4 files changed, 4 insertions, 4 deletions
diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h
index 0e3231d..0326508 100644
--- a/include/opkele/basic_op.h
+++ b/include/opkele/basic_op.h
@@ -153,65 +153,65 @@ namespace opkele {
             * @param reference a reference token (can be empty)
             * @return reference to om
             */
            basic_openid_message& error(basic_openid_message& om,
                    const string& error,const string& contact,
                    const string& reference );
            /**
             * Build a setup_needed reply to checkid_immediate request
             * @param oum output OpenID message
             * @param inm incoming OpenID request being processed
             * @return reference to oum
             */
            basic_openid_message& setup_needed(
                    basic_openid_message& oum,const basic_openid_message& inm);
            /**
             * Process check_authentication request
             * @param oum output OpenID message
             * @param inm incoming request
             * @return reference to oum
             */
            basic_openid_message& check_authentication(
                    basic_openid_message& oum,const basic_openid_message& inm);
            /**
             * @}
             */
            /**
             * Verify return_to url. The default implementation checks whether
             * return_to URI matches the realm
             * @throw bad_realm in case of invalid realm
             * @throw bad_return_to if return_to doesn't match the realm
-             * @see verify_op::verify_return_to()
+             * @see verify_OP::verify_return_to()
             */
            virtual void verify_return_to();
            /**
             * @name Global persistent store API
             * These functions are related to the associations with RPs storage
             * and retrieval and nonce management.
             * @{
             */
            /**
             * Allocate association.
             * @param type association type
             * @param kl association key length
             * @param sl true if the association is stateless
             * @return association object
             */
            virtual assoc_t alloc_assoc(const string& type,size_t kl,bool sl) = 0;
            /**
             * Retrieve valid unexpired association
             * @param handle association handle
             * @return association object
             */
            virtual assoc_t retrieve_assoc(const string& handle) = 0;
            /**
             * Allocate nonce.
             * @param nonce input-output parameter containing timestamp part of
             * the nonce on input
             * @param sl true if the nonce is
             * @return reference to nonce
             * @throw failed_lookup if no such valid unexpired association
             * could be retrieved
             */
diff --git a/include/opkele/verify_op.h b/include/opkele/verify_op.h
index 6b94240..9e29bac 100644
--- a/include/opkele/verify_op.h
+++ b/include/opkele/verify_op.h
@@ -1,26 +1,26 @@
 #ifndef __OPKELE_VERIFY_OP_H
 #define __OPKELE_VERIFY_OP_H
 #include <opkele/basic_op.h>
 namespace opkele {
    /**
     * The OP implementation that does discovery verification on RP
     */
-    class verify_op : public basic_OP {
+    class verify_OP : public basic_OP {
        public:
        /**
         * In addition to basic_OP::verify_return_to() functionality this
         * implementation does the discovery on RP to see if return_to matches
         * the realm
         * @throw bad_return_to in case we fail to discover corresponding
         * service endpoint
         */
        void verify_return_to();
    };
 }
 #endif /* __OPKELE_VERIFY_OP_H */
diff --git a/lib/verify_op.cc b/lib/verify_op.cc
index 0beca2d..ab21b4f 100644
--- a/lib/verify_op.cc
+++ b/lib/verify_op.cc
@@ -3,51 +3,51 @@
 #include <opkele/exception.h>
 #include <opkele/util.h>
 #include <opkele/uris.h>
 namespace opkele {
    using std::output_iterator_tag;
    class __RP_verifier_good_input : public exception {
        public:
            __RP_verifier_good_input(OPKELE_E_PARS)
                : exception(OPKELE_E_CONS) { }
    };
    class RP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> {
        public:
            int seen;
            const string& return_to;
            RP_verifier(const string& rt)
                : return_to(rt), seen(0) { }
            RP_verifier& operator*() { return *this; }
            RP_verifier& operator=(const openid_endpoint_t& oep) {
                if(util::uri_matches_realm(return_to,oep.uri))
                    throw __RP_verifier_good_input(OPKELE_CP_ "Found matching realm");
                return *this;
            }
            RP_verifier& operator++() { ++seen; return *this; }
            RP_verifier& operator++(int) { +seen; return *this; }
    };
-    void verify_op::verify_return_to() {
+    void verify_OP::verify_return_to() {
        basic_OP::verify_return_to();
        try {
            RP_verifier rpv(return_to);
            string drealm = realm;
            string::size_type csss = drealm.find("://*.");
            if(csss==4 || csss==5)
                drealm.replace(csss+3,1,"www");
            const char *rtt[] = { STURI_OPENID20_RT, 0 };
            yadiscover(rpv,drealm,rtt,false);
            if(rpv.seen)
                throw bad_return_to(OPKELE_CP_ "return_to URL doesn't match any found while doing discovery on RP");
        }catch(__RP_verifier_good_input&) {
        }catch(bad_return_to& brt) {
            throw;
        }catch(exception_network&) { }
    }
 }
diff --git a/test/OP.cc b/test/OP.cc
index ce54d92..851d831 100644
--- a/test/OP.cc
+++ b/test/OP.cc
@@ -23,65 +23,65 @@ static const string get_self_url(const kingate::cgi_gateway& gw) {
    bool s = gw.has_meta("SSL_PROTOCOL_VERSION");
    string rv = s?"https://":"http://";
    rv += gw.http_request_header("Host");
    const string& port = gw.get_meta("SERVER_PORT");
    if( port!=(s?"443":"80") ) {
        rv += ':'; rv += port;
    }
    rv += gw.get_meta("REQUEST_URI");
    string::size_type q = rv.find('?');
    if(q!=string::npos)
        rv.erase(q);
    return rv;
 }
 class opdb_t : public sqlite3_t {
    public:
        opdb_t()
            : sqlite3_t("/tmp/OP.db") {
                assert(_D);
                char **resp; int nr,nc; char *errm;
                if(sqlite3_get_table(
                            _D, "SELECT a_op FROM assoc LIMIT 0",
                            &resp,&nr,&nc,&errm)!=SQLITE_OK) {
                    extern const char *__OP_db_bootstrap;
                    DOUT_("Bootstrapping DB");
                    if(sqlite3_exec(_D,__OP_db_bootstrap,NULL,NULL,&errm)!=SQLITE_OK)
                        throw opkele::exception(OPKELE_CP_ string("Failed to boostrap SQLite database: ")+errm);
                }else
                    sqlite3_free_table(resp);
            }
 };
-class example_op_t : public opkele::verify_op {
+class example_op_t : public opkele::verify_OP {
    public:
        kingate::cgi_gateway& gw;
        opdb_t db;
        kingate::cookie htc;
        example_op_t(kingate::cgi_gateway& gw)
        : gw(gw) {
            try {
                htc = gw.cookies.get_cookie("htop_session");
                sqlite3_mem_t<char*> S = sqlite3_mprintf(
                        "SELECT 1 FROM ht_sessions WHERE hts_id=%Q",
                        htc.get_value().c_str());
                sqlite3_table_t T; int nr,nc;
                db.get_table(S,T,&nr,&nc);
                if(nr<1)
                    throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation");
            }catch(kingate::exception_notfound& kenf) {
                uuid_t uuid; uuid_generate(uuid);
                htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid)));
                sqlite3_mem_t<char*> S = sqlite3_mprintf(
                        "INSERT INTO ht_sessions (hts_id) VALUES (%Q)",
                        htc.get_value().c_str());
                db.exec(S);
            }
        }
        void set_authorized(bool a) {
            sqlite3_mem_t<char*>
                S = sqlite3_mprintf(
                        "UPDATE ht_sessions"
                        " SET authorized=%d"

diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h index 0e3231d..0326508 100644 --- a/include/opkele/basic_op.h +++ b/include/opkele/basic_op.h
@@ -153,65 +153,65 @@ namespace opkele {
153	* @param reference a reference token (can be empty)	153	* @param reference a reference token (can be empty)
154	* @return reference to om	154	* @return reference to om
155	*/	155	*/
156	basic_openid_message& error(basic_openid_message& om,	156	basic_openid_message& error(basic_openid_message& om,
157	const string& error,const string& contact,	157	const string& error,const string& contact,
158	const string& reference );	158	const string& reference );
159	/**	159	/**
160	* Build a setup_needed reply to checkid_immediate request	160	* Build a setup_needed reply to checkid_immediate request
161	* @param oum output OpenID message	161	* @param oum output OpenID message
162	* @param inm incoming OpenID request being processed	162	* @param inm incoming OpenID request being processed
163	* @return reference to oum	163	* @return reference to oum
164	*/	164	*/
165	basic_openid_message& setup_needed(	165	basic_openid_message& setup_needed(
166	basic_openid_message& oum,const basic_openid_message& inm);	166	basic_openid_message& oum,const basic_openid_message& inm);
167		167
168	/**	168	/**
169	* Process check_authentication request	169	* Process check_authentication request
170	* @param oum output OpenID message	170	* @param oum output OpenID message
171	* @param inm incoming request	171	* @param inm incoming request
172	* @return reference to oum	172	* @return reference to oum
173	*/	173	*/
174	basic_openid_message& check_authentication(	174	basic_openid_message& check_authentication(
175	basic_openid_message& oum,const basic_openid_message& inm);	175	basic_openid_message& oum,const basic_openid_message& inm);
176	/**	176	/**
177	* @}	177	* @}
178	*/	178	*/
179		179
180	/**	180	/**
181	* Verify return_to url. The default implementation checks whether	181	* Verify return_to url. The default implementation checks whether
182	* return_to URI matches the realm	182	* return_to URI matches the realm
183	* @throw bad_realm in case of invalid realm	183	* @throw bad_realm in case of invalid realm
184	* @throw bad_return_to if return_to doesn't match the realm	184	* @throw bad_return_to if return_to doesn't match the realm
185	* @see verify_op::verify_return_to()	185	* @see verify_OP::verify_return_to()
186	*/	186	*/
187	virtual void verify_return_to();	187	virtual void verify_return_to();
188		188
189	/**	189	/**
190	* @name Global persistent store API	190	* @name Global persistent store API
191	* These functions are related to the associations with RPs storage	191	* These functions are related to the associations with RPs storage
192	* and retrieval and nonce management.	192	* and retrieval and nonce management.
193	* @{	193	* @{
194	*/	194	*/
195	/**	195	/**
196	* Allocate association.	196	* Allocate association.
197	* @param type association type	197	* @param type association type
198	* @param kl association key length	198	* @param kl association key length
199	* @param sl true if the association is stateless	199	* @param sl true if the association is stateless
200	* @return association object	200	* @return association object
201	*/	201	*/
202	virtual assoc_t alloc_assoc(const string& type,size_t kl,bool sl) = 0;	202	virtual assoc_t alloc_assoc(const string& type,size_t kl,bool sl) = 0;
203	/**	203	/**
204	* Retrieve valid unexpired association	204	* Retrieve valid unexpired association
205	* @param handle association handle	205	* @param handle association handle
206	* @return association object	206	* @return association object
207	*/	207	*/
208	virtual assoc_t retrieve_assoc(const string& handle) = 0;	208	virtual assoc_t retrieve_assoc(const string& handle) = 0;
209	/**	209	/**
210	* Allocate nonce.	210	* Allocate nonce.
211	* @param nonce input-output parameter containing timestamp part of	211	* @param nonce input-output parameter containing timestamp part of
212	* the nonce on input	212	* the nonce on input
213	* @param sl true if the nonce is	213	* @param sl true if the nonce is
214	* @return reference to nonce	214	* @return reference to nonce
215	* @throw failed_lookup if no such valid unexpired association	215	* @throw failed_lookup if no such valid unexpired association
216	* could be retrieved	216	* could be retrieved
217	*/	217	*/


diff --git a/include/opkele/verify_op.h b/include/opkele/verify_op.h index 6b94240..9e29bac 100644 --- a/include/opkele/verify_op.h +++ b/include/opkele/verify_op.h
@@ -1,26 +1,26 @@
1	#ifndef __OPKELE_VERIFY_OP_H	1	#ifndef __OPKELE_VERIFY_OP_H
2	#define __OPKELE_VERIFY_OP_H	2	#define __OPKELE_VERIFY_OP_H
3		3
4	#include <opkele/basic_op.h>	4	#include <opkele/basic_op.h>
5		5
6	namespace opkele {	6	namespace opkele {
7		7
8	/**	8	/**
9	* The OP implementation that does discovery verification on RP	9	* The OP implementation that does discovery verification on RP
10	*/	10	*/
11	class verify_op : public basic_OP {	11	class verify_OP : public basic_OP {
12	public:	12	public:
13		13
14	/**	14	/**
15	* In addition to basic_OP::verify_return_to() functionality this	15	* In addition to basic_OP::verify_return_to() functionality this
16	* implementation does the discovery on RP to see if return_to matches	16	* implementation does the discovery on RP to see if return_to matches
17	* the realm	17	* the realm
18	* @throw bad_return_to in case we fail to discover corresponding	18	* @throw bad_return_to in case we fail to discover corresponding
19	* service endpoint	19	* service endpoint
20	*/	20	*/
21	void verify_return_to();	21	void verify_return_to();
22	};	22	};
23		23
24	}	24	}
25		25
26	#endif /* __OPKELE_VERIFY_OP_H */	26	#endif /* __OPKELE_VERIFY_OP_H */


diff --git a/lib/verify_op.cc b/lib/verify_op.cc index 0beca2d..ab21b4f 100644 --- a/lib/verify_op.cc +++ b/lib/verify_op.cc
@@ -3,51 +3,51 @@
3	#include <opkele/exception.h>	3	#include <opkele/exception.h>
4	#include <opkele/util.h>	4	#include <opkele/util.h>
5	#include <opkele/uris.h>	5	#include <opkele/uris.h>
6		6
7	namespace opkele {	7	namespace opkele {
8	using std::output_iterator_tag;	8	using std::output_iterator_tag;
9		9
10	class __RP_verifier_good_input : public exception {	10	class __RP_verifier_good_input : public exception {
11	public:	11	public:
12	__RP_verifier_good_input(OPKELE_E_PARS)	12	__RP_verifier_good_input(OPKELE_E_PARS)
13	: exception(OPKELE_E_CONS) { }	13	: exception(OPKELE_E_CONS) { }
14	};	14	};
15		15
16	class RP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> {	16	class RP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> {
17	public:	17	public:
18	int seen;	18	int seen;
19	const string& return_to;	19	const string& return_to;
20		20
21	RP_verifier(const string& rt)	21	RP_verifier(const string& rt)
22	: return_to(rt), seen(0) { }	22	: return_to(rt), seen(0) { }
23		23
24	RP_verifier& operator() { return this; }	24	RP_verifier& operator() { return this; }
25	RP_verifier& operator=(const openid_endpoint_t& oep) {	25	RP_verifier& operator=(const openid_endpoint_t& oep) {
26	if(util::uri_matches_realm(return_to,oep.uri))	26	if(util::uri_matches_realm(return_to,oep.uri))
27	throw __RP_verifier_good_input(OPKELE_CP_ "Found matching realm");	27	throw __RP_verifier_good_input(OPKELE_CP_ "Found matching realm");
28	return *this;	28	return *this;
29	}	29	}
30		30
31	RP_verifier& operator++() { ++seen; return *this; }	31	RP_verifier& operator++() { ++seen; return *this; }
32	RP_verifier& operator++(int) { +seen; return *this; }	32	RP_verifier& operator++(int) { +seen; return *this; }
33	};	33	};
34		34
35	void verify_op::verify_return_to() {	35	void verify_OP::verify_return_to() {
36	basic_OP::verify_return_to();	36	basic_OP::verify_return_to();
37	try {	37	try {
38	RP_verifier rpv(return_to);	38	RP_verifier rpv(return_to);
39	string drealm = realm;	39	string drealm = realm;
40	string::size_type csss = drealm.find("://*.");	40	string::size_type csss = drealm.find("://*.");
41	if(csss==4 \|\| csss==5)	41	if(csss==4 \|\| csss==5)
42	drealm.replace(csss+3,1,"www");	42	drealm.replace(csss+3,1,"www");
43	const char *rtt[] = { STURI_OPENID20_RT, 0 };	43	const char *rtt[] = { STURI_OPENID20_RT, 0 };
44	yadiscover(rpv,drealm,rtt,false);	44	yadiscover(rpv,drealm,rtt,false);
45	if(rpv.seen)	45	if(rpv.seen)
46	throw bad_return_to(OPKELE_CP_ "return_to URL doesn't match any found while doing discovery on RP");	46	throw bad_return_to(OPKELE_CP_ "return_to URL doesn't match any found while doing discovery on RP");
47	}catch(__RP_verifier_good_input&) {	47	}catch(__RP_verifier_good_input&) {
48	}catch(bad_return_to& brt) {	48	}catch(bad_return_to& brt) {
49	throw;	49	throw;
50	}catch(exception_network&) { }	50	}catch(exception_network&) { }
51	}	51	}
52		52
53	}	53	}


diff --git a/test/OP.cc b/test/OP.cc index ce54d92..851d831 100644 --- a/test/OP.cc +++ b/test/OP.cc
@@ -23,65 +23,65 @@ static const string get_self_url(const kingate::cgi_gateway& gw) {
23	bool s = gw.has_meta("SSL_PROTOCOL_VERSION");	23	bool s = gw.has_meta("SSL_PROTOCOL_VERSION");
24	string rv = s?"https://":"http://";	24	string rv = s?"https://":"http://";
25	rv += gw.http_request_header("Host");	25	rv += gw.http_request_header("Host");
26	const string& port = gw.get_meta("SERVER_PORT");	26	const string& port = gw.get_meta("SERVER_PORT");
27	if( port!=(s?"443":"80") ) {	27	if( port!=(s?"443":"80") ) {
28	rv += ':'; rv += port;	28	rv += ':'; rv += port;
29	}	29	}
30	rv += gw.get_meta("REQUEST_URI");	30	rv += gw.get_meta("REQUEST_URI");
31	string::size_type q = rv.find('?');	31	string::size_type q = rv.find('?');
32	if(q!=string::npos)	32	if(q!=string::npos)
33	rv.erase(q);	33	rv.erase(q);
34	return rv;	34	return rv;
35	}	35	}
36		36
37	class opdb_t : public sqlite3_t {	37	class opdb_t : public sqlite3_t {
38	public:	38	public:
39	opdb_t()	39	opdb_t()
40	: sqlite3_t("/tmp/OP.db") {	40	: sqlite3_t("/tmp/OP.db") {
41	assert(_D);	41	assert(_D);
42	char *resp; int nr,nc; char errm;	42	char *resp; int nr,nc; char errm;
43	if(sqlite3_get_table(	43	if(sqlite3_get_table(
44	_D, "SELECT a_op FROM assoc LIMIT 0",	44	_D, "SELECT a_op FROM assoc LIMIT 0",
45	&resp,&nr,&nc,&errm)!=SQLITE_OK) {	45	&resp,&nr,&nc,&errm)!=SQLITE_OK) {
46	extern const char *__OP_db_bootstrap;	46	extern const char *__OP_db_bootstrap;
47	DOUT_("Bootstrapping DB");	47	DOUT_("Bootstrapping DB");
48	if(sqlite3_exec(_D,__OP_db_bootstrap,NULL,NULL,&errm)!=SQLITE_OK)	48	if(sqlite3_exec(_D,__OP_db_bootstrap,NULL,NULL,&errm)!=SQLITE_OK)
49	throw opkele::exception(OPKELE_CP_ string("Failed to boostrap SQLite database: ")+errm);	49	throw opkele::exception(OPKELE_CP_ string("Failed to boostrap SQLite database: ")+errm);
50	}else	50	}else
51	sqlite3_free_table(resp);	51	sqlite3_free_table(resp);
52	}	52	}
53	};	53	};
54		54
55	class example_op_t : public opkele::verify_op {	55	class example_op_t : public opkele::verify_OP {
56	public:	56	public:
57	kingate::cgi_gateway& gw;	57	kingate::cgi_gateway& gw;
58	opdb_t db;	58	opdb_t db;
59	kingate::cookie htc;	59	kingate::cookie htc;
60		60
61		61
62	example_op_t(kingate::cgi_gateway& gw)	62	example_op_t(kingate::cgi_gateway& gw)
63	: gw(gw) {	63	: gw(gw) {
64	try {	64	try {
65	htc = gw.cookies.get_cookie("htop_session");	65	htc = gw.cookies.get_cookie("htop_session");
66	sqlite3_mem_t<char*> S = sqlite3_mprintf(	66	sqlite3_mem_t<char*> S = sqlite3_mprintf(
67	"SELECT 1 FROM ht_sessions WHERE hts_id=%Q",	67	"SELECT 1 FROM ht_sessions WHERE hts_id=%Q",
68	htc.get_value().c_str());	68	htc.get_value().c_str());
69	sqlite3_table_t T; int nr,nc;	69	sqlite3_table_t T; int nr,nc;
70	db.get_table(S,T,&nr,&nc);	70	db.get_table(S,T,&nr,&nc);
71	if(nr<1)	71	if(nr<1)
72	throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation");	72	throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation");
73	}catch(kingate::exception_notfound& kenf) {	73	}catch(kingate::exception_notfound& kenf) {
74	uuid_t uuid; uuid_generate(uuid);	74	uuid_t uuid; uuid_generate(uuid);
75	htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid)));	75	htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid)));
76	sqlite3_mem_t<char*> S = sqlite3_mprintf(	76	sqlite3_mem_t<char*> S = sqlite3_mprintf(
77	"INSERT INTO ht_sessions (hts_id) VALUES (%Q)",	77	"INSERT INTO ht_sessions (hts_id) VALUES (%Q)",
78	htc.get_value().c_str());	78	htc.get_value().c_str());
79	db.exec(S);	79	db.exec(S);
80	}	80	}
81	}	81	}
82		82
83	void set_authorized(bool a) {	83	void set_authorized(bool a) {
84	sqlite3_mem_t<char*>	84	sqlite3_mem_t<char*>
85	S = sqlite3_mprintf(	85	S = sqlite3_mprintf(
86	"UPDATE ht_sessions"	86	"UPDATE ht_sessions"
87	" SET authorized=%d"	87	" SET authorized=%d"