summaryrefslogtreecommitdiffabout
path: root/include
Side-by-side diff
Diffstat (limited to 'include') (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/basic_op.h3
-rw-r--r--include/opkele/extension.h49
-rw-r--r--include/opkele/extension_chain.h6
-rw-r--r--include/opkele/sreg.h31
4 files changed, 46 insertions, 43 deletions
diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h
index 7f4e481..5bba1bf 100644
--- a/include/opkele/basic_op.h
+++ b/include/opkele/basic_op.h
@@ -1,68 +1,69 @@
#ifndef __OPKELE_BASIC_OP_H
#define __OPKELE_BASIC_OP_H
#include <string>
#include <opkele/types.h>
#include <opkele/extension.h>
namespace opkele {
using std::string;
class basic_op {
public:
mode_t mode;
assoc_t assoc;
bool openid2;
string return_to;
string realm;
string claimed_id;
string identity;
string invalidate_handle;
void reset_vars();
bool has_return_to() const;
const string& get_return_to() const;
const string& get_realm() const;
bool has_identity() const;
const string& get_claimed_id() const;
const string& get_identity() const;
bool is_id_select() const;
void select_identity(const string& c,const string& i);
void set_claimed_id(const string& c);
basic_openid_message& associate(
basic_openid_message& oum,
const basic_openid_message& inm);
void checkid_(const basic_openid_message& inm,extension_t *ext=0);
- basic_openid_message& id_res(basic_openid_message& om);
+ basic_openid_message& id_res(basic_openid_message& om,
+ extension_t *ext=0);
basic_openid_message& cancel(basic_openid_message& om);
basic_openid_message& error(basic_openid_message& om,
const string& error,const string& contact,
const string& reference );
basic_openid_message& setup_needed(
basic_openid_message& oum,const basic_openid_message& inm);
basic_openid_message& check_authentication(
basic_openid_message& oum,const basic_openid_message& inm);
virtual void verify_return_to();
virtual assoc_t alloc_assoc(const string& t,size_t kl,bool sl) = 0;
virtual assoc_t retrieve_assoc(const string& h) = 0;
virtual string& alloc_nonce(string& nonce,bool sl) = 0;
virtual bool check_nonce(const string& nonce) = 0;
virtual void invalidate_nonce(const string& nonce) = 0;
virtual const string get_op_endpoint() const = 0;
};
}
#endif /* __OPKELE_BASIC_OP_H */
diff --git a/include/opkele/extension.h b/include/opkele/extension.h
index 3ee25ee..37bcb90 100644
--- a/include/opkele/extension.h
+++ b/include/opkele/extension.h
@@ -1,66 +1,61 @@
#ifndef __OPKELE_EXTENSION_H
#define __OPKELE_EXTENSION_H
/**
* @file
* @brief extensions framework basics
*/
+#include <opkele/opkele-config.h>
#include <opkele/types.h>
namespace opkele {
/**
* OpenID extension hooks base class
*/
class extension_t {
public:
virtual ~extension_t() { }
/**
- * hook called by consumer before submitting data to OpenID server.
- * It is supposed to manipulate parameters list.
- * @param p parameters about to be submitted to server
- * @param identity identity being verified. It may differ from the
- * one available in parameters list in case of delegation
- * @see consumer_t::checkid_
- * @see consumer_t::checkid_immediate
- * @see consumer_t::checkid_setup
+ * hook called by RP before submitting the message to OP.
+ * @param om openid message to be submit
*/
- virtual void checkid_hook(basic_openid_message& om);
+ virtual void rp_checkid_hook(basic_openid_message& om);
+
/**
- * hook called by consumer after identity information received from
- * OpenID server is verified.
- * @param p parameters received from server
- * @param sp signed parameters received from server with 'openid.'
- * leader stripped
- * @param identity identity confirmed. May differ from the one
- * available in parameters list in case of delegation. May also be
- * empty which means - extract one from parameters
- * @see consumer_t::id_res
+ * hook called by RP after verifying information received from OP.
+ * @param om openid message received
+ * @param sp signed part of the message
*/
- virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp);
+ virtual void rp_id_res_hook(const basic_openid_message& om,
+ const basic_openid_message& sp);
/**
- * hook called by server before returning information to consumer.
- * The hook may manipulate output parameters. It is important to
- * note that modified pout["signed"] is used for signing response.
- * @param pin request parameters list with "openid." prefix
- * @param pout response parameters list without "openid." prefix
- * @see server_t::checkid_
- * @see server_t::checkid_immediate
- * @see server_t::checkid_setup
+ * hook called by OP after parsing incoming message
+ * @param inm message received from RP
+ */
+ virtual void op_checkid_hook(const basic_openid_message& inm);
+ /**
+ * hook called by OP before signing the reply to RP
+ * @param oum message to be sent to RP
*/
+ virtual void op_id_res_hook(basic_openid_message& oum);
+
+ virtual void checkid_hook(basic_openid_message& om) OPKELE_DEPRECATE;
+ virtual void id_res_hook(const basic_openid_message& om,
+ const basic_openid_message& sp) OPKELE_DEPRECATE;
virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum);
/**
* Casts the object to pointer to itself. For convenient passing
* of pointer.
*/
operator extension_t*(void) { return this; }
};
}
#endif /* __OPKELE_EXTENSION_H */
diff --git a/include/opkele/extension_chain.h b/include/opkele/extension_chain.h
index fb9bc84..9692934 100644
--- a/include/opkele/extension_chain.h
+++ b/include/opkele/extension_chain.h
@@ -1,38 +1,44 @@
#ifndef __OPKELE_EXTENSION_CHAIN_H
#define __OPKELE_EXTENSION_CHAIN_H
/**
* @file
* @brief extension chain extension
*/
#include <list>
#include <opkele/extension.h>
namespace opkele {
using std::list;
/**
* OpenID extensions chain used to combine extensions, it is actually an
* stl list of pointers to extensions.
*/
class extension_chain_t : public extension_t, public list<extension_t*> {
public:
/**
* Default constructor creates an empty chain
*/
extension_chain_t() { }
/**
* Create extension chain with a single extension in it
*/
extension_chain_t(extension_t *e) { push_back(e); }
+ virtual void rp_checkid_hook(basic_openid_message& om);
+ virtual void rp_id_res_hook(const basic_openid_message& om,
+ const basic_openid_message& sp);
+ virtual void op_checkid_hook(const basic_openid_message& inm);
+ virtual void op_id_res_hook(basic_openid_message& oum);
+
virtual void checkid_hook(basic_openid_message& om);
virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp);
virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum);
};
}
#endif /* __OPKELE_EXTENSION_CHAIN_H */
diff --git a/include/opkele/sreg.h b/include/opkele/sreg.h
index 24cb315..513e221 100644
--- a/include/opkele/sreg.h
+++ b/include/opkele/sreg.h
@@ -1,203 +1,204 @@
#ifndef __OPKELE_SREG_H
#define __OPKELE_SREG_H
/**
* @file
* @brief Simple registration extension
*/
#include <opkele/extension.h>
namespace opkele {
using std::map;
/**
* OpenID simple registration extension implementation
* http://openid.net/specs/openid-simple-registration-extension-1_0.html
*/
class sreg_t : public extension_t {
public:
/**
* sreg fields enumeration
*/
enum fieldbit_t {
/**
* Any UTF-8 string that the End User wants to use as a nickname.
*/
field_nickname = 1,
/**
* The email address of the End User as specified in section 3.4.1 of [RFC2822]
*/
field_email = 2,
/**
* UTF-8 string free text representation of the End User's full name.
*/
field_fullname = 4,
/**
* The End User's date of birth as YYYY-MM-DD. Any values whose
* representation uses fewer than the specified number of
* digits should be zero-padded. The length of this value MUST
* always be 10. If the End User user does not want to reveal
* any particular component of this value, it MUST be set to
* zero.
*
* For instance, if a End User wants to specify that his date
* of birth is in 1980, but not the month or day, the value
* returned SHALL be "1980-00-00".
*/
field_dob = 8,
/**
* Alias to field_dob
*/
field_birthdate = field_dob,
/**
* The End User's gender, "M" for male, "F" for female.
*/
field_gender = 16,
/**
* Alias to field_gender
*/
field_sex = field_gender,
/**
* UTF-8 string free text that SHOULD conform to the End User's
* country's postal system.
*/
field_postcode = 32,
/**
* The End User's country of residence as specified by ISO3166
*/
field_country = 64,
/**
* End User's preferred language as specified by ISO639
*/
field_language = 128,
/**
* ASCII string from TimeZone database
*
* For example, "Europe/Paris" or "America/Los_Angeles".
*/
field_timezone = 256,
/**
* All fields bits combined
*/
fields_ALL = 511,
/**
* No fields
*/
fields_NONE = 0
};
/**
* Bitmask for fields which, if absent from the response, will
* prevent the Consumer from completing the registration without
* End User interation.
*/
long fields_required;
/**
* Bitmask for fields that will be used by the Consumer, but whose
* absence will not prevent the registration from completing.
*/
long fields_optional;
/**
* A URL which the Consumer provides to give the End User a place
* to read about the how the profile data will be used. The
* Identity Provider SHOULD display this URL to the End User if it
* is given.
*/
string policy_url;
/**
* Bitmask for fields present in response
*/
long has_fields;
/**
* Container type for response fields values
*/
typedef map<fieldbit_t,string> response_t;
/**
* Response contents
*/
response_t response;
/**
* Fields bitmask to send in response
*/
long fields_response;
/**
* Consumer constructor.
* @param fr required fields
* @see fields_required
* @param fo optional fields
* @see fields_optional
* @param pu policy url
* @see policy_url
*/
sreg_t(long fr=fields_NONE,long fo=fields_NONE,const string& pu="")
: fields_required(fr), fields_optional(fo), policy_url(pu), has_fields(0) { }
- /**
- * Implementation of consumer's checkid hook
- */
+ virtual void rp_checkid_hook(basic_openid_message& om);
+ virtual void rp_id_res_hook(const basic_openid_message& om,
+ const basic_openid_message& sp);
+ virtual void op_checkid_hook(const basic_openid_message& inm);
+ virtual void op_id_res_hook(basic_openid_message& oum);
+
virtual void checkid_hook(basic_openid_message& om);
- /**
- * Implementation of consumer's id_res hook
- */
- virtual void id_res_hook(const basic_openid_message& om,const basic_openid_message& sp);
- /**
- * Implementation of server's checkid_hook
- */
- virtual void checkid_hook(const basic_openid_message& inm,basic_openid_message& oum);
+ virtual void id_res_hook(const basic_openid_message& om,
+ const basic_openid_message& sp);
+ virtual void checkid_hook(const basic_openid_message& inm,
+ basic_openid_message& oum);
/**
* Check and see if we have value for some particular field.
* @param fb field in question
* @see fieldbit_t
* @return true if the value is available
*/
bool has_field(fieldbit_t fb) const { return has_fields&fb; }
/**
* Retrieve the value for a field.
* @param fb field in question
* @see fieldbit_t
* @return field value
* @throw failed_lookup if no data avaialble
*/
const string& get_field(fieldbit_t fb) const;
/**
* Set the value for a field.
* @param fb field in question
* @see fieldbit_t
* @param fv field value
*/
void set_field(fieldbit_t fb,const string& fv);
/**
* Remove the value for a field.
* @param fb field in question
* @see fieldbit_t
*/
void reset_field(fieldbit_t fb);
/**
* Reset field data
*/
void clear();
/**
* Function called after parsing sreg request to set up response
* fields. The default implementation tries to send as much fields
* as we have. The function is supposed to set the data and
* fields_response.
* @see fields_response
- * @param pin input request parameters with "openid." prefix
- * @param pout output request parameters without "openid." prefix.
- * @see checkid_hook(const params_t&,params_t&)
+ * @param inm incoming openid message
+ * @param oum outgoing openid message
*/
- virtual void setup_response(const basic_openid_message& inm,basic_openid_message& oum);
+ virtual void setup_response(const basic_openid_message& inm,
+ basic_openid_message& oum);
+
+ virtual void setup_response();
};
}
#endif /* __OPKELE_SREG_H */