summaryrefslogtreecommitdiffabout
Unidiff
Diffstat (more/less context) (show whitespace changes)
-rw-r--r--include/opkele/types.h2
-rw-r--r--lib/openid_message.cc14
2 files changed, 10 insertions, 6 deletions
diff --git a/include/opkele/types.h b/include/opkele/types.h
index a3b657d..1f48362 100644
--- a/include/opkele/types.h
+++ b/include/opkele/types.h
@@ -57,174 +57,174 @@ namespace opkele {
57 */ 57 */
58 void enxor_from_base64(const unsigned char *key_d,const string& b64); 58 void enxor_from_base64(const unsigned char *key_d,const string& b64);
59 /** 59 /**
60 * plainly encode to base64 representation 60 * plainly encode to base64 representation
61 * @param rv reference to the return value 61 * @param rv reference to the return value
62 */ 62 */
63 void to_base64(string& rv) const; 63 void to_base64(string& rv) const;
64 /** 64 /**
65 * decode cleartext secret from base64 65 * decode cleartext secret from base64
66 * @param b64 base64-encoded representation of the secret value 66 * @param b64 base64-encoded representation of the secret value
67 */ 67 */
68 void from_base64(const string& b64); 68 void from_base64(const string& b64);
69 }; 69 };
70 70
71 /** 71 /**
72 * Interface to the association. 72 * Interface to the association.
73 */ 73 */
74 class association_t { 74 class association_t {
75 public: 75 public:
76 76
77 virtual ~association_t() { } 77 virtual ~association_t() { }
78 78
79 /** 79 /**
80 * retrieve the server with which association was established. 80 * retrieve the server with which association was established.
81 * @return server name 81 * @return server name
82 */ 82 */
83 virtual string server() const = 0; 83 virtual string server() const = 0;
84 /** 84 /**
85 * retrieve the association handle. 85 * retrieve the association handle.
86 * @return handle 86 * @return handle
87 */ 87 */
88 virtual string handle() const = 0; 88 virtual string handle() const = 0;
89 /** 89 /**
90 * retrieve the association type. 90 * retrieve the association type.
91 * @return association type 91 * @return association type
92 */ 92 */
93 virtual string assoc_type() const = 0; 93 virtual string assoc_type() const = 0;
94 /** 94 /**
95 * retrieve the association secret. 95 * retrieve the association secret.
96 * @return association secret 96 * @return association secret
97 */ 97 */
98 virtual secret_t secret() const = 0; 98 virtual secret_t secret() const = 0;
99 /** 99 /**
100 * retrieve the number of seconds the association expires in. 100 * retrieve the number of seconds the association expires in.
101 * @return seconds till expiration 101 * @return seconds till expiration
102 */ 102 */
103 virtual int expires_in() const = 0; 103 virtual int expires_in() const = 0;
104 /** 104 /**
105 * check whether the association is stateless. 105 * check whether the association is stateless.
106 * @return true if stateless 106 * @return true if stateless
107 */ 107 */
108 virtual bool stateless() const = 0; 108 virtual bool stateless() const = 0;
109 /** 109 /**
110 * check whether the association is expired. 110 * check whether the association is expired.
111 * @return true if expired 111 * @return true if expired
112 */ 112 */
113 virtual bool is_expired() const = 0; 113 virtual bool is_expired() const = 0;
114 }; 114 };
115 115
116 /** 116 /**
117 * the shared_ptr<> for association_t object type 117 * the shared_ptr<> for association_t object type
118 */ 118 */
119 typedef tr1mem::shared_ptr<association_t> assoc_t; 119 typedef tr1mem::shared_ptr<association_t> assoc_t;
120 120
121 class basic_openid_message { 121 class basic_openid_message {
122 public: 122 public:
123 typedef list<string> fields_t; 123 typedef list<string> fields_t;
124 typedef util::forward_iterator_proxy< 124 typedef util::forward_iterator_proxy<
125 string,const string&,const string* 125 string,const string&,const string*
126 > fields_iterator; 126 > fields_iterator;
127 127
128 basic_openid_message() { } 128 basic_openid_message() { }
129 virtual ~basic_openid_message() { } 129 virtual ~basic_openid_message() { }
130 basic_openid_message(const basic_openid_message& x); 130 basic_openid_message(const basic_openid_message& x);
131 void copy_to(basic_openid_message& x) const; 131 void copy_to(basic_openid_message& x) const;
132 132
133 virtual bool has_field(const string& n) const = 0; 133 virtual bool has_field(const string& n) const = 0;
134 virtual const string& get_field(const string& n) const = 0; 134 virtual const string& get_field(const string& n) const = 0;
135 135
136 virtual bool has_ns(const string& uri) const; 136 virtual bool has_ns(const string& uri) const;
137 virtual string get_ns(const string& uri) const; 137 virtual string get_ns(const string& uri) const;
138 138
139 virtual fields_iterator fields_begin() const = 0; 139 virtual fields_iterator fields_begin() const = 0;
140 virtual fields_iterator fields_end() const = 0; 140 virtual fields_iterator fields_end() const = 0;
141 141
142 virtual string append_query(const string& url) const; 142 virtual string append_query(const string& url) const;
143 virtual string query_string() const; 143 virtual string query_string() const;
144 144
145 145
146 virtual void reset_fields(); 146 virtual void reset_fields();
147 virtual void set_field(const string& n,const string& v); 147 virtual void set_field(const string& n,const string& v);
148 virtual void reset_field(const string& n); 148 virtual void reset_field(const string& n);
149 149
150 virtual void from_keyvalues(const string& kv); 150 virtual void from_keyvalues(const string& kv);
151 virtual void to_keyvalues(ostream& o) const; 151 virtual void to_keyvalues(ostream& o) const;
152 152
153 virtual void to_htmlhiddens(ostream& o) const; 153 virtual void to_htmlhiddens(ostream& o,const char* pfx=0) const;
154 154
155 void add_to_signed(const string& fields); 155 void add_to_signed(const string& fields);
156 string find_ns(const string& uri,const char *pfx) const; 156 string find_ns(const string& uri,const char *pfx) const;
157 string allocate_ns(const string& uri,const char *pfx); 157 string allocate_ns(const string& uri,const char *pfx);
158 }; 158 };
159 159
160 class openid_message_t : public basic_openid_message, public map<string,string> { 160 class openid_message_t : public basic_openid_message, public map<string,string> {
161 public: 161 public:
162 openid_message_t() { } 162 openid_message_t() { }
163 openid_message_t(const basic_openid_message& x) 163 openid_message_t(const basic_openid_message& x)
164 : basic_openid_message(x) { } 164 : basic_openid_message(x) { }
165 165
166 void copy_to(basic_openid_message& x) const; 166 void copy_to(basic_openid_message& x) const;
167 167
168 bool has_field(const string& n) const; 168 bool has_field(const string& n) const;
169 const string& get_field(const string& n) const; 169 const string& get_field(const string& n) const;
170 virtual fields_iterator fields_begin() const; 170 virtual fields_iterator fields_begin() const;
171 virtual fields_iterator fields_end() const; 171 virtual fields_iterator fields_end() const;
172 172
173 void reset_fields(); 173 void reset_fields();
174 void set_field(const string& n,const string& v); 174 void set_field(const string& n,const string& v);
175 void reset_field(const string& n); 175 void reset_field(const string& n);
176 }; 176 };
177 177
178 /** 178 /**
179 * request/response parameters map 179 * request/response parameters map
180 */ 180 */
181 class params_t : public openid_message_t { 181 class params_t : public openid_message_t {
182 public: 182 public:
183 183
184 /** 184 /**
185 * check whether the parameter is present. 185 * check whether the parameter is present.
186 * @param n the parameter name 186 * @param n the parameter name
187 * @return true if yes 187 * @return true if yes
188 */ 188 */
189 bool has_param(const string& n) const { 189 bool has_param(const string& n) const {
190 return has_field(n); } 190 return has_field(n); }
191 /** 191 /**
192 * retrieve the parameter (const version) 192 * retrieve the parameter (const version)
193 * @param n the parameter name 193 * @param n the parameter name
194 * @return the parameter value 194 * @return the parameter value
195 * @throw failed_lookup if there is no such parameter 195 * @throw failed_lookup if there is no such parameter
196 */ 196 */
197 const string& get_param(const string& n) const { 197 const string& get_param(const string& n) const {
198 return get_field(n); } 198 return get_field(n); }
199 199
200 /** 200 /**
201 * parse the OpenID key/value data. 201 * parse the OpenID key/value data.
202 * @param kv the OpenID key/value data 202 * @param kv the OpenID key/value data
203 */ 203 */
204 void parse_keyvalues(const string& kv) { 204 void parse_keyvalues(const string& kv) {
205 from_keyvalues(kv); } 205 from_keyvalues(kv); }
206 206
207 string append_query(const string& url,const char *prefix="openid.") const; 207 string append_query(const string& url,const char *prefix="openid.") const;
208 208
209 }; 209 };
210 210
211 struct openid_endpoint_t { 211 struct openid_endpoint_t {
212 string uri; 212 string uri;
213 string claimed_id; 213 string claimed_id;
214 string local_id; 214 string local_id;
215 215
216 openid_endpoint_t() { } 216 openid_endpoint_t() { }
217 openid_endpoint_t(const string& u,const string& cid,const string& lid) 217 openid_endpoint_t(const string& u,const string& cid,const string& lid)
218 : uri(u), claimed_id(cid), local_id(lid) { } 218 : uri(u), claimed_id(cid), local_id(lid) { }
219 219
220 bool operator==(const openid_endpoint_t& x) const { 220 bool operator==(const openid_endpoint_t& x) const {
221 return uri==x.uri && local_id==x.local_id; } 221 return uri==x.uri && local_id==x.local_id; }
222 bool operator<(const openid_endpoint_t& x) const { 222 bool operator<(const openid_endpoint_t& x) const {
223 int c; 223 int c;
224 return (c=strcmp(uri.c_str(),x.uri.c_str())) 224 return (c=strcmp(uri.c_str(),x.uri.c_str()))
225 ? (c<0) : (strcmp(local_id.c_str(),x.local_id.c_str())<0); } 225 ? (c<0) : (strcmp(local_id.c_str(),x.local_id.c_str())<0); }
226 }; 226 };
227 227
228} 228}
229 229
230#endif /* __OPKELE_TYPES_H */ 230#endif /* __OPKELE_TYPES_H */
diff --git a/lib/openid_message.cc b/lib/openid_message.cc
index 521ea85..588bd62 100644
--- a/lib/openid_message.cc
+++ b/lib/openid_message.cc
@@ -70,196 +70,200 @@ namespace opkele {
70 70
71 __om_query_builder(string& r,const basic_openid_message& m) 71 __om_query_builder(string& r,const basic_openid_message& m)
72 : om(m), first(true), rv(r) { 72 : om(m), first(true), rv(r) {
73 for_each(om.fields_begin(),om.fields_end(),*this); 73 for_each(om.fields_begin(),om.fields_end(),*this);
74 } 74 }
75 __om_query_builder(string& r,const basic_openid_message& m,const string& u) 75 __om_query_builder(string& r,const basic_openid_message& m,const string& u)
76 : om(m), first(true), rv(r) { 76 : om(m), first(true), rv(r) {
77 rv = u; 77 rv = u;
78 if(rv.find('?')==string::npos) 78 if(rv.find('?')==string::npos)
79 rv += '?'; 79 rv += '?';
80 else 80 else
81 first = false; 81 first = false;
82 for_each(om.fields_begin(),om.fields_end(),*this); 82 for_each(om.fields_begin(),om.fields_end(),*this);
83 } 83 }
84 84
85 result_type operator()(argument_type f) { 85 result_type operator()(argument_type f) {
86 if(first) 86 if(first)
87 first = false; 87 first = false;
88 else 88 else
89 rv += '&'; 89 rv += '&';
90 rv += "openid."; rv+= f; 90 rv += "openid."; rv+= f;
91 rv += '='; 91 rv += '=';
92 rv += util::url_encode(om.get_field(f)); 92 rv += util::url_encode(om.get_field(f));
93 } 93 }
94 }; 94 };
95 95
96 string basic_openid_message::append_query(const string& url) const { 96 string basic_openid_message::append_query(const string& url) const {
97 string rv; 97 string rv;
98 return __om_query_builder(rv,*this,url).rv; 98 return __om_query_builder(rv,*this,url).rv;
99 } 99 }
100 string basic_openid_message::query_string() const { 100 string basic_openid_message::query_string() const {
101 string rv; 101 string rv;
102 return __om_query_builder(rv,*this).rv; 102 return __om_query_builder(rv,*this).rv;
103 } 103 }
104 104
105 void basic_openid_message::reset_fields() { 105 void basic_openid_message::reset_fields() {
106 throw not_implemented(OPKELE_CP_ "reset_fields() not implemented"); 106 throw not_implemented(OPKELE_CP_ "reset_fields() not implemented");
107 } 107 }
108 void basic_openid_message::set_field(const string&,const string&) { 108 void basic_openid_message::set_field(const string&,const string&) {
109 throw not_implemented(OPKELE_CP_ "set_field() not implemented"); 109 throw not_implemented(OPKELE_CP_ "set_field() not implemented");
110 } 110 }
111 void basic_openid_message::reset_field(const string&) { 111 void basic_openid_message::reset_field(const string&) {
112 throw not_implemented(OPKELE_CP_ "reset_field() not implemented"); 112 throw not_implemented(OPKELE_CP_ "reset_field() not implemented");
113 } 113 }
114 114
115 void basic_openid_message::from_keyvalues(const string& kv) { 115 void basic_openid_message::from_keyvalues(const string& kv) {
116 reset_fields(); 116 reset_fields();
117 string::size_type p = 0; 117 string::size_type p = 0;
118 while(true) { 118 while(true) {
119 string::size_type co = kv.find(':',p); 119 string::size_type co = kv.find(':',p);
120 if(co==string::npos) 120 if(co==string::npos)
121 break; 121 break;
122#ifndef POSTELS_LAW 122#ifndef POSTELS_LAW
123 string::size_type nl = kv.find('\n',co+1); 123 string::size_type nl = kv.find('\n',co+1);
124 if(nl==string::npos) 124 if(nl==string::npos)
125 throw bad_input(OPKELE_CP_ "malformed input"); 125 throw bad_input(OPKELE_CP_ "malformed input");
126 if(nl>co) 126 if(nl>co)
127 insert(value_type(kv.substr(p,co-p),kv.substr(co+1,nl-co-1))); 127 insert(value_type(kv.substr(p,co-p),kv.substr(co+1,nl-co-1)));
128 p = nl+1; 128 p = nl+1;
129#else /* POSTELS_LAW */ 129#else /* POSTELS_LAW */
130 string::size_type lb = kv.find_first_of("\r\n",co+1); 130 string::size_type lb = kv.find_first_of("\r\n",co+1);
131 if(lb==string::npos) { 131 if(lb==string::npos) {
132 set_field(kv.substr(p,co-p),kv.substr(co+1)); 132 set_field(kv.substr(p,co-p),kv.substr(co+1));
133 break; 133 break;
134 } 134 }
135 if(lb>co) 135 if(lb>co)
136 set_field(kv.substr(p,co-p),kv.substr(co+1,lb-co-1)); 136 set_field(kv.substr(p,co-p),kv.substr(co+1,lb-co-1));
137 string::size_type nolb = kv.find_first_not_of("\r\n",lb); 137 string::size_type nolb = kv.find_first_not_of("\r\n",lb);
138 if(nolb==string::npos) 138 if(nolb==string::npos)
139 break; 139 break;
140 p = nolb; 140 p = nolb;
141#endif /* POSTELS_LAW */ 141#endif /* POSTELS_LAW */
142 } 142 }
143 } 143 }
144 144
145 struct __om_kv_outputter : public unary_function<const string&,void> { 145 struct __om_kv_outputter : public unary_function<const string&,void> {
146 public: 146 public:
147 const basic_openid_message& om; 147 const basic_openid_message& om;
148 ostream& os; 148 ostream& os;
149 149
150 __om_kv_outputter(const basic_openid_message& m,ostream& s) 150 __om_kv_outputter(const basic_openid_message& m,ostream& s)
151 : om(m), os(s) { } 151 : om(m), os(s) { }
152 152
153 result_type operator()(argument_type f) { 153 result_type operator()(argument_type f) {
154 os << f << ':' << om.get_field(f) << '\n'; 154 os << f << ':' << om.get_field(f) << '\n';
155 } 155 }
156 }; 156 };
157 157
158 void basic_openid_message::to_keyvalues(ostream& o) const { 158 void basic_openid_message::to_keyvalues(ostream& o) const {
159 for_each(fields_begin(),fields_end(),__om_kv_outputter(*this,o)); 159 for_each(fields_begin(),fields_end(),__om_kv_outputter(*this,o));
160 } 160 }
161 161
162 struct __om_html_outputter : public unary_function<const string&,void> { 162 struct __om_html_outputter : public unary_function<const string&,void> {
163 public: 163 public:
164 const basic_openid_message& om; 164 const basic_openid_message& om;
165 ostream& os; 165 ostream& os;
166 const char *pfx;
166 167
167 __om_html_outputter(const basic_openid_message& m,ostream& s) 168 __om_html_outputter(const basic_openid_message& m,ostream& s,const char *p=0)
168 : om(m), os(s) { } 169 : om(m), os(s), pfx(p) { }
169 170
170 result_type operator()(argument_type f) { 171 result_type operator()(argument_type f) {
171 os << 172 os <<
172 "<input type=\"hidden\"" 173 "<input type=\"hidden\""
173 " name=\"" << util::attr_escape(f) << "\"" 174 " name=\"";
175 if(pfx)
176 os << util::attr_escape(pfx);
177 os << util::attr_escape(f) << "\""
174 " value=\"" << util::attr_escape(om.get_field(f)) << "\" />"; 178 " value=\"" << util::attr_escape(om.get_field(f)) << "\" />";
175 } 179 }
176 }; 180 };
177 181
178 void basic_openid_message::to_htmlhiddens(ostream& o) const { 182 void basic_openid_message::to_htmlhiddens(ostream& o,const char* pfx) const {
179 for_each(fields_begin(),fields_end(),__om_html_outputter(*this,o)); 183 for_each(fields_begin(),fields_end(),__om_html_outputter(*this,o,pfx));
180 } 184 }
181 185
182 void basic_openid_message::add_to_signed(const string& fields) { 186 void basic_openid_message::add_to_signed(const string& fields) {
183 string::size_type fnc = fields.find_first_not_of(","); 187 string::size_type fnc = fields.find_first_not_of(",");
184 if(fnc==string::npos) 188 if(fnc==string::npos)
185 throw bad_input(OPKELE_CP_ "Trying to add nothing in particular to the list of signed fields"); 189 throw bad_input(OPKELE_CP_ "Trying to add nothing in particular to the list of signed fields");
186 string signeds; 190 string signeds;
187 try { 191 try {
188 signeds = get_field("signed"); 192 signeds = get_field("signed");
189 string::size_type lnc = signeds.find_last_not_of(","); 193 string::size_type lnc = signeds.find_last_not_of(",");
190 if(lnc==string::npos) 194 if(lnc==string::npos)
191 signeds.assign(fields,fnc,fields.size()-fnc); 195 signeds.assign(fields,fnc,fields.size()-fnc);
192 else{ 196 else{
193 string::size_type ss = signeds.size(); 197 string::size_type ss = signeds.size();
194 if(lnc==(ss-1)) { 198 if(lnc==(ss-1)) {
195 signeds+= ','; 199 signeds+= ',';
196 signeds.append(fields,fnc,fields.size()-fnc); 200 signeds.append(fields,fnc,fields.size()-fnc);
197 }else{ 201 }else{
198 if(lnc<(ss-2)) 202 if(lnc<(ss-2))
199 signeds.replace(lnc+2,ss-lnc-2, 203 signeds.replace(lnc+2,ss-lnc-2,
200 fields,fnc,fields.size()-fnc); 204 fields,fnc,fields.size()-fnc);
201 else 205 else
202 signeds.append(fields,fnc,fields.size()-fnc); 206 signeds.append(fields,fnc,fields.size()-fnc);
203 } 207 }
204 } 208 }
205 }catch(failed_lookup&) { 209 }catch(failed_lookup&) {
206 signeds.assign(fields,fnc,fields.size()-fnc); 210 signeds.assign(fields,fnc,fields.size()-fnc);
207 } 211 }
208 set_field("signed",signeds); 212 set_field("signed",signeds);
209 } 213 }
210 214
211 string basic_openid_message::find_ns(const string& uri,const char *pfx) const { 215 string basic_openid_message::find_ns(const string& uri,const char *pfx) const {
212 if(has_field("ns")) 216 if(has_field("ns"))
213 return get_ns(uri); 217 return get_ns(uri);
214 return pfx; 218 return pfx;
215 } 219 }
216 string basic_openid_message::allocate_ns(const string& uri,const char *pfx) { 220 string basic_openid_message::allocate_ns(const string& uri,const char *pfx) {
217 if(!has_field("ns")) 221 if(!has_field("ns"))
218 return pfx; 222 return pfx;
219 if(has_ns(uri)) 223 if(has_ns(uri))
220 throw bad_input(OPKELE_CP_ "OpenID message already contains namespace"); 224 throw bad_input(OPKELE_CP_ "OpenID message already contains namespace");
221 string rv = pfx; 225 string rv = pfx;
222 if(has_field("ns."+rv)) { 226 if(has_field("ns."+rv)) {
223 string::reference c=rv[rv.length()]; 227 string::reference c=rv[rv.length()];
224 for(c='a';c<='z' && has_field("ns."+rv);++c); 228 for(c='a';c<='z' && has_field("ns."+rv);++c);
225 if(c=='z') 229 if(c=='z')
226 throw exception(OPKELE_CP_ "Failed to allocate namespace"); 230 throw exception(OPKELE_CP_ "Failed to allocate namespace");
227 } 231 }
228 set_field("ns."+rv,uri); 232 set_field("ns."+rv,uri);
229 return rv; 233 return rv;
230 } 234 }
231 235
232 void openid_message_t::copy_to(basic_openid_message& x) const { 236 void openid_message_t::copy_to(basic_openid_message& x) const {
233 x.reset_fields(); 237 x.reset_fields();
234 for(const_iterator i=begin();i!=end();++i) 238 for(const_iterator i=begin();i!=end();++i)
235 x.set_field(i->first,i->second); 239 x.set_field(i->first,i->second);
236 } 240 }
237 241
238 bool openid_message_t::has_field(const string& n) const { 242 bool openid_message_t::has_field(const string& n) const {
239 return find(n)!=end(); 243 return find(n)!=end();
240 } 244 }
241 const string& openid_message_t::get_field(const string& n) const { 245 const string& openid_message_t::get_field(const string& n) const {
242 const_iterator i=find(n); 246 const_iterator i=find(n);
243 if(i==end()) 247 if(i==end())
244 throw failed_lookup(OPKELE_CP_ n+": no such field"); 248 throw failed_lookup(OPKELE_CP_ n+": no such field");
245 return i->second; 249 return i->second;
246 } 250 }
247 251
248 openid_message_t::fields_iterator openid_message_t::fields_begin() const { 252 openid_message_t::fields_iterator openid_message_t::fields_begin() const {
249 return util::map_keys_iterator<const_iterator,string,const string&,const string*>(begin(),end()); 253 return util::map_keys_iterator<const_iterator,string,const string&,const string*>(begin(),end());
250 } 254 }
251 openid_message_t::fields_iterator openid_message_t::fields_end() const { 255 openid_message_t::fields_iterator openid_message_t::fields_end() const {
252 return util::map_keys_iterator<const_iterator,string,const string&,const string*>(end(),end()); 256 return util::map_keys_iterator<const_iterator,string,const string&,const string*>(end(),end());
253 } 257 }
254 258
255 void openid_message_t::reset_fields() { 259 void openid_message_t::reset_fields() {
256 clear(); 260 clear();
257 } 261 }
258 void openid_message_t::set_field(const string& n,const string& v) { 262 void openid_message_t::set_field(const string& n,const string& v) {
259 (*this)[n]=v; 263 (*this)[n]=v;
260 } 264 }
261 void openid_message_t::reset_field(const string& n) { 265 void openid_message_t::reset_field(const string& n) {
262 erase(n); 266 erase(n);
263 } 267 }
264 268
265} 269}