| -rw-r--r-- | include/opkele/basic_rp.h | 36 | ||||
| -rw-r--r-- | lib/basic_rp.cc | 29 |
2 files changed, 63 insertions, 2 deletions
diff --git a/include/opkele/basic_rp.h b/include/opkele/basic_rp.h index d5356aa..d096e0a 100644 --- a/include/opkele/basic_rp.h +++ b/include/opkele/basic_rp.h @@ -12,2 +12,10 @@ namespace opkele { public: + /** + * Claimed identifier from a parsed id_res message. + */ + string claimed_id; + /** + * OP-Local identifier from a parsed id_res message. + */ + string identity; @@ -15,2 +23,30 @@ namespace opkele { + void reset_vars(); + + /** + * @name Assertion information retrieval + * Retrieval of the information passed with openid message + * @{ + */ + /** + * Find out if the assertion is about identity + * @return true if so + */ + bool has_identity() const; + /** + * Get claimed identifier supplied with the request + * @return claimed identifier + * @throw non_identity if request is not about identity + */ + const string& get_claimed_id() const; + /** + * Get the identity (OP-Local identifier) confirmed + * @return identity + * @throw non_identity if request is not about identity + */ + const string& get_identity() const; + /** + * @} + */ + /** diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc index e65d9fb..3357d0b 100644 --- a/lib/basic_rp.cc +++ b/lib/basic_rp.cc @@ -10,2 +10,3 @@ #include <opkele/curl.h> +#include <opkele/debug.h> @@ -13,2 +14,20 @@ namespace opkele { + void basic_RP::reset_vars() { + claimed_id.clear(); identity.clear(); + } + + const string& basic_RP::get_claimed_id() const { + if(claimed_id.empty()) + throw non_identity(OPKELE_CP_ "attempting to retreive claimed_id of non-identity assertion"); + assert(!identity.empty()); + return claimed_id; + } + + const string& basic_RP::get_identity() const { + if(identity.empty()) + throw non_identity(OPKELE_CP_ "attempting to retrieve identity of non-identity related assertion"); + assert(!claimed_id.empty()); + return identity; + } + static void dh_get_secret( @@ -198,2 +217,3 @@ namespace opkele { void basic_RP::id_res(const basic_openid_message& om,extension_t *ext) { + reset_vars(); bool o2 = om.has_field("ns") @@ -273,8 +293,13 @@ namespace opkele { if(om.has_field("claimed_id")) { + claimed_id = om.get_field("claimed_id"); + identity = om.get_field("identity"); verify_OP( om.get_field("op_endpoint"), - om.get_field("claimed_id"), - om.get_field("identity") ); + claimed_id, identity ); } + }else{ + claimed_id = get_endpoint().claimed_id; + /* TODO: check if this is the identity we asked for */ + identity = om.get_field("identity"); } |