| -rw-r--r-- | include/opkele/basic_op.h | 1 | ||||
| -rw-r--r-- | include/opkele/basic_rp.h | 2 |
2 files changed, 1 insertions, 2 deletions
diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h index 12306dd..e4bbfa7 100644 --- a/include/opkele/basic_op.h +++ b/include/opkele/basic_op.h @@ -167,86 +167,85 @@ namespace opkele { basic_openid_message& setup_needed( basic_openid_message& oum,const basic_openid_message& inm); /** * Process check_authentication request * @param oum output OpenID message * @param inm incoming request * @return reference to oum */ basic_openid_message& check_authentication( basic_openid_message& oum,const basic_openid_message& inm); /** * @} */ /** * Verify return_to url. The default implementation checks whether * return_to URI matches the realm * @throw bad_realm in case of invalid realm * @throw bad_return_to if return_to doesn't match the realm * @see verify_OP::verify_return_to() */ virtual void verify_return_to(); /** * @name Global persistent store API * These functions are related to the associations with RPs storage * and retrieval and nonce management. * @{ */ /** * Allocate association. * @param type association type * @param kl association key length * @param sl true if the association is stateless * @return association object */ virtual assoc_t alloc_assoc(const string& type,size_t kl,bool sl) = 0; /** * Retrieve valid unexpired association * @param handle association handle * @return association object */ virtual assoc_t retrieve_assoc(const string& handle) = 0; /** * Allocate nonce. * @param nonce input-output parameter containing timestamp part of * the nonce on input - * @param sl true if the nonce is * @return reference to nonce * @throw failed_lookup if no such valid unexpired association * could be retrieved */ virtual string& alloc_nonce(string& nonce) = 0; /** * Check nonce validity * @param nonce nonce to check * @return true if nonce found and isn't yet invalidated */ virtual bool check_nonce(const string& nonce) = 0; /** * Invalidate nonce * @param nonce nonce to check */ virtual void invalidate_nonce(const string& nonce) = 0; /** * @} */ /** * @name Site particulars API * @{ */ /** * Query the absolute URL of the op endpoint * @return fully qualified url of the OP endpoint */ virtual const string get_op_endpoint() const = 0; /** * @} */ }; } #endif /* __OPKELE_BASIC_OP_H */ diff --git a/include/opkele/basic_rp.h b/include/opkele/basic_rp.h index d096e0a..ea00677 100644 --- a/include/opkele/basic_rp.h +++ b/include/opkele/basic_rp.h @@ -20,97 +20,97 @@ namespace opkele { string identity; virtual ~basic_RP() { } void reset_vars(); /** * @name Assertion information retrieval * Retrieval of the information passed with openid message * @{ */ /** * Find out if the assertion is about identity * @return true if so */ bool has_identity() const; /** * Get claimed identifier supplied with the request * @return claimed identifier * @throw non_identity if request is not about identity */ const string& get_claimed_id() const; /** * Get the identity (OP-Local identifier) confirmed * @return identity * @throw non_identity if request is not about identity */ const string& get_identity() const; /** * @} */ /** * @name Global persistent store API * These are functions related to the associations with OP storage * and retrieval and nonce records. They provide an interface to * the persistent storage which is shared by all sessions. If the * implementor prefers the dumb mode instead, the function should * throw dumb_RP exception instead. * @see opkele::dumb_RP * @{ */ /** * Store association and return allocated association object. * @param OP OP endpoint * @param handle association handle * @param type association type * @param secret association secret - * @params expires_in the number of seconds association expires in + * @param expires_in the number of seconds association expires in * @return the association object * @throw dumb_RP for dumb RP */ virtual assoc_t store_assoc( const string& OP,const string& handle, const string& type,const secret_t& secret, int expires_in) = 0; /** * Find valid unexpired association with an OP. * @param OP OP endpoint URL * @return association found * @throw failed_lookup if no association found * @throw dumb_RP for dumb RP */ virtual assoc_t find_assoc( const string& OP) = 0; /** * Retrieve valid association handle for an OP by handle. * @param OP OP endpoint URL * @param handle association handle * @return association found * @throw failed_lookup if no association found * @throw dumb_RP for dumb RP */ virtual assoc_t retrieve_assoc( const string& OP,const string& handle) = 0; /** * Invalidate association with OP * @param OP OP endpoint URL * @param handle association handle * @throw dumb_RP for dumb RP */ virtual void invalidate_assoc(const string& OP,const string& handle) = 0; /** * Check the nonce validity. That is, check that we haven't * accepted request with this nonce from this OP, yet. May involve * cutting off by the timestamp and checking the rest against the * store of seen nonces. * @param OP OP endpoint URL * @param nonce nonce value * @throw id_res_bad_nonce if the nonce is not to be accepted, i.e. * either too old or seen. */ virtual void check_nonce(const string& OP,const string& nonce) = 0; /** * @} */ |