1 files changed, 1 insertions, 1 deletions
diff --git a/test/OP.cc b/test/OP.cc
index c919d7f..ce54d92 100644
--- a/test/OP.cc
+++ b/test/OP.cc
@@ -68,193 +68,193 @@ class example_op_t : public opkele::verify_op {
                        htc.get_value().c_str());
                sqlite3_table_t T; int nr,nc;
                db.get_table(S,T,&nr,&nc);
                if(nr<1)
                    throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation");
            }catch(kingate::exception_notfound& kenf) {
                uuid_t uuid; uuid_generate(uuid);
                htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid)));
                sqlite3_mem_t<char*> S = sqlite3_mprintf(
                        "INSERT INTO ht_sessions (hts_id) VALUES (%Q)",
                        htc.get_value().c_str());
                db.exec(S);
            }
        }
        void set_authorized(bool a) {
            sqlite3_mem_t<char*>
                S = sqlite3_mprintf(
                        "UPDATE ht_sessions"
                        " SET authorized=%d"
                        " WHERE hts_id=%Q",
                        (int)a,htc.get_value().c_str());
            db.exec(S);
        }
        bool get_authorized() {
            sqlite3_mem_t<char*>
                S = sqlite3_mprintf(
                        "SELECT authorized"
                        " FROM ht_sessions"
                        " WHERE hts_id=%Q",
                        htc.get_value().c_str());
            sqlite3_table_t T; int nr,nc;
            db.get_table(S,T,&nr,&nc);
            assert(nr==1); assert(nc=1);
            return opkele::util::string_to_long(T.get(1,0,nc));
        }
        ostream& cookie_header(ostream& o) const {
            o << "Set-Cookie: " << htc.set_cookie_header() << "\n";
            return o;
        }
        opkele::assoc_t alloc_assoc(const string& type,size_t klength,bool sl) {
            uuid_t uuid; uuid_generate(uuid);
            string a_handle = opkele::util::encode_base64(uuid,sizeof(uuid));
            opkele::secret_t a_secret;
            generate_n(
                    back_insert_iterator<opkele::secret_t>(a_secret),klength,
                    rand );
            string ssecret; a_secret.to_base64(ssecret);
            time_t now = time(0);
            int expires_in = sl?3600*2:3600*24*7*2;
            sqlite3_mem_t<char*>
                S = sqlite3_mprintf(
                        "INSERT INTO assoc"
                        " (a_handle,a_type,a_ctime,a_etime,a_secret,a_stateless)"
                        " VALUES ("
                        "  %Q,%Q,datetime('now'),"
                        "  datetime('now','+%d seconds'),"
                        "  %Q,%d );",
                        a_handle.c_str(), type.c_str(),
                        expires_in,
                        ssecret.c_str(), sl );
            db.exec(S);
            return opkele::assoc_t(new opkele::association(
                        "",
                        a_handle, type, a_secret,
                        now+expires_in, sl ));
        }
        opkele::assoc_t retrieve_assoc(const string& h) {
            sqlite3_mem_t<char*>
                S = sqlite3_mprintf(
                        "SELECT"
                        "  a_handle,a_type,a_secret,a_stateless,"
                        "  strftime('%%s',a_etime) AS a_etime,"
                        "  a_itime"
                        " FROM assoc"
                        " WHERE a_handle=%Q AND a_itime IS NULL"
                        "  AND datetime('now') < a_etime"
                        " LIMIT 1",
                        h.c_str() );
            sqlite3_table_t T;
            int nr,nc;
            db.get_table(S,T,&nr,&nc);
            if(nr<1)
                throw opkele::failed_lookup(OPKELE_CP_
                        "couldn't retrieve valid unexpired assoc");
            assert(nr==1); assert(nc==6);
            opkele::secret_t secret; opkele::util::decode_base64(T.get(1,2,nc),secret);
            return opkele::assoc_t(new opkele::association(
                        "", h, T.get(1,1,nc), secret,
                        strtol(T.get(1,4,nc),0,0),
                        strtol(T.get(1,3,nc),0,0) ));
        }
-        string& alloc_nonce(string& nonce,bool stateless) {
+        string& alloc_nonce(string& nonce) {
            uuid_t uuid; uuid_generate(uuid);
            nonce += opkele::util::encode_base64(uuid,sizeof(uuid));
            sqlite3_mem_t<char*>
                S = sqlite3_mprintf(
                        "INSERT INTO nonces"
                        " (n_once) VALUES (%Q)",
                        nonce.c_str() );
            db.exec(S);
            return nonce;
        }
        bool check_nonce(const string& nonce) {
            sqlite3_mem_t<char*>
                S = sqlite3_mprintf(
                        "SELECT 1"
                        " FROM nonces"
                        " WHERE n_once=%Q AND n_itime IS NULL",
                        nonce.c_str());
            sqlite3_table_t T;
            int nr,nc;
            db.get_table(S,T,&nr,&nc);
            return nr>=1;
        }
        void invalidate_nonce(const string& nonce) {
            sqlite3_mem_t<char*>
                S = sqlite3_mprintf(
                        "UPDATE nonces"
                        " SET n_itime=datetime('now')"
                        " WHERE n_once=%Q",
                        nonce.c_str());
            db.exec(S);
        }
        const string get_op_endpoint() const {
            return get_self_url(gw);
        }
 };
 int main(int argc,char *argv[]) {
    try {
        kingate::plaincgi_interface ci;
        kingate::cgi_gateway gw(ci);
        string op;
        try { op = gw.get_param("op"); }catch(kingate::exception_notfound&) { }
        string message;
        if(op=="set_password") {
            example_op_t OP(gw);
            string password = gw.get_param("password");
            sqlite3_mem_t<char*>
                Sget = sqlite3_mprintf("SELECT s_password FROM setup LIMIT 1");
            sqlite3_table_t T; int nr,nc;
            OP.db.get_table(Sget,T,&nr,&nc);
            if(nr>=1)
                throw opkele::exception(OPKELE_CP_ "Password already set");
            sqlite3_mem_t<char*>
                Sset = sqlite3_mprintf(
                        "INSERT INTO setup (s_password) VALUES (%Q)",
                        password.c_str());
            OP.db.exec(Sset);
            op.clear();
            message = "password set";
        }else if(op=="login") {
            example_op_t OP(gw);
            string password = gw.get_param("password");
            sqlite3_mem_t<char*>
                Sget = sqlite3_mprintf("SELECT s_password FROM setup LIMIT 1");
            sqlite3_table_t T; int nr,nc;
            OP.db.get_table(Sget,T,&nr,&nc);
            if(nr<1)
                throw opkele::exception(OPKELE_CP_ "no password set");
            if(password!=T.get(1,0,nc))
                throw opkele::exception(OPKELE_CP_ "wrong password");
            OP.set_authorized(true);
            op.clear();
            message = "logged in";
            OP.cookie_header(cout);
        }else if(op=="logout") {
            example_op_t OP(gw);
            OP.set_authorized(false);
            op.clear();
            message = "logged out";
        }
        string om;
        try { om = gw.get_param("openid.mode"); }catch(kingate::exception_notfound&) { }
        if(op=="xrds") {
            cout <<
                "Content-type: application/xrds+xml\n\n"
                "<?xml version='1.0' encoding='utf-8'?>"
                "<xrds:XRDS xmlns:xrds='xri://$xrds' xmlns='xri://$xrd*($v*2.0)'>"
                 "<XRD>"
                  "<Service>"
                   "<Type>" STURI_OPENID20 "</Type>"
                   "<URI>" << get_self_url(gw) << "</URI>"
                  "</Service>";
            if(gw.has_param("idsel")){
                cout <<

diff --git a/test/OP.cc b/test/OP.cc index c919d7f..ce54d92 100644 --- a/test/OP.cc +++ b/test/OP.cc
@@ -68,193 +68,193 @@ class example_op_t : public opkele::verify_op {
68	htc.get_value().c_str());	68	htc.get_value().c_str());
69	sqlite3_table_t T; int nr,nc;	69	sqlite3_table_t T; int nr,nc;
70	db.get_table(S,T,&nr,&nc);	70	db.get_table(S,T,&nr,&nc);
71	if(nr<1)	71	if(nr<1)
72	throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation");	72	throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation");
73	}catch(kingate::exception_notfound& kenf) {	73	}catch(kingate::exception_notfound& kenf) {
74	uuid_t uuid; uuid_generate(uuid);	74	uuid_t uuid; uuid_generate(uuid);
75	htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid)));	75	htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid)));
76	sqlite3_mem_t<char*> S = sqlite3_mprintf(	76	sqlite3_mem_t<char*> S = sqlite3_mprintf(
77	"INSERT INTO ht_sessions (hts_id) VALUES (%Q)",	77	"INSERT INTO ht_sessions (hts_id) VALUES (%Q)",
78	htc.get_value().c_str());	78	htc.get_value().c_str());
79	db.exec(S);	79	db.exec(S);
80	}	80	}
81	}	81	}
82		82
83	void set_authorized(bool a) {	83	void set_authorized(bool a) {
84	sqlite3_mem_t<char*>	84	sqlite3_mem_t<char*>
85	S = sqlite3_mprintf(	85	S = sqlite3_mprintf(
86	"UPDATE ht_sessions"	86	"UPDATE ht_sessions"
87	" SET authorized=%d"	87	" SET authorized=%d"
88	" WHERE hts_id=%Q",	88	" WHERE hts_id=%Q",
89	(int)a,htc.get_value().c_str());	89	(int)a,htc.get_value().c_str());
90	db.exec(S);	90	db.exec(S);
91	}	91	}
92	bool get_authorized() {	92	bool get_authorized() {
93	sqlite3_mem_t<char*>	93	sqlite3_mem_t<char*>
94	S = sqlite3_mprintf(	94	S = sqlite3_mprintf(
95	"SELECT authorized"	95	"SELECT authorized"
96	" FROM ht_sessions"	96	" FROM ht_sessions"
97	" WHERE hts_id=%Q",	97	" WHERE hts_id=%Q",
98	htc.get_value().c_str());	98	htc.get_value().c_str());
99	sqlite3_table_t T; int nr,nc;	99	sqlite3_table_t T; int nr,nc;
100	db.get_table(S,T,&nr,&nc);	100	db.get_table(S,T,&nr,&nc);
101	assert(nr==1); assert(nc=1);	101	assert(nr==1); assert(nc=1);
102	return opkele::util::string_to_long(T.get(1,0,nc));	102	return opkele::util::string_to_long(T.get(1,0,nc));
103	}	103	}
104		104
105	ostream& cookie_header(ostream& o) const {	105	ostream& cookie_header(ostream& o) const {
106	o << "Set-Cookie: " << htc.set_cookie_header() << "\n";	106	o << "Set-Cookie: " << htc.set_cookie_header() << "\n";
107	return o;	107	return o;
108	}	108	}
109		109
110	opkele::assoc_t alloc_assoc(const string& type,size_t klength,bool sl) {	110	opkele::assoc_t alloc_assoc(const string& type,size_t klength,bool sl) {
111	uuid_t uuid; uuid_generate(uuid);	111	uuid_t uuid; uuid_generate(uuid);
112	string a_handle = opkele::util::encode_base64(uuid,sizeof(uuid));	112	string a_handle = opkele::util::encode_base64(uuid,sizeof(uuid));
113	opkele::secret_t a_secret;	113	opkele::secret_t a_secret;
114	generate_n(	114	generate_n(
115	back_insert_iterator<opkele::secret_t>(a_secret),klength,	115	back_insert_iterator<opkele::secret_t>(a_secret),klength,
116	rand );	116	rand );
117	string ssecret; a_secret.to_base64(ssecret);	117	string ssecret; a_secret.to_base64(ssecret);
118	time_t now = time(0);	118	time_t now = time(0);
119	int expires_in = sl?36002:36002472;	119	int expires_in = sl?36002:36002472;
120	sqlite3_mem_t<char*>	120	sqlite3_mem_t<char*>
121	S = sqlite3_mprintf(	121	S = sqlite3_mprintf(
122	"INSERT INTO assoc"	122	"INSERT INTO assoc"
123	" (a_handle,a_type,a_ctime,a_etime,a_secret,a_stateless)"	123	" (a_handle,a_type,a_ctime,a_etime,a_secret,a_stateless)"
124	" VALUES ("	124	" VALUES ("
125	" %Q,%Q,datetime('now'),"	125	" %Q,%Q,datetime('now'),"
126	" datetime('now','+%d seconds'),"	126	" datetime('now','+%d seconds'),"
127	" %Q,%d );",	127	" %Q,%d );",
128	a_handle.c_str(), type.c_str(),	128	a_handle.c_str(), type.c_str(),
129	expires_in,	129	expires_in,
130	ssecret.c_str(), sl );	130	ssecret.c_str(), sl );
131	db.exec(S);	131	db.exec(S);
132	return opkele::assoc_t(new opkele::association(	132	return opkele::assoc_t(new opkele::association(
133	"",	133	"",
134	a_handle, type, a_secret,	134	a_handle, type, a_secret,
135	now+expires_in, sl ));	135	now+expires_in, sl ));
136	}	136	}
137		137
138	opkele::assoc_t retrieve_assoc(const string& h) {	138	opkele::assoc_t retrieve_assoc(const string& h) {
139	sqlite3_mem_t<char*>	139	sqlite3_mem_t<char*>
140	S = sqlite3_mprintf(	140	S = sqlite3_mprintf(
141	"SELECT"	141	"SELECT"
142	" a_handle,a_type,a_secret,a_stateless,"	142	" a_handle,a_type,a_secret,a_stateless,"
143	" strftime('%%s',a_etime) AS a_etime,"	143	" strftime('%%s',a_etime) AS a_etime,"
144	" a_itime"	144	" a_itime"
145	" FROM assoc"	145	" FROM assoc"
146	" WHERE a_handle=%Q AND a_itime IS NULL"	146	" WHERE a_handle=%Q AND a_itime IS NULL"
147	" AND datetime('now') < a_etime"	147	" AND datetime('now') < a_etime"
148	" LIMIT 1",	148	" LIMIT 1",
149	h.c_str() );	149	h.c_str() );
150	sqlite3_table_t T;	150	sqlite3_table_t T;
151	int nr,nc;	151	int nr,nc;
152	db.get_table(S,T,&nr,&nc);	152	db.get_table(S,T,&nr,&nc);
153	if(nr<1)	153	if(nr<1)
154	throw opkele::failed_lookup(OPKELE_CP_	154	throw opkele::failed_lookup(OPKELE_CP_
155	"couldn't retrieve valid unexpired assoc");	155	"couldn't retrieve valid unexpired assoc");
156	assert(nr==1); assert(nc==6);	156	assert(nr==1); assert(nc==6);
157	opkele::secret_t secret; opkele::util::decode_base64(T.get(1,2,nc),secret);	157	opkele::secret_t secret; opkele::util::decode_base64(T.get(1,2,nc),secret);
158	return opkele::assoc_t(new opkele::association(	158	return opkele::assoc_t(new opkele::association(
159	"", h, T.get(1,1,nc), secret,	159	"", h, T.get(1,1,nc), secret,
160	strtol(T.get(1,4,nc),0,0),	160	strtol(T.get(1,4,nc),0,0),
161	strtol(T.get(1,3,nc),0,0) ));	161	strtol(T.get(1,3,nc),0,0) ));
162	}	162	}
163		163
164	string& alloc_nonce(string& nonce,bool stateless) {	164	string& alloc_nonce(string& nonce) {
165	uuid_t uuid; uuid_generate(uuid);	165	uuid_t uuid; uuid_generate(uuid);
166	nonce += opkele::util::encode_base64(uuid,sizeof(uuid));	166	nonce += opkele::util::encode_base64(uuid,sizeof(uuid));
167	sqlite3_mem_t<char*>	167	sqlite3_mem_t<char*>
168	S = sqlite3_mprintf(	168	S = sqlite3_mprintf(
169	"INSERT INTO nonces"	169	"INSERT INTO nonces"
170	" (n_once) VALUES (%Q)",	170	" (n_once) VALUES (%Q)",
171	nonce.c_str() );	171	nonce.c_str() );
172	db.exec(S);	172	db.exec(S);
173	return nonce;	173	return nonce;
174	}	174	}
175	bool check_nonce(const string& nonce) {	175	bool check_nonce(const string& nonce) {
176	sqlite3_mem_t<char*>	176	sqlite3_mem_t<char*>
177	S = sqlite3_mprintf(	177	S = sqlite3_mprintf(
178	"SELECT 1"	178	"SELECT 1"
179	" FROM nonces"	179	" FROM nonces"
180	" WHERE n_once=%Q AND n_itime IS NULL",	180	" WHERE n_once=%Q AND n_itime IS NULL",
181	nonce.c_str());	181	nonce.c_str());
182	sqlite3_table_t T;	182	sqlite3_table_t T;
183	int nr,nc;	183	int nr,nc;
184	db.get_table(S,T,&nr,&nc);	184	db.get_table(S,T,&nr,&nc);
185	return nr>=1;	185	return nr>=1;
186	}	186	}
187	void invalidate_nonce(const string& nonce) {	187	void invalidate_nonce(const string& nonce) {
188	sqlite3_mem_t<char*>	188	sqlite3_mem_t<char*>
189	S = sqlite3_mprintf(	189	S = sqlite3_mprintf(
190	"UPDATE nonces"	190	"UPDATE nonces"
191	" SET n_itime=datetime('now')"	191	" SET n_itime=datetime('now')"
192	" WHERE n_once=%Q",	192	" WHERE n_once=%Q",
193	nonce.c_str());	193	nonce.c_str());
194	db.exec(S);	194	db.exec(S);
195	}	195	}
196		196
197	const string get_op_endpoint() const {	197	const string get_op_endpoint() const {
198	return get_self_url(gw);	198	return get_self_url(gw);
199	}	199	}
200		200
201	};	201	};
202		202
203	int main(int argc,char *argv[]) {	203	int main(int argc,char *argv[]) {
204	try {	204	try {
205	kingate::plaincgi_interface ci;	205	kingate::plaincgi_interface ci;
206	kingate::cgi_gateway gw(ci);	206	kingate::cgi_gateway gw(ci);
207	string op;	207	string op;
208	try { op = gw.get_param("op"); }catch(kingate::exception_notfound&) { }	208	try { op = gw.get_param("op"); }catch(kingate::exception_notfound&) { }
209	string message;	209	string message;
210	if(op=="set_password") {	210	if(op=="set_password") {
211	example_op_t OP(gw);	211	example_op_t OP(gw);
212	string password = gw.get_param("password");	212	string password = gw.get_param("password");
213	sqlite3_mem_t<char*>	213	sqlite3_mem_t<char*>
214	Sget = sqlite3_mprintf("SELECT s_password FROM setup LIMIT 1");	214	Sget = sqlite3_mprintf("SELECT s_password FROM setup LIMIT 1");
215	sqlite3_table_t T; int nr,nc;	215	sqlite3_table_t T; int nr,nc;
216	OP.db.get_table(Sget,T,&nr,&nc);	216	OP.db.get_table(Sget,T,&nr,&nc);
217	if(nr>=1)	217	if(nr>=1)
218	throw opkele::exception(OPKELE_CP_ "Password already set");	218	throw opkele::exception(OPKELE_CP_ "Password already set");
219	sqlite3_mem_t<char*>	219	sqlite3_mem_t<char*>
220	Sset = sqlite3_mprintf(	220	Sset = sqlite3_mprintf(
221	"INSERT INTO setup (s_password) VALUES (%Q)",	221	"INSERT INTO setup (s_password) VALUES (%Q)",
222	password.c_str());	222	password.c_str());
223	OP.db.exec(Sset);	223	OP.db.exec(Sset);
224	op.clear();	224	op.clear();
225	message = "password set";	225	message = "password set";
226	}else if(op=="login") {	226	}else if(op=="login") {
227	example_op_t OP(gw);	227	example_op_t OP(gw);
228	string password = gw.get_param("password");	228	string password = gw.get_param("password");
229	sqlite3_mem_t<char*>	229	sqlite3_mem_t<char*>
230	Sget = sqlite3_mprintf("SELECT s_password FROM setup LIMIT 1");	230	Sget = sqlite3_mprintf("SELECT s_password FROM setup LIMIT 1");
231	sqlite3_table_t T; int nr,nc;	231	sqlite3_table_t T; int nr,nc;
232	OP.db.get_table(Sget,T,&nr,&nc);	232	OP.db.get_table(Sget,T,&nr,&nc);
233	if(nr<1)	233	if(nr<1)
234	throw opkele::exception(OPKELE_CP_ "no password set");	234	throw opkele::exception(OPKELE_CP_ "no password set");
235	if(password!=T.get(1,0,nc))	235	if(password!=T.get(1,0,nc))
236	throw opkele::exception(OPKELE_CP_ "wrong password");	236	throw opkele::exception(OPKELE_CP_ "wrong password");
237	OP.set_authorized(true);	237	OP.set_authorized(true);
238	op.clear();	238	op.clear();
239	message = "logged in";	239	message = "logged in";
240	OP.cookie_header(cout);	240	OP.cookie_header(cout);
241	}else if(op=="logout") {	241	}else if(op=="logout") {
242	example_op_t OP(gw);	242	example_op_t OP(gw);
243	OP.set_authorized(false);	243	OP.set_authorized(false);
244	op.clear();	244	op.clear();
245	message = "logged out";	245	message = "logged out";
246	}	246	}
247	string om;	247	string om;
248	try { om = gw.get_param("openid.mode"); }catch(kingate::exception_notfound&) { }	248	try { om = gw.get_param("openid.mode"); }catch(kingate::exception_notfound&) { }
249	if(op=="xrds") {	249	if(op=="xrds") {
250	cout <<	250	cout <<
251	"Content-type: application/xrds+xml\n\n"	251	"Content-type: application/xrds+xml\n\n"
252	"<?xml version='1.0' encoding='utf-8'?>"	252	"<?xml version='1.0' encoding='utf-8'?>"
253	"<xrds:XRDS xmlns:xrds='xri://$xrds' xmlns='xri://$xrd($v2.0)'>"	253	"<xrds:XRDS xmlns:xrds='xri://$xrds' xmlns='xri://$xrd($v2.0)'>"
254	"<XRD>"	254	"<XRD>"
255	"<Service>"	255	"<Service>"
256	"<Type>" STURI_OPENID20 "</Type>"	256	"<Type>" STURI_OPENID20 "</Type>"
257	"<URI>" << get_self_url(gw) << "</URI>"	257	"<URI>" << get_self_url(gw) << "</URI>"
258	"</Service>";	258	"</Service>";
259	if(gw.has_param("idsel")){	259	if(gw.has_param("idsel")){
260	cout <<	260	cout <<