| -rw-r--r-- | lib/basic_op.cc | 5 | ||||
| -rw-r--r-- | lib/basic_rp.cc | 4 | ||||
| -rw-r--r-- | lib/extension.cc | 25 | ||||
| -rw-r--r-- | lib/extension_chain.cc | 27 | ||||
| -rw-r--r-- | lib/sreg.cc | 28 |
5 files changed, 67 insertions, 22 deletions
diff --git a/lib/basic_op.cc b/lib/basic_op.cc index c89d1d7..9e2ea5a 100644 --- a/lib/basic_op.cc +++ b/lib/basic_op.cc | |||
| @@ -184,27 +184,29 @@ namespace opkele { | |||
| 184 | }catch(failed_lookup&) { | 184 | }catch(failed_lookup&) { |
| 185 | if(openid2) | 185 | if(openid2) |
| 186 | throw bad_input(OPKELE_CP_ | 186 | throw bad_input(OPKELE_CP_ |
| 187 | "claimed_id and identity must be either both present or both absent"); | 187 | "claimed_id and identity must be either both present or both absent"); |
| 188 | claimed_id = identity; | 188 | claimed_id = identity; |
| 189 | } | 189 | } |
| 190 | }catch(failed_lookup&) { | 190 | }catch(failed_lookup&) { |
| 191 | if(openid2 && inm.has_field("claimed_id")) | 191 | if(openid2 && inm.has_field("claimed_id")) |
| 192 | throw bad_input(OPKELE_CP_ | 192 | throw bad_input(OPKELE_CP_ |
| 193 | "claimed_id and identity must be either both present or both absent"); | 193 | "claimed_id and identity must be either both present or both absent"); |
| 194 | } | 194 | } |
| 195 | verify_return_to(); | 195 | verify_return_to(); |
| 196 | if(ext) ext->op_checkid_hook(inm); | ||
| 196 | } | 197 | } |
| 197 | 198 | ||
| 198 | basic_openid_message& basic_op::id_res(basic_openid_message& om) { | 199 | basic_openid_message& basic_op::id_res(basic_openid_message& om, |
| 200 | extension_t *ext) { | ||
| 199 | assert(assoc); | 201 | assert(assoc); |
| 200 | assert(!return_to.empty()); | 202 | assert(!return_to.empty()); |
| 201 | assert(!is_id_select()); | 203 | assert(!is_id_select()); |
| 202 | time_t now = time(0); | 204 | time_t now = time(0); |
| 203 | struct tm gmt; gmtime_r(&now,&gmt); | 205 | struct tm gmt; gmtime_r(&now,&gmt); |
| 204 | char w3timestr[24]; | 206 | char w3timestr[24]; |
| 205 | if(!strftime(w3timestr,sizeof(w3timestr),"%Y-%m-%dT%H:%M:%SZ",&gmt)) | 207 | if(!strftime(w3timestr,sizeof(w3timestr),"%Y-%m-%dT%H:%M:%SZ",&gmt)) |
| 206 | throw failed_conversion(OPKELE_CP_ | 208 | throw failed_conversion(OPKELE_CP_ |
| 207 | "Failed to build time string for nonce" ); | 209 | "Failed to build time string for nonce" ); |
| 208 | om.set_field("ns",OIURI_OPENID20); | 210 | om.set_field("ns",OIURI_OPENID20); |
| 209 | om.set_field("mode","id_res"); | 211 | om.set_field("mode","id_res"); |
| 210 | om.set_field("op_endpoint",get_op_endpoint()); | 212 | om.set_field("op_endpoint",get_op_endpoint()); |
| @@ -215,24 +217,25 @@ namespace opkele { | |||
| 215 | om.set_field("claimed_id",claimed_id); | 217 | om.set_field("claimed_id",claimed_id); |
| 216 | ats += ",identity,claimed_id"; | 218 | ats += ",identity,claimed_id"; |
| 217 | } | 219 | } |
| 218 | om.set_field("return_to",return_to); | 220 | om.set_field("return_to",return_to); |
| 219 | string nonce = w3timestr; | 221 | string nonce = w3timestr; |
| 220 | om.set_field("response_nonce",alloc_nonce(nonce,assoc->stateless())); | 222 | om.set_field("response_nonce",alloc_nonce(nonce,assoc->stateless())); |
| 221 | if(!invalidate_handle.empty()) { | 223 | if(!invalidate_handle.empty()) { |
| 222 | om.set_field("invalidate_handle",invalidate_handle); | 224 | om.set_field("invalidate_handle",invalidate_handle); |
| 223 | ats += ",invalidate_handle"; | 225 | ats += ",invalidate_handle"; |
| 224 | } | 226 | } |
| 225 | om.set_field("assoc_handle",assoc->handle()); | 227 | om.set_field("assoc_handle",assoc->handle()); |
| 226 | om.add_to_signed(ats); | 228 | om.add_to_signed(ats); |
| 229 | if(ext) ext->op_id_res_hook(om); | ||
| 227 | om.set_field("sig",util::base64_signature(assoc,om)); | 230 | om.set_field("sig",util::base64_signature(assoc,om)); |
| 228 | return om; | 231 | return om; |
| 229 | } | 232 | } |
| 230 | 233 | ||
| 231 | basic_openid_message& basic_op::cancel(basic_openid_message& om) { | 234 | basic_openid_message& basic_op::cancel(basic_openid_message& om) { |
| 232 | assert(!return_to.empty()); | 235 | assert(!return_to.empty()); |
| 233 | om.set_field("ns",OIURI_OPENID20); | 236 | om.set_field("ns",OIURI_OPENID20); |
| 234 | om.set_field("mode","cancel"); | 237 | om.set_field("mode","cancel"); |
| 235 | return om; | 238 | return om; |
| 236 | } | 239 | } |
| 237 | 240 | ||
| 238 | basic_openid_message& basic_op::error(basic_openid_message& om, | 241 | basic_openid_message& basic_op::error(basic_openid_message& om, |
diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc index a884583..bd45d99 100644 --- a/lib/basic_rp.cc +++ b/lib/basic_rp.cc | |||
| @@ -120,25 +120,25 @@ namespace opkele { | |||
| 120 | rv.set_field("return_to",return_to); | 120 | rv.set_field("return_to",return_to); |
| 121 | const openid_endpoint_t& ep = get_endpoint(); | 121 | const openid_endpoint_t& ep = get_endpoint(); |
| 122 | rv.set_field("claimed_id",ep.claimed_id); | 122 | rv.set_field("claimed_id",ep.claimed_id); |
| 123 | rv.set_field("identity",ep.local_id); | 123 | rv.set_field("identity",ep.local_id); |
| 124 | try { | 124 | try { |
| 125 | rv.set_field("assoc_handle",find_assoc(ep.uri)->handle()); | 125 | rv.set_field("assoc_handle",find_assoc(ep.uri)->handle()); |
| 126 | }catch(dumb_RP& drp) { | 126 | }catch(dumb_RP& drp) { |
| 127 | }catch(failed_lookup& fl) { | 127 | }catch(failed_lookup& fl) { |
| 128 | try { | 128 | try { |
| 129 | rv.set_field("assoc_handle",associate(ep.uri)->handle()); | 129 | rv.set_field("assoc_handle",associate(ep.uri)->handle()); |
| 130 | }catch(dumb_RP& drp) { } | 130 | }catch(dumb_RP& drp) { } |
| 131 | } OPKELE_RETHROW | 131 | } OPKELE_RETHROW |
| 132 | if(ext) ext->checkid_hook(rv); | 132 | if(ext) ext->rp_checkid_hook(rv); |
| 133 | return rv; | 133 | return rv; |
| 134 | } | 134 | } |
| 135 | 135 | ||
| 136 | class signed_part_message_proxy : public basic_openid_message { | 136 | class signed_part_message_proxy : public basic_openid_message { |
| 137 | public: | 137 | public: |
| 138 | const basic_openid_message& x; | 138 | const basic_openid_message& x; |
| 139 | set<string> signeds; | 139 | set<string> signeds; |
| 140 | 140 | ||
| 141 | signed_part_message_proxy(const basic_openid_message& xx) : x(xx) { | 141 | signed_part_message_proxy(const basic_openid_message& xx) : x(xx) { |
| 142 | const string& slist = x.get_field("signed"); | 142 | const string& slist = x.get_field("signed"); |
| 143 | string::size_type p = 0; | 143 | string::size_type p = 0; |
| 144 | while(true) { | 144 | while(true) { |
| @@ -266,25 +266,25 @@ namespace opkele { | |||
| 266 | if(tpi->second!=rpi->second) | 266 | if(tpi->second!=rpi->second) |
| 267 | throw id_res_bad_return_to(OPKELE_CP_ string("Parameter '")+rpi->first+"' from return_to doesn't matche the request"); | 267 | throw id_res_bad_return_to(OPKELE_CP_ string("Parameter '")+rpi->first+"' from return_to doesn't matche the request"); |
| 268 | } | 268 | } |
| 269 | 269 | ||
| 270 | if(om.has_field("claimed_id")) { | 270 | if(om.has_field("claimed_id")) { |
| 271 | verify_OP( | 271 | verify_OP( |
| 272 | om.get_field("op_endpoint"), | 272 | om.get_field("op_endpoint"), |
| 273 | om.get_field("claimed_id"), | 273 | om.get_field("claimed_id"), |
| 274 | om.get_field("identity") ); | 274 | om.get_field("identity") ); |
| 275 | } | 275 | } |
| 276 | 276 | ||
| 277 | } | 277 | } |
| 278 | if(ext) ext->id_res_hook(om,signeds); | 278 | if(ext) ext->rp_id_res_hook(om,signeds); |
| 279 | } | 279 | } |
| 280 | 280 | ||
| 281 | void basic_RP::check_authentication(const string& OP, | 281 | void basic_RP::check_authentication(const string& OP, |
| 282 | const basic_openid_message& om){ | 282 | const basic_openid_message& om){ |
| 283 | openid_message_t res; | 283 | openid_message_t res; |
| 284 | static const string checkauthmode = "check_authentication"; | 284 | static const string checkauthmode = "check_authentication"; |
| 285 | direct_request(res,util::change_mode_message_proxy(om,checkauthmode),OP); | 285 | direct_request(res,util::change_mode_message_proxy(om,checkauthmode),OP); |
| 286 | if(res.has_field("is_valid")) { | 286 | if(res.has_field("is_valid")) { |
| 287 | if(res.get_field("is_valid")=="true") { | 287 | if(res.get_field("is_valid")=="true") { |
| 288 | if(res.has_field("invalidate_handle")) | 288 | if(res.has_field("invalidate_handle")) |
| 289 | invalidate_assoc(OP,res.get_field("invalidate_handle")); | 289 | invalidate_assoc(OP,res.get_field("invalidate_handle")); |
| 290 | return; | 290 | return; |
diff --git a/lib/extension.cc b/lib/extension.cc index 6451249..f7aaea5 100644 --- a/lib/extension.cc +++ b/lib/extension.cc | |||
| @@ -1,15 +1,26 @@ | |||
| 1 | #include <opkele/exception.h> | 1 | #include <opkele/exception.h> |
| 2 | #include <opkele/extension.h> | 2 | #include <opkele/extension.h> |
| 3 | 3 | ||
| 4 | namespace opkele { | 4 | namespace opkele { |
| 5 | 5 | ||
| 6 | void extension_t::rp_checkid_hook(basic_openid_message&) { | ||
| 7 | throw not_implemented(OPKELE_CP_ "RP checkid_* hook not implemented"); } | ||
| 8 | void extension_t::rp_id_res_hook(const basic_openid_message&, | ||
| 9 | const basic_openid_message&) { | ||
| 10 | throw not_implemented(OPKELE_CP_ "RP id_res hook not implemented"); } | ||
| 11 | |||
| 12 | void extension_t::op_checkid_hook(const basic_openid_message&) { | ||
| 13 | throw not_implemented(OPKELE_CP_ "OP checkid_* hook not implemented"); } | ||
| 14 | void extension_t::op_id_res_hook(basic_openid_message& om) { | ||
| 15 | throw not_implemented(OPKELE_CP_ "OP id_res hook not implemented"); } | ||
| 16 | |||
| 17 | |||
| 6 | void extension_t::checkid_hook(basic_openid_message&) { | 18 | void extension_t::checkid_hook(basic_openid_message&) { |
| 7 | throw not_implemented(OPKELE_CP_ "Consumer checkid_hook not implemented"); | 19 | throw not_implemented(OPKELE_CP_ "deprecated consumer checkid_* hook not implemented"); } |
| 8 | } | 20 | void extension_t::id_res_hook(const basic_openid_message&, |
| 9 | void extension_t::id_res_hook(const basic_openid_message&,const basic_openid_message&) { | 21 | const basic_openid_message&) { |
| 10 | throw not_implemented(OPKELE_CP_ "Consumer id_res_hook not implemented"); | 22 | throw not_implemented(OPKELE_CP_ "deprecated consumer id_res hook not implemented"); } |
| 11 | } | 23 | |
| 12 | void extension_t::checkid_hook(const basic_openid_message&,basic_openid_message&) { | 24 | void extension_t::checkid_hook(const basic_openid_message&,basic_openid_message&) { |
| 13 | throw not_implemented(OPKELE_CP_ "Server checkid_hook not implemented"); | 25 | throw not_implemented(OPKELE_CP_ "deprecated server checkid hook not implemented"); } |
| 14 | } | ||
| 15 | } | 26 | } |
diff --git a/lib/extension_chain.cc b/lib/extension_chain.cc index 5c2afd9..5483740 100644 --- a/lib/extension_chain.cc +++ b/lib/extension_chain.cc | |||
| @@ -1,16 +1,27 @@ | |||
| 1 | #include <cstdarg> | 1 | #include <cstdarg> |
| 2 | #include <opkele/extension_chain.h> | 2 | #include <opkele/extension_chain.h> |
| 3 | 3 | ||
| 4 | namespace opkele { | 4 | namespace opkele { |
| 5 | 5 | ||
| 6 | void extension_chain_t::rp_checkid_hook(basic_openid_message& om) { | ||
| 7 | for(iterator i=begin();i!=end();++i) (*i)->rp_checkid_hook(om); } | ||
| 8 | void extension_chain_t::rp_id_res_hook(const basic_openid_message& om, | ||
| 9 | const basic_openid_message& sp) { | ||
| 10 | for(iterator i=begin();i!=end();++i) (*i)->rp_id_res_hook(om,sp); } | ||
| 11 | |||
| 12 | void extension_chain_t::op_checkid_hook(const basic_openid_message& inm) { | ||
| 13 | for(iterator i=begin();i!=end();++i) (*i)->op_checkid_hook(inm); } | ||
| 14 | void extension_chain_t::op_id_res_hook(basic_openid_message& oum) { | ||
| 15 | for(iterator i=begin();i!=end();++i) (*i)->op_id_res_hook(oum); } | ||
| 16 | |||
| 17 | |||
| 6 | void extension_chain_t::checkid_hook(basic_openid_message& om){ | 18 | void extension_chain_t::checkid_hook(basic_openid_message& om){ |
| 7 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(om); | 19 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(om); } |
| 8 | } | 20 | void extension_chain_t::id_res_hook(const basic_openid_message& om, |
| 9 | void extension_chain_t::id_res_hook(const basic_openid_message& om,const basic_openid_message& sp) { | 21 | const basic_openid_message& sp) { |
| 10 | for(iterator i=begin();i!=end();++i) (*i)->id_res_hook(om,sp); | 22 | for(iterator i=begin();i!=end();++i) (*i)->id_res_hook(om,sp); } |
| 11 | } | 23 | void extension_chain_t::checkid_hook(const basic_openid_message& inm, |
| 12 | void extension_chain_t::checkid_hook(const basic_openid_message& inm,basic_openid_message& oum) { | 24 | basic_openid_message& oum) { |
| 13 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(inm,oum); | 25 | for(iterator i=begin();i!=end();++i) (*i)->checkid_hook(inm,oum); } |
| 14 | } | ||
| 15 | 26 | ||
| 16 | } | 27 | } |
diff --git a/lib/sreg.cc b/lib/sreg.cc index 7e2d588..b40cd45 100644 --- a/lib/sreg.cc +++ b/lib/sreg.cc | |||
| @@ -19,63 +19,71 @@ namespace opkele { | |||
| 19 | { "country", sreg_t::field_country }, | 19 | { "country", sreg_t::field_country }, |
| 20 | { "language", sreg_t::field_language }, | 20 | { "language", sreg_t::field_language }, |
| 21 | { "timezone", sreg_t::field_timezone } | 21 | { "timezone", sreg_t::field_timezone } |
| 22 | }; | 22 | }; |
| 23 | # define fields_BEGINfields | 23 | # define fields_BEGINfields |
| 24 | # define fields_END &fields[sizeof(fields)/sizeof(*fields)] | 24 | # define fields_END &fields[sizeof(fields)/sizeof(*fields)] |
| 25 | typedef const struct _sreg_field *fields_iterator; | 25 | typedef const struct _sreg_field *fields_iterator; |
| 26 | 26 | ||
| 27 | bool operator==(const struct _sreg_field& fd,const string& fn) { | 27 | bool operator==(const struct _sreg_field& fd,const string& fn) { |
| 28 | return fd.fieldname==fn; | 28 | return fd.fieldname==fn; |
| 29 | } | 29 | } |
| 30 | 30 | ||
| 31 | void sreg_t::checkid_hook(basic_openid_message& om) { | 31 | void sreg_t::rp_checkid_hook(basic_openid_message& om) { |
| 32 | string fr, fo; | 32 | string fr, fo; |
| 33 | for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { | 33 | for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { |
| 34 | if(f->fieldbit&fields_required) { | 34 | if(f->fieldbit&fields_required) { |
| 35 | if(!fr.empty()) fr+=","; | 35 | if(!fr.empty()) fr+=","; |
| 36 | fr += f->fieldname; | 36 | fr += f->fieldname; |
| 37 | } | 37 | } |
| 38 | if(f->fieldbit&fields_optional) { | 38 | if(f->fieldbit&fields_optional) { |
| 39 | if(!fo.empty()) fo+=","; | 39 | if(!fo.empty()) fo+=","; |
| 40 | fo += f->fieldname; | 40 | fo += f->fieldname; |
| 41 | } | 41 | } |
| 42 | } | 42 | } |
| 43 | string pfx = om.allocate_ns(OIURI_SREG11,"sreg"); | 43 | string pfx = om.allocate_ns(OIURI_SREG11,"sreg"); |
| 44 | if(!fr.empty()) om.set_field(pfx+".required",fr); | 44 | if(!fr.empty()) om.set_field(pfx+".required",fr); |
| 45 | if(!fo.empty()) om.set_field(pfx+".optional",fo); | 45 | if(!fo.empty()) om.set_field(pfx+".optional",fo); |
| 46 | if(!policy_url.empty()) om.set_field(pfx+".policy_url",policy_url); | 46 | if(!policy_url.empty()) om.set_field(pfx+".policy_url",policy_url); |
| 47 | } | 47 | } |
| 48 | 48 | ||
| 49 | void sreg_t::id_res_hook(const basic_openid_message& om,const basic_openid_message& sp) { | 49 | void sreg_t::checkid_hook(basic_openid_message& om) { |
| 50 | rp_checkid_hook(om); } | ||
| 51 | |||
| 52 | void sreg_t::rp_id_res_hook(const basic_openid_message& om, | ||
| 53 | const basic_openid_message& sp) { | ||
| 50 | clear(); | 54 | clear(); |
| 51 | string pfx; | 55 | string pfx; |
| 52 | try { | 56 | try { |
| 53 | pfx = om.find_ns(OIURI_SREG11,"sreg"); | 57 | pfx = om.find_ns(OIURI_SREG11,"sreg"); |
| 54 | }catch(failed_lookup& fl) { | 58 | }catch(failed_lookup& fl) { |
| 55 | try { | 59 | try { |
| 56 | pfx = om.find_ns(OIURI_SREG10,"sreg"); | 60 | pfx = om.find_ns(OIURI_SREG10,"sreg"); |
| 57 | }catch(failed_lookup& fl) { | 61 | }catch(failed_lookup& fl) { |
| 58 | return; | 62 | return; |
| 59 | } | 63 | } |
| 60 | } | 64 | } |
| 61 | pfx += '.'; | 65 | pfx += '.'; |
| 62 | for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { | 66 | for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { |
| 63 | string fn = pfx; fn+=f->fieldname; | 67 | string fn = pfx; fn+=f->fieldname; |
| 64 | if(!sp.has_field(fn)) continue; | 68 | if(!sp.has_field(fn)) continue; |
| 65 | has_fields |= f->fieldbit; | 69 | has_fields |= f->fieldbit; |
| 66 | response[f->fieldbit]=sp.get_field(fn); | 70 | response[f->fieldbit]=sp.get_field(fn); |
| 67 | } | 71 | } |
| 68 | } | 72 | } |
| 69 | 73 | ||
| 74 | void sreg_t::id_res_hook(const basic_openid_message& om, | ||
| 75 | const basic_openid_message& sp) { | ||
| 76 | rp_id_res_hook(om,sp); } | ||
| 77 | |||
| 70 | const string& sreg_t::get_field(fieldbit_t fb) const { | 78 | const string& sreg_t::get_field(fieldbit_t fb) const { |
| 71 | response_t::const_iterator i = response.find(fb); | 79 | response_t::const_iterator i = response.find(fb); |
| 72 | if(i==response.end()) | 80 | if(i==response.end()) |
| 73 | throw failed_lookup(OPKELE_CP_ "no field data available"); | 81 | throw failed_lookup(OPKELE_CP_ "no field data available"); |
| 74 | return i->second; | 82 | return i->second; |
| 75 | } | 83 | } |
| 76 | 84 | ||
| 77 | void sreg_t::set_field(fieldbit_t fb,const string& fv) { | 85 | void sreg_t::set_field(fieldbit_t fb,const string& fv) { |
| 78 | response[fb] = fv; | 86 | response[fb] = fv; |
| 79 | has_fields |= fb; | 87 | has_fields |= fb; |
| 80 | } | 88 | } |
| 81 | 89 | ||
| @@ -96,45 +104,57 @@ namespace opkele { | |||
| 96 | if(co==string::npos) { | 104 | if(co==string::npos) { |
| 97 | fn = fl; fl.erase(); | 105 | fn = fl; fl.erase(); |
| 98 | }else{ | 106 | }else{ |
| 99 | fn = fl.substr(0,co); fl.erase(0,co+1); | 107 | fn = fl.substr(0,co); fl.erase(0,co+1); |
| 100 | } | 108 | } |
| 101 | fields_iterator f = find(fields_BEGIN,fields_END,fn); | 109 | fields_iterator f = find(fields_BEGIN,fields_END,fn); |
| 102 | if(f!=fields_END) | 110 | if(f!=fields_END) |
| 103 | rv |= f->fieldbit; | 111 | rv |= f->fieldbit; |
| 104 | } | 112 | } |
| 105 | return rv; | 113 | return rv; |
| 106 | } | 114 | } |
| 107 | 115 | ||
| 108 | void sreg_t::checkid_hook(const basic_openid_message& inm,basic_openid_message& oum) { | 116 | void sreg_t::op_checkid_hook(const basic_openid_message& inm) { |
| 109 | string ins = inm.find_ns(OIURI_SREG11,"sreg"); | 117 | string ins = inm.find_ns(OIURI_SREG11,"sreg"); |
| 110 | fields_optional = 0; fields_required = 0; policy_url.erase(); | 118 | fields_optional = 0; fields_required = 0; policy_url.erase(); |
| 111 | fields_response = 0; | 119 | fields_response = 0; |
| 112 | try { | 120 | try { |
| 113 | string fl = inm.get_field(ins+".required"); | 121 | string fl = inm.get_field(ins+".required"); |
| 114 | fields_required = fields_list_to_bitmask(fl); | 122 | fields_required = fields_list_to_bitmask(fl); |
| 115 | }catch(failed_lookup&) { } | 123 | }catch(failed_lookup&) { } |
| 116 | try { | 124 | try { |
| 117 | string fl = inm.get_field(ins+".optional"); | 125 | string fl = inm.get_field(ins+".optional"); |
| 118 | fields_optional = fields_list_to_bitmask(fl); | 126 | fields_optional = fields_list_to_bitmask(fl); |
| 119 | }catch(failed_lookup&) { } | 127 | }catch(failed_lookup&) { } |
| 120 | try { | 128 | try { |
| 121 | policy_url = inm.get_field(ins+".policy_url"); | 129 | policy_url = inm.get_field(ins+".policy_url"); |
| 122 | }catch(failed_lookup&) { } | 130 | }catch(failed_lookup&) { } |
| 123 | setup_response(inm,oum); | 131 | } |
| 132 | |||
| 133 | void sreg_t::op_id_res_hook(basic_openid_message& oum) { | ||
| 124 | string ons = oum.allocate_ns(OIURI_SREG11,"sreg"); | 134 | string ons = oum.allocate_ns(OIURI_SREG11,"sreg"); |
| 125 | fields_response &= has_fields; | 135 | fields_response &= has_fields; |
| 126 | string signeds = "ns."+ons; | 136 | string signeds = "ns."+ons; |
| 127 | for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { | 137 | for(fields_iterator f=fields_BEGIN;f<fields_END;++f) { |
| 128 | if(!(f->fieldbit&fields_response)) continue; | 138 | if(!(f->fieldbit&fields_response)) continue; |
| 129 | signeds +=','; | 139 | signeds +=','; |
| 130 | string pn = ons; pn += '.'; pn += f->fieldname; | 140 | string pn = ons; pn += '.'; pn += f->fieldname; |
| 131 | signeds += pn; | 141 | signeds += pn; |
| 132 | oum.set_field(pn,get_field(f->fieldbit)); | 142 | oum.set_field(pn,get_field(f->fieldbit)); |
| 133 | } | 143 | } |
| 134 | oum.add_to_signed(signeds); | 144 | oum.add_to_signed(signeds); |
| 135 | } | 145 | } |
| 136 | 146 | ||
| 147 | void sreg_t::checkid_hook(const basic_openid_message& inm, | ||
| 148 | basic_openid_message& oum) { | ||
| 149 | op_checkid_hook(inm); | ||
| 150 | setup_response(inm,oum); | ||
| 151 | op_id_res_hook(oum); | ||
| 152 | } | ||
| 153 | |||
| 137 | void sreg_t::setup_response(const basic_openid_message& /* inm */,basic_openid_message& /* oum */) { | 154 | void sreg_t::setup_response(const basic_openid_message& /* inm */,basic_openid_message& /* oum */) { |
| 155 | setup_response(); | ||
| 156 | } | ||
| 157 | void sreg_t::setup_response() { | ||
| 138 | fields_response = (fields_required|fields_optional)&has_fields; | 158 | fields_response = (fields_required|fields_optional)&has_fields; |
| 139 | } | 159 | } |
| 140 | } | 160 | } |