From 42e4fb613d190508b3e8b8993d233044eeea4d20 Mon Sep 17 00:00:00 2001
From: Michael Krelin <hacker@klever.net>
Date: Tue, 19 Feb 2008 10:52:09 +0000
Subject: basic_RP: add methods for accessing identity information passed from OP.

Signed-off-by: Michael Krelin <hacker@klever.net>
---
diff --git a/include/opkele/basic_rp.h b/include/opkele/basic_rp.h
index d5356aa..d096e0a 100644
--- a/include/opkele/basic_rp.h
+++ b/include/opkele/basic_rp.h
@@ -10,9 +10,45 @@ namespace opkele {
 
     class basic_RP {
 	public:
+	    /**
+	     * Claimed identifier from a parsed id_res message.
+	     */
+	    string claimed_id;
+	    /**
+	     * OP-Local identifier from a parsed id_res message.
+	     */
+	    string identity;
 
 	    virtual ~basic_RP() { }
 
+	    void reset_vars();
+
+	    /**
+	     * @name Assertion information retrieval
+	     * Retrieval of the information passed with openid message
+	     * @{
+	     */
+	    /**
+	     * Find out if the assertion is about identity
+	     * @return true if so
+	     */
+	    bool has_identity() const;
+	    /**
+	     * Get claimed identifier supplied with the request
+	     * @return claimed identifier
+	     * @throw non_identity if request is not about identity
+	     */
+	    const string& get_claimed_id() const;
+	    /**
+	     * Get the identity (OP-Local identifier) confirmed
+	     * @return identity
+	     * @throw non_identity if request is not about identity
+	     */
+	    const string& get_identity() const;
+	    /**
+	     * @}
+	     */
+
 	    /**
 	     * @name Global persistent store API
 	     * These are functions related to the associations with OP storage
diff --git a/lib/basic_rp.cc b/lib/basic_rp.cc
index e65d9fb..3357d0b 100644
--- a/lib/basic_rp.cc
+++ b/lib/basic_rp.cc
@@ -8,9 +8,28 @@
 #include <opkele/util.h>
 #include <opkele/util-internal.h>
 #include <opkele/curl.h>
+#include <opkele/debug.h>
 
 namespace opkele {
 
+    void basic_RP::reset_vars() {
+	claimed_id.clear(); identity.clear();
+    }
+
+    const string& basic_RP::get_claimed_id() const {
+	if(claimed_id.empty())
+	    throw non_identity(OPKELE_CP_ "attempting to retreive claimed_id of non-identity assertion");
+	assert(!identity.empty());
+	return claimed_id;
+    }
+
+    const string& basic_RP::get_identity() const {
+	if(identity.empty())
+	    throw non_identity(OPKELE_CP_ "attempting to retrieve identity of non-identity related assertion");
+	assert(!claimed_id.empty());
+	return identity;
+    }
+
     static void dh_get_secret(
 	    secret_t& secret, const basic_openid_message& om,
 	    const char *exp_assoc, const char *exp_sess,
@@ -196,6 +215,7 @@ namespace opkele {
     }
 
     void basic_RP::id_res(const basic_openid_message& om,extension_t *ext) {
+	reset_vars();
 	bool o2 = om.has_field("ns")
 	    && om.get_field("ns")==OIURI_OPENID20;
 	if( (!o2) && om.has_field("user_setup_url"))
@@ -271,12 +291,17 @@ namespace opkele {
 	    }
 
 	    if(om.has_field("claimed_id")) {
+		claimed_id = om.get_field("claimed_id");
+		identity = om.get_field("identity");
 		verify_OP(
 			om.get_field("op_endpoint"),
-			om.get_field("claimed_id"),
-			om.get_field("identity") );
+			claimed_id, identity );
 	    }
 
+	}else{
+	    claimed_id = get_endpoint().claimed_id;
+	    /* TODO: check if this is the identity we asked for */
+	    identity = om.get_field("identity");
 	}
 	if(ext) ext->rp_id_res_hook(om,signeds);
     }
--
cgit v0.9.0.2