summaryrefslogtreecommitdiffabout
path: root/include
Unidiff
Diffstat (limited to 'include') (more/less context) (show whitespace changes)
-rw-r--r--include/opkele/basic_rp.h36
1 files changed, 36 insertions, 0 deletions
diff --git a/include/opkele/basic_rp.h b/include/opkele/basic_rp.h
index d5356aa..d096e0a 100644
--- a/include/opkele/basic_rp.h
+++ b/include/opkele/basic_rp.h
@@ -1,111 +1,147 @@
1#ifndef __OPKELE_BASIC_RP_H 1#ifndef __OPKELE_BASIC_RP_H
2#define __OPKELE_BASIC_RP_H 2#define __OPKELE_BASIC_RP_H
3 3
4#include <string> 4#include <string>
5#include <opkele/types.h> 5#include <opkele/types.h>
6#include <opkele/extension.h> 6#include <opkele/extension.h>
7 7
8namespace opkele { 8namespace opkele {
9 using std::string; 9 using std::string;
10 10
11 class basic_RP { 11 class basic_RP {
12 public: 12 public:
13 /**
14 * Claimed identifier from a parsed id_res message.
15 */
16 string claimed_id;
17 /**
18 * OP-Local identifier from a parsed id_res message.
19 */
20 string identity;
13 21
14 virtual ~basic_RP() { } 22 virtual ~basic_RP() { }
15 23
24 void reset_vars();
25
26 /**
27 * @name Assertion information retrieval
28 * Retrieval of the information passed with openid message
29 * @{
30 */
31 /**
32 * Find out if the assertion is about identity
33 * @return true if so
34 */
35 bool has_identity() const;
36 /**
37 * Get claimed identifier supplied with the request
38 * @return claimed identifier
39 * @throw non_identity if request is not about identity
40 */
41 const string& get_claimed_id() const;
42 /**
43 * Get the identity (OP-Local identifier) confirmed
44 * @return identity
45 * @throw non_identity if request is not about identity
46 */
47 const string& get_identity() const;
48 /**
49 * @}
50 */
51
16 /** 52 /**
17 * @name Global persistent store API 53 * @name Global persistent store API
18 * These are functions related to the associations with OP storage 54 * These are functions related to the associations with OP storage
19 * and retrieval and nonce records. They provide an interface to 55 * and retrieval and nonce records. They provide an interface to
20 * the persistent storage which is shared by all sessions. If the 56 * the persistent storage which is shared by all sessions. If the
21 * implementor prefers the dumb mode instead, the function should 57 * implementor prefers the dumb mode instead, the function should
22 * throw dumb_RP exception instead. 58 * throw dumb_RP exception instead.
23 * @see opkele::dumb_RP 59 * @see opkele::dumb_RP
24 * @{ 60 * @{
25 */ 61 */
26 /** 62 /**
27 * Store association and return allocated association object. 63 * Store association and return allocated association object.
28 * @param OP OP endpoint 64 * @param OP OP endpoint
29 * @param handle association handle 65 * @param handle association handle
30 * @param type association type 66 * @param type association type
31 * @param secret association secret 67 * @param secret association secret
32 * @params expires_in the number of seconds association expires in 68 * @params expires_in the number of seconds association expires in
33 * @return the association object 69 * @return the association object
34 * @throw dumb_RP for dumb RP 70 * @throw dumb_RP for dumb RP
35 */ 71 */
36 virtual assoc_t store_assoc( 72 virtual assoc_t store_assoc(
37 const string& OP,const string& handle, 73 const string& OP,const string& handle,
38 const string& type,const secret_t& secret, 74 const string& type,const secret_t& secret,
39 int expires_in) = 0; 75 int expires_in) = 0;
40 /** 76 /**
41 * Find valid unexpired association with an OP. 77 * Find valid unexpired association with an OP.
42 * @param OP OP endpoint URL 78 * @param OP OP endpoint URL
43 * @return association found 79 * @return association found
44 * @throw failed_lookup if no association found 80 * @throw failed_lookup if no association found
45 * @throw dumb_RP for dumb RP 81 * @throw dumb_RP for dumb RP
46 */ 82 */
47 virtual assoc_t find_assoc( 83 virtual assoc_t find_assoc(
48 const string& OP) = 0; 84 const string& OP) = 0;
49 /** 85 /**
50 * Retrieve valid association handle for an OP by handle. 86 * Retrieve valid association handle for an OP by handle.
51 * @param OP OP endpoint URL 87 * @param OP OP endpoint URL
52 * @param handle association handle 88 * @param handle association handle
53 * @return association found 89 * @return association found
54 * @throw failed_lookup if no association found 90 * @throw failed_lookup if no association found
55 * @throw dumb_RP for dumb RP 91 * @throw dumb_RP for dumb RP
56 */ 92 */
57 virtual assoc_t retrieve_assoc( 93 virtual assoc_t retrieve_assoc(
58 const string& OP,const string& handle) = 0; 94 const string& OP,const string& handle) = 0;
59 /** 95 /**
60 * Invalidate association with OP 96 * Invalidate association with OP
61 * @param OP OP endpoint URL 97 * @param OP OP endpoint URL
62 * @param handle association handle 98 * @param handle association handle
63 * @throw dumb_RP for dumb RP 99 * @throw dumb_RP for dumb RP
64 */ 100 */
65 virtual void invalidate_assoc(const string& OP,const string& handle) = 0; 101 virtual void invalidate_assoc(const string& OP,const string& handle) = 0;
66 102
67 /** 103 /**
68 * Check the nonce validity. That is, check that we haven't 104 * Check the nonce validity. That is, check that we haven't
69 * accepted request with this nonce from this OP, yet. May involve 105 * accepted request with this nonce from this OP, yet. May involve
70 * cutting off by the timestamp and checking the rest against the 106 * cutting off by the timestamp and checking the rest against the
71 * store of seen nonces. 107 * store of seen nonces.
72 * @param OP OP endpoint URL 108 * @param OP OP endpoint URL
73 * @param nonce nonce value 109 * @param nonce nonce value
74 * @throw id_res_bad_nonce if the nonce is not to be accepted, i.e. 110 * @throw id_res_bad_nonce if the nonce is not to be accepted, i.e.
75 * either too old or seen. 111 * either too old or seen.
76 */ 112 */
77 virtual void check_nonce(const string& OP,const string& nonce) = 0; 113 virtual void check_nonce(const string& OP,const string& nonce) = 0;
78 /** 114 /**
79 * @} 115 * @}
80 */ 116 */
81 117
82 /** 118 /**
83 * @name Session persistent store API 119 * @name Session persistent store API
84 * @{ 120 * @{
85 */ 121 */
86 /** 122 /**
87 * Retrieve OpenID endpoint being currently used for 123 * Retrieve OpenID endpoint being currently used for
88 * authentication. If there is no endpoint available, throw a 124 * authentication. If there is no endpoint available, throw a
89 * no_endpoint exception. 125 * no_endpoint exception.
90 * @return reference to the service endpoint object 126 * @return reference to the service endpoint object
91 * @see next_endpoint 127 * @see next_endpoint
92 * @throw no_endpoint if no endpoint available 128 * @throw no_endpoint if no endpoint available
93 */ 129 */
94 virtual const openid_endpoint_t& get_endpoint() const = 0; 130 virtual const openid_endpoint_t& get_endpoint() const = 0;
95 /** 131 /**
96 * Advance to the next endpoint to try. 132 * Advance to the next endpoint to try.
97 * @see get_endpoint() 133 * @see get_endpoint()
98 * @throw no_endpoint if there are no more endpoints 134 * @throw no_endpoint if there are no more endpoints
99 */ 135 */
100 virtual void next_endpoint() = 0; 136 virtual void next_endpoint() = 0;
101 /** 137 /**
102 * @} 138 * @}
103 */ 139 */
104 140
105 /** 141 /**
106 * @name Site particulars API 142 * @name Site particulars API
107 * @{ 143 * @{
108 */ 144 */
109 /** 145 /**
110 * Return an absolute URL of the page being processed, includining 146 * Return an absolute URL of the page being processed, includining
111 * query parameters. It is used to validate return_to URL on 147 * query parameters. It is used to validate return_to URL on