| -rw-r--r-- | lib/server.cc | 6 |
1 files changed, 1 insertions, 5 deletions
diff --git a/lib/server.cc b/lib/server.cc index 8c29abb..e81d4b6 100644 --- a/lib/server.cc +++ b/lib/server.cc | |||
| @@ -1,16 +1,15 @@ | |||
| 1 | #include <vector> | 1 | #include <vector> |
| 2 | #include <openssl/sha.h> | 2 | #include <openssl/sha.h> |
| 3 | #include <openssl/hmac.h> | 3 | #include <openssl/hmac.h> |
| 4 | #include <mimetic/mimetic.h> | ||
| 5 | #include <opkele/util.h> | 4 | #include <opkele/util.h> |
| 6 | #include <opkele/exception.h> | 5 | #include <opkele/exception.h> |
| 7 | #include <opkele/server.h> | 6 | #include <opkele/server.h> |
| 8 | #include <opkele/data.h> | 7 | #include <opkele/data.h> |
| 9 | 8 | ||
| 10 | namespace opkele { | 9 | namespace opkele { |
| 11 | using namespace std; | 10 | using namespace std; |
| 12 | 11 | ||
| 13 | void server_t::associate(const params_t& pin,params_t& pout) { | 12 | void server_t::associate(const params_t& pin,params_t& pout) { |
| 14 | util::dh_t dh; | 13 | util::dh_t dh; |
| 15 | util::bignum_t c_pub; | 14 | util::bignum_t c_pub; |
| 16 | unsigned char key_sha1[SHA_DIGEST_LENGTH]; | 15 | unsigned char key_sha1[SHA_DIGEST_LENGTH]; |
| @@ -104,29 +103,26 @@ namespace opkele { | |||
| 104 | /* TODO: eventually remove deprecated stuff */ | 103 | /* TODO: eventually remove deprecated stuff */ |
| 105 | time_t now = time(0); | 104 | time_t now = time(0); |
| 106 | pout["issued"] = util::time_to_w3c(now); | 105 | pout["issued"] = util::time_to_w3c(now); |
| 107 | pout["valid_to"] = util::time_to_w3c(now+120); | 106 | pout["valid_to"] = util::time_to_w3c(now+120); |
| 108 | pout["exipres_in"] = "120"; | 107 | pout["exipres_in"] = "120"; |
| 109 | pout["signed"]="mode,identity,return_to"; | 108 | pout["signed"]="mode,identity,return_to"; |
| 110 | if(ext) ext->checkid_hook(pin,pout); | 109 | if(ext) ext->checkid_hook(pin,pout); |
| 111 | pout.sign(assoc->secret(),pout["sig"],pout["signed"]); | 110 | pout.sign(assoc->secret(),pout["sig"],pout["signed"]); |
| 112 | } | 111 | } |
| 113 | 112 | ||
| 114 | void server_t::check_authentication(const params_t& pin,params_t& pout) { | 113 | void server_t::check_authentication(const params_t& pin,params_t& pout) { |
| 115 | vector<unsigned char> sig; | 114 | vector<unsigned char> sig; |
| 116 | mimetic::Base64::Decoder b; | ||
| 117 | const string& sigenc = pin.get_param("openid.sig"); | 115 | const string& sigenc = pin.get_param("openid.sig"); |
| 118 | mimetic::decode( | 116 | util::decode_base64(sigenc,sig); |
| 119 | sigenc.begin(),sigenc.end(), b, | ||
| 120 | back_insert_iterator<vector<unsigned char> >(sig)); | ||
| 121 | assoc_t assoc; | 117 | assoc_t assoc; |
| 122 | try { | 118 | try { |
| 123 | assoc = retrieve_assoc(pin.get_param("openid.assoc_handle")); | 119 | assoc = retrieve_assoc(pin.get_param("openid.assoc_handle")); |
| 124 | }catch(failed_lookup& fl) { | 120 | }catch(failed_lookup& fl) { |
| 125 | throw failed_assertion(OPKELE_CP_ "invalid handle or handle not specified"); | 121 | throw failed_assertion(OPKELE_CP_ "invalid handle or handle not specified"); |
| 126 | } | 122 | } |
| 127 | if(!assoc->stateless()) | 123 | if(!assoc->stateless()) |
| 128 | throw stateful_handle(OPKELE_CP_ "will not do check_authentication on a stateful handle"); | 124 | throw stateful_handle(OPKELE_CP_ "will not do check_authentication on a stateful handle"); |
| 129 | const string& slist = pin.get_param("openid.signed"); | 125 | const string& slist = pin.get_param("openid.signed"); |
| 130 | string kv; | 126 | string kv; |
| 131 | string::size_type p =0; | 127 | string::size_type p =0; |
| 132 | while(true) { | 128 | while(true) { |