|
|
|
@@ -1,114 +1,118 @@ |
1 | #include <uuid/uuid.h> |
1 | #include <uuid/uuid.h> |
2 | #include <iostream> |
2 | #include <iostream> |
3 | #include <cassert> |
3 | #include <cassert> |
4 | #include <string> |
4 | #include <string> |
5 | #include <ext/algorithm> |
| |
6 | using namespace std; |
5 | using namespace std; |
7 | #include <kingate/exception.h> |
6 | #include <kingate/exception.h> |
8 | #include <kingate/plaincgi.h> |
7 | #include <kingate/plaincgi.h> |
9 | #include <kingate/cgi_gateway.h> |
8 | #include <kingate/cgi_gateway.h> |
10 | #include <opkele/exception.h> |
9 | #include <opkele/exception.h> |
11 | #include <opkele/util.h> |
10 | #include <opkele/util.h> |
12 | #include <opkele/uris.h> |
11 | #include <opkele/uris.h> |
13 | #include <opkele/extension.h> |
12 | #include <opkele/extension.h> |
14 | #include <opkele/association.h> |
13 | #include <opkele/association.h> |
15 | #include <opkele/debug.h> |
14 | #include <opkele/debug.h> |
16 | #include <opkele/verify_op.h> |
15 | #include <opkele/verify_op.h> |
17 | #include <opkele/sreg.h> |
16 | #include <opkele/sreg.h> |
18 | |
17 | |
| |
18 | #include "config.h" |
| |
19 | #ifdef HAVE_EXT_ALGORITHM_H |
| |
20 | # include <ext/algorithm> |
| |
21 | #endif |
| |
22 | |
19 | #include "sqlite.h" |
23 | #include "sqlite.h" |
20 | #include "kingate_openid_message.h" |
24 | #include "kingate_openid_message.h" |
21 | |
25 | |
22 | static const string get_self_url(const kingate::cgi_gateway& gw) { |
26 | static const string get_self_url(const kingate::cgi_gateway& gw) { |
23 | bool s = gw.has_meta("SSL_PROTOCOL_VERSION"); |
27 | bool s = gw.has_meta("SSL_PROTOCOL_VERSION"); |
24 | string rv = s?"https://":"http://"; |
28 | string rv = s?"https://":"http://"; |
25 | rv += gw.http_request_header("Host"); |
29 | rv += gw.http_request_header("Host"); |
26 | const string& port = gw.get_meta("SERVER_PORT"); |
30 | const string& port = gw.get_meta("SERVER_PORT"); |
27 | if( port!=(s?"443":"80") ) { |
31 | if( port!=(s?"443":"80") ) { |
28 | rv += ':'; rv += port; |
32 | rv += ':'; rv += port; |
29 | } |
33 | } |
30 | rv += gw.get_meta("REQUEST_URI"); |
34 | rv += gw.get_meta("REQUEST_URI"); |
31 | string::size_type q = rv.find('?'); |
35 | string::size_type q = rv.find('?'); |
32 | if(q!=string::npos) |
36 | if(q!=string::npos) |
33 | rv.erase(q); |
37 | rv.erase(q); |
34 | return rv; |
38 | return rv; |
35 | } |
39 | } |
36 | |
40 | |
37 | class opdb_t : public sqlite3_t { |
41 | class opdb_t : public sqlite3_t { |
38 | public: |
42 | public: |
39 | opdb_t() |
43 | opdb_t() |
40 | : sqlite3_t("/tmp/OP.db") { |
44 | : sqlite3_t("/tmp/OP.db") { |
41 | assert(_D); |
45 | assert(_D); |
42 | char **resp; int nr,nc; char *errm; |
46 | char **resp; int nr,nc; char *errm; |
43 | if(sqlite3_get_table( |
47 | if(sqlite3_get_table( |
44 | _D, "SELECT a_op FROM assoc LIMIT 0", |
48 | _D, "SELECT a_op FROM assoc LIMIT 0", |
45 | &resp,&nr,&nc,&errm)!=SQLITE_OK) { |
49 | &resp,&nr,&nc,&errm)!=SQLITE_OK) { |
46 | extern const char *__OP_db_bootstrap; |
50 | extern const char *__OP_db_bootstrap; |
47 | DOUT_("Bootstrapping DB"); |
51 | DOUT_("Bootstrapping DB"); |
48 | if(sqlite3_exec(_D,__OP_db_bootstrap,NULL,NULL,&errm)!=SQLITE_OK) |
52 | if(sqlite3_exec(_D,__OP_db_bootstrap,NULL,NULL,&errm)!=SQLITE_OK) |
49 | throw opkele::exception(OPKELE_CP_ string("Failed to boostrap SQLite database: ")+errm); |
53 | throw opkele::exception(OPKELE_CP_ string("Failed to boostrap SQLite database: ")+errm); |
50 | }else |
54 | }else |
51 | sqlite3_free_table(resp); |
55 | sqlite3_free_table(resp); |
52 | } |
56 | } |
53 | }; |
57 | }; |
54 | |
58 | |
55 | class example_op_t : public opkele::verify_OP { |
59 | class example_op_t : public opkele::verify_OP { |
56 | public: |
60 | public: |
57 | kingate::cgi_gateway& gw; |
61 | kingate::cgi_gateway& gw; |
58 | opdb_t db; |
62 | opdb_t db; |
59 | kingate::cookie htc; |
63 | kingate::cookie htc; |
60 | |
64 | |
61 | |
65 | |
62 | example_op_t(kingate::cgi_gateway& g) |
66 | example_op_t(kingate::cgi_gateway& g) |
63 | : gw(g) { |
67 | : gw(g) { |
64 | try { |
68 | try { |
65 | htc = gw.cookies.get_cookie("htop_session"); |
69 | htc = gw.cookies.get_cookie("htop_session"); |
66 | sqlite3_mem_t<char*> S = sqlite3_mprintf( |
70 | sqlite3_mem_t<char*> S = sqlite3_mprintf( |
67 | "SELECT 1 FROM ht_sessions WHERE hts_id=%Q", |
71 | "SELECT 1 FROM ht_sessions WHERE hts_id=%Q", |
68 | htc.get_value().c_str()); |
72 | htc.get_value().c_str()); |
69 | sqlite3_table_t T; int nr,nc; |
73 | sqlite3_table_t T; int nr,nc; |
70 | db.get_table(S,T,&nr,&nc); |
74 | db.get_table(S,T,&nr,&nc); |
71 | if(nr<1) |
75 | if(nr<1) |
72 | throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation"); |
76 | throw kingate::exception_notfound(CODEPOINT,"forcing cookie generation"); |
73 | }catch(kingate::exception_notfound& kenf) { |
77 | }catch(kingate::exception_notfound& kenf) { |
74 | uuid_t uuid; uuid_generate(uuid); |
78 | uuid_t uuid; uuid_generate(uuid); |
75 | htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid))); |
79 | htc = kingate::cookie("htop_session",opkele::util::encode_base64(uuid,sizeof(uuid))); |
76 | sqlite3_mem_t<char*> S = sqlite3_mprintf( |
80 | sqlite3_mem_t<char*> S = sqlite3_mprintf( |
77 | "INSERT INTO ht_sessions (hts_id) VALUES (%Q)", |
81 | "INSERT INTO ht_sessions (hts_id) VALUES (%Q)", |
78 | htc.get_value().c_str()); |
82 | htc.get_value().c_str()); |
79 | db.exec(S); |
83 | db.exec(S); |
80 | } |
84 | } |
81 | } |
85 | } |
82 | |
86 | |
83 | void set_authorized(bool a) { |
87 | void set_authorized(bool a) { |
84 | sqlite3_mem_t<char*> |
88 | sqlite3_mem_t<char*> |
85 | S = sqlite3_mprintf( |
89 | S = sqlite3_mprintf( |
86 | "UPDATE ht_sessions" |
90 | "UPDATE ht_sessions" |
87 | " SET authorized=%d" |
91 | " SET authorized=%d" |
88 | " WHERE hts_id=%Q", |
92 | " WHERE hts_id=%Q", |
89 | (int)a,htc.get_value().c_str()); |
93 | (int)a,htc.get_value().c_str()); |
90 | db.exec(S); |
94 | db.exec(S); |
91 | } |
95 | } |
92 | bool get_authorized() { |
96 | bool get_authorized() { |
93 | sqlite3_mem_t<char*> |
97 | sqlite3_mem_t<char*> |
94 | S = sqlite3_mprintf( |
98 | S = sqlite3_mprintf( |
95 | "SELECT authorized" |
99 | "SELECT authorized" |
96 | " FROM ht_sessions" |
100 | " FROM ht_sessions" |
97 | " WHERE hts_id=%Q", |
101 | " WHERE hts_id=%Q", |
98 | htc.get_value().c_str()); |
102 | htc.get_value().c_str()); |
99 | sqlite3_table_t T; int nr,nc; |
103 | sqlite3_table_t T; int nr,nc; |
100 | db.get_table(S,T,&nr,&nc); |
104 | db.get_table(S,T,&nr,&nc); |
101 | assert(nr==1); assert(nc=1); |
105 | assert(nr==1); assert(nc=1); |
102 | return opkele::util::string_to_long(T.get(1,0,nc)); |
106 | return opkele::util::string_to_long(T.get(1,0,nc)); |
103 | } |
107 | } |
104 | |
108 | |
105 | ostream& cookie_header(ostream& o) const { |
109 | ostream& cookie_header(ostream& o) const { |
106 | o << "Set-Cookie: " << htc.set_cookie_header() << "\n"; |
110 | o << "Set-Cookie: " << htc.set_cookie_header() << "\n"; |
107 | return o; |
111 | return o; |
108 | } |
112 | } |
109 | |
113 | |
110 | opkele::assoc_t alloc_assoc(const string& type,size_t klength,bool sl) { |
114 | opkele::assoc_t alloc_assoc(const string& type,size_t klength,bool sl) { |
111 | uuid_t uuid; uuid_generate(uuid); |
115 | uuid_t uuid; uuid_generate(uuid); |
112 | string a_handle = opkele::util::encode_base64(uuid,sizeof(uuid)); |
116 | string a_handle = opkele::util::encode_base64(uuid,sizeof(uuid)); |
113 | opkele::secret_t a_secret; |
117 | opkele::secret_t a_secret; |
114 | generate_n( |
118 | generate_n( |
|