add expiration

author: Schanzenbach, Martin <mschanzenbach@posteo.de> 2020-02-07 21:15:59 +0100
committer: Schanzenbach, Martin <mschanzenbach@posteo.de> 2020-02-09 20:38:11 +0100
commit: e8ea1f3e34e2a07cbe2fd4725e7362027d0c51c3 (patch)
tree: 5b11a525700872147d92d8195615e4352d6d18b1 /src/reclaim/plugin_reclaim_attestation_jwt.c
parent: 5f9f9cae1714eb33e0ee9c824f3d88e6aab8cf63 (diff)
download: gnunet-e8ea1f3e34e2a07cbe2fd4725e7362027d0c51c3.tar.gz
gnunet-e8ea1f3e34e2a07cbe2fd4725e7362027d0c51c3.zip
1 files changed, 94 insertions, 6 deletions
diff --git a/src/reclaim/plugin_reclaim_attestation_jwt.c b/src/reclaim/plugin_reclaim_attestation_jwt.c
index 8a67b18cd..ec31584d5 100644
--- a/src/reclaim/plugin_reclaim_attestation_jwt.c
+++ b/src/reclaim/plugin_reclaim_attestation_jwt.c
@@ -142,12 +142,12 @@ jwt_number_to_typename (void *cls, uint32_t type)
  return jwt_attest_name_map[i].name;
 }
 /**
 * Parse a JWT and return the respective claim value as Attribute
 *
+ * @param cls the plugin
 * @param attest the jwt attestation
- * @param claim the name of the claim in the JWT
- *
 * @return a GNUNET_RECLAIM_Attribute, containing the new value
 */
 struct GNUNET_RECLAIM_AttributeList *
@@ -163,6 +163,7 @@ jwt_parse_attributes (void *cls,
  json_t *json_val;
  json_error_t *json_err = NULL;
+  GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "%s\n", attest->data);
  if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type)
    return NULL;
  attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
@@ -170,27 +171,112 @@ jwt_parse_attributes (void *cls,
  jwt_string = GNUNET_strdup (attest->data);
  const char *jwt_body = strtok (jwt_string, delim);
  jwt_body = strtok (NULL, delim);
-  GNUNET_STRINGS_base64_decode (jwt_body, strlen (jwt_body),
+  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
-                                (void **) &decoded_jwt);
+                                   (void **) &decoded_jwt);
+  GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n", decoded_jwt);
+  GNUNET_assert (NULL != decoded_jwt);
  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
  const char *key;
  json_t *value;
  json_object_foreach (json_val, key, value) {
+    if (0 == strcmp ("iss", key))
+      continue;
+    if (0 == strcmp ("exp", key))
+      continue;
+    if (0 == strcmp ("iat", key))
+      continue;
+    if (0 == strcmp ("nbf", key))
+      continue;
+    if (0 == strcmp ("aud", key))
+      continue;
    val_str = json_dumps (value, JSON_ENCODE_ANY);
    GNUNET_RECLAIM_attribute_list_add (attrs,
                                       key,
                                       NULL,
-                                       GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,//FIXME
+                                       GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,// FIXME
                                       val_str,
                                       strlen (val_str));
    GNUNET_free (val_str);
  }
  GNUNET_free (jwt_string);
-  //FIXME needed??
  return attrs;
 }
+/**
+ * Parse a JWT and return the issuer
+ *
+ * @param cls the plugin
+ * @param attest the jwt attestation
+ * @return a string, containing the isser
+ */
+char *
+jwt_get_issuer (void *cls,
+                const struct GNUNET_RECLAIM_Attestation *attest)
+{
+  const char *jwt_body;
+  char *jwt_string;
+  char delim[] = ".";
+  char *issuer = NULL;
+  char *decoded_jwt;
+  json_t *issuer_json;
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
+  json_t *json_val;
+  json_error_t *json_err = NULL;
+  if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type)
+    return NULL;
+  jwt_string = GNUNET_strdup (attest->data);
+  jwt_body = strtok (jwt_string, delim);
+  jwt_body = strtok (NULL, delim);
+  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
+                                   (void **) &decoded_jwt);
+  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
+  issuer_json = json_object_get (json_val, "iss");
+  if ((NULL == issuer_json) || (! json_is_string (issuer_json)))
+    return NULL;
+  issuer = GNUNET_strdup (json_string_value (issuer_json));
+  GNUNET_free (jwt_string);
+  return issuer;
+}
+/**
+ * Parse a JWT and return the expiration
+ *
+ * @param cls the plugin
+ * @param attest the jwt attestation
+ * @return a string, containing the isser
+ */
+int
+jwt_get_expiration (void *cls,
+                    const struct GNUNET_RECLAIM_Attestation *attest,
+                    struct GNUNET_TIME_Absolute *exp)
+{
+  const char *jwt_body;
+  char *jwt_string;
+  char delim[] = ".";
+  char *decoded_jwt;
+  json_t *exp_json;
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
+  json_t *json_val;
+  json_error_t *json_err = NULL;
+  if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type)
+    return GNUNET_NO;
+  jwt_string = GNUNET_strdup (attest->data);
+  jwt_body = strtok (jwt_string, delim);
+  jwt_body = strtok (NULL, delim);
+  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
+                                   (void **) &decoded_jwt);
+  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
+  exp_json = json_object_get (json_val, "exp");
+  if ((NULL == exp_json) || (! json_is_integer (exp_json)))
+    return GNUNET_SYSERR;
+  exp->abs_value_us = json_integer_value (exp_json) * 1000 * 1000;
+  GNUNET_free (jwt_string);
+  return GNUNET_OK;
+}
 /**
@@ -210,6 +296,8 @@ libgnunet_plugin_reclaim_attestation_jwt_init (void *cls)
  api->typename_to_number = &jwt_typename_to_number;
  api->number_to_typename = &jwt_number_to_typename;
  api->get_attributes = &jwt_parse_attributes;
+  api->get_issuer = &jwt_get_issuer;
+  api->get_expiration = &jwt_get_expiration;
  return api;
 }
author	Schanzenbach, Martin <mschanzenbach@posteo.de>	2020-02-07 21:15:59 +0100
committer	Schanzenbach, Martin <mschanzenbach@posteo.de>	2020-02-09 20:38:11 +0100
commit	e8ea1f3e34e2a07cbe2fd4725e7362027d0c51c3 (patch)
tree	5b11a525700872147d92d8195615e4352d6d18b1 /src/reclaim/plugin_reclaim_attestation_jwt.c
parent	5f9f9cae1714eb33e0ee9c824f3d88e6aab8cf63 (diff)
download	gnunet-e8ea1f3e34e2a07cbe2fd4725e7362027d0c51c3.tar.gz gnunet-e8ea1f3e34e2a07cbe2fd4725e7362027d0c51c3.zip

diff --git a/src/reclaim/plugin_reclaim_attestation_jwt.c b/src/reclaim/plugin_reclaim_attestation_jwt.c index 8a67b18cd..ec31584d5 100644 --- a/src/reclaim/plugin_reclaim_attestation_jwt.c +++ b/src/reclaim/plugin_reclaim_attestation_jwt.c
@@ -142,12 +142,12 @@ jwt_number_to_typename (void *cls, uint32_t type)
142	return jwt_attest_name_map[i].name;	142	return jwt_attest_name_map[i].name;
143	}	143	}
144		144
		145
145	/**	146	/**
146	* Parse a JWT and return the respective claim value as Attribute	147	* Parse a JWT and return the respective claim value as Attribute
147	*	148	*
		149	* @param cls the plugin
148	* @param attest the jwt attestation	150	* @param attest the jwt attestation
149	* @param claim the name of the claim in the JWT
150	*
151	* @return a GNUNET_RECLAIM_Attribute, containing the new value	151	* @return a GNUNET_RECLAIM_Attribute, containing the new value
152	*/	152	*/
153	struct GNUNET_RECLAIM_AttributeList *	153	struct GNUNET_RECLAIM_AttributeList *
@@ -163,6 +163,7 @@ jwt_parse_attributes (void *cls,
163	json_t *json_val;	163	json_t *json_val;
164	json_error_t *json_err = NULL;	164	json_error_t *json_err = NULL;
165		165
		166	GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "%s\n", attest->data);
166	if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type)	167	if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type)
167	return NULL;	168	return NULL;
168	attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);	169	attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
@@ -170,27 +171,112 @@ jwt_parse_attributes (void *cls,
170	jwt_string = GNUNET_strdup (attest->data);	171	jwt_string = GNUNET_strdup (attest->data);
171	const char *jwt_body = strtok (jwt_string, delim);	172	const char *jwt_body = strtok (jwt_string, delim);
172	jwt_body = strtok (NULL, delim);	173	jwt_body = strtok (NULL, delim);
173	GNUNET_STRINGS_base64_decode (jwt_body, strlen (jwt_body),	174	GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
174	(void **) &decoded_jwt);	175	(void **) &decoded_jwt);
		176	GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n", decoded_jwt);
		177	GNUNET_assert (NULL != decoded_jwt);
175	json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);	178	json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
176	const char *key;	179	const char *key;
177	json_t *value;	180	json_t *value;
178	json_object_foreach (json_val, key, value) {	181	json_object_foreach (json_val, key, value) {
		182	if (0 == strcmp ("iss", key))
		183	continue;
		184	if (0 == strcmp ("exp", key))
		185	continue;
		186	if (0 == strcmp ("iat", key))
		187	continue;
		188	if (0 == strcmp ("nbf", key))
		189	continue;
		190	if (0 == strcmp ("aud", key))
		191	continue;
179	val_str = json_dumps (value, JSON_ENCODE_ANY);	192	val_str = json_dumps (value, JSON_ENCODE_ANY);
180	GNUNET_RECLAIM_attribute_list_add (attrs,	193	GNUNET_RECLAIM_attribute_list_add (attrs,
181	key,	194	key,
182	NULL,	195	NULL,
183	GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,//FIXME	196	GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,// FIXME
184	val_str,	197	val_str,
185	strlen (val_str));	198	strlen (val_str));
186	GNUNET_free (val_str);	199	GNUNET_free (val_str);
187	}	200	}
188	GNUNET_free (jwt_string);	201	GNUNET_free (jwt_string);
189	//FIXME needed??
190	return attrs;	202	return attrs;
191	}	203	}
192		204
193		205
		206	/**
		207	* Parse a JWT and return the issuer
		208	*
		209	* @param cls the plugin
		210	* @param attest the jwt attestation
		211	* @return a string, containing the isser
		212	*/
		213	char *
		214	jwt_get_issuer (void *cls,
		215	const struct GNUNET_RECLAIM_Attestation *attest)
		216	{
		217	const char *jwt_body;
		218	char *jwt_string;
		219	char delim[] = ".";
		220	char *issuer = NULL;
		221	char *decoded_jwt;
		222	json_t *issuer_json;
		223	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
		224	json_t *json_val;
		225	json_error_t *json_err = NULL;
		226
		227	if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type)
		228	return NULL;
		229	jwt_string = GNUNET_strdup (attest->data);
		230	jwt_body = strtok (jwt_string, delim);
		231	jwt_body = strtok (NULL, delim);
		232	GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
		233	(void **) &decoded_jwt);
		234	json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
		235	issuer_json = json_object_get (json_val, "iss");
		236	if ((NULL == issuer_json) \|\| (! json_is_string (issuer_json)))
		237	return NULL;
		238	issuer = GNUNET_strdup (json_string_value (issuer_json));
		239	GNUNET_free (jwt_string);
		240	return issuer;
		241	}
		242
		243
		244	/**
		245	* Parse a JWT and return the expiration
		246	*
		247	* @param cls the plugin
		248	* @param attest the jwt attestation
		249	* @return a string, containing the isser
		250	*/
		251	int
		252	jwt_get_expiration (void *cls,
		253	const struct GNUNET_RECLAIM_Attestation *attest,
		254	struct GNUNET_TIME_Absolute *exp)
		255	{
		256	const char *jwt_body;
		257	char *jwt_string;
		258	char delim[] = ".";
		259	char *decoded_jwt;
		260	json_t *exp_json;
		261	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
		262	json_t *json_val;
		263	json_error_t *json_err = NULL;
		264
		265	if (GNUNET_RECLAIM_ATTESTATION_TYPE_JWT != attest->type)
		266	return GNUNET_NO;
		267	jwt_string = GNUNET_strdup (attest->data);
		268	jwt_body = strtok (jwt_string, delim);
		269	jwt_body = strtok (NULL, delim);
		270	GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
		271	(void **) &decoded_jwt);
		272	json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
		273	exp_json = json_object_get (json_val, "exp");
		274	if ((NULL == exp_json) \|\| (! json_is_integer (exp_json)))
		275	return GNUNET_SYSERR;
		276	exp->abs_value_us = json_integer_value (exp_json) * 1000 * 1000;
		277	GNUNET_free (jwt_string);
		278	return GNUNET_OK;
		279	}
194		280
195		281
196	/**	282	/**
@@ -210,6 +296,8 @@ libgnunet_plugin_reclaim_attestation_jwt_init (void *cls)
210	api->typename_to_number = &jwt_typename_to_number;	296	api->typename_to_number = &jwt_typename_to_number;
211	api->number_to_typename = &jwt_number_to_typename;	297	api->number_to_typename = &jwt_number_to_typename;
212	api->get_attributes = &jwt_parse_attributes;	298	api->get_attributes = &jwt_parse_attributes;
		299	api->get_issuer = &jwt_get_issuer;
		300	api->get_expiration = &jwt_get_expiration;
213	return api;	301	return api;
214	}	302	}
215		303