summaryrefslogtreecommitdiffabout
authorMichael Krelin <hacker@klever.net>2007-12-09 17:22:06 (UTC)
committer Michael Krelin <hacker@klever.net>2007-12-09 22:08:24 (UTC)
commitc34adc6e274c3dbb63af99ca566000e7d218244c (patch) (unidiff)
tree705624c208deb4eaf8d07c119a883e6f4f35236e
parent60fdaff7888b455b4d07eadc905cefd20f1ddd3c (diff)
downloadlibopkele-c34adc6e274c3dbb63af99ca566000e7d218244c.zip
libopkele-c34adc6e274c3dbb63af99ca566000e7d218244c.tar.gz
libopkele-c34adc6e274c3dbb63af99ca566000e7d218244c.tar.bz2
reworked identity resolution and service discovery
The discovery, which does both XRDS-based (Yadis, XRI, for XRI, using proxy) and HTML-based search, now returns results in opkele:idiscovery_t structure. It uses expat-based parser idigger_t, which itself is not exposed via any header files, but hidden in lib/discovery.cc, the discovery testing program is renamed from openid_resolve to idiscover. Signed-off-by: Michael Krelin <hacker@klever.net>
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--configure.ac9
-rw-r--r--include/Makefile.am2
-rw-r--r--include/opkele/discovery.h33
-rw-r--r--include/opkele/exception.h19
-rw-r--r--include/opkele/openid_service_resolver.h118
-rw-r--r--include/opkele/types.h63
-rw-r--r--include/opkele/uris.h13
-rw-r--r--lib/Makefile.am2
-rw-r--r--lib/discovery.cc375
-rw-r--r--lib/openid_service_resolver.cc298
-rw-r--r--lib/util.cc22
-rw-r--r--test/.gitignore2
-rw-r--r--test/Makefile.am6
-rw-r--r--test/idiscover.cc49
-rw-r--r--test/openid_resolve.cc36
15 files changed, 575 insertions, 472 deletions
diff --git a/configure.ac b/configure.ac
index 2b94b41..1bd1873 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,141 +1,150 @@
1AC_INIT([libopkele], [0.4], [libopkele-bugs@klever.net]) 1AC_INIT([libopkele], [0.4], [libopkele-bugs@klever.net])
2AC_CONFIG_SRCDIR([include/opkele/opkele-config.h]) 2AC_CONFIG_SRCDIR([include/opkele/opkele-config.h])
3AC_CONFIG_HEADERS([config.h include/opkele/acconfig.h]) 3AC_CONFIG_HEADERS([config.h include/opkele/acconfig.h])
4AM_INIT_AUTOMAKE([dist-bzip2]) 4AM_INIT_AUTOMAKE([dist-bzip2])
5 5
6AC_PROG_INSTALL 6AC_PROG_INSTALL
7AC_PROG_CXX 7AC_PROG_CXX
8AC_PROG_CC 8AC_PROG_CC
9AC_PROG_LIBTOOL 9AC_PROG_LIBTOOL
10PKG_PROG_PKG_CONFIG 10PKG_PROG_PKG_CONFIG
11 11
12AC_HEADER_STDC 12AC_HEADER_STDC
13 13
14AC_PATH_PROG([XSLTPROC],[xsltproc],[true]) 14AC_PATH_PROG([XSLTPROC],[xsltproc],[true])
15 15
16AC_MSG_CHECKING([for source tree version]) 16AC_MSG_CHECKING([for source tree version])
17if headrev=$(cd $srcdir && git rev-parse --verify HEAD 2>/dev/null) ; then 17if headrev=$(cd $srcdir && git rev-parse --verify HEAD 2>/dev/null) ; then
18 PACKAGE_SRC_VERSION="$(cd $srcdir && git describe --tags $headrev)" 18 PACKAGE_SRC_VERSION="$(cd $srcdir && git describe --tags $headrev)"
19 test "$PACKAGE_SRC_VERSION" = "$PACKAGE_VERSION" \ 19 test "$PACKAGE_SRC_VERSION" = "$PACKAGE_VERSION" \
20 -o "${PACKAGE_SRC_VERSION#${PACKAGE_VERSION}-}" != "$PACKAGE_SRC_VERSION" || PACKAGE_SRC_VERSION="${PACKAGE_VERSION}:${PACKAGE_SRC_VERSION}" 20 -o "${PACKAGE_SRC_VERSION#${PACKAGE_VERSION}-}" != "$PACKAGE_SRC_VERSION" || PACKAGE_SRC_VERSION="${PACKAGE_VERSION}:${PACKAGE_SRC_VERSION}"
21 ( cd $srcdir && git diff-index $headrev | read dirt ) && PACKAGE_SRC_VERSION="${PACKAGE_SRC_VERSION}-dirty" 21 ( cd $srcdir && git diff-index $headrev | read dirt ) && PACKAGE_SRC_VERSION="${PACKAGE_SRC_VERSION}-dirty"
22else 22else
23 PACKAGE_SRC_VERSION="$PACKAGE_VERSION" 23 PACKAGE_SRC_VERSION="$PACKAGE_VERSION"
24fi 24fi
25AC_MSG_RESULT([$PACKAGE_SRC_VERSION]) 25AC_MSG_RESULT([$PACKAGE_SRC_VERSION])
26AC_SUBST([PACKAGE_SRC_VERSION]) 26AC_SUBST([PACKAGE_SRC_VERSION])
27AC_DEFINE_UNQUOTED([PACKAGE_SRC_VERSION],["$PACKAGE_SRC_VERSION"],[more or less precise source tree version]) 27AC_DEFINE_UNQUOTED([PACKAGE_SRC_VERSION],["$PACKAGE_SRC_VERSION"],[more or less precise source tree version])
28 28
29PKG_CHECK_MODULES([OPENSSL],[openssl],,[ 29PKG_CHECK_MODULES([OPENSSL],[openssl],,[
30 AC_MSG_ERROR([no openssl library found. get one from http://www.openssl.org/]) 30 AC_MSG_ERROR([no openssl library found. get one from http://www.openssl.org/])
31]) 31])
32 32
33WANT_KONFORKA="yes" 33WANT_KONFORKA="yes"
34AC_ARG_ENABLE([konforka], 34AC_ARG_ENABLE([konforka],
35 AC_HELP_STRING([--disable-konforka],[do not use konforka library (default: use if found)]), 35 AC_HELP_STRING([--disable-konforka],[do not use konforka library (default: use if found)]),
36 [ 36 [
37 test "${enableval}" = "no" && WANT_KONFORKA="no" 37 test "${enableval}" = "no" && WANT_KONFORKA="no"
38 ] 38 ]
39) 39)
40if test "${WANT_KONFORKA}" = "yes" ; then 40if test "${WANT_KONFORKA}" = "yes" ; then
41 PKG_CHECK_MODULES([KONFORKA],[konforka],[ 41 PKG_CHECK_MODULES([KONFORKA],[konforka],[
42 AC_SUBST([KONFORKA_CFLAGS]) 42 AC_SUBST([KONFORKA_CFLAGS])
43 AC_SUBST([KONFORKA_LIBS]) 43 AC_SUBST([KONFORKA_LIBS])
44 AC_DEFINE([HAVE_KONFORKA],,[defined in presence of konforka library]) 44 AC_DEFINE([HAVE_KONFORKA],,[defined in presence of konforka library])
45 AC_DEFINE([OPKELE_HAVE_KONFORKA],,[defined in presence of konforka library]) 45 AC_DEFINE([OPKELE_HAVE_KONFORKA],,[defined in presence of konforka library])
46 AC_SUBST([KONFORKA_KONFORKA],[konforka]) 46 AC_SUBST([KONFORKA_KONFORKA],[konforka])
47 ],[true]) 47 ],[true])
48fi 48fi
49 49
50WANT_DOXYGEN="yes" 50WANT_DOXYGEN="yes"
51AC_ARG_ENABLE([doxygen], 51AC_ARG_ENABLE([doxygen],
52 AC_HELP_STRING([--disable-doxygen],[do not generate documentation]), 52 AC_HELP_STRING([--disable-doxygen],[do not generate documentation]),
53 [ 53 [
54 test "${enableval}" = "no" && WANT_DOXYGEN="no" 54 test "${enableval}" = "no" && WANT_DOXYGEN="no"
55 ] 55 ]
56) 56)
57if test "${WANT_DOXYGEN}" = "yes" ; then 57if test "${WANT_DOXYGEN}" = "yes" ; then
58 AC_WITH_DOXYGEN 58 AC_WITH_DOXYGEN
59 AC_WITH_DOT 59 AC_WITH_DOT
60else 60else
61 AM_CONDITIONAL([HAVE_DOXYGEN],[false]) 61 AM_CONDITIONAL([HAVE_DOXYGEN],[false])
62 AM_CONDITIONAL([HAVE_DOT],[false]) 62 AM_CONDITIONAL([HAVE_DOT],[false])
63fi 63fi
64 64
65LIBCURL_CHECK_CONFIG(,,,[ 65LIBCURL_CHECK_CONFIG(,,,[
66 AC_MSG_ERROR([no required libcurl library. get one from http://curl.haxx.se/]) 66 AC_MSG_ERROR([no required libcurl library. get one from http://curl.haxx.se/])
67]) 67])
68 68
69AC_CHECK_HEADER([expat.h],[ 69AC_CHECK_HEADER([expat.h],[
70 AC_CHECK_LIB([expat],[XML_ParserCreate],[ 70 AC_CHECK_LIB([expat],[XML_ParserCreate],[
71 EXPAT_LIBS=-lexpat 71 EXPAT_LIBS=-lexpat
72 EXPAT_CFLAGS= 72 EXPAT_CFLAGS=
73 AC_SUBST([EXPAT_LIBS]) 73 AC_SUBST([EXPAT_LIBS])
74 AC_SUBST([EXPAT_CFLAGS]) 74 AC_SUBST([EXPAT_CFLAGS])
75 ],[ 75 ],[
76 AC_MSG_ERROR([no required expat library. get one from http://expat.sourceforge.net/]) 76 AC_MSG_ERROR([no required expat library. get one from http://expat.sourceforge.net/])
77 ]) 77 ])
78],[ 78],[
79 AC_MSG_ERROR([no required expat library. get one from http://expat.sourceforge.net/]) 79 AC_MSG_ERROR([no required expat library. get one from http://expat.sourceforge.net/])
80]) 80])
81 81
82if test -n "$PCRE_LIBS" -a -n "$PCRE_CFLAGS" ; then 82if test -n "$PCRE_LIBS" -a -n "$PCRE_CFLAGS" ; then
83 AC_SUBST([PCRE_CFLAGS]) 83 AC_SUBST([PCRE_CFLAGS])
84 AC_SUBST([PCRE_LIBS]) 84 AC_SUBST([PCRE_LIBS])
85 : 85 :
86else 86else
87 PKG_CHECK_MODULES([PCRE],[libpcre],,[ 87 PKG_CHECK_MODULES([PCRE],[libpcre],,[
88 AC_MSG_ERROR([no libpcre found, go get it at http://www.pcre.org/]) 88 AC_MSG_ERROR([no libpcre found, go get it at http://www.pcre.org/])
89 ]) 89 ])
90fi 90fi
91 91
92curl_ssl_verify_host="true" 92curl_ssl_verify_host="true"
93AC_ARG_ENABLE([ssl-verify-host], 93AC_ARG_ENABLE([ssl-verify-host],
94 AC_HELP_STRING([--disable-ssl-verify-host],[disable cURL cert/host relationships verification]), 94 AC_HELP_STRING([--disable-ssl-verify-host],[disable cURL cert/host relationships verification]),
95 [ test "${enableval}" = "no" && curl_ssl_verify_host="false" ] 95 [ test "${enableval}" = "no" && curl_ssl_verify_host="false" ]
96) 96)
97${curl_ssl_verify_host} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYHOST],,[defined if cURL is not to verify cert/host]) 97${curl_ssl_verify_host} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYHOST],,[defined if cURL is not to verify cert/host])
98 98
99curl_ssl_verify_peer="true" 99curl_ssl_verify_peer="true"
100AC_ARG_ENABLE([ssl-verify-peer], 100AC_ARG_ENABLE([ssl-verify-peer],
101 AC_HELP_STRING([--disable-ssl-verify-peer],[disable cURL cert validity verification]), 101 AC_HELP_STRING([--disable-ssl-verify-peer],[disable cURL cert validity verification]),
102 [ test "${enableval}" = "no" && curl_ssl_verify_peer="false" ] 102 [ test "${enableval}" = "no" && curl_ssl_verify_peer="false" ]
103) 103)
104${curl_ssl_verify_peer} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYPEER],,[defined if cURL is not to verify cert validity]) 104${curl_ssl_verify_peer} || AC_DEFINE([DISABLE_CURL_SSL_VERIFYPEER],,[defined if cURL is not to verify cert validity])
105 105
106postels_law=true 106postels_law=true
107AC_ARG_ENABLE([postels-law], 107AC_ARG_ENABLE([postels-law],
108 AC_HELP_STRING([--disable-postels-law],[Be strict, do not adhere to Postel's Law ("be conservative in what you do, be liberal in what you accept from others", RFC 793)]), 108 AC_HELP_STRING([--disable-postels-law],[Be strict, do not adhere to Postel's Law ("be conservative in what you do, be liberal in what you accept from others", RFC 793)]),
109 [ test "${enableval}" = "no" && postels_law=false ] 109 [ test "${enableval}" = "no" && postels_law=false ]
110) 110)
111$postels_law && AC_DEFINE([POSTELS_LAW],,[defined if we want to adhere to Postel's Law]) 111$postels_law && AC_DEFINE([POSTELS_LAW],,[defined if we want to adhere to Postel's Law])
112 112
113AC_DEFINE_UNQUOTED([OPKELE_SRC_DIR],["$PWD"],[source directory]) 113AC_DEFINE_UNQUOTED([OPKELE_SRC_DIR],["$PWD"],[source directory])
114 114
115nitpick=false 115nitpick=false
116AC_ARG_ENABLE([nitpicking], 116AC_ARG_ENABLE([nitpicking],
117 AC_HELP_STRING([--enable-nitpicking],[make compiler somewhat overly fastidious about the code it deals with]), 117 AC_HELP_STRING([--enable-nitpicking],[make compiler somewhat overly fastidious about the code it deals with]),
118 [ test "$enableval" = "no" || nitpick=true ] 118 [ test "$enableval" = "no" || nitpick=true ]
119) 119)
120if $nitpick ; then 120if $nitpick ; then
121 CPP_NITPICK="-pedantic -Wall -Wextra -Wundef -Wshadow \ 121 CPP_NITPICK="-pedantic -Wall -Wextra -Wundef -Wshadow \
122 -Wunsafe-loop-optimizations -Wconversion -Wmissing-format-attribute \ 122 -Wunsafe-loop-optimizations -Wconversion -Wmissing-format-attribute \
123 -Wredundant-decls -ansi" 123 -Wredundant-decls -ansi"
124 # -Wlogical-op -Wmissing-noreturn 124 # -Wlogical-op -Wmissing-noreturn
125 C_NITPICK="$CPP_NITPICK" 125 C_NITPICK="$CPP_NITPICK"
126 CXX_NITPICK="$C_NITPICK" 126 CXX_NITPICK="$C_NITPICK"
127 127
128 CPPFLAGS="$CPPFLAGS $CPP_NITPICK" 128 CPPFLAGS="$CPPFLAGS $CPP_NITPICK"
129 CFLAGS="$CFLAGS $C_NITPICK" 129 CFLAGS="$CFLAGS $C_NITPICK"
130 CXXFLAGS="$CXXFLAGS $CXX_NITPICK" 130 CXXFLAGS="$CXXFLAGS $CXX_NITPICK"
131fi 131fi
132 132
133xri_proxy_url="http://beta.xri.net/"
134AC_MSG_CHECKING([for XRI resolver proxy])
135AC_ARG_ENABLE([xri-proxy],
136 AC_HELP_STRING([--with-xri-proxy=url],[set xri proxy for use when resolving xri identities, default is http://xr_proxy_url]),
137 [ xri_proxy_url="$withval" ]
138)
139AC_MSG_RESULT([$xri_proxy_url])
140AC_DEFINE_UNQUOTED([XRI_PROXY_URL],["$xri_proxy_url"],[XRI proxy resolver URL])
141
133AC_CONFIG_FILES([ 142AC_CONFIG_FILES([
134 Makefile 143 Makefile
135 libopkele.pc 144 libopkele.pc
136 Doxyfile 145 Doxyfile
137 include/Makefile 146 include/Makefile
138 lib/Makefile 147 lib/Makefile
139 test/Makefile 148 test/Makefile
140]) 149])
141AC_OUTPUT 150AC_OUTPUT
diff --git a/include/Makefile.am b/include/Makefile.am
index 23c7e0d..0c2928d 100644
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -1,19 +1,19 @@
1nobase_include_HEADERS = \ 1nobase_include_HEADERS = \
2 opkele/acconfig.h \ 2 opkele/acconfig.h \
3 opkele/opkele-config.h \ 3 opkele/opkele-config.h \
4 opkele/types.h \ 4 opkele/types.h \
5 opkele/association.h \ 5 opkele/association.h \
6 opkele/exception.h \ 6 opkele/exception.h \
7 opkele/server.h \ 7 opkele/server.h \
8 opkele/consumer.h \ 8 opkele/consumer.h \
9 opkele/extension.h \ 9 opkele/extension.h \
10 opkele/sreg.h \ 10 opkele/sreg.h \
11 opkele/extension_chain.h \ 11 opkele/extension_chain.h \
12 opkele/xconsumer.h \ 12 opkele/xconsumer.h \
13 opkele/xserver.h \ 13 opkele/xserver.h \
14 opkele/curl.h opkele/expat.h \ 14 opkele/curl.h opkele/expat.h \
15 opkele/openid_service_resolver.h \ 15 opkele/discovery.h \
16 opkele/uris.h 16 opkele/uris.h
17EXTRA_DIST = \ 17EXTRA_DIST = \
18 opkele/data.h \ 18 opkele/data.h \
19 opkele/util.h 19 opkele/util.h
diff --git a/include/opkele/discovery.h b/include/opkele/discovery.h
new file mode 100644
index 0000000..5d7129b
--- a/dev/null
+++ b/include/opkele/discovery.h
@@ -0,0 +1,33 @@
1#ifndef __OPKELE_DISCOVERY_H
2#define __OPKELE_DISCOVERY_H
3
4#include <string>
5#include <opkele/types.h>
6
7namespace opkele {
8 using std::string;
9
10 struct idiscovery_t;
11
12 void idiscover(idiscovery_t& result,const string& identity);
13
14 struct idiscovery_t {
15 string normalized_id;
16 string canonicalized_id;
17 xrd::XRD_t xrd;
18
19 idiscovery_t(const string& i) {
20 idiscover(*this,i);
21 }
22 idiscovery_t(const char *i) {
23 idiscover(*this,i);
24 }
25
26 void clear() {
27 normalized_id.clear(); canonicalized_id.clear();
28 xrd.clear();
29 }
30 };
31}
32
33#endif /* __OPKELE_DISCOVERY_H */
diff --git a/include/opkele/exception.h b/include/opkele/exception.h
index 753a818..a654d59 100644
--- a/include/opkele/exception.h
+++ b/include/opkele/exception.h
@@ -1,226 +1,245 @@
1#ifndef __OPKELE_EXCEPTION_H 1#ifndef __OPKELE_EXCEPTION_H
2#define __OPKELE_EXCEPTION_H 2#define __OPKELE_EXCEPTION_H
3 3
4/** 4/**
5 * @file 5 * @file
6 * @brief opkele exceptions 6 * @brief opkele exceptions
7 */ 7 */
8 8
9#include <curl/curl.h> 9#include <curl/curl.h>
10 10
11#include <opkele/opkele-config.h> 11#include <opkele/opkele-config.h>
12#ifdef OPKELE_HAVE_KONFORKA 12#ifdef OPKELE_HAVE_KONFORKA
13# include <konforka/exception.h> 13# include <konforka/exception.h>
14/** 14/**
15 * the exception parameters declaration 15 * the exception parameters declaration
16 */ 16 */
17# define OPKELE_E_PARS const string& fi,const string&fu,int l,const string& w 17# define OPKELE_E_PARS const string& fi,const string&fu,int l,const string& w
18/** 18/**
19 * the exception parameters list to pass to constructor 19 * the exception parameters list to pass to constructor
20 */ 20 */
21# define OPKELE_E_CONS_ fi,fu,l, 21# define OPKELE_E_CONS_ fi,fu,l,
22/** 22/**
23 * the exception codepoint specification 23 * the exception codepoint specification
24 */ 24 */
25# define OPKELE_CP_ CODEPOINT, 25# define OPKELE_CP_ CODEPOINT,
26/** 26/**
27 * the simple rethrow of konforka-based exception 27 * the simple rethrow of konforka-based exception
28 */ 28 */
29# define OPKELE_RETHROW catch(konforka::exception& e) { e.see(CODEPOINT); throw } 29# define OPKELE_RETHROW catch(konforka::exception& e) { e.see(CODEPOINT); throw }
30#else /* OPKELE_HAVE_KONFORKA */ 30#else /* OPKELE_HAVE_KONFORKA */
31# include <exception> 31# include <exception>
32# include <string> 32# include <string>
33/** 33/**
34 * the exception parameter declaration 34 * the exception parameter declaration
35 */ 35 */
36# define OPKELE_E_PARS const string& w 36# define OPKELE_E_PARS const string& w
37/** 37/**
38 * the dummy prefix for exception parameters list to prepend in the absence of 38 * the dummy prefix for exception parameters list to prepend in the absence of
39 * konforka library 39 * konforka library
40 */ 40 */
41# define OPKELE_E_CONS_ 41# define OPKELE_E_CONS_
42/** 42/**
43 * the dummy placeholder for konforka exception codepoint specification 43 * the dummy placeholder for konforka exception codepoint specification
44 */ 44 */
45# define OPKELE_CP_ 45# define OPKELE_CP_
46/** 46/**
47 * the dummy define for the konforka-based rethrow of exception 47 * the dummy define for the konforka-based rethrow of exception
48 */ 48 */
49# define OPKELE_RETHROW 49# define OPKELE_RETHROW
50#endif /* OPKELE_HAVE_KONFORKA */ 50#endif /* OPKELE_HAVE_KONFORKA */
51/** 51/**
52 * the exception parameters list to pass to constructor 52 * the exception parameters list to pass to constructor
53 */ 53 */
54# define OPKELE_E_CONS OPKELE_E_CONS_ w 54# define OPKELE_E_CONS OPKELE_E_CONS_ w
55 55
56namespace opkele { 56namespace opkele {
57 using std::string; 57 using std::string;
58 58
59 /** 59 /**
60 * the base opkele exception class 60 * the base opkele exception class
61 */ 61 */
62 class exception : public 62 class exception : public
63# ifdef OPKELE_HAVE_KONFORKA 63# ifdef OPKELE_HAVE_KONFORKA
64 konforka::exception 64 konforka::exception
65# else 65# else
66 std::exception 66 std::exception
67# endif 67# endif
68 { 68 {
69 public: 69 public:
70# ifdef OPKELE_HAVE_KONFORKA 70# ifdef OPKELE_HAVE_KONFORKA
71 explicit 71 explicit
72 exception(const string& fi,const string& fu,int l,const string& w) 72 exception(const string& fi,const string& fu,int l,const string& w)
73 : konforka::exception(fi,fu,l,w) { } 73 : konforka::exception(fi,fu,l,w) { }
74# else /* OPKELE_HAVE_KONFORKA */ 74# else /* OPKELE_HAVE_KONFORKA */
75 string _what; 75 string _what;
76 explicit 76 explicit
77 exception(const string& w) 77 exception(const string& w)
78 : _what(w) { } 78 : _what(w) { }
79 virtual ~exception() throw(); 79 virtual ~exception() throw();
80 virtual const char * what() const throw(); 80 virtual const char * what() const throw();
81# endif /* OPKELE_HAVE_KONFORKA */ 81# endif /* OPKELE_HAVE_KONFORKA */
82 }; 82 };
83 83
84 /** 84 /**
85 * thrown in case of failed conversion 85 * thrown in case of failed conversion
86 */ 86 */
87 class failed_conversion : public exception { 87 class failed_conversion : public exception {
88 public: 88 public:
89 failed_conversion(OPKELE_E_PARS) 89 failed_conversion(OPKELE_E_PARS)
90 : exception(OPKELE_E_CONS) { } 90 : exception(OPKELE_E_CONS) { }
91 }; 91 };
92 /** 92 /**
93 * thrown in case of failed lookup (either parameter or persistent store) 93 * thrown in case of failed lookup (either parameter or persistent store)
94 */ 94 */
95 class failed_lookup : public exception { 95 class failed_lookup : public exception {
96 public: 96 public:
97 failed_lookup(OPKELE_E_PARS) 97 failed_lookup(OPKELE_E_PARS)
98 : exception(OPKELE_E_CONS) { } 98 : exception(OPKELE_E_CONS) { }
99 }; 99 };
100 /** 100 /**
101 * thrown in case of bad input (either local or network) 101 * thrown in case of bad input (either local or network)
102 */ 102 */
103 class bad_input : public exception { 103 class bad_input : public exception {
104 public: 104 public:
105 bad_input(OPKELE_E_PARS) 105 bad_input(OPKELE_E_PARS)
106 : exception(OPKELE_E_CONS) { } 106 : exception(OPKELE_E_CONS) { }
107 }; 107 };
108 108
109 /** 109 /**
110 * thrown on failed assertion 110 * thrown on failed assertion
111 */ 111 */
112 class failed_assertion : public exception { 112 class failed_assertion : public exception {
113 public: 113 public:
114 failed_assertion(OPKELE_E_PARS) 114 failed_assertion(OPKELE_E_PARS)
115 : exception(OPKELE_E_CONS) { } 115 : exception(OPKELE_E_CONS) { }
116 }; 116 };
117 117
118 /** 118 /**
119 * thrown if the handle being retrieved is invalid 119 * thrown if the handle being retrieved is invalid
120 */ 120 */
121 class invalid_handle : public exception { 121 class invalid_handle : public exception {
122 public: 122 public:
123 invalid_handle(OPKELE_E_PARS) 123 invalid_handle(OPKELE_E_PARS)
124 : exception(OPKELE_E_CONS) { } 124 : exception(OPKELE_E_CONS) { }
125 }; 125 };
126 /** 126 /**
127 * thrown if the handle passed to check_authentication request is not 127 * thrown if the handle passed to check_authentication request is not
128 * stateless 128 * stateless
129 */ 129 */
130 class stateful_handle : public exception { 130 class stateful_handle : public exception {
131 public: 131 public:
132 stateful_handle(OPKELE_E_PARS) 132 stateful_handle(OPKELE_E_PARS)
133 : exception(OPKELE_E_CONS) { } 133 : exception(OPKELE_E_CONS) { }
134 }; 134 };
135 135
136 /** 136 /**
137 * thrown if check_authentication request fails 137 * thrown if check_authentication request fails
138 */ 138 */
139 class failed_check_authentication : public exception { 139 class failed_check_authentication : public exception {
140 public: 140 public:
141 failed_check_authentication(OPKELE_E_PARS) 141 failed_check_authentication(OPKELE_E_PARS)
142 : exception(OPKELE_E_CONS) { } 142 : exception(OPKELE_E_CONS) { }
143 }; 143 };
144 144
145 /** 145 /**
146 * thrown if the id_res request result is negative 146 * thrown if the id_res request result is negative
147 */ 147 */
148 class id_res_failed : public exception { 148 class id_res_failed : public exception {
149 public: 149 public:
150 id_res_failed(OPKELE_E_PARS) 150 id_res_failed(OPKELE_E_PARS)
151 : exception(OPKELE_E_CONS) { } 151 : exception(OPKELE_E_CONS) { }
152 }; 152 };
153 /** 153 /**
154 * thrown if the user_setup_url is provided with negative response 154 * thrown if the user_setup_url is provided with negative response
155 */ 155 */
156 class id_res_setup : public id_res_failed { 156 class id_res_setup : public id_res_failed {
157 public: 157 public:
158 string setup_url; 158 string setup_url;
159 id_res_setup(OPKELE_E_PARS,const string& su) 159 id_res_setup(OPKELE_E_PARS,const string& su)
160 : id_res_failed(OPKELE_E_CONS), setup_url(su) { } 160 : id_res_failed(OPKELE_E_CONS), setup_url(su) { }
161 ~id_res_setup() throw() { } 161 ~id_res_setup() throw() { }
162 }; 162 };
163 /** 163 /**
164 * thrown in case of signature mismatch 164 * thrown in case of signature mismatch
165 */ 165 */
166 class id_res_mismatch : public id_res_failed { 166 class id_res_mismatch : public id_res_failed {
167 public: 167 public:
168 id_res_mismatch(OPKELE_E_PARS) 168 id_res_mismatch(OPKELE_E_PARS)
169 : id_res_failed(OPKELE_E_CONS) { } 169 : id_res_failed(OPKELE_E_CONS) { }
170 }; 170 };
171 171
172 /** 172 /**
173 * openssl malfunction occured 173 * openssl malfunction occured
174 */ 174 */
175 class exception_openssl : public exception { 175 class exception_openssl : public exception {
176 public: 176 public:
177 unsigned long _error; 177 unsigned long _error;
178 string _ssl_string; 178 string _ssl_string;
179 exception_openssl(OPKELE_E_PARS); 179 exception_openssl(OPKELE_E_PARS);
180 ~exception_openssl() throw() { } 180 ~exception_openssl() throw() { }
181 }; 181 };
182 182
183 /** 183 /**
184 * network operation related error occured 184 * network operation related error occured
185 */ 185 */
186 class exception_network : public exception { 186 class exception_network : public exception {
187 public: 187 public:
188 exception_network(OPKELE_E_PARS) 188 exception_network(OPKELE_E_PARS)
189 : exception(OPKELE_E_CONS) { } 189 : exception(OPKELE_E_CONS) { }
190 }; 190 };
191 191
192 /** 192 /**
193 * network operation related error occured, specifically, related to 193 * network operation related error occured, specifically, related to
194 * libcurl 194 * libcurl
195 */ 195 */
196 class exception_curl : public exception_network { 196 class exception_curl : public exception_network {
197 public: 197 public:
198 CURLcode _error; 198 CURLcode _error;
199 string _curl_string; 199 string _curl_string;
200 exception_curl(OPKELE_E_PARS); 200 exception_curl(OPKELE_E_PARS);
201 exception_curl(OPKELE_E_PARS,CURLcode e); 201 exception_curl(OPKELE_E_PARS,CURLcode e);
202 ~exception_curl() throw() { } 202 ~exception_curl() throw() { }
203 }; 203 };
204 204
205 /** 205 /**
206 * exception thrown in case of failed discovery
207 */
208 class failed_discovery : public exception {
209 public:
210 failed_discovery(OPKELE_E_PARS)
211 : exception(OPKELE_E_CONS) { }
212 };
213
214 /**
215 * unsuccessfull xri resolution
216 */
217 class failed_xri_resolution : public failed_discovery {
218 public:
219 long _code;
220 failed_xri_resolution(OPKELE_E_PARS,long _c=-1)
221 : failed_discovery(OPKELE_E_CONS), _code(_c) { }
222 };
223
224 /**
206 * not implemented (think pure virtual) member function executed, signfies 225 * not implemented (think pure virtual) member function executed, signfies
207 * programmer error 226 * programmer error
208 */ 227 */
209 class not_implemented : public exception { 228 class not_implemented : public exception {
210 public: 229 public:
211 not_implemented(OPKELE_E_PARS) 230 not_implemented(OPKELE_E_PARS)
212 : exception(OPKELE_E_CONS) { } 231 : exception(OPKELE_E_CONS) { }
213 }; 232 };
214 233
215 /** 234 /**
216 * internal error, indicates internal libopkele problem 235 * internal error, indicates internal libopkele problem
217 */ 236 */
218 class internal_error : public exception { 237 class internal_error : public exception {
219 public: 238 public:
220 internal_error(OPKELE_E_PARS) 239 internal_error(OPKELE_E_PARS)
221 : exception(OPKELE_E_CONS) { } 240 : exception(OPKELE_E_CONS) { }
222 }; 241 };
223 242
224} 243}
225 244
226#endif /* __OPKELE_EXCEPTION_H */ 245#endif /* __OPKELE_EXCEPTION_H */
diff --git a/include/opkele/openid_service_resolver.h b/include/opkele/openid_service_resolver.h
deleted file mode 100644
index 64edd28..0000000
--- a/include/opkele/openid_service_resolver.h
+++ b/dev/null
@@ -1,118 +0,0 @@
1#ifndef __OPKELE_OPENID_SERVICE_RESOLVER_H
2#define __OPKELE_OPENID_SERVICE_RESOLVER_H
3
4#include <climits>
5#include <string>
6#include <list>
7#include <set>
8#include <map>
9#include <opkele/curl.h>
10#include <opkele/expat.h>
11
12namespace opkele {
13 using std::list;
14 using std::string;
15 using std::set;
16 using std::map;
17
18 struct openid_auth_SEP_t {
19 long priority;
20 set<string> xrd_Type;
21 string xrd_URI;
22 string openid_Delegate;
23
24 openid_auth_SEP_t() : priority(LONG_MAX) { }
25 };
26
27 struct openid_auth_info_t {
28 string canonical_id;
29 openid_auth_SEP_t auth_SEP;
30 };
31
32
33 class openid_service_resolver_t : public util::curl_t, public util::expat_t {
34 public:
35 string xri_proxy;
36
37 openid_service_resolver_t(const string& xp="");
38 ~openid_service_resolver_t() throw() { }
39
40 const openid_auth_info_t& resolve(const string& id);
41
42 enum state_t {
43 state_parse = 0,
44 state_stopping_head, state_stopping_body,
45 state_stopping_size
46 };
47 state_t state;
48
49 struct parser_node_t {
50 string element;
51 string content;
52 typedef map<string,string> attrs_t;
53 attrs_t attrs;
54 bool skip_text, skip_tags;
55 openid_auth_info_t auth_info;
56
57 parser_node_t(const XML_Char *n,const XML_Char **a)
58 : skip_text(true), skip_tags(true)
59 {
60 element = n;
61 for(;*a;a+=2)
62 attrs[a[0]] = a[1];
63 }
64
65 };
66
67 class parser_tree_t : public list<parser_node_t> {
68 public:
69 const_reference top() const { return back(); }
70 reference top() { return back(); }
71
72 const_reference parent() const {
73 const_reverse_iterator rv = rbegin();
74 return *(++rv); }
75 reference parent() {
76 reverse_iterator rv = rbegin();
77 return *(++rv); }
78
79 inline void pop() { pop_back(); }
80 inline void push(const_reference e) { push_back(e); }
81
82 void push(const XML_Char *n,const XML_Char **a) {
83 parser_node_t nn(n,a);
84 if(empty())
85 nn.skip_text = nn.skip_tags = true;
86 else{
87 const_reference t = top();
88 nn.skip_text = t.skip_text; nn.skip_tags = t.skip_tags;
89 }
90 push(nn);
91 }
92 };
93 parser_tree_t tree;
94
95 void start_element(const XML_Char *n,const XML_Char **a);
96 void end_element(const XML_Char *n);
97 void character_data(const XML_Char *s,int l);
98
99 string xrds_location;
100 openid_auth_SEP_t html_SEP;
101 openid_auth_info_t auth_info;
102
103 void pop_tag();
104
105 size_t write(void *p,size_t s,size_t nm);
106
107 string http_content_type;
108
109 size_t header(void *p,size_t s,size_t nm);
110
111 bool xri_mode;
112
113 void discover_service(const string& url,bool xri=false);
114 };
115
116}
117
118#endif /* __OPKELE_OPENID_SERVICE_RESOLVER_H */
diff --git a/include/opkele/types.h b/include/opkele/types.h
index f732a1e..520618d 100644
--- a/include/opkele/types.h
+++ b/include/opkele/types.h
@@ -1,172 +1,235 @@
1#ifndef __OPKELE_TYPES_H 1#ifndef __OPKELE_TYPES_H
2#define __OPKELE_TYPES_H 2#define __OPKELE_TYPES_H
3 3
4/** 4/**
5 * @file 5 * @file
6 * @brief various types declarations 6 * @brief various types declarations
7 */ 7 */
8 8
9#include <ostream> 9#include <ostream>
10#include <vector> 10#include <vector>
11#include <string> 11#include <string>
12#include <map> 12#include <map>
13#include <memory> 13#include <memory>
14#include <set>
14 15
15namespace opkele { 16namespace opkele {
16 using std::vector; 17 using std::vector;
17 using std::string; 18 using std::string;
18 using std::map; 19 using std::map;
19 using std::ostream; 20 using std::ostream;
20 using std::auto_ptr; 21 using std::auto_ptr;
22 using std::multimap;
23 using std::set;
21 24
22 /** 25 /**
23 * the OpenID operation mode 26 * the OpenID operation mode
24 */ 27 */
25 typedef enum _mode_t { 28 typedef enum _mode_t {
26 mode_associate, 29 mode_associate,
27 mode_checkid_immediate, 30 mode_checkid_immediate,
28 mode_checkid_setup, 31 mode_checkid_setup,
29 mode_check_association 32 mode_check_association
30 } mode_t; 33 } mode_t;
31 34
32 /** 35 /**
33 * the association secret container 36 * the association secret container
34 */ 37 */
35 class secret_t : public vector<unsigned char> { 38 class secret_t : public vector<unsigned char> {
36 public: 39 public:
37 40
38 /** 41 /**
39 * xor the secret and hmac together and encode, using base64 42 * xor the secret and hmac together and encode, using base64
40 * @param key_sha1 pointer to the sha1 digest 43 * @param key_sha1 pointer to the sha1 digest
41 * @param rv reference to the return value 44 * @param rv reference to the return value
42 */ 45 */
43 void enxor_to_base64(const unsigned char *key_sha1,string& rv) const; 46 void enxor_to_base64(const unsigned char *key_sha1,string& rv) const;
44 /** 47 /**
45 * decode base64-encoded secret and xor it with the sha1 digest 48 * decode base64-encoded secret and xor it with the sha1 digest
46 * @param key_sha1 pointer to the message digest 49 * @param key_sha1 pointer to the message digest
47 * @param b64 base64-encoded secret value 50 * @param b64 base64-encoded secret value
48 */ 51 */
49 void enxor_from_base64(const unsigned char *key_sha1,const string& b64); 52 void enxor_from_base64(const unsigned char *key_sha1,const string& b64);
50 /** 53 /**
51 * plainly encode to base64 representation 54 * plainly encode to base64 representation
52 * @param rv reference to the return value 55 * @param rv reference to the return value
53 */ 56 */
54 void to_base64(string& rv) const; 57 void to_base64(string& rv) const;
55 /** 58 /**
56 * decode cleartext secret from base64 59 * decode cleartext secret from base64
57 * @param b64 base64-encoded representation of the secret value 60 * @param b64 base64-encoded representation of the secret value
58 */ 61 */
59 void from_base64(const string& b64); 62 void from_base64(const string& b64);
60 }; 63 };
61 64
62 /** 65 /**
63 * Interface to the association. 66 * Interface to the association.
64 */ 67 */
65 class association_t { 68 class association_t {
66 public: 69 public:
67 70
68 virtual ~association_t() { } 71 virtual ~association_t() { }
69 72
70 /** 73 /**
71 * retrieve the server with which association was established. 74 * retrieve the server with which association was established.
72 * @return server name 75 * @return server name
73 */ 76 */
74 virtual string server() const = 0; 77 virtual string server() const = 0;
75 /** 78 /**
76 * retrieve the association handle. 79 * retrieve the association handle.
77 * @return handle 80 * @return handle
78 */ 81 */
79 virtual string handle() const = 0; 82 virtual string handle() const = 0;
80 /** 83 /**
81 * retrieve the association type. 84 * retrieve the association type.
82 * @return association type 85 * @return association type
83 */ 86 */
84 virtual string assoc_type() const = 0; 87 virtual string assoc_type() const = 0;
85 /** 88 /**
86 * retrieve the association secret. 89 * retrieve the association secret.
87 * @return association secret 90 * @return association secret
88 */ 91 */
89 virtual secret_t secret() const = 0; 92 virtual secret_t secret() const = 0;
90 /** 93 /**
91 * retrieve the number of seconds the association expires in. 94 * retrieve the number of seconds the association expires in.
92 * @return seconds till expiration 95 * @return seconds till expiration
93 */ 96 */
94 virtual int expires_in() const = 0; 97 virtual int expires_in() const = 0;
95 /** 98 /**
96 * check whether the association is stateless. 99 * check whether the association is stateless.
97 * @return true if stateless 100 * @return true if stateless
98 */ 101 */
99 virtual bool stateless() const = 0; 102 virtual bool stateless() const = 0;
100 /** 103 /**
101 * check whether the association is expired. 104 * check whether the association is expired.
102 * @return true if expired 105 * @return true if expired
103 */ 106 */
104 virtual bool is_expired() const = 0; 107 virtual bool is_expired() const = 0;
105 }; 108 };
106 109
107 /** 110 /**
108 * the auto_ptr<> for association_t object type 111 * the auto_ptr<> for association_t object type
109 */ 112 */
110 typedef auto_ptr<association_t> assoc_t; 113 typedef auto_ptr<association_t> assoc_t;
111 114
112 /** 115 /**
113 * request/response parameters map 116 * request/response parameters map
114 */ 117 */
115 class params_t : public map<string,string> { 118 class params_t : public map<string,string> {
116 public: 119 public:
117 120
118 /** 121 /**
119 * check whether the parameter is present. 122 * check whether the parameter is present.
120 * @param n the parameter name 123 * @param n the parameter name
121 * @return true if yes 124 * @return true if yes
122 */ 125 */
123 bool has_param(const string& n) const; 126 bool has_param(const string& n) const;
124 /** 127 /**
125 * retrieve the parameter (const version) 128 * retrieve the parameter (const version)
126 * @param n the parameter name 129 * @param n the parameter name
127 * @return the parameter value 130 * @return the parameter value
128 * @throw failed_lookup if there is no such parameter 131 * @throw failed_lookup if there is no such parameter
129 */ 132 */
130 const string& get_param(const string& n) const; 133 const string& get_param(const string& n) const;
131 /** 134 /**
132 * retrieve the parameter. 135 * retrieve the parameter.
133 * @param n the parameter name 136 * @param n the parameter name
134 * @return the parameter value 137 * @return the parameter value
135 * @throw failed_lookup if there is no such parameter 138 * @throw failed_lookup if there is no such parameter
136 */ 139 */
137 string& get_param(const string& n); 140 string& get_param(const string& n);
138 141
139 /** 142 /**
140 * parse the OpenID key/value data. 143 * parse the OpenID key/value data.
141 * @param kv the OpenID key/value data 144 * @param kv the OpenID key/value data
142 */ 145 */
143 void parse_keyvalues(const string& kv); 146 void parse_keyvalues(const string& kv);
144 /** 147 /**
145 * sign the fields. 148 * sign the fields.
146 * @param secret the secret used for signing 149 * @param secret the secret used for signing
147 * @param sig reference to the string, containing base64-encoded 150 * @param sig reference to the string, containing base64-encoded
148 * result 151 * result
149 * @param slist the comma-separated list of fields to sign 152 * @param slist the comma-separated list of fields to sign
150 * @param prefix the string to prepend to parameter names 153 * @param prefix the string to prepend to parameter names
151 */ 154 */
152 void sign(secret_t secret,string& sig,const string& slist,const char *prefix=0) const; 155 void sign(secret_t secret,string& sig,const string& slist,const char *prefix=0) const;
153 156
154 /** 157 /**
155 * append parameters to the URL as a GET-request parameters. 158 * append parameters to the URL as a GET-request parameters.
156 * @param url the base URL 159 * @param url the base URL
157 * @param prefix the string to prepend to parameter names 160 * @param prefix the string to prepend to parameter names
158 * @return the ready-to-use location 161 * @return the ready-to-use location
159 */ 162 */
160 string append_query(const string& url,const char *prefix = "openid.") const; 163 string append_query(const string& url,const char *prefix = "openid.") const;
161 }; 164 };
162 165
163 /** 166 /**
164 * dump the key/value pairs for the parameters to the stream. 167 * dump the key/value pairs for the parameters to the stream.
165 * @param o output stream 168 * @param o output stream
166 * @param p the parameters 169 * @param p the parameters
167 */ 170 */
168 ostream& operator << (ostream& o,const params_t& p); 171 ostream& operator << (ostream& o,const params_t& p);
169 172
173 namespace xrd {
174
175 struct priority_compare {
176 inline bool operator()(long a,long b) const {
177 return (a<0) ? false : (b<0) ? false : (a<b);
178 }
179 };
180
181 template <typename _DT>
182 class priority_map : public multimap<long,_DT,priority_compare> {
183 typedef multimap<long,_DT,priority_compare> map_type;
184 public:
185
186 inline _DT& add(long priority,const _DT& d) {
187 return insert(typename map_type::value_type(priority,d))->second;
188 }
189 };
190
191 typedef priority_map<string> canonical_ids_t;
192 typedef priority_map<string> local_ids_t;
193 typedef set<string> types_t;
194 typedef priority_map<string> uris_t;
195
196 class service_t {
197 public:
198 types_t types;
199 uris_t uris;
200 local_ids_t local_ids;
201
202 void clear() {
203 types.clear();
204 uris.clear(); local_ids.clear();
205 }
206 };
207 typedef priority_map<service_t> services_t;
208
209 class XRD_t {
210 public:
211 time_t expires;
212
213 canonical_ids_t canonical_ids;
214 local_ids_t local_ids;
215 services_t services;
216
217 void clear() {
218 expires = 0;
219 canonical_ids.clear(); local_ids.clear();
220 services.clear();
221 }
222 bool empty() const {
223 return
224 canonical_ids.empty()
225 && local_ids.empty()
226 && services.empty();
227 }
228
229 };
230
231 }
232
170} 233}
171 234
172#endif /* __OPKELE_TYPES_H */ 235#endif /* __OPKELE_TYPES_H */
diff --git a/include/opkele/uris.h b/include/opkele/uris.h
index 9a6a3cd..a432b13 100644
--- a/include/opkele/uris.h
+++ b/include/opkele/uris.h
@@ -1,10 +1,15 @@
1#ifndef __OPKELE_URIS_H 1#ifndef __OPKELE_URIS_H
2#define __OPKELE_URIS_H 2#define __OPKELE_URIS_H
3 3
4#define NSURI_XRDS "xri://$xrds" 4 #define NSURI_XRDS "xri://$xrds"
5#define NSURI_XRD "xri://$xrd*($v*2.0)" 5 #define NSURI_XRD "xri://$xrd*($v*2.0)"
6#define NSURI_OPENID10 "http://openid.net/xmlns/1.0" 6 #define NSURI_OPENID10 "http://openid.net/xmlns/1.0"
7 7
8#define STURI_OPENID10 "http://openid.net/signon/1.0" 8 #define STURI_OPENID10 "http://openid.net/signon/1.0"
9 #define STURI_OPENID11 "http://openid.net/signon/1.1"
10 #define STURI_OPENID20 "http://specs.openid.net/auth/2.0/signon"
11 #define STURI_OPENID20_OP"http://specs.openid.net/auth/2.0/server"
12
13 #define IDURI_SELECT20 "http://specs.openid.net/auth/2.0/identifier_select"
9 14
10#endif /* __OPKELE_URIS_H */ 15#endif /* __OPKELE_URIS_H */
diff --git a/lib/Makefile.am b/lib/Makefile.am
index b278faf..185411f 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -1,30 +1,30 @@
1lib_LTLIBRARIES = libopkele.la 1lib_LTLIBRARIES = libopkele.la
2 2
3DEFAULT_INCLUDES = -I${top_builddir} 3DEFAULT_INCLUDES = -I${top_builddir}
4INCLUDES = \ 4INCLUDES = \
5 -I${top_srcdir}/include/ \ 5 -I${top_srcdir}/include/ \
6 ${KONFORKA_CFLAGS} \ 6 ${KONFORKA_CFLAGS} \
7 ${OPENSSL_CFLAGS} \ 7 ${OPENSSL_CFLAGS} \
8 ${LIBCURL_CPPFLAGS} \ 8 ${LIBCURL_CPPFLAGS} \
9 ${PCRE_CFLAGS} ${EXPAT_CFLAGS} 9 ${PCRE_CFLAGS} ${EXPAT_CFLAGS}
10libopkele_la_LIBADD = \ 10libopkele_la_LIBADD = \
11 ${LIBCURL} \ 11 ${LIBCURL} \
12 ${PCRE_LIBS} ${EXPAT_LIBS} \ 12 ${PCRE_LIBS} ${EXPAT_LIBS} \
13 ${OPENSSL_LIBS} \ 13 ${OPENSSL_LIBS} \
14 ${KONFORKA_LIBS} 14 ${KONFORKA_LIBS}
15 15
16libopkele_la_SOURCES = \ 16libopkele_la_SOURCES = \
17 params.cc \ 17 params.cc \
18 util.cc \ 18 util.cc \
19 server.cc \ 19 server.cc \
20 secret.cc \ 20 secret.cc \
21 data.cc \ 21 data.cc \
22 consumer.cc \ 22 consumer.cc \
23 exception.cc \ 23 exception.cc \
24 extension.cc \ 24 extension.cc \
25 sreg.cc \ 25 sreg.cc \
26 extension_chain.cc \ 26 extension_chain.cc \
27 curl.cc expat.cc \ 27 curl.cc expat.cc \
28 openid_service_resolver.cc 28 discovery.cc
29libopkele_la_LDFLAGS = \ 29libopkele_la_LDFLAGS = \
30 -version-info 2:0:0 30 -version-info 2:0:0
diff --git a/lib/discovery.cc b/lib/discovery.cc
new file mode 100644
index 0000000..a35ce32
--- a/dev/null
+++ b/lib/discovery.cc
@@ -0,0 +1,375 @@
1#include <iostream>
2using namespace std;
3#include <list>
4#include <opkele/curl.h>
5#include <opkele/expat.h>
6#include <opkele/uris.h>
7#include <opkele/discovery.h>
8#include <opkele/exception.h>
9#include <opkele/util.h>
10
11#include "config.h"
12
13#define XRDS_HEADER "X-XRDS-Location"
14#define CT_HEADER "Content-Type"
15
16namespace opkele {
17 using std::list;
18 using xrd::XRD_t;
19 using xrd::service_t;
20
21 static const char *whitespace = " \t\r\n";
22 static const char *i_leaders = "=@+$!(";
23
24 static inline bool is_qelement(const XML_Char *n,const char *qen) {
25 return !strcasecmp(n,qen);
26 }
27 static inline bool is_element(const XML_Char *n,const char *en) {
28 if(!strcasecmp(n,en)) return true;
29 int nl = strlen(n), enl = strlen(en);
30 if( (nl>=(enl+1)) && n[nl-enl-1]=='\t'
31 && !strcasecmp(&n[nl-enl],en) )
32 return true;
33 return false;
34 }
35
36 static long element_priority(const XML_Char **a) {
37 for(;*a;++a)
38 if(!strcasecmp(*(a++),"priority")) {
39 long rv;
40 return (sscanf(*a,"%ld",&rv)==1)?rv:-1;
41 }
42 return -1;
43 }
44
45 class idigger_t : public util::curl_t, public util::expat_t {
46 public:
47 string xri_proxy;
48
49 enum {
50 xmode_html = 1, xmode_xrd = 2
51 };
52 int xmode;
53
54 string xrds_location;
55 string http_content_type;
56 service_t html_openid1;
57 service_t html_openid2;
58 string cdata_buf;
59 long status_code;
60 string status_string;
61
62 typedef list<string> pt_stack_t;
63 pt_stack_t pt_stack;
64 int skipping;
65
66 XRD_t *xrd;
67 service_t *xrd_service;
68 string* cdata;
69
70 idigger_t()
71 : util::curl_t(easy_init()),
72 util::expat_t(0),
73 xri_proxy(XRI_PROXY_URL) {
74 CURLcode r;
75 (r=misc_sets())
76 || (r=set_write())
77 || (r=set_header())
78 ;
79 if(r)
80 throw exception_curl(OPKELE_CP_ "failed to set curly options",r);
81 }
82 ~idigger_t() throw() { }
83
84 void discover(idiscovery_t& result,const string& identity) {
85 result.clear();
86 string::size_type fsc = identity.find_first_not_of(whitespace);
87 if(fsc==string::npos)
88 throw bad_input(OPKELE_CP_ "whtiespace-only identity");
89 string::size_type lsc = identity.find_last_not_of(whitespace);
90 assert(lsc!=string::npos);
91 if(!strncasecmp(identity.c_str()+fsc,"xri://",sizeof("xri://")-1))
92 fsc += sizeof("xri://")-1;
93 if((fsc+1)>=lsc)
94 throw bad_input(OPKELE_CP_ "not a character of importance in identity");
95 string id(identity,fsc,lsc-fsc+1);
96 if(strchr(i_leaders,id[0])) {
97 result.normalized_id = id;
98 /* TODO: further canonicalize xri identity? Like folding case or whatever... */
99 discover_at(
100 result,
101 xri_proxy + util::url_encode(id)+
102 "?_xrd_r=application/xrd+xml;sep=false", xmode_xrd);
103 if(status_code!=100)
104 throw failed_xri_resolution(OPKELE_CP_
105 "XRI resolution failed with '"+status_string+"' message",status_code);
106 if(result.xrd.canonical_ids.empty())
107 throw opkele::failed_discovery(OPKELE_CP_ "No CanonicalID for XRI identity found");
108 }else{
109 if(id.find("://")==string::npos)
110 id.insert(0,"http://");
111 string::size_type fp = id.find('#');
112 if(fp!=string::npos) {
113 string::size_type qp = id.find('?');
114 if(qp==string::npos || qp<fp)
115 id.erase(fp);
116 else if(qp>fp)
117 id.erase(fp,qp-fp);
118 }
119 result.normalized_id = util::rfc_3986_normalize_uri(id);
120 discover_at(result,id,xmode_html|xmode_xrd);
121 const char * eu = 0;
122 CURLcode r = easy_getinfo(CURLINFO_EFFECTIVE_URL,&eu);
123 if(r)
124 throw exception_curl(OPKELE_CP_ "failed to get CURLINFO_EFFECTIVE_URL",r);
125 result.canonicalized_id = util::rfc_3986_normalize_uri(eu); /* XXX: strip fragment part? */
126 if(xrds_location.empty()) {
127 html2xrd(result.xrd);
128 }else{
129 discover_at(result,xrds_location,xmode_xrd);
130 if(result.xrd.empty())
131 html2xrd(result.xrd);
132 }
133 }
134 }
135
136 void discover_at(idiscovery_t& result,const string& url,int xm) {
137 CURLcode r = easy_setopt(CURLOPT_URL,url.c_str());
138 if(r)
139 throw exception_curl(OPKELE_CP_ "failed to set culry urlie",r);
140
141 (*(expat_t*)this) = parser_create_ns();
142 set_user_data(); set_element_handler();
143 set_character_data_handler();
144
145 xrds_location.clear(); http_content_type.clear();
146 xmode = xm;
147 if(xmode&xmode_html) {
148 xrds_location.clear();
149 html_openid1.clear(); html_openid2.clear();
150 }
151 xrd = &result.xrd;
152 cdata = 0; xrd_service = 0; skipping = 0;
153 status_code = 100; status_string.clear();
154
155 r = easy_perform();
156 if(r && r!=CURLE_WRITE_ERROR)
157 throw exception_curl(OPKELE_CP_ "failed to perform curly request",r);
158
159 parse(0,0,true);
160 }
161
162 void html2xrd(XRD_t& x) {
163 if(!html_openid1.uris.empty()) {
164 html_openid1.types.insert(STURI_OPENID11);
165 x.services.add(-1,html_openid1);
166 }
167 if(!html_openid2.uris.empty()) {
168 html_openid2.types.insert(STURI_OPENID20);
169 x.services.add(-1,html_openid2);
170 }
171 }
172
173 size_t write(void *p,size_t s,size_t nm) {
174 if(skipping<0) return 0;
175 /* TODO: limit total size */
176 size_t bytes = s*nm;
177 parse((const char *)p,bytes,false);
178 return bytes;
179 }
180 size_t header(void *p,size_t s,size_t nm) {
181 size_t bytes = s*nm;
182 const char *h = (const char*)p;
183 const char *colon = (const char*)memchr(p,':',bytes);
184 const char *space = (const char*)memchr(p,' ',bytes);
185 if(space && ( (!colon) || space<colon ) ) {
186 xrds_location.clear(); http_content_type.clear();
187 }else if(colon) {
188 const char *hv = ++colon;
189 int hnl = colon-h;
190 int rb;
191 for(rb = bytes-hnl-1;rb>0 && isspace(*hv);++hv,--rb);
192 while(rb>0 && isspace(hv[rb-1])) --rb;
193 if(rb) {
194 if( (hnl>=sizeof(XRDS_HEADER))
195 && !strncasecmp(h,XRDS_HEADER":",
196 sizeof(XRDS_HEADER)) ) {
197 xrds_location.assign(hv,rb);
198 }else if( (hnl>=sizeof(CT_HEADER))
199 && !strncasecmp(h,CT_HEADER":",
200 sizeof(CT_HEADER)) ) {
201 const char *sc = (const char*)memchr(
202 hv,';',rb);
203 http_content_type.assign(hv,sc?(sc-hv):rb);
204 }
205 }
206 }
207 return curl_t::header(p,s,nm);
208 }
209
210 void start_element(const XML_Char *n,const XML_Char **a) {
211 if(skipping<0) return;
212 if(skipping) {
213 if(xmode&xmode_html)
214 html_start_element(n,a);
215 ++skipping; return;
216 }
217 if(pt_stack.empty()) {
218 if(is_qelement(n,NSURI_XRDS "\tXRDS"))
219 return;
220 if(is_qelement(n,NSURI_XRD "\tXRD")) {
221 assert(xrd);
222 xrd->clear();
223 pt_stack.push_back(n);
224 }else if(xmode&xmode_html) {
225 html_start_element(n,a);
226 }else{
227 skipping = -1;
228 }
229 }else{
230 int pt_s = pt_stack.size();
231 if(pt_s==1) {
232 /* TODO: xrd:XRD/xrd:Expires */
233 if(is_qelement(n,NSURI_XRD "\tCanonicalID")) {
234 assert(xrd);
235 cdata = &(xrd->canonical_ids.add(element_priority(a),string()));
236 }else if(is_qelement(n,NSURI_XRD "\tLocalID")) {
237 assert(xrd);
238 cdata = &(xrd->local_ids.add(element_priority(a),string()));
239 }else if(is_qelement(n,NSURI_XRD "\tService")) {
240 assert(xrd);
241 xrd_service = &(xrd->services.add(element_priority(a),
242 service_t()));
243 pt_stack.push_back(n);
244 }else if(is_qelement(n,NSURI_XRD "\tStatus")) {
245 for(;*a;) {
246 if(!strcasecmp(*(a++),"code")) {
247 if(sscanf(*(a++),"%ld",&status_code)==1 && status_code!=100) {
248 cdata = &status_string;
249 pt_stack.push_back(n);
250 break;
251 }
252 }
253 }
254 }else if(xmode&xmode_html) {
255 html_start_element(n,a);
256 }else{
257 skipping = 1;
258 }
259 }else if(pt_s==2) {
260 if(is_qelement(pt_stack.back().c_str(), NSURI_XRD "\tService")) {
261 if(is_qelement(n,NSURI_XRD "\tType")) {
262 assert(xrd); assert(xrd_service);
263 cdata_buf.clear();
264 cdata = &cdata_buf;
265 }else if(is_qelement(n,NSURI_XRD "\tURI")) {
266 assert(xrd); assert(xrd_service);
267 cdata = &(xrd_service->uris.add(element_priority(a),string()));
268 }else if(is_qelement(n,NSURI_XRD "\tLocalID")
269 || is_qelement(n,NSURI_OPENID10 "\tDelegate") ) {
270 assert(xrd); assert(xrd_service);
271 cdata = &(xrd_service->uris.add(element_priority(a),string()));
272 }else{
273 skipping = 1;
274 }
275 }else
276 skipping = 1;
277 }else if(xmode&xmode_html) {
278 html_start_element(n,a);
279 }else{
280 skipping = 1;
281 }
282 }
283 }
284 void end_element(const XML_Char *n) {
285 if(skipping<0) return;
286 if(skipping) {
287 --skipping; return;
288 }
289 if(is_qelement(n,NSURI_XRD "\tType")) {
290 assert(xrd); assert(xrd_service); assert(cdata==&cdata_buf);
291 xrd_service->types.insert(cdata_buf);
292 }else if(is_qelement(n,NSURI_XRD "\tService")) {
293 assert(xrd); assert(xrd_service);
294 assert(!pt_stack.empty());
295 assert(pt_stack.back()==(NSURI_XRD "\tService"));
296 pt_stack.pop_back();
297 xrd_service = 0;
298 }else if(is_qelement(n,NSURI_XRD "\tStatus")) {
299 assert(xrd);
300 if(is_qelement(pt_stack.back().c_str(),n)) {
301 assert(cdata==&status_string);
302 pt_stack.pop_back();
303 if(status_code!=100)
304 skipping = -1;
305 }
306 }else if((xmode&xmode_html) && is_element(n,"head")) {
307 skipping = -1;
308 }
309 cdata = 0;
310 }
311 void character_data(const XML_Char *s,int l) {
312 if(skipping) return;
313 if(cdata) cdata->append(s,l);
314 }
315
316 void html_start_element(const XML_Char *n,const XML_Char **a) {
317 if(is_element(n,"meta")) {
318 bool heq = false;
319 string l;
320 for(;*a;a+=2) {
321 if(!( strcasecmp(a[0],"http-equiv")
322 || strcasecmp(a[1],XRDS_HEADER) ))
323 heq = true;
324 else if(!strcasecmp(a[0],"content"))
325 l.assign(a[1]);
326 }
327 if(heq)
328 xrds_location = l;
329 }else if(is_element(n,"link")) {
330 string rels;
331 string href;
332 for(;*a;a+=2) {
333 if( !strcasecmp(a[0],"rel") ) {
334 rels.assign(a[1]);
335 }else if( !strcasecmp(a[0],"href") ) {
336 const char *ns = a[1];
337 for(;*ns && isspace(*ns);++ns);
338 href.assign(ns);
339 string::size_type lns=href.find_last_not_of(whitespace);
340 href.erase(lns+1);
341 }
342 }
343 for(string::size_type ns=rels.find_first_not_of(whitespace);
344 ns!=string::npos; ns=rels.find_first_not_of(whitespace,ns)) {
345 string::size_type s = rels.find_first_of(whitespace,ns);
346 string rel;
347 if(s==string::npos) {
348 rel.assign(rels,ns,string::npos);
349 ns = string::npos;
350 }else{
351 rel.assign(rels,ns,s-ns);
352 ns = s;
353 }
354 if(rel=="openid.server")
355 html_openid1.uris.add(-1,href);
356 else if(rel=="openid.delegate")
357 html_openid1.local_ids.add(-1,href);
358 else if(rel=="openid2.provider")
359 html_openid2.uris.add(-1,href);
360 else if(rel=="openid2.local_id")
361 html_openid2.local_ids.add(-1,href);
362 }
363 }else if(is_element(n,"body")) {
364 skipping = -1;
365 }
366 }
367
368 };
369
370 void idiscover(idiscovery_t& result,const string& identity) {
371 idigger_t idigger;
372 idigger.discover(result,identity);
373 }
374
375}
diff --git a/lib/openid_service_resolver.cc b/lib/openid_service_resolver.cc
deleted file mode 100644
index 505e5b2..0000000
--- a/lib/openid_service_resolver.cc
+++ b/dev/null
@@ -1,298 +0,0 @@
1#include <cctype>
2#include <opkele/exception.h>
3#include <opkele/util.h>
4#include <opkele/openid_service_resolver.h>
5#include <opkele/uris.h>
6
7#define LOCATION_HEADER "X-XRDS-Location"
8
9namespace opkele {
10 static const char *whitespace = " \t\r\n";
11
12 openid_service_resolver_t::openid_service_resolver_t(const string& xp)
13 : util::curl_t(easy_init()),
14 util::expat_t(0),
15 xri_proxy(xp.empty()?"http://beta.xri.net/":xp)
16 {
17 CURLcode r;
18 (r=misc_sets())
19 || (r=set_write())
20 || (r==set_header())
21 ;
22 if(r)
23 throw opkele::exception_curl(OPKELE_CP_ "failed to set curly options",r);
24 }
25
26 static bool is_element(const XML_Char *n,const char *en) {
27 if(!strcasecmp(n,en)) return true;
28 int nl = strlen(n), enl = strlen(en);
29 if( (nl>=(enl+1)) && n[nl-enl-1]=='\t'
30 && !strcasecmp(&n[nl-enl],en) )
31 return true;
32 return false;
33 }
34 static inline bool is_qelement(const XML_Char *n,const char *qen) {
35 return !strcasecmp(n,qen);
36 }
37 static inline bool is_element(
38 const openid_service_resolver_t::parser_node_t& n,
39 const char *en) {
40 return is_element(n.element.c_str(),en);
41 }
42 static inline bool is_qelement(
43 const openid_service_resolver_t::parser_node_t& n,
44 const char *qen) {
45 return is_qelement(n.element.c_str(),qen);
46 }
47
48 void openid_service_resolver_t::start_element(const XML_Char *n,const XML_Char **a) {
49 if(state!=state_parse) return;
50 tree.push(n,a);
51 parser_node_t& t = tree.top();
52 if(is_element(n,"html") || is_element(n,"head")
53 || is_qelement(n,NSURI_XRDS "\tXRDS")
54 || is_qelement(n,NSURI_XRD "\tXRD") )
55 t.skip_tags = false;
56 else if(is_qelement(n,NSURI_XRD "\tService")
57 || is_qelement(n,NSURI_XRD "\tType")
58 || is_qelement(n,NSURI_XRD "\tURI")
59 || is_qelement(n,NSURI_OPENID10 "\tDelegate")
60 || is_qelement(n,NSURI_XRD "\tCanonicalID") )
61 t.skip_tags = t.skip_text = false;
62 else if(is_element(n,"body"))
63 state = state_stopping_body;
64 }
65 void openid_service_resolver_t::end_element(const XML_Char *n) {
66 if(state!=state_parse) return;
67 assert(tree.top().element == n);
68 pop_tag();
69 }
70 void openid_service_resolver_t::character_data(const XML_Char *s,int l) {
71 if(state!=state_parse) return;
72 if( !( tree.empty() || tree.top().skip_text ) )
73 tree.top().content.append(s,l);
74 }
75
76 static void copy_trim_whitespace(string& to,const string& from) {
77 string::size_type ns0 = from.find_first_not_of(whitespace);
78 if(ns0==string::npos) {
79 to.clear(); return;
80 }
81 string::size_type ns1 = from.find_last_not_of(whitespace);
82 assert(ns1!=string::npos);
83 to.assign(from,ns0,ns1-ns0+1);
84 }
85
86 void openid_service_resolver_t::pop_tag() {
87 assert(!tree.empty());
88 parser_node_t& t = tree.top();
89 if( is_element(t,"meta")
90 && !strcasecmp(t.attrs["http-equiv"].c_str(),LOCATION_HEADER) ) {
91 xrds_location = t.attrs["content"];
92 }else if( is_element(t,"link") ) {
93 parser_node_t::attrs_t::const_iterator ir = t.attrs.find("rel");
94 if(ir!=t.attrs.end()) {
95 const string& rels = ir->second;
96 for(string::size_type ns = rels.find_first_not_of(whitespace);
97 ns!=string::npos;
98 ns=rels.find_first_not_of(whitespace,ns)) {
99 string::size_type s = rels.find_first_of(whitespace,ns);
100 string rel;
101 if(s==string::npos) {
102 rel.assign(rels,ns,string::npos);
103 ns = string::npos;
104 }else{
105 rel.assign(rels,ns,s-ns);
106 ns = s;
107 }
108 if(rel=="openid.server")
109 copy_trim_whitespace(html_SEP.xrd_URI,t.attrs["href"]);
110 else if(rel=="openid.delegate")
111 copy_trim_whitespace(html_SEP.openid_Delegate,t.attrs["href"]);
112 }
113 }
114 }else if( is_element(t,"head") )
115 state = state_stopping_head;
116 else if( is_qelement(t,NSURI_XRD "\tXRD")) {
117 if( !(
118 (
119 xri_mode
120 && t.auth_info.canonical_id.empty()
121 ) ||
122 t.auth_info.auth_SEP.xrd_Type.empty()
123 ) )
124 auth_info = t.auth_info;
125 }else if( tree.size()>1 ) {
126 parser_node_t& p = tree.parent();
127 if( is_qelement(p,NSURI_XRD "\tService") ) {
128 if( is_qelement(t,NSURI_XRD "\tType") ) {
129 if(t.content==STURI_OPENID10) {
130 string tmp; copy_trim_whitespace(tmp,t.content);
131 p.auth_info.auth_SEP.xrd_Type.insert(tmp);
132 }
133 }else if( is_qelement(t,NSURI_XRD "\tURI") )
134 copy_trim_whitespace(p.auth_info.auth_SEP.xrd_URI,t.content);
135 else if( is_qelement(t,NSURI_OPENID10 "\tDelegate") )
136 copy_trim_whitespace(p.auth_info.auth_SEP.openid_Delegate,t.content);
137 }else if( is_qelement(p,NSURI_XRD "\tXRD") ) {
138 if(is_qelement(t,NSURI_XRD "\tService") ) {
139 if( !t.auth_info.auth_SEP.xrd_Type.empty() ) {
140 parser_node_t::attrs_t::const_iterator ip
141 = t.attrs.find("priority");
142 if(ip!=t.attrs.end()) {
143 const char *nptr = ip->second.c_str();
144 char *eptr = 0;
145 t.auth_info.auth_SEP.priority = strtol(nptr,&eptr,10);
146 if(nptr==eptr)
147 t.auth_info.auth_SEP.priority = LONG_MAX;
148 }
149 if( (t.auth_info.auth_SEP.priority < p.auth_info.auth_SEP.priority)
150 || p.auth_info.auth_SEP.xrd_Type.empty() )
151 p.auth_info.auth_SEP = t.auth_info.auth_SEP;
152 }
153 }else if( is_qelement(t,NSURI_XRD "\tCanonicalID") )
154 copy_trim_whitespace(p.auth_info.canonical_id,t.content);
155 }
156 }
157
158 tree.pop();
159 }
160
161 size_t openid_service_resolver_t::write(void *p,size_t s,size_t nm) {
162 if(state != state_parse)
163 return 0;
164 /* TODO: limit total size */
165 size_t bytes = s*nm;
166 parse((const char *)p,bytes,false);
167 return bytes;
168 }
169
170 size_t openid_service_resolver_t::header(void *p,size_t s,size_t nm) {
171 size_t bytes = s*nm;
172 const char *h = (const char *)p;
173 const char *colon = (const char*)memchr(p,':',bytes);
174 const char *space = (const char*)memchr(p,' ',bytes);
175 if(space && ( (!colon) || space<colon ) ) {
176 xrds_location.clear(); http_content_type.clear();
177 }else if(colon) {
178 const char *hv = ++colon;
179 int hnl = colon-h;
180 int rb;
181 for(rb = bytes-hnl-1;
182 rb>0 && isspace(*hv);
183 ++hv,--rb );
184 while(rb>0 && isspace(hv[rb-1]))
185 --rb;
186 if(rb) {
187 if( (hnl >= sizeof(LOCATION_HEADER))
188 && !strncasecmp(h,LOCATION_HEADER ":",
189 sizeof(LOCATION_HEADER)) ) {
190 xrds_location.assign(hv,rb);
191 }else if( (hnl >= sizeof("Content-Type"))
192 && !strncasecmp(h,"Content-Type:",
193 sizeof("Content-Type")) ) {
194 const char *sc = (const char*)memchr(
195 hv,';',rb);
196 http_content_type.assign(
197 hv,sc?(sc-hv):rb );
198 }
199 }
200 }
201 return curl_t::header(p,s,nm);
202 }
203
204 void openid_service_resolver_t::discover_service(const string& url,bool xri) {
205 CURLcode r = easy_setopt(CURLOPT_URL,url.c_str());
206 if(r)
207 throw opkele::exception_curl(OPKELE_CP_ "failed to set curly urlie",r);
208
209 (*(expat_t*)this) = parser_create_ns();
210 set_user_data(); set_element_handler();
211 set_character_data_handler();
212 tree.clear();
213 state = state_parse;
214
215 r = easy_perform();
216 if(r && r!=CURLE_WRITE_ERROR)
217 throw exception_curl(OPKELE_CP_ "failed to perform curly request",r);
218
219 parse(0,0,true);
220 while(!tree.empty()) pop_tag();
221 }
222
223 const openid_auth_info_t& openid_service_resolver_t::resolve(const string& id) {
224 auth_info = openid_auth_info_t();
225 html_SEP = openid_auth_SEP_t();
226
227 string::size_type fns = id.find_first_not_of(whitespace);
228 if(fns==string::npos)
229 throw opkele::bad_input(OPKELE_CP_ "whitespace-only identity");
230 string::size_type lns = id.find_last_not_of(whitespace);
231 assert(lns!=string::npos);
232 if(!strncasecmp(
233 id.c_str()+fns,"xri://",
234 sizeof("xri://")-1))
235 fns+=sizeof("xri://")-1;
236 string nid(id,fns,lns-fns+1);
237 if(nid.empty())
238 throw opkele::bad_input(OPKELE_CP_ "nothing significant in identity");
239 if(strchr("=@+$!(",*nid.c_str())) {
240 discover_service(
241 xri_proxy + util::url_encode(nid) +
242 "?_xrd_t=" STURI_OPENID10 "&_xrd_r=application/xrd+xml;sep=true",
243 true );
244 if(auth_info.canonical_id.empty()
245 || auth_info.auth_SEP.xrd_Type.empty() )
246 throw opkele::failed_lookup(OPKELE_CP_ "no OpenID service for XRI found");
247 }else{
248 const char *np = nid.c_str();
249 if( (strncasecmp(np,"http",4) || strncmp(
250 tolower(*(np+4))=='s'? np+5 : np+4, "://", 3))
251#ifndef NDEBUG
252 && strncasecmp(np,"file:///",sizeof("file:///")-1)
253 #endif /* XXX: or how do I let tests work? */
254 )
255 nid.insert(0,"http://");
256 string::size_type fp = nid.find('#');
257 if(fp!=string::npos) {
258 string::size_type qp = nid.find('?');
259 if(qp==string::npos || qp<fp) {
260 nid.erase(fp);
261 }else if(qp>fp)
262 nid.erase(fp,qp-fp);
263 }
264 discover_service(nid);
265 const char *eu = 0;
266 CURLcode r = easy_getinfo(CURLINFO_EFFECTIVE_URL,&eu);
267 if(r)
268 throw exception_curl(OPKELE_CP_ "failed to get CURLINFO_EFFECTIVE_URL",r);
269 string canonicalized_id = util::rfc_3986_normalize_uri(eu);
270 if(xrds_location.empty()) {
271 if(auth_info.auth_SEP.xrd_Type.empty()) {
272 if(html_SEP.xrd_URI.empty())
273 throw opkele::failed_lookup(OPKELE_CP_ "no OpenID 1.0 service discovered");
274 auth_info.auth_SEP = html_SEP;
275 auth_info.auth_SEP.xrd_Type.clear(); auth_info.auth_SEP.xrd_Type.insert( STURI_OPENID10 );
276 auth_info.canonical_id = canonicalized_id;
277 }else{
278 if(auth_info.canonical_id.empty())
279 auth_info.canonical_id = canonicalized_id;
280 }
281 }else{
282 discover_service(xrds_location);
283 if(auth_info.auth_SEP.xrd_Type.empty()) {
284 if(html_SEP.xrd_URI.empty())
285 throw opkele::failed_lookup(OPKELE_CP_ "no OpenID 1.0 service discovered");
286 auth_info.auth_SEP = html_SEP;
287 auth_info.auth_SEP.xrd_Type.clear(); auth_info.auth_SEP.xrd_Type.insert( STURI_OPENID10 );
288 auth_info.canonical_id = canonicalized_id;
289 }else{
290 if(auth_info.canonical_id.empty())
291 auth_info.canonical_id = canonicalized_id;
292 }
293 }
294 }
295 return auth_info;
296 }
297
298}
diff --git a/lib/util.cc b/lib/util.cc
index 69d37b5..83f0eef 100644
--- a/lib/util.cc
+++ b/lib/util.cc
@@ -1,303 +1,305 @@
1#include <errno.h> 1#include <errno.h>
2#include <cassert> 2#include <cassert>
3#include <cctype> 3#include <cctype>
4#include <cstring> 4#include <cstring>
5#include <vector> 5#include <vector>
6#include <string> 6#include <string>
7#include <stack> 7#include <stack>
8#include <openssl/bio.h> 8#include <openssl/bio.h>
9#include <openssl/evp.h> 9#include <openssl/evp.h>
10#include <curl/curl.h> 10#include <curl/curl.h>
11#include "opkele/util.h" 11#include "opkele/util.h"
12#include "opkele/exception.h" 12#include "opkele/exception.h"
13 13
14namespace opkele { 14namespace opkele {
15 using namespace std; 15 using namespace std;
16 16
17 namespace util { 17 namespace util {
18 18
19 /* 19 /*
20 * base64 20 * base64
21 */ 21 */
22 string encode_base64(const void *data,size_t length) { 22 string encode_base64(const void *data,size_t length) {
23 BIO *b64 = 0, *bmem = 0; 23 BIO *b64 = 0, *bmem = 0;
24 try { 24 try {
25 b64 = BIO_new(BIO_f_base64()); 25 b64 = BIO_new(BIO_f_base64());
26 if(!b64) 26 if(!b64)
27 throw exception_openssl(OPKELE_CP_ "failed to BIO_new() base64 encoder"); 27 throw exception_openssl(OPKELE_CP_ "failed to BIO_new() base64 encoder");
28 BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL); 28 BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
29 bmem = BIO_new(BIO_s_mem()); 29 bmem = BIO_new(BIO_s_mem());
30 BIO_set_flags(b64,BIO_CLOSE); 30 BIO_set_flags(b64,BIO_CLOSE);
31 if(!bmem) 31 if(!bmem)
32 throw exception_openssl(OPKELE_CP_ "failed to BIO_new() memory buffer"); 32 throw exception_openssl(OPKELE_CP_ "failed to BIO_new() memory buffer");
33 BIO_push(b64,bmem); 33 BIO_push(b64,bmem);
34 if(((size_t)BIO_write(b64,data,length))!=length) 34 if(((size_t)BIO_write(b64,data,length))!=length)
35 throw exception_openssl(OPKELE_CP_ "failed to BIO_write()"); 35 throw exception_openssl(OPKELE_CP_ "failed to BIO_write()");
36 if(BIO_flush(b64)!=1) 36 if(BIO_flush(b64)!=1)
37 throw exception_openssl(OPKELE_CP_ "failed to BIO_flush()"); 37 throw exception_openssl(OPKELE_CP_ "failed to BIO_flush()");
38 char *rvd; 38 char *rvd;
39 long rvl = BIO_get_mem_data(bmem,&rvd); 39 long rvl = BIO_get_mem_data(bmem,&rvd);
40 string rv(rvd,rvl); 40 string rv(rvd,rvl);
41 BIO_free_all(b64); 41 BIO_free_all(b64);
42 return rv; 42 return rv;
43 }catch(...) { 43 }catch(...) {
44 if(b64) BIO_free_all(b64); 44 if(b64) BIO_free_all(b64);
45 throw; 45 throw;
46 } 46 }
47 } 47 }
48 48
49 void decode_base64(const string& data,vector<unsigned char>& rv) { 49 void decode_base64(const string& data,vector<unsigned char>& rv) {
50 BIO *b64 = 0, *bmem = 0; 50 BIO *b64 = 0, *bmem = 0;
51 rv.clear(); 51 rv.clear();
52 try { 52 try {
53 bmem = BIO_new_mem_buf((void*)data.data(),data.size()); 53 bmem = BIO_new_mem_buf((void*)data.data(),data.size());
54 if(!bmem) 54 if(!bmem)
55 throw exception_openssl(OPKELE_CP_ "failed to BIO_new_mem_buf()"); 55 throw exception_openssl(OPKELE_CP_ "failed to BIO_new_mem_buf()");
56 b64 = BIO_new(BIO_f_base64()); 56 b64 = BIO_new(BIO_f_base64());
57 if(!b64) 57 if(!b64)
58 throw exception_openssl(OPKELE_CP_ "failed to BIO_new() base64 decoder"); 58 throw exception_openssl(OPKELE_CP_ "failed to BIO_new() base64 decoder");
59 BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL); 59 BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
60 BIO_push(b64,bmem); 60 BIO_push(b64,bmem);
61 unsigned char tmp[512]; 61 unsigned char tmp[512];
62 size_t rb = 0; 62 size_t rb = 0;
63 while((rb=BIO_read(b64,tmp,sizeof(tmp)))>0) 63 while((rb=BIO_read(b64,tmp,sizeof(tmp)))>0)
64 rv.insert(rv.end(),tmp,&tmp[rb]); 64 rv.insert(rv.end(),tmp,&tmp[rb]);
65 BIO_free_all(b64); 65 BIO_free_all(b64);
66 }catch(...) { 66 }catch(...) {
67 if(b64) BIO_free_all(b64); 67 if(b64) BIO_free_all(b64);
68 throw; 68 throw;
69 } 69 }
70 } 70 }
71 71
72 /* 72 /*
73 * big numerics 73 * big numerics
74 */ 74 */
75 75
76 BIGNUM *base64_to_bignum(const string& b64) { 76 BIGNUM *base64_to_bignum(const string& b64) {
77 vector<unsigned char> bin; 77 vector<unsigned char> bin;
78 decode_base64(b64,bin); 78 decode_base64(b64,bin);
79 BIGNUM *rv = BN_bin2bn(&(bin.front()),bin.size(),0); 79 BIGNUM *rv = BN_bin2bn(&(bin.front()),bin.size(),0);
80 if(!rv) 80 if(!rv)
81 throw failed_conversion(OPKELE_CP_ "failed to BN_bin2bn()"); 81 throw failed_conversion(OPKELE_CP_ "failed to BN_bin2bn()");
82 return rv; 82 return rv;
83 } 83 }
84 84
85 BIGNUM *dec_to_bignum(const string& dec) { 85 BIGNUM *dec_to_bignum(const string& dec) {
86 BIGNUM *rv = 0; 86 BIGNUM *rv = 0;
87 if(!BN_dec2bn(&rv,dec.c_str())) 87 if(!BN_dec2bn(&rv,dec.c_str()))
88 throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()"); 88 throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()");
89 return rv; 89 return rv;
90 } 90 }
91 91
92 string bignum_to_base64(const BIGNUM *bn) { 92 string bignum_to_base64(const BIGNUM *bn) {
93 vector<unsigned char> bin(BN_num_bytes(bn)+1); 93 vector<unsigned char> bin(BN_num_bytes(bn)+1);
94 unsigned char *binptr = &(bin.front())+1; 94 unsigned char *binptr = &(bin.front())+1;
95 int l = BN_bn2bin(bn,binptr); 95 int l = BN_bn2bin(bn,binptr);
96 if(l && (*binptr)&0x80){ 96 if(l && (*binptr)&0x80){
97 (*(--binptr)) = 0; ++l; 97 (*(--binptr)) = 0; ++l;
98 } 98 }
99 return encode_base64(binptr,l); 99 return encode_base64(binptr,l);
100 } 100 }
101 101
102 /* 102 /*
103 * w3c times 103 * w3c times
104 */ 104 */
105 105
106 string time_to_w3c(time_t t) { 106 string time_to_w3c(time_t t) {
107 struct tm tm_t; 107 struct tm tm_t;
108 if(!gmtime_r(&t,&tm_t)) 108 if(!gmtime_r(&t,&tm_t))
109 throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()"); 109 throw failed_conversion(OPKELE_CP_ "failed to BN_dec2bn()");
110 char rv[25]; 110 char rv[25];
111 if(!strftime(rv,sizeof(rv)-1,"%Y-%m-%dT%H:%M:%SZ",&tm_t)) 111 if(!strftime(rv,sizeof(rv)-1,"%Y-%m-%dT%H:%M:%SZ",&tm_t))
112 throw failed_conversion(OPKELE_CP_ "failed to strftime()"); 112 throw failed_conversion(OPKELE_CP_ "failed to strftime()");
113 return rv; 113 return rv;
114 } 114 }
115 115
116 time_t w3c_to_time(const string& w) { 116 time_t w3c_to_time(const string& w) {
117 struct tm tm_t; 117 struct tm tm_t;
118 memset(&tm_t,0,sizeof(tm_t)); 118 memset(&tm_t,0,sizeof(tm_t));
119 if( 119 if(
120 sscanf( 120 sscanf(
121 w.c_str(), 121 w.c_str(),
122 "%04d-%02d-%02dT%02d:%02d:%02dZ", 122 "%04d-%02d-%02dT%02d:%02d:%02dZ",
123 &tm_t.tm_year,&tm_t.tm_mon,&tm_t.tm_mday, 123 &tm_t.tm_year,&tm_t.tm_mon,&tm_t.tm_mday,
124 &tm_t.tm_hour,&tm_t.tm_min,&tm_t.tm_sec 124 &tm_t.tm_hour,&tm_t.tm_min,&tm_t.tm_sec
125 ) != 6 ) 125 ) != 6 )
126 throw failed_conversion(OPKELE_CP_ "failed to sscanf()"); 126 throw failed_conversion(OPKELE_CP_ "failed to sscanf()");
127 tm_t.tm_mon--; 127 tm_t.tm_mon--;
128 tm_t.tm_year-=1900; 128 tm_t.tm_year-=1900;
129 time_t rv = mktime(&tm_t); 129 time_t rv = mktime(&tm_t);
130 if(rv==(time_t)-1) 130 if(rv==(time_t)-1)
131 throw failed_conversion(OPKELE_CP_ "failed to mktime()"); 131 throw failed_conversion(OPKELE_CP_ "failed to mktime()");
132 return rv; 132 return rv;
133 } 133 }
134 134
135 /* 135 /*
136 * 136 *
137 */ 137 */
138 138
139 string url_encode(const string& str) { 139 string url_encode(const string& str) {
140 char * t = curl_escape(str.c_str(),str.length()); 140 char * t = curl_escape(str.c_str(),str.length());
141 if(!t) 141 if(!t)
142 throw failed_conversion(OPKELE_CP_ "failed to curl_escape()"); 142 throw failed_conversion(OPKELE_CP_ "failed to curl_escape()");
143 string rv(t); 143 string rv(t);
144 curl_free(t); 144 curl_free(t);
145 return rv; 145 return rv;
146 } 146 }
147 147
148 string long_to_string(long l) { 148 string long_to_string(long l) {
149 char rv[32]; 149 char rv[32];
150 int r=snprintf(rv,sizeof(rv),"%ld",l); 150 int r=snprintf(rv,sizeof(rv),"%ld",l);
151 if(r<0 || r>=(int)sizeof(rv)) 151 if(r<0 || r>=(int)sizeof(rv))
152 throw failed_conversion(OPKELE_CP_ "failed to snprintf()"); 152 throw failed_conversion(OPKELE_CP_ "failed to snprintf()");
153 return rv; 153 return rv;
154 } 154 }
155 155
156 long string_to_long(const string& s) { 156 long string_to_long(const string& s) {
157 char *endptr = 0; 157 char *endptr = 0;
158 long rv = strtol(s.c_str(),&endptr,10); 158 long rv = strtol(s.c_str(),&endptr,10);
159 if((!endptr) || endptr==s.c_str()) 159 if((!endptr) || endptr==s.c_str())
160 throw failed_conversion(OPKELE_CP_ "failed to strtol()"); 160 throw failed_conversion(OPKELE_CP_ "failed to strtol()");
161 return rv; 161 return rv;
162 } 162 }
163 163
164 /* 164 /*
165 * Normalize URL according to the rules, described in rfc 3986, section 6 165 * Normalize URL according to the rules, described in rfc 3986, section 6
166 * 166 *
167 * - uppercase hext triplets (e.g. %ab -> %AB) 167 * - uppercase hext triplets (e.g. %ab -> %AB)
168 * - lowercase scheme and host 168 * - lowercase scheme and host
169 * - decode %-encoded characters, specified as unreserved in rfc 3986, section 2.3, 169 * - decode %-encoded characters, specified as unreserved in rfc 3986, section 2.3,
170 * that is - [:alpha:][:digit:]._~- 170 * that is - [:alpha:][:digit:]._~-
171 * - remove dot segments 171 * - remove dot segments
172 * - remove empty and default ports 172 * - remove empty and default ports
173 * - if there's no path component, add '/' 173 * - if there's no path component, add '/'
174 */ 174 */
175 string rfc_3986_normalize_uri(const string& uri) { 175 string rfc_3986_normalize_uri(const string& uri) {
176 static const char *whitespace = " \t\r\n"; 176 static const char *whitespace = " \t\r\n";
177 string rv; 177 string rv;
178 string::size_type ns = uri.find_first_not_of(whitespace); 178 string::size_type ns = uri.find_first_not_of(whitespace);
179 if(ns==string::npos) 179 if(ns==string::npos)
180 throw bad_input(OPKELE_CP_ "Can't normalize empty URI"); 180 throw bad_input(OPKELE_CP_ "Can't normalize empty URI");
181 string::size_type colon = uri.find(':',ns); 181 string::size_type colon = uri.find(':',ns);
182 if(colon==string::npos) 182 if(colon==string::npos)
183 throw bad_input(OPKELE_CP_ "No scheme specified in URI"); 183 throw bad_input(OPKELE_CP_ "No scheme specified in URI");
184 transform( 184 transform(
185 uri.begin()+ns, uri.begin()+colon+1, 185 uri.begin()+ns, uri.begin()+colon+1,
186 back_inserter(rv), ::tolower ); 186 back_inserter(rv), ::tolower );
187 bool s; 187 bool s;
188 if(rv=="http:")
189 s = false;
190 else if(rv=="https:")
191 s = true;
192#ifndef NDEBUG
193 else if(rv=="file:")
194 s = false;
195#endif /* XXX: or try to make tests work some other way */
196 else
197 throw not_implemented(OPKELE_CP_ "Only http(s) URIs can be normalized here");
198 string::size_type ul = uri.find_last_not_of(whitespace)+1; 188 string::size_type ul = uri.find_last_not_of(whitespace)+1;
199 if(ul <= (colon+3)) 189 if(ul <= (colon+3))
200 throw bad_input(OPKELE_CP_ "Unexpected end of URI being normalized encountered"); 190 throw bad_input(OPKELE_CP_ "Unexpected end of URI being normalized encountered");
201 if(uri[colon+1]!='/' || uri[colon+2]!='/') 191 if(uri[colon+1]!='/' || uri[colon+2]!='/')
202 throw bad_input(OPKELE_CP_ "Unexpected input in URI being normalized after scheme component"); 192 throw bad_input(OPKELE_CP_ "Unexpected input in URI being normalized after scheme component");
193 if(rv=="http:")
194 s = false;
195 else if(rv=="https:")
196 s = true;
197 else{
198 /* TODO: support more schemes.
199 * e.g. xri. How do we normalize
200 * xri?
201 */
202 rv.append(uri,colon+1,ul-colon-1);
203 return rv;
204 }
203 rv += "//"; 205 rv += "//";
204 string::size_type interesting = uri.find_first_of(":/#?",colon+3); 206 string::size_type interesting = uri.find_first_of(":/#?",colon+3);
205 if(interesting==string::npos) { 207 if(interesting==string::npos) {
206 transform( 208 transform(
207 uri.begin()+colon+3,uri.begin()+ul, 209 uri.begin()+colon+3,uri.begin()+ul,
208 back_inserter(rv), ::tolower ); 210 back_inserter(rv), ::tolower );
209 rv += '/'; return rv; 211 rv += '/'; return rv;
210 } 212 }
211 transform( 213 transform(
212 uri.begin()+colon+3,uri.begin()+interesting, 214 uri.begin()+colon+3,uri.begin()+interesting,
213 back_inserter(rv), ::tolower ); 215 back_inserter(rv), ::tolower );
214 bool qf = false; 216 bool qf = false;
215 char ic = uri[interesting]; 217 char ic = uri[interesting];
216 if(ic==':') { 218 if(ic==':') {
217 string::size_type ni = uri.find_first_of("/#?%",interesting+1); 219 string::size_type ni = uri.find_first_of("/#?%",interesting+1);
218 const char *nptr = uri.data()+interesting+1; 220 const char *nptr = uri.data()+interesting+1;
219 char *eptr = 0; 221 char *eptr = 0;
220 long port = strtol(nptr,&eptr,10); 222 long port = strtol(nptr,&eptr,10);
221 if( (port>0) && (port<65535) && port!=(s?443:80) ) { 223 if( (port>0) && (port<65535) && port!=(s?443:80) ) {
222 char tmp[6]; 224 char tmp[6];
223 snprintf(tmp,sizeof(tmp),"%ld",port); 225 snprintf(tmp,sizeof(tmp),"%ld",port);
224 rv += ':'; rv += tmp; 226 rv += ':'; rv += tmp;
225 } 227 }
226 if(ni==string::npos) { 228 if(ni==string::npos) {
227 rv += '/'; return rv; 229 rv += '/'; return rv;
228 } 230 }
229 interesting = ni; 231 interesting = ni;
230 }else if(ic!='/') { 232 }else if(ic!='/') {
231 rv += '/'; rv += ic; 233 rv += '/'; rv += ic;
232 qf = true; 234 qf = true;
233 ++interesting; 235 ++interesting;
234 } 236 }
235 string::size_type n = interesting; 237 string::size_type n = interesting;
236 char tmp[3] = { 0,0,0 }; 238 char tmp[3] = { 0,0,0 };
237 stack<string::size_type> psegs; psegs.push(rv.length()); 239 stack<string::size_type> psegs; psegs.push(rv.length());
238 string pseg; 240 string pseg;
239 for(;n<ul;) { 241 for(;n<ul;) {
240 string::size_type unsafe = uri.find_first_of(qf?"%":"%/?#",n); 242 string::size_type unsafe = uri.find_first_of(qf?"%":"%/?#",n);
241 if(unsafe==string::npos) { 243 if(unsafe==string::npos) {
242 pseg.append(uri,n,ul-n-1); n = ul-1; 244 pseg.append(uri,n,ul-n-1); n = ul-1;
243 }else{ 245 }else{
244 pseg.append(uri,n,unsafe-n); 246 pseg.append(uri,n,unsafe-n);
245 n = unsafe; 247 n = unsafe;
246 } 248 }
247 char c = uri[n++]; 249 char c = uri[n++];
248 if(c=='%') { 250 if(c=='%') {
249 if((n+1)>=ul) 251 if((n+1)>=ul)
250 throw bad_input(OPKELE_CP_ "Unexpected end of URI encountered while parsing percent-encoded character"); 252 throw bad_input(OPKELE_CP_ "Unexpected end of URI encountered while parsing percent-encoded character");
251 tmp[0] = uri[n++]; 253 tmp[0] = uri[n++];
252 tmp[1] = uri[n++]; 254 tmp[1] = uri[n++];
253 if(!( isxdigit(tmp[0]) && isxdigit(tmp[1]) )) 255 if(!( isxdigit(tmp[0]) && isxdigit(tmp[1]) ))
254 throw bad_input(OPKELE_CP_ "Invalid percent-encoded character in URI being normalized"); 256 throw bad_input(OPKELE_CP_ "Invalid percent-encoded character in URI being normalized");
255 int cc = strtol(tmp,0,16); 257 int cc = strtol(tmp,0,16);
256 if( isalpha(cc) || isdigit(cc) || strchr("._~-",cc) ) 258 if( isalpha(cc) || isdigit(cc) || strchr("._~-",cc) )
257 pseg += cc; 259 pseg += cc;
258 else{ 260 else{
259 pseg += '%'; 261 pseg += '%';
260 pseg += toupper(tmp[0]); pseg += toupper(tmp[1]); 262 pseg += toupper(tmp[0]); pseg += toupper(tmp[1]);
261 } 263 }
262 }else if(qf) { 264 }else if(qf) {
263 rv += pseg; rv += c; 265 rv += pseg; rv += c;
264 pseg.clear(); 266 pseg.clear();
265 }else if(n>=ul || strchr("?/#",c)) { 267 }else if(n>=ul || strchr("?/#",c)) {
266 if(pseg.empty() || pseg==".") { 268 if(pseg.empty() || pseg==".") {
267 }else if(pseg=="..") { 269 }else if(pseg=="..") {
268 if(psegs.size()>1) { 270 if(psegs.size()>1) {
269 rv.resize(psegs.top()); psegs.pop(); 271 rv.resize(psegs.top()); psegs.pop();
270 } 272 }
271 }else{ 273 }else{
272 psegs.push(rv.length()); 274 psegs.push(rv.length());
273 if(c!='/') { 275 if(c!='/') {
274 pseg += c; 276 pseg += c;
275 qf = true; 277 qf = true;
276 } 278 }
277 rv += '/'; rv += pseg; 279 rv += '/'; rv += pseg;
278 } 280 }
279 if(c=='/' && (n>=ul || strchr("?#",uri[n])) ) { 281 if(c=='/' && (n>=ul || strchr("?#",uri[n])) ) {
280 rv += '/'; 282 rv += '/';
281 if(n<ul) 283 if(n<ul)
282 qf = true; 284 qf = true;
283 }else if(strchr("?#",c)) { 285 }else if(strchr("?#",c)) {
284 if(psegs.size()==1 && psegs.top()==rv.length()) 286 if(psegs.size()==1 && psegs.top()==rv.length())
285 rv += '/'; 287 rv += '/';
286 if(pseg.empty()) 288 if(pseg.empty())
287 rv += c; 289 rv += c;
288 qf = true; 290 qf = true;
289 } 291 }
290 pseg.clear(); 292 pseg.clear();
291 }else{ 293 }else{
292 pseg += c; 294 pseg += c;
293 } 295 }
294 } 296 }
295 if(!pseg.empty()) { 297 if(!pseg.empty()) {
296 rv += '/'; rv += pseg; 298 rv += '/'; rv += pseg;
297 } 299 }
298 return rv; 300 return rv;
299 } 301 }
300 302
301 } 303 }
302 304
303} 305}
diff --git a/test/.gitignore b/test/.gitignore
index 5ce4dc9..31ae686 100644
--- a/test/.gitignore
+++ b/test/.gitignore
@@ -1,5 +1,5 @@
1/.deps 1/.deps
2/.libs 2/.libs
3/test 3/test
4*.o 4*.o
5/openid_resolve 5/idiscover
diff --git a/test/Makefile.am b/test/Makefile.am
index 5aa87b3..13c4cd2 100644
--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -1,15 +1,15 @@
1noinst_PROGRAMS = test openid_resolve 1noinst_PROGRAMS = test idiscover
2 2
3DEFAULT_INCLUDES = -I${top_builddir} 3DEFAULT_INCLUDES = -I${top_builddir}
4INCLUDES = -I${top_srcdir}/include/ ${KONFORKA_CFLAGS} 4INCLUDES = -I${top_srcdir}/include/ ${KONFORKA_CFLAGS}
5 5
6test_SOURCES = test.cc 6test_SOURCES = test.cc
7test_LDADD = ${top_builddir}/lib/libopkele.la 7test_LDADD = ${top_builddir}/lib/libopkele.la
8 8
9EXTRA_DIST=$(addsuffix .html,$(addprefix html/, \ 9EXTRA_DIST=$(addsuffix .html,$(addprefix html/, \
10 empty head-in-body hkn-delegate hkn-server hkn in-body \ 10 empty head-in-body hkn-delegate hkn-server hkn in-body \
11 unclosed-head spaced-links spaced-link-attrs 2rels \ 11 unclosed-head spaced-links spaced-link-attrs 2rels \
12 )) 12 ))
13 13
14openid_resolve_SOURCES = openid_resolve.cc 14idiscover_SOURCES = idiscover.cc
15openid_resolve_LDADD = ${top_builddir}/lib/libopkele.la 15idiscover_LDADD = ${top_builddir}/lib/libopkele.la
diff --git a/test/idiscover.cc b/test/idiscover.cc
new file mode 100644
index 0000000..2abedc9
--- a/dev/null
+++ b/test/idiscover.cc
@@ -0,0 +1,49 @@
1#include <iostream>
2#include <stdexcept>
3#include <iterator>
4#include <algorithm>
5using namespace std;
6#include <opkele/exception.h>
7#include <opkele/discovery.h>
8
9template<typename _PDT>
10 ostream& operator<<(ostream& o,const opkele::xrd::priority_map<_PDT>& pm) {
11 for(typename opkele::xrd::priority_map<_PDT>::const_iterator i=pm.begin();
12 i!=pm.end();++i)
13 o << ' ' << i->second << '[' << i->first << ']';
14 return o;
15 }
16
17ostream& operator<<(ostream& o,const opkele::xrd::service_t s) {
18 o << "{" << endl
19 << " Type: ";
20 copy(s.types.begin(),s.types.end(),
21 ostream_iterator<string>(o," "));
22 o << endl
23 << " URI: " << s.uris << endl
24 << " LocalID: " << s.local_ids << endl;
25 o << "}";
26}
27
28int main(int argc,char **argv) {
29 try {
30 if(argc<2)
31 throw opkele::exception(OPKELE_CP_ "Please, give me something to resolve");
32 for(int a=1;a<argc;++a) {
33 opkele::idiscovery_t discovery(argv[a]);
34 clog
35 << "===============================================================" << endl
36 << "User-supplied ID: " << argv[a] << endl
37 << "Normalized ID: " << discovery.normalized_id << endl
38 << "Canonicalized ID: " << discovery.canonicalized_id << endl
39 << endl
40 << "CanonicalID: " << discovery.xrd.canonical_ids << endl
41 << "LocalID: " << discovery.xrd.local_ids << endl
42 << "Services: " << discovery.xrd.services << endl;
43 }
44 }catch(exception& e) {
45 cerr << "oops: " << e.what() << endl;
46 _exit(1);
47 }
48 _exit(0);
49}
diff --git a/test/openid_resolve.cc b/test/openid_resolve.cc
deleted file mode 100644
index 31c7a6a..0000000
--- a/test/openid_resolve.cc
+++ b/dev/null
@@ -1,36 +0,0 @@
1#include <iostream>
2#include <stdexcept>
3#include <iterator>
4#include <algorithm>
5using namespace std;
6#include <opkele/exception.h>
7#include <opkele/openid_service_resolver.h>
8
9int main(int argc,char **argv) {
10 try {
11 if(argc<2)
12 throw opkele::exception(OPKELE_CP_ "Please, give me something to resolve");
13 opkele::openid_service_resolver_t resolver;
14 for(int a=1;a<argc;++a) {
15 const opkele::openid_auth_info_t& iai = resolver.resolve(argv[a]);
16 clog
17 << "====================" << endl
18 << "canonical id is " << iai.canonical_id << endl
19 << endl
20 << "service priority is " << iai.auth_SEP.priority << endl
21 << "service types are " ;
22 copy(
23 iai.auth_SEP.xrd_Type.begin(), iai.auth_SEP.xrd_Type.end(),
24 ostream_iterator<string>(clog," ") );
25 clog << endl
26 << "service URI is " << iai.auth_SEP.xrd_URI << endl;
27 if(!iai.auth_SEP.openid_Delegate.empty())
28 clog << "openid:Delegate is " << iai.auth_SEP.openid_Delegate << endl;
29 clog << endl;
30 }
31 }catch(exception& e) {
32 cerr << "oops: " << e.what() << endl;
33 _exit(1);
34 }
35 _exit(0);
36}