type(priority,d))->second;
}
};
typedef priority_map<string> canonical_ids_t;
typedef priority_map<string> local_ids_t;
typedef set<string> types_t;
typedef priority_map<string> uris_t;
class service_t {
public:
types_t types;
uris_t uris;
local_ids_t local_ids;
void clear() {
types.clear();
uris.clear(); local_ids.clear();
}
};
typedef priority_map<service_t> services_t;
class XRD_t {
public:
time_t expires;
canonical_ids_t canonical_ids;
local_ids_t local_ids;
services_t services;
void clear() {
expires = 0;
canonical_ids.clear(); local_ids.clear();
services.clear();
}
bool empty() const {
return
canonical_ids.empty()
&& local_ids.empty()
&& services.empty();
}
};
}
}
#endif /* __OPKELE_TYPES_H */
diff --git a/lib/params.cc b/lib/params.cc
index ea86d3a..7a572c1 100644
--- a/lib/params.cc
+++ b/lib/params.cc
@@ -1,108 +1,121 @@
#include <opkele/types.h>
#include <opkele/exception.h>
#include <opkele/util.h>
#include <openssl/sha.h>
#include <openssl/hmac.h>
#include "config.h"
namespace opkele {
using namespace std;
bool params_t::has_param(const string& n) const {
return find(n)!=end();
}
const string& params_t::get_param(const string& n) const {
const_iterator i = find(n);
if(i==end())
throw failed_lookup(OPKELE_CP_ n+": no such parameter");
return i->second;
}
string& params_t::get_param(const string& n) {
iterator i = find(n);
if(i==end())
throw failed_lookup(OPKELE_CP_ n+": no such parameter");
return i->second;
}
void params_t::parse_keyvalues(const string& kv) {
clear();
string::size_type p = 0;
while(true) {
string::size_type co = kv.find(':',p);
if(co==string::npos)
break;
#ifndef POSTELS_LAW
string::size_type nl = kv.find('\n',co+1);
if(nl==string::npos)
throw bad_input(OPKELE_CP_ "malformed input");
if(nl>co)
insert(value_type(kv.substr(p,co-p),kv.substr(co+1,nl-co-1)));
p = nl+1;
#else /* POSTELS_LAW */
string::size_type lb = kv.find_first_of("\r\n",co+1);
if(lb==string::npos) {
insert(value_type(kv.substr(p,co-p),kv.substr(co+1)));
break;
}
if(lb>co)
insert(value_type(kv.substr(p,co-p),kv.substr(co+1,lb-co-1)));
string::size_type nolb = kv.find_first_not_of("\r\n",lb);
if(nolb==string::npos)
break;
p = nolb;
#endif /* POSTELS_LAW */
}
}
void params_t::sign(secret_t secret,string& sig,const string& slist,const char *prefix) const {
string kv;
string::size_type p = 0;
while(true) {
string::size_type co = slist.find(',',p);
string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p);
kv += f;
kv += ':';
if(prefix) f.insert(0,prefix);
kv += get_param(f);
kv += '\n';
if(co==string::npos)
break;
p = co+1;
}
unsigned int md_len = 0;
unsigned char *md = HMAC(
EVP_sha1(),
&(secret.front()),secret.size(),
(const unsigned char *)kv.data(),kv.length(),
0,&md_len);
sig = util::encode_base64(md,md_len);
}
string params_t::append_query(const string& url,const char *prefix) const {
string rv = url;
bool p = true;
if(rv.find('?')==string::npos) {
rv += '?';
p = false;
}
for(const_iterator i=begin();i!=end();++i) {
if(p)
rv += '&';
else
p = true;
rv += prefix;
rv += i->first;
rv += '=';
rv += util::url_encode(i->second);
}
return rv;
}
+ string params_t::query_string(const char *prefix) const {
+ string rv;
+ for(const_iterator i=begin();i!=end();++i) {
+ if(!rv.empty())
+ rv += '&';
+ rv += prefix;
+ rv += i->first;
+ rv += '=';
+ rv += util::url_encode(i->second);
+ }
+ return rv;
+ }
+
ostream& operator << (ostream& o,const params_t& p) {
for(params_t::const_iterator i=p.begin();i!=p.end();++i)
o << i->first << ':' << i->second << '\n';
return o;
}
}
diff --git a/lib/secret.cc b/lib/secret.cc
index 632a2ca..d538890 100644
--- a/lib/secret.cc
+++ b/lib/secret.cc
@@ -1,49 +1,45 @@
#include <algorithm>
#include <functional>
#include <opkele/types.h>
#include <opkele/exception.h>
#include <opkele/util.h>
namespace opkele {
using namespace std;
template<class __a1,class __a2,class __r>
struct bitwise_xor : public binary_function<__a1,__a2,__r> {
__r operator() (const __a1& a1,const __a2& a2) const {
return a1^a2;
}
};
- void secret_t::enxor_to_base64(const unsigned char *key_sha1,string& rv) const {
- if(size()!=20)
- throw bad_input(OPKELE_CP_ "wrong secret size");
+ void secret_t::enxor_to_base64(const unsigned char *key_d,string& rv) const {
vector<unsigned char> tmp;
transform(
begin(), end(),
- key_sha1,
+ key_d,
back_insert_iterator<vector<unsigned char> >(tmp),
bitwise_xor<unsigned char,unsigned char,unsigned char>() );
rv = util::encode_base64(&(tmp.front()),tmp.size());
}
- void secret_t::enxor_from_base64(const unsigned char *key_sha1,const string& b64) {
+ void secret_t::enxor_from_base64(const unsigned char *key_d,const string& b64) {
clear();
util::decode_base64(b64,*this);
transform(
begin(), end(),
- key_sha1,
+ key_d,
begin(),
bitwise_xor<unsigned char,unsigned char,unsigned char>() );
}
void secret_t::to_base64(string& rv) const {
- if(size()!=20)
- throw bad_input(OPKELE_CP_ "wrong secret size");
rv = util::encode_base64(&(front()),size());
}
void secret_t::from_base64(const string& b64) {
util::decode_base64(b64,*this);
}
}