From a0696f78365e466de1cc138665580a37c695b4fe Mon Sep 17 00:00:00 2001 From: Art Cancro Date: Tue, 27 May 2008 03:51:38 +0000 Subject: [PATCH] Worked around a bug in phpMyID. I *think* this completes the implementation of OpenID 1.1 protocol (though I'm sure we'll find some edge cases), and now the only thing left to be done is to write the code to glue it into Citadel and WebCit authentication. --- citadel/modules/openid/serv_openid_rp.c | 53 ++++++++++++++++++++----- 1 file changed, 42 insertions(+), 11 deletions(-) diff --git a/citadel/modules/openid/serv_openid_rp.c b/citadel/modules/openid/serv_openid_rp.c index 302df5444..bb0734b4c 100644 --- a/citadel/modules/openid/serv_openid_rp.c +++ b/citadel/modules/openid/serv_openid_rp.c @@ -31,6 +31,7 @@ #include #include #include "ctdl_module.h" +#include "config.h" struct ctdl_openid { char claimed_id[1024]; @@ -175,7 +176,9 @@ int fetch_http(char *url, char *target_buf, int maxbytes, int normalize_len) curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errmsg); curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1); curl_easy_setopt(curl, CURLOPT_USERAGENT, CITADEL); - // FIXME set the CURLOPT_INTERFACE + if (!IsEmptyStr(config.c_ip_addr)) { + curl_easy_setopt(curl, CURLOPT_INTERFACE, config.c_ip_addr); + } res = curl_easy_perform(curl); if (res) { CtdlLogPrintf(CTDL_DEBUG, "fetch_http() libcurl error %d: %s\n", res, errmsg); @@ -327,16 +330,25 @@ void cmd_oidf(char *argbuf) { char k_o_keyname[128]; char *k_value = NULL; + char valbuf[1024]; + struct fh_data fh = { + valbuf, + 0, + sizeof valbuf + }; + curl_formadd(&formpost, &lastptr, CURLFORM_COPYNAME, "openid.mode", CURLFORM_COPYCONTENTS, "check_authentication", CURLFORM_END); + CtdlLogPrintf(CTDL_DEBUG, "%25s : %s\n", "openid.mode", "check_authentication"); if (GetHash(keys, "assoc_handle", 12, (void *) &o_assoc_handle)) { curl_formadd(&formpost, &lastptr, CURLFORM_COPYNAME, "openid.assoc_handle", CURLFORM_COPYCONTENTS, o_assoc_handle, CURLFORM_END); + CtdlLogPrintf(CTDL_DEBUG, "%25s : %s\n", "openid.assoc_handle", o_assoc_handle); } if (GetHash(keys, "sig", 3, (void *) &o_sig)) { @@ -344,6 +356,7 @@ void cmd_oidf(char *argbuf) { CURLFORM_COPYNAME, "openid.sig", CURLFORM_COPYCONTENTS, o_sig, CURLFORM_END); + CtdlLogPrintf(CTDL_DEBUG, "%25s : %s\n", "openid.sig", o_sig); } if (GetHash(keys, "signed", 6, (void *) &o_signed)) { @@ -351,16 +364,24 @@ void cmd_oidf(char *argbuf) { CURLFORM_COPYNAME, "openid.signed", CURLFORM_COPYCONTENTS, o_signed, CURLFORM_END); + CtdlLogPrintf(CTDL_DEBUG, "%25s : %s\n", "openid.signed", o_signed); num_signed_values = num_tokens(o_signed, ','); for (i=0; iserver); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0); curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0); - // curl_easy_setopt(curl, CURLOPT_WRITEDATA, &fh); - // curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, fh_callback); + curl_easy_setopt(curl, CURLOPT_WRITEDATA, &fh); + curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, fh_callback); curl_easy_setopt(curl, CURLOPT_HTTPPOST, formpost); - curl_easy_setopt(curl, CURLOPT_POST, 1); curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errmsg); curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1); curl_easy_setopt(curl, CURLOPT_USERAGENT, CITADEL); - // FIXME set the CURLOPT_INTERFACE + if (!IsEmptyStr(config.c_ip_addr)) { + curl_easy_setopt(curl, CURLOPT_INTERFACE, config.c_ip_addr); + } + res = curl_easy_perform(curl); if (res) { CtdlLogPrintf(CTDL_DEBUG, "cmd_oidf() libcurl error %d: %s\n", res, errmsg); @@ -384,6 +407,14 @@ void cmd_oidf(char *argbuf) { curl_easy_cleanup(curl); curl_formfree(formpost); + valbuf[fh.total_bytes_received] = 0; + if (bmstrcasestr(valbuf, "is_valid:true")) { + CtdlLogPrintf(CTDL_DEBUG, "VALIDATION SUCCEEDED!! WOWOWOWWW!!\n", valbuf); + } + else { + CtdlLogPrintf(CTDL_DEBUG, "VALIDATION FAILED. DIACF.\n", valbuf); + } + /* FIXME do something with the results */ /* Respond to the client */ -- 2.39.2