summaryrefslogtreecommitdiffabout
path: root/include
authorMichael Krelin <hacker@klever.net>2007-12-04 19:02:15 (UTC)
committer Michael Krelin <hacker@klever.net>2007-12-04 19:02:15 (UTC)
commit7a6a6fbcf7e20f0d7da5f625a73c865b361f16aa (patch) (unidiff)
tree42a2983bd4fdbba0b49d9a5329e5f819ad73d5ec /include
parent206de587733c5dbde280fb6e9f1eab2f02de7f54 (diff)
downloadlibopkele-7a6a6fbcf7e20f0d7da5f625a73c865b361f16aa.zip
libopkele-7a6a6fbcf7e20f0d7da5f625a73c865b361f16aa.tar.gz
libopkele-7a6a6fbcf7e20f0d7da5f625a73c865b361f16aa.tar.bz2
Minor improvements
- almost irrelevant documentation updates - introduced id_res_expired_on_delivery exception to be thrown if the association has expired right before it could've been used for signature verification. Signed-off-by: Michael Krelin <hacker@klever.net>
Diffstat (limited to 'include') (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/consumer.h6
-rw-r--r--include/opkele/exception.h9
2 files changed, 15 insertions, 0 deletions
diff --git a/include/opkele/consumer.h b/include/opkele/consumer.h
index 50ff692..c463787 100644
--- a/include/opkele/consumer.h
+++ b/include/opkele/consumer.h
@@ -1,168 +1,174 @@
1#ifndef __OPKELE_CONSUMER_H 1#ifndef __OPKELE_CONSUMER_H
2#define __OPKELE_CONSUMER_H 2#define __OPKELE_CONSUMER_H
3 3
4#include <opkele/types.h> 4#include <opkele/types.h>
5#include <opkele/extension.h> 5#include <opkele/extension.h>
6 6
7/** 7/**
8 * @file 8 * @file
9 * @brief OpenID consumer-side functionality 9 * @brief OpenID consumer-side functionality
10 */ 10 */
11 11
12namespace opkele { 12namespace opkele {
13 13
14 /** 14 /**
15 * implementation of basic consumer functionality 15 * implementation of basic consumer functionality
16 * 16 *
17 * @note 17 * @note
18 * The consumer uses libcurl internally, which means that if you're using 18 * The consumer uses libcurl internally, which means that if you're using
19 * libopkele in multithreaded environment you should call curl_global_init 19 * libopkele in multithreaded environment you should call curl_global_init
20 * yourself before spawning any threads. 20 * yourself before spawning any threads.
21 */ 21 */
22 class consumer_t { 22 class consumer_t {
23 public: 23 public:
24 24
25 virtual ~consumer_t() { } 25 virtual ~consumer_t() { }
26 26
27 /** 27 /**
28 * store association. The function should be overridden in the real 28 * store association. The function should be overridden in the real
29 * implementation to provide persistent associations store. 29 * implementation to provide persistent associations store.
30 * @param server the OpenID server 30 * @param server the OpenID server
31 * @param handle association handle 31 * @param handle association handle
32 * @param secret the secret associated with the server and handle 32 * @param secret the secret associated with the server and handle
33 * @param expires_in the number of seconds until the handle is expired 33 * @param expires_in the number of seconds until the handle is expired
34 * @return the auto_ptr<> for the newly allocated association_t object 34 * @return the auto_ptr<> for the newly allocated association_t object
35 */ 35 */
36 virtual assoc_t store_assoc(const string& server,const string& handle,const secret_t& secret,int expires_in) = 0; 36 virtual assoc_t store_assoc(const string& server,const string& handle,const secret_t& secret,int expires_in) = 0;
37 /** 37 /**
38 * retrieve stored association. The function should be overridden 38 * retrieve stored association. The function should be overridden
39 * in the real implementation to provide persistent assocations 39 * in the real implementation to provide persistent assocations
40 * store. 40 * store.
41 * 41 *
42 * @note 42 * @note
43 * The user is responsible for handling associations expiry and 43 * The user is responsible for handling associations expiry and
44 * this function should never return an expired or invalidated 44 * this function should never return an expired or invalidated
45 * association. 45 * association.
46 * 46 *
47 * @param server the OpenID server 47 * @param server the OpenID server
48 * @param handle association handle 48 * @param handle association handle
49 * @return the autho_ptr<> for the newly allocated association_t object 49 * @return the autho_ptr<> for the newly allocated association_t object
50 * @throw failed_lookup if no unexpired association found 50 * @throw failed_lookup if no unexpired association found
51 */ 51 */
52 virtual assoc_t retrieve_assoc(const string& server,const string& handle) = 0; 52 virtual assoc_t retrieve_assoc(const string& server,const string& handle) = 0;
53 /** 53 /**
54 * invalidate stored association. The function should be overridden 54 * invalidate stored association. The function should be overridden
55 * in the real implementation of the consumer. 55 * in the real implementation of the consumer.
56 * @param server the OpenID server 56 * @param server the OpenID server
57 * @param handle association handle 57 * @param handle association handle
58 */ 58 */
59 virtual void invalidate_assoc(const string& server,const string& handle) = 0; 59 virtual void invalidate_assoc(const string& server,const string& handle) = 0;
60 /** 60 /**
61 * retrieve any unexpired association for the server. If the 61 * retrieve any unexpired association for the server. If the
62 * function is not overridden in the real implementation, the new 62 * function is not overridden in the real implementation, the new
63 * association will be established for each request. 63 * association will be established for each request.
64 * 64 *
65 * @note 65 * @note
66 * The user is responsible for handling associations and this 66 * The user is responsible for handling associations and this
67 * function should never return an expired or invalidated 67 * function should never return an expired or invalidated
68 * association. 68 * association.
69 * 69 *
70 * @note
71 * It may be a good idea to pre-expire associations shortly before
72 * their time is really up to avoid association expiry in the
73 * middle of negotiations.
74 *
70 * @param server the OpenID server 75 * @param server the OpenID server
71 * @return the auto_ptr<> for the newly allocated association_t object 76 * @return the auto_ptr<> for the newly allocated association_t object
72 * @throw failed_lookup in case of absence of the handle 77 * @throw failed_lookup in case of absence of the handle
73 */ 78 */
74 virtual assoc_t find_assoc(const string& server); 79 virtual assoc_t find_assoc(const string& server);
75 80
76 /** 81 /**
77 * retrieve the metainformation contained in link tags from the 82 * retrieve the metainformation contained in link tags from the
78 * page pointed by url. the function may implement caching of the 83 * page pointed by url. the function may implement caching of the
79 * information. 84 * information.
80 * @param url url to harvest for link tags 85 * @param url url to harvest for link tags
81 * @param server reference to the string object where to put 86 * @param server reference to the string object where to put
82 * openid.server value 87 * openid.server value
83 * @param delegate reference to the string object where to put the 88 * @param delegate reference to the string object where to put the
84 * openid.delegate value (if any) 89 * openid.delegate value (if any)
85 */ 90 */
86 virtual void retrieve_links(const string& url,string& server,string& delegate); 91 virtual void retrieve_links(const string& url,string& server,string& delegate);
87 92
88 /** 93 /**
89 * perform the associate request to OpenID server. 94 * perform the associate request to OpenID server.
90 * @param server the OpenID server 95 * @param server the OpenID server
91 * @return the auto_ptr<> for the newly allocated association_t 96 * @return the auto_ptr<> for the newly allocated association_t
92 * object, representing established association 97 * object, representing established association
93 * @throw exception in case of error 98 * @throw exception in case of error
94 */ 99 */
95 assoc_t associate(const string& server); 100 assoc_t associate(const string& server);
96 /** 101 /**
97 * prepare the parameters for the checkid_immediate 102 * prepare the parameters for the checkid_immediate
98 * request. 103 * request.
99 * @param identity the identity to verify 104 * @param identity the identity to verify
100 * @param return_to the return_to url to pass with the request 105 * @param return_to the return_to url to pass with the request
101 * @param trust_root the trust root to advertise with the request 106 * @param trust_root the trust root to advertise with the request
102 * @param ext pointer to an extension(s) hooks object 107 * @param ext pointer to an extension(s) hooks object
103 * @return the location string 108 * @return the location string
104 * @throw exception in case of error 109 * @throw exception in case of error
105 */ 110 */
106 virtual string checkid_immediate(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); 111 virtual string checkid_immediate(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0);
107 /** 112 /**
108 * prepare the parameters for the checkid_setup 113 * prepare the parameters for the checkid_setup
109 * request. 114 * request.
110 * @param identity the identity to verify 115 * @param identity the identity to verify
111 * @param return_to the return_to url to pass with the request 116 * @param return_to the return_to url to pass with the request
112 * @param trust_root the trust root to advertise with the request 117 * @param trust_root the trust root to advertise with the request
113 * @param ext pointer to an extension(s) hooks object 118 * @param ext pointer to an extension(s) hooks object
114 * @return the location string 119 * @return the location string
115 * @throw exception in case of error 120 * @throw exception in case of error
116 */ 121 */
117 virtual string checkid_setup(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); 122 virtual string checkid_setup(const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0);
118 /** 123 /**
119 * the actual implementation behind checkid_immediate() and 124 * the actual implementation behind checkid_immediate() and
120 * checkid_setup() functions. 125 * checkid_setup() functions.
121 * @param mode checkid_* mode - either mode_checkid_immediate or mode_checkid_setup 126 * @param mode checkid_* mode - either mode_checkid_immediate or mode_checkid_setup
122 * @param identity the identity to verify 127 * @param identity the identity to verify
123 * @param return_to the return_to url to pass with the request 128 * @param return_to the return_to url to pass with the request
124 * @param trust_root the trust root to advertise with the request 129 * @param trust_root the trust root to advertise with the request
125 * @param ext pointer to an extension(s) hooks object 130 * @param ext pointer to an extension(s) hooks object
126 * @return the location string 131 * @return the location string
127 * @throw exception in case of error 132 * @throw exception in case of error
128 */ 133 */
129 virtual string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0); 134 virtual string checkid_(mode_t mode,const string& identity,const string& return_to,const string& trust_root="",extension_t *ext=0);
130 /** 135 /**
131 * verify the id_res response 136 * verify the id_res response
132 * @param pin the response parameters 137 * @param pin the response parameters
133 * @param identity the identity being checked (if not specified, 138 * @param identity the identity being checked (if not specified,
134 * @param ext pointer to an extension(s) hooks object 139 * @param ext pointer to an extension(s) hooks object
135 * extracted from the openid.identity parameter 140 * extracted from the openid.identity parameter
136 * @throw id_res_mismatch in case of signature mismatch 141 * @throw id_res_mismatch in case of signature mismatch
137 * @throw id_res_setup in case of openid.user_setup_url failure 142 * @throw id_res_setup in case of openid.user_setup_url failure
138 * (supposedly checkid_immediate only) 143 * (supposedly checkid_immediate only)
139 * @throw id_res_failed in case of failure 144 * @throw id_res_failed in case of failure
145 * @throw id_res_expired_on_delivery if the association expired before it could've been verified
140 * @throw exception in case of other failures 146 * @throw exception in case of other failures
141 */ 147 */
142 virtual void id_res(const params_t& pin,const string& identity="",extension_t *ext=0); 148 virtual void id_res(const params_t& pin,const string& identity="",extension_t *ext=0);
143 /** 149 /**
144 * perform a check_authentication request. 150 * perform a check_authentication request.
145 * @param server the OpenID server 151 * @param server the OpenID server
146 * @param p request parameters 152 * @param p request parameters
147 */ 153 */
148 void check_authentication(const string& server,const params_t& p); 154 void check_authentication(const string& server,const params_t& p);
149 155
150 /** 156 /**
151 * normalize URL by adding http:// and trailing slash if needed. 157 * normalize URL by adding http:// and trailing slash if needed.
152 * @param url 158 * @param url
153 * @return normalized url 159 * @return normalized url
154 */ 160 */
155 static string normalize(const string& url); 161 static string normalize(const string& url);
156 162
157 /** 163 /**
158 * Canonicalize URL, by normalizing its appearance and following redirects. 164 * Canonicalize URL, by normalizing its appearance and following redirects.
159 * @param url 165 * @param url
160 * @return canonicalized url 166 * @return canonicalized url
161 */ 167 */
162 virtual string canonicalize(const string& url); 168 virtual string canonicalize(const string& url);
163 169
164 }; 170 };
165 171
166} 172}
167 173
168#endif /* __OPKELE_CONSUMER_H */ 174#endif /* __OPKELE_CONSUMER_H */
diff --git a/include/opkele/exception.h b/include/opkele/exception.h
index 753a818..2ff44b7 100644
--- a/include/opkele/exception.h
+++ b/include/opkele/exception.h
@@ -77,150 +77,159 @@ namespace opkele {
77 exception(const string& w) 77 exception(const string& w)
78 : _what(w) { } 78 : _what(w) { }
79 virtual ~exception() throw(); 79 virtual ~exception() throw();
80 virtual const char * what() const throw(); 80 virtual const char * what() const throw();
81# endif /* OPKELE_HAVE_KONFORKA */ 81# endif /* OPKELE_HAVE_KONFORKA */
82 }; 82 };
83 83
84 /** 84 /**
85 * thrown in case of failed conversion 85 * thrown in case of failed conversion
86 */ 86 */
87 class failed_conversion : public exception { 87 class failed_conversion : public exception {
88 public: 88 public:
89 failed_conversion(OPKELE_E_PARS) 89 failed_conversion(OPKELE_E_PARS)
90 : exception(OPKELE_E_CONS) { } 90 : exception(OPKELE_E_CONS) { }
91 }; 91 };
92 /** 92 /**
93 * thrown in case of failed lookup (either parameter or persistent store) 93 * thrown in case of failed lookup (either parameter or persistent store)
94 */ 94 */
95 class failed_lookup : public exception { 95 class failed_lookup : public exception {
96 public: 96 public:
97 failed_lookup(OPKELE_E_PARS) 97 failed_lookup(OPKELE_E_PARS)
98 : exception(OPKELE_E_CONS) { } 98 : exception(OPKELE_E_CONS) { }
99 }; 99 };
100 /** 100 /**
101 * thrown in case of bad input (either local or network) 101 * thrown in case of bad input (either local or network)
102 */ 102 */
103 class bad_input : public exception { 103 class bad_input : public exception {
104 public: 104 public:
105 bad_input(OPKELE_E_PARS) 105 bad_input(OPKELE_E_PARS)
106 : exception(OPKELE_E_CONS) { } 106 : exception(OPKELE_E_CONS) { }
107 }; 107 };
108 108
109 /** 109 /**
110 * thrown on failed assertion 110 * thrown on failed assertion
111 */ 111 */
112 class failed_assertion : public exception { 112 class failed_assertion : public exception {
113 public: 113 public:
114 failed_assertion(OPKELE_E_PARS) 114 failed_assertion(OPKELE_E_PARS)
115 : exception(OPKELE_E_CONS) { } 115 : exception(OPKELE_E_CONS) { }
116 }; 116 };
117 117
118 /** 118 /**
119 * thrown if the handle being retrieved is invalid 119 * thrown if the handle being retrieved is invalid
120 */ 120 */
121 class invalid_handle : public exception { 121 class invalid_handle : public exception {
122 public: 122 public:
123 invalid_handle(OPKELE_E_PARS) 123 invalid_handle(OPKELE_E_PARS)
124 : exception(OPKELE_E_CONS) { } 124 : exception(OPKELE_E_CONS) { }
125 }; 125 };
126 /** 126 /**
127 * thrown if the handle passed to check_authentication request is not 127 * thrown if the handle passed to check_authentication request is not
128 * stateless 128 * stateless
129 */ 129 */
130 class stateful_handle : public exception { 130 class stateful_handle : public exception {
131 public: 131 public:
132 stateful_handle(OPKELE_E_PARS) 132 stateful_handle(OPKELE_E_PARS)
133 : exception(OPKELE_E_CONS) { } 133 : exception(OPKELE_E_CONS) { }
134 }; 134 };
135 135
136 /** 136 /**
137 * thrown if check_authentication request fails 137 * thrown if check_authentication request fails
138 */ 138 */
139 class failed_check_authentication : public exception { 139 class failed_check_authentication : public exception {
140 public: 140 public:
141 failed_check_authentication(OPKELE_E_PARS) 141 failed_check_authentication(OPKELE_E_PARS)
142 : exception(OPKELE_E_CONS) { } 142 : exception(OPKELE_E_CONS) { }
143 }; 143 };
144 144
145 /** 145 /**
146 * thrown if the id_res request result is negative 146 * thrown if the id_res request result is negative
147 */ 147 */
148 class id_res_failed : public exception { 148 class id_res_failed : public exception {
149 public: 149 public:
150 id_res_failed(OPKELE_E_PARS) 150 id_res_failed(OPKELE_E_PARS)
151 : exception(OPKELE_E_CONS) { } 151 : exception(OPKELE_E_CONS) { }
152 }; 152 };
153 /** 153 /**
154 * thrown if the user_setup_url is provided with negative response 154 * thrown if the user_setup_url is provided with negative response
155 */ 155 */
156 class id_res_setup : public id_res_failed { 156 class id_res_setup : public id_res_failed {
157 public: 157 public:
158 string setup_url; 158 string setup_url;
159 id_res_setup(OPKELE_E_PARS,const string& su) 159 id_res_setup(OPKELE_E_PARS,const string& su)
160 : id_res_failed(OPKELE_E_CONS), setup_url(su) { } 160 : id_res_failed(OPKELE_E_CONS), setup_url(su) { }
161 ~id_res_setup() throw() { } 161 ~id_res_setup() throw() { }
162 }; 162 };
163 /** 163 /**
164 * thrown in case of signature mismatch 164 * thrown in case of signature mismatch
165 */ 165 */
166 class id_res_mismatch : public id_res_failed { 166 class id_res_mismatch : public id_res_failed {
167 public: 167 public:
168 id_res_mismatch(OPKELE_E_PARS) 168 id_res_mismatch(OPKELE_E_PARS)
169 : id_res_failed(OPKELE_E_CONS) { } 169 : id_res_failed(OPKELE_E_CONS) { }
170 }; 170 };
171 171
172 /** 172 /**
173 * thrown if the association has expired before it could've been verified.
174 */
175 class id_res_expired_on_delivery : public id_res_failed {
176 public:
177 id_res_expired_on_delivery(OPKELE_E_PARS)
178 : id_res_failed(OPKELE_E_CONS) { }
179 };
180
181 /**
173 * openssl malfunction occured 182 * openssl malfunction occured
174 */ 183 */
175 class exception_openssl : public exception { 184 class exception_openssl : public exception {
176 public: 185 public:
177 unsigned long _error; 186 unsigned long _error;
178 string _ssl_string; 187 string _ssl_string;
179 exception_openssl(OPKELE_E_PARS); 188 exception_openssl(OPKELE_E_PARS);
180 ~exception_openssl() throw() { } 189 ~exception_openssl() throw() { }
181 }; 190 };
182 191
183 /** 192 /**
184 * network operation related error occured 193 * network operation related error occured
185 */ 194 */
186 class exception_network : public exception { 195 class exception_network : public exception {
187 public: 196 public:
188 exception_network(OPKELE_E_PARS) 197 exception_network(OPKELE_E_PARS)
189 : exception(OPKELE_E_CONS) { } 198 : exception(OPKELE_E_CONS) { }
190 }; 199 };
191 200
192 /** 201 /**
193 * network operation related error occured, specifically, related to 202 * network operation related error occured, specifically, related to
194 * libcurl 203 * libcurl
195 */ 204 */
196 class exception_curl : public exception_network { 205 class exception_curl : public exception_network {
197 public: 206 public:
198 CURLcode _error; 207 CURLcode _error;
199 string _curl_string; 208 string _curl_string;
200 exception_curl(OPKELE_E_PARS); 209 exception_curl(OPKELE_E_PARS);
201 exception_curl(OPKELE_E_PARS,CURLcode e); 210 exception_curl(OPKELE_E_PARS,CURLcode e);
202 ~exception_curl() throw() { } 211 ~exception_curl() throw() { }
203 }; 212 };
204 213
205 /** 214 /**
206 * not implemented (think pure virtual) member function executed, signfies 215 * not implemented (think pure virtual) member function executed, signfies
207 * programmer error 216 * programmer error
208 */ 217 */
209 class not_implemented : public exception { 218 class not_implemented : public exception {
210 public: 219 public:
211 not_implemented(OPKELE_E_PARS) 220 not_implemented(OPKELE_E_PARS)
212 : exception(OPKELE_E_CONS) { } 221 : exception(OPKELE_E_CONS) { }
213 }; 222 };
214 223
215 /** 224 /**
216 * internal error, indicates internal libopkele problem 225 * internal error, indicates internal libopkele problem
217 */ 226 */
218 class internal_error : public exception { 227 class internal_error : public exception {
219 public: 228 public:
220 internal_error(OPKELE_E_PARS) 229 internal_error(OPKELE_E_PARS)
221 : exception(OPKELE_E_CONS) { } 230 : exception(OPKELE_E_CONS) { }
222 }; 231 };
223 232
224} 233}
225 234
226#endif /* __OPKELE_EXCEPTION_H */ 235#endif /* __OPKELE_EXCEPTION_H */