| -rw-r--r-- | lib/openid_service_resolver.cc | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/lib/openid_service_resolver.cc b/lib/openid_service_resolver.cc index 5f82955..505e5b2 100644 --- a/lib/openid_service_resolver.cc +++ b/lib/openid_service_resolver.cc | |||
| @@ -235,25 +235,24 @@ namespace opkele { | |||
| 235 | fns+=sizeof("xri://")-1; | 235 | fns+=sizeof("xri://")-1; |
| 236 | string nid(id,fns,lns-fns+1); | 236 | string nid(id,fns,lns-fns+1); |
| 237 | if(nid.empty()) | 237 | if(nid.empty()) |
| 238 | throw opkele::bad_input(OPKELE_CP_ "nothing significant in identity"); | 238 | throw opkele::bad_input(OPKELE_CP_ "nothing significant in identity"); |
| 239 | if(strchr("=@+$!(",*nid.c_str())) { | 239 | if(strchr("=@+$!(",*nid.c_str())) { |
| 240 | discover_service( | 240 | discover_service( |
| 241 | xri_proxy + util::url_encode(nid) + | 241 | xri_proxy + util::url_encode(nid) + |
| 242 | "?_xrd_t=" STURI_OPENID10 "&_xrd_r=application/xrd+xml;sep=true", | 242 | "?_xrd_t=" STURI_OPENID10 "&_xrd_r=application/xrd+xml;sep=true", |
| 243 | true ); | 243 | true ); |
| 244 | if(auth_info.canonical_id.empty() | 244 | if(auth_info.canonical_id.empty() |
| 245 | || auth_info.auth_SEP.xrd_Type.empty() ) | 245 | || auth_info.auth_SEP.xrd_Type.empty() ) |
| 246 | throw opkele::failed_lookup(OPKELE_CP_ "no OpenID service for XRI found"); | 246 | throw opkele::failed_lookup(OPKELE_CP_ "no OpenID service for XRI found"); |
| 247 | return auth_info; | ||
| 248 | }else{ | 247 | }else{ |
| 249 | const char *np = nid.c_str(); | 248 | const char *np = nid.c_str(); |
| 250 | if( (strncasecmp(np,"http",4) || strncmp( | 249 | if( (strncasecmp(np,"http",4) || strncmp( |
| 251 | tolower(*(np+4))=='s'? np+5 : np+4, "://", 3)) | 250 | tolower(*(np+4))=='s'? np+5 : np+4, "://", 3)) |
| 252 | #ifndef NDEBUG | 251 | #ifndef NDEBUG |
| 253 | && strncasecmp(np,"file:///",sizeof("file:///")-1) | 252 | && strncasecmp(np,"file:///",sizeof("file:///")-1) |
| 254 | #endif /* XXX: or how do I let tests work? */ | 253 | #endif /* XXX: or how do I let tests work? */ |
| 255 | ) | 254 | ) |
| 256 | nid.insert(0,"http://"); | 255 | nid.insert(0,"http://"); |
| 257 | string::size_type fp = nid.find('#'); | 256 | string::size_type fp = nid.find('#'); |
| 258 | if(fp!=string::npos) { | 257 | if(fp!=string::npos) { |
| 259 | string::size_type qp = nid.find('?'); | 258 | string::size_type qp = nid.find('?'); |
| @@ -262,33 +261,38 @@ namespace opkele { | |||
| 262 | }else if(qp>fp) | 261 | }else if(qp>fp) |
| 263 | nid.erase(fp,qp-fp); | 262 | nid.erase(fp,qp-fp); |
| 264 | } | 263 | } |
| 265 | discover_service(nid); | 264 | discover_service(nid); |
| 266 | const char *eu = 0; | 265 | const char *eu = 0; |
| 267 | CURLcode r = easy_getinfo(CURLINFO_EFFECTIVE_URL,&eu); | 266 | CURLcode r = easy_getinfo(CURLINFO_EFFECTIVE_URL,&eu); |
| 268 | if(r) | 267 | if(r) |
| 269 | throw exception_curl(OPKELE_CP_ "failed to get CURLINFO_EFFECTIVE_URL",r); | 268 | throw exception_curl(OPKELE_CP_ "failed to get CURLINFO_EFFECTIVE_URL",r); |
| 270 | string canonicalized_id = util::rfc_3986_normalize_uri(eu); | 269 | string canonicalized_id = util::rfc_3986_normalize_uri(eu); |
| 271 | if(xrds_location.empty()) { | 270 | if(xrds_location.empty()) { |
| 272 | if(auth_info.auth_SEP.xrd_Type.empty()) { | 271 | if(auth_info.auth_SEP.xrd_Type.empty()) { |
| 273 | if(html_SEP.xrd_URI.empty()) | 272 | if(html_SEP.xrd_URI.empty()) |
| 274 | throw opkele::failed_lookup(OPKELE_CP_ "no OpenID service discovered"); | 273 | throw opkele::failed_lookup(OPKELE_CP_ "no OpenID 1.0 service discovered"); |
| 275 | auth_info.auth_SEP = html_SEP; | 274 | auth_info.auth_SEP = html_SEP; |
| 276 | auth_info.auth_SEP.xrd_Type.clear(); auth_info.auth_SEP.xrd_Type.insert( STURI_OPENID10 ); | 275 | auth_info.auth_SEP.xrd_Type.clear(); auth_info.auth_SEP.xrd_Type.insert( STURI_OPENID10 ); |
| 277 | auth_info.canonical_id = canonicalized_id; | 276 | auth_info.canonical_id = canonicalized_id; |
| 278 | }else{ | 277 | }else{ |
| 279 | if(auth_info.canonical_id.empty()) | 278 | if(auth_info.canonical_id.empty()) |
| 280 | auth_info.canonical_id = canonicalized_id; | 279 | auth_info.canonical_id = canonicalized_id; |
| 281 | } | 280 | } |
| 282 | return auth_info; | ||
| 283 | }else{ | 281 | }else{ |
| 284 | discover_service(xrds_location); | 282 | discover_service(xrds_location); |
| 285 | if(auth_info.auth_SEP.xrd_Type.empty()) | 283 | if(auth_info.auth_SEP.xrd_Type.empty()) { |
| 286 | throw opkele::failed_lookup(OPKELE_CP_ "no OpenID service found in Yadis document"); | 284 | if(html_SEP.xrd_URI.empty()) |
| 287 | if(auth_info.canonical_id.empty()) | 285 | throw opkele::failed_lookup(OPKELE_CP_ "no OpenID 1.0 service discovered"); |
| 286 | auth_info.auth_SEP = html_SEP; | ||
| 287 | auth_info.auth_SEP.xrd_Type.clear(); auth_info.auth_SEP.xrd_Type.insert( STURI_OPENID10 ); | ||
| 288 | auth_info.canonical_id = canonicalized_id; | 288 | auth_info.canonical_id = canonicalized_id; |
| 289 | return auth_info; | 289 | }else{ |
| 290 | if(auth_info.canonical_id.empty()) | ||
| 291 | auth_info.canonical_id = canonicalized_id; | ||
| 292 | } | ||
| 290 | } | 293 | } |
| 291 | } | 294 | } |
| 295 | return auth_info; | ||
| 292 | } | 296 | } |
| 293 | 297 | ||
| 294 | } | 298 | } |