summaryrefslogtreecommitdiffabout
Side-by-side diff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/basic_op.h2
-rw-r--r--include/opkele/verify_op.h2
-rw-r--r--lib/verify_op.cc2
-rw-r--r--test/OP.cc2
4 files changed, 4 insertions, 4 deletions
diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h
index 0e3231d..0326508 100644
--- a/include/opkele/basic_op.h
+++ b/include/opkele/basic_op.h
@@ -153,65 +153,65 @@ namespace opkele {
* @param reference a reference token (can be empty)
* @return reference to om
*/
basic_openid_message& error(basic_openid_message& om,
const string& error,const string& contact,
const string& reference );
/**
* Build a setup_needed reply to checkid_immediate request
* @param oum output OpenID message
* @param inm incoming OpenID request being processed
* @return reference to oum
*/
basic_openid_message& setup_needed(
basic_openid_message& oum,const basic_openid_message& inm);
/**
* Process check_authentication request
* @param oum output OpenID message
* @param inm incoming request
* @return reference to oum
*/
basic_openid_message& check_authentication(
basic_openid_message& oum,const basic_openid_message& inm);
/**
* @}
*/
/**
* Verify return_to url. The default implementation checks whether
* return_to URI matches the realm
* @throw bad_realm in case of invalid realm
* @throw bad_return_to if return_to doesn't match the realm
- * @see verify_op::verify_return_to()
+ * @see verify_OP::verify_return_to()
*/
virtual void verify_return_to();
/**
* @name Global persistent store API
* These functions are related to the associations with RPs storage
* and retrieval and nonce management.
* @{
*/
/**
* Allocate association.
* @param type association type
* @param kl association key length
* @param sl true if the association is stateless
* @return association object
*/
virtual assoc_t alloc_assoc(const string& type,size_t kl,bool sl) = 0;
/**
* Retrieve valid unexpired association
* @param handle association handle
* @return association object
*/
virtual assoc_t retrieve_assoc(const string& handle) = 0;
/**
* Allocate nonce.
* @param nonce input-output parameter containing timestamp part of
* the nonce on input
* @param sl true if the nonce is
* @return reference to nonce
* @throw failed_lookup if no such valid unexpired association
* could be retrieved
*/
diff --git a/include/opkele/verify_op.h b/include/opkele/verify_op.h
index 6b94240..9e29bac 100644
--- a/include/opkele/verify_op.h
+++ b/include/opkele/verify_op.h
@@ -1,26 +1,26 @@
#ifndef __OPKELE_VERIFY_OP_H
#define __OPKELE_VERIFY_OP_H
#include <opkele/basic_op.h>
namespace opkele {
/**
* The OP implementation that does discovery verification on RP
*/
- class verify_op : public basic_OP {
+ class verify_OP : public basic_OP {
public:
/**
* In addition to basic_OP::verify_return_to() functionality this
* implementation does the discovery on RP to see if return_to matches
* the realm
* @throw bad_return_to in case we fail to discover corresponding
* service endpoint
*/
void verify_return_to();
};
}
#endif /* __OPKELE_VERIFY_OP_H */
diff --git a/lib/verify_op.cc b/lib/verify_op.cc
index 0beca2d..ab21b4f 100644
--- a/lib/verify_op.cc
+++ b/lib/verify_op.cc
@@ -3,51 +3,51 @@
#include <opkele/exception.h>
#include <opkele/util.h>
#include <opkele/uris.h>
namespace opkele {
using std::output_iterator_tag;
class __RP_verifier_good_input : public exception {
public:
__RP_verifier_good_input(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
class RP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> {
public:
int seen;
const string& return_to;
RP_verifier(const string& rt)
: return_to(rt), seen(0) { }
RP_verifier& operator*() { return *this; }
RP_verifier& operator=(const openid_endpoint_t& oep) {
if(util::uri_matches_realm(return_to,oep.uri))
throw __RP_verifier_good_input(OPKELE_CP_ "Found matching realm");
return *this;
}
RP_verifier& operator++() { ++seen; return *this; }
RP_verifier& operator++(int) { +seen; return *this; }
};
- void verify_op::verify_return_to() {
+ void verify_OP::verify_return_to() {
basic_OP::verify_return_to();
try {
RP_verifier rpv(return_to);
string drealm = realm;
string::size_type csss = drealm.find("://*.");
if(csss==4 || csss==5)
drealm.replace(csss+3,1,"www");
const char *rtt[] = { STURI_OPENID20_RT, 0 };
yadiscover(rpv,drealm,rtt,false);
if(rpv.seen)
throw bad_return_to(OPKELE_CP_ "return_to URL doesn't match any found while doing discovery on RP");
}catch(__RP_verifier_good_input&) {
}catch(bad_return_to& brt) {
throw;
}catch(exception_network&) { }
}
}
diff --git a/test/OP.cc b/test/OP.cc
index ce54d92..851d831 100644
--- a/test/OP.cc
+++ b/test/OP.cc
@@ -23,65 +23,65 @@ static const string get_self_url(const kingate::cgi_gateway& gw) {
bool s = gw.has_meta("SSL_PROTOCOL_VERSION");
string rv = s?"https://":"http://";
rv += gw.http_request_header("Host");
const string& port = gw.get_meta("SERVER_PORT");
if( port!=(s?"443":"80") ) {
rv += ':'; rv += port;
}
rv += gw.get_meta("REQUEST_URI");
string::size_type q = rv.find('?');
if(q!=string::npos)
rv.erase(q);
return rv;
}
class opdb_t : public sqlite3_t {
public:
opdb_t()
: sqlite3_t("/tmp/OP.db") {
assert(_D);
char **resp; int nr,nc; char *errm;
if(sqlite3_get_table(
_D, "SELECT a_op FROM assoc LIMIT 0",
&resp,&nr,&nc,&errm)!=SQLITE_OK) {
extern const char *__OP_db_bootstrap;
DOUT_("Bootstrapping DB");
if(sqlite3_exec(_D,__OP_db_bootstrap,NULL,NULL,&errm)!=SQLITE_OK)
throw opkele::exception(OPKELE_CP_ string("Failed to boostrap SQLite database: ")+errm);
}else
sqlite3_free_table(resp);
}
};
-class example_op_t : public opkele::verify_op {
+class example_op_t : public opkele::verify_OP {
public:
kingate::cgi_gateway& gw;
opdb_t db;
kingate::cookie htc;
example_op_t(kingate::cgi_gateway& gw)
: gw(gw) {
try {
htc = gw.cookies.get_cookie("htop_session");
sqlite3_mem_t<char*> S = sqlite3_mprintf(
"SELECT 1 FROM ht_sessions WHERE hts_id=%Q",
htc.get_value().c_str());
sqlite3_table_t T; int nr,nc;
db.get_table(S,T,&nr,&nc);
if(nr<1)
throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation");
}catch(kingate::exception_notfound& kenf) {
uuid_t uuid; uuid_generate(uuid);
htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid)));
sqlite3_mem_t<char*> S = sqlite3_mprintf(
"INSERT INTO ht_sessions (hts_id) VALUES (%Q)",
htc.get_value().c_str());
db.exec(S);
}
}
void set_authorized(bool a) {
sqlite3_mem_t<char*>
S = sqlite3_mprintf(
"UPDATE ht_sessions"
" SET authorized=%d"