| -rw-r--r-- | include/opkele/consumer.h | 2 | ||||
| -rw-r--r-- | include/opkele/extension.h | 2 | ||||
| -rw-r--r-- | include/opkele/server.h | 2 | ||||
| -rw-r--r-- | include/opkele/types.h | 2 |
4 files changed, 8 insertions, 0 deletions
diff --git a/include/opkele/consumer.h b/include/opkele/consumer.h index b9d1e54..50ff692 100644 --- a/include/opkele/consumer.h +++ b/include/opkele/consumer.h @@ -1,72 +1,74 @@ #ifndef __OPKELE_CONSUMER_H #define __OPKELE_CONSUMER_H #include <opkele/types.h> #include <opkele/extension.h> /** * @file * @brief OpenID consumer-side functionality */ namespace opkele { /** * implementation of basic consumer functionality * * @note * The consumer uses libcurl internally, which means that if you're using * libopkele in multithreaded environment you should call curl_global_init * yourself before spawning any threads. */ class consumer_t { public: + virtual ~consumer_t() { } + /** * store association. The function should be overridden in the real * implementation to provide persistent associations store. * @param server the OpenID server * @param handle association handle * @param secret the secret associated with the server and handle * @param expires_in the number of seconds until the handle is expired * @return the auto_ptr<> for the newly allocated association_t object */ virtual assoc_t store_assoc(const string& server,const string& handle,const secret_t& secret,int expires_in) = 0; /** * retrieve stored association. The function should be overridden * in the real implementation to provide persistent assocations * store. * * @note * The user is responsible for handling associations expiry and * this function should never return an expired or invalidated * association. * * @param server the OpenID server * @param handle association handle * @return the autho_ptr<> for the newly allocated association_t object * @throw failed_lookup if no unexpired association found */ virtual assoc_t retrieve_assoc(const string& server,const string& handle) = 0; /** * invalidate stored association. The function should be overridden * in the real implementation of the consumer. * @param server the OpenID server * @param handle association handle */ virtual void invalidate_assoc(const string& server,const string& handle) = 0; /** * retrieve any unexpired association for the server. If the * function is not overridden in the real implementation, the new * association will be established for each request. * * @note * The user is responsible for handling associations and this * function should never return an expired or invalidated * association. * * @param server the OpenID server * @return the auto_ptr<> for the newly allocated association_t object * @throw failed_lookup in case of absence of the handle */ virtual assoc_t find_assoc(const string& server); diff --git a/include/opkele/extension.h b/include/opkele/extension.h index ea0c74c..513672f 100644 --- a/include/opkele/extension.h +++ b/include/opkele/extension.h @@ -1,63 +1,65 @@ #ifndef __OPKELE_EXTENSION_H #define __OPKELE_EXTENSION_H /** * @file * @brief extensions framework basics */ #include <opkele/types.h> namespace opkele { /** * OpenID extension hooks base class */ class extension_t { public: + + virtual ~extension_t() { } /** * hook called by consumer before submitting data to OpenID server. * It is supposed to manipulate parameters list. * @param p parameters about to be submitted to server * @param identity identity being verified. It may differ from the * one available in parameters list in case of delegation * @see consumer_t::checkid_ * @see consumer_t::checkid_immediate * @see consumer_t::checkid_setup */ virtual void checkid_hook(params_t& p,const string& identity); /** * hook called by consumer after identity information received from * OpenID server is verified. * @param p parameters received from server * @param sp signed parameters received from server with 'openid.' * leader stripped * @param identity identity confirmed. May differ from the one * available in parameters list in case of delegation. May also be * empty which means - extract one from parameters * @see consumer_t::id_res */ virtual void id_res_hook(const params_t& p,const params_t& sp,const string& identity); /** * hook called by server before returning information to consumer. * The hook may manipulate output parameters. It is important to * note that modified pout["signed"] is used for signing response. * @param pin request parameters list with "openid." prefix * @param pout response parameters list without "openid." prefix * @see server_t::checkid_ * @see server_t::checkid_immediate * @see server_t::checkid_setup */ virtual void checkid_hook(const params_t& pin,params_t& pout); /** * Casts the object to pointer to itself. For convenient passing * of pointer. */ operator extension_t*(void) { return this; } }; } #endif /* __OPKELE_EXTENSION_H */ diff --git a/include/opkele/server.h b/include/opkele/server.h index e7e5bb3..dd7fc41 100644 --- a/include/opkele/server.h +++ b/include/opkele/server.h @@ -1,67 +1,69 @@ #ifndef __OPKELE_SERVER_H #define __OPKELE_SERVER_H /** * @file * @brief OpenID server-side functionality */ #include <opkele/types.h> #include <opkele/extension.h> namespace opkele { /** * implementation of basic server functionality */ class server_t { public: + virtual ~server_t() { } + /** * allocate the new association. The function should be overridden * in the real implementation to provide persistent assocations * store. * @param mode the mode of request being processed to base the * statelessness of the association upon * @return the auto_ptr<> for the newly allocated association_t object */ virtual assoc_t alloc_assoc(mode_t mode) = 0; /** * retrieve the association. The function should be overridden in * the reqal implementation to provide persistent assocations * store. * @param h association handle * @return the auto_ptr<> for the newly allocated association_t object * @throw failed_lookup in case of failure */ virtual assoc_t retrieve_assoc(const string& h) = 0; /** * validate the identity. * @param assoc association object * @param pin incoming request parameters * @param identity being verified * @param trust_root presented in the request * @throw exception if identity can not be confirmed */ virtual void validate(const association_t& assoc,const params_t& pin,const string& identity,const string& trust_root) = 0; /** * process the associate request. * @param pin the incoming request parameters * @param pout the store for the response parameters */ void associate(const params_t& pin,params_t& pout); /** * process the checkid_immediate request. * @param pin the incoming request parameters * @param return_to reference to the object to store return_to url to * @param pout the response parameters * @param ext pointer to the extension hooks object * @throw exception in case of errors or negative reply */ virtual void checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0); /** * process the checkid_setup request. * @param pin the incoming request parameters diff --git a/include/opkele/types.h b/include/opkele/types.h index 8f4bf73..f732a1e 100644 --- a/include/opkele/types.h +++ b/include/opkele/types.h @@ -20,96 +20,98 @@ namespace opkele { using std::auto_ptr; /** * the OpenID operation mode */ typedef enum _mode_t { mode_associate, mode_checkid_immediate, mode_checkid_setup, mode_check_association } mode_t; /** * the association secret container */ class secret_t : public vector<unsigned char> { public: /** * xor the secret and hmac together and encode, using base64 * @param key_sha1 pointer to the sha1 digest * @param rv reference to the return value */ void enxor_to_base64(const unsigned char *key_sha1,string& rv) const; /** * decode base64-encoded secret and xor it with the sha1 digest * @param key_sha1 pointer to the message digest * @param b64 base64-encoded secret value */ void enxor_from_base64(const unsigned char *key_sha1,const string& b64); /** * plainly encode to base64 representation * @param rv reference to the return value */ void to_base64(string& rv) const; /** * decode cleartext secret from base64 * @param b64 base64-encoded representation of the secret value */ void from_base64(const string& b64); }; /** * Interface to the association. */ class association_t { public: + virtual ~association_t() { } + /** * retrieve the server with which association was established. * @return server name */ virtual string server() const = 0; /** * retrieve the association handle. * @return handle */ virtual string handle() const = 0; /** * retrieve the association type. * @return association type */ virtual string assoc_type() const = 0; /** * retrieve the association secret. * @return association secret */ virtual secret_t secret() const = 0; /** * retrieve the number of seconds the association expires in. * @return seconds till expiration */ virtual int expires_in() const = 0; /** * check whether the association is stateless. * @return true if stateless */ virtual bool stateless() const = 0; /** * check whether the association is expired. * @return true if expired */ virtual bool is_expired() const = 0; }; /** * the auto_ptr<> for association_t object type */ typedef auto_ptr<association_t> assoc_t; /** * request/response parameters map */ class params_t : public map<string,string> { public: |