summaryrefslogtreecommitdiffabout
Unidiff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/oauth/consumer.h14
-rw-r--r--lib/oauth-consumer.cc18
2 files changed, 25 insertions, 7 deletions
diff --git a/include/opkele/oauth/consumer.h b/include/opkele/oauth/consumer.h
index 9196297..eb4f753 100644
--- a/include/opkele/oauth/consumer.h
+++ b/include/opkele/oauth/consumer.h
@@ -1,125 +1,131 @@
1#ifndef __OPKELE_OAUTH_CONSUMER_H 1#ifndef __OPKELE_OAUTH_CONSUMER_H
2#define __OPKELE_OAUTH_CONSUMER_H 2#define __OPKELE_OAUTH_CONSUMER_H
3 3
4#include <string> 4#include <string>
5#include <opkele/types.h> 5#include <opkele/types.h>
6#include <opkele/oauth.h> 6#include <opkele/oauth.h>
7#include <opkele/curl.h> 7#include <opkele/curl.h>
8 8
9namespace opkele { 9namespace opkele {
10 namespace oauth { 10 namespace oauth {
11 using std::string; 11 using std::string;
12 12
13 enum oauth_method_t { 13 enum oauth_method_t {
14 oauth_auth_header, oauth_post_body, oauth_url_query 14 oauth_auth_header, oauth_post_body, oauth_url_query,
15 oauth_method_default = oauth_auth_header
15 }; 16 };
16 17
17 struct service_endpoint_t { 18 struct service_endpoint_t {
18 string url; 19 string url;
19 string signature_method; 20 string signature_method;
20 oauth_method_t oauth_method; 21 oauth_method_t oauth_method;
21 22
22 service_endpoint_t(const string& u,const string& sm,oauth_method_t om) 23 service_endpoint_t() : oauth_method(oauth_method_default) { }
24 service_endpoint_t(const string& u,const string& sm,oauth_method_t om=oauth_method_default)
23 : url(u), signature_method(sm), oauth_method(om) { } 25 : url(u), signature_method(sm), oauth_method(om) { }
24 }; 26 };
25 27
26 class basic_provider_endpoints { 28 class basic_provider_endpoints {
27 public: 29 public:
28 30
29 virtual ~basic_provider_endpoints() { } 31 virtual ~basic_provider_endpoints() { }
30 32
31 virtual const service_endpoint_t& get_request_token_endpoint() const = 0; 33 virtual const service_endpoint_t& get_request_token_endpoint() const = 0;
32 virtual const service_endpoint_t& get_authorize_user_endpoint() const = 0; 34 virtual const service_endpoint_t& get_authorize_user_endpoint() const = 0;
33 virtual const service_endpoint_t& get_access_token_endpoint() const = 0; 35 virtual const service_endpoint_t& get_access_token_endpoint() const = 0;
34 36
35 virtual service_endpoint_t& get_url_endpoint(service_endpoint_t& sep, 37 virtual service_endpoint_t& get_url_endpoint(service_endpoint_t& sep,
36 const string& url) const = 0; 38 const string& url) const = 0;
37 }; 39 };
38 40
39 struct http_request_t { 41 struct http_request_t {
40 string authorize_header; 42 string authorize_header;
41 string method; 43 string method;
42 string url; 44 string url;
43 string body; 45 string body;
44 46
45 util::curl_slist_t _curl_headers_list; 47 util::curl_slist_t _curl_headers_list;
46 48
47 http_request_t(const string& m,const string& u) 49 http_request_t(const string& m,const string& u)
48 : method(m), url(u) { } 50 : method(m), url(u) { }
49 51
50 void setup_curl(CURL *curl); 52 void setup_curl(CURL *curl);
51 }; 53 };
52 54
53 class basic_consumer { 55 class basic_consumer {
54 public: 56 public:
55 token_t consumer_token; 57 token_t consumer_token;
56 58
57 basic_consumer(const token_t& ct) 59 basic_consumer(const token_t& ct)
58 : consumer_token(ct) { } 60 : consumer_token(ct) { }
59 virtual ~basic_consumer() { } 61 virtual ~basic_consumer() { }
60 62
61 virtual const basic_provider_endpoints& get_endpoints() const = 0; 63 virtual const basic_provider_endpoints& get_endpoints() const = 0;
62 virtual const string allocate_nonce(time_t ts) = 0; 64 virtual const string allocate_nonce(time_t ts) = 0;
63 65
64 token_t get_request_token(); 66 token_t get_request_token();
65 const string get_authorize_url(const token_t& rt,const string& callback=""); 67 const string get_authorize_url(const token_t& rt,const string& callback="");
66 token_t get_access_token(const token_t& rt); 68 token_t get_access_token(const token_t& rt);
67 69
68 void prepare_request( 70 http_request_t& prepare_request(
69 http_request_t& req, 71 http_request_t& req,
70 const basic_fields& qf,const basic_fields& pf, 72 const basic_fields& qf,const basic_fields& pf,
71 oauth_method_t om,const string& sm, 73 oauth_method_t om,const string& sm,
72 const token_t *t=0,const string& realm=""); 74 const token_t *t=0,const string& realm="");
73 void prepare_request( 75 http_request_t& prepare_request(
74 http_request_t& req, 76 http_request_t& req,
75 const basic_fields& qf,const basic_fields& pf, 77 const basic_fields& qf,const basic_fields& pf,
76 const service_endpoint_t& sep, 78 const service_endpoint_t& sep,
77 const token_t *t=0,const string& realm=""); 79 const token_t *t=0,const string& realm="");
80 http_request_t& prepare_request(
81 http_request_t& req,
82 const basic_fields& qf,const basic_fields& pf,
83 const token_t *t=0,const string& realm="");
78 84
79 const string signature( 85 const string signature(
80 const string& method, 86 const string& method,
81 const string& url, 87 const string& url,
82 const basic_fields& fields, 88 const basic_fields& fields,
83 const token_t* rt=0); 89 const token_t* rt=0);
84 90
85 token_t acquire_token( 91 token_t acquire_token(
86 const service_endpoint_t& sep, 92 const service_endpoint_t& sep,
87 const token_t* rt=0); 93 const token_t* rt=0);
88 }; 94 };
89 95
90 class simple_provider_endpoints : public basic_provider_endpoints { 96 class simple_provider_endpoints : public basic_provider_endpoints {
91 public: 97 public:
92 service_endpoint_t sep_request_token; 98 service_endpoint_t sep_request_token;
93 service_endpoint_t sep_authorize_user; 99 service_endpoint_t sep_authorize_user;
94 service_endpoint_t sep_access_token; 100 service_endpoint_t sep_access_token;
95 service_endpoint_t sep_generic; 101 service_endpoint_t sep_generic;
96 102
97 simple_provider_endpoints( 103 simple_provider_endpoints(
98 const string& rt,const string& au,const string& at, 104 const string& rt,const string& au,const string& at,
99 const string& sm, 105 const string& sm,
100 oauth_method_t ams=oauth_post_body, 106 oauth_method_t ams=oauth_post_body,
101 oauth_method_t amr=oauth_auth_header ) 107 oauth_method_t amr=oauth_auth_header )
102 : sep_request_token(rt,sm,ams), 108 : sep_request_token(rt,sm,ams),
103 sep_authorize_user(au,sm,oauth_url_query), 109 sep_authorize_user(au,sm,oauth_url_query),
104 sep_access_token(at,sm,ams), 110 sep_access_token(at,sm,ams),
105 sep_generic("",sm,amr) { } 111 sep_generic("",sm,amr) { }
106 112
107 const service_endpoint_t& get_request_token_endpoint() const; 113 const service_endpoint_t& get_request_token_endpoint() const;
108 const service_endpoint_t& get_authorize_user_endpoint() const; 114 const service_endpoint_t& get_authorize_user_endpoint() const;
109 const service_endpoint_t& get_access_token_endpoint() const; 115 const service_endpoint_t& get_access_token_endpoint() const;
110 service_endpoint_t& get_url_endpoint(service_endpoint_t& sep, 116 service_endpoint_t& get_url_endpoint(service_endpoint_t& sep,
111 const string& url) const; 117 const string& url) const;
112 }; 118 };
113 119
114 class simple_consumer : public basic_consumer { 120 class simple_consumer : public basic_consumer {
115 public: 121 public:
116 simple_provider_endpoints peps; 122 simple_provider_endpoints peps;
117 123
118 simple_consumer(const simple_provider_endpoints& eps, 124 simple_consumer(const simple_provider_endpoints& eps,
119 const token_t& ct) 125 const token_t& ct)
120 : basic_consumer(ct), peps(eps) { } 126 : basic_consumer(ct), peps(eps) { }
121 127
122 const basic_provider_endpoints& get_endpoints() const; 128 const basic_provider_endpoints& get_endpoints() const;
123 const string allocate_nonce(time_t ts); 129 const string allocate_nonce(time_t ts);
124 }; 130 };
125 131
diff --git a/lib/oauth-consumer.cc b/lib/oauth-consumer.cc
index 0c4c9e3..bb4e89b 100644
--- a/lib/oauth-consumer.cc
+++ b/lib/oauth-consumer.cc
@@ -111,158 +111,170 @@ namespace opkele {
111 switch(sep.oauth_method) { 111 switch(sep.oauth_method) {
112 case oauth_auth_header: 112 case oauth_auth_header:
113 throw opkele::not_implemented(OPKELE_CP_ 113 throw opkele::not_implemented(OPKELE_CP_
114 "auth header for token acquisition isn't (yet?) supported"); 114 "auth header for token acquisition isn't (yet?) supported");
115 break; 115 break;
116 case oauth_post_body: 116 case oauth_post_body:
117 (r=curl.easy_setopt(CURLOPT_POST,1)) 117 (r=curl.easy_setopt(CURLOPT_POST,1))
118 || (r=curl.easy_setopt(CURLOPT_POSTFIELDS,hr.body.c_str())) 118 || (r=curl.easy_setopt(CURLOPT_POSTFIELDS,hr.body.c_str()))
119 || (r=curl.easy_setopt(CURLOPT_POSTFIELDSIZE,hr.body.size())); 119 || (r=curl.easy_setopt(CURLOPT_POSTFIELDSIZE,hr.body.size()));
120 break; 120 break;
121 case oauth_url_query: 121 case oauth_url_query:
122 break; 122 break;
123 default: 123 default:
124 throw opkele::exception(OPKELE_CP_ /* TODO: specialize */ 124 throw opkele::exception(OPKELE_CP_ /* TODO: specialize */
125 "invalid oauth_method for request_token endpoint"); 125 "invalid oauth_method for request_token endpoint");
126 }; 126 };
127 if(r) 127 if(r)
128 throw exception_curl(OPKELE_CP_ "failed to set curly options",r); 128 throw exception_curl(OPKELE_CP_ "failed to set curly options",r);
129 if( (r=curl.easy_setopt(CURLOPT_URL,hr.url.c_str())) ) 129 if( (r=curl.easy_setopt(CURLOPT_URL,hr.url.c_str())) )
130 throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r); 130 throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r);
131 if( (r=curl.easy_perform()) ) 131 if( (r=curl.easy_perform()) )
132 throw exception_curl(OPKELE_CP_ "failed to perform curly request",r); 132 throw exception_curl(OPKELE_CP_ "failed to perform curly request",r);
133 token_t rv; 133 token_t rv;
134 string::size_type p=0; 134 string::size_type p=0;
135 while(p!=string::npos) { 135 while(p!=string::npos) {
136 string::size_type np = curl.response.find('&',p); 136 string::size_type np = curl.response.find('&',p);
137 string part; 137 string part;
138 if(np==string::npos) { 138 if(np==string::npos) {
139 part.assign(curl.response.c_str()+p); p = string::npos; 139 part.assign(curl.response.c_str()+p); p = string::npos;
140 }else{ 140 }else{
141 part.assign(curl.response,p,np-p); p = np+1; 141 part.assign(curl.response,p,np-p); p = np+1;
142 } 142 }
143 string::size_type eq = part.find('='); 143 string::size_type eq = part.find('=');
144 if(eq==string::npos) continue; 144 if(eq==string::npos) continue;
145 string n(part,0,eq); 145 string n(part,0,eq);
146 if(n=="oauth_token") { 146 if(n=="oauth_token") {
147 if(!rv.key.empty()) /* TODO: specialize */ 147 if(!rv.key.empty()) /* TODO: specialize */
148 throw opkele::exception(OPKELE_CP_ "found oauth_token twice"); 148 throw opkele::exception(OPKELE_CP_ "found oauth_token twice");
149 rv.key = util::url_decode(part.substr(eq+1)); 149 rv.key = util::url_decode(part.substr(eq+1));
150 }else if(n=="oauth_token_secret") { 150 }else if(n=="oauth_token_secret") {
151 if(!rv.secret.empty()) /* TODO: specialize */ 151 if(!rv.secret.empty()) /* TODO: specialize */
152 throw opkele::exception(OPKELE_CP_ "found oauth_secret twice"); 152 throw opkele::exception(OPKELE_CP_ "found oauth_secret twice");
153 rv.secret = util::url_decode(part.substr(eq+1)); 153 rv.secret = util::url_decode(part.substr(eq+1));
154 } 154 }
155 } 155 }
156 return rv; 156 return rv;
157 } 157 }
158 158
159 void basic_consumer::prepare_request( 159 http_request_t& basic_consumer::prepare_request(
160 http_request_t& req, 160 http_request_t& req,
161 const basic_fields& qf,const basic_fields& pf, 161 const basic_fields& qf,const basic_fields& pf,
162 oauth_method_t om,const string& sm, 162 oauth_method_t om,const string& sm,
163 const token_t *t,const string& realm) { 163 const token_t *t,const string& realm) {
164 fields_t op; 164 fields_t op;
165 op.set_field("oauth_consumer_key",consumer_token.key); 165 op.set_field("oauth_consumer_key",consumer_token.key);
166 if(t) op.set_field("oauth_token",t->key); 166 if(t) op.set_field("oauth_token",t->key);
167 op.set_field("oauth_signature_method",sm); 167 op.set_field("oauth_signature_method",sm);
168 time_t now; 168 time_t now;
169 op.set_field("oauth_timestamp", 169 op.set_field("oauth_timestamp",
170 util::long_to_string(time(&now))); 170 util::long_to_string(time(&now)));
171 op.set_field("oauth_nonce",allocate_nonce(now)); 171 op.set_field("oauth_nonce",allocate_nonce(now));
172 op.set_field("oauth_version","1.0"); 172 op.set_field("oauth_version","1.0");
173 /* TODO: normalize and strip down url */ 173 /* TODO: normalize and strip down url */
174 { 174 {
175 fields_t af; /* TODO: optimize, I don't want it to be copied */ 175 fields_t af; /* TODO: optimize, I don't want it to be copied */
176 qf.copy_to(af); pf.append_to(af); op.append_to(af); 176 qf.copy_to(af); pf.append_to(af); op.append_to(af);
177 op.set_field("oauth_signature", signature( 177 op.set_field("oauth_signature", signature(
178 req.method,req.url,af,t) ); 178 req.method,req.url,af,t) );
179 } 179 }
180 req.authorize_header.clear(); 180 req.authorize_header.clear();
181 if(om==oauth_auth_header) { 181 if(om==oauth_auth_header) {
182 req.authorize_header = "OAuth "; 182 req.authorize_header = "OAuth ";
183 req.authorize_header += "realm=\""; 183 req.authorize_header += "realm=\"";
184 req.authorize_header += util::url_encode(realm); 184 req.authorize_header += util::url_encode(realm);
185 req.authorize_header += '\"'; 185 req.authorize_header += '\"';
186 for(basic_fields::fields_iterator 186 for(basic_fields::fields_iterator
187 i=op.fields_begin(),ie=op.fields_end(); 187 i=op.fields_begin(),ie=op.fields_end();
188 i!=ie;++i) { 188 i!=ie;++i) {
189 req.authorize_header += ", "; 189 req.authorize_header += ", ";
190 req.authorize_header += *i; 190 req.authorize_header += *i;
191 req.authorize_header += "=\""; 191 req.authorize_header += "=\"";
192 req.authorize_header += util::url_encode(op.get_field(*i)); 192 req.authorize_header += util::url_encode(op.get_field(*i));
193 req.authorize_header += "\""; 193 req.authorize_header += "\"";
194 } 194 }
195 req.url = qf.append_query(req.url); 195 req.url = qf.append_query(req.url);
196 req.body = pf.query_string(); 196 req.body = pf.query_string();
197 }else if(om==oauth_post_body) { 197 }else if(om==oauth_post_body) {
198 assert(req.method=="POST"); 198 assert(req.method=="POST");
199 /* TODO: optimize, don't copy it over and over */ 199 /* TODO: optimize, don't copy it over and over */
200 fields_t p; 200 fields_t p;
201 pf.append_to(p); op.append_to(p); 201 pf.append_to(p); op.append_to(p);
202 req.url = qf.append_query(req.url); 202 req.url = qf.append_query(req.url);
203 req.body = p.query_string(); 203 req.body = p.query_string();
204 }else if(om==oauth_url_query) { 204 }else if(om==oauth_url_query) {
205 fields_t q; 205 fields_t q;
206 qf.append_to(q); op.append_to(q); 206 qf.append_to(q); op.append_to(q);
207 req.url = q.append_query(req.url); 207 req.url = q.append_query(req.url);
208 req.body = pf.query_string(); 208 req.body = pf.query_string();
209 }else 209 }else
210 throw opkele::exception(OPKELE_CP_ /* TODO: specialize */ 210 throw opkele::exception(OPKELE_CP_ /* TODO: specialize */
211 "Unknown oauth method"); 211 "Unknown oauth method");
212 return req;
212 } 213 }
213 214
214 void basic_consumer::prepare_request( 215 http_request_t& basic_consumer::prepare_request(
215 http_request_t& req, 216 http_request_t& req,
216 const basic_fields& qf,const basic_fields& pf, 217 const basic_fields& qf,const basic_fields& pf,
217 const service_endpoint_t& sep, 218 const service_endpoint_t& sep,
218 const token_t *t,const string& realm) { 219 const token_t *t,const string& realm) {
219 prepare_request( 220 return prepare_request(
220 req, qf, pf, 221 req, qf, pf,
221 sep.oauth_method,sep.signature_method, 222 sep.oauth_method,sep.signature_method,
222 t,realm); 223 t,realm);
223 } 224 }
224 225
226 http_request_t& basic_consumer::prepare_request(
227 http_request_t& req,
228 const basic_fields& qf,const basic_fields& pf,
229 const token_t *t,const string& realm) {
230 service_endpoint_t sep;
231 return prepare_request(
232 req, qf, pf,
233 get_endpoints().get_url_endpoint(sep,req.url),
234 t, realm );
235 }
236
225 void http_request_t::setup_curl(CURL *curl) { 237 void http_request_t::setup_curl(CURL *curl) {
226 CURLcode r; 238 CURLcode r;
227 r = curl_easy_setopt(curl,CURLOPT_URL,url.c_str()); 239 r = curl_easy_setopt(curl,CURLOPT_URL,url.c_str());
228 if(r) 240 if(r)
229 throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r); 241 throw exception_curl(OPKELE_CP_ "failed to set curly urlie",r);
230 if(method=="POST") { 242 if(method=="POST") {
231 (r = curl_easy_setopt(curl,CURLOPT_POST,1)) 243 (r = curl_easy_setopt(curl,CURLOPT_POST,1))
232 || (r = curl_easy_setopt(curl,CURLOPT_POSTFIELDS,body.c_str())) 244 || (r = curl_easy_setopt(curl,CURLOPT_POSTFIELDS,body.c_str()))
233 || (r = curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,body.size())); 245 || (r = curl_easy_setopt(curl,CURLOPT_POSTFIELDSIZE,body.size()));
234 }else if(method=="GET") { 246 }else if(method=="GET") {
235 r = curl_easy_setopt(curl,CURLOPT_HTTPGET,1); 247 r = curl_easy_setopt(curl,CURLOPT_HTTPGET,1);
236 }else if(method=="HEAD") { 248 }else if(method=="HEAD") {
237 r = curl_easy_setopt(curl,CURLOPT_NOBODY,1); 249 r = curl_easy_setopt(curl,CURLOPT_NOBODY,1);
238 }else /* TODO: specialize exception */ 250 }else /* TODO: specialize exception */
239 throw exception(OPKELE_CP_ "don't know how to handle http method"); 251 throw exception(OPKELE_CP_ "don't know how to handle http method");
240 if(r) 252 if(r)
241 throw exception_curl(OPKELE_CP_ "failed to set curly options",r); 253 throw exception_curl(OPKELE_CP_ "failed to set curly options",r);
242 if(!authorize_header.empty()) { 254 if(!authorize_header.empty()) {
243 r = curl_easy_setopt(curl,CURLOPT_HTTPHEADER,(curl_slist*)( 255 r = curl_easy_setopt(curl,CURLOPT_HTTPHEADER,(curl_slist*)(
244 _curl_headers_list = curl_slist_append( 256 _curl_headers_list = curl_slist_append(
245 0,string("Authorization: "+authorize_header).c_str() 257 0,string("Authorization: "+authorize_header).c_str()
246 ) 258 )
247 ) ); 259 ) );
248 if(r) 260 if(r)
249 throw exception_curl(OPKELE_CP_ "failed to setup curlie header"); 261 throw exception_curl(OPKELE_CP_ "failed to setup curlie header");
250 } 262 }
251 } 263 }
252 264
253 265
254 const basic_provider_endpoints& simple_consumer::get_endpoints() const { 266 const basic_provider_endpoints& simple_consumer::get_endpoints() const {
255 return peps; } 267 return peps; }
256 268
257 const string simple_consumer::allocate_nonce(time_t ts) { 269 const string simple_consumer::allocate_nonce(time_t ts) {
258# ifndef HAVE_LIBUUID 270# ifndef HAVE_LIBUUID
259 throw opkele::not_implemented(OPKELE_CP_ 271 throw opkele::not_implemented(OPKELE_CP_
260 "not implemented consumer's allocate_nonce()"); 272 "not implemented consumer's allocate_nonce()");
261# else /* HAVE_LIBUUID */ 273# else /* HAVE_LIBUUID */
262 uuid_t uuid; uuid_generate(uuid); 274 uuid_t uuid; uuid_generate(uuid);
263 return util::encode_base64(uuid,sizeof(uuid)); 275 return util::encode_base64(uuid,sizeof(uuid));
264# endif /* HAVE_LIBUUID */ 276# endif /* HAVE_LIBUUID */
265 } 277 }
266 278
267 } 279 }
268} 280}