-rw-r--r-- | include/Makefile.am | 3 | ||||
-rw-r--r-- | include/opkele/consumer.h | 25 | ||||
-rw-r--r-- | include/opkele/exception.h | 10 | ||||
-rw-r--r-- | include/opkele/extension.h | 59 | ||||
-rw-r--r-- | include/opkele/server.h | 10 |
5 files changed, 92 insertions, 15 deletions
diff --git a/include/Makefile.am b/include/Makefile.am index b014752..72931eb 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -1,11 +1,12 @@ nobase_include_HEADERS = \ opkele/acconfig.h \ opkele/opkele-config.h \ opkele/types.h \ opkele/association.h \ opkele/exception.h \ opkele/server.h \ - opkele/consumer.h + opkele/consumer.h \ + opkele/extension.h EXTRA_DIST = \ opkele/data.h \ opkele/util.h diff --git a/include/opkele/consumer.h b/include/opkele/consumer.h index 9932315..f9939cf 100644 --- a/include/opkele/consumer.h +++ b/include/opkele/consumer.h @@ -1,28 +1,29 @@ #ifndef __OPKELE_CONSUMER_H #define __OPKELE_CONSUMER_H #include <opkele/types.h> +#include <opkele/extension.h> /** * @file * @brief OpenID consumer-side functionality */ /** * @brief the main opkele namespace */ namespace opkele { /** * implementation of basic consumer functionality */ class consumer_t { public: /** * store association. The function should be overridden in the real * implementation to provide persistent associations store. * @param server the OpenID server * @param handle association handle * @param secret the secret associated with the server and handle * @param expires_in the number of seconds until the handle is expired @@ -61,82 +62,84 @@ namespace opkele { * page pointed by url. the function may implement caching of the * information. * @param url url to harvest for link tags * @param server reference to the string object where to put * openid.server value * @param delegate reference to the string object where to put the * openid.delegate value (if any) */ virtual void retrieve_links(const string& url,string& server,string& delegate); /** * perform the associate request to OpenID server. * @param server the OpenID server * @return the auto_ptr<> for the newly allocated association_t * object, representing established association * @throw exception in case of error */ assoc_t associate(const string& server); /** * prepare the parameters for the checkid_immediate * request. * @param identity the identity to verify * @param return_to the return_to url to pass with the request * @param trust_root the trust root to advertise with the request + * @param ext pointer to an extension(s) hooks object * @return the location string * @throw exception in case of error */ - string checkid_immediate(const string& identity,const string& return_to,const string& trust_root=""); + string checkid_immediate(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); /** * prepare the parameters for the checkid_setup * request. * @param identity the identity to verify * @param return_to the return_to url to pass with the request * @param trust_root the trust root to advertise with the request + * @param ext pointer to an extension(s) hooks object * @return the location string * @throw exception in case of error */ - string checkid_setup(const string& identity,const string& return_to,const string& trust_root=""); + string checkid_setup(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); /** * the actual implementation behind checkid_immediate() and * checkid_setup() functions. * @param mode checkid_* mode - either mode_checkid_immediate or mode_checkid_setup * @param identity the identity to verify * @param return_to the return_to url to pass with the request * @param trust_root the trust root to advertise with the request + * @param ext pointer to an extension(s) hooks object * @return the location string * @throw exception in case of error */ - string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root=""); + string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); /** * verify the id_res response * @param pin the response parameters - * @param identity the identity being checked (if not specified, extracted - * from the openid.identity parameter - * @throw id_res_mismatch in case of signature - * mismatch - * @throw id_res_setup in case of - * openid.user_setup_url failure (supposedly - * checkid_immediate only) + * @param identity the identity being checked (if not specified, + * @param ext pointer to an extension(s) hooks object + * extracted from the openid.identity parameter + * @throw id_res_mismatch in case of signature mismatch + * @throw id_res_setup in case of openid.user_setup_url failure + * (supposedly checkid_immediate only) * @throw id_res_failed in case of failure * @throw exception in case of other failures */ - void id_res(const params_t& pin,const string& identity=""); + void id_res(const params_t& pin,const string& identity="",extension_t *ext=0); /** * perform a check_authentication request. * @param server the OpenID server * @param p request parameters */ void check_authentication(const string& server,const params_t& p); /** * make URL canonical, by adding http:// and trailing slash, if needed. * @param url * @return canonicalized url */ static string canonicalize(const string& url); }; } #endif /* __OPKELE_CONSUMER_H */ diff --git a/include/opkele/exception.h b/include/opkele/exception.h index c5f5811..9fc9bd3 100644 --- a/include/opkele/exception.h +++ b/include/opkele/exception.h @@ -184,27 +184,37 @@ namespace opkele { }; /** * network operation related error occured */ class exception_network : public exception { public: exception_network(OPKELE_E_PARS) : exception(OPKELE_E_CONS) { } }; /** * network operation related error occured, specifically, related to * libcurl */ class exception_curl : public exception_network { public: CURLcode _error; string _curl_string; exception_curl(OPKELE_E_PARS); exception_curl(OPKELE_E_PARS,CURLcode e); ~exception_curl() throw() { } }; + /** + * not implemented (think pure virtual) member function executed, signfies + * programmer error + */ + class not_implemented : public exception { + public: + not_implemented(OPKELE_E_PARS) + : exception(OPKELE_E_CONS) { } + }; + } #endif /* __OPKELE_EXCEPTION_H */ diff --git a/include/opkele/extension.h b/include/opkele/extension.h new file mode 100644 index 0000000..3fb5f6e --- a/dev/null +++ b/include/opkele/extension.h @@ -0,0 +1,59 @@ +#ifndef __OPKELE_EXTENSIONS_H +#define __OPKELE_EXTENSIONS_H + +/** + * @file + * @brief extensions framework basics + */ + +#include <opkele/types.h> + +/** + * @brief the main opkele namespace + */ +namespace opkele { + + /** + * OpenID consumer extension hooks base class + */ + class extension_t { + public: + /** + * hook called by consumer before submitting data to OpenID server. + * It is supposed to manipulate parameters list. + * @param p parameters about to be submitted to server + * @param identity identity being verified. It may differ from the + * one available in parameters list in case of delegation + */ + virtual void checkid_hook(params_t& p,const string& identity); + /** + * hook called by consumer after identity information received from + * OpenID server is verified. + * @param p parameters received from server + * @param sp signed parameters received from server with 'openid.' + * leader stripped + * @param identity identity confirmed. May differ from the one + * available in parameters list in case of delegation. May also be + * empty which means - extract one from parameters + */ + virtual void id_res_hook(const params_t& p,const params_t& sp,const string& identity); + + /** + * hook called by server before returning information to consumer. + * The hook may manipulate output parameters. It is important to + * note that modified pout["signed"] is used for signing response. + * @param pin request parameters list + * @param put response parameters list + */ + virtual void checkid_hook(const params_t& pin,params_t& pout); + + /** + * Casts the object to pointer to itself. For convenient passing + * of pointer. + */ + operator extension_t*(void) { return this; } + }; + +} + +#endif /* __OPKELE_EXTENSIONS_H */ diff --git a/include/opkele/server.h b/include/opkele/server.h index fe07448..bf131d8 100644 --- a/include/opkele/server.h +++ b/include/opkele/server.h @@ -1,33 +1,34 @@ #ifndef __OPKELE_SERVER_H #define __OPKELE_SERVER_H /** * @file * @brief OpenID server-side functionality */ #include <opkele/types.h> +#include <opkele/extension.h> /** * @brief the main opkele namespace */ namespace opkele { /** * implementation of basic server functionality */ class server_t { public: /** * allocate the new association. The function should be overridden * in the real implementation to provide persistent assocations * store. * @param mode the mode of request being processed to base the * statelessness of the association upon * @return the auto_ptr<> for the newly allocated association_t object */ virtual assoc_t alloc_assoc(mode_t mode) = 0; /** * retrieve the association. The function should be overridden in * the reqal implementation to provide persistent assocations @@ -39,57 +40,60 @@ namespace opkele { virtual assoc_t retrieve_assoc(const string& h) = 0; /** * validate the identity. * @param assoc association object * @param pin incoming request parameters * @param identity being verified * @param trust_root presented in the request * @throw exception if identity can not be confirmed */ virtual void validate(const association_t& assoc,const params_t& pin,const string& identity,const string& trust_root) = 0; /** * process the associate request. * @param pin the incoming request parameters * @param pout the store for the response parameters */ void associate(const params_t& pin,params_t& pout); /** * process the checkid_immediate request. * @param pin the incoming request parameters * @param return_to reference to the object to store return_to url to * @param pout the response parameters + * @param ext pointer to the extension hooks object * @throw exception in case of errors or negative reply */ - void checkid_immediate(const params_t& pin,string& return_to,params_t& pout); + void checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0); /** * process the checkid_setup request. * @param pin the incoming request parameters * @param return_to reference to the object to store return_to url to * @param pout the response parameters + * @param ext pointer to the extension hooks object * @throw exception in case of errors or negative reply */ - void checkid_setup(const params_t& pin,string& return_to,params_t& pout); + void checkid_setup(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0); /** * the actual functionality behind checkid_immediate() and * checkid_setup() * @param mode the request being processed (either * mode_checkid_immediate or mode_checkid_setup) * @param pin the incoming request parameters * @param return_to reference to the object to store return_to url to * @param pout the response parameters + * @param ext pointer to the extension hooks object * @throw exception in case of errors or negative reply */ - void checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout); + void checkid_(mode_t mode,const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0); /** * process the check_authentication request. * @param pin incoming request parameters * @param pout response parameters */ void check_authentication(const params_t& pin,params_t& pout); }; } #endif /* __OPKELE_SERVER_H */ |