reworked extensions framework

* changed {checkid,id_res}_hook to {rp,op}_{checkid,id_res}_hook * deprecated older hooks, although implemented it in sreg and chain extensions * added extension processing to basic_op * added sreg to test OP Signed-off-by: Michael Krelin <hacker@klever.net>
author: Michael Krelin <hacker@klever.net> 2008-02-04 22:39:59 (UTC)
committer: Michael Krelin <hacker@klever.net> 2008-02-04 22:39:59 (UTC)
commit: 9163a26ec8839a31df888920418280a62ebc5595 (patch) (unidiff)
tree: 55339b4ecf0a3f24817eb5cc1b0b24f831ac895b /lib/basic_rp.cc
parent: c0eeee1cfd41d0f5f6ff6ac3d6fe021421376a69 (diff)
download: libopkele-9163a26ec8839a31df888920418280a62ebc5595.zip
libopkele-9163a26ec8839a31df888920418280a62ebc5595.tar.gz
libopkele-9163a26ec8839a31df888920418280a62ebc5595.tar.bz2
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc
index a884583..bd45d99 100644
--- a/lib/basic_rp.cc
+++ b/lib/basic_rp.cc
@@ -108,49 +108,49 @@ namespace opkele {
            rv.set_field("mode","checkid_immediate");
        else if(mode==mode_checkid_setup)
            rv.set_field("mode","checkid_setup");
        else
            throw bad_input(OPKELE_CP_ "unknown checkid_* mode");
        if(realm.empty() && return_to.empty())
            throw bad_input(OPKELE_CP_ "At least one of realm and return_to must be non-empty");
        if(!realm.empty()) {
            rv.set_field("realm",realm);
            rv.set_field("trust_root",realm);
        }
        if(!return_to.empty())
            rv.set_field("return_to",return_to);
        const openid_endpoint_t& ep = get_endpoint();
        rv.set_field("claimed_id",ep.claimed_id);
        rv.set_field("identity",ep.local_id);
        try {
            rv.set_field("assoc_handle",find_assoc(ep.uri)->handle());
        }catch(dumb_RP& drp) {
        }catch(failed_lookup& fl) {
            try {
                rv.set_field("assoc_handle",associate(ep.uri)->handle());
            }catch(dumb_RP& drp) { }
        } OPKELE_RETHROW
-        if(ext) ext->checkid_hook(rv);
+        if(ext) ext->rp_checkid_hook(rv);
        return rv;
    }
    class signed_part_message_proxy : public basic_openid_message {
        public:
            const basic_openid_message& x;
            set<string> signeds;
            signed_part_message_proxy(const basic_openid_message& xx) : x(xx) {
                const string& slist = x.get_field("signed");
                string::size_type p = 0;
                while(true) {
                    string::size_type co = slist.find(',',p);
                    string f = (co==string::npos)
                        ?slist.substr(p):slist.substr(p,co-p);
                    signeds.insert(f);
                    if(co==string::npos) break;
                    p = co+1;
                }
            }
            bool has_field(const string& n) const {
                return signeds.find(n)!=signeds.end() && x.has_field(n); }
            const string& get_field(const string& n) const {
@@ -254,44 +254,44 @@ namespace opkele {
            if(
                    ((tq==string::npos)?turl:turl.substr(0,tq))
                    !=
                    ((rq==string::npos)?rurl:rurl.substr(0,rq))
              )
                throw id_res_bad_return_to(OPKELE_CP_ "return_to url doesn't match request url");
            map<string,string> tp; parse_query(turl,tq,tp);
            map<string,string> rp; parse_query(rurl,rq,rp);
            for(map<string,string>::const_iterator rpi=rp.begin();rpi!=rp.end();++rpi) {
                map<string,string>::const_iterator tpi = tp.find(rpi->first);
                if(tpi==tp.end())
                    throw id_res_bad_return_to(OPKELE_CP_ string("Parameter '")+rpi->first+"' from return_to is missing from the request");
                if(tpi->second!=rpi->second)
                    throw id_res_bad_return_to(OPKELE_CP_ string("Parameter '")+rpi->first+"' from return_to doesn't matche the request");
            }
            if(om.has_field("claimed_id")) {
                verify_OP(
                        om.get_field("op_endpoint"),
                        om.get_field("claimed_id"),
                        om.get_field("identity") );
            }
        }
-        if(ext) ext->id_res_hook(om,signeds);
+        if(ext) ext->rp_id_res_hook(om,signeds);
    }
    void basic_RP::check_authentication(const string& OP,
            const basic_openid_message& om){
        openid_message_t res;
        static const string checkauthmode = "check_authentication";
        direct_request(res,util::change_mode_message_proxy(om,checkauthmode),OP);
        if(res.has_field("is_valid")) {
            if(res.get_field("is_valid")=="true") {
                if(res.has_field("invalidate_handle"))
                    invalidate_assoc(OP,res.get_field("invalidate_handle"));
                return;
            }
        }
        throw failed_check_authentication(
                OPKELE_CP_ "failed to verify response");
    }
 }
author	Michael Krelin <hacker@klever.net>	2008-02-04 22:39:59 (UTC)
committer	Michael Krelin <hacker@klever.net>	2008-02-04 22:39:59 (UTC)
commit	9163a26ec8839a31df888920418280a62ebc5595 (patch) (unidiff)
tree	55339b4ecf0a3f24817eb5cc1b0b24f831ac895b /lib/basic_rp.cc
parent	c0eeee1cfd41d0f5f6ff6ac3d6fe021421376a69 (diff)
download	libopkele-9163a26ec8839a31df888920418280a62ebc5595.zip libopkele-9163a26ec8839a31df888920418280a62ebc5595.tar.gz libopkele-9163a26ec8839a31df888920418280a62ebc5595.tar.bz2

diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc index a884583..bd45d99 100644 --- a/lib/basic_rp.cc +++ b/lib/basic_rp.cc
@@ -108,49 +108,49 @@ namespace opkele {
108	rv.set_field("mode","checkid_immediate");	108	rv.set_field("mode","checkid_immediate");
109	else if(mode==mode_checkid_setup)	109	else if(mode==mode_checkid_setup)
110	rv.set_field("mode","checkid_setup");	110	rv.set_field("mode","checkid_setup");
111	else	111	else
112	throw bad_input(OPKELE_CP_ "unknown checkid_* mode");	112	throw bad_input(OPKELE_CP_ "unknown checkid_* mode");
113	if(realm.empty() && return_to.empty())	113	if(realm.empty() && return_to.empty())
114	throw bad_input(OPKELE_CP_ "At least one of realm and return_to must be non-empty");	114	throw bad_input(OPKELE_CP_ "At least one of realm and return_to must be non-empty");
115	if(!realm.empty()) {	115	if(!realm.empty()) {
116	rv.set_field("realm",realm);	116	rv.set_field("realm",realm);
117	rv.set_field("trust_root",realm);	117	rv.set_field("trust_root",realm);
118	}	118	}
119	if(!return_to.empty())	119	if(!return_to.empty())
120	rv.set_field("return_to",return_to);	120	rv.set_field("return_to",return_to);
121	const openid_endpoint_t& ep = get_endpoint();	121	const openid_endpoint_t& ep = get_endpoint();
122	rv.set_field("claimed_id",ep.claimed_id);	122	rv.set_field("claimed_id",ep.claimed_id);
123	rv.set_field("identity",ep.local_id);	123	rv.set_field("identity",ep.local_id);
124	try {	124	try {
125	rv.set_field("assoc_handle",find_assoc(ep.uri)->handle());	125	rv.set_field("assoc_handle",find_assoc(ep.uri)->handle());
126	}catch(dumb_RP& drp) {	126	}catch(dumb_RP& drp) {
127	}catch(failed_lookup& fl) {	127	}catch(failed_lookup& fl) {
128	try {	128	try {
129	rv.set_field("assoc_handle",associate(ep.uri)->handle());	129	rv.set_field("assoc_handle",associate(ep.uri)->handle());
130	}catch(dumb_RP& drp) { }	130	}catch(dumb_RP& drp) { }
131	} OPKELE_RETHROW	131	} OPKELE_RETHROW
132	if(ext) ext->checkid_hook(rv);	132	if(ext) ext->rp_checkid_hook(rv);
133	return rv;	133	return rv;
134	}	134	}
135		135
136	class signed_part_message_proxy : public basic_openid_message {	136	class signed_part_message_proxy : public basic_openid_message {
137	public:	137	public:
138	const basic_openid_message& x;	138	const basic_openid_message& x;
139	set<string> signeds;	139	set<string> signeds;
140		140
141	signed_part_message_proxy(const basic_openid_message& xx) : x(xx) {	141	signed_part_message_proxy(const basic_openid_message& xx) : x(xx) {
142	const string& slist = x.get_field("signed");	142	const string& slist = x.get_field("signed");
143	string::size_type p = 0;	143	string::size_type p = 0;
144	while(true) {	144	while(true) {
145	string::size_type co = slist.find(',',p);	145	string::size_type co = slist.find(',',p);
146	string f = (co==string::npos)	146	string f = (co==string::npos)
147	?slist.substr(p):slist.substr(p,co-p);	147	?slist.substr(p):slist.substr(p,co-p);
148	signeds.insert(f);	148	signeds.insert(f);
149	if(co==string::npos) break;	149	if(co==string::npos) break;
150	p = co+1;	150	p = co+1;
151	}	151	}
152	}	152	}
153		153
154	bool has_field(const string& n) const {	154	bool has_field(const string& n) const {
155	return signeds.find(n)!=signeds.end() && x.has_field(n); }	155	return signeds.find(n)!=signeds.end() && x.has_field(n); }
156	const string& get_field(const string& n) const {	156	const string& get_field(const string& n) const {
@@ -254,44 +254,44 @@ namespace opkele {
254	if(	254	if(
255	((tq==string::npos)?turl:turl.substr(0,tq))	255	((tq==string::npos)?turl:turl.substr(0,tq))
256	!=	256	!=
257	((rq==string::npos)?rurl:rurl.substr(0,rq))	257	((rq==string::npos)?rurl:rurl.substr(0,rq))
258	)	258	)
259	throw id_res_bad_return_to(OPKELE_CP_ "return_to url doesn't match request url");	259	throw id_res_bad_return_to(OPKELE_CP_ "return_to url doesn't match request url");
260	map<string,string> tp; parse_query(turl,tq,tp);	260	map<string,string> tp; parse_query(turl,tq,tp);
261	map<string,string> rp; parse_query(rurl,rq,rp);	261	map<string,string> rp; parse_query(rurl,rq,rp);
262	for(map<string,string>::const_iterator rpi=rp.begin();rpi!=rp.end();++rpi) {	262	for(map<string,string>::const_iterator rpi=rp.begin();rpi!=rp.end();++rpi) {
263	map<string,string>::const_iterator tpi = tp.find(rpi->first);	263	map<string,string>::const_iterator tpi = tp.find(rpi->first);
264	if(tpi==tp.end())	264	if(tpi==tp.end())
265	throw id_res_bad_return_to(OPKELE_CP_ string("Parameter '")+rpi->first+"' from return_to is missing from the request");	265	throw id_res_bad_return_to(OPKELE_CP_ string("Parameter '")+rpi->first+"' from return_to is missing from the request");
266	if(tpi->second!=rpi->second)	266	if(tpi->second!=rpi->second)
267	throw id_res_bad_return_to(OPKELE_CP_ string("Parameter '")+rpi->first+"' from return_to doesn't matche the request");	267	throw id_res_bad_return_to(OPKELE_CP_ string("Parameter '")+rpi->first+"' from return_to doesn't matche the request");
268	}	268	}
269		269
270	if(om.has_field("claimed_id")) {	270	if(om.has_field("claimed_id")) {
271	verify_OP(	271	verify_OP(
272	om.get_field("op_endpoint"),	272	om.get_field("op_endpoint"),
273	om.get_field("claimed_id"),	273	om.get_field("claimed_id"),
274	om.get_field("identity") );	274	om.get_field("identity") );
275	}	275	}
276		276
277	}	277	}
278	if(ext) ext->id_res_hook(om,signeds);	278	if(ext) ext->rp_id_res_hook(om,signeds);
279	}	279	}
280		280
281	void basic_RP::check_authentication(const string& OP,	281	void basic_RP::check_authentication(const string& OP,
282	const basic_openid_message& om){	282	const basic_openid_message& om){
283	openid_message_t res;	283	openid_message_t res;
284	static const string checkauthmode = "check_authentication";	284	static const string checkauthmode = "check_authentication";
285	direct_request(res,util::change_mode_message_proxy(om,checkauthmode),OP);	285	direct_request(res,util::change_mode_message_proxy(om,checkauthmode),OP);
286	if(res.has_field("is_valid")) {	286	if(res.has_field("is_valid")) {
287	if(res.get_field("is_valid")=="true") {	287	if(res.get_field("is_valid")=="true") {
288	if(res.has_field("invalidate_handle"))	288	if(res.has_field("invalidate_handle"))
289	invalidate_assoc(OP,res.get_field("invalidate_handle"));	289	invalidate_assoc(OP,res.get_field("invalidate_handle"));
290	return;	290	return;
291	}	291	}
292	}	292	}
293	throw failed_check_authentication(	293	throw failed_check_authentication(
294	OPKELE_CP_ "failed to verify response");	294	OPKELE_CP_ "failed to verify response");
295	}	295	}
296		296
297	}	297	}