| author | Michael Krelin <hacker@klever.net> | 2008-11-23 00:43:59 (UTC) |
|---|---|---|
| committer | Michael Krelin <hacker@klever.net> | 2009-04-11 15:08:59 (UTC) |
| commit | 381bfb49bfbfc569e6b5aa8e58a933de4397b053 (patch) (unidiff) | |
| tree | 19f5d884250e83f43094d8bf64b52704417ff265 /lib | |
| parent | a5804c83e1ff21fcbf3acb8b1ff952b8dc94adc1 (diff) | |
| download | libopkele-381bfb49bfbfc569e6b5aa8e58a933de4397b053.zip libopkele-381bfb49bfbfc569e6b5aa8e58a933de4397b053.tar.gz libopkele-381bfb49bfbfc569e6b5aa8e58a933de4397b053.tar.bz2 | |
workaround for livejournal.com breaking specs
just don't treat those who supply empty op_endpoint as OpenID 2.0 providers
Signed-off-by: Michael Krelin <hacker@klever.net>
| -rw-r--r-- | lib/basic_rp.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc index 3cad71c..8125aa7 100644 --- a/lib/basic_rp.cc +++ b/lib/basic_rp.cc | |||
| @@ -205,33 +205,33 @@ namespace opkele { | |||
| 205 | } | 205 | } |
| 206 | break; | 206 | break; |
| 207 | }else{ | 207 | }else{ |
| 208 | if(eq==string::npos || eq>am) { | 208 | if(eq==string::npos || eq>am) { |
| 209 | p[""] = u.substr(q,eq-q); | 209 | p[""] = u.substr(q,eq-q); |
| 210 | }else{ | 210 | }else{ |
| 211 | p[u.substr(q,eq-q)] = u.substr(eq+1,am-eq-1); | 211 | p[u.substr(q,eq-q)] = u.substr(eq+1,am-eq-1); |
| 212 | } | 212 | } |
| 213 | q = ++am; | 213 | q = ++am; |
| 214 | } | 214 | } |
| 215 | } | 215 | } |
| 216 | } | 216 | } |
| 217 | 217 | ||
| 218 | void basic_RP::id_res(const basic_openid_message& om,extension_t *ext) { | 218 | void basic_RP::id_res(const basic_openid_message& om,extension_t *ext) { |
| 219 | reset_vars(); | 219 | reset_vars(); |
| 220 | bool o2 = om.has_field("ns") | 220 | bool o2 = om.has_field("ns") |
| 221 | && om.get_field("ns")==OIURI_OPENID20; | 221 | && om.get_field("ns")==OIURI_OPENID20 && !om.get_field("op_endpoint").empty(); |
| 222 | if( (!o2) && om.has_field("user_setup_url")) | 222 | if( (!o2) && om.has_field("user_setup_url")) |
| 223 | throw id_res_setup(OPKELE_CP_ "assertion failed, setup url provided", | 223 | throw id_res_setup(OPKELE_CP_ "assertion failed, setup url provided", |
| 224 | om.get_field("user_setup_url")); | 224 | om.get_field("user_setup_url")); |
| 225 | string m = om.get_field("mode"); | 225 | string m = om.get_field("mode"); |
| 226 | if(o2 && m=="setup_needed") | 226 | if(o2 && m=="setup_needed") |
| 227 | throw id_res_setup(OPKELE_CP_ "setup needed, no setup url provided"); | 227 | throw id_res_setup(OPKELE_CP_ "setup needed, no setup url provided"); |
| 228 | if(m=="cancel") | 228 | if(m=="cancel") |
| 229 | throw id_res_cancel(OPKELE_CP_ "authentication cancelled"); | 229 | throw id_res_cancel(OPKELE_CP_ "authentication cancelled"); |
| 230 | bool go_dumb=false; | 230 | bool go_dumb=false; |
| 231 | try { | 231 | try { |
| 232 | string OP = o2 | 232 | string OP = o2 |
| 233 | ?om.get_field("op_endpoint") | 233 | ?om.get_field("op_endpoint") |
| 234 | :get_endpoint().uri; | 234 | :get_endpoint().uri; |
| 235 | assoc_t assoc = retrieve_assoc( | 235 | assoc_t assoc = retrieve_assoc( |
| 236 | OP,om.get_field("assoc_handle")); | 236 | OP,om.get_field("assoc_handle")); |
| 237 | if(om.get_field("sig")!=util::base64_signature(assoc,om)) | 237 | if(om.get_field("sig")!=util::base64_signature(assoc,om)) |