summaryrefslogtreecommitdiffabout
path: root/lib
authorMichael Krelin <hacker@klever.net>2007-12-09 17:22:06 (UTC)
committer Michael Krelin <hacker@klever.net>2007-12-09 22:08:24 (UTC)
commitc34adc6e274c3dbb63af99ca566000e7d218244c (patch) (unidiff)
tree705624c208deb4eaf8d07c119a883e6f4f35236e /lib
parent60fdaff7888b455b4d07eadc905cefd20f1ddd3c (diff)
downloadlibopkele-c34adc6e274c3dbb63af99ca566000e7d218244c.zip
libopkele-c34adc6e274c3dbb63af99ca566000e7d218244c.tar.gz
libopkele-c34adc6e274c3dbb63af99ca566000e7d218244c.tar.bz2
reworked identity resolution and service discovery
The discovery, which does both XRDS-based (Yadis, XRI, for XRI, using proxy) and HTML-based search, now returns results in opkele:idiscovery_t structure. It uses expat-based parser idigger_t, which itself is not exposed via any header files, but hidden in lib/discovery.cc, the discovery testing program is renamed from openid_resolve to idiscover. Signed-off-by: Michael Krelin <hacker@klever.net>
Diffstat (limited to 'lib') (more/less context) (ignore whitespace changes)
-rw-r--r--lib/Makefile.am2
-rw-r--r--lib/discovery.cc375
-rw-r--r--lib/openid_service_resolver.cc298
-rw-r--r--lib/util.cc22
4 files changed, 388 insertions, 309 deletions
diff --git a/lib/Makefile.am b/lib/Makefile.am
index b278faf..185411f 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -25,6 +25,6 @@ libopkele_la_SOURCES = \
25 sreg.cc \ 25 sreg.cc \
26 extension_chain.cc \ 26 extension_chain.cc \
27 curl.cc expat.cc \ 27 curl.cc expat.cc \
28 openid_service_resolver.cc 28 discovery.cc
29libopkele_la_LDFLAGS = \ 29libopkele_la_LDFLAGS = \
30 -version-info 2:0:0 30 -version-info 2:0:0
diff --git a/lib/discovery.cc b/lib/discovery.cc
new file mode 100644
index 0000000..a35ce32
--- a/dev/null
+++ b/lib/discovery.cc
@@ -0,0 +1,375 @@
1#include <iostream>
2using namespace std;
3#include <list>
4#include <opkele/curl.h>
5#include <opkele/expat.h>
6#include <opkele/uris.h>
7#include <opkele/discovery.h>
8#include <opkele/exception.h>
9#include <opkele/util.h>
10
11#include "config.h"
12
13#define XRDS_HEADER "X-XRDS-Location"
14#define CT_HEADER "Content-Type"
15
16namespace opkele {
17 using std::list;
18 using xrd::XRD_t;
19 using xrd::service_t;
20
21 static const char *whitespace = " \t\r\n";
22 static const char *i_leaders = "=@+$!(";
23
24 static inline bool is_qelement(const XML_Char *n,const char *qen) {
25 return !strcasecmp(n,qen);
26 }
27 static inline bool is_element(const XML_Char *n,const char *en) {
28 if(!strcasecmp(n,en)) return true;
29 int nl = strlen(n), enl = strlen(en);
30 if( (nl>=(enl+1)) && n[nl-enl-1]=='\t'
31 && !strcasecmp(&n[nl-enl],en) )
32 return true;
33 return false;
34 }
35
36 static long element_priority(const XML_Char **a) {
37 for(;*a;++a)
38 if(!strcasecmp(*(a++),"priority")) {
39 long rv;
40 return (sscanf(*a,"%ld",&rv)==1)?rv:-1;
41 }
42 return -1;
43 }
44
45 class idigger_t : public util::curl_t, public util::expat_t {
46 public:
47 string xri_proxy;
48
49 enum {
50 xmode_html = 1, xmode_xrd = 2
51 };
52 int xmode;
53
54 string xrds_location;
55 string http_content_type;
56 service_t html_openid1;
57 service_t html_openid2;
58 string cdata_buf;
59 long status_code;
60 string status_string;
61
62 typedef list<string> pt_stack_t;
63 pt_stack_t pt_stack;
64 int skipping;
65
66 XRD_t *xrd;
67 service_t *xrd_service;
68 string* cdata;
69
70 idigger_t()
71 : util::curl_t(easy_init()),
72 util::expat_t(0),
73 xri_proxy(XRI_PROXY_URL) {
74 CURLcode r;
75 (r=misc_sets())
76 || (r=set_write())
77 || (r=set_header())
78 ;
79 if(r)
80 throw exception_curl(OPKELE_CP_ "failed to set curly options",r);
81 }
82 ~idigger_t() throw() { }
83
84 void discover(idiscovery_t& result,const string& identity) {
85 result.clear();
86 string::size_type fsc = identity.find_first_not_of(whitespace);
87 if(fsc==string::npos)
88 throw bad_input(OPKELE_CP_ "whtiespace-only identity");
89 string::size_type lsc = identity.find_last_not_of(whitespace);
90 assert(lsc!=string::npos);
91 if(!strncasecmp(identity.c_str()+fsc,"xri://",sizeof("xri://")-1))
92 fsc += sizeof("xri://")-1;
93 if((fsc+1)>=lsc)
94 throw bad_input(OPKELE_CP_ "not a character of importance in identity");
95 string id(identity,fsc,lsc-fsc+1);
96 if(strchr(i_leaders,id[0])) {
97 result.normalized_id = id;
98 /* TODO: further canonicalize xri identity? Like folding case or whatever... */
99 discover_at(
100 result,
101 xri_proxy + util::url_encode(id)+
102 "?_xrd_r=application/xrd+xml;sep=false", xmode_xrd);
103 if(status_code!=100)
104 throw failed_xri_resolution(OPKELE_CP_
105 "XRI resolution failed with '"+status_string+"' message",status_code);
106 if(result.xrd.canonical_ids.empty())
107 throw opkele::failed_discovery(OPKELE_CP_ "No CanonicalID for XRI identity found");
108 }else{
109 if(id.find("://")==string::npos)
110 id.insert(0,"http://");
111 string::size_type fp = id.find('#');
112 if(fp!=string::npos) {
113 string::size_type qp = id.find('?');
114 if(qp==string::npos || qp<fp)
115 id.erase(fp);
116 else if(qp>fp)
117 id.erase(fp,qp-fp);
118 }
119 result.normalized_id = util::rfc_3986_normalize_uri(id);
120 discover_at(result,id,xmode_html|xmode_xrd);
121 const char * eu = 0;
122 CURLcode r = easy_getinfo(CURLINFO_EFFECTIVE_URL,&eu);
123 if(r)
124 throw exception_curl(OPKELE_CP_ "failed to get CURLINFO_EFFECTIVE_URL",r);
125 result.canonicalized_id = util::rfc_3986_normalize_uri(eu); /* XXX: strip fragment part? */
126 if(xrds_location.empty()) {
127 html2xrd(result.xrd);
128 }else{
129 discover_at(result,xrds_location,xmode_xrd);
130 if(result.xrd.empty())
131 html2xrd(result.xrd);
132 }
133 }
134 }
135
136 void discover_at(idiscovery_t& result,const string& url,int xm) {
137 CURLcode r = easy_setopt(CURLOPT_URL,url.c_str());
138 if(r)
139 throw exception_curl(OPKELE_CP_ "failed to set culry urlie",r);
140
141 (*(expat_t*)this) = parser_create_ns();
142 set_user_data(); set_element_handler();
143 set_character_data_handler();
144
145 xrds_location.clear(); http_content_type.clear();
146 xmode = xm;
147 if(xmode&xmode_html) {
148 xrds_location.clear();
149 html_openid1.clear(); html_openid2.clear();
150 }
151 xrd = &result.xrd;
152 cdata = 0; xrd_service = 0; skipping = 0;
153 status_code = 100; status_string.clear();
154
155 r = easy_perform();
156 if(r && r!=CURLE_WRITE_ERROR)
157 throw exception_curl(OPKELE_CP_ "failed to perform curly request",r);
158
159 parse(0,0,true);
160 }
161
162 void html2xrd(XRD_t& x) {
163 if(!html_openid1.uris.empty()) {
164 html_openid1.types.insert(STURI_OPENID11);
165 x.services.add(-1,html_openid1);
166 }
167 if(!html_openid2.uris.empty()) {
168 html_openid2.types.insert(STURI_OPENID20);
169 x.services.add(-1,html_openid2);
170 }
171 }
172
173 size_t write(void *p,size_t s,size_t nm) {
174 if(skipping<0) return 0;
175 /* TODO: limit total size */
176 size_t bytes = s*nm;
177 parse((const char *)p,bytes,false);
178 return bytes;
179 }
180 size_t header(void *p,size_t s,size_t nm) {
181 size_t bytes = s*nm;
182 const char *h = (const char*)p;
183 const char *colon = (const char*)memchr(p,':',bytes);
184 const char *space = (const char*)memchr(p,' ',bytes);
185 if(space && ( (!colon) || space<colon ) ) {
186 xrds_location.clear(); http_content_type.clear();
187 }else if(colon) {
188 const char *hv = ++colon;
189 int hnl = colon-h;
190 int rb;
191 for(rb = bytes-hnl-1;rb>0 && isspace(*hv);++hv,--rb);
192 while(rb>0 && isspace(hv[rb-1])) --rb;
193 if(rb) {
194 if( (hnl>=sizeof(XRDS_HEADER))
195 && !strncasecmp(h,XRDS_HEADER":",
196 sizeof(XRDS_HEADER)) ) {
197 xrds_location.assign(hv,rb);
198 }else if( (hnl>=sizeof(CT_HEADER))
199 && !strncasecmp(h,CT_HEADER":",
200 sizeof(CT_HEADER)) ) {
201 const char *sc = (const char*)memchr(
202 hv,';',rb);
203 http_content_type.assign(hv,sc?(sc-hv):rb);
204 }
205 }
206 }
207 return curl_t::header(p,s,nm);
208 }
209
210 void start_element(const XML_Char *n,const XML_Char **a) {
211 if(skipping<0) return;
212 if(skipping) {
213 if(xmode&xmode_html)
214 html_start_element(n,a);
215 ++skipping; return;
216 }
217 if(pt_stack.empty()) {
218 if(is_qelement(n,NSURI_XRDS "\tXRDS"))
219 return;
220 if(is_qelement(n,NSURI_XRD "\tXRD")) {
221 assert(xrd);
222 xrd->clear();
223 pt_stack.push_back(n);
224 }else if(xmode&xmode_html) {
225 html_start_element(n,a);
226 }else{
227 skipping = -1;
228 }
229 }else{
230 int pt_s = pt_stack.size();
231 if(pt_s==1) {
232 /* TODO: xrd:XRD/xrd:Expires */
233 if(is_qelement(n,NSURI_XRD "\tCanonicalID")) {
234 assert(xrd);
235 cdata = &(xrd->canonical_ids.add(element_priority(a),string()));
236 }else if(is_qelement(n,NSURI_XRD "\tLocalID")) {
237 assert(xrd);
238 cdata = &(xrd->local_ids.add(element_priority(a),string()));
239 }else if(is_qelement(n,NSURI_XRD "\tService")) {
240 assert(xrd);
241 xrd_service = &(xrd->services.add(element_priority(a),
242 service_t()));
243 pt_stack.push_back(n);
244 }else if(is_qelement(n,NSURI_XRD "\tStatus")) {
245 for(;*a;) {
246 if(!strcasecmp(*(a++),"code")) {
247 if(sscanf(*(a++),"%ld",&status_code)==1 && status_code!=100) {
248 cdata = &status_string;
249 pt_stack.push_back(n);
250 break;
251 }
252 }
253 }
254 }else if(xmode&xmode_html) {
255 html_start_element(n,a);
256 }else{
257 skipping = 1;
258 }
259 }else if(pt_s==2) {
260 if(is_qelement(pt_stack.back().c_str(), NSURI_XRD "\tService")) {
261 if(is_qelement(n,NSURI_XRD "\tType")) {
262 assert(xrd); assert(xrd_service);
263 cdata_buf.clear();
264 cdata = &cdata_buf;
265 }else if(is_qelement(n,NSURI_XRD "\tURI")) {
266 assert(xrd); assert(xrd_service);
267 cdata = &(xrd_service->uris.add(element_priority(a),string()));
268 }else if(is_qelement(n,NSURI_XRD "\tLocalID")
269 || is_qelement(n,NSURI_OPENID10 "\tDelegate") ) {
270 assert(xrd); assert(xrd_service);
271 cdata = &(xrd_service->uris.add(element_priority(a),string()));
272 }else{
273 skipping = 1;
274 }
275 }else
276 skipping = 1;
277 }else if(xmode&xmode_html) {
278 html_start_element(n,a);
279 }else{
280 skipping = 1;
281 }
282 }
283 }
284 void end_element(const XML_Char *n) {
285 if(skipping<0) return;
286 if(skipping) {
287 --skipping; return;
288 }
289 if(is_qelement(n,NSURI_XRD "\tType")) {
290 assert(xrd); assert(xrd_service); assert(cdata==&cdata_buf);
291 xrd_service->types.insert(cdata_buf);
292 }else if(is_qelement(n,NSURI_XRD "\tService")) {
293 assert(xrd); assert(xrd_service);
294 assert(!pt_stack.empty());
295 assert(pt_stack.back()==(NSURI_XRD "\tService"));
296 pt_stack.pop_back();
297 xrd_service = 0;
298 }else if(is_qelement(n,NSURI_XRD "\tStatus")) {
299 assert(xrd);
300 if(is_qelement(pt_stack.back().c_str(),n)) {
301 assert(cdata==&status_string);
302 pt_stack.pop_back();
303 if(status_code!=100)
304 skipping = -1;
305 }
306 }else if((xmode&xmode_html) && is_element(n,"head")) {
307 skipping = -1;
308 }
309 cdata = 0;
310 }
311 void character_data(const XML_Char *s,int l) {
312 if(skipping) return;
313 if(cdata) cdata->append(s,l);
314 }
315
316 void html_start_element(const XML_Char *n,const XML_Char **a) {
317 if(is_element(n,"meta")) {
318 bool heq = false;
319 string l;
320 for(;*a;a+=2) {
321 if(!( strcasecmp(a[0],"http-equiv")
322 || strcasecmp(a[1],XRDS_HEADER) ))
323 heq = true;
324 else if(!strcasecmp(a[0],"content"))
325 l.assign(a[1]);
326 }
327 if(heq)
328 xrds_location = l;
329 }else if(is_element(n,"link")) {
330 string rels;
331 string href;
332 for(;*a;a+=2) {
333 if( !strcasecmp(a[0],"rel") ) {
334 rels.assign(a[1]);
335 }else if( !strcasecmp(a[0],"href") ) {
336 const char *ns = a[1];
337 for(;*ns && isspace(*ns);++ns);
338 href.assign(ns);
339 string::size_type lns=href.find_last_not_of(whitespace);
340 href.erase(lns+1);
341 }
342 }
343 for(string::size_type ns=rels.find_first_not_of(whitespace);
344 ns!=string::npos; ns=rels.find_first_not_of(whitespace,ns)) {
345 string::size_type s = rels.find_first_of(whitespace,ns);
346 string rel;
347 if(s==string::npos) {
348 rel.assign(rels,ns,string::npos);
349 ns = string::npos;
350 }else{
351 rel.assign(rels,ns,s-ns);
352 ns = s;
353 }
354 if(rel=="openid.server")
355 html_openid1.uris.add(-1,href);
356 else if(rel=="openid.delegate")
357 html_openid1.local_ids.add(-1,href);
358 else if(rel=="openid2.provider")
359 html_openid2.uris.add(-1,href);
360 else if(rel=="openid2.local_id")
361 html_openid2.local_ids.add(-1,href);
362 }
363 }else if(is_element(n,"body")) {
364 skipping = -1;
365 }
366 }
367
368 };
369
370 void idiscover(idiscovery_t& result,const string& identity) {
371 idigger_t idigger;
372 idigger.discover(result,identity);
373 }
374
375}
diff --git a/lib/openid_service_resolver.cc b/lib/openid_service_resolver.cc
deleted file mode 100644
index 505e5b2..0000000
--- a/lib/openid_service_resolver.cc
+++ b/dev/null
@@ -1,298 +0,0 @@
1#include <cctype>
2#include <opkele/exception.h>
3#include <opkele/util.h>
4#include <opkele/openid_service_resolver.h>
5#include <opkele/uris.h>
6
7#define LOCATION_HEADER "X-XRDS-Location"
8
9namespace opkele {
10 static const char *whitespace = " \t\r\n";
11
12 openid_service_resolver_t::openid_service_resolver_t(const string& xp)
13 : util::curl_t(easy_init()),
14 util::expat_t(0),
15 xri_proxy(xp.empty()?"http://beta.xri.net/":xp)
16 {
17 CURLcode r;
18 (r=misc_sets())
19 || (r=set_write())
20 || (r==set_header())
21 ;
22 if(r)
23 throw opkele::exception_curl(OPKELE_CP_ "failed to set curly options",r);
24 }
25
26 static bool is_element(const XML_Char *n,const char *en) {
27 if(!strcasecmp(n,en)) return true;
28 int nl = strlen(n), enl = strlen(en);
29 if( (nl>=(enl+1)) && n[nl-enl-1]=='\t'
30 && !strcasecmp(&n[nl-enl],en) )
31 return true;
32 return false;
33 }
34 static inline bool is_qelement(const XML_Char *n,const char *qen) {
35 return !strcasecmp(n,qen);
36 }
37 static inline bool is_element(
38 const openid_service_resolver_t::parser_node_t& n,
39 const char *en) {
40 return is_element(n.element.c_str(),en);
41 }
42 static inline bool is_qelement(
43 const openid_service_resolver_t::parser_node_t& n,
44 const char *qen) {
45 return is_qelement(n.element.c_str(),qen);
46 }
47
48 void openid_service_resolver_t::start_element(const XML_Char *n,const XML_Char **a) {
49 if(state!=state_parse) return;
50 tree.push(n,a);
51 parser_node_t& t = tree.top();
52 if(is_element(n,"html") || is_element(n,"head")
53 || is_qelement(n,NSURI_XRDS "\tXRDS")
54 || is_qelement(n,NSURI_XRD "\tXRD") )
55 t.skip_tags = false;
56 else if(is_qelement(n,NSURI_XRD "\tService")
57 || is_qelement(n,NSURI_XRD "\tType")
58 || is_qelement(n,NSURI_XRD "\tURI")
59 || is_qelement(n,NSURI_OPENID10 "\tDelegate")
60 || is_qelement(n,NSURI_XRD "\tCanonicalID") )
61 t.skip_tags = t.skip_text = false;
62 else if(is_element(n,"body"))
63 state = state_stopping_body;
64 }
65 void openid_service_resolver_t::end_element(const XML_Char *n) {
66 if(state!=state_parse) return;
67 assert(tree.top().element == n);
68 pop_tag();
69 }
70 void openid_service_resolver_t::character_data(const XML_Char *s,int l) {
71 if(state!=state_parse) return;
72 if( !( tree.empty() || tree.top().skip_text ) )
73 tree.top().content.append(s,l);
74 }
75
76 static void copy_trim_whitespace(string& to,const string& from) {
77 string::size_type ns0 = from.find_first_not_of(whitespace);
78 if(ns0==string::npos) {
79 to.clear(); return;
80 }
81 string::size_type ns1 = from.find_last_not_of(whitespace);
82 assert(ns1!=string::npos);
83 to.assign(from,ns0,ns1-ns0+1);
84 }
85
86 void openid_service_resolver_t::pop_tag() {
87 assert(!tree.empty());
88 parser_node_t& t = tree.top();
89 if( is_element(t,"meta")
90 && !strcasecmp(t.attrs["http-equiv"].c_str(),LOCATION_HEADER) ) {
91 xrds_location = t.attrs["content"];
92 }else if( is_element(t,"link") ) {
93 parser_node_t::attrs_t::const_iterator ir = t.attrs.find("rel");
94 if(ir!=t.attrs.end()) {
95 const string& rels = ir->second;
96 for(string::size_type ns = rels.find_first_not_of(whitespace);
97 ns!=string::npos;
98 ns=rels.find_first_not_of(whitespace,ns)) {
99 string::size_type s = rels.find_first_of(whitespace,ns);
100 string rel;
101 if(s==string::npos) {
102 rel.assign(rels,ns,string::npos);
103 ns = string::npos;
104 }else{
105 rel.assign(rels,ns,s-ns);
106 ns = s;
107 }
108 if(rel=="openid.server")
109 copy_trim_whitespace(html_SEP.xrd_URI,t.attrs["href"]);
110 else if(rel=="openid.delegate")
111 copy_trim_whitespace(html_SEP.openid_Delegate,t.attrs["href"]);
112 }
113 }
114 }else if( is_element(t,"head") )
115 state = state_stopping_head;
116 else if( is_qelement(t,NSURI_XRD "\tXRD")) {
117 if( !(
118 (
119 xri_mode
120 && t.auth_info.canonical_id.empty()
121 ) ||
122 t.auth_info.auth_SEP.xrd_Type.empty()
123 ) )
124 auth_info = t.auth_info;
125 }else if( tree.size()>1 ) {
126 parser_node_t& p = tree.parent();
127 if( is_qelement(p,NSURI_XRD "\tService") ) {
128 if( is_qelement(t,NSURI_XRD "\tType") ) {
129 if(t.content==STURI_OPENID10) {
130 string tmp; copy_trim_whitespace(tmp,t.content);
131 p.auth_info.auth_SEP.xrd_Type.insert(tmp);
132 }
133 }else if( is_qelement(t,NSURI_XRD "\tURI") )
134 copy_trim_whitespace(p.auth_info.auth_SEP.xrd_URI,t.content);
135 else if( is_qelement(t,NSURI_OPENID10 "\tDelegate") )
136 copy_trim_whitespace(p.auth_info.auth_SEP.openid_Delegate,t.content);
137 }else if( is_qelement(p,NSURI_XRD "\tXRD") ) {
138 if(is_qelement(t,NSURI_XRD "\tService") ) {
139 if( !t.auth_info.auth_SEP.xrd_Type.empty() ) {
140 parser_node_t::attrs_t::const_iterator ip
141 = t.attrs.find("priority");
142 if(ip!=t.attrs.end()) {
143 const char *nptr = ip->second.c_str();
144 char *eptr = 0;
145 t.auth_info.auth_SEP.priority = strtol(nptr,&eptr,10);
146 if(nptr==eptr)
147 t.auth_info.auth_SEP.priority = LONG_MAX;
148 }
149 if( (t.auth_info.auth_SEP.priority < p.auth_info.auth_SEP.priority)
150 || p.auth_info.auth_SEP.xrd_Type.empty() )
151 p.auth_info.auth_SEP = t.auth_info.auth_SEP;
152 }
153 }else if( is_qelement(t,NSURI_XRD "\tCanonicalID") )
154 copy_trim_whitespace(p.auth_info.canonical_id,t.content);
155 }
156 }
157
158 tree.pop();
159 }
160
161 size_t openid_service_resolver_t::write(void *p,size_t s,size_t nm) {
162 if(state != state_parse)
163 return 0;
164 /* TODO: limit total size */
165 size_t bytes = s*nm;
166 parse((const char *)p,bytes,false);
167 return bytes;
168 }
169
170 size_t openid_service_resolver_t::header(void *p,size_t s,size_t nm) {
171 size_t bytes = s*nm;
172 const char *h = (const char *)p;
173 const char *colon = (const char*)memchr(p,':',bytes);
174 const char *space = (const char*)memchr(p,' ',bytes);
175 if(space && ( (!colon) || space<colon ) ) {
176 xrds_location.clear(); http_content_type.clear();
177 }else if(colon) {
178 const char *hv = ++colon;
179 int hnl = colon-h;
180 int rb;
181 for(rb = bytes-hnl-1;
182 rb>0 && isspace(*hv);
183 ++hv,--rb );
184 while(rb>0 && isspace(hv[rb-1]))
185 --rb;
186 if(rb) {
187 if( (hnl >= sizeof(LOCATION_HEADER))
188 && !strncasecmp(h,LOCATION_HEADER ":",
189 sizeof(LOCATION_HEADER)) ) {
190 xrds_location.assign(hv,rb);
191 }else if( (hnl >= sizeof("Content-Type"))
192 && !strncasecmp(h,"Content-Type:",
193 sizeof("Content-Type")) ) {
194 const char *sc = (const char*)memchr(
195 hv,';',rb);
196 http_content_type.assign(
197 hv,sc?(sc-hv):rb );
198 }
199 }
200 }
201 return curl_t::header(p,s,nm);
202 }
203
204 void openid_service_resolver_t::discover_service(const string& url,bool xri) {
205 CURLcode r = easy_setopt(CURLOPT_URL,url.c_str());
206 if(r)
207 throw opkele::exception_curl(OPKELE_CP_ "failed to set curly urlie",r);
208
209 (*(expat_t*)this) = parser_create_ns();
210 set_user_data(); set_element_handler();
211 set_character_data_handler();
212 tree.clear();
213 state = state_parse;
214
215 r = easy_perform();
216 if(r && r!=CURLE_WRITE_ERROR)
217 throw exception_curl(OPKELE_CP_ "failed to perform curly request",r);
218
219 parse(0,0,true);
220 while(!tree.empty()) pop_tag();
221 }
222
223 const openid_auth_info_t& openid_service_resolver_t::resolve(const string& id) {
224 auth_info = openid_auth_info_t();
225 html_SEP = openid_auth_SEP_t();
226
227 string::size_type fns = id.find_first_not_of(whitespace);
228 if(fns==string::npos)
229 throw opkele::bad_input(OPKELE_CP_ "whitespace-only identity");
230 string::size_type lns = id.find_last_not_of(whitespace);
231 assert(lns!=string::npos);
232 if(!strncasecmp(
233 id.c_str()+fns,"xri://",
234 sizeof("xri://")-1))
235 fns+=sizeof("xri://")-1;
236 string nid(id,fns,lns-fns+1);
237 if(nid.empty())
238 throw opkele::bad_input(OPKELE_CP_ "nothing significant in identity");
239 if(strchr("=@+$!(",*nid.c_str())) {
240 discover_service(
241 xri_proxy + util::url_encode(nid) +
242 "?_xrd_t=" STURI_OPENID10 "&_xrd_r=application/xrd+xml;sep=true",
243 true );
244 if(auth_info.canonical_id.empty()
245 || auth_info.auth_SEP.xrd_Type.empty() )
246 throw opkele::failed_lookup(OPKELE_CP_ "no OpenID service for XRI found");
247 }else{
248 const char *np = nid.c_str();
249 if( (strncasecmp(np,"http",4) || strncmp(
250 tolower(*(np+4))=='s'? np+5 : np+4, "://", 3))
251#ifndef NDEBUG
252 && strncasecmp(np,"file:///",sizeof("file:///")-1)
253 #endif /* XXX: or how do I let tests work? */
254 )
255 nid.insert(0,"http://");
256 string::size_type fp = nid.find('#');
257 if(fp!=string::npos) {
258 string::size_type qp = nid.find('?');
259 if(qp==string::npos || qp<fp) {
260 nid.erase(fp);
261 }else if(qp>fp)
262 nid.erase(fp,qp-fp);
263 }
264 discover_service(nid);
265 const char *eu = 0;
266 CURLcode r = easy_getinfo(CURLINFO_EFFECTIVE_URL,&eu);
267 if(r)
268 throw exception_curl(OPKELE_CP_ "failed to get CURLINFO_EFFECTIVE_URL",r);
269 string canonicalized_id = util::rfc_3986_normalize_uri(eu);
270 if(xrds_location.empty()) {
271 if(auth_info.auth_SEP.xrd_Type.empty()) {
272 if(html_SEP.xrd_URI.empty())
273 throw opkele::failed_lookup(OPKELE_CP_ "no OpenID 1.0 service discovered");
274 auth_info.auth_SEP = html_SEP;
275 auth_info.auth_SEP.xrd_Type.clear(); auth_info.auth_SEP.xrd_Type.insert( STURI_OPENID10 );
276 auth_info.canonical_id = canonicalized_id;
277 }else{
278 if(auth_info.canonical_id.empty())
279 auth_info.canonical_id = canonicalized_id;
280 }
281 }else{
282 discover_service(xrds_location);
283 if(auth_info.auth_SEP.xrd_Type.empty()) {
284 if(html_SEP.xrd_URI.empty())
285 throw opkele::failed_lookup(OPKELE_CP_ "no OpenID 1.0 service discovered");
286 auth_info.auth_SEP = html_SEP;
287 auth_info.auth_SEP.xrd_Type.clear(); auth_info.auth_SEP.xrd_Type.insert( STURI_OPENID10 );
288 auth_info.canonical_id = canonicalized_id;
289 }else{
290 if(auth_info.canonical_id.empty())
291 auth_info.canonical_id = canonicalized_id;
292 }
293 }
294 }
295 return auth_info;
296 }
297
298}
diff --git a/lib/util.cc b/lib/util.cc
index 69d37b5..83f0eef 100644
--- a/lib/util.cc
+++ b/lib/util.cc
@@ -185,21 +185,23 @@ namespace opkele {
185 uri.begin()+ns, uri.begin()+colon+1, 185 uri.begin()+ns, uri.begin()+colon+1,
186 back_inserter(rv), ::tolower ); 186 back_inserter(rv), ::tolower );
187 bool s; 187 bool s;
188 if(rv=="http:")
189 s = false;
190 else if(rv=="https:")
191 s = true;
192#ifndef NDEBUG
193 else if(rv=="file:")
194 s = false;
195#endif /* XXX: or try to make tests work some other way */
196 else
197 throw not_implemented(OPKELE_CP_ "Only http(s) URIs can be normalized here");
198 string::size_type ul = uri.find_last_not_of(whitespace)+1; 188 string::size_type ul = uri.find_last_not_of(whitespace)+1;
199 if(ul <= (colon+3)) 189 if(ul <= (colon+3))
200 throw bad_input(OPKELE_CP_ "Unexpected end of URI being normalized encountered"); 190 throw bad_input(OPKELE_CP_ "Unexpected end of URI being normalized encountered");
201 if(uri[colon+1]!='/' || uri[colon+2]!='/') 191 if(uri[colon+1]!='/' || uri[colon+2]!='/')
202 throw bad_input(OPKELE_CP_ "Unexpected input in URI being normalized after scheme component"); 192 throw bad_input(OPKELE_CP_ "Unexpected input in URI being normalized after scheme component");
193 if(rv=="http:")
194 s = false;
195 else if(rv=="https:")
196 s = true;
197 else{
198 /* TODO: support more schemes.
199 * e.g. xri. How do we normalize
200 * xri?
201 */
202 rv.append(uri,colon+1,ul-colon-1);
203 return rv;
204 }
203 rv += "//"; 205 rv += "//";
204 string::size_type interesting = uri.find_first_of(":/#?",colon+3); 206 string::size_type interesting = uri.find_first_of(":/#?",colon+3);
205 if(interesting==string::npos) { 207 if(interesting==string::npos) {