associations robustness improvements and documentation updates

author: Michael Krelin <hacker@klever.net> 2007-08-09 11:23:36 (UTC)
committer: Michael Krelin <hacker@klever.net> 2007-08-09 11:23:36 (UTC)
commit: 65bab7c9f984d6fe45ce72e7db014c40eba4d240 (patch) (unidiff)
tree: 28c4791aea6b7dc404ad0d27050c34f447a84314 /lib/consumer.cc
parent: 1f347795ef5eba50892fd777c173a2a6db1755f2 (diff)
download: libopkele-65bab7c9f984d6fe45ce72e7db014c40eba4d240.zip
libopkele-65bab7c9f984d6fe45ce72e7db014c40eba4d240.tar.gz
libopkele-65bab7c9f984d6fe45ce72e7db014c40eba4d240.tar.bz2
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/consumer.cc b/lib/consumer.cc
index dd8e150..af309c1 100644
--- a/lib/consumer.cc
+++ b/lib/consumer.cc
@@ -135,41 +135,45 @@ namespace opkele {
            p["mode"]="checkid_setup";
        else
            throw bad_input(OPKELE_CP_ "unknown checkid_* mode");
        string iurl = canonicalize(identity);
        string server, delegate;
        retrieve_links(iurl,server,delegate);
        p["identity"] = delegate.empty()?iurl:delegate;
        if(!trust_root.empty())
            p["trust_root"] = trust_root;
        p["return_to"] = return_to;
        try {
            string ah = find_assoc(server)->handle();
+            if(ah->is_expired()) /* TODO: or should I throw some other exception to force programmer fix his implementation? */
+                throw failed_lookup(OPKELE_CP_ "find_assoc() has returned expired handle");
            p["assoc_handle"] = ah;
        }catch(failed_lookup& fl) {
            string ah = associate(server)->handle();
            p["assoc_handle"] = ah;
        }
        if(ext) ext->checkid_hook(p,identity);
        return p.append_query(server);
    }
    void consumer_t::id_res(const params_t& pin,const string& identity,extension_t *ext) {
        if(pin.has_param("openid.user_setup_url"))
            throw id_res_setup(OPKELE_CP_ "assertion failed, setup url provided",pin.get_param("openid.user_setup_url"));
        string server,delegate;
        retrieve_links(identity.empty()?pin.get_param("openid.identity"):canonicalize(identity),server,delegate);
        params_t ps;
        try {
            assoc_t assoc = retrieve_assoc(server,pin.get_param("openid.assoc_handle"));
+            if(assoc->is_expired()) /* TODO: or should I throw some other exception to force programmer fix his implementation? */
+                throw failed_lookup(OPKELE_CP_ "retrieve_assoc() has returned expired handle");
            const string& sigenc = pin.get_param("openid.sig");
            vector<unsigned char> sig;
            util::decode_base64(sigenc,sig);
            const string& slist = pin.get_param("openid.signed");
            string kv;
            string::size_type p = 0;
            while(true) {
                string::size_type co = slist.find(',',p);
                string f = (co==string::npos)?slist.substr(p):slist.substr(p,co-p);
                kv += f;
                kv += ':';
                f.insert(0,"openid.");
author	Michael Krelin <hacker@klever.net>	2007-08-09 11:23:36 (UTC)
committer	Michael Krelin <hacker@klever.net>	2007-08-09 11:23:36 (UTC)
commit	65bab7c9f984d6fe45ce72e7db014c40eba4d240 (patch) (unidiff)
tree	28c4791aea6b7dc404ad0d27050c34f447a84314 /lib/consumer.cc
parent	1f347795ef5eba50892fd777c173a2a6db1755f2 (diff)
download	libopkele-65bab7c9f984d6fe45ce72e7db014c40eba4d240.zip libopkele-65bab7c9f984d6fe45ce72e7db014c40eba4d240.tar.gz libopkele-65bab7c9f984d6fe45ce72e7db014c40eba4d240.tar.bz2