basic_RP: add methods for accessing identity information passed from OP.

Signed-off-by: Michael Krelin <hacker@klever.net>

1 files changed, 27 insertions, 2 deletions

diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc
index e65d9fb..3357d0b 100644
--- a/lib/basic_rp.cc
+++ b/lib/basic_rp.cc
@@ -10,2 +10,3 @@
 #include <opkele/curl.h>
+#include <opkele/debug.h>
 
@@ -13,2 +14,20 @@ namespace opkele {
 
+    void basic_RP::reset_vars() {
+	claimed_id.clear(); identity.clear();
+    }
+
+    const string& basic_RP::get_claimed_id() const {
+	if(claimed_id.empty())
+	    throw non_identity(OPKELE_CP_ "attempting to retreive claimed_id of non-identity assertion");
+	assert(!identity.empty());
+	return claimed_id;
+    }
+
+    const string& basic_RP::get_identity() const {
+	if(identity.empty())
+	    throw non_identity(OPKELE_CP_ "attempting to retrieve identity of non-identity related assertion");
+	assert(!claimed_id.empty());
+	return identity;
+    }
+
     static void dh_get_secret(
@@ -198,2 +217,3 @@ namespace opkele {
     void basic_RP::id_res(const basic_openid_message& om,extension_t *ext) {
+	reset_vars();
 	bool o2 = om.has_field("ns")
@@ -273,8 +293,13 @@ namespace opkele {
 	    if(om.has_field("claimed_id")) {
+		claimed_id = om.get_field("claimed_id");
+		identity = om.get_field("identity");
 		verify_OP(
 			om.get_field("op_endpoint"),
-			om.get_field("claimed_id"),
-			om.get_field("identity") );
+			claimed_id, identity );
 	    }
 
+	}else{
+	    claimed_id = get_endpoint().claimed_id;
+	    /* TODO: check if this is the identity we asked for */
+	    identity = om.get_field("identity");
 	}