-rw-r--r-- | include/opkele/basic_op.h | 3 | ||||
-rw-r--r-- | include/opkele/extension.h | 49 | ||||
-rw-r--r-- | include/opkele/extension_chain.h | 6 | ||||
-rw-r--r-- | include/opkele/sreg.h | 31 |
4 files changed, 46 insertions, 43 deletions
diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h index 7f4e481..5bba1bf 100644 --- a/include/opkele/basic_op.h +++ b/include/opkele/basic_op.h | |||
@@ -1,68 +1,69 @@ | |||
1 | #ifndef __OPKELE_BASIC_OP_H | 1 | #ifndef __OPKELE_BASIC_OP_H |
2 | #define __OPKELE_BASIC_OP_H | 2 | #define __OPKELE_BASIC_OP_H |
3 | 3 | ||
4 | #include <string> | 4 | #include <string> |
5 | #include <opkele/types.h> | 5 | #include <opkele/types.h> |
6 | #include <opkele/extension.h> | 6 | #include <opkele/extension.h> |
7 | 7 | ||
8 | namespace opkele { | 8 | namespace opkele { |
9 | using std::string; | 9 | using std::string; |
10 | 10 | ||
11 | class basic_op { | 11 | class basic_op { |
12 | public: | 12 | public: |
13 | mode_t mode; | 13 | mode_t mode; |
14 | assoc_t assoc; | 14 | assoc_t assoc; |
15 | bool openid2; | 15 | bool openid2; |
16 | string return_to; | 16 | string return_to; |
17 | string realm; | 17 | string realm; |
18 | string claimed_id; | 18 | string claimed_id; |
19 | string identity; | 19 | string identity; |
20 | string invalidate_handle; | 20 | string invalidate_handle; |
21 | 21 | ||
22 | void reset_vars(); | 22 | void reset_vars(); |
23 | 23 | ||
24 | bool has_return_to() const; | 24 | bool has_return_to() const; |
25 | const string& get_return_to() const; | 25 | const string& get_return_to() const; |
26 | 26 | ||
27 | const string& get_realm() const; | 27 | const string& get_realm() const; |
28 | 28 | ||
29 | bool has_identity() const; | 29 | bool has_identity() const; |
30 | const string& get_claimed_id() const; | 30 | const string& get_claimed_id() const; |
31 | const string& get_identity() const; | 31 | const string& get_identity() const; |
32 | 32 | ||
33 | bool is_id_select() const; | 33 | bool is_id_select() const; |
34 | 34 | ||
35 | void select_identity(const string& c,const string& i); | 35 | void select_identity(const string& c,const string& i); |
36 | void set_claimed_id(const string& c); | 36 | void set_claimed_id(const string& c); |
37 | 37 | ||
38 | basic_openid_message& associate( | 38 | basic_openid_message& associate( |
39 | basic_openid_message& oum, | 39 | basic_openid_message& oum, |
40 | const basic_openid_message& inm); | 40 | const basic_openid_message& inm); |
41 | 41 | ||
42 | void checkid_(const basic_openid_message& inm,extension_t *ext=0); | 42 | void checkid_(const basic_openid_message& inm,extension_t *ext=0); |
43 | basic_openid_message& id_res(basic_openid_message& om); | 43 | basic_openid_message& id_res(basic_openid_message& om, |
44 | extension_t *ext=0); | ||
44 | basic_openid_message& cancel(basic_openid_message& om); | 45 | basic_openid_message& cancel(basic_openid_message& om); |
45 | basic_openid_message& error(basic_openid_message& om, | 46 | basic_openid_message& error(basic_openid_message& om, |
46 | const string& error,const string& contact, | 47 | const string& error,const string& contact, |
47 | const string& reference ); | 48 | const string& reference ); |
48 | basic_openid_message& setup_needed( | 49 | basic_openid_message& setup_needed( |
49 | basic_openid_message& oum,const basic_openid_message& inm); | 50 | basic_openid_message& oum,const basic_openid_message& inm); |
50 | 51 | ||
51 | basic_openid_message& check_authentication( | 52 | basic_openid_message& check_authentication( |
52 | basic_openid_message& oum,const basic_openid_message& inm); | 53 | basic_openid_message& oum,const basic_openid_message& inm); |
53 | 54 | ||
54 | virtual void verify_return_to(); | 55 | virtual void verify_return_to(); |
55 | 56 | ||
56 | virtual assoc_t alloc_assoc(const string& t,size_t kl,bool sl) = 0; | 57 | virtual assoc_t alloc_assoc(const string& t,size_t kl,bool sl) = 0; |
57 | virtual assoc_t retrieve_assoc(const string& h) = 0; | 58 | virtual assoc_t retrieve_assoc(const string& h) = 0; |
58 | 59 | ||
59 | virtual string& alloc_nonce(string& nonce,bool sl) = 0; | 60 | virtual string& alloc_nonce(string& nonce,bool sl) = 0; |
60 | virtual bool check_nonce(const string& nonce) = 0; | 61 | virtual bool check_nonce(const string& nonce) = 0; |
61 | virtual void invalidate_nonce(const string& nonce) = 0; | 62 | virtual void invalidate_nonce(const string& nonce) = 0; |
62 | 63 | ||
63 | virtual const string get_op_endpoint() const = 0; | 64 | virtual const string get_op_endpoint() const = 0; |
64 | 65 | ||
65 | }; | 66 | }; |
66 | } | 67 | } |
67 | 68 | ||
68 | #endif /* __OPKELE_BASIC_OP_H */ | 69 | #endif /* __OPKELE_BASIC_OP_H */ |
diff --git a/include/opkele/extension.h b/include/opkele/extension.h index 3ee25ee..37bcb90 100644 --- a/include/opkele/extension.h +++ b/include/opkele/extension.h | |||
@@ -1,66 +1,61 @@ | |||
1 | #ifndef __OPKELE_EXTENSION_H | 1 | #ifndef __OPKELE_EXTENSION_H |
2 | #define __OPKELE_EXTENSION_H | 2 | #define __OPKELE_EXTENSION_H |
3 | 3 | ||
4 | /** | 4 | /** |
5 | * @file | 5 | * @file |
6 | * @brief extensions framework basics | 6 | * @brief extensions framework basics |
7 | */ | 7 | */ |
8 | 8 | ||
9 | #include <opkele/opkele-config.h> | ||
9 | #include <opkele/types.h> | 10 | #include <opkele/types.h> |
10 | 11 | ||
11 | namespace opkele { | 12 | namespace opkele { |
12 | 13 | ||
13 | /** | 14 | /** |
14 | * OpenID extension hooks base class | 15 | * OpenID extension hooks base class |
15 | */ | 16 | */ |
16 | class extension_t { | 17 | class extension_t { |
17 | public: | 18 | public: |
18 | 19 | ||
19 | virtual ~extension_t() { } | 20 | virtual ~extension_t() { } |
20 | 21 | ||
21 | /** | 22 | /** |
22 | * hook called by consumer before submitting data to OpenID server. | 23 | * hook called by RP before submitting the message to OP. |
23 | * It is supposed to manipulate parameters list. | 24 | * @param om openid message to be submit |
24 | * @param p parameters about to be submitted to server | ||
25 | * @param identity identity being verified. It may differ from the | ||
26 | * one available in parameters list in case of delegation | ||
27 | * @see consumer_t::checkid_ | ||
28 | * @see consumer_t::checkid_immediate | ||
29 | * @see consumer_t::checkid_setup | ||
30 | */ | 25 | */ |
31 | virtual void checkid_hook(basic_openid_message& om); | 26 | virtual void rp_checkid_hook(basic_openid_message& om); |
27 | |||
32 | /** | 28 | /** |
33 | * hook called by consumer after identity information received from | 29 | * hook called by RP after verifying information received from OP. |
34 | * OpenID server is verified. | 30 | * @param om openid message received |
35 | * @param p parameters received from server | 31 | * @param sp signed part of the message |
36 | * @param sp signed parameters received from server with 'openid.' | ||
37 | * leader stripped | ||
38 | * @param identity identity confirmed. May differ from the one | ||
39 | * available in parameters list in case of delegation. May also be | ||
40 | * empty which means - extract one from parameters | ||
41 | * @see consumer_t::id_res | ||
42 | */ | 32 | */ |
43 | virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp); | 33 | virtual void rp_id_res_hook(const basic_openid_message& om, |
34 | const basic_openid_message& sp); | ||
44 | 35 | ||
45 | /** | 36 | /** |
46 | * hook called by server before returning information to consumer. | 37 | * hook called by OP after parsing incoming message |
47 | * The hook may manipulate output parameters. It is important to | 38 | * @param inm message received from RP |
48 | * note that modified pout["signed"] is used for signing response. | 39 | */ |
49 | * @param pin request parameters list with "openid." prefix | 40 | virtual void op_checkid_hook(const basic_openid_message& inm); |
50 | * @param pout response parameters list without "openid." prefix | 41 | /** |
51 | * @see server_t::checkid_ | 42 | * hook called by OP before signing the reply to RP |
52 | * @see server_t::checkid_immediate | 43 | * @param oum message to be sent to RP |
53 | * @see server_t::checkid_setup | ||
54 | */ | 44 | */ |
45 | virtual void op_id_res_hook(basic_openid_message& oum); | ||
46 | |||
47 | virtual void checkid_hook(basic_openid_message& om) OPKELE_DEPRECATE; | ||
48 | virtual void id_res_hook(const basic_openid_message& om, | ||
49 | const basic_openid_message& sp) OPKELE_DEPRECATE; | ||
55 | virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum); | 50 | virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum); |
56 | 51 | ||
57 | /** | 52 | /** |
58 | * Casts the object to pointer to itself. For convenient passing | 53 | * Casts the object to pointer to itself. For convenient passing |
59 | * of pointer. | 54 | * of pointer. |
60 | */ | 55 | */ |
61 | operator extension_t*(void) { return this; } | 56 | operator extension_t*(void) { return this; } |
62 | }; | 57 | }; |
63 | 58 | ||
64 | } | 59 | } |
65 | 60 | ||
66 | #endif /* __OPKELE_EXTENSION_H */ | 61 | #endif /* __OPKELE_EXTENSION_H */ |
diff --git a/include/opkele/extension_chain.h b/include/opkele/extension_chain.h index fb9bc84..9692934 100644 --- a/include/opkele/extension_chain.h +++ b/include/opkele/extension_chain.h | |||
@@ -1,38 +1,44 @@ | |||
1 | #ifndef __OPKELE_EXTENSION_CHAIN_H | 1 | #ifndef __OPKELE_EXTENSION_CHAIN_H |
2 | #define __OPKELE_EXTENSION_CHAIN_H | 2 | #define __OPKELE_EXTENSION_CHAIN_H |
3 | 3 | ||
4 | /** | 4 | /** |
5 | * @file | 5 | * @file |
6 | * @brief extension chain extension | 6 | * @brief extension chain extension |
7 | */ | 7 | */ |
8 | 8 | ||
9 | #include <list> | 9 | #include <list> |
10 | #include <opkele/extension.h> | 10 | #include <opkele/extension.h> |
11 | 11 | ||
12 | namespace opkele { | 12 | namespace opkele { |
13 | using std::list; | 13 | using std::list; |
14 | 14 | ||
15 | /** | 15 | /** |
16 | * OpenID extensions chain used to combine extensions, it is actually an | 16 | * OpenID extensions chain used to combine extensions, it is actually an |
17 | * stl list of pointers to extensions. | 17 | * stl list of pointers to extensions. |
18 | */ | 18 | */ |
19 | class extension_chain_t : public extension_t, public list<extension_t*> { | 19 | class extension_chain_t : public extension_t, public list<extension_t*> { |
20 | public: | 20 | public: |
21 | 21 | ||
22 | /** | 22 | /** |
23 | * Default constructor creates an empty chain | 23 | * Default constructor creates an empty chain |
24 | */ | 24 | */ |
25 | extension_chain_t() { } | 25 | extension_chain_t() { } |
26 | /** | 26 | /** |
27 | * Create extension chain with a single extension in it | 27 | * Create extension chain with a single extension in it |
28 | */ | 28 | */ |
29 | extension_chain_t(extension_t *e) { push_back(e); } | 29 | extension_chain_t(extension_t *e) { push_back(e); } |
30 | 30 | ||
31 | virtual void rp_checkid_hook(basic_openid_message& om); | ||
32 | virtual void rp_id_res_hook(const basic_openid_message& om, | ||
33 | const basic_openid_message& sp); | ||
34 | virtual void op_checkid_hook(const basic_openid_message& inm); | ||
35 | virtual void op_id_res_hook(basic_openid_message& oum); | ||
36 | |||
31 | virtual void checkid_hook(basic_openid_message& om); | 37 | virtual void checkid_hook(basic_openid_message& om); |
32 | virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp); | 38 | virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp); |
33 | virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum); | 39 | virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum); |
34 | }; | 40 | }; |
35 | 41 | ||
36 | } | 42 | } |
37 | 43 | ||
38 | #endif /* __OPKELE_EXTENSION_CHAIN_H */ | 44 | #endif /* __OPKELE_EXTENSION_CHAIN_H */ |
diff --git a/include/opkele/sreg.h b/include/opkele/sreg.h index 24cb315..513e221 100644 --- a/include/opkele/sreg.h +++ b/include/opkele/sreg.h | |||
@@ -42,162 +42,163 @@ namespace opkele { | |||
42 | * zero. | 42 | * zero. |
43 | * | 43 | * |
44 | * For instance, if a End User wants to specify that his date | 44 | * For instance, if a End User wants to specify that his date |
45 | * of birth is in 1980, but not the month or day, the value | 45 | * of birth is in 1980, but not the month or day, the value |
46 | * returned SHALL be "1980-00-00". | 46 | * returned SHALL be "1980-00-00". |
47 | */ | 47 | */ |
48 | field_dob = 8, | 48 | field_dob = 8, |
49 | /** | 49 | /** |
50 | * Alias to field_dob | 50 | * Alias to field_dob |
51 | */ | 51 | */ |
52 | field_birthdate = field_dob, | 52 | field_birthdate = field_dob, |
53 | /** | 53 | /** |
54 | * The End User's gender, "M" for male, "F" for female. | 54 | * The End User's gender, "M" for male, "F" for female. |
55 | */ | 55 | */ |
56 | field_gender = 16, | 56 | field_gender = 16, |
57 | /** | 57 | /** |
58 | * Alias to field_gender | 58 | * Alias to field_gender |
59 | */ | 59 | */ |
60 | field_sex = field_gender, | 60 | field_sex = field_gender, |
61 | /** | 61 | /** |
62 | * UTF-8 string free text that SHOULD conform to the End User's | 62 | * UTF-8 string free text that SHOULD conform to the End User's |
63 | * country's postal system. | 63 | * country's postal system. |
64 | */ | 64 | */ |
65 | field_postcode = 32, | 65 | field_postcode = 32, |
66 | /** | 66 | /** |
67 | * The End User's country of residence as specified by ISO3166 | 67 | * The End User's country of residence as specified by ISO3166 |
68 | */ | 68 | */ |
69 | field_country = 64, | 69 | field_country = 64, |
70 | /** | 70 | /** |
71 | * End User's preferred language as specified by ISO639 | 71 | * End User's preferred language as specified by ISO639 |
72 | */ | 72 | */ |
73 | field_language = 128, | 73 | field_language = 128, |
74 | /** | 74 | /** |
75 | * ASCII string from TimeZone database | 75 | * ASCII string from TimeZone database |
76 | * | 76 | * |
77 | * For example, "Europe/Paris" or "America/Los_Angeles". | 77 | * For example, "Europe/Paris" or "America/Los_Angeles". |
78 | */ | 78 | */ |
79 | field_timezone = 256, | 79 | field_timezone = 256, |
80 | /** | 80 | /** |
81 | * All fields bits combined | 81 | * All fields bits combined |
82 | */ | 82 | */ |
83 | fields_ALL = 511, | 83 | fields_ALL = 511, |
84 | /** | 84 | /** |
85 | * No fields | 85 | * No fields |
86 | */ | 86 | */ |
87 | fields_NONE = 0 | 87 | fields_NONE = 0 |
88 | }; | 88 | }; |
89 | /** | 89 | /** |
90 | * Bitmask for fields which, if absent from the response, will | 90 | * Bitmask for fields which, if absent from the response, will |
91 | * prevent the Consumer from completing the registration without | 91 | * prevent the Consumer from completing the registration without |
92 | * End User interation. | 92 | * End User interation. |
93 | */ | 93 | */ |
94 | long fields_required; | 94 | long fields_required; |
95 | /** | 95 | /** |
96 | * Bitmask for fields that will be used by the Consumer, but whose | 96 | * Bitmask for fields that will be used by the Consumer, but whose |
97 | * absence will not prevent the registration from completing. | 97 | * absence will not prevent the registration from completing. |
98 | */ | 98 | */ |
99 | long fields_optional; | 99 | long fields_optional; |
100 | /** | 100 | /** |
101 | * A URL which the Consumer provides to give the End User a place | 101 | * A URL which the Consumer provides to give the End User a place |
102 | * to read about the how the profile data will be used. The | 102 | * to read about the how the profile data will be used. The |
103 | * Identity Provider SHOULD display this URL to the End User if it | 103 | * Identity Provider SHOULD display this URL to the End User if it |
104 | * is given. | 104 | * is given. |
105 | */ | 105 | */ |
106 | string policy_url; | 106 | string policy_url; |
107 | 107 | ||
108 | /** | 108 | /** |
109 | * Bitmask for fields present in response | 109 | * Bitmask for fields present in response |
110 | */ | 110 | */ |
111 | long has_fields; | 111 | long has_fields; |
112 | /** | 112 | /** |
113 | * Container type for response fields values | 113 | * Container type for response fields values |
114 | */ | 114 | */ |
115 | typedef map<fieldbit_t,string> response_t; | 115 | typedef map<fieldbit_t,string> response_t; |
116 | /** | 116 | /** |
117 | * Response contents | 117 | * Response contents |
118 | */ | 118 | */ |
119 | response_t response; | 119 | response_t response; |
120 | 120 | ||
121 | /** | 121 | /** |
122 | * Fields bitmask to send in response | 122 | * Fields bitmask to send in response |
123 | */ | 123 | */ |
124 | long fields_response; | 124 | long fields_response; |
125 | 125 | ||
126 | /** | 126 | /** |
127 | * Consumer constructor. | 127 | * Consumer constructor. |
128 | * @param fr required fields | 128 | * @param fr required fields |
129 | * @see fields_required | 129 | * @see fields_required |
130 | * @param fo optional fields | 130 | * @param fo optional fields |
131 | * @see fields_optional | 131 | * @see fields_optional |
132 | * @param pu policy url | 132 | * @param pu policy url |
133 | * @see policy_url | 133 | * @see policy_url |
134 | */ | 134 | */ |
135 | sreg_t(long fr=fields_NONE,long fo=fields_NONE,const string& pu="") | 135 | sreg_t(long fr=fields_NONE,long fo=fields_NONE,const string& pu="") |
136 | : fields_required(fr), fields_optional(fo), policy_url(pu), has_fields(0) { } | 136 | : fields_required(fr), fields_optional(fo), policy_url(pu), has_fields(0) { } |
137 | 137 | ||
138 | /** | 138 | virtual void rp_checkid_hook(basic_openid_message& om); |
139 | * Implementation of consumer's checkid hook | 139 | virtual void rp_id_res_hook(const basic_openid_message& om, |
140 | */ | 140 | const basic_openid_message& sp); |
141 | virtual void op_checkid_hook(const basic_openid_message& inm); | ||
142 | virtual void op_id_res_hook(basic_openid_message& oum); | ||
143 | |||
141 | virtual void checkid_hook(basic_openid_message& om); | 144 | virtual void checkid_hook(basic_openid_message& om); |
142 | /** | 145 | virtual void id_res_hook(const basic_openid_message& om, |
143 | * Implementation of consumer's id_res hook | 146 | const basic_openid_message& sp); |
144 | */ | 147 | virtual void checkid_hook(const basic_openid_message& inm, |
145 | virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp); | 148 | basic_openid_message& oum); |
146 | /** | ||
147 | * Implementation of server's checkid_hook | ||
148 | */ | ||
149 | virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum); | ||
150 | 149 | ||
151 | /** | 150 | /** |
152 | * Check and see if we have value for some particular field. | 151 | * Check and see if we have value for some particular field. |
153 | * @param fb field in question | 152 | * @param fb field in question |
154 | * @see fieldbit_t | 153 | * @see fieldbit_t |
155 | * @return true if the value is available | 154 | * @return true if the value is available |
156 | */ | 155 | */ |
157 | bool has_field(fieldbit_t fb) const { return has_fields&fb; } | 156 | bool has_field(fieldbit_t fb) const { return has_fields&fb; } |
158 | 157 | ||
159 | /** | 158 | /** |
160 | * Retrieve the value for a field. | 159 | * Retrieve the value for a field. |
161 | * @param fb field in question | 160 | * @param fb field in question |
162 | * @see fieldbit_t | 161 | * @see fieldbit_t |
163 | * @return field value | 162 | * @return field value |
164 | * @throw failed_lookup if no data avaialble | 163 | * @throw failed_lookup if no data avaialble |
165 | */ | 164 | */ |
166 | const string& get_field(fieldbit_t fb) const; | 165 | const string& get_field(fieldbit_t fb) const; |
167 | 166 | ||
168 | /** | 167 | /** |
169 | * Set the value for a field. | 168 | * Set the value for a field. |
170 | * @param fb field in question | 169 | * @param fb field in question |
171 | * @see fieldbit_t | 170 | * @see fieldbit_t |
172 | * @param fv field value | 171 | * @param fv field value |
173 | */ | 172 | */ |
174 | void set_field(fieldbit_t fb,const string& fv); | 173 | void set_field(fieldbit_t fb,const string& fv); |
175 | 174 | ||
176 | /** | 175 | /** |
177 | * Remove the value for a field. | 176 | * Remove the value for a field. |
178 | * @param fb field in question | 177 | * @param fb field in question |
179 | * @see fieldbit_t | 178 | * @see fieldbit_t |
180 | */ | 179 | */ |
181 | void reset_field(fieldbit_t fb); | 180 | void reset_field(fieldbit_t fb); |
182 | 181 | ||
183 | /** | 182 | /** |
184 | * Reset field data | 183 | * Reset field data |
185 | */ | 184 | */ |
186 | void clear(); | 185 | void clear(); |
187 | 186 | ||
188 | /** | 187 | /** |
189 | * Function called after parsing sreg request to set up response | 188 | * Function called after parsing sreg request to set up response |
190 | * fields. The default implementation tries to send as much fields | 189 | * fields. The default implementation tries to send as much fields |
191 | * as we have. The function is supposed to set the data and | 190 | * as we have. The function is supposed to set the data and |
192 | * fields_response. | 191 | * fields_response. |
193 | * @see fields_response | 192 | * @see fields_response |
194 | * @param pin input request parameters with "openid." prefix | 193 | * @param inm incoming openid message |
195 | * @param pout output request parameters without "openid." prefix. | 194 | * @param oum outgoing openid message |
196 | * @see checkid_hook(const params_t&,params_t&) | ||
197 | */ | 195 | */ |
198 | virtual void setup_response(const basic_openid_message& inm,basic_openid_message& oum); | 196 | virtual void setup_response(const basic_openid_message& inm, |
197 | basic_openid_message& oum); | ||
198 | |||
199 | virtual void setup_response(); | ||
199 | 200 | ||
200 | }; | 201 | }; |
201 | } | 202 | } |
202 | 203 | ||
203 | #endif /* __OPKELE_SREG_H */ | 204 | #endif /* __OPKELE_SREG_H */ |