| -rw-r--r-- | include/Makefile.am | 3 | ||||
| -rw-r--r-- | include/opkele/sreg.h | 206 | ||||
| -rw-r--r-- | lib/Makefile.am | 5 | ||||
| -rw-r--r-- | lib/sreg.cc | 124 |
4 files changed, 336 insertions, 2 deletions
diff --git a/include/Makefile.am b/include/Makefile.am index 72931eb..4b9b02a 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -1,12 +1,13 @@ nobase_include_HEADERS = \ opkele/acconfig.h \ opkele/opkele-config.h \ opkele/types.h \ opkele/association.h \ opkele/exception.h \ opkele/server.h \ opkele/consumer.h \ - opkele/extension.h + opkele/extension.h \ + opkele/sreg.h EXTRA_DIST = \ opkele/data.h \ opkele/util.h diff --git a/include/opkele/sreg.h b/include/opkele/sreg.h new file mode 100644 index 0000000..6713ef7 --- a/dev/null +++ b/include/opkele/sreg.h @@ -0,0 +1,206 @@ +#ifndef __OPKELE_SREG_H +#define __OPKELE_SREG_H + +/** + * @file + * @brief Simple registration extension + */ + +#include <opkele/extension.h> + +/** + * @brief the main opkele namespace + */ +namespace opkele { + using std::map; + + /** + * OpenID simple registration extension implementation + * http://openid.net/specs/openid-simple-registration-extension-1_0.html + */ + class sreg_t : public extension_t { + public: + /** + * sreg fields enumeration + */ + enum fieldbit_t { + /** + * Any UTF-8 string that the End User wants to use as a nickname. + */ + field_nickname = 1, + /** + * The email address of the End User as specified in section 3.4.1 of [RFC2822] + */ + field_email = 2, + /** + * UTF-8 string free text representation of the End User's full name. + */ + field_fullname = 4, + /** + * The End User's date of birth as YYYY-MM-DD. Any values whose + * representation uses fewer than the specified number of + * digits should be zero-padded. The length of this value MUST + * always be 10. If the End User user does not want to reveal + * any particular component of this value, it MUST be set to + * zero. + * + * For instance, if a End User wants to specify that his date + * of birth is in 1980, but not the month or day, the value + * returned SHALL be "1980-00-00". + */ + field_dob = 8, + /** + * Alias to field_dob + */ + field_birthdate = field_dob, + /** + * The End User's gender, "M" for male, "F" for female. + */ + field_gender = 16, + /** + * Alias to field_gender + */ + field_sex = field_gender, + /** + * UTF-8 string free text that SHOULD conform to the End User's + * country's postal system. + */ + field_postcode = 32, + /** + * The End User's country of residence as specified by ISO3166 + */ + field_country = 64, + /** + * End User's preferred language as specified by ISO639 + */ + field_language = 128, + /** + * ASCII string from TimeZone database + * + * For example, "Europe/Paris" or "America/Los_Angeles". + */ + field_timezone = 256, + /** + * All fields bits combined + */ + fields_ALL = 511, + /** + * No fields + */ + fields_NONE = 0 + }; + /** + * Bitmask for fields which, if absent from the response, will + * prevent the Consumer from completing the registration without + * End User interation. + */ + long fields_required; + /** + * Bitmask for fields that will be used by the Consumer, but whose + * absence will not prevent the registration from completing. + */ + long fields_optional; + /** + * A URL which the Consumer provides to give the End User a place + * to read about the how the profile data will be used. The + * Identity Provider SHOULD display this URL to the End User if it + * is given. + */ + string policy_url; + + /** + * Bitmask for fields present in response + */ + long has_fields; + /** + * Container type for response fields values + */ + typedef map<fieldbit_t,string> response_t; + /** + * Response contents + */ + response_t response; + + /** + * Fields bitmask to send in response + */ + long fields_response; + + /** + * Consumer constructor. + * @param fr required fields + * @see fields_required + * @param fo optional fields + * @see fields_optional + * @param pu policy url + * @see policy_url + */ + sreg_t(long fr=fields_NONE,long fo=fields_NONE,const string& pu="") + : fields_required(fr), fields_optional(fo), policy_url(pu), has_fields(0) { } + + /** + * Implementation of consumer's checkid hook + */ + virtual void checkid_hook(params_t& p,const string& identity); + /** + * Implementation of consumer's id_res hook + */ + virtual void id_res_hook(const params_t& p,const params_t& sp,const string& identity); + /** + * Implementation of server's checkid_hook + */ + virtual void checkid_hook(const params_t& pin,params_t& pout); + + /** + * Check and see if we have value for some particular field. + * @param fb field in question + * @see fieldbit_t + * @return true if the value is available + */ + bool has_field(fieldbit_t fb) const { return has_fields&fb; } + + /** + * Retrieve the value for a field. + * @param fb field in question + * @see fieldbit_t + * @return field value + * @throw failed_lookup if no data avaialble + */ + const string& get_field(fieldbit_t fb) const; + + /** + * Set the value for a field. + * @param fb field in question + * @see fieldbit_t + * @param fv field value + */ + void set_field(fieldbit_t fb,const string& fv); + + /** + * Remove the value for a field. + * @param fb field in question + * @see fieldbit_t + */ + void reset_field(fieldbit_t fb); + + /** + * Reset field data + */ + void clear(); + + /** + * Function called after parsing sreg request to set up response + * fields. The default implementation tries to send as much fields + * as we have. The function is supposed to set the data and + * fields_response. + * @see fields_response + * @param pin input request parameters with "openid." prefix + * @param pout output request parameters without "openid." prefix. + * @see checkid_hook(const params_t&,params_t&) + */ + virtual void setup_response(const params_t& pin,params_t& pout); + + }; +} + +#endif /* __OPKELE_SREG_H */ diff --git a/lib/Makefile.am b/lib/Makefile.am index 69c749e..783f2ab 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -13,13 +13,16 @@ LDADD = \ ${MIMETIC_LIBS} \ ${OPENSSL_LIBS} \ ${KONFORKA_LIBS} libopkele_la_SOURCES = \ params.cc \ util.cc \ server.cc \ secret.cc \ data.cc \ consumer.cc \ exception.cc \ - extension.cc + extension.cc \ + sreg.cc +libopkele_la_LDFLAGS = \ + -version-info 1:0:0 diff --git a/lib/sreg.cc b/lib/sreg.cc new file mode 100644 index 0000000..08e66b7 --- a/dev/null +++ b/lib/sreg.cc @@ -0,0 +1,124 @@ +#include <opkele/exception.h> +#include <opkele/sreg.h> +#include <algorithm> + +namespace opkele { + using std::find; + + static const struct _sreg_field { + const char *fieldname; + sreg_t::fieldbit_t fieldbit; + } fields[] = { + { "nickname", sreg_t::field_nickname }, + { "email", sreg_t::field_email }, + { "fullname", sreg_t::field_fullname }, + { "dob", sreg_t::field_dob }, + { "gender", sreg_t::field_gender }, + { "postcode", sreg_t::field_postcode }, + { "country", sreg_t::field_country }, + { "language", sreg_t::field_language }, + { "timezone", sreg_t::field_timezone } + }; +# define fields_BEGIN fields +# define fields_END &fields[sizeof(fields)/sizeof(*fields)] + typedef const struct _sreg_field *fields_iterator; + + bool operator==(const struct _sreg_field& fd,const string& fn) { + return fd.fieldname==fn; + } + + void sreg_t::checkid_hook(params_t& p,const string& identity) { + string fr, fo; + for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { + if(f->fieldbit&fields_required) { + if(!fr.empty()) fr+=","; + fr += f->fieldname; + } + if(f->fieldbit&fields_optional) { + if(!fo.empty()) fo+=","; + fo += f->fieldname; + } + } + if(!fr.empty()) p["sreg.required"]=fr; + if(!fo.empty()) p["sreg.optional"]=fo; + if(!policy_url.empty()) p["sreg.policy_url"]=policy_url; + } + + void sreg_t::id_res_hook(const params_t& p,const params_t& sp,const string& identity) { + clear(); + for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { + string fn = "sreg."; fn+=f->fieldname; + if(!sp.has_param(fn)) continue; + has_fields |= f->fieldbit; + response[f->fieldbit]=sp.get_param(fn); + } + } + + const string& sreg_t::get_field(fieldbit_t fb) const { + response_t::const_iterator i = response.find(fb); + if(i==response.end()) + throw failed_lookup(OPKELE_CP_ "no field data available"); + return i->second; + } + + void sreg_t::set_field(fieldbit_t fb,const string& fv) { + response[fb] = fv; + has_fields |= fb; + } + + void sreg_t::reset_field(fieldbit_t fb) { + has_fields &= ~fb; + response.erase(fb); + } + + void sreg_t::clear() { + has_fields = 0; response.clear(); + } + + static long fields_list_to_bitmask(string& fl) { + long rv = 0; + while(!fl.empty()) { + string::size_type co = fl.find(','); + string fn; + if(co==string::npos) { + fn = fl; fl.erase(); + }else{ + fn = fl.substr(0,co); fl.erase(0,co+1); + } + fields_iterator f = find(fields_BEGIN,fields_END,fn); + if(f!=fields_END) + rv |= f->fieldbit; + } + return rv; + } + + void sreg_t::checkid_hook(const params_t& pin,params_t& pout) { + fields_optional = 0; fields_required = 0; policy_url.erase(); + fields_response = 0; + try { + string fl = pin.get_param("openid.sreg.required"); + fields_required = fields_list_to_bitmask(fl); + }catch(failed_lookup&) { } + try { + string fl = pin.get_param("openid.sreg.optional"); + fields_optional = fields_list_to_bitmask(fl); + }catch(failed_lookup&) { } + try { + policy_url = pin.get_param("openid.sreg.policy_url"); + }catch(failed_lookup&) { } + setup_response(pin,pout); + fields_response &= has_fields; + for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { + if(!(f->fieldbit&fields_response)) continue; + if(!pout["signed"].empty()) + pout["signed"] +=','; + string pn = "sreg."; pn += f->fieldname; + pout["signed"] += pn; + pout[pn] = get_field(f->fieldbit); + } + } + + void sreg_t::setup_response(const params_t& pin,params_t& pout) { + fields_response = (fields_required|fields_optional)&has_fields; + } +} |