summaryrefslogtreecommitdiffabout
path: root/include
Unidiff
Diffstat (limited to 'include') (more/less context) (ignore whitespace changes)
-rw-r--r--include/opkele/consumer.h2
-rw-r--r--include/opkele/extension.h2
-rw-r--r--include/opkele/server.h2
-rw-r--r--include/opkele/types.h2
4 files changed, 8 insertions, 0 deletions
diff --git a/include/opkele/consumer.h b/include/opkele/consumer.h
index b9d1e54..50ff692 100644
--- a/include/opkele/consumer.h
+++ b/include/opkele/consumer.h
@@ -1,72 +1,74 @@
1#ifndef __OPKELE_CONSUMER_H 1#ifndef __OPKELE_CONSUMER_H
2#define __OPKELE_CONSUMER_H 2#define __OPKELE_CONSUMER_H
3 3
4#include <opkele/types.h> 4#include <opkele/types.h>
5#include <opkele/extension.h> 5#include <opkele/extension.h>
6 6
7/** 7/**
8 * @file 8 * @file
9 * @brief OpenID consumer-side functionality 9 * @brief OpenID consumer-side functionality
10 */ 10 */
11 11
12namespace opkele { 12namespace opkele {
13 13
14 /** 14 /**
15 * implementation of basic consumer functionality 15 * implementation of basic consumer functionality
16 * 16 *
17 * @note 17 * @note
18 * The consumer uses libcurl internally, which means that if you're using 18 * The consumer uses libcurl internally, which means that if you're using
19 * libopkele in multithreaded environment you should call curl_global_init 19 * libopkele in multithreaded environment you should call curl_global_init
20 * yourself before spawning any threads. 20 * yourself before spawning any threads.
21 */ 21 */
22 class consumer_t { 22 class consumer_t {
23 public: 23 public:
24 24
25 virtual ~consumer_t() { }
26
25 /** 27 /**
26 * store association. The function should be overridden in the real 28 * store association. The function should be overridden in the real
27 * implementation to provide persistent associations store. 29 * implementation to provide persistent associations store.
28 * @param server the OpenID server 30 * @param server the OpenID server
29 * @param handle association handle 31 * @param handle association handle
30 * @param secret the secret associated with the server and handle 32 * @param secret the secret associated with the server and handle
31 * @param expires_in the number of seconds until the handle is expired 33 * @param expires_in the number of seconds until the handle is expired
32 * @return the auto_ptr<> for the newly allocated association_t object 34 * @return the auto_ptr<> for the newly allocated association_t object
33 */ 35 */
34 virtual assoc_t store_assoc(const string& server,const string& handle,const secret_t& secret,int expires_in) = 0; 36 virtual assoc_t store_assoc(const string& server,const string& handle,const secret_t& secret,int expires_in) = 0;
35 /** 37 /**
36 * retrieve stored association. The function should be overridden 38 * retrieve stored association. The function should be overridden
37 * in the real implementation to provide persistent assocations 39 * in the real implementation to provide persistent assocations
38 * store. 40 * store.
39 * 41 *
40 * @note 42 * @note
41 * The user is responsible for handling associations expiry and 43 * The user is responsible for handling associations expiry and
42 * this function should never return an expired or invalidated 44 * this function should never return an expired or invalidated
43 * association. 45 * association.
44 * 46 *
45 * @param server the OpenID server 47 * @param server the OpenID server
46 * @param handle association handle 48 * @param handle association handle
47 * @return the autho_ptr<> for the newly allocated association_t object 49 * @return the autho_ptr<> for the newly allocated association_t object
48 * @throw failed_lookup if no unexpired association found 50 * @throw failed_lookup if no unexpired association found
49 */ 51 */
50 virtual assoc_t retrieve_assoc(const string& server,const string& handle) = 0; 52 virtual assoc_t retrieve_assoc(const string& server,const string& handle) = 0;
51 /** 53 /**
52 * invalidate stored association. The function should be overridden 54 * invalidate stored association. The function should be overridden
53 * in the real implementation of the consumer. 55 * in the real implementation of the consumer.
54 * @param server the OpenID server 56 * @param server the OpenID server
55 * @param handle association handle 57 * @param handle association handle
56 */ 58 */
57 virtual void invalidate_assoc(const string& server,const string& handle) = 0; 59 virtual void invalidate_assoc(const string& server,const string& handle) = 0;
58 /** 60 /**
59 * retrieve any unexpired association for the server. If the 61 * retrieve any unexpired association for the server. If the
60 * function is not overridden in the real implementation, the new 62 * function is not overridden in the real implementation, the new
61 * association will be established for each request. 63 * association will be established for each request.
62 * 64 *
63 * @note 65 * @note
64 * The user is responsible for handling associations and this 66 * The user is responsible for handling associations and this
65 * function should never return an expired or invalidated 67 * function should never return an expired or invalidated
66 * association. 68 * association.
67 * 69 *
68 * @param server the OpenID server 70 * @param server the OpenID server
69 * @return the auto_ptr<> for the newly allocated association_t object 71 * @return the auto_ptr<> for the newly allocated association_t object
70 * @throw failed_lookup in case of absence of the handle 72 * @throw failed_lookup in case of absence of the handle
71 */ 73 */
72 virtual assoc_t find_assoc(const string& server); 74 virtual assoc_t find_assoc(const string& server);
diff --git a/include/opkele/extension.h b/include/opkele/extension.h
index ea0c74c..513672f 100644
--- a/include/opkele/extension.h
+++ b/include/opkele/extension.h
@@ -1,63 +1,65 @@
1#ifndef __OPKELE_EXTENSION_H 1#ifndef __OPKELE_EXTENSION_H
2#define __OPKELE_EXTENSION_H 2#define __OPKELE_EXTENSION_H
3 3
4/** 4/**
5 * @file 5 * @file
6 * @brief extensions framework basics 6 * @brief extensions framework basics
7 */ 7 */
8 8
9#include <opkele/types.h> 9#include <opkele/types.h>
10 10
11namespace opkele { 11namespace opkele {
12 12
13 /** 13 /**
14 * OpenID extension hooks base class 14 * OpenID extension hooks base class
15 */ 15 */
16 class extension_t { 16 class extension_t {
17 public: 17 public:
18
19 virtual ~extension_t() { }
18 /** 20 /**
19 * hook called by consumer before submitting data to OpenID server. 21 * hook called by consumer before submitting data to OpenID server.
20 * It is supposed to manipulate parameters list. 22 * It is supposed to manipulate parameters list.
21 * @param p parameters about to be submitted to server 23 * @param p parameters about to be submitted to server
22 * @param identity identity being verified. It may differ from the 24 * @param identity identity being verified. It may differ from the
23 * one available in parameters list in case of delegation 25 * one available in parameters list in case of delegation
24 * @see consumer_t::checkid_ 26 * @see consumer_t::checkid_
25 * @see consumer_t::checkid_immediate 27 * @see consumer_t::checkid_immediate
26 * @see consumer_t::checkid_setup 28 * @see consumer_t::checkid_setup
27 */ 29 */
28 virtual void checkid_hook(params_t& p,const string& identity); 30 virtual void checkid_hook(params_t& p,const string& identity);
29 /** 31 /**
30 * hook called by consumer after identity information received from 32 * hook called by consumer after identity information received from
31 * OpenID server is verified. 33 * OpenID server is verified.
32 * @param p parameters received from server 34 * @param p parameters received from server
33 * @param sp signed parameters received from server with 'openid.' 35 * @param sp signed parameters received from server with 'openid.'
34 * leader stripped 36 * leader stripped
35 * @param identity identity confirmed. May differ from the one 37 * @param identity identity confirmed. May differ from the one
36 * available in parameters list in case of delegation. May also be 38 * available in parameters list in case of delegation. May also be
37 * empty which means - extract one from parameters 39 * empty which means - extract one from parameters
38 * @see consumer_t::id_res 40 * @see consumer_t::id_res
39 */ 41 */
40 virtual void id_res_hook(const params_t& p,const params_t& sp,const string& identity); 42 virtual void id_res_hook(const params_t& p,const params_t& sp,const string& identity);
41 43
42 /** 44 /**
43 * hook called by server before returning information to consumer. 45 * hook called by server before returning information to consumer.
44 * The hook may manipulate output parameters. It is important to 46 * The hook may manipulate output parameters. It is important to
45 * note that modified pout["signed"] is used for signing response. 47 * note that modified pout["signed"] is used for signing response.
46 * @param pin request parameters list with "openid." prefix 48 * @param pin request parameters list with "openid." prefix
47 * @param pout response parameters list without "openid." prefix 49 * @param pout response parameters list without "openid." prefix
48 * @see server_t::checkid_ 50 * @see server_t::checkid_
49 * @see server_t::checkid_immediate 51 * @see server_t::checkid_immediate
50 * @see server_t::checkid_setup 52 * @see server_t::checkid_setup
51 */ 53 */
52 virtual void checkid_hook(const params_t& pin,params_t& pout); 54 virtual void checkid_hook(const params_t& pin,params_t& pout);
53 55
54 /** 56 /**
55 * Casts the object to pointer to itself. For convenient passing 57 * Casts the object to pointer to itself. For convenient passing
56 * of pointer. 58 * of pointer.
57 */ 59 */
58 operator extension_t*(void) { return this; } 60 operator extension_t*(void) { return this; }
59 }; 61 };
60 62
61} 63}
62 64
63#endif /* __OPKELE_EXTENSION_H */ 65#endif /* __OPKELE_EXTENSION_H */
diff --git a/include/opkele/server.h b/include/opkele/server.h
index e7e5bb3..dd7fc41 100644
--- a/include/opkele/server.h
+++ b/include/opkele/server.h
@@ -1,67 +1,69 @@
1#ifndef __OPKELE_SERVER_H 1#ifndef __OPKELE_SERVER_H
2#define __OPKELE_SERVER_H 2#define __OPKELE_SERVER_H
3 3
4/** 4/**
5 * @file 5 * @file
6 * @brief OpenID server-side functionality 6 * @brief OpenID server-side functionality
7 */ 7 */
8 8
9#include <opkele/types.h> 9#include <opkele/types.h>
10#include <opkele/extension.h> 10#include <opkele/extension.h>
11 11
12namespace opkele { 12namespace opkele {
13 13
14 /** 14 /**
15 * implementation of basic server functionality 15 * implementation of basic server functionality
16 */ 16 */
17 class server_t { 17 class server_t {
18 public: 18 public:
19 19
20 virtual ~server_t() { }
21
20 /** 22 /**
21 * allocate the new association. The function should be overridden 23 * allocate the new association. The function should be overridden
22 * in the real implementation to provide persistent assocations 24 * in the real implementation to provide persistent assocations
23 * store. 25 * store.
24 * @param mode the mode of request being processed to base the 26 * @param mode the mode of request being processed to base the
25 * statelessness of the association upon 27 * statelessness of the association upon
26 * @return the auto_ptr<> for the newly allocated association_t object 28 * @return the auto_ptr<> for the newly allocated association_t object
27 */ 29 */
28 virtual assoc_t alloc_assoc(mode_t mode) = 0; 30 virtual assoc_t alloc_assoc(mode_t mode) = 0;
29 /** 31 /**
30 * retrieve the association. The function should be overridden in 32 * retrieve the association. The function should be overridden in
31 * the reqal implementation to provide persistent assocations 33 * the reqal implementation to provide persistent assocations
32 * store. 34 * store.
33 * @param h association handle 35 * @param h association handle
34 * @return the auto_ptr<> for the newly allocated association_t object 36 * @return the auto_ptr<> for the newly allocated association_t object
35 * @throw failed_lookup in case of failure 37 * @throw failed_lookup in case of failure
36 */ 38 */
37 virtual assoc_t retrieve_assoc(const string& h) = 0; 39 virtual assoc_t retrieve_assoc(const string& h) = 0;
38 40
39 /** 41 /**
40 * validate the identity. 42 * validate the identity.
41 * @param assoc association object 43 * @param assoc association object
42 * @param pin incoming request parameters 44 * @param pin incoming request parameters
43 * @param identity being verified 45 * @param identity being verified
44 * @param trust_root presented in the request 46 * @param trust_root presented in the request
45 * @throw exception if identity can not be confirmed 47 * @throw exception if identity can not be confirmed
46 */ 48 */
47 virtual void validate(const association_t& assoc,const params_t& pin,const string& identity,const string& trust_root) = 0; 49 virtual void validate(const association_t& assoc,const params_t& pin,const string& identity,const string& trust_root) = 0;
48 50
49 51
50 /** 52 /**
51 * process the associate request. 53 * process the associate request.
52 * @param pin the incoming request parameters 54 * @param pin the incoming request parameters
53 * @param pout the store for the response parameters 55 * @param pout the store for the response parameters
54 */ 56 */
55 void associate(const params_t& pin,params_t& pout); 57 void associate(const params_t& pin,params_t& pout);
56 /** 58 /**
57 * process the checkid_immediate request. 59 * process the checkid_immediate request.
58 * @param pin the incoming request parameters 60 * @param pin the incoming request parameters
59 * @param return_to reference to the object to store return_to url to 61 * @param return_to reference to the object to store return_to url to
60 * @param pout the response parameters 62 * @param pout the response parameters
61 * @param ext pointer to the extension hooks object 63 * @param ext pointer to the extension hooks object
62 * @throw exception in case of errors or negative reply 64 * @throw exception in case of errors or negative reply
63 */ 65 */
64 virtual void checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0); 66 virtual void checkid_immediate(const params_t& pin,string& return_to,params_t& pout,extension_t *ext=0);
65 /** 67 /**
66 * process the checkid_setup request. 68 * process the checkid_setup request.
67 * @param pin the incoming request parameters 69 * @param pin the incoming request parameters
diff --git a/include/opkele/types.h b/include/opkele/types.h
index 8f4bf73..f732a1e 100644
--- a/include/opkele/types.h
+++ b/include/opkele/types.h
@@ -20,96 +20,98 @@ namespace opkele {
20 using std::auto_ptr; 20 using std::auto_ptr;
21 21
22 /** 22 /**
23 * the OpenID operation mode 23 * the OpenID operation mode
24 */ 24 */
25 typedef enum _mode_t { 25 typedef enum _mode_t {
26 mode_associate, 26 mode_associate,
27 mode_checkid_immediate, 27 mode_checkid_immediate,
28 mode_checkid_setup, 28 mode_checkid_setup,
29 mode_check_association 29 mode_check_association
30 } mode_t; 30 } mode_t;
31 31
32 /** 32 /**
33 * the association secret container 33 * the association secret container
34 */ 34 */
35 class secret_t : public vector<unsigned char> { 35 class secret_t : public vector<unsigned char> {
36 public: 36 public:
37 37
38 /** 38 /**
39 * xor the secret and hmac together and encode, using base64 39 * xor the secret and hmac together and encode, using base64
40 * @param key_sha1 pointer to the sha1 digest 40 * @param key_sha1 pointer to the sha1 digest
41 * @param rv reference to the return value 41 * @param rv reference to the return value
42 */ 42 */
43 void enxor_to_base64(const unsigned char *key_sha1,string& rv) const; 43 void enxor_to_base64(const unsigned char *key_sha1,string& rv) const;
44 /** 44 /**
45 * decode base64-encoded secret and xor it with the sha1 digest 45 * decode base64-encoded secret and xor it with the sha1 digest
46 * @param key_sha1 pointer to the message digest 46 * @param key_sha1 pointer to the message digest
47 * @param b64 base64-encoded secret value 47 * @param b64 base64-encoded secret value
48 */ 48 */
49 void enxor_from_base64(const unsigned char *key_sha1,const string& b64); 49 void enxor_from_base64(const unsigned char *key_sha1,const string& b64);
50 /** 50 /**
51 * plainly encode to base64 representation 51 * plainly encode to base64 representation
52 * @param rv reference to the return value 52 * @param rv reference to the return value
53 */ 53 */
54 void to_base64(string& rv) const; 54 void to_base64(string& rv) const;
55 /** 55 /**
56 * decode cleartext secret from base64 56 * decode cleartext secret from base64
57 * @param b64 base64-encoded representation of the secret value 57 * @param b64 base64-encoded representation of the secret value
58 */ 58 */
59 void from_base64(const string& b64); 59 void from_base64(const string& b64);
60 }; 60 };
61 61
62 /** 62 /**
63 * Interface to the association. 63 * Interface to the association.
64 */ 64 */
65 class association_t { 65 class association_t {
66 public: 66 public:
67 67
68 virtual ~association_t() { }
69
68 /** 70 /**
69 * retrieve the server with which association was established. 71 * retrieve the server with which association was established.
70 * @return server name 72 * @return server name
71 */ 73 */
72 virtual string server() const = 0; 74 virtual string server() const = 0;
73 /** 75 /**
74 * retrieve the association handle. 76 * retrieve the association handle.
75 * @return handle 77 * @return handle
76 */ 78 */
77 virtual string handle() const = 0; 79 virtual string handle() const = 0;
78 /** 80 /**
79 * retrieve the association type. 81 * retrieve the association type.
80 * @return association type 82 * @return association type
81 */ 83 */
82 virtual string assoc_type() const = 0; 84 virtual string assoc_type() const = 0;
83 /** 85 /**
84 * retrieve the association secret. 86 * retrieve the association secret.
85 * @return association secret 87 * @return association secret
86 */ 88 */
87 virtual secret_t secret() const = 0; 89 virtual secret_t secret() const = 0;
88 /** 90 /**
89 * retrieve the number of seconds the association expires in. 91 * retrieve the number of seconds the association expires in.
90 * @return seconds till expiration 92 * @return seconds till expiration
91 */ 93 */
92 virtual int expires_in() const = 0; 94 virtual int expires_in() const = 0;
93 /** 95 /**
94 * check whether the association is stateless. 96 * check whether the association is stateless.
95 * @return true if stateless 97 * @return true if stateless
96 */ 98 */
97 virtual bool stateless() const = 0; 99 virtual bool stateless() const = 0;
98 /** 100 /**
99 * check whether the association is expired. 101 * check whether the association is expired.
100 * @return true if expired 102 * @return true if expired
101 */ 103 */
102 virtual bool is_expired() const = 0; 104 virtual bool is_expired() const = 0;
103 }; 105 };
104 106
105 /** 107 /**
106 * the auto_ptr<> for association_t object type 108 * the auto_ptr<> for association_t object type
107 */ 109 */
108 typedef auto_ptr<association_t> assoc_t; 110 typedef auto_ptr<association_t> assoc_t;
109 111
110 /** 112 /**
111 * request/response parameters map 113 * request/response parameters map
112 */ 114 */
113 class params_t : public map<string,string> { 115 class params_t : public map<string,string> {
114 public: 116 public:
115 117