diff options
-rw-r--r-- | sca-cpp/trunk/configure.ac | 38 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/Makefile.am | 2 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/http/httpd-conf | 1 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/http/httpd.hpp | 16 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/openid/Makefile.am | 32 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/openid/htdocs/index.html | 21 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/openid/htdocs/login/index.html | 38 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/openid/htdocs/protected/index.html | 21 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/openid/openid-conf | 41 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/openid/openid.composite | 34 | ||||
-rwxr-xr-x | sca-cpp/trunk/modules/openid/server-test | 40 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/openid/server-test.scm | 21 | ||||
-rw-r--r-- | sca-cpp/trunk/modules/server/mod-eval.hpp | 53 |
13 files changed, 352 insertions, 6 deletions
diff --git a/sca-cpp/trunk/configure.ac b/sca-cpp/trunk/configure.ac index 7de0765dd0..38a529ed21 100644 --- a/sca-cpp/trunk/configure.ac +++ b/sca-cpp/trunk/configure.ac @@ -475,6 +475,39 @@ else fi AC_SUBST(JAVA_LDFLAGS) +# Enable support for OpenID. +AC_MSG_CHECKING([whether to enable OpenID support]) +AC_ARG_ENABLE(openid, [AS_HELP_STRING([--enable-openid], [enable OpenID support [default=no]])], +[ case "${enableval}" in + no) + AC_MSG_RESULT(no) + ;; + *) + AC_MSG_RESULT(yes) + want_openid=true + ;; + esac ], +[ AC_MSG_RESULT(no)]) +if test "${want_openid}" = "true"; then + + # Configure path to mod-auth-openid + AC_MSG_CHECKING([for mod-auth-openid]) + AC_ARG_WITH([mod-auth-openid], [AC_HELP_STRING([--with-mod-auth-openid=PATH], [path to installed mod-auth-openid [default=/usr]])], [ + MODAUTHOPENID_PREFIX="${withval}" + AC_MSG_RESULT("${withval}") + ], [ + MODAUTHOPENID_PREFIX="/usr/local/" + AC_MSG_RESULT(/usr/local) + ]) + AC_SUBST(MODAUTHOPENID_PREFIX) + + AM_CONDITIONAL([WANT_OPENID], true) + AC_DEFINE([WANT_OPENID], 1, [enable OpenID support]) + +else + AM_CONDITIONAL([WANT_OPENID], false) +fi + # Enable support for Google AppEngine. AC_MSG_CHECKING([whether to enable Google AppEngine support]) AC_ARG_ENABLE(gae, [AS_HELP_STRING([--enable-gae], [enable Google AppEngine support [default=no]])], @@ -801,13 +834,14 @@ AC_CONFIG_FILES([Makefile modules/Makefile modules/scheme/Makefile modules/atom/Makefile + modules/rss/Makefile modules/json/Makefile modules/scdl/Makefile modules/http/Makefile + modules/server/Makefile modules/python/Makefile modules/java/Makefile - modules/rss/Makefile - modules/server/Makefile + modules/openid/Makefile modules/wsgi/Makefile components/Makefile components/cache/Makefile diff --git a/sca-cpp/trunk/modules/Makefile.am b/sca-cpp/trunk/modules/Makefile.am index 2c74b1dbad..0924fd04ca 100644 --- a/sca-cpp/trunk/modules/Makefile.am +++ b/sca-cpp/trunk/modules/Makefile.am @@ -15,5 +15,5 @@ # specific language governing permissions and limitations # under the License. -SUBDIRS = scheme atom rss json scdl http rss server python wsgi java +SUBDIRS = scheme atom rss json scdl http server python java openid wsgi diff --git a/sca-cpp/trunk/modules/http/httpd-conf b/sca-cpp/trunk/modules/http/httpd-conf index f720f40abd..45941fc163 100755 --- a/sca-cpp/trunk/modules/http/httpd-conf +++ b/sca-cpp/trunk/modules/http/httpd-conf @@ -57,6 +57,7 @@ LoadModule asis_module ${modules_prefix}/modules/mod_asis.so LoadModule negotiation_module ${modules_prefix}/modules/mod_negotiation.so LoadModule dir_module ${modules_prefix}/modules/mod_dir.so LoadModule rewrite_module ${modules_prefix}/modules/mod_rewrite.so +LoadModule setenvif_module ${modules_prefix}/modules/mod_setenvif.so <IfModule !log_config_module> LoadModule log_config_module ${modules_prefix}/modules/mod_log_config.so </IfModule> diff --git a/sca-cpp/trunk/modules/http/httpd.hpp b/sca-cpp/trunk/modules/http/httpd.hpp index dfc3dcc47e..93137be4e2 100644 --- a/sca-cpp/trunk/modules/http/httpd.hpp +++ b/sca-cpp/trunk/modules/http/httpd.hpp @@ -97,8 +97,19 @@ int debugHeader(unused void* r, const char* key, const char* value) { return 1; } +int debugEnv(unused void* r, const char* key, const char* value) { + cerr << " var key: " << key << ", value: " << value << endl; + return 1; +} + +int debugNote(unused void* r, const char* key, const char* value) { + cerr << " note key: " << key << ", value: " << value << endl; + return 1; +} + const bool debugRequest(request_rec* r, const string& msg) { cerr << msg << ":" << endl; + cerr << " server: " << optional(r->server->server_hostname) << endl; cerr << " protocol: " << optional(r->protocol) << endl; cerr << " method: " << optional(r->method) << endl; cerr << " method number: " << r->method_number << endl; @@ -111,6 +122,10 @@ const bool debugRequest(request_rec* r, const string& msg) { cerr << " filename: " << optional(r->filename) << endl; cerr << " uri tokens: " << pathTokens(r->uri) << endl; cerr << " args: " << optional(r->args) << endl; + cerr << " user: " << optional(r->user) << endl; + cerr << " auth type: " << optional(r->ap_auth_type) << endl; + apr_table_do(debugEnv, r, r->subprocess_env, NULL); + apr_table_do(debugEnv, r, r->notes, NULL); return true; } @@ -331,6 +346,7 @@ const failable<request_rec*, int> internalRedirectRequest(const string& nr_uri, nr->no_local_copy = r->no_local_copy; nr->read_length = r->read_length; nr->vlist_validator = r->vlist_validator; + nr->user = r->user; // Setup input and output filters nr->proto_output_filters = r->proto_output_filters; diff --git a/sca-cpp/trunk/modules/openid/Makefile.am b/sca-cpp/trunk/modules/openid/Makefile.am new file mode 100644 index 0000000000..90ca3f1f6c --- /dev/null +++ b/sca-cpp/trunk/modules/openid/Makefile.am @@ -0,0 +1,32 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + + +if WANT_OPENID + +dist_mod_SCRIPTS = openid-conf +moddir = $(prefix)/modules/openid + +mod_DATA = openid.prefix +openid.prefix: $(top_builddir)/config.status + echo ${MODAUTHOPENID_PREFIX} >openid.prefix + +EXTRA_DIST = openid.composite server-test.scm htdocs/index.html htdocs/login.html htdocs/protected/index.html + +dist_noinst_SCRIPTS = server-test + +endif diff --git a/sca-cpp/trunk/modules/openid/htdocs/index.html b/sca-cpp/trunk/modules/openid/htdocs/index.html new file mode 100644 index 0000000000..5681f551ca --- /dev/null +++ b/sca-cpp/trunk/modules/openid/htdocs/index.html @@ -0,0 +1,21 @@ +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> + +<html><body><h1>Unprotected area - It works!</h1></body></html> + diff --git a/sca-cpp/trunk/modules/openid/htdocs/login/index.html b/sca-cpp/trunk/modules/openid/htdocs/login/index.html new file mode 100644 index 0000000000..6270c7efbd --- /dev/null +++ b/sca-cpp/trunk/modules/openid/htdocs/login/index.html @@ -0,0 +1,38 @@ +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> + +<html><body> +<h1>Sign in using an OpenID provider</h1> +<form action="/protected" method="GET"> +<input type="hidden" name="openid_identifier" value="https://www.google.com/accounts/o8/id"/> +<input type="submit" value="Sign in with your Google account"/> +</form> +<form action="/protected" method="GET"> +<input type="hidden" name="openid_identifier" value="https://me.yahoo.com/"/> +<input type="submit" value="Sign in with your Yahoo account"/> +</form> +<form action="/protected" method="GET"> +<input type="hidden" name="openid_identifier" value="https://me.myopenid.com"/> +<input type="submit" value="Sign in with your MyOpenID account"/> +</form> +<form action="/protected" method="GET"> +<input type="hidden" name="openid_identifier" value="https://pip.verisignlabs.com/"/> +<input type="submit" value="Sign in with your Verisign account"/> +</form> +</body></html> diff --git a/sca-cpp/trunk/modules/openid/htdocs/protected/index.html b/sca-cpp/trunk/modules/openid/htdocs/protected/index.html new file mode 100644 index 0000000000..3483c300a8 --- /dev/null +++ b/sca-cpp/trunk/modules/openid/htdocs/protected/index.html @@ -0,0 +1,21 @@ +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> + +<html><body><h1>Protected area - It works!</h1></body></html> + diff --git a/sca-cpp/trunk/modules/openid/openid-conf b/sca-cpp/trunk/modules/openid/openid-conf new file mode 100755 index 0000000000..b5d2994dcc --- /dev/null +++ b/sca-cpp/trunk/modules/openid/openid-conf @@ -0,0 +1,41 @@ +#!/bin/sh + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# Generate an Axis2 server conf +here=`readlink -f $0`; here=`dirname $here` +root=`readlink -f $1` +htdocs=`readlink -f $2` +openid_prefix=`cat openid.prefix` + +# Configure HTTPD mod_auth_openid module +cat >>$root/conf/httpd.conf <<EOF +# Support for OpenID authentication +LoadModule authopenid_module $openid_prefix/modules/mod_auth_openid.so + +<Location /protected> +AuthOpenIDEnabled On +AuthOpenIDLoginPage /login +AuthOpenIDAXAdd EMAIL http://axschema.org/contact/email +</Location> + +<Location /login> +AuthOpenIDEnabled Off +</Location> + +EOF diff --git a/sca-cpp/trunk/modules/openid/openid.composite b/sca-cpp/trunk/modules/openid/openid.composite new file mode 100644 index 0000000000..7310661dc0 --- /dev/null +++ b/sca-cpp/trunk/modules/openid/openid.composite @@ -0,0 +1,34 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. +--> +<composite xmlns="http://docs.oasis-open.org/ns/opencsa/sca/200912" + xmlns:t="http://tuscany.apache.org/xmlns/sca/1.1" + targetNamespace="http://tuscany.apache.org/xmlns/sca/components" + name="openid"> + + <component name="hello"> + <t:implementation.scheme script="server-test.scm"/> + <service name="hello"> + <t:binding.jsonrpc uri="protected/hello"/> + </service> + <property name="user">nobody</property> + <property name="email">nobody@nowhere.org</property> + </component> + +</composite> diff --git a/sca-cpp/trunk/modules/openid/server-test b/sca-cpp/trunk/modules/openid/server-test new file mode 100755 index 0000000000..f0df198901 --- /dev/null +++ b/sca-cpp/trunk/modules/openid/server-test @@ -0,0 +1,40 @@ +#!/bin/sh + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# Setup +../../modules/http/httpd-conf tmp localhost 8090 htdocs +../../modules/server/server-conf tmp +../../modules/server/scheme-conf tmp +./openid-conf tmp htdocs +cat >>tmp/conf/httpd.conf <<EOF +SCAContribution `pwd`/ +SCAComposite openid.composite +EOF + +../../modules/http/httpd-start tmp +sleep 2 + +# Test +#./client-test 2>/dev/null +rc=$? + +# Cleanup +#../../modules/http/httpd-stop tmp +#sleep 2 +return $rc diff --git a/sca-cpp/trunk/modules/openid/server-test.scm b/sca-cpp/trunk/modules/openid/server-test.scm new file mode 100644 index 0000000000..19f914b5ce --- /dev/null +++ b/sca-cpp/trunk/modules/openid/server-test.scm @@ -0,0 +1,21 @@ +; Licensed to the Apache Software Foundation (ASF) under one +; or more contributor license agreements. See the NOTICE file +; distributed with this work for additional information +; regarding copyright ownership. The ASF licenses this file +; to you under the Apache License, Version 2.0 (the +; "License"); you may not use this file except in compliance +; with the License. You may obtain a copy of the License at +; +; http://www.apache.org/licenses/LICENSE-2.0 +; +; Unless required by applicable law or agreed to in writing, +; software distributed under the License is distributed on an +; "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +; KIND, either express or implied. See the License for the +; specific language governing permissions and limitations +; under the License. + +; OpenID support test case + +(define (get id user email) (list "text/html" (list "<html><body><p>Hello " (user) ", " (email) "</p></body></html>"))) + diff --git a/sca-cpp/trunk/modules/server/mod-eval.hpp b/sca-cpp/trunk/modules/server/mod-eval.hpp index e69e9c6f13..e46d8ba78a 100644 --- a/sca-cpp/trunk/modules/server/mod-eval.hpp +++ b/sca-cpp/trunk/modules/server/mod-eval.hpp @@ -234,7 +234,6 @@ const failable<int> del(request_rec* r, const lambda<value(const list<value>&)>& * Translate a component request. */ int translate(request_rec *r) { - gc_scoped_pool pool(r->pool); if (strncmp(r->uri, "/components/", 12) != 0) return DECLINED; r->handler = "mod_tuscany_eval"; @@ -242,12 +241,32 @@ int translate(request_rec *r) { } /** + * Store current HTTP request for access from property lambda functions. + */ +#ifdef WANT_THREADS +__thread +#endif +const request_rec* currentRequest = NULL; + +class scoped_request { +public: + scoped_request(const request_rec* r) { + currentRequest = r; + } + + ~scoped_request() { + currentRequest = NULL; + } +}; + +/** * HTTP request handler. */ int handler(request_rec *r) { - gc_scoped_pool pool(r->pool); if(strcmp(r->handler, "mod_tuscany_eval")) return DECLINED; + gc_scoped_pool pool(r->pool); + scoped_request sr(r); httpdDebugRequest(r, "modeval::handler::input"); // Get the component implementation lambda @@ -287,7 +306,8 @@ const list<value> refProxies(const list<value>& refs, const string& base, const /** * Convert a list of component properties to a list of lambda functions that just return - * the property value. + * the property value. The user and email properties are configured with the values + * from the HTTP request, if any. */ struct propProxy { const value v; @@ -298,7 +318,34 @@ struct propProxy { } }; +struct emailPropProxy { + const value v; + emailPropProxy(const value& v) : v(v) { + } + const value operator()(unused const list<value>& params) const { + const char* email = apr_table_get(currentRequest->subprocess_env, "EMAIL"); + if (email == NULL || *email == '\0') + return v; + return string(email); + } +}; + +struct userPropProxy { + const value v; + userPropProxy(const value& v) : v(v) { + } + const value operator()(unused const list<value>& params) const { + if (currentRequest->user == NULL) + return v; + return string(currentRequest->user); + } +}; + const value mkpropProxy(const value& prop) { + if (scdl::name(prop) == "email") + return lambda<value(const list<value>&)>(emailPropProxy(elementValue(prop))); + if (scdl::name(prop) == "user") + return lambda<value(const list<value>&)>(userPropProxy(elementValue(prop))); return lambda<value(const list<value>&)>(propProxy(elementValue(prop))); } |