From 1c8a5d88d31e2f399778ee70324edbe27842f89c Mon Sep 17 00:00:00 2001 From: Art Cancro Date: Thu, 22 May 2008 14:36:37 +0000 Subject: [PATCH] Fetch assoc_handles and use them in checkid_setup requests --- citadel/modules/openid/serv_openid_rp.c | 56 +++++++++++++++++++------ citadel/server.h | 1 + 2 files changed, 44 insertions(+), 13 deletions(-) diff --git a/citadel/modules/openid/serv_openid_rp.c b/citadel/modules/openid/serv_openid_rp.c index d9111246d..f12dddfd1 100644 --- a/citadel/modules/openid/serv_openid_rp.c +++ b/citadel/modules/openid/serv_openid_rp.c @@ -36,12 +36,12 @@ struct associate_handle { char claimed_id[256]; char assoc_type[32]; - time_t expires_in; + time_t expiration_time; char assoc_handle[128]; char mac_key[128]; }; - +HashList *HL = NULL; // hash table of assoc_handle /* * Locate a tag and, given its 'rel=' parameter, return its 'href' parameter @@ -214,15 +214,37 @@ size_t associate_callback(void *ptr, size_t size, size_t nmemb, void *stream) struct associate_handle *process_associate_response(char *claimed_id, char *associate_response) { struct associate_handle *h = NULL; + char *ptr = associate_response; + char thisline[256]; + char thiskey[256]; + char thisdata[256]; h = (struct associate_handle *) malloc(sizeof(struct associate_handle)); safestrncpy(h->claimed_id, claimed_id, sizeof h->claimed_id); + do { + ptr = memreadline(ptr, thisline, sizeof thisline); + extract_token(thiskey, thisline, 0, ':', sizeof thiskey); + extract_token(thisdata, thisline, 1, ':', sizeof thisdata); + if (!strcasecmp(thiskey, "assoc_type")) { + safestrncpy(h->assoc_type, thisdata, sizeof h->assoc_type); + } + else if (!strcasecmp(thiskey, "expires_in")) { + h->expiration_time = time(NULL) + atol(thisdata); + } + else if (!strcasecmp(thiskey, "assoc_handle")) { + safestrncpy(h->assoc_handle, thisdata, sizeof h->assoc_handle); + } + else if (!strcasecmp(thiskey, "mac_key")) { + safestrncpy(h->mac_key, thisdata, sizeof h->mac_key); + } + } while (*ptr); - // FIXME finish this + // FIXME add this data structure into a hash table + // FIXME periodically purge the hash table of expired handles return h; } @@ -321,17 +343,22 @@ void cmd_oid1(char *argbuf) { safestrncpy(openid_delegate, openid_url, sizeof openid_delegate); } - /* Prepare an "associate" request */ + /* + * Prepare an "associate" request. This contacts the IdP and fetches + * a data structure containing an assoc_handle plus a shared secret. + */ h = prepare_openid_associate_request(openid_url, openid_server, openid_delegate); - /* Now we know where to redirect to. */ + /* Assemble a URL to which the user-agent will be redirected. */ char redirect_string[4096]; char escaped_identity[1024]; char escaped_return_to[1024]; char escaped_trust_root[1024]; char escaped_sreg_optional[256]; + char escaped_assoc_handle[256]; urlesc(escaped_identity, sizeof escaped_identity, openid_delegate); + urlesc(escaped_assoc_handle, sizeof escaped_assoc_handle, h->assoc_handle); urlesc(escaped_return_to, sizeof escaped_return_to, return_to); urlesc(escaped_trust_root, sizeof escaped_trust_root, trust_root); urlesc(escaped_sreg_optional, sizeof escaped_sreg_optional, @@ -340,13 +367,18 @@ void cmd_oid1(char *argbuf) { snprintf(redirect_string, sizeof redirect_string, "%s" "?openid.mode=checkid_setup" - "&openid_identity=%s" + "&openid.identity=%s" + "&openid.assoc_handle=%s" "&openid.return_to=%s" "&openid.trust_root=%s" "&openid.sreg.optional=%s" , - openid_server, escaped_identity, escaped_return_to, - escaped_trust_root, escaped_sreg_optional + openid_server, + escaped_identity, + escaped_assoc_handle, + escaped_return_to, + escaped_trust_root, + escaped_sreg_optional ); cprintf("%d %s\n", CIT_OK, redirect_string); return; @@ -357,17 +389,15 @@ void cmd_oid1(char *argbuf) { - - -/* To insert this module into the server activate the next block by changing the #if 0 to #if 1 */ CTDL_MODULE_INIT(openid_rp) { if (!threading) { curl_global_init(CURL_GLOBAL_ALL); + HL = NewHash(1, NULL); CtdlRegisterProtoHook(cmd_oid1, "OID1", "Begin OpenID checkid_setup operation"); } - /* return our Subversion id for the Log */ - return "$Id$"; + /* return our Subversion id for the Log */ + return "$Id$"; } diff --git a/citadel/server.h b/citadel/server.h index 302f7f00c..8994f4199 100644 --- a/citadel/server.h +++ b/citadel/server.h @@ -243,6 +243,7 @@ enum { S_THREAD_LIST, S_XMPP_QUEUE, S_SCHEDULE_LIST, + S_OPENID_ASSOC, MAX_SEMAPHORES }; -- 2.30.2