| -rw-r--r-- | include/opkele/discovery.h | 3 | ||||
| -rw-r--r-- | include/opkele/prequeue_rp.h | 8 | ||||
| -rw-r--r-- | include/opkele/types.h | 3 | ||||
| -rw-r--r-- | lib/prequeue_rp.cc | 9 |
4 files changed, 19 insertions, 4 deletions
diff --git a/include/opkele/discovery.h b/include/opkele/discovery.h index 4471597..f2721a6 100644 --- a/include/opkele/discovery.h +++ b/include/opkele/discovery.h @@ -40,76 +40,75 @@ namespace opkele { uri_t() { } uri_t(const string& u) : uri(u) { } uri_t(const string& u,const string& a) : uri(u), append(a) { } }; typedef priority_map<uri_t> uris_t; class service_t { public: types_t types; uris_t uris; local_ids_t local_ids; string provider_id; void clear() { types.clear(); uris.clear(); local_ids.clear(); provider_id.clear(); } }; typedef priority_map<service_t> services_t; class XRD_t { public: time_t expires; canonical_ids_t canonical_ids; local_ids_t local_ids; services_t services; string provider_id; void clear() { expires = 0; canonical_ids.clear(); local_ids.clear(); services.clear(); provider_id.clear(); } bool empty() const { return canonical_ids.empty() && local_ids.empty() && services.empty(); } }; } - typedef util::output_iterator_proxy<openid_endpoint_t> - endpoint_discovery_iterator; + typedef openid_endpoint_output_iterator endpoint_discovery_iterator; string idiscover( endpoint_discovery_iterator oi, const string& identity); void yadiscover( endpoint_discovery_iterator oi, const string& yurl, const char **types, bool redirs=false); struct idiscovery_t { bool xri_identity; string normalized_id; string canonicalized_id; xrd::XRD_t xrd; idiscovery_t() { } void clear() { normalized_id.clear(); canonicalized_id.clear(); xrd.clear(); } }; } #endif /* __OPKELE_DISCOVERY_H */ diff --git a/include/opkele/prequeue_rp.h b/include/opkele/prequeue_rp.h index 68fe03d..6f1fda9 100644 --- a/include/opkele/prequeue_rp.h +++ b/include/opkele/prequeue_rp.h @@ -36,53 +36,61 @@ namespace opkele { * @see begin_queueing() * @see end_queueing() */ virtual void queue_endpoint(const openid_endpoint_t& oep) = 0; /** * Called after all discovered endpoints were queued. Implementor * may chose to use this virtual to commit endpoints queue to * persistent store. * @see begin_queueing() * @see queue_endpoint() */ virtual void end_queueing() { } /** * Used to store normalized id when initiating request. * The default implementation does nothing, because implementor * doesn't have to care. * @param nid normalized id * @see get_normalzied_id() */ virtual void set_normalized_id(const string& nid); /** * Return the normalized id previously set by set_normalized_id(). * Provided for the sake of completeness because default * implementation doesn't use it. * @return the normalized identity */ virtual const string get_normalized_id() const; /** * @} */ /** * @name Actions * @{ */ /** * In addition to base class implementation it does endpoints * discovery and queueing * @param usi User-suppled identifier */ void initiate(const string& usi); /** * @} */ void verify_OP(const string& OP, const string& claimed_id,const string& identity) const; + + /** + * Perform full discovery on identity + * @param it iterator used for feeding discovered endpoints back to caller + * @param id user supplied identity + * @returns normalized identity (canonical identifier can be found in endpoints) + */ + virtual const string discover(openid_endpoint_output_iterator it,const string& id) const; }; } #endif /* __OPKELE_RP_H */ diff --git a/include/opkele/types.h b/include/opkele/types.h index 1f48362..1fab869 100644 --- a/include/opkele/types.h +++ b/include/opkele/types.h @@ -180,51 +180,54 @@ namespace opkele { */ class params_t : public openid_message_t { public: /** * check whether the parameter is present. * @param n the parameter name * @return true if yes */ bool has_param(const string& n) const { return has_field(n); } /** * retrieve the parameter (const version) * @param n the parameter name * @return the parameter value * @throw failed_lookup if there is no such parameter */ const string& get_param(const string& n) const { return get_field(n); } /** * parse the OpenID key/value data. * @param kv the OpenID key/value data */ void parse_keyvalues(const string& kv) { from_keyvalues(kv); } string append_query(const string& url,const char *prefix="openid.") const; }; struct openid_endpoint_t { string uri; string claimed_id; string local_id; openid_endpoint_t() { } openid_endpoint_t(const string& u,const string& cid,const string& lid) : uri(u), claimed_id(cid), local_id(lid) { } bool operator==(const openid_endpoint_t& x) const { return uri==x.uri && local_id==x.local_id; } bool operator<(const openid_endpoint_t& x) const { int c; return (c=strcmp(uri.c_str(),x.uri.c_str())) ? (c<0) : (strcmp(local_id.c_str(),x.local_id.c_str())<0); } }; + typedef util::output_iterator_proxy<openid_endpoint_t> + openid_endpoint_output_iterator; + } #endif /* __OPKELE_TYPES_H */ diff --git a/lib/prequeue_rp.cc b/lib/prequeue_rp.cc index 3aa960f..ed1ddfe 100644 --- a/lib/prequeue_rp.cc +++ b/lib/prequeue_rp.cc @@ -1,81 +1,86 @@ #include <iostream> #include <openssl/sha.h> #include <openssl/hmac.h> #include <opkele/exception.h> #include <opkele/prequeue_rp.h> #include <opkele/discovery.h> #include <opkele/uris.h> #include <opkele/data.h> #include <opkele/util.h> #include <opkele/curl.h> #include <opkele/debug.h> namespace opkele { class __OP_verifier_good_input : public exception { public: __OP_verifier_good_input(OPKELE_E_PARS) : exception(OPKELE_E_CONS) { } }; class OP_verifier : public iterator<output_iterator_tag,openid_endpoint_t,void> { public: const string& OP; const string& id; OP_verifier(const string& o,const string& i) : OP(o), id(i) { } OP_verifier& operator*() { return *this; } OP_verifier& operator=(const openid_endpoint_t& oep) { if(oep.uri==OP) { if(oep.claimed_id==IDURI_SELECT20 || oep.local_id==IDURI_SELECT20 ) throw bad_input(OPKELE_CP_ "claimed_id is an OP-Id"); if(oep.local_id==id) throw __OP_verifier_good_input(OPKELE_CP_ "Found corresponding endpoint"); } return *this; } OP_verifier& operator++() { return *this; } OP_verifier& operator++(int) { return *this; } }; void prequeue_RP::verify_OP(const string& OP,const string& claimed_id,const string& identity) const { try { - idiscover(OP_verifier(OP,identity),claimed_id); + discover(OP_verifier(OP,identity),claimed_id); throw id_res_unauthorized(OPKELE_CP_ "OP is not authorized to make an assertion regarding the identity"); }catch(__OP_verifier_good_input& ovgi) { } } class endpoint_queuer : public iterator<output_iterator_tag,openid_endpoint_t,void> { public: prequeue_RP& rp; endpoint_queuer(prequeue_RP& r) : rp(r) { } endpoint_queuer& operator*() { return *this; } endpoint_queuer& operator=(const openid_endpoint_t& oep) { rp.queue_endpoint(oep); return *this; } endpoint_queuer& operator++() { return *this; } endpoint_queuer& operator++(int) { return *this; } }; void prequeue_RP::initiate(const string& usi) { begin_queueing(); - set_normalized_id( idiscover(endpoint_queuer(*this),usi) ); + set_normalized_id( discover(endpoint_queuer(*this),usi) ); end_queueing(); } void prequeue_RP::set_normalized_id(const string&) { } const string prequeue_RP::get_normalized_id() const { throw not_implemented(OPKELE_CP_ "get_normalized_id() is not implemented"); } + const string prequeue_RP::discover(openid_endpoint_output_iterator it, + const string& id) const { + return idiscover(it,id); + } + } |