-#define ASSOCIATE_RESPONSE_SIZE 4096
-
-/*
- * libcurl callback function for prepare_openid_associate_request()
- */
-size_t associate_callback(void *ptr, size_t size, size_t nmemb, void *stream)
-{
- char *response = (char *) stream;
- int got_bytes = (size * nmemb);
- int len = strlen(response);
-
- if ((len + got_bytes + 1) < ASSOCIATE_RESPONSE_SIZE) {
- memcpy(&response[len], ptr, got_bytes);
- response[len+got_bytes] = 0;
- }
-
- return got_bytes;
-}
-
-
-/*
- * Helper function for process_associate_response()
- * (Delete function for hash table)
- */
-void delete_assoc_handle(void *data) {
- if (data) free(data);
-}
-
-
-/*
- * Process the response from an "associate" request
- */
-struct associate_handle *process_associate_response(char *claimed_id, char *associate_response)
-{
- struct associate_handle *h = NULL;
- char *ptr = associate_response;
- char thisline[512];
- char thiskey[256];
- char thisdata[256];
-
- h = (struct associate_handle *) malloc(sizeof(struct associate_handle));
- safestrncpy(h->claimed_id, claimed_id, sizeof h->claimed_id);
-
- do {
- ptr = memreadline(ptr, thisline, sizeof thisline);
- extract_token(thiskey, thisline, 0, ':', sizeof thiskey);
- extract_token(thisdata, thisline, 1, ':', sizeof thisdata);
-
- CtdlLogPrintf(CTDL_DEBUG, "Associate response: key:<%s> data:<%s>\n", thiskey, thisdata);
-
- if (!strcasecmp(thiskey, "assoc_type")) {
- safestrncpy(h->assoc_type, thisdata, sizeof h->assoc_type);
- }
- else if (!strcasecmp(thiskey, "expires_in")) {
- h->expiration_time = time(NULL) + atol(thisdata);
- }
- else if (!strcasecmp(thiskey, "assoc_handle")) {
- safestrncpy(h->assoc_handle, thisdata, sizeof h->assoc_handle);
- }
- else if (!strcasecmp(thiskey, "mac_key")) {
- safestrncpy(h->mac_key, thisdata, sizeof h->mac_key);
- }
-
- } while (*ptr);
-
- /* Add this data structure into the hash table */
- Put(HL, h->assoc_handle, strlen(h->assoc_handle), h, delete_assoc_handle);
-
- /* FIXME periodically purge the hash table of expired handles */
-
- return h;
-}
-
-
-
-/*
- * Establish a shared secret with an OpenID Identity Provider by sending
- * an "associate" request.
- */
-struct associate_handle *prepare_openid_associate_request(
- char *claimed_id, char *openid_server, char *openid_delegate)
-{
- CURL *curl;
- CURLcode res;
- struct curl_httppost *formpost=NULL;
- struct curl_httppost *lastptr=NULL;
- char associate_response[ASSOCIATE_RESPONSE_SIZE];
- struct associate_handle *h = NULL;
-
- memset(associate_response, 0, ASSOCIATE_RESPONSE_SIZE);
-
- curl_formadd(&formpost,
- &lastptr,
- CURLFORM_COPYNAME, "openid.mode",
- CURLFORM_COPYCONTENTS, "associate",
- CURLFORM_END
- );
-
- curl_formadd(&formpost,
- &lastptr,
- CURLFORM_COPYNAME, "openid.session_type",
- CURLFORM_COPYCONTENTS, "",
- CURLFORM_END
- );
-
- curl = curl_easy_init();
- if (curl) {
- curl_easy_setopt(curl, CURLOPT_URL, openid_server);
- curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
- curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
- curl_easy_setopt(curl, CURLOPT_WRITEDATA, associate_response);
- curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, associate_callback);
- curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1);
-
- curl_easy_setopt(curl, CURLOPT_HTTPPOST, formpost);
- res = curl_easy_perform(curl);
- h = process_associate_response(claimed_id, associate_response);
- curl_easy_cleanup(curl);
- }
- curl_formfree(formpost);
-
- return h;
-}
-
-
-
-
-