From 830a52057f9a717d39709c6cb8af0d395180c832 Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alexander.kanavin@intel.com>
Date: Thu, 5 Dec 2013 17:53:26 +0200
Subject: [PATCH] Update the example to use allowed realms

---
 docs/reference/examples.xml            |  9 +++++++++
 examples/gsso-example.c                | 16 +++++++++++++---
 libgsignon-glib/signon-identity-info.c |  2 +-
 libgsignon-glib/signon-identity.c      |  2 +-
 4 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/docs/reference/examples.xml b/docs/reference/examples.xml
index 830d8f6..21d0230 100644
--- a/docs/reference/examples.xml
+++ b/docs/reference/examples.xml
@@ -78,6 +78,15 @@ Available identities:
 Identity stored with id 28            
         </computeroutput></literallayout>
     </para>
+    <para>
+        Depending on the identity method, you may also need to add a list of comma-separated 
+        realms that are allowed to be used with an identity. For example, the oauth method 
+        requires a list of domains that the OAuth authentication plugin is allowed to contact:
+        <literallayout><computeroutput>
+<userinput>> gsso-example --create-identity="Test Google identity" --identity-method=oauth --identity-realms=google.com</userinput>
+Identity stored with id 29            
+        </computeroutput></literallayout>
+    </para>
     <para>
         To remove an identity, use <userinput>--remove-identity</userinput> option
         with identity id:
diff --git a/examples/gsso-example.c b/examples/gsso-example.c
index 8850f81..3ebb2b7 100644
--- a/examples/gsso-example.c
+++ b/examples/gsso-example.c
@@ -159,7 +159,7 @@ static void signon_store_identity_cb(SignonIdentity *self,
 }
 
 static void create_auth_identity(GMainLoop* main_loop, const gchar* identity_caption,
-    const gchar* identity_method)
+    const gchar* identity_method, const gchar* allowed_realms)
 {
     const gchar* all_mechanisms[] = { "*", NULL };
 
@@ -170,6 +170,12 @@ static void create_auth_identity(GMainLoop* main_loop, const gchar* identity_cap
     if (g_strcmp0(identity_method, "password") == 0)
         signon_identity_info_set_secret(identity_info, NULL, TRUE);
     
+    if (allowed_realms != NULL) {
+        gchar** realms_array = g_strsplit(allowed_realms, ",", 0);
+        signon_identity_info_set_realms(identity_info, (const gchar* const *) realms_array);
+        g_strfreev(realms_array);
+    }
+    
     signon_identity_store_credentials_with_info (identity,
                                                  identity_info,
                                                  signon_store_identity_cb, 
@@ -325,6 +331,7 @@ main (int argc, char *argv[])
     gboolean query_identities = FALSE;
     gchar* create_identity_caption = NULL;
     gchar* create_identity_method = NULL;
+    gchar* create_identity_realms = NULL;
     gint remove_identity_id = 0;
     
     GOptionEntry main_entries[] =
@@ -334,6 +341,7 @@ main (int argc, char *argv[])
         { "query-identities", 0, 0, G_OPTION_ARG_NONE, &query_identities, "Query available authentication identities", NULL},
         { "create-identity", 0, 0, G_OPTION_ARG_STRING, &create_identity_caption, "Create a new authentication identity", "caption"},
         { "identity-method", 0, 0, G_OPTION_ARG_STRING, &create_identity_method, "Method to use when creating identity", "method"},
+        { "identity-realms", 0, 0, G_OPTION_ARG_STRING, &create_identity_realms, "A comma-separated list of allowed realms for the identity", "realms"},
         { "remove-identity", 0, 0, G_OPTION_ARG_INT, &remove_identity_id, "Remove an authentication identity", "id"},
         { NULL }
     };
@@ -389,7 +397,7 @@ main (int argc, char *argv[])
     } else if (query_identities) {
         query_auth_identities(main_loop);
     } else if (create_identity_caption) {
-        create_auth_identity(main_loop, create_identity_caption, create_identity_method);
+        create_auth_identity(main_loop, create_identity_caption, create_identity_method, create_identity_realms);
     } else if (remove_identity_id > 0) {
         remove_auth_identity(main_loop, remove_identity_id);
     } else if (google_identity_id > 0) {
@@ -407,6 +415,8 @@ main (int argc, char *argv[])
         g_free(query_mechanisms_method);
     if (create_identity_caption)
         g_free(create_identity_caption);
-    if (create_identity_caption)
+    if (create_identity_method)
         g_free(create_identity_method);
+    if (create_identity_realms)
+        g_free(create_identity_realms);
 }
diff --git a/libgsignon-glib/signon-identity-info.c b/libgsignon-glib/signon-identity-info.c
index 40a8fb6..7b57d49 100644
--- a/libgsignon-glib/signon-identity-info.c
+++ b/libgsignon-glib/signon-identity-info.c
@@ -432,7 +432,7 @@ const GHashTable *signon_identity_info_get_methods (const SignonIdentityInfo *in
  * signon_identity_info_get_realms:
  * @info: the #SignonIdentityInfo.
  *
- * Get an array of the realms of @info.
+ * Get an array of the allowed realms of @info.
  *
  * Returns: (transfer none): a %NULL terminated array of realms.
  */
diff --git a/libgsignon-glib/signon-identity.c b/libgsignon-glib/signon-identity.c
index 18f06af..0313644 100644
--- a/libgsignon-glib/signon-identity.c
+++ b/libgsignon-glib/signon-identity.c
@@ -886,7 +886,7 @@ signon_identity_store_credentials_with_info(SignonIdentity *self,
  * @store_secret: whether gSSO should save the password in secret storage.
  * @methods: (transfer none) (element-type utf8 GStrv): allowed methods.
  * @caption: (allow-none): caption.
- * @realms: (allow-none): realms.
+ * @realms: (allow-none): allowed realms.
  * @owner: (allow-none): owner.
  * @access_control_list: (allow-none): access control list.
  * @type: the type of the identity.
-- 
2.34.1