diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-10-06 16:50:32 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2017-10-06 16:50:32 +0200 |
commit | cc838240da0d28fa1fc6d7a97da2808a7a622365 (patch) | |
tree | 49603d5a1e1db330863b3465ef052ca6f9b2b04e /src/identity-provider/plugin_rest_identity_provider.c | |
parent | 7807374c7247af1d139ff70b4af047c227229a6e (diff) | |
download | gnunet-cc838240da0d28fa1fc6d7a97da2808a7a622365.tar.gz gnunet-cc838240da0d28fa1fc6d7a97da2808a7a622365.zip |
-remove deprecated
Diffstat (limited to 'src/identity-provider/plugin_rest_identity_provider.c')
-rw-r--r-- | src/identity-provider/plugin_rest_identity_provider.c | 1216 |
1 files changed, 0 insertions, 1216 deletions
diff --git a/src/identity-provider/plugin_rest_identity_provider.c b/src/identity-provider/plugin_rest_identity_provider.c deleted file mode 100644 index dfb935f5b..000000000 --- a/src/identity-provider/plugin_rest_identity_provider.c +++ /dev/null | |||
@@ -1,1216 +0,0 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | Copyright (C) 2012-2015 GNUnet e.V. | ||
4 | |||
5 | GNUnet is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as published | ||
7 | by the Free Software Foundation; either version 3, or (at your | ||
8 | option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public License | ||
16 | along with GNUnet; see the file COPYING. If not, write to the | ||
17 | Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, | ||
18 | Boston, MA 02110-1301, USA. | ||
19 | */ | ||
20 | /** | ||
21 | * @author Martin Schanzenbach | ||
22 | * @file identity/plugin_rest_identity.c | ||
23 | * @brief GNUnet Namestore REST plugin | ||
24 | * | ||
25 | */ | ||
26 | |||
27 | #include "platform.h" | ||
28 | #include "gnunet_rest_plugin.h" | ||
29 | #include "gnunet_identity_service.h" | ||
30 | #include "gnunet_gns_service.h" | ||
31 | #include "gnunet_gnsrecord_lib.h" | ||
32 | #include "gnunet_namestore_service.h" | ||
33 | #include "gnunet_rest_lib.h" | ||
34 | #include "gnunet_jsonapi_lib.h" | ||
35 | #include "gnunet_jsonapi_util.h" | ||
36 | #include "microhttpd.h" | ||
37 | #include <jansson.h> | ||
38 | #include <inttypes.h> | ||
39 | #include "gnunet_signatures.h" | ||
40 | #include "gnunet_identity_provider_service.h" | ||
41 | |||
42 | /** | ||
43 | * REST root namespace | ||
44 | */ | ||
45 | #define GNUNET_REST_API_NS_IDENTITY_PROVIDER "/idp" | ||
46 | |||
47 | /** | ||
48 | * Issue namespace | ||
49 | */ | ||
50 | #define GNUNET_REST_API_NS_IDENTITY_TOKEN_ISSUE "/idp/issue" | ||
51 | |||
52 | /** | ||
53 | * Check namespace TODO | ||
54 | */ | ||
55 | #define GNUNET_REST_API_NS_IDENTITY_TOKEN_CHECK "/idp/check" | ||
56 | |||
57 | /** | ||
58 | * Token namespace | ||
59 | */ | ||
60 | #define GNUNET_REST_API_NS_IDENTITY_OAUTH2_TOKEN "/idp/token" | ||
61 | |||
62 | /** | ||
63 | * The parameter name in which the ticket must be provided | ||
64 | */ | ||
65 | #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET "ticket" | ||
66 | |||
67 | /** | ||
68 | * The parameter name in which the expected nonce must be provided | ||
69 | */ | ||
70 | #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE "expected_nonce" | ||
71 | |||
72 | /** | ||
73 | * The parameter name in which the ticket must be provided | ||
74 | */ | ||
75 | #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TOKEN "token" | ||
76 | |||
77 | /** | ||
78 | * The URL parameter name in which the nonce must be provided | ||
79 | */ | ||
80 | #define GNUNET_IDENTITY_TOKEN_REQUEST_NONCE "nonce" | ||
81 | |||
82 | /** | ||
83 | * State while collecting all egos | ||
84 | */ | ||
85 | #define ID_REST_STATE_INIT 0 | ||
86 | |||
87 | /** | ||
88 | * Done collecting egos | ||
89 | */ | ||
90 | #define ID_REST_STATE_POST_INIT 1 | ||
91 | |||
92 | /** | ||
93 | * Resource type | ||
94 | */ | ||
95 | #define GNUNET_REST_JSONAPI_IDENTITY_TOKEN "token" | ||
96 | |||
97 | /** | ||
98 | * URL parameter to create a GNUid token for a specific audience | ||
99 | */ | ||
100 | #define GNUNET_REST_JSONAPI_IDENTITY_AUD_REQUEST "audience" | ||
101 | |||
102 | /** | ||
103 | * URL parameter to create a GNUid token for a specific issuer (EGO) | ||
104 | */ | ||
105 | #define GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST "issuer" | ||
106 | |||
107 | /** | ||
108 | * Attributes passed to issue request | ||
109 | */ | ||
110 | #define GNUNET_IDENTITY_TOKEN_ATTR_LIST "requested_attrs" | ||
111 | |||
112 | /** | ||
113 | * Attributes passed to issue request | ||
114 | */ | ||
115 | #define GNUNET_IDENTITY_TOKEN_V_ATTR_LIST "requested_verified_attrs" | ||
116 | |||
117 | |||
118 | /** | ||
119 | * Token expiration string | ||
120 | */ | ||
121 | #define GNUNET_IDENTITY_TOKEN_EXP_STRING "expiration" | ||
122 | |||
123 | /** | ||
124 | * Error messages | ||
125 | */ | ||
126 | #define GNUNET_REST_ERROR_RESOURCE_INVALID "Resource location invalid" | ||
127 | #define GNUNET_REST_ERROR_NO_DATA "No data" | ||
128 | |||
129 | /** | ||
130 | * GNUid token lifetime | ||
131 | */ | ||
132 | #define GNUNET_GNUID_TOKEN_EXPIRATION_MICROSECONDS 300000000 | ||
133 | |||
134 | /** | ||
135 | * The configuration handle | ||
136 | */ | ||
137 | const struct GNUNET_CONFIGURATION_Handle *cfg; | ||
138 | |||
139 | /** | ||
140 | * HTTP methods allows for this plugin | ||
141 | */ | ||
142 | static char* allow_methods; | ||
143 | |||
144 | /** | ||
145 | * @brief struct returned by the initialization function of the plugin | ||
146 | */ | ||
147 | struct Plugin | ||
148 | { | ||
149 | const struct GNUNET_CONFIGURATION_Handle *cfg; | ||
150 | }; | ||
151 | |||
152 | /** | ||
153 | * The ego list | ||
154 | */ | ||
155 | struct EgoEntry | ||
156 | { | ||
157 | /** | ||
158 | * DLL | ||
159 | */ | ||
160 | struct EgoEntry *next; | ||
161 | |||
162 | /** | ||
163 | * DLL | ||
164 | */ | ||
165 | struct EgoEntry *prev; | ||
166 | |||
167 | /** | ||
168 | * Ego Identifier | ||
169 | */ | ||
170 | char *identifier; | ||
171 | |||
172 | /** | ||
173 | * Public key string | ||
174 | */ | ||
175 | char *keystring; | ||
176 | |||
177 | /** | ||
178 | * The Ego | ||
179 | */ | ||
180 | struct GNUNET_IDENTITY_Ego *ego; | ||
181 | }; | ||
182 | |||
183 | |||
184 | struct RequestHandle | ||
185 | { | ||
186 | /** | ||
187 | * Ego list | ||
188 | */ | ||
189 | struct EgoEntry *ego_head; | ||
190 | |||
191 | /** | ||
192 | * Ego list | ||
193 | */ | ||
194 | struct EgoEntry *ego_tail; | ||
195 | |||
196 | /** | ||
197 | * Selected ego | ||
198 | */ | ||
199 | struct EgoEntry *ego_entry; | ||
200 | |||
201 | /** | ||
202 | * Ptr to current ego private key | ||
203 | */ | ||
204 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; | ||
205 | |||
206 | /** | ||
207 | * Handle to the rest connection | ||
208 | */ | ||
209 | struct GNUNET_REST_RequestHandle *conndata_handle; | ||
210 | |||
211 | /** | ||
212 | * The processing state | ||
213 | */ | ||
214 | int state; | ||
215 | |||
216 | /** | ||
217 | * Handle to Identity service. | ||
218 | */ | ||
219 | struct GNUNET_IDENTITY_Handle *identity_handle; | ||
220 | |||
221 | /** | ||
222 | * IDENTITY Operation | ||
223 | */ | ||
224 | struct GNUNET_IDENTITY_Operation *op; | ||
225 | |||
226 | /** | ||
227 | * Identity Provider | ||
228 | */ | ||
229 | struct GNUNET_IDENTITY_PROVIDER_Handle *idp; | ||
230 | |||
231 | /** | ||
232 | * Idp Operation | ||
233 | */ | ||
234 | struct GNUNET_IDENTITY_PROVIDER_Operation *idp_op; | ||
235 | |||
236 | /** | ||
237 | * Handle to NS service | ||
238 | */ | ||
239 | struct GNUNET_NAMESTORE_Handle *ns_handle; | ||
240 | |||
241 | /** | ||
242 | * NS iterator | ||
243 | */ | ||
244 | struct GNUNET_NAMESTORE_ZoneIterator *ns_it; | ||
245 | |||
246 | /** | ||
247 | * NS Handle | ||
248 | */ | ||
249 | struct GNUNET_NAMESTORE_QueueEntry *ns_qe; | ||
250 | |||
251 | /** | ||
252 | * Desired timeout for the lookup (default is no timeout). | ||
253 | */ | ||
254 | struct GNUNET_TIME_Relative timeout; | ||
255 | |||
256 | /** | ||
257 | * ID of a task associated with the resolution process. | ||
258 | */ | ||
259 | struct GNUNET_SCHEDULER_Task *timeout_task; | ||
260 | |||
261 | /** | ||
262 | * The plugin result processor | ||
263 | */ | ||
264 | GNUNET_REST_ResultProcessor proc; | ||
265 | |||
266 | /** | ||
267 | * The closure of the result processor | ||
268 | */ | ||
269 | void *proc_cls; | ||
270 | |||
271 | /** | ||
272 | * The url | ||
273 | */ | ||
274 | char *url; | ||
275 | |||
276 | /** | ||
277 | * Error response message | ||
278 | */ | ||
279 | char *emsg; | ||
280 | |||
281 | /** | ||
282 | * Reponse code | ||
283 | */ | ||
284 | int response_code; | ||
285 | |||
286 | /** | ||
287 | * Response object | ||
288 | */ | ||
289 | struct GNUNET_JSONAPI_Document *resp_object; | ||
290 | |||
291 | }; | ||
292 | |||
293 | |||
294 | /** | ||
295 | * Cleanup lookup handle | ||
296 | * @param handle Handle to clean up | ||
297 | */ | ||
298 | static void | ||
299 | cleanup_handle (struct RequestHandle *handle) | ||
300 | { | ||
301 | struct EgoEntry *ego_entry; | ||
302 | struct EgoEntry *ego_tmp; | ||
303 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
304 | "Cleaning up\n"); | ||
305 | if (NULL != handle->resp_object) | ||
306 | GNUNET_JSONAPI_document_delete (handle->resp_object); | ||
307 | if (NULL != handle->timeout_task) | ||
308 | GNUNET_SCHEDULER_cancel (handle->timeout_task); | ||
309 | if (NULL != handle->identity_handle) | ||
310 | GNUNET_IDENTITY_disconnect (handle->identity_handle); | ||
311 | if (NULL != handle->idp) | ||
312 | GNUNET_IDENTITY_PROVIDER_disconnect (handle->idp); | ||
313 | if (NULL != handle->ns_it) | ||
314 | GNUNET_NAMESTORE_zone_iteration_stop (handle->ns_it); | ||
315 | if (NULL != handle->ns_qe) | ||
316 | GNUNET_NAMESTORE_cancel (handle->ns_qe); | ||
317 | if (NULL != handle->ns_handle) | ||
318 | GNUNET_NAMESTORE_disconnect (handle->ns_handle); | ||
319 | if (NULL != handle->url) | ||
320 | GNUNET_free (handle->url); | ||
321 | if (NULL != handle->emsg) | ||
322 | GNUNET_free (handle->emsg); | ||
323 | for (ego_entry = handle->ego_head; | ||
324 | NULL != ego_entry;) | ||
325 | { | ||
326 | ego_tmp = ego_entry; | ||
327 | ego_entry = ego_entry->next; | ||
328 | GNUNET_free (ego_tmp->identifier); | ||
329 | GNUNET_free (ego_tmp->keystring); | ||
330 | GNUNET_free (ego_tmp); | ||
331 | } | ||
332 | GNUNET_free (handle); | ||
333 | } | ||
334 | |||
335 | |||
336 | /** | ||
337 | * Task run on error, sends error message. Cleans up everything. | ||
338 | * | ||
339 | * @param cls the `struct RequestHandle` | ||
340 | */ | ||
341 | static void | ||
342 | do_error (void *cls) | ||
343 | { | ||
344 | struct RequestHandle *handle = cls; | ||
345 | struct MHD_Response *resp; | ||
346 | char *json_error; | ||
347 | |||
348 | GNUNET_asprintf (&json_error, | ||
349 | "{Error while processing request: %s}", | ||
350 | handle->emsg); | ||
351 | resp = GNUNET_REST_create_response (json_error); | ||
352 | handle->proc (handle->proc_cls, resp, handle->response_code); | ||
353 | cleanup_handle (handle); | ||
354 | GNUNET_free (json_error); | ||
355 | } | ||
356 | |||
357 | /** | ||
358 | * Task run on timeout, sends error message. Cleans up everything. | ||
359 | * | ||
360 | * @param cls the `struct RequestHandle` | ||
361 | */ | ||
362 | static void | ||
363 | do_timeout (void *cls) | ||
364 | { | ||
365 | struct RequestHandle *handle = cls; | ||
366 | |||
367 | handle->timeout_task = NULL; | ||
368 | do_error (handle); | ||
369 | } | ||
370 | |||
371 | |||
372 | /** | ||
373 | * Task run on shutdown. Cleans up everything. | ||
374 | * | ||
375 | * @param cls unused | ||
376 | */ | ||
377 | static void | ||
378 | do_cleanup_handle_delayed (void *cls) | ||
379 | { | ||
380 | struct RequestHandle *handle = cls; | ||
381 | |||
382 | cleanup_handle (handle); | ||
383 | } | ||
384 | |||
385 | |||
386 | /** | ||
387 | * Get a ticket for identity | ||
388 | * @param cls the handle | ||
389 | * @param ticket the ticket returned from the idp | ||
390 | */ | ||
391 | static void | ||
392 | token_creat_cont (void *cls, | ||
393 | const char *label, | ||
394 | const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket, | ||
395 | const struct GNUNET_IDENTITY_PROVIDER_Token *token) | ||
396 | { | ||
397 | struct GNUNET_JSONAPI_Resource *json_resource; | ||
398 | struct RequestHandle *handle = cls; | ||
399 | struct MHD_Response *resp; | ||
400 | json_t *ticket_json; | ||
401 | json_t *token_json; | ||
402 | char *ticket_str; | ||
403 | char *token_str; | ||
404 | char *result_str; | ||
405 | |||
406 | handle->idp_op = NULL; | ||
407 | |||
408 | if (NULL == ticket) | ||
409 | { | ||
410 | handle->emsg = GNUNET_strdup ("Error in token issue"); | ||
411 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
412 | return; | ||
413 | } | ||
414 | |||
415 | handle->resp_object = GNUNET_JSONAPI_document_new (); | ||
416 | json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET, | ||
417 | label); | ||
418 | ticket_str = GNUNET_IDENTITY_PROVIDER_ticket_to_string (ticket); | ||
419 | token_str = GNUNET_IDENTITY_PROVIDER_token_to_string (token); | ||
420 | ticket_json = json_string (ticket_str); | ||
421 | token_json = json_string (token_str); | ||
422 | GNUNET_JSONAPI_resource_add_attr (json_resource, | ||
423 | GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET, | ||
424 | ticket_json); | ||
425 | GNUNET_JSONAPI_resource_add_attr (json_resource, | ||
426 | GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TOKEN, | ||
427 | token_json); | ||
428 | GNUNET_free (ticket_str); | ||
429 | GNUNET_free (token_str); | ||
430 | json_decref (ticket_json); | ||
431 | json_decref (token_json); | ||
432 | GNUNET_JSONAPI_document_resource_add (handle->resp_object, json_resource); | ||
433 | |||
434 | GNUNET_JSONAPI_document_serialize (handle->resp_object, &result_str); | ||
435 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Result %s\n", result_str); | ||
436 | resp = GNUNET_REST_create_response (result_str); | ||
437 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); | ||
438 | GNUNET_free (result_str); | ||
439 | GNUNET_SCHEDULER_add_now (&do_cleanup_handle_delayed, handle); | ||
440 | } | ||
441 | |||
442 | |||
443 | /** | ||
444 | * Continueationf for token issue request | ||
445 | * | ||
446 | * @param con the Rest handle | ||
447 | * @param url the requested url | ||
448 | * @param cls the request handle | ||
449 | */ | ||
450 | static void | ||
451 | issue_token_cont (struct GNUNET_REST_RequestHandle *con, | ||
452 | const char *url, | ||
453 | void *cls) | ||
454 | { | ||
455 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; | ||
456 | const char *egoname; | ||
457 | |||
458 | struct RequestHandle *handle = cls; | ||
459 | struct EgoEntry *ego_entry; | ||
460 | struct GNUNET_HashCode key; | ||
461 | struct MHD_Response *resp; | ||
462 | struct GNUNET_CRYPTO_EcdsaPublicKey pub_key; | ||
463 | struct GNUNET_CRYPTO_EcdsaPublicKey aud_key; | ||
464 | struct GNUNET_TIME_Relative etime_rel; | ||
465 | struct GNUNET_TIME_Absolute exp_time; | ||
466 | char *ego_val; | ||
467 | char *audience; | ||
468 | char *exp_str; | ||
469 | char *nonce_str; | ||
470 | char *scopes; | ||
471 | char *vattrs; | ||
472 | uint64_t time; | ||
473 | uint64_t nonce; | ||
474 | |||
475 | if (GNUNET_NO == GNUNET_REST_namespace_match (handle->url, | ||
476 | GNUNET_REST_API_NS_IDENTITY_TOKEN_ISSUE)) | ||
477 | { | ||
478 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "URL invalid: %s\n", handle->url); | ||
479 | resp = GNUNET_REST_create_response (NULL); | ||
480 | handle->proc (handle->proc_cls, resp, MHD_HTTP_BAD_REQUEST); | ||
481 | cleanup_handle (handle); | ||
482 | return; | ||
483 | } | ||
484 | egoname = NULL; | ||
485 | ego_entry = NULL; | ||
486 | GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST, | ||
487 | strlen (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST), | ||
488 | &key); | ||
489 | if ( GNUNET_YES != | ||
490 | GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map, | ||
491 | &key) ) | ||
492 | { | ||
493 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
494 | "Issuer not found\n"); | ||
495 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
496 | return; | ||
497 | } | ||
498 | ego_val = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map, | ||
499 | &key); | ||
500 | if (NULL == ego_val) | ||
501 | { | ||
502 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
503 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
504 | "Ego invalid: %s\n", | ||
505 | ego_val); | ||
506 | return; | ||
507 | } | ||
508 | for (ego_entry = handle->ego_head; | ||
509 | NULL != ego_entry; | ||
510 | ego_entry = ego_entry->next) | ||
511 | { | ||
512 | if (0 != strcmp (ego_val, ego_entry->identifier)) | ||
513 | continue; | ||
514 | egoname = ego_entry->identifier; | ||
515 | break; | ||
516 | } | ||
517 | if ( (NULL == egoname) || | ||
518 | (NULL == ego_entry) ) | ||
519 | { | ||
520 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
521 | "Ego not found: %s\n", | ||
522 | ego_val); | ||
523 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
524 | return; | ||
525 | } | ||
526 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
527 | "Ego to issue token for: %s\n", | ||
528 | egoname); | ||
529 | |||
530 | |||
531 | //Meta info | ||
532 | GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_ATTR_LIST, | ||
533 | strlen (GNUNET_IDENTITY_TOKEN_ATTR_LIST), | ||
534 | &key); | ||
535 | |||
536 | scopes = NULL; | ||
537 | if ( GNUNET_YES != | ||
538 | GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map, | ||
539 | &key) ) | ||
540 | { | ||
541 | handle->emsg = GNUNET_strdup ("Scopes missing!\n"); | ||
542 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
543 | return; | ||
544 | } | ||
545 | scopes = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map, | ||
546 | &key); | ||
547 | |||
548 | //vattrs | ||
549 | GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_V_ATTR_LIST, | ||
550 | strlen (GNUNET_IDENTITY_TOKEN_V_ATTR_LIST), | ||
551 | &key); | ||
552 | |||
553 | vattrs = NULL; | ||
554 | if ( GNUNET_YES == | ||
555 | GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map, | ||
556 | &key) ) | ||
557 | { | ||
558 | vattrs = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map, | ||
559 | &key); | ||
560 | } | ||
561 | |||
562 | |||
563 | |||
564 | //Token audience | ||
565 | GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_AUD_REQUEST, | ||
566 | strlen (GNUNET_REST_JSONAPI_IDENTITY_AUD_REQUEST), | ||
567 | &key); | ||
568 | audience = NULL; | ||
569 | if ( GNUNET_YES != | ||
570 | GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map, | ||
571 | &key) ) | ||
572 | { | ||
573 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
574 | "Audience missing!\n"); | ||
575 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
576 | return; | ||
577 | } | ||
578 | audience = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map, | ||
579 | &key); | ||
580 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
581 | "Audience to issue token for: %s\n", | ||
582 | audience); | ||
583 | |||
584 | priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego); | ||
585 | GNUNET_IDENTITY_ego_get_public_key (ego_entry->ego, | ||
586 | &pub_key); | ||
587 | GNUNET_STRINGS_string_to_data (audience, | ||
588 | strlen (audience), | ||
589 | &aud_key, | ||
590 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); | ||
591 | |||
592 | //Remote nonce | ||
593 | nonce_str = NULL; | ||
594 | GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_REQUEST_NONCE, | ||
595 | strlen (GNUNET_IDENTITY_TOKEN_REQUEST_NONCE), | ||
596 | &key); | ||
597 | if ( GNUNET_YES != | ||
598 | GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map, | ||
599 | &key) ) | ||
600 | { | ||
601 | handle->emsg = GNUNET_strdup ("Request nonce missing!\n"); | ||
602 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
603 | return; | ||
604 | } | ||
605 | nonce_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map, | ||
606 | &key); | ||
607 | GNUNET_assert (NULL != nonce_str); | ||
608 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
609 | "Request nonce: %s\n", | ||
610 | nonce_str); | ||
611 | GNUNET_assert (1 == sscanf (nonce_str, "%"SCNu64, &nonce)); | ||
612 | |||
613 | //Get expiration for token from URL parameter | ||
614 | GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_EXP_STRING, | ||
615 | strlen (GNUNET_IDENTITY_TOKEN_EXP_STRING), | ||
616 | &key); | ||
617 | |||
618 | exp_str = NULL; | ||
619 | if (GNUNET_YES == GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map, | ||
620 | &key)) | ||
621 | { | ||
622 | exp_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map, | ||
623 | &key); | ||
624 | } | ||
625 | if (NULL == exp_str) { | ||
626 | handle->emsg = GNUNET_strdup ("No expiration given!\n"); | ||
627 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
628 | return; | ||
629 | } | ||
630 | |||
631 | if (GNUNET_OK != | ||
632 | GNUNET_STRINGS_fancy_time_to_relative (exp_str, | ||
633 | &etime_rel)) | ||
634 | { | ||
635 | handle->emsg = GNUNET_strdup ("Expiration invalid!\n"); | ||
636 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
637 | return; | ||
638 | } | ||
639 | time = GNUNET_TIME_absolute_get().abs_value_us; | ||
640 | exp_time.abs_value_us = time + etime_rel.rel_value_us; | ||
641 | |||
642 | handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg); | ||
643 | handle->idp_op = GNUNET_IDENTITY_PROVIDER_issue_token (handle->idp, | ||
644 | priv_key, | ||
645 | &aud_key, | ||
646 | scopes, | ||
647 | vattrs, | ||
648 | exp_time, | ||
649 | nonce, | ||
650 | &token_creat_cont, | ||
651 | handle); | ||
652 | |||
653 | } | ||
654 | |||
655 | |||
656 | /** | ||
657 | * Build a GNUid token for identity | ||
658 | * | ||
659 | * @param cls the request handle | ||
660 | */ | ||
661 | static void | ||
662 | return_token_list (void *cls) | ||
663 | { | ||
664 | char* result_str; | ||
665 | struct RequestHandle *handle = cls; | ||
666 | struct MHD_Response *resp; | ||
667 | |||
668 | GNUNET_JSONAPI_document_serialize (handle->resp_object, &result_str); | ||
669 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Result %s\n", result_str); | ||
670 | resp = GNUNET_REST_create_response (result_str); | ||
671 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); | ||
672 | GNUNET_free (result_str); | ||
673 | cleanup_handle (handle); | ||
674 | } | ||
675 | |||
676 | |||
677 | static void | ||
678 | token_collect_error_cb (void *cls) | ||
679 | { | ||
680 | struct RequestHandle *handle = cls; | ||
681 | |||
682 | do_error (handle); | ||
683 | } | ||
684 | |||
685 | |||
686 | /** | ||
687 | * Collect all tokens for an ego | ||
688 | * | ||
689 | * TODO move this into the identity-provider service | ||
690 | * | ||
691 | */ | ||
692 | static void | ||
693 | token_collect (void *cls, | ||
694 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone, | ||
695 | const char *label, | ||
696 | unsigned int rd_count, | ||
697 | const struct GNUNET_GNSRECORD_Data *rd); | ||
698 | |||
699 | |||
700 | static void | ||
701 | token_collect_finished_cb (void *cls) | ||
702 | { | ||
703 | struct RequestHandle *handle = cls; | ||
704 | struct EgoEntry *ego_tmp; | ||
705 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; | ||
706 | |||
707 | ego_tmp = handle->ego_head; | ||
708 | GNUNET_CONTAINER_DLL_remove (handle->ego_head, | ||
709 | handle->ego_tail, | ||
710 | ego_tmp); | ||
711 | GNUNET_free (ego_tmp->identifier); | ||
712 | GNUNET_free (ego_tmp->keystring); | ||
713 | GNUNET_free (ego_tmp); | ||
714 | |||
715 | if (NULL == handle->ego_head) | ||
716 | { | ||
717 | //Done | ||
718 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding token END\n"); | ||
719 | handle->ns_it = NULL; | ||
720 | GNUNET_SCHEDULER_add_now (&return_token_list, handle); | ||
721 | return; | ||
722 | } | ||
723 | |||
724 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
725 | "Next ego: %s\n", | ||
726 | handle->ego_head->identifier); | ||
727 | priv_key = GNUNET_IDENTITY_ego_get_private_key (handle->ego_head->ego); | ||
728 | handle->ns_it = GNUNET_NAMESTORE_zone_iteration_start (handle->ns_handle, | ||
729 | priv_key, | ||
730 | &token_collect_error_cb, | ||
731 | handle, | ||
732 | &token_collect, | ||
733 | handle, | ||
734 | &token_collect_finished_cb, | ||
735 | handle); | ||
736 | } | ||
737 | |||
738 | |||
739 | /** | ||
740 | * Collect all tokens for an ego | ||
741 | * | ||
742 | * TODO move this into the identity-provider service | ||
743 | * | ||
744 | */ | ||
745 | static void | ||
746 | token_collect (void *cls, | ||
747 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone, | ||
748 | const char *label, | ||
749 | unsigned int rd_count, | ||
750 | const struct GNUNET_GNSRECORD_Data *rd) | ||
751 | { | ||
752 | struct RequestHandle *handle = cls; | ||
753 | int i; | ||
754 | char* data; | ||
755 | struct GNUNET_JSONAPI_Resource *json_resource; | ||
756 | json_t *issuer; | ||
757 | json_t *token; | ||
758 | |||
759 | for (i = 0; i < rd_count; i++) | ||
760 | { | ||
761 | if (rd[i].record_type == GNUNET_GNSRECORD_TYPE_ID_TOKEN) | ||
762 | { | ||
763 | data = GNUNET_GNSRECORD_value_to_string (rd[i].record_type, | ||
764 | rd[i].data, | ||
765 | rd[i].data_size); | ||
766 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding token: %s\n", data); | ||
767 | json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_IDENTITY_TOKEN, | ||
768 | label); | ||
769 | issuer = json_string (handle->ego_head->identifier); | ||
770 | GNUNET_JSONAPI_resource_add_attr (json_resource, | ||
771 | GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST, | ||
772 | issuer); | ||
773 | json_decref (issuer); | ||
774 | token = json_string (data); | ||
775 | GNUNET_JSONAPI_resource_add_attr (json_resource, | ||
776 | GNUNET_REST_JSONAPI_IDENTITY_TOKEN, | ||
777 | token); | ||
778 | json_decref (token); | ||
779 | |||
780 | GNUNET_JSONAPI_document_resource_add (handle->resp_object, json_resource); | ||
781 | GNUNET_free (data); | ||
782 | } | ||
783 | } | ||
784 | |||
785 | GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it); | ||
786 | } | ||
787 | |||
788 | |||
789 | |||
790 | /** | ||
791 | * Respond to OPTIONS request | ||
792 | * | ||
793 | * @param con_handle the connection handle | ||
794 | * @param url the url | ||
795 | * @param cls the RequestHandle | ||
796 | */ | ||
797 | static void | ||
798 | list_token_cont (struct GNUNET_REST_RequestHandle *con_handle, | ||
799 | const char* url, | ||
800 | void *cls) | ||
801 | { | ||
802 | char* ego_val; | ||
803 | struct GNUNET_HashCode key; | ||
804 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; | ||
805 | struct RequestHandle *handle = cls; | ||
806 | struct EgoEntry *ego_entry; | ||
807 | struct EgoEntry *ego_tmp; | ||
808 | |||
809 | GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST, | ||
810 | strlen (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST), | ||
811 | &key); | ||
812 | |||
813 | if ( GNUNET_YES != | ||
814 | GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map, | ||
815 | &key) ) | ||
816 | { | ||
817 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "No issuer given.\n"); | ||
818 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
819 | return; | ||
820 | } | ||
821 | ego_val = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map, | ||
822 | &key); | ||
823 | GNUNET_assert (NULL != ego_val); | ||
824 | //Remove non-matching egos | ||
825 | for (ego_entry = handle->ego_head; | ||
826 | NULL != ego_entry;) | ||
827 | { | ||
828 | ego_tmp = ego_entry; | ||
829 | ego_entry = ego_entry->next; | ||
830 | if (0 != strcmp (ego_val, ego_tmp->identifier)) | ||
831 | { | ||
832 | GNUNET_CONTAINER_DLL_remove (handle->ego_head, | ||
833 | handle->ego_tail, | ||
834 | ego_tmp); | ||
835 | GNUNET_free (ego_tmp->identifier); | ||
836 | GNUNET_free (ego_tmp->keystring); | ||
837 | GNUNET_free (ego_tmp); | ||
838 | } | ||
839 | } | ||
840 | handle->resp_object = GNUNET_JSONAPI_document_new (); | ||
841 | if (NULL == handle->ego_head) | ||
842 | { | ||
843 | //Done | ||
844 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "No results.\n"); | ||
845 | GNUNET_SCHEDULER_add_now (&return_token_list, handle); | ||
846 | return; | ||
847 | } | ||
848 | priv_key = GNUNET_IDENTITY_ego_get_private_key (handle->ego_head->ego); | ||
849 | handle->ns_handle = GNUNET_NAMESTORE_connect (cfg); | ||
850 | handle->ns_it = GNUNET_NAMESTORE_zone_iteration_start (handle->ns_handle, | ||
851 | priv_key, | ||
852 | &token_collect_error_cb, | ||
853 | handle, | ||
854 | &token_collect, | ||
855 | handle, | ||
856 | &token_collect_finished_cb, | ||
857 | handle); | ||
858 | |||
859 | } | ||
860 | |||
861 | /** | ||
862 | * Return token to requestor | ||
863 | * | ||
864 | * @param cls request handle | ||
865 | * @param token the token | ||
866 | */ | ||
867 | static void | ||
868 | exchange_cont (void *cls, | ||
869 | const struct GNUNET_IDENTITY_PROVIDER_Token *token, | ||
870 | uint64_t ticket_nonce) | ||
871 | { | ||
872 | json_t *root; | ||
873 | struct RequestHandle *handle = cls; | ||
874 | struct MHD_Response *resp; | ||
875 | struct GNUNET_HashCode key; | ||
876 | char* result; | ||
877 | char* token_str; | ||
878 | char* nonce_str; | ||
879 | uint64_t expected_nonce; | ||
880 | |||
881 | //Get nonce | ||
882 | GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE, | ||
883 | strlen (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE), | ||
884 | &key); | ||
885 | |||
886 | if ( GNUNET_NO == | ||
887 | GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map, | ||
888 | &key) ) | ||
889 | { | ||
890 | handle->emsg = GNUNET_strdup ("No nonce given."); | ||
891 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
892 | return; | ||
893 | } | ||
894 | nonce_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map, | ||
895 | &key); | ||
896 | GNUNET_assert (NULL != nonce_str); | ||
897 | GNUNET_assert (1 == sscanf (nonce_str, "%"SCNu64, &expected_nonce)); | ||
898 | |||
899 | if (ticket_nonce != expected_nonce) | ||
900 | { | ||
901 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
902 | "Ticket nonce %"SCNu64" does not match expected nonce %"SCNu64"\n", | ||
903 | ticket_nonce, expected_nonce); | ||
904 | handle->emsg = GNUNET_strdup ("Ticket nonce does not match expected nonce\n"); | ||
905 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
906 | return; | ||
907 | } | ||
908 | |||
909 | root = json_object (); | ||
910 | token_str = GNUNET_IDENTITY_PROVIDER_token_to_string (token); | ||
911 | json_object_set_new (root, "token", json_string (token_str)); | ||
912 | json_object_set_new (root, "token_type", json_string ("jwt")); | ||
913 | GNUNET_free (token_str); | ||
914 | |||
915 | result = json_dumps (root, JSON_INDENT(1)); | ||
916 | resp = GNUNET_REST_create_response (result); | ||
917 | GNUNET_free (result); | ||
918 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); | ||
919 | cleanup_handle (handle); | ||
920 | json_decref (root); | ||
921 | } | ||
922 | |||
923 | |||
924 | /** | ||
925 | * | ||
926 | * Callback called when identity for token exchange has been found | ||
927 | * | ||
928 | * @param cls request handle | ||
929 | * @param ego the identity to use as issuer | ||
930 | * @param ctx user context | ||
931 | * @param name identity name | ||
932 | * | ||
933 | */ | ||
934 | static void | ||
935 | exchange_token_ticket_cb (void *cls, | ||
936 | struct GNUNET_IDENTITY_Ego *ego, | ||
937 | void **ctx, | ||
938 | const char *name) | ||
939 | { | ||
940 | struct RequestHandle *handle = cls; | ||
941 | struct GNUNET_HashCode key; | ||
942 | struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket; | ||
943 | char* ticket_str; | ||
944 | |||
945 | handle->op = NULL; | ||
946 | |||
947 | if (NULL == ego) | ||
948 | { | ||
949 | handle->emsg = GNUNET_strdup ("No identity found."); | ||
950 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
951 | return; | ||
952 | } | ||
953 | |||
954 | //Get ticket | ||
955 | GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET, | ||
956 | strlen (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET), | ||
957 | &key); | ||
958 | |||
959 | if ( GNUNET_NO == | ||
960 | GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map, | ||
961 | &key) ) | ||
962 | { | ||
963 | handle->emsg = GNUNET_strdup ("No ticket given."); | ||
964 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
965 | return; | ||
966 | } | ||
967 | ticket_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map, | ||
968 | &key); | ||
969 | handle->priv_key = GNUNET_IDENTITY_ego_get_private_key (ego); | ||
970 | GNUNET_IDENTITY_PROVIDER_string_to_ticket (ticket_str, | ||
971 | &ticket); | ||
972 | |||
973 | handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg); | ||
974 | handle->idp_op = GNUNET_IDENTITY_PROVIDER_exchange_ticket (handle->idp, | ||
975 | ticket, | ||
976 | handle->priv_key, | ||
977 | &exchange_cont, | ||
978 | handle); | ||
979 | GNUNET_IDENTITY_PROVIDER_ticket_destroy (ticket); | ||
980 | |||
981 | } | ||
982 | |||
983 | |||
984 | |||
985 | /** | ||
986 | * Respond to issue request | ||
987 | * | ||
988 | * @param con_handle the connection handle | ||
989 | * @param url the url | ||
990 | * @param cls the RequestHandle | ||
991 | */ | ||
992 | static void | ||
993 | exchange_token_ticket_cont (struct GNUNET_REST_RequestHandle *con_handle, | ||
994 | const char* url, | ||
995 | void *cls) | ||
996 | { | ||
997 | struct RequestHandle *handle = cls; | ||
998 | |||
999 | //Get token from GNS | ||
1000 | handle->op = GNUNET_IDENTITY_get (handle->identity_handle, | ||
1001 | "gns-master", | ||
1002 | &exchange_token_ticket_cb, | ||
1003 | handle); | ||
1004 | } | ||
1005 | |||
1006 | /** | ||
1007 | * Respond to OPTIONS request | ||
1008 | * | ||
1009 | * @param con_handle the connection handle | ||
1010 | * @param url the url | ||
1011 | * @param cls the RequestHandle | ||
1012 | */ | ||
1013 | static void | ||
1014 | options_cont (struct GNUNET_REST_RequestHandle *con_handle, | ||
1015 | const char* url, | ||
1016 | void *cls) | ||
1017 | { | ||
1018 | struct MHD_Response *resp; | ||
1019 | struct RequestHandle *handle = cls; | ||
1020 | |||
1021 | //For now, independent of path return all options | ||
1022 | resp = GNUNET_REST_create_response (NULL); | ||
1023 | MHD_add_response_header (resp, | ||
1024 | "Access-Control-Allow-Methods", | ||
1025 | allow_methods); | ||
1026 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); | ||
1027 | cleanup_handle (handle); | ||
1028 | return; | ||
1029 | } | ||
1030 | |||
1031 | /** | ||
1032 | * Handle rest request | ||
1033 | * | ||
1034 | * @param handle the request handle | ||
1035 | */ | ||
1036 | static void | ||
1037 | init_cont (struct RequestHandle *handle) | ||
1038 | { | ||
1039 | struct GNUNET_REST_RequestHandlerError err; | ||
1040 | static const struct GNUNET_REST_RequestHandler handlers[] = { | ||
1041 | {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_TOKEN_ISSUE, &issue_token_cont}, | ||
1042 | //{MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_TOKEN_CHECK, &check_token_cont}, | ||
1043 | {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_PROVIDER, &list_token_cont}, | ||
1044 | {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_IDENTITY_PROVIDER, &options_cont}, | ||
1045 | {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_OAUTH2_TOKEN, &exchange_token_ticket_cont}, | ||
1046 | GNUNET_REST_HANDLER_END | ||
1047 | }; | ||
1048 | |||
1049 | if (GNUNET_NO == GNUNET_REST_handle_request (handle->conndata_handle, | ||
1050 | handlers, | ||
1051 | &err, | ||
1052 | handle)) | ||
1053 | { | ||
1054 | handle->response_code = err.error_code; | ||
1055 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
1056 | } | ||
1057 | } | ||
1058 | |||
1059 | /** | ||
1060 | * If listing is enabled, prints information about the egos. | ||
1061 | * | ||
1062 | * This function is initially called for all egos and then again | ||
1063 | * whenever a ego's identifier changes or if it is deleted. At the | ||
1064 | * end of the initial pass over all egos, the function is once called | ||
1065 | * with 'NULL' for 'ego'. That does NOT mean that the callback won't | ||
1066 | * be invoked in the future or that there was an error. | ||
1067 | * | ||
1068 | * When used with 'GNUNET_IDENTITY_create' or 'GNUNET_IDENTITY_get', | ||
1069 | * this function is only called ONCE, and 'NULL' being passed in | ||
1070 | * 'ego' does indicate an error (i.e. name is taken or no default | ||
1071 | * value is known). If 'ego' is non-NULL and if '*ctx' | ||
1072 | * is set in those callbacks, the value WILL be passed to a subsequent | ||
1073 | * call to the identity callback of 'GNUNET_IDENTITY_connect' (if | ||
1074 | * that one was not NULL). | ||
1075 | * | ||
1076 | * When an identity is renamed, this function is called with the | ||
1077 | * (known) ego but the NEW identifier. | ||
1078 | * | ||
1079 | * When an identity is deleted, this function is called with the | ||
1080 | * (known) ego and "NULL" for the 'identifier'. In this case, | ||
1081 | * the 'ego' is henceforth invalid (and the 'ctx' should also be | ||
1082 | * cleaned up). | ||
1083 | * | ||
1084 | * @param cls closure | ||
1085 | * @param ego ego handle | ||
1086 | * @param ctx context for application to store data for this ego | ||
1087 | * (during the lifetime of this process, initially NULL) | ||
1088 | * @param identifier identifier assigned by the user for this ego, | ||
1089 | * NULL if the user just deleted the ego and it | ||
1090 | * must thus no longer be used | ||
1091 | */ | ||
1092 | static void | ||
1093 | list_ego (void *cls, | ||
1094 | struct GNUNET_IDENTITY_Ego *ego, | ||
1095 | void **ctx, | ||
1096 | const char *identifier) | ||
1097 | { | ||
1098 | struct RequestHandle *handle = cls; | ||
1099 | struct EgoEntry *ego_entry; | ||
1100 | struct GNUNET_CRYPTO_EcdsaPublicKey pk; | ||
1101 | |||
1102 | if ((NULL == ego) && (ID_REST_STATE_INIT == handle->state)) | ||
1103 | { | ||
1104 | handle->state = ID_REST_STATE_POST_INIT; | ||
1105 | init_cont (handle); | ||
1106 | return; | ||
1107 | } | ||
1108 | if (ID_REST_STATE_INIT == handle->state) { | ||
1109 | ego_entry = GNUNET_new (struct EgoEntry); | ||
1110 | GNUNET_IDENTITY_ego_get_public_key (ego, &pk); | ||
1111 | ego_entry->keystring = | ||
1112 | GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk); | ||
1113 | ego_entry->ego = ego; | ||
1114 | ego_entry->identifier = GNUNET_strdup (identifier); | ||
1115 | GNUNET_CONTAINER_DLL_insert_tail(handle->ego_head,handle->ego_tail, ego_entry); | ||
1116 | } | ||
1117 | |||
1118 | } | ||
1119 | |||
1120 | /** | ||
1121 | * Function processing the REST call | ||
1122 | * | ||
1123 | * @param method HTTP method | ||
1124 | * @param url URL of the HTTP request | ||
1125 | * @param data body of the HTTP request (optional) | ||
1126 | * @param data_size length of the body | ||
1127 | * @param proc callback function for the result | ||
1128 | * @param proc_cls closure for callback function | ||
1129 | * @return GNUNET_OK if request accepted | ||
1130 | */ | ||
1131 | static void | ||
1132 | rest_identity_process_request(struct GNUNET_REST_RequestHandle *conndata_handle, | ||
1133 | GNUNET_REST_ResultProcessor proc, | ||
1134 | void *proc_cls) | ||
1135 | { | ||
1136 | struct RequestHandle *handle = GNUNET_new (struct RequestHandle); | ||
1137 | |||
1138 | handle->timeout = GNUNET_TIME_UNIT_FOREVER_REL; | ||
1139 | handle->proc_cls = proc_cls; | ||
1140 | handle->proc = proc; | ||
1141 | handle->state = ID_REST_STATE_INIT; | ||
1142 | handle->conndata_handle = conndata_handle; | ||
1143 | |||
1144 | |||
1145 | handle->url = GNUNET_strdup (conndata_handle->url); | ||
1146 | if (handle->url[strlen (handle->url)-1] == '/') | ||
1147 | handle->url[strlen (handle->url)-1] = '\0'; | ||
1148 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1149 | "Connecting...\n"); | ||
1150 | handle->identity_handle = GNUNET_IDENTITY_connect (cfg, | ||
1151 | &list_ego, | ||
1152 | handle); | ||
1153 | handle->timeout_task = | ||
1154 | GNUNET_SCHEDULER_add_delayed (handle->timeout, | ||
1155 | &do_timeout, | ||
1156 | handle); | ||
1157 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1158 | "Connected\n"); | ||
1159 | } | ||
1160 | |||
1161 | /** | ||
1162 | * Entry point for the plugin. | ||
1163 | * | ||
1164 | * @param cls Config info | ||
1165 | * @return NULL on error, otherwise the plugin context | ||
1166 | */ | ||
1167 | void * | ||
1168 | libgnunet_plugin_rest_identity_provider_init (void *cls) | ||
1169 | { | ||
1170 | static struct Plugin plugin; | ||
1171 | struct GNUNET_REST_Plugin *api; | ||
1172 | |||
1173 | cfg = cls; | ||
1174 | if (NULL != plugin.cfg) | ||
1175 | return NULL; /* can only initialize once! */ | ||
1176 | memset (&plugin, 0, sizeof (struct Plugin)); | ||
1177 | plugin.cfg = cfg; | ||
1178 | api = GNUNET_new (struct GNUNET_REST_Plugin); | ||
1179 | api->cls = &plugin; | ||
1180 | api->name = GNUNET_REST_API_NS_IDENTITY_PROVIDER; | ||
1181 | api->process_request = &rest_identity_process_request; | ||
1182 | GNUNET_asprintf (&allow_methods, | ||
1183 | "%s, %s, %s, %s, %s", | ||
1184 | MHD_HTTP_METHOD_GET, | ||
1185 | MHD_HTTP_METHOD_POST, | ||
1186 | MHD_HTTP_METHOD_PUT, | ||
1187 | MHD_HTTP_METHOD_DELETE, | ||
1188 | MHD_HTTP_METHOD_OPTIONS); | ||
1189 | |||
1190 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
1191 | _("Identity Token REST API initialized\n")); | ||
1192 | return api; | ||
1193 | } | ||
1194 | |||
1195 | |||
1196 | /** | ||
1197 | * Exit point from the plugin. | ||
1198 | * | ||
1199 | * @param cls the plugin context (as returned by "init") | ||
1200 | * @return always NULL | ||
1201 | */ | ||
1202 | void * | ||
1203 | libgnunet_plugin_rest_identity_provider_done (void *cls) | ||
1204 | { | ||
1205 | struct GNUNET_REST_Plugin *api = cls; | ||
1206 | struct Plugin *plugin = api->cls; | ||
1207 | |||
1208 | plugin->cfg = NULL; | ||
1209 | GNUNET_free_non_null (allow_methods); | ||
1210 | GNUNET_free (api); | ||
1211 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1212 | "Identity Token REST plugin is finished\n"); | ||
1213 | return NULL; | ||
1214 | } | ||
1215 | |||
1216 | /* end of plugin_rest_gns.c */ | ||