diff options
author | Martin Schanzenbach <mschanzenbach@posteo.de> | 2016-01-11 16:36:26 +0000 |
---|---|---|
committer | Martin Schanzenbach <mschanzenbach@posteo.de> | 2016-01-11 16:36:26 +0000 |
commit | a393dbd7b27c62ebd101113b361560a477404bf5 (patch) | |
tree | 5dd7983acf8538ffe16bd128fe5a7416f6462a62 /src/identity-provider | |
parent | 55bc55b5f2046c96e1ae5a1d774c14300cc4b890 (diff) | |
download | gnunet-a393dbd7b27c62ebd101113b361560a477404bf5.tar.gz gnunet-a393dbd7b27c62ebd101113b361560a477404bf5.zip |
- fixes, modify api
Diffstat (limited to 'src/identity-provider')
-rw-r--r-- | src/identity-provider/gnunet-service-identity-provider.c | 46 | ||||
-rw-r--r-- | src/identity-provider/identity_provider.h | 2 | ||||
-rw-r--r-- | src/identity-provider/identity_provider_api.c | 41 | ||||
-rw-r--r-- | src/identity-provider/plugin_rest_identity_provider.c | 44 |
4 files changed, 104 insertions, 29 deletions
diff --git a/src/identity-provider/gnunet-service-identity-provider.c b/src/identity-provider/gnunet-service-identity-provider.c index a8a8b7f16..db23c179b 100644 --- a/src/identity-provider/gnunet-service-identity-provider.c +++ b/src/identity-provider/gnunet-service-identity-provider.c | |||
@@ -891,14 +891,25 @@ create_exchange_result_message (const char* token, | |||
891 | 891 | ||
892 | 892 | ||
893 | static struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage* | 893 | static struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage* |
894 | create_issue_result_message (const char* ticket) | 894 | create_issue_result_message (const char* label, |
895 | const char* ticket, | ||
896 | const char* token) | ||
895 | { | 897 | { |
896 | struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *irm; | 898 | struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *irm; |
899 | char *tmp_str; | ||
897 | 900 | ||
898 | irm = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage) + strlen(ticket) + 1); | 901 | irm = GNUNET_malloc (sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage) |
902 | + strlen (label) + 1 | ||
903 | + strlen (ticket) + 1 | ||
904 | + strlen (token) + 1); | ||
899 | irm->header.type = htons (GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_RESULT); | 905 | irm->header.type = htons (GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_ISSUE_RESULT); |
900 | irm->header.size = htons (sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage) + strlen (ticket) + 1); | 906 | irm->header.size = htons (sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage) |
901 | memcpy (&irm[1], ticket, strlen (ticket) + 1); | 907 | + strlen (label) + 1 |
908 | + strlen (ticket) + 1 | ||
909 | + strlen (token) + 1); | ||
910 | GNUNET_asprintf (&tmp_str, "%s,%s,%s", label, ticket, token); | ||
911 | memcpy (&irm[1], tmp_str, strlen (tmp_str) + 1); | ||
912 | GNUNET_free (tmp_str); | ||
902 | return irm; | 913 | return irm; |
903 | } | 914 | } |
904 | 915 | ||
@@ -925,7 +936,8 @@ store_token_issue_cont (void *cls, | |||
925 | { | 936 | { |
926 | struct IssueHandle *handle = cls; | 937 | struct IssueHandle *handle = cls; |
927 | struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *irm; | 938 | struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *irm; |
928 | char* token_ticket_str; | 939 | char *ticket_str; |
940 | char *token_str; | ||
929 | handle->ns_qe = NULL; | 941 | handle->ns_qe = NULL; |
930 | if (GNUNET_SYSERR == success) | 942 | if (GNUNET_SYSERR == success) |
931 | { | 943 | { |
@@ -937,7 +949,7 @@ store_token_issue_cont (void *cls, | |||
937 | } | 949 | } |
938 | if (GNUNET_OK != ticket_serialize (handle->ticket, | 950 | if (GNUNET_OK != ticket_serialize (handle->ticket, |
939 | &handle->iss_key, | 951 | &handle->iss_key, |
940 | &token_ticket_str)) | 952 | &ticket_str)) |
941 | { | 953 | { |
942 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n", | 954 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n", |
943 | "Error serializing ticket\n"); | 955 | "Error serializing ticket\n"); |
@@ -945,7 +957,18 @@ store_token_issue_cont (void *cls, | |||
945 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | 957 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); |
946 | return; | 958 | return; |
947 | } | 959 | } |
948 | irm = create_issue_result_message (token_ticket_str); | 960 | if (GNUNET_OK != token_to_string (handle->token, |
961 | &handle->iss_key, | ||
962 | &token_str)) | ||
963 | { | ||
964 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n", | ||
965 | "Error serializing token\n"); | ||
966 | GNUNET_free (ticket_str); | ||
967 | cleanup_issue_handle (handle); | ||
968 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | ||
969 | return; | ||
970 | } | ||
971 | irm = create_issue_result_message (handle->label, ticket_str, token_str); | ||
949 | GNUNET_SERVER_notification_context_unicast (nc, | 972 | GNUNET_SERVER_notification_context_unicast (nc, |
950 | handle->client, | 973 | handle->client, |
951 | &irm->header, | 974 | &irm->header, |
@@ -953,7 +976,8 @@ store_token_issue_cont (void *cls, | |||
953 | GNUNET_SERVER_client_set_user_context (handle->client, NULL); | 976 | GNUNET_SERVER_client_set_user_context (handle->client, NULL); |
954 | cleanup_issue_handle (handle); | 977 | cleanup_issue_handle (handle); |
955 | GNUNET_free (irm); | 978 | GNUNET_free (irm); |
956 | GNUNET_free (token_ticket_str); | 979 | GNUNET_free (ticket_str); |
980 | GNUNET_free (token_str); | ||
957 | } | 981 | } |
958 | 982 | ||
959 | /** | 983 | /** |
@@ -1320,11 +1344,11 @@ find_existing_token (void *cls, | |||
1320 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) | 1344 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) |
1321 | { | 1345 | { |
1322 | char *tmp2 = GNUNET_STRINGS_data_to_string_alloc (aud_key, | 1346 | char *tmp2 = GNUNET_STRINGS_data_to_string_alloc (aud_key, |
1323 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); | 1347 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); |
1324 | //Audience does not match! | 1348 | //Audience does not match! |
1325 | char *tmp = GNUNET_GNSRECORD_value_to_string (GNUNET_GNSRECORD_TYPE_ID_TOKEN_METADATA, | 1349 | char *tmp = GNUNET_GNSRECORD_value_to_string (GNUNET_GNSRECORD_TYPE_ID_TOKEN_METADATA, |
1326 | token_metadata_record->data, | 1350 | token_metadata_record->data, |
1327 | token_metadata_record->data_size); | 1351 | token_metadata_record->data_size); |
1328 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 1352 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
1329 | "Token does not match audience %s vs %s. Moving on\n", | 1353 | "Token does not match audience %s vs %s. Moving on\n", |
1330 | tmp2, | 1354 | tmp2, |
diff --git a/src/identity-provider/identity_provider.h b/src/identity-provider/identity_provider.h index 9fe444da4..924ed8b4c 100644 --- a/src/identity-provider/identity_provider.h +++ b/src/identity-provider/identity_provider.h | |||
@@ -65,7 +65,7 @@ struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage | |||
65 | */ | 65 | */ |
66 | struct GNUNET_MessageHeader header; | 66 | struct GNUNET_MessageHeader header; |
67 | 67 | ||
68 | /* followed by 0-terminated ticket */ | 68 | /* followed by 0-terminated label,ticket,token */ |
69 | 69 | ||
70 | }; | 70 | }; |
71 | 71 | ||
diff --git a/src/identity-provider/identity_provider_api.c b/src/identity-provider/identity_provider_api.c index f0e91a739..bec0ab742 100644 --- a/src/identity-provider/identity_provider_api.c +++ b/src/identity-provider/identity_provider_api.c | |||
@@ -193,6 +193,9 @@ message_handler (void *cls, | |||
193 | const struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *irm; | 193 | const struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *irm; |
194 | const struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage *erm; | 194 | const struct GNUNET_IDENTITY_PROVIDER_ExchangeResultMessage *erm; |
195 | char *str; | 195 | char *str; |
196 | char *ticket_str; | ||
197 | char *token_str; | ||
198 | char *label_str; | ||
196 | uint16_t size; | 199 | uint16_t size; |
197 | 200 | ||
198 | if (NULL == msg) | 201 | if (NULL == msg) |
@@ -214,26 +217,56 @@ message_handler (void *cls, | |||
214 | return; | 217 | return; |
215 | } | 218 | } |
216 | irm = (const struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *) msg; | 219 | irm = (const struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage *) msg; |
217 | str = (char *) &irm[1]; | 220 | str = GNUNET_strdup ((char *) &irm[1]); |
218 | if ( (size > sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage)) && | 221 | if ( (size > sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage)) && |
219 | ('\0' != str[size - sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage) - 1]) ) | 222 | ('\0' != str[size - sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage) - 1]) ) |
220 | { | 223 | { |
224 | GNUNET_free (str); | ||
221 | GNUNET_break (0); | 225 | GNUNET_break (0); |
222 | reschedule_connect (h); | 226 | reschedule_connect (h); |
223 | return; | 227 | return; |
224 | } | 228 | } |
225 | if (size == sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage)) | 229 | if (size == sizeof (struct GNUNET_IDENTITY_PROVIDER_IssueResultMessage)) |
230 | { | ||
231 | GNUNET_free (str); | ||
226 | str = NULL; | 232 | str = NULL; |
227 | 233 | } | |
234 | label_str = strtok (str, ","); | ||
235 | |||
236 | if (NULL == label_str) | ||
237 | { | ||
238 | GNUNET_free (str); | ||
239 | GNUNET_break (0); | ||
240 | reschedule_connect (h); | ||
241 | return; | ||
242 | } | ||
243 | ticket_str = strtok (NULL, ","); | ||
244 | if (NULL == ticket_str) | ||
245 | { | ||
246 | GNUNET_free (str); | ||
247 | GNUNET_break (0); | ||
248 | reschedule_connect (h); | ||
249 | return; | ||
250 | } | ||
251 | token_str = strtok (NULL, ","); | ||
252 | if (NULL == token_str) | ||
253 | { | ||
254 | GNUNET_free (str); | ||
255 | GNUNET_break (0); | ||
256 | reschedule_connect (h); | ||
257 | return; | ||
258 | } | ||
228 | op = h->op_head; | 259 | op = h->op_head; |
229 | GNUNET_CONTAINER_DLL_remove (h->op_head, | 260 | GNUNET_CONTAINER_DLL_remove (h->op_head, |
230 | h->op_tail, | 261 | h->op_tail, |
231 | op); | 262 | op); |
232 | GNUNET_CLIENT_receive (h->client, &message_handler, h, | 263 | GNUNET_CLIENT_receive (h->client, &message_handler, h, |
233 | GNUNET_TIME_UNIT_FOREVER_REL); | 264 | GNUNET_TIME_UNIT_FOREVER_REL); |
234 | ticket.data = str; | 265 | ticket.data = ticket_str; |
266 | token.data = token_str; | ||
235 | if (NULL != op->iss_cb) | 267 | if (NULL != op->iss_cb) |
236 | op->iss_cb (op->cls, &ticket); | 268 | op->iss_cb (op->cls, label_str, &ticket, &token); |
269 | GNUNET_free (str); | ||
237 | GNUNET_free (op); | 270 | GNUNET_free (op); |
238 | break; | 271 | break; |
239 | case GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_EXCHANGE_RESULT: | 272 | case GNUNET_MESSAGE_TYPE_IDENTITY_PROVIDER_EXCHANGE_RESULT: |
diff --git a/src/identity-provider/plugin_rest_identity_provider.c b/src/identity-provider/plugin_rest_identity_provider.c index 3250a9fbd..771f6d7bd 100644 --- a/src/identity-provider/plugin_rest_identity_provider.c +++ b/src/identity-provider/plugin_rest_identity_provider.c | |||
@@ -57,11 +57,17 @@ | |||
57 | #define GNUNET_REST_API_NS_IDENTITY_OAUTH2_TOKEN "/idp/token" | 57 | #define GNUNET_REST_API_NS_IDENTITY_OAUTH2_TOKEN "/idp/token" |
58 | 58 | ||
59 | /** | 59 | /** |
60 | * The URL parameter name in which the ticket must be provided | 60 | * The parameter name in which the ticket must be provided |
61 | */ | 61 | */ |
62 | #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET "ticket" | 62 | #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET "ticket" |
63 | 63 | ||
64 | /** | 64 | /** |
65 | * The parameter name in which the ticket must be provided | ||
66 | */ | ||
67 | #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TOKEN "token" | ||
68 | |||
69 | |||
70 | /** | ||
65 | * The URL parameter name in which the nonce must be provided | 71 | * The URL parameter name in which the nonce must be provided |
66 | */ | 72 | */ |
67 | #define GNUNET_IDENTITY_TOKEN_REQUEST_NONCE "nonce" | 73 | #define GNUNET_IDENTITY_TOKEN_REQUEST_NONCE "nonce" |
@@ -354,13 +360,17 @@ do_cleanup_handle_delayed (void *cls, | |||
354 | */ | 360 | */ |
355 | static void | 361 | static void |
356 | token_creat_cont (void *cls, | 362 | token_creat_cont (void *cls, |
357 | const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket) | 363 | const char *label, |
364 | const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket, | ||
365 | const struct GNUNET_IDENTITY_PROVIDER_Token *token) | ||
358 | { | 366 | { |
359 | struct JsonApiResource *json_resource; | 367 | struct JsonApiResource *json_resource; |
360 | struct RequestHandle *handle = cls; | 368 | struct RequestHandle *handle = cls; |
361 | struct MHD_Response *resp; | 369 | struct MHD_Response *resp; |
362 | json_t *token_ticket_json; | 370 | json_t *ticket_json; |
371 | json_t *token_json; | ||
363 | char *ticket_str; | 372 | char *ticket_str; |
373 | char *token_str; | ||
364 | char *result_str; | 374 | char *result_str; |
365 | 375 | ||
366 | if (NULL == ticket) | 376 | if (NULL == ticket) |
@@ -369,18 +379,26 @@ token_creat_cont (void *cls, | |||
369 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 379 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
370 | return; | 380 | return; |
371 | } | 381 | } |
372 | 382 | ||
373 | handle->resp_object = GNUNET_REST_jsonapi_object_new (); | 383 | handle->resp_object = GNUNET_REST_jsonapi_object_new (); |
374 | json_resource = GNUNET_REST_jsonapi_resource_new (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET, | 384 | json_resource = GNUNET_REST_jsonapi_resource_new (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET, |
375 | "tmpid"); //TODO | 385 | label); |
376 | ticket_str = GNUNET_IDENTITY_PROVIDER_ticket_to_string (ticket); | 386 | ticket_str = GNUNET_IDENTITY_PROVIDER_ticket_to_string (ticket); |
377 | token_ticket_json = json_string (ticket_str); | 387 | token_str = GNUNET_IDENTITY_PROVIDER_token_to_string (token); |
388 | ticket_json = json_string (ticket_str); | ||
389 | token_json = json_string (token_str); | ||
378 | GNUNET_REST_jsonapi_resource_add_attr (json_resource, | 390 | GNUNET_REST_jsonapi_resource_add_attr (json_resource, |
379 | GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET, | 391 | GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET, |
380 | token_ticket_json); | 392 | ticket_json); |
393 | GNUNET_REST_jsonapi_resource_add_attr (json_resource, | ||
394 | GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TOKEN, | ||
395 | token_json); | ||
381 | GNUNET_free (ticket_str); | 396 | GNUNET_free (ticket_str); |
382 | json_decref (token_ticket_json); | 397 | GNUNET_free (token_str); |
398 | json_decref (ticket_json); | ||
399 | json_decref (token_json); | ||
383 | GNUNET_REST_jsonapi_object_resource_add (handle->resp_object, json_resource); | 400 | GNUNET_REST_jsonapi_object_resource_add (handle->resp_object, json_resource); |
401 | |||
384 | GNUNET_REST_jsonapi_data_serialize (handle->resp_object, &result_str); | 402 | GNUNET_REST_jsonapi_data_serialize (handle->resp_object, &result_str); |
385 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Result %s\n", result_str); | 403 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Result %s\n", result_str); |
386 | resp = GNUNET_REST_create_json_response (result_str); | 404 | resp = GNUNET_REST_create_json_response (result_str); |
@@ -405,7 +423,7 @@ issue_token_cont (struct RestConnectionDataHandle *con, | |||
405 | { | 423 | { |
406 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; | 424 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; |
407 | const char *egoname; | 425 | const char *egoname; |
408 | 426 | ||
409 | struct RequestHandle *handle = cls; | 427 | struct RequestHandle *handle = cls; |
410 | struct EgoEntry *ego_entry; | 428 | struct EgoEntry *ego_entry; |
411 | struct GNUNET_HashCode key; | 429 | struct GNUNET_HashCode key; |
@@ -436,7 +454,7 @@ issue_token_cont (struct RestConnectionDataHandle *con, | |||
436 | GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST, | 454 | GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST, |
437 | strlen (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST), | 455 | strlen (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST), |
438 | &key); | 456 | &key); |
439 | if ( GNUNET_YES == | 457 | if ( GNUNET_YES != |
440 | GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map, | 458 | GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map, |
441 | &key) ) | 459 | &key) ) |
442 | { | 460 | { |
@@ -760,7 +778,7 @@ exchange_cont (void *cls, | |||
760 | 778 | ||
761 | root = json_object (); | 779 | root = json_object (); |
762 | token_str = GNUNET_IDENTITY_PROVIDER_token_to_string (token); | 780 | token_str = GNUNET_IDENTITY_PROVIDER_token_to_string (token); |
763 | json_object_set_new (root, "identity_token", json_string (token_str)); | 781 | json_object_set_new (root, "token", json_string (token_str)); |
764 | json_object_set_new (root, "token_type", json_string ("jwt")); | 782 | json_object_set_new (root, "token_type", json_string ("jwt")); |
765 | GNUNET_free (token_str); | 783 | GNUNET_free (token_str); |
766 | 784 | ||
@@ -1016,7 +1034,7 @@ rest_identity_process_request(struct RestConnectionDataHandle *conndata_handle, | |||
1016 | * @return NULL on error, otherwise the plugin context | 1034 | * @return NULL on error, otherwise the plugin context |
1017 | */ | 1035 | */ |
1018 | void * | 1036 | void * |
1019 | libgnunet_plugin_rest_identity_token_init (void *cls) | 1037 | libgnunet_plugin_rest_identity_provider_init (void *cls) |
1020 | { | 1038 | { |
1021 | static struct Plugin plugin; | 1039 | static struct Plugin plugin; |
1022 | struct GNUNET_REST_Plugin *api; | 1040 | struct GNUNET_REST_Plugin *api; |
@@ -1051,7 +1069,7 @@ libgnunet_plugin_rest_identity_token_init (void *cls) | |||
1051 | * @return always NULL | 1069 | * @return always NULL |
1052 | */ | 1070 | */ |
1053 | void * | 1071 | void * |
1054 | libgnunet_plugin_rest_identity_token_done (void *cls) | 1072 | libgnunet_plugin_rest_identity_provider_done (void *cls) |
1055 | { | 1073 | { |
1056 | struct GNUNET_REST_Plugin *api = cls; | 1074 | struct GNUNET_REST_Plugin *api = cls; |
1057 | struct Plugin *plugin = api->cls; | 1075 | struct Plugin *plugin = api->cls; |