[cl-openid-devel] cl-openid API changes, preparing to release 1.0.0
Anton Vodonosov
avodonosov at yandex.ru
Mon Aug 15 22:13:29 UTC 2011
Hello.
I finally implemented the API simplifications I wanted since the
cl-openid Release Candidate we made in the past (it's mostly
provider API changes).
There is also a security related fix for the ticket #14 - we now
use secure random numbers, instead of CL:RANDOM function.
To compile it you will need fresh cl+ssl (available in Quicklisp).
I think it's time for Release 1.0.0.
Below is the list of changes. The adjustments in the user code
will be quite trivial, but if you need help, you are welcome to ask
here, in the mailing list.
--------- The changes ---------
Important change:
Fixed ticket #14 secure random number generation.
API changes:
- The URI returned from INITIATE-AUTHENTICATION is of type string,
instead of a PURI:URI.
This saves the user one PRINC-TO-STRING in his code.
- Provider generic function USER-SETUP-URL is removed from the
public API. It is a function intended for OpenID 1.1. compatibility.
Previously user needed to implement it, but now all the necessary
handling is done automatically. (See ticket #14 for the details)
- HANDLE-OPENID-PROVIDER-REQUEST always returns the second
value, an HTTP code. When the HTTP code is redirect (3xx), the first
value URI is returned as a string, instead of a PURI:URI object. This
saves user from doing PRINC-TO-STRING for the URI.
- CANCEL-RESPONSE and SUCCESSFUL-RESPONSE are renamed
to CANCEL-RESPONSE-URI and SUCCESSFUL-RESPONSE-URI.
Both functions return only single value - the URI (no sense to return
the HTTP status code as the second value, as this is always recirect).
The URI is returned as a string instead of PURI:URI instance (this saves
the user one PRINC-TO-STRING in his code).
- In result of the above change, you need explicitly provide the second
return value from the HANDLE-CHECKID-SETUP you implement for
you OpenID provider.
- Removed WITH-INDIRECT-ERROR-HANDLER and SIGNAL-INDIRECT-ERROR
from the public API.
- Introduced new public function AUTH-REQUEST-REALM with returns
the realm of the OpenID authentication request message
(this function is needed if you implement an OpenID provider).
- The HANDLE-OPENID-PROVIDER-REQUEST keyword parameter SECURE-P
is renamed to ALLOW-UNENCRYPTED-ASSOCIATION-P.
Full list of the tickets closed:
#14 secure random number generation
#16 unit test error: make-auth-proc
#17 signal an error if discovery discovers nothing
#18 LiveJournal error reponse with HTTP status 200
#19 some polishment of the provider API
#20 user_setup_url automatic generation
#21 INITIATE-AUTHENTICATION: return the URI as a string
#22 adjust the exampels to hunchentoot 1.1.
Best regards,
- Anton
More information about the cl-openid-devel
mailing list