summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Schanzenbach <mschanzenbach@posteo.de>2021-02-22 18:34:48 +0100
committerMartin Schanzenbach <mschanzenbach@posteo.de>2021-04-20 10:50:37 +0200
commit8f2a3f6d0a453c2d8797a14d8749e53e100593aa (patch)
tree7b1db29cca28809e3676d9d284805c0ae652902a
parent40458566131dfc85381d8966bb465f455830400b (diff)
-automatic generation of identity keys
-rw-r--r--src/reclaim/plugin_rest_pabc.c72
1 files changed, 53 insertions, 19 deletions
diff --git a/src/reclaim/plugin_rest_pabc.c b/src/reclaim/plugin_rest_pabc.c
index e5099a012..3d34b85fe 100644
--- a/src/reclaim/plugin_rest_pabc.c
+++ b/src/reclaim/plugin_rest_pabc.c
@@ -214,6 +214,7 @@ return_response (void *cls)
cleanup_handle (handle);
}
+
static enum pabc_status
set_attributes_from_idtoken (const struct pabc_context *ctx,
const struct pabc_public_parameters *pp,
@@ -231,7 +232,7 @@ set_attributes_from_idtoken (const struct pabc_context *ctx,
const char *pabc_key;
enum pabc_status status;
- //FIXME parse JWT
+ // FIXME parse JWT
jwt_string = GNUNET_strndup (id_token, strlen (id_token));
jwt_body = strtok (jwt_string, delim);
jwt_body = strtok (NULL, delim);
@@ -241,17 +242,17 @@ set_attributes_from_idtoken (const struct pabc_context *ctx,
payload_json = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
GNUNET_free (decoded_jwt);
- json_object_foreach(payload_json, key, value)
+ json_object_foreach (payload_json, key, value)
{
pabc_key = key;
if (0 == strcmp ("iss", key))
- pabc_key = "issuer"; //rename
+ pabc_key = "issuer"; // rename
if (0 == strcmp ("sub", key))
- pabc_key = "subject"; //rename
+ pabc_key = "subject"; // rename
if (0 == strcmp ("jti", key))
continue;
if (0 == strcmp ("exp", key))
- pabc_key = "expiration"; //rename
+ pabc_key = "expiration"; // rename
if (0 == strcmp ("iat", key))
continue;
if (0 == strcmp ("nbf", key))
@@ -272,6 +273,23 @@ set_attributes_from_idtoken (const struct pabc_context *ctx,
}
+static enum GNUNET_GenericReturnValue
+setup_new_user_context (struct pabc_context *ctx,
+ struct pabc_public_parameters *pp,
+ struct pabc_user_context **usr_ctx)
+{
+ if (PABC_OK != pabc_new_user_context (ctx, pp, usr_ctx))
+ return GNUNET_SYSERR;
+
+ if (PABC_OK != pabc_populate_user_context (ctx, *usr_ctx))
+ {
+ pabc_free_user_context (ctx, pp, usr_ctx);
+ return GNUNET_SYSERR;
+ }
+ return GNUNET_OK;
+}
+
+
static void
cr_cont (struct GNUNET_REST_RequestHandle *con_handle,
const char *url,
@@ -316,7 +334,7 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle,
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- if (!json_is_object (data_json))
+ if (! json_is_object (data_json))
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Unable to parse %s\n", term_data);
@@ -372,9 +390,10 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle,
}
PABC_ASSERT (pabc_new_ctx (&ctx));
- status = PABC_load_public_parameters (ctx,
- json_string_value (iss_json),
- &pp);
+ // FIXME jansson does stupid escaping here maybe expect ecoded?
+ status = pabc_decode_and_new_public_parameters (ctx,
+ &pp,
+ json_string_value (pp_json));
if (status != PABC_OK)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read public parameters.\n");
@@ -382,17 +401,33 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle,
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
-
+ // (Over)write parameters
+ status = PABC_write_public_parameters (json_string_value (iss_json),
+ pp);
+ if (status != PABC_OK)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Failed to write public parameters.\n");
+ json_decref (data_json);
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
status = PABC_read_usr_ctx (json_string_value (identity_json),
json_string_value (iss_json),
ctx, pp, &usr_ctx);
if (PABC_OK != status)
{
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read user context.\n");
- pabc_free_public_parameters (ctx, &pp);
- json_decref (data_json);
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
+ if (GNUNET_OK != setup_new_user_context (ctx, pp, &usr_ctx))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to setup user context.\n");
+ pabc_free_public_parameters (ctx, &pp);
+ json_decref (data_json);
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
+ PABC_write_usr_ctx (json_string_value (identity_json),
+ json_string_value (iss_json),
+ ctx, pp, usr_ctx);
}
// Set attributes from JWT to context
@@ -422,7 +457,7 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle,
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- //FIXME: where does this come from???
+ // FIXME: where does this come from???
status = pabc_decode_nonce (ctx, nonce, json_string_value (nonce_json));
if (status != PABC_OK)
{
@@ -519,10 +554,9 @@ rest_identity_process_request (struct GNUNET_REST_RequestHandle *rest_handle,
{
struct RequestHandle *handle = GNUNET_new (struct RequestHandle);
struct GNUNET_REST_RequestHandlerError err;
- static const struct GNUNET_REST_RequestHandler handlers[] =
- {
+ static const struct GNUNET_REST_RequestHandler handlers[] = {
{MHD_HTTP_METHOD_POST,
- GNUNET_REST_API_NS_PABC_CR, &cr_cont },
+ GNUNET_REST_API_NS_PABC_CR, &cr_cont },
{ MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_PABC, &options_cont },
GNUNET_REST_HANDLER_END
};