|
|
|
@@ -116,97 +116,97 @@ class example_op_t : public opkele::verify_op { |
116 | rand ); |
116 | rand ); |
117 | string ssecret; a_secret.to_base64(ssecret); |
117 | string ssecret; a_secret.to_base64(ssecret); |
118 | time_t now = time(0); |
118 | time_t now = time(0); |
119 | int expires_in = sl?3600*2:3600*24*7*2; |
119 | int expires_in = sl?3600*2:3600*24*7*2; |
120 | sqlite3_mem_t<char*> |
120 | sqlite3_mem_t<char*> |
121 | S = sqlite3_mprintf( |
121 | S = sqlite3_mprintf( |
122 | "INSERT INTO assoc" |
122 | "INSERT INTO assoc" |
123 | " (a_handle,a_type,a_ctime,a_etime,a_secret,a_stateless)" |
123 | " (a_handle,a_type,a_ctime,a_etime,a_secret,a_stateless)" |
124 | " VALUES (" |
124 | " VALUES (" |
125 | " %Q,%Q,datetime('now')," |
125 | " %Q,%Q,datetime('now')," |
126 | " datetime('now','+%d seconds')," |
126 | " datetime('now','+%d seconds')," |
127 | " %Q,%d );", |
127 | " %Q,%d );", |
128 | a_handle.c_str(), type.c_str(), |
128 | a_handle.c_str(), type.c_str(), |
129 | expires_in, |
129 | expires_in, |
130 | ssecret.c_str(), sl ); |
130 | ssecret.c_str(), sl ); |
131 | db.exec(S); |
131 | db.exec(S); |
132 | return opkele::assoc_t(new opkele::association( |
132 | return opkele::assoc_t(new opkele::association( |
133 | "", |
133 | "", |
134 | a_handle, type, a_secret, |
134 | a_handle, type, a_secret, |
135 | now+expires_in, sl )); |
135 | now+expires_in, sl )); |
136 | } |
136 | } |
137 | |
137 | |
138 | opkele::assoc_t retrieve_assoc(const string& h) { |
138 | opkele::assoc_t retrieve_assoc(const string& h) { |
139 | sqlite3_mem_t<char*> |
139 | sqlite3_mem_t<char*> |
140 | S = sqlite3_mprintf( |
140 | S = sqlite3_mprintf( |
141 | "SELECT" |
141 | "SELECT" |
142 | " a_handle,a_type,a_secret,a_stateless," |
142 | " a_handle,a_type,a_secret,a_stateless," |
143 | " strftime('%%s',a_etime) AS a_etime," |
143 | " strftime('%%s',a_etime) AS a_etime," |
144 | " a_itime" |
144 | " a_itime" |
145 | " FROM assoc" |
145 | " FROM assoc" |
146 | " WHERE a_handle=%Q AND a_itime IS NULL" |
146 | " WHERE a_handle=%Q AND a_itime IS NULL" |
147 | " AND datetime('now') < a_etime" |
147 | " AND datetime('now') < a_etime" |
148 | " LIMIT 1", |
148 | " LIMIT 1", |
149 | h.c_str() ); |
149 | h.c_str() ); |
150 | sqlite3_table_t T; |
150 | sqlite3_table_t T; |
151 | int nr,nc; |
151 | int nr,nc; |
152 | db.get_table(S,T,&nr,&nc); |
152 | db.get_table(S,T,&nr,&nc); |
153 | if(nr<1) |
153 | if(nr<1) |
154 | throw opkele::failed_lookup(OPKELE_CP_ |
154 | throw opkele::failed_lookup(OPKELE_CP_ |
155 | "couldn't retrieve valid unexpired assoc"); |
155 | "couldn't retrieve valid unexpired assoc"); |
156 | assert(nr==1); assert(nc==6); |
156 | assert(nr==1); assert(nc==6); |
157 | opkele::secret_t secret; opkele::util::decode_base64(T.get(1,2,nc),secret); |
157 | opkele::secret_t secret; opkele::util::decode_base64(T.get(1,2,nc),secret); |
158 | return opkele::assoc_t(new opkele::association( |
158 | return opkele::assoc_t(new opkele::association( |
159 | "", h, T.get(1,1,nc), secret, |
159 | "", h, T.get(1,1,nc), secret, |
160 | strtol(T.get(1,4,nc),0,0), |
160 | strtol(T.get(1,4,nc),0,0), |
161 | strtol(T.get(1,3,nc),0,0) )); |
161 | strtol(T.get(1,3,nc),0,0) )); |
162 | } |
162 | } |
163 | |
163 | |
164 | string& alloc_nonce(string& nonce,bool stateless) { |
164 | string& alloc_nonce(string& nonce) { |
165 | uuid_t uuid; uuid_generate(uuid); |
165 | uuid_t uuid; uuid_generate(uuid); |
166 | nonce += opkele::util::encode_base64(uuid,sizeof(uuid)); |
166 | nonce += opkele::util::encode_base64(uuid,sizeof(uuid)); |
167 | sqlite3_mem_t<char*> |
167 | sqlite3_mem_t<char*> |
168 | S = sqlite3_mprintf( |
168 | S = sqlite3_mprintf( |
169 | "INSERT INTO nonces" |
169 | "INSERT INTO nonces" |
170 | " (n_once) VALUES (%Q)", |
170 | " (n_once) VALUES (%Q)", |
171 | nonce.c_str() ); |
171 | nonce.c_str() ); |
172 | db.exec(S); |
172 | db.exec(S); |
173 | return nonce; |
173 | return nonce; |
174 | } |
174 | } |
175 | bool check_nonce(const string& nonce) { |
175 | bool check_nonce(const string& nonce) { |
176 | sqlite3_mem_t<char*> |
176 | sqlite3_mem_t<char*> |
177 | S = sqlite3_mprintf( |
177 | S = sqlite3_mprintf( |
178 | "SELECT 1" |
178 | "SELECT 1" |
179 | " FROM nonces" |
179 | " FROM nonces" |
180 | " WHERE n_once=%Q AND n_itime IS NULL", |
180 | " WHERE n_once=%Q AND n_itime IS NULL", |
181 | nonce.c_str()); |
181 | nonce.c_str()); |
182 | sqlite3_table_t T; |
182 | sqlite3_table_t T; |
183 | int nr,nc; |
183 | int nr,nc; |
184 | db.get_table(S,T,&nr,&nc); |
184 | db.get_table(S,T,&nr,&nc); |
185 | return nr>=1; |
185 | return nr>=1; |
186 | } |
186 | } |
187 | void invalidate_nonce(const string& nonce) { |
187 | void invalidate_nonce(const string& nonce) { |
188 | sqlite3_mem_t<char*> |
188 | sqlite3_mem_t<char*> |
189 | S = sqlite3_mprintf( |
189 | S = sqlite3_mprintf( |
190 | "UPDATE nonces" |
190 | "UPDATE nonces" |
191 | " SET n_itime=datetime('now')" |
191 | " SET n_itime=datetime('now')" |
192 | " WHERE n_once=%Q", |
192 | " WHERE n_once=%Q", |
193 | nonce.c_str()); |
193 | nonce.c_str()); |
194 | db.exec(S); |
194 | db.exec(S); |
195 | } |
195 | } |
196 | |
196 | |
197 | const string get_op_endpoint() const { |
197 | const string get_op_endpoint() const { |
198 | return get_self_url(gw); |
198 | return get_self_url(gw); |
199 | } |
199 | } |
200 | |
200 | |
201 | }; |
201 | }; |
202 | |
202 | |
203 | int main(int argc,char *argv[]) { |
203 | int main(int argc,char *argv[]) { |
204 | try { |
204 | try { |
205 | kingate::plaincgi_interface ci; |
205 | kingate::plaincgi_interface ci; |
206 | kingate::cgi_gateway gw(ci); |
206 | kingate::cgi_gateway gw(ci); |
207 | string op; |
207 | string op; |
208 | try { op = gw.get_param("op"); }catch(kingate::exception_notfound&) { } |
208 | try { op = gw.get_param("op"); }catch(kingate::exception_notfound&) { } |
209 | string message; |
209 | string message; |
210 | if(op=="set_password") { |
210 | if(op=="set_password") { |
211 | example_op_t OP(gw); |
211 | example_op_t OP(gw); |
212 | string password = gw.get_param("password"); |
212 | string password = gw.get_param("password"); |
|