summaryrefslogtreecommitdiffabout
path: root/include/opkele
Side-by-side diff
Diffstat (limited to 'include/opkele') (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/association.h21
-rw-r--r--include/opkele/consumer.h3
-rw-r--r--include/opkele/data.h6
-rw-r--r--include/opkele/exception.h3
-rw-r--r--include/opkele/extension.h3
-rw-r--r--include/opkele/extension_chain.h12
-rw-r--r--include/opkele/server.h3
-rw-r--r--include/opkele/sreg.h3
-rw-r--r--include/opkele/types.h3
-rw-r--r--include/opkele/util.h3
-rw-r--r--include/opkele/xconsumer.h3
-rw-r--r--include/opkele/xserver.h3
12 files changed, 9 insertions, 57 deletions
diff --git a/include/opkele/association.h b/include/opkele/association.h
index ef0df42..a8f3915 100644
--- a/include/opkele/association.h
+++ b/include/opkele/association.h
@@ -1,89 +1,68 @@
#ifndef __OPKELE_ASSOCIATION_H
#define __OPKELE_ASSOCIATION_H
#include <time.h>
#include <opkele/types.h>
/**
* @file
* @brief reference implementation of association_t
*/
-/**
- * @brief the main opkele namespace
- */
namespace opkele {
/**
* reference implementation of association_t class.
*/
class association : public association_t {
public:
/**
* OpenID server name
*/
string _server;
/**
* association handle
*/
string _handle;
/**
* association type
*/
string _assoc_type;
/**
* the secret
*/
secret_t _secret;
/**
* expiration time
*/
time_t _expires;
/**
* statelessness of the assoc_handle
*/
bool _stateless;
/**
* @param __server the server name
* @param __handle association handle
* @param __assoc_type association type
* @param __secret the secret
* @param __expires expiration time
* @param __stateless statelessness of the assoc_handle
*/
association(const string& __server, const string& __handle,
const string& __assoc_type, const secret_t& __secret,
time_t __expires, bool __stateless)
: _server(__server), _handle(__handle), _assoc_type(__assoc_type),
_secret(__secret), _expires(__expires), _stateless(__stateless) { }
- /**
- * @overload association_t::server()
- */
virtual string server() const { return _server; }
- /**
- * @overload association_t::handle()
- */
virtual string handle() const { return _handle; }
- /**
- * @overload association_t::assoc_type()
- */
virtual string assoc_type() const { return _assoc_type; }
- /**
- * @overload association_t::secret()
- */
virtual secret_t secret() const { return _secret; }
- /**
- * @overload association_t::expires_in()
- */
virtual int expires_in() const { return _expires-time(0); }
- /**
- * @overload association_t::stateless()
- */
virtual bool stateless() const { return _stateless; }
};
}
#endif /* __OPKELE_ASSOCIATION_H */
diff --git a/include/opkele/consumer.h b/include/opkele/consumer.h
index f32509e..fdb6119 100644
--- a/include/opkele/consumer.h
+++ b/include/opkele/consumer.h
@@ -1,145 +1,142 @@
#ifndef __OPKELE_CONSUMER_H
#define __OPKELE_CONSUMER_H
#include <opkele/types.h>
#include <opkele/extension.h>
/**
* @file
* @brief OpenID consumer-side functionality
*/
-/**
- * @brief the main opkele namespace
- */
namespace opkele {
/**
* implementation of basic consumer functionality
*/
class consumer_t {
public:
/**
* store association. The function should be overridden in the real
* implementation to provide persistent associations store.
* @param server the OpenID server
* @param handle association handle
* @param secret the secret associated with the server and handle
* @param expires_in the number of seconds until the handle is expired
* @return the auto_ptr<> for the newly allocated association_t object
*/
virtual assoc_t store_assoc(const string& server,const string& handle,const secret_t& secret,int expires_in) = 0;
/**
* retrieve stored association. The function should be overridden
* in the real implementation to provide persistent assocations
* store.
* @param server the OpenID server
* @param handle association handle
* @return the autho_ptr<> for the newly allocated association_t object
* @throw failed_lookup in case of error
*/
virtual assoc_t retrieve_assoc(const string& server,const string& handle) = 0;
/**
* invalidate stored association. The function should be overridden
* in the real implementation of the consumer.
* @param server the OpenID server
* @param handle association handle
*/
virtual void invalidate_assoc(const string& server,const string& handle) = 0;
/**
* retrieve any unexpired association for the server. If the
* function is not overridden in the real implementation, the new
* association will be established for each request.
* @param server the OpenID server
* @return the auto_ptr<> for the newly allocated association_t object
* @throw failed_lookup in case of absence of the handle
*/
virtual assoc_t find_assoc(const string& server);
/**
* retrieve the metainformation contained in link tags from the
* page pointed by url. the function may implement caching of the
* information.
* @param url url to harvest for link tags
* @param server reference to the string object where to put
* openid.server value
* @param delegate reference to the string object where to put the
* openid.delegate value (if any)
*/
virtual void retrieve_links(const string& url,string& server,string& delegate);
/**
* perform the associate request to OpenID server.
* @param server the OpenID server
* @return the auto_ptr<> for the newly allocated association_t
* object, representing established association
* @throw exception in case of error
*/
assoc_t associate(const string& server);
/**
* prepare the parameters for the checkid_immediate
* request.
* @param identity the identity to verify
* @param return_to the return_to url to pass with the request
* @param trust_root the trust root to advertise with the request
* @param ext pointer to an extension(s) hooks object
* @return the location string
* @throw exception in case of error
*/
virtual string checkid_immediate(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0);
/**
* prepare the parameters for the checkid_setup
* request.
* @param identity the identity to verify
* @param return_to the return_to url to pass with the request
* @param trust_root the trust root to advertise with the request
* @param ext pointer to an extension(s) hooks object
* @return the location string
* @throw exception in case of error
*/
virtual string checkid_setup(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0);
/**
* the actual implementation behind checkid_immediate() and
* checkid_setup() functions.
* @param mode checkid_* mode - either mode_checkid_immediate or mode_checkid_setup
* @param identity the identity to verify
* @param return_to the return_to url to pass with the request
* @param trust_root the trust root to advertise with the request
* @param ext pointer to an extension(s) hooks object
* @return the location string
* @throw exception in case of error
*/
virtual string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0);
/**
* verify the id_res response
* @param pin the response parameters
* @param identity the identity being checked (if not specified,
* @param ext pointer to an extension(s) hooks object
* extracted from the openid.identity parameter
* @throw id_res_mismatch in case of signature mismatch
* @throw id_res_setup in case of openid.user_setup_url failure
* (supposedly checkid_immediate only)
* @throw id_res_failed in case of failure
* @throw exception in case of other failures
*/
virtual void id_res(const params_t& pin,const string& identity="",extension_t *ext=0);
/**
* perform a check_authentication request.
* @param server the OpenID server
* @param p request parameters
*/
void check_authentication(const string& server,const params_t& p);
/**
* make URL canonical, by adding http:// and trailing slash, if needed.
* @param url
* @return canonicalized url
*/
static string canonicalize(const string& url);
};
}
#endif /* __OPKELE_CONSUMER_H */
diff --git a/include/opkele/data.h b/include/opkele/data.h
index 7fc635b..d0b0516 100644
--- a/include/opkele/data.h
+++ b/include/opkele/data.h
@@ -1,12 +1,18 @@
#ifndef __OPKELE_DATA_H
#define __OPKELE_DATA_H
+/**
+ * @brief the main opkele namespace
+ */
namespace opkele {
+ /**
+ * @brief internal data opkele namespace
+ */
namespace data {
extern const char *_default_p;
extern const char *_default_g;
}
}
#endif /* __OPKELE_DATA_H */
diff --git a/include/opkele/exception.h b/include/opkele/exception.h
index 9fc9bd3..0150e6b 100644
--- a/include/opkele/exception.h
+++ b/include/opkele/exception.h
@@ -1,220 +1,217 @@
#ifndef __OPKELE_EXCEPTION_H
#define __OPKELE_EXCEPTION_H
/**
* @file
* @brief opkele exceptions
*/
#include <curl/curl.h>
#include <opkele/opkele-config.h>
#ifdef OPKELE_HAVE_KONFORKA
# include <konforka/exception.h>
/**
* the exception parameters declaration
*/
# define OPKELE_E_PARS const string& fi,const string&fu,int l,const string& w
/**
* the exception parameters list to pass to constructor
*/
# define OPKELE_E_CONS_ fi,fu,l,
/**
* the exception codepoint specification
*/
# define OPKELE_CP_ CODEPOINT,
/**
* the simple rethrow of konforka-based exception
*/
# define OPKELE_RETHROW catch(konforka::exception& e) { e.see(CODEPOINT); throw }
#else /* OPKELE_HAVE_KONFORKA */
# include <exception>
# include <string>
/**
* the exception parameter declaration
*/
# define OPKELE_E_PARS const string& w
/**
* the dummy prefix for exception parameters list to prepend in the absence of
* konforka library
*/
# define OPKELE_E_CONS_
/**
* the dummy placeholder for konforka exception codepoint specification
*/
# define OPKELE_CP_
/**
* the dummy define for the konforka-based rethrow of exception
*/
# define OPKELE_RETHROW
#endif /* OPKELE_HAVE_KONFORKA */
/**
* the exception parameters list to pass to constructor
*/
# define OPKELE_E_CONS OPKELE_E_CONS_ w
-/*
- * @brief the main opkele namespace
- */
namespace opkele {
using std::string;
/**
* the base opkele exception class
*/
class exception : public
# ifdef OPKELE_HAVE_KONFORKA
konforka::exception
# else
std::exception
# endif
{
public:
# ifdef OPKELE_HAVE_KONFORKA
explicit
exception(const string& fi,const string& fu,int l,const string& w)
: konforka::exception(fi,fu,l,w) { }
# else /* OPKELE_HAVE_KONFORKA */
string _what;
explicit
exception(const string& w)
: _what(w) { }
virtual ~exception() throw();
virtual const char * what() const throw();
# endif /* OPKELE_HAVE_KONFORKA */
};
/**
* thrown in case of failed conversion
*/
class failed_conversion : public exception {
public:
failed_conversion(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
/**
* thrown in case of failed lookup (either parameter or persistent store)
*/
class failed_lookup : public exception {
public:
failed_lookup(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
/**
* thrown in case of bad input (either local or network)
*/
class bad_input : public exception {
public:
bad_input(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
/**
* thrown on failed assertion
*/
class failed_assertion : public exception {
public:
failed_assertion(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
/**
* thrown if the handle being retrieved is invalid
*/
class invalid_handle : public exception {
public:
invalid_handle(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
/**
* thrown if the handle passed to check_authentication request is not
* stateless
*/
class stateful_handle : public exception {
public:
stateful_handle(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
/**
* thrown if check_authentication request fails
*/
class failed_check_authentication : public exception {
public:
failed_check_authentication(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
/**
* thrown if the id_res request result is negative
*/
class id_res_failed : public exception {
public:
id_res_failed(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
/**
* thrown if the user_setup_url is provided with negative response
*/
class id_res_setup : public id_res_failed {
public:
string setup_url;
id_res_setup(OPKELE_E_PARS,const string& su)
: id_res_failed(OPKELE_E_CONS), setup_url(su) { }
~id_res_setup() throw() { }
};
/**
* thrown in case of signature mismatch
*/
class id_res_mismatch : public id_res_failed {
public:
id_res_mismatch(OPKELE_E_PARS)
: id_res_failed(OPKELE_E_CONS) { }
};
/**
* openssl malfunction occured
*/
class exception_openssl : public exception {
public:
unsigned long _error;
string _ssl_string;
exception_openssl(OPKELE_E_PARS);
~exception_openssl() throw() { }
};
/**
* network operation related error occured
*/
class exception_network : public exception {
public:
exception_network(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
/**
* network operation related error occured, specifically, related to
* libcurl
*/
class exception_curl : public exception_network {
public:
CURLcode _error;
string _curl_string;
exception_curl(OPKELE_E_PARS);
exception_curl(OPKELE_E_PARS,CURLcode e);
~exception_curl() throw() { }
};
/**
* not implemented (think pure virtual) member function executed, signfies
* programmer error
*/
class not_implemented : public exception {
public:
not_implemented(OPKELE_E_PARS)
: exception(OPKELE_E_CONS) { }
};
}
#endif /* __OPKELE_EXCEPTION_H */
diff --git a/include/opkele/extension.h b/include/opkele/extension.h
index f547555..ea0c74c 100644
--- a/include/opkele/extension.h
+++ b/include/opkele/extension.h
@@ -1,66 +1,63 @@
#ifndef __OPKELE_EXTENSION_H
#define __OPKELE_EXTENSION_H
/**
* @file
* @brief extensions framework basics
*/
#include <opkele/types.h>
-/**
- * @brief the main opkele namespace
- */
namespace opkele {
/**
* OpenID extension hooks base class
*/
class extension_t {
public:
/**
* hook called by consumer before submitting data to OpenID server.
* It is supposed to manipulate parameters list.
* @param p parameters about to be submitted to server
* @param identity identity being verified. It may differ from the
* one available in parameters list in case of delegation
* @see consumer_t::checkid_
* @see consumer_t::checkid_immediate
* @see consumer_t::checkid_setup
*/
virtual void checkid_hook(params_t& p,const string& identity);
/**
* hook called by consumer after identity information received from
* OpenID server is verified.
* @param p parameters received from server
* @param sp signed parameters received from server with 'openid.'
* leader stripped
* @param identity identity confirmed. May differ from the one
* available in parameters list in case of delegation. May also be
* empty which means - extract one from parameters
* @see consumer_t::id_res
*/
virtual void id_res_hook(const params_t& p,const params_t& sp,const string& identity);
/**
* hook called by server before returning information to consumer.
* The hook may manipulate output parameters. It is important to
* note that modified pout["signed"] is used for signing response.
* @param pin request parameters list with "openid." prefix
* @param pout response parameters list without "openid." prefix
* @see server_t::checkid_
* @see server_t::checkid_immediate
* @see server_t::checkid_setup
*/
virtual void checkid_hook(const params_t& pin,params_t& pout);
/**
* Casts the object to pointer to itself. For convenient passing
* of pointer.
*/
operator extension_t*(void) { return this; }
};
}
#endif /* __OPKELE_EXTENSION_H */
diff --git a/include/opkele/extension_chain.h b/include/opkele/extension_chain.h
index 955f4d5..f0eea94 100644
--- a/include/opkele/extension_chain.h
+++ b/include/opkele/extension_chain.h
@@ -1,50 +1,38 @@
#ifndef __OPKELE_EXTENSION_CHAIN_H
#define __OPKELE_EXTENSION_CHAIN_H
/**
* @file
* @brief extension chain extension
*/
#include <list>
#include <opkele/extension.h>
-/**
- * @brief the main opkele namespace
- */
namespace opkele {
using std::list;
/**
* OpenID extensions chain used to combine extensions, it is actually an
* stl list of pointers to extensions.
*/
class extension_chain_t : public extension_t, public list<extension_t*> {
public:
/**
* Default constructor creates an empty chain
*/
extension_chain_t() { }
/**
* Create extension chain with a single extension in it
*/
extension_chain_t(extension_t *e) { push_back(e); }
- /**
- * Implementation of consumer's checkid hook
- */
virtual void checkid_hook(params_t& p,const string& identity);
- /**
- * Implementation of consumer's id_res hook
- */
virtual void id_res_hook(const params_t& p,const params_t& sp,const string& identity);
- /**
- * Implementation of server's checkid_hook
- */
virtual void checkid_hook(const params_t& pin,params_t& pout);
};
}
#endif /* __OPKELE_EXTENSION_CHAIN_H */
diff --git a/include/opkele/server.h b/include/opkele/server.h
index 598eb47..e7e5bb3 100644
--- a/include/opkele/server.h
+++ b/include/opkele/server.h
@@ -1,99 +1,96 @@
#ifndef __OPKELE_SERVER_H
#define __OPKELE_SERVER_H
/**
* @file
* @brief OpenID server-side functionality
*/
#include <opkele/types.h>
#include <opkele/extension.h>
-/**
- * @brief the main opkele namespace
- */
namespace opkele {
/**
* implementation of basic server functionality
*/
class server_t {
public:
/**
* allocate the new association. The function should be overridden
* in the real implementation to provide persistent assocations
* store.
* @param mode the mode of request being processed to base the
* statelessness of the association upon
* @return the auto_ptr<> for the newly allocated association_t object
*/
virtual assoc_t alloc_assoc(mode_t mode) = 0;
/**
* retrieve the association. The function should be overridden in
* the reqal implementation to provide persistent assocations
* store.
* @param h association handle
* @return the auto_ptr<> for the newly allocated association_t object
* @throw failed_lookup in case of failure
*/
virtual assoc_t retrieve_assoc(const string& h) = 0;
/**
* validate the identity.
* @param assoc association object
* @param pin incoming request parameters
* @param identity being verified
* @param trust_root presented in the request
* @throw exception if identity can not be confirmed
*/
virtual void validate(const association_t& assoc,const params_t& pin,const string& identity,const string& trust_root) = 0;
/**
* process the associate request.
* @param pin the incoming request parameters
* @param pout the store for the response parameters
*/
void associate(const params_t& pin,params_t& pout);
/**
* process the checkid_immediate request.
* @param pin the incoming request parameters
* @param return_to reference to the object to store return_to url to
* @param pout the response parameters
* @param ext pointer to the extension hooks object
* @throw exception in case of errors or negative reply
*/
virtual void checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0);
/**
* process the checkid_setup request.
* @param pin the incoming request parameters
* @param return_to reference to the object to store return_to url to
* @param pout the response parameters
* @param ext pointer to the extension hooks object
* @throw exception in case of errors or negative reply
*/
virtual void checkid_setup(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0);
/**
* the actual functionality behind checkid_immediate() and
* checkid_setup()
* @param mode the request being processed (either
* mode_checkid_immediate or mode_checkid_setup)
* @param pin the incoming request parameters
* @param return_to reference to the object to store return_to url to
* @param pout the response parameters
* @param ext pointer to the extension hooks object
* @throw exception in case of errors or negative reply
*/
virtual void checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0);
/**
* process the check_authentication request.
* @param pin incoming request parameters
* @param pout response parameters
*/
void check_authentication(const params_t& pin,params_t& pout);
};
}
#endif /* __OPKELE_SERVER_H */
diff --git a/include/opkele/sreg.h b/include/opkele/sreg.h
index 6713ef7..df37a86 100644
--- a/include/opkele/sreg.h
+++ b/include/opkele/sreg.h
@@ -1,206 +1,203 @@
#ifndef __OPKELE_SREG_H
#define __OPKELE_SREG_H
/**
* @file
* @brief Simple registration extension
*/
#include <opkele/extension.h>
-/**
- * @brief the main opkele namespace
- */
namespace opkele {
using std::map;
/**
* OpenID simple registration extension implementation
* http://openid.net/specs/openid-simple-registration-extension-1_0.html
*/
class sreg_t : public extension_t {
public:
/**
* sreg fields enumeration
*/
enum fieldbit_t {
/**
* Any UTF-8 string that the End User wants to use as a nickname.
*/
field_nickname = 1,
/**
* The email address of the End User as specified in section 3.4.1 of [RFC2822]
*/
field_email = 2,
/**
* UTF-8 string free text representation of the End User's full name.
*/
field_fullname = 4,
/**
* The End User's date of birth as YYYY-MM-DD. Any values whose
* representation uses fewer than the specified number of
* digits should be zero-padded. The length of this value MUST
* always be 10. If the End User user does not want to reveal
* any particular component of this value, it MUST be set to
* zero.
*
* For instance, if a End User wants to specify that his date
* of birth is in 1980, but not the month or day, the value
* returned SHALL be "1980-00-00".
*/
field_dob = 8,
/**
* Alias to field_dob
*/
field_birthdate = field_dob,
/**
* The End User's gender, "M" for male, "F" for female.
*/
field_gender = 16,
/**
* Alias to field_gender
*/
field_sex = field_gender,
/**
* UTF-8 string free text that SHOULD conform to the End User's
* country's postal system.
*/
field_postcode = 32,
/**
* The End User's country of residence as specified by ISO3166
*/
field_country = 64,
/**
* End User's preferred language as specified by ISO639
*/
field_language = 128,
/**
* ASCII string from TimeZone database
*
* For example, "Europe/Paris" or "America/Los_Angeles".
*/
field_timezone = 256,
/**
* All fields bits combined
*/
fields_ALL = 511,
/**
* No fields
*/
fields_NONE = 0
};
/**
* Bitmask for fields which, if absent from the response, will
* prevent the Consumer from completing the registration without
* End User interation.
*/
long fields_required;
/**
* Bitmask for fields that will be used by the Consumer, but whose
* absence will not prevent the registration from completing.
*/
long fields_optional;
/**
* A URL which the Consumer provides to give the End User a place
* to read about the how the profile data will be used. The
* Identity Provider SHOULD display this URL to the End User if it
* is given.
*/
string policy_url;
/**
* Bitmask for fields present in response
*/
long has_fields;
/**
* Container type for response fields values
*/
typedef map<fieldbit_t,string> response_t;
/**
* Response contents
*/
response_t response;
/**
* Fields bitmask to send in response
*/
long fields_response;
/**
* Consumer constructor.
* @param fr required fields
* @see fields_required
* @param fo optional fields
* @see fields_optional
* @param pu policy url
* @see policy_url
*/
sreg_t(long fr=fields_NONE,long fo=fields_NONE,const string& pu="")
: fields_required(fr), fields_optional(fo), policy_url(pu), has_fields(0) { }
/**
* Implementation of consumer's checkid hook
*/
virtual void checkid_hook(params_t& p,const string& identity);
/**
* Implementation of consumer's id_res hook
*/
virtual void id_res_hook(const params_t& p,const params_t& sp,const string& identity);
/**
* Implementation of server's checkid_hook
*/
virtual void checkid_hook(const params_t& pin,params_t& pout);
/**
* Check and see if we have value for some particular field.
* @param fb field in question
* @see fieldbit_t
* @return true if the value is available
*/
bool has_field(fieldbit_t fb) const { return has_fields&fb; }
/**
* Retrieve the value for a field.
* @param fb field in question
* @see fieldbit_t
* @return field value
* @throw failed_lookup if no data avaialble
*/
const string& get_field(fieldbit_t fb) const;
/**
* Set the value for a field.
* @param fb field in question
* @see fieldbit_t
* @param fv field value
*/
void set_field(fieldbit_t fb,const string& fv);
/**
* Remove the value for a field.
* @param fb field in question
* @see fieldbit_t
*/
void reset_field(fieldbit_t fb);
/**
* Reset field data
*/
void clear();
/**
* Function called after parsing sreg request to set up response
* fields. The default implementation tries to send as much fields
* as we have. The function is supposed to set the data and
* fields_response.
* @see fields_response
* @param pin input request parameters with "openid." prefix
* @param pout output request parameters without "openid." prefix.
* @see checkid_hook(const params_t&,params_t&)
*/
virtual void setup_response(const params_t& pin,params_t& pout);
};
}
#endif /* __OPKELE_SREG_H */
diff --git a/include/opkele/types.h b/include/opkele/types.h
index ba06776..757c0af 100644
--- a/include/opkele/types.h
+++ b/include/opkele/types.h
@@ -1,168 +1,165 @@
#ifndef __OPKELE_TYPES_H
#define __OPKELE_TYPES_H
/**
* @file
* @brief various types declarations
*/
#include <ostream>
#include <vector>
#include <string>
#include <map>
#include <memory>
-/**
- * @brief the main opkele namespace
- */
namespace opkele {
using std::vector;
using std::string;
using std::map;
using std::ostream;
using std::auto_ptr;
/**
* the OpenID operation mode
*/
typedef enum _mode_t {
mode_associate,
mode_checkid_immediate,
mode_checkid_setup,
mode_check_association
} mode_t;
/**
* the association secret container
*/
class secret_t : public vector<unsigned char> {
public:
/**
* xor the secret and hmac together and encode, using base64
* @param key_sha1 pointer to the sha1 digest
* @param rv reference to the return value
*/
void enxor_to_base64(const unsigned char *key_sha1,string& rv) const;
/**
* decode base64-encoded secret and xor it with the sha1 digest
* @param key_sha1 pointer to the message digest
* @param b64 base64-encoded secret value
*/
void enxor_from_base64(const unsigned char *key_sha1,const string& b64);
/**
* plainly encode to base64 representation
* @param rv reference to the return value
*/
void to_base64(string& rv) const;
/**
* decode cleartext secret from base64
* @param b64 base64-encoded representation of the secret value
*/
void from_base64(const string& b64);
};
/**
* Interface to the association.
*/
class association_t {
public:
/**
* retrieve the server with which association was established.
* @return server name
*/
virtual string server() const = 0;
/**
* retrieve the association handle.
* @return handle
*/
virtual string handle() const = 0;
/**
* retrieve the association type.
* @return association type
*/
virtual string assoc_type() const = 0;
/**
* retrieve the association secret.
* @return association secret
*/
virtual secret_t secret() const = 0;
/**
* retrieve the number of seconds the association expires in.
* @return seconds till expiration
*/
virtual int expires_in() const = 0;
/**
* check whether the association is stateless.
* @return true if stateless
*/
virtual bool stateless() const = 0;
};
/**
* the auto_ptr<> for association_t object type
*/
typedef auto_ptr<association_t> assoc_t;
/**
* request/response parameters map
*/
class params_t : public map<string,string> {
public:
/**
* check whether the parameter is present.
* @param n the parameter name
* @return true if yes
*/
bool has_param(const string& n) const;
/**
* retrieve the parameter (const version)
* @param n the parameter name
* @return the parameter value
* @throw failed_lookup if there is no such parameter
*/
const string& get_param(const string& n) const;
/**
* retrieve the parameter.
* @param n the parameter name
* @return the parameter value
* @throw failed_lookup if there is no such parameter
*/
string& get_param(const string& n);
/**
* parse the OpenID key/value data.
* @param kv the OpenID key/value data
*/
void parse_keyvalues(const string& kv);
/**
* sign the fields.
* @param secret the secret used for signing
* @param sig reference to the string, containing base64-encoded
* result
* @param slist the comma-separated list of fields to sign
* @param prefix the string to prepend to parameter names
*/
void sign(secret_t secret,string& sig,const string& slist,const char *prefix=0) const;
/**
* append parameters to the URL as a GET-request parameters.
* @param url the base URL
* @param prefix the string to prepend to parameter names
* @return the ready-to-use location
*/
string append_query(const string& url,const char *prefix = "openid.") const;
};
/**
* dump the key/value pairs for the parameters to the stream.
* @param o output stream
* @param p the parameters
*/
ostream& operator << (ostream& o,const params_t& p);
}
#endif /* __OPKELE_TYPES_H */
diff --git a/include/opkele/util.h b/include/opkele/util.h
index 2a7a859..edc1859 100644
--- a/include/opkele/util.h
+++ b/include/opkele/util.h
@@ -1,130 +1,133 @@
#ifndef __OPKELE_UTIL_H
#define __OPKELE_UTIL_H
#include <time.h>
#include <string>
#include <vector>
#include <openssl/bn.h>
#include <openssl/dh.h>
namespace opkele {
using std::string;
using std::vector;
+ /**
+ * @brief opkele utils namespace
+ */
namespace util {
/**
* Convenience class encapsulating SSL BIGNUM object for the purpose of
* automatical freeing.
*/
class bignum_t {
public:
BIGNUM *_bn;
bignum_t() : _bn(0) { }
bignum_t(BIGNUM *bn) : _bn(bn) { }
~bignum_t() throw() { if(_bn) BN_free(_bn); }
bignum_t& operator=(BIGNUM *bn) { if(_bn) BN_free(_bn); _bn = bn; return *this; }
operator const BIGNUM*(void) const { return _bn; }
operator BIGNUM*(void) { return _bn; }
};
/**
* Convenience clas encapsulating SSL DH object for the purpose of
* automatic freeing.
*/
class dh_t {
public:
DH *_dh;
dh_t() : _dh(0) { }
dh_t(DH *dh) : _dh(dh) { }
~dh_t() throw() { if(_dh) DH_free(_dh); }
dh_t& operator=(DH *dh) { if(_dh) DH_free(_dh); _dh = dh; return *this; }
operator const DH*(void) const { return _dh; }
operator DH*(void) { return _dh; }
DH* operator->() { return _dh; }
const DH* operator->() const { return _dh; }
};
/**
* Convert base64-encoded SSL BIGNUM to internal representation.
* @param b64 base64-encoded number
* @return SSL BIGNUM
* @throw failed_conversion in case of error
*/
BIGNUM *base64_to_bignum(const string& b64);
/**
* Convert decimal representation to SSL BIGNUM.
* @param dec decimal representation
* @return resulting BIGNUM
* @throw failed_conversion in case of error
*/
BIGNUM *dec_to_bignum(const string& dec);
/**
* Convert SSL BIGNUM data to base64 encoded string.
* @param bn BIGNUM
* @return base64encoded string
*/
string bignum_to_base64(const BIGNUM *bn);
/**
* Convert internal time representation to w3c format
* @param t internal representation
* @return w3c time
* @throw failed_conversion in case of error
*/
string time_to_w3c(time_t t);
/**
* Convert W3C time representation to internal time_t
* @param w w3c representation
* @return converted time
* @throw failed_conversion in case of error
*/
time_t w3c_to_time(const string& w);
/**
* Encode string to the representation suitable for using in URL.
* @param str string to encode
* @return encoded string
* @throw failed_conversion in case of failure
*/
string url_encode(const string& str);
/**
* Convert number to string
* @param l number
* @return string representation
* @throw failed_conversion in case of failure
*/
string long_to_string(long l);
/**
* Convert string to number
* @param s string, containing the number
* @return the number
* @throw failed_conversion in case of failure
*/
long string_to_long(const string& s);
/**
* Encode binary data using base64.
* @param data pointer to binary data
* @param length length of data
* @return encoded data
*/
string encode_base64(const void *data,size_t length);
/**
* Decode binary data from base64 representation.
* @param data base64-encoded data
* @param rv container for decoded binary
*/
void decode_base64(const string& data,vector<unsigned char>& rv);
}
}
#endif /* __OPKELE_UTIL_H */
diff --git a/include/opkele/xconsumer.h b/include/opkele/xconsumer.h
index 14a8aaa..42796c0 100644
--- a/include/opkele/xconsumer.h
+++ b/include/opkele/xconsumer.h
@@ -1,41 +1,38 @@
#ifndef __OPKELE_XCONSUMER_H
#define __OPKELE_XCONSUMER_H
/**
* @file
* @brief OpenID consumer with built-in extension chain
*/
#include <opkele/extension_chain.h>
#include <opkele/consumer.h>
-/**
- * @brief the main opkele namespace
- */
namespace opkele {
/**
* Extended OpenID consumer implementation with built in
* extensions chain.
*/
class xconsumer_t : public consumer_t, public extension_chain_t {
public:
string checkid_immediate(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0) {
return consumer_t::checkid_immediate(identity,return_to,trust_root,this);
}
string chekid_setup(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0) {
return consumer_t::checkid_setup(identity,return_to,trust_root,this);
}
string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0) {
return consumer_t::checkid_(mode,identity,return_to,trust_root,this);
}
void id_res(const params_t& pin,const string& identity="",extension_t *ext=0) {
consumer_t::id_res(pin,identity,this);
}
};
}
#endif /* __OPKELE_XCONSUMER_H */
diff --git a/include/opkele/xserver.h b/include/opkele/xserver.h
index e29bfe6..c645d56 100644
--- a/include/opkele/xserver.h
+++ b/include/opkele/xserver.h
@@ -1,37 +1,34 @@
#ifndef __OPKELE_XSERVER_H
#define __OPKELE_XSERVER_H
/**
* @file
* @brief OpenID server with built-in extension chain
*/
#include <opkele/extension_chain.h>
#include <opkele/server.h>
-/**
- * @brief the main opkele namespace
- */
namespace opkele {
/**
* Extended OpenID server implementationwith built in
* extensions chain.
*/
class xserver_t : public server_t, public extension_chain_t {
public:
void checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0) {
server_t::checkid_immediate(pin,return_to,pout,this);
}
void checkid_setup(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0) {
server_t::checkid_setup(pin,return_to,pout,this);
}
void checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0) {
server_t::checkid_(mode,pin,return_to,pout,this);
}
};
}
#endif /* __OPKELE_XSERVER_H */