summaryrefslogtreecommitdiffabout
path: root/include
Unidiff
Diffstat (limited to 'include') (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/basic_op.h119
-rw-r--r--include/opkele/verify_op.h2
2 files changed, 113 insertions, 8 deletions
diff --git a/include/opkele/basic_op.h b/include/opkele/basic_op.h
index 5bba1bf..4daed02 100644
--- a/include/opkele/basic_op.h
+++ b/include/opkele/basic_op.h
@@ -7,9 +7,9 @@
7 7
8namespace opkele { 8namespace opkele {
9 using std::string; 9 using std::string;
10 10
11 class basic_op { 11 class basic_OP {
12 public: 12 public:
13 mode_t mode; 13 mode_t mode;
14 assoc_t assoc; 14 assoc_t assoc;
15 bool openid2; 15 bool openid2;
@@ -34,35 +34,140 @@ namespace opkele {
34 34
35 void select_identity(const string& c,const string& i); 35 void select_identity(const string& c,const string& i);
36 void set_claimed_id(const string& c); 36 void set_claimed_id(const string& c);
37 37
38 /** @name OpenID operations
39 * @{
40 */
41 /**
42 * Establish association with RP
43 * @param oum reply message
44 * @param inm request message
45 */
38 basic_openid_message& associate( 46 basic_openid_message& associate(
39 basic_openid_message& oum, 47 basic_openid_message& oum,
40 const basic_openid_message& inm); 48 const basic_openid_message& inm);
41 49
50 /**
51 * Parse the checkid_* request. The function parses input message,
52 * retrieves the information needed for further processing,
53 * verifies what can be verified at this stage.
54 * @param inm incoming OpenID message
55 * @param ext extension/chain of extensions supported
56 */
42 void checkid_(const basic_openid_message& inm,extension_t *ext=0); 57 void checkid_(const basic_openid_message& inm,extension_t *ext=0);
58 /**
59 * Build and sign a positive assertion message
60 * @param om outpu OpenID message
61 * @param ext extension/chain of extensions supported
62 * @return reference to om
63 */
43 basic_openid_message& id_res(basic_openid_message& om, 64 basic_openid_message& id_res(basic_openid_message& om,
44 extension_t *ext=0); 65 extension_t *ext=0);
66 /**
67 * Build a 'cancel' negative assertion
68 * @param om output OpenID message
69 * @return reference to om
70 */
45 basic_openid_message& cancel(basic_openid_message& om); 71 basic_openid_message& cancel(basic_openid_message& om);
72 /**
73 * Build an 'error' reply
74 * @param om output OpenID message
75 * @param error a human-readable message indicating the cause
76 * @param contact contact address for the server administrator (can be empty)
77 * @param reference a reference token (can be empty)
78 * @return reference to om
79 */
46 basic_openid_message& error(basic_openid_message& om, 80 basic_openid_message& error(basic_openid_message& om,
47 const string& error,const string& contact, 81 const string& error,const string& contact,
48 const string& reference ); 82 const string& reference );
83 /**
84 * Build a setup_needed reply to checkid_immediate request
85 * @param oum output OpenID message
86 * @param inm incoming OpenID request being processed
87 * @return reference to oum
88 */
49 basic_openid_message& setup_needed( 89 basic_openid_message& setup_needed(
50 basic_openid_message& oum,const basic_openid_message& inm); 90 basic_openid_message& oum,const basic_openid_message& inm);
51 91
92 /**
93 * Process check_authentication request
94 * @param oum output OpenID message
95 * @param inm incoming request
96 * @return reference to oum
97 */
52 basic_openid_message& check_authentication( 98 basic_openid_message& check_authentication(
53 basic_openid_message& oum,const basic_openid_message& inm); 99 basic_openid_message& oum,const basic_openid_message& inm);
54 100 /**
101 * @}
102 */
103
104 /**
105 * Verify return_to url. The default implementation checks whether
106 * return_to URI matches the realm
107 * @throw bad_realm in case of invalid realm
108 * @throw bad_return_to if return_to doesn't match the realm
109 * @see verify_op::verify_return_to()
110 */
55 virtual void verify_return_to(); 111 virtual void verify_return_to();
56 112
57 virtual assoc_t alloc_assoc(const string& t,size_t kl,bool sl) = 0; 113 /**
58 virtual assoc_t retrieve_assoc(const string& h) = 0; 114 * @name Global persistent store API
59 115 * These functions are related to the associations with RPs storage
60 virtual string& alloc_nonce(string& nonce,bool sl) = 0; 116 * and retrieval and nonce management.
117 * @{
118 */
119 /**
120 * Allocate association.
121 * @param type association type
122 * @param kl association key length
123 * @param sl true if the association is stateless
124 * @return association object
125 */
126 virtual assoc_t alloc_assoc(const string& type,size_t kl,bool sl) = 0;
127 /**
128 * Retrieve valid unexpired association
129 * @param handle association handle
130 * @return association object
131 */
132 virtual assoc_t retrieve_assoc(const string& handle) = 0;
133 /**
134 * Allocate nonce.
135 * @param nonce input-output parameter containing timestamp part of
136 * the nonce on input
137 * @param sl true if the nonce is
138 * @return reference to nonce
139 * @throw failed_lookup if no such valid unexpired association
140 * could be retrieved
141 */
142 virtual string& alloc_nonce(string& nonce) = 0;
143 /**
144 * Check nonce validity
145 * @param nonce nonce to check
146 * @return true if nonce found and isn't yet invalidated
147 */
61 virtual bool check_nonce(const string& nonce) = 0; 148 virtual bool check_nonce(const string& nonce) = 0;
149 /**
150 * Invalidate nonce
151 * @param nonce nonce to check
152 */
62 virtual void invalidate_nonce(const string& nonce) = 0; 153 virtual void invalidate_nonce(const string& nonce) = 0;
63 154 /**
155 * @}
156 */
157
158 /**
159 * @name Site particulars API
160 * @{
161 */
162 /**
163 * Query the absolute URL of the op endpoint
164 * @return fully qualified url of the OP endpoint
165 */
64 virtual const string get_op_endpoint() const = 0; 166 virtual const string get_op_endpoint() const = 0;
167 /**
168 * @}
169 */
65 170
66 }; 171 };
67} 172}
68 173
diff --git a/include/opkele/verify_op.h b/include/opkele/verify_op.h
index f5c97b2..6c3c386 100644
--- a/include/opkele/verify_op.h
+++ b/include/opkele/verify_op.h
@@ -4,9 +4,9 @@
4#include <opkele/basic_op.h> 4#include <opkele/basic_op.h>
5 5
6namespace opkele { 6namespace opkele {
7 7
8 class verify_op : public basic_op { 8 class verify_op : public basic_OP {
9 public: 9 public:
10 10
11 void verify_return_to(); 11 void verify_return_to();
12 }; 12 };