| -rw-r--r-- | lib/consumer.cc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/consumer.cc b/lib/consumer.cc index dd8e150..af309c1 100644 --- a/lib/consumer.cc +++ b/lib/consumer.cc | |||
| @@ -141,12 +141,14 @@ namespace opkele { | |||
| 141 | p["identity"] = delegate.empty()?iurl:delegate; | 141 | p["identity"] = delegate.empty()?iurl:delegate; |
| 142 | if(!trust_root.empty()) | 142 | if(!trust_root.empty()) |
| 143 | p["trust_root"] = trust_root; | 143 | p["trust_root"] = trust_root; |
| 144 | p["return_to"] = return_to; | 144 | p["return_to"] = return_to; |
| 145 | try { | 145 | try { |
| 146 | string ah = find_assoc(server)->handle(); | 146 | string ah = find_assoc(server)->handle(); |
| 147 | if(ah->is_expired()) /* TODO: or should I throw some other exception to force programmer fix his implementation? */ | ||
| 148 | throw failed_lookup(OPKELE_CP_ "find_assoc() has returned expired handle"); | ||
| 147 | p["assoc_handle"] = ah; | 149 | p["assoc_handle"] = ah; |
| 148 | }catch(failed_lookup& fl) { | 150 | }catch(failed_lookup& fl) { |
| 149 | string ah = associate(server)->handle(); | 151 | string ah = associate(server)->handle(); |
| 150 | p["assoc_handle"] = ah; | 152 | p["assoc_handle"] = ah; |
| 151 | } | 153 | } |
| 152 | if(ext) ext->checkid_hook(p,identity); | 154 | if(ext) ext->checkid_hook(p,identity); |
| @@ -158,12 +160,14 @@ namespace opkele { | |||
| 158 | throw id_res_setup(OPKELE_CP_ "assertion failed, setup url provided",pin.get_param("openid.user_setup_url")); | 160 | throw id_res_setup(OPKELE_CP_ "assertion failed, setup url provided",pin.get_param("openid.user_setup_url")); |
| 159 | string server,delegate; | 161 | string server,delegate; |
| 160 | retrieve_links(identity.empty()?pin.get_param("openid.identity"):canonicalize(identity),server,delegate); | 162 | retrieve_links(identity.empty()?pin.get_param("openid.identity"):canonicalize(identity),server,delegate); |
| 161 | params_t ps; | 163 | params_t ps; |
| 162 | try { | 164 | try { |
| 163 | assoc_t assoc = retrieve_assoc(server,pin.get_param("openid.assoc_handle")); | 165 | assoc_t assoc = retrieve_assoc(server,pin.get_param("openid.assoc_handle")); |
| 166 | if(assoc->is_expired()) /* TODO: or should I throw some other exception to force programmer fix his implementation? */ | ||
| 167 | throw failed_lookup(OPKELE_CP_ "retrieve_assoc() has returned expired handle"); | ||
| 164 | const string& sigenc = pin.get_param("openid.sig"); | 168 | const string& sigenc = pin.get_param("openid.sig"); |
| 165 | vector<unsigned char> sig; | 169 | vector<unsigned char> sig; |
| 166 | util::decode_base64(sigenc,sig); | 170 | util::decode_base64(sigenc,sig); |
| 167 | const string& slist = pin.get_param("openid.signed"); | 171 | const string& slist = pin.get_param("openid.signed"); |
| 168 | string kv; | 172 | string kv; |
| 169 | string::size_type p = 0; | 173 | string::size_type p = 0; |