Basic Functionality Implemented

author: Markus Voggenreiter <Markus.Voggenreiter@tum.de> 2019-11-27 12:30:49 +0100
committer: Schanzenbach, Martin <mschanzenbach@posteo.de> 2020-01-13 13:31:05 +0100
commit: cb08bbcbefc98afe6b8c7600bb0dfb1241343cff (patch)
tree: ec801cb4e772bd245ca8d22f19bc751ca67d2737 /src/reclaim/plugin_rest_openid_connect.c
parent: c0fce9ca75973a646f80372fcc08c059818ba548 (diff)
download: gnunet-cb08bbcbefc98afe6b8c7600bb0dfb1241343cff.tar.gz
gnunet-cb08bbcbefc98afe6b8c7600bb0dfb1241343cff.zip
1 files changed, 126 insertions, 41 deletions
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c
index 2c4b75c3f..741094f21 100644
--- a/src/reclaim/plugin_rest_openid_connect.c
+++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -120,6 +120,11 @@
 #define OIDC_NONCE_KEY "nonce"
 /**
+ * OIDC claims key
+ */
+#define OIDC_CLAIMS_KEY "claims"
+/**
 * OIDC PKCE code challenge
 */
 #define OIDC_CODE_CHALLENGE_KEY "code_challenge"
@@ -291,6 +296,11 @@ struct OIDC_Variables
  char *nonce;
  /**
+   * The OIDC claims
+   */
+  char *claims;
+  /**
   * The OIDC response type
   */
  char *response_type;
@@ -560,7 +570,12 @@ cleanup_handle (struct RequestHandle *handle)
    {
      claim_tmp = claim_entry;
      claim_entry = claim_entry->next;
-      GNUNET_free (claim_tmp->claim);
+      if (NULL != claim_tmp->claim)
+        GNUNET_free (claim_tmp->claim);
+      if (NULL != claim_tmp->attest)
+        GNUNET_free (claim_tmp->attest);
+      if (NULL != claim_tmp->reference)
+        GNUNET_free (claim_tmp->reference);
      GNUNET_free (claim_tmp);
    }
    GNUNET_free (handle->attr_list);
@@ -697,7 +712,7 @@ return_userinfo_response (void *cls)
  struct MHD_Response *resp;
  result_str = json_dumps (handle->oidc->response, 0);
+  GNUNET_log (GNUNET_ERROR_TYPE_ERROR,"ID-Token: %s\n",result_str);
  resp = GNUNET_REST_create_response (result_str);
  handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
  GNUNET_free (result_str);
@@ -838,7 +853,7 @@ login_redirect (void *cls)
                                                          &login_base_url))
  {
    GNUNET_asprintf (&new_redirect,
-                     "%s?%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s",
+                     "%s?%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s",
                     login_base_url,
                     OIDC_RESPONSE_TYPE_KEY,
                     handle->oidc->response_type,
@@ -854,7 +869,10 @@ login_redirect (void *cls)
                     (NULL != handle->oidc->code_challenge) ?
                     handle->oidc->code_challenge : "",
                     OIDC_NONCE_KEY,
-                     (NULL != handle->oidc->nonce) ? handle->oidc->nonce : "");
+                     (NULL != handle->oidc->nonce) ? handle->oidc->nonce : "",
+                     OIDC_CLAIMS_KEY,
+                     (NULL != handle->oidc->claims) ? handle->oidc->claims :
+                     "");
    resp = GNUNET_REST_create_response ("");
    MHD_add_response_header (resp, "Location", new_redirect);
    GNUNET_free (login_base_url);
@@ -993,7 +1011,7 @@ oidc_attr_collect (void *cls,
    GNUNET_RECLAIM_get_attributes_next (handle->attr_it);
    return;
  }
-  if (NULL == attr)
+  if (NULL != reference)
  {
    if ((NULL == reference->name) || (NULL == reference->reference_value))
    {
@@ -1013,35 +1031,31 @@ oidc_attr_collect (void *cls,
      return;
    }
    GNUNET_free (scope_variables);
-    // Store references as attributes as they only use the ID later
+    struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le2;
-    const char *type_str = NULL;
+    le2 = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
-    char *data;
-    size_t data_size;
-    uint32_t type;
    le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
-    type_str = "String";
+    le->claim = NULL;
-    type = GNUNET_RECLAIM_ATTRIBUTE_typename_to_number (type_str);
+    le->reference = NULL;
-    if (GNUNET_SYSERR ==(GNUNET_RECLAIM_ATTRIBUTE_string_to_value (type,
+    le->attest = GNUNET_RECLAIM_ATTESTATION_claim_new (attest->name,
-                                                                   reference->
+                                                       attest->type,
-                                                                   reference_value,
+                                                       attest->data,
-                                                                   (void **) &
+                                                       attest->data_size);
-                                                                   data,
+    le->attest->id = attest->id;
-                                                                   &data_size)))
+    le2->attest = NULL;
-    {
+    le2->claim = NULL;
-      return;
+    le2->reference = GNUNET_RECLAIM_ATTESTATION_reference_new (reference->name,
-    }
+                                                               reference->
-    le->claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (reference->name,
+                                                               reference_value);
-                                                    type,
+    le2->reference->id = reference->id;
-                                                    data,
+    le2->reference->id_attest = reference->id_attest;
-                                                    data_size);
-    le->claim->id = reference->id;
-    le->claim->flag = 1;
    GNUNET_CONTAINER_DLL_insert (handle->attr_list->list_head,
                                 handle->attr_list->list_tail,
                                 le);
+    GNUNET_CONTAINER_DLL_insert (handle->attr_list->list_head,
+                                 handle->attr_list->list_tail,
+                                 le2);
  }
-  else
+  else if (NULL != attr)
  {
    if ((NULL == attr->name) || (NULL == attr->data))
    {
@@ -1063,8 +1077,9 @@ oidc_attr_collect (void *cls,
      return;
    }
    GNUNET_free (scope_variables);
    le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+    le->reference = NULL;
+    le->attest = NULL;
    le->claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (attr->name,
                                                    attr->type,
                                                    attr->data,
@@ -1362,6 +1377,9 @@ build_authz_response (void *cls)
  // OPTIONAL value: nonce
  handle->oidc->nonce = get_url_parameter_copy (handle, OIDC_NONCE_KEY);
+  // OPTIONAL value: claims
+  handle->oidc->claims = get_url_parameter_copy (handle, OIDC_CLAIMS_KEY);
  // TODO check other values if needed
  number_of_ignored_parameter =
    sizeof(OIDC_ignored_parameter_array) / sizeof(char *);
@@ -1918,8 +1936,8 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
 /**
- * Collects claims and stores them in handle
+     * Collects claims and stores them in handle
- */
+     */
 static void
 consume_ticket (void *cls,
                const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
@@ -1928,20 +1946,87 @@ consume_ticket (void *cls,
                const struct GNUNET_RECLAIM_ATTESTATION_REFERENCE *reference)
 {
  struct RequestHandle *handle = cls;
-  char *tmp_value;
-  json_t *value;
  if (NULL == identity)
  {
    GNUNET_SCHEDULER_add_now (&return_userinfo_response, handle);
    return;
  }
-  tmp_value = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (attr->type,
+  if (NULL != attr)
-                                                        attr->data,
+  {
-                                                        attr->data_size);
+    char *tmp_value;
-  value = json_string (tmp_value);
+    json_t *value;
-  json_object_set_new (handle->oidc->response, attr->name, value);
+    tmp_value = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (attr->type,
-  GNUNET_free (tmp_value);
+                                                          attr->data,
+                                                          attr->data_size);
+    value = json_string (tmp_value);
+    json_object_set_new (handle->oidc->response, attr->name, value);
+    GNUNET_free (tmp_value);
+  }
+  else if ((NULL != attest) && (NULL != reference))
+  {
+    json_t *claim_sources;
+    json_t *claim_sources_jwt;
+    json_t *claim_names;
+    char *attest_val_str;
+    claim_sources=json_object_get(handle->oidc->response,"_claim_sources");
+    claim_names=json_object_get(handle->oidc->response,"_claim_names");
+    attest_val_str = GNUNET_RECLAIM_ATTESTATION_value_to_string (attest->type,
+                                                                 attest->data,
+                                                                 attest->
+                                                                 data_size);
+    if ((NULL == claim_sources) && (NULL == claim_names) )
+    {
+      claim_sources = json_object ();
+      claim_names = json_object ();
+    }
+    char *source_name;
+    int i = 0;
+    GNUNET_asprintf (&source_name,"src%d",i);
+    while (NULL != (claim_sources_jwt = json_object_get (claim_sources,
+                                                         source_name)))
+    {
+      if (0 == strcmp (json_string_value (json_object_get (claim_sources_jwt,
+                                                           "JWT")),
+                       attest_val_str))
+      {
+        // Adapt only the claim names
+        json_object_set_new (claim_names, reference->name, json_string (
+                               source_name));
+        json_object_set (handle->oidc->response, "_claim_names",claim_names);
+        handle->oidc->response = json_deep_copy(handle->oidc->response);
+        break;
+      }
+      i++;
+      GNUNET_asprintf (&source_name,"src%d",i);
+    }
+    // Create new one
+    if (NULL == claim_sources_jwt)
+    {
+      claim_sources_jwt = json_object ();
+      // Set the JWT for names
+      json_object_set_new (claim_names, reference->name, json_string (
+                             source_name));
+      // Set the JWT for the inner source
+      json_object_set_new (claim_sources_jwt, "JWT", json_string (
+                             attest_val_str));
+      // Set the JWT for the source
+      json_object_set_new (claim_sources, source_name,claim_sources_jwt);
+      // Set as claims
+      json_object_set (handle->oidc->response, "_claim_names", claim_names);
+      json_object_set (handle->oidc->response, "_claim_sources",claim_sources);
+      handle->oidc->response = json_deep_copy(handle->oidc->response);
+    }
+    json_decref (claim_sources);
+    json_decref (claim_names);
+    json_decref (claim_sources_jwt);
+    GNUNET_free (attest_val_str);
+  }
+  else
+  {
+    // REMARK: We should not find any claim, one of attest/ref is NULL
+  }
 }
author	Markus Voggenreiter <Markus.Voggenreiter@tum.de>	2019-11-27 12:30:49 +0100
committer	Schanzenbach, Martin <mschanzenbach@posteo.de>	2020-01-13 13:31:05 +0100
commit	cb08bbcbefc98afe6b8c7600bb0dfb1241343cff (patch)
tree	ec801cb4e772bd245ca8d22f19bc751ca67d2737 /src/reclaim/plugin_rest_openid_connect.c
parent	c0fce9ca75973a646f80372fcc08c059818ba548 (diff)
download	gnunet-cb08bbcbefc98afe6b8c7600bb0dfb1241343cff.tar.gz gnunet-cb08bbcbefc98afe6b8c7600bb0dfb1241343cff.zip

diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c index 2c4b75c3f..741094f21 100644 --- a/src/reclaim/plugin_rest_openid_connect.c +++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -120,6 +120,11 @@
120	#define OIDC_NONCE_KEY "nonce"	120	#define OIDC_NONCE_KEY "nonce"
121		121
122	/**	122	/**
		123	* OIDC claims key
		124	*/
		125	#define OIDC_CLAIMS_KEY "claims"
		126
		127	/**
123	* OIDC PKCE code challenge	128	* OIDC PKCE code challenge
124	*/	129	*/
125	#define OIDC_CODE_CHALLENGE_KEY "code_challenge"	130	#define OIDC_CODE_CHALLENGE_KEY "code_challenge"
@@ -291,6 +296,11 @@ struct OIDC_Variables
291	char *nonce;	296	char *nonce;
292		297
293	/**	298	/**
		299	* The OIDC claims
		300	*/
		301	char *claims;
		302
		303	/**
294	* The OIDC response type	304	* The OIDC response type
295	*/	305	*/
296	char *response_type;	306	char *response_type;
@@ -560,7 +570,12 @@ cleanup_handle (struct RequestHandle *handle)
560	{	570	{
561	claim_tmp = claim_entry;	571	claim_tmp = claim_entry;
562	claim_entry = claim_entry->next;	572	claim_entry = claim_entry->next;
563	GNUNET_free (claim_tmp->claim);	573	if (NULL != claim_tmp->claim)
		574	GNUNET_free (claim_tmp->claim);
		575	if (NULL != claim_tmp->attest)
		576	GNUNET_free (claim_tmp->attest);
		577	if (NULL != claim_tmp->reference)
		578	GNUNET_free (claim_tmp->reference);
564	GNUNET_free (claim_tmp);	579	GNUNET_free (claim_tmp);
565	}	580	}
566	GNUNET_free (handle->attr_list);	581	GNUNET_free (handle->attr_list);
@@ -697,7 +712,7 @@ return_userinfo_response (void *cls)
697	struct MHD_Response *resp;	712	struct MHD_Response *resp;
698		713
699	result_str = json_dumps (handle->oidc->response, 0);	714	result_str = json_dumps (handle->oidc->response, 0);
700		715	GNUNET_log (GNUNET_ERROR_TYPE_ERROR,"ID-Token: %s\n",result_str);
701	resp = GNUNET_REST_create_response (result_str);	716	resp = GNUNET_REST_create_response (result_str);
702	handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);	717	handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
703	GNUNET_free (result_str);	718	GNUNET_free (result_str);
@@ -838,7 +853,7 @@ login_redirect (void *cls)
838	&login_base_url))	853	&login_base_url))
839	{	854	{
840	GNUNET_asprintf (&new_redirect,	855	GNUNET_asprintf (&new_redirect,
841	"%s?%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s",	856	"%s?%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s",
842	login_base_url,	857	login_base_url,
843	OIDC_RESPONSE_TYPE_KEY,	858	OIDC_RESPONSE_TYPE_KEY,
844	handle->oidc->response_type,	859	handle->oidc->response_type,
@@ -854,7 +869,10 @@ login_redirect (void *cls)
854	(NULL != handle->oidc->code_challenge) ?	869	(NULL != handle->oidc->code_challenge) ?
855	handle->oidc->code_challenge : "",	870	handle->oidc->code_challenge : "",
856	OIDC_NONCE_KEY,	871	OIDC_NONCE_KEY,
857	(NULL != handle->oidc->nonce) ? handle->oidc->nonce : "");	872	(NULL != handle->oidc->nonce) ? handle->oidc->nonce : "",
		873	OIDC_CLAIMS_KEY,
		874	(NULL != handle->oidc->claims) ? handle->oidc->claims :
		875	"");
858	resp = GNUNET_REST_create_response ("");	876	resp = GNUNET_REST_create_response ("");
859	MHD_add_response_header (resp, "Location", new_redirect);	877	MHD_add_response_header (resp, "Location", new_redirect);
860	GNUNET_free (login_base_url);	878	GNUNET_free (login_base_url);
@@ -993,7 +1011,7 @@ oidc_attr_collect (void *cls,
993	GNUNET_RECLAIM_get_attributes_next (handle->attr_it);	1011	GNUNET_RECLAIM_get_attributes_next (handle->attr_it);
994	return;	1012	return;
995	}	1013	}
996	if (NULL == attr)	1014	if (NULL != reference)
997	{	1015	{
998	if ((NULL == reference->name) \|\| (NULL == reference->reference_value))	1016	if ((NULL == reference->name) \|\| (NULL == reference->reference_value))
999	{	1017	{
@@ -1013,35 +1031,31 @@ oidc_attr_collect (void *cls,
1013	return;	1031	return;
1014	}	1032	}
1015	GNUNET_free (scope_variables);	1033	GNUNET_free (scope_variables);
1016	// Store references as attributes as they only use the ID later	1034	struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le2;
1017	const char *type_str = NULL;	1035	le2 = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
1018	char *data;
1019	size_t data_size;
1020	uint32_t type;
1021	le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);	1036	le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
1022	type_str = "String";	1037	le->claim = NULL;
1023	type = GNUNET_RECLAIM_ATTRIBUTE_typename_to_number (type_str);	1038	le->reference = NULL;
1024	if (GNUNET_SYSERR ==(GNUNET_RECLAIM_ATTRIBUTE_string_to_value (type,	1039	le->attest = GNUNET_RECLAIM_ATTESTATION_claim_new (attest->name,
1025	reference->	1040	attest->type,
1026	reference_value,	1041	attest->data,
1027	(void **) &	1042	attest->data_size);
1028	data,	1043	le->attest->id = attest->id;
1029	&data_size)))	1044	le2->attest = NULL;
1030	{	1045	le2->claim = NULL;
1031	return;	1046	le2->reference = GNUNET_RECLAIM_ATTESTATION_reference_new (reference->name,
1032	}	1047	reference->
1033	le->claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (reference->name,	1048	reference_value);
1034	type,	1049	le2->reference->id = reference->id;
1035	data,	1050	le2->reference->id_attest = reference->id_attest;
1036	data_size);
1037	le->claim->id = reference->id;
1038	le->claim->flag = 1;
1039
1040	GNUNET_CONTAINER_DLL_insert (handle->attr_list->list_head,	1051	GNUNET_CONTAINER_DLL_insert (handle->attr_list->list_head,
1041	handle->attr_list->list_tail,	1052	handle->attr_list->list_tail,
1042	le);	1053	le);
		1054	GNUNET_CONTAINER_DLL_insert (handle->attr_list->list_head,
		1055	handle->attr_list->list_tail,
		1056	le2);
1043	}	1057	}
1044	else	1058	else if (NULL != attr)
1045	{	1059	{
1046	if ((NULL == attr->name) \|\| (NULL == attr->data))	1060	if ((NULL == attr->name) \|\| (NULL == attr->data))
1047	{	1061	{
@@ -1063,8 +1077,9 @@ oidc_attr_collect (void *cls,
1063	return;	1077	return;
1064	}	1078	}
1065	GNUNET_free (scope_variables);	1079	GNUNET_free (scope_variables);
1066
1067	le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);	1080	le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
		1081	le->reference = NULL;
		1082	le->attest = NULL;
1068	le->claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (attr->name,	1083	le->claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (attr->name,
1069	attr->type,	1084	attr->type,
1070	attr->data,	1085	attr->data,
@@ -1362,6 +1377,9 @@ build_authz_response (void *cls)
1362	// OPTIONAL value: nonce	1377	// OPTIONAL value: nonce
1363	handle->oidc->nonce = get_url_parameter_copy (handle, OIDC_NONCE_KEY);	1378	handle->oidc->nonce = get_url_parameter_copy (handle, OIDC_NONCE_KEY);
1364		1379
		1380	// OPTIONAL value: claims
		1381	handle->oidc->claims = get_url_parameter_copy (handle, OIDC_CLAIMS_KEY);
		1382
1365	// TODO check other values if needed	1383	// TODO check other values if needed
1366	number_of_ignored_parameter =	1384	number_of_ignored_parameter =
1367	sizeof(OIDC_ignored_parameter_array) / sizeof(char *);	1385	sizeof(OIDC_ignored_parameter_array) / sizeof(char *);
@@ -1918,8 +1936,8 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
1918		1936
1919		1937
1920	/**	1938	/**
1921	* Collects claims and stores them in handle	1939	* Collects claims and stores them in handle
1922	*/	1940	*/
1923	static void	1941	static void
1924	consume_ticket (void *cls,	1942	consume_ticket (void *cls,
1925	const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,	1943	const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
@@ -1928,20 +1946,87 @@ consume_ticket (void *cls,
1928	const struct GNUNET_RECLAIM_ATTESTATION_REFERENCE *reference)	1946	const struct GNUNET_RECLAIM_ATTESTATION_REFERENCE *reference)
1929	{	1947	{
1930	struct RequestHandle *handle = cls;	1948	struct RequestHandle *handle = cls;
1931	char *tmp_value;
1932	json_t *value;
1933
1934	if (NULL == identity)	1949	if (NULL == identity)
1935	{	1950	{
1936	GNUNET_SCHEDULER_add_now (&return_userinfo_response, handle);	1951	GNUNET_SCHEDULER_add_now (&return_userinfo_response, handle);
1937	return;	1952	return;
1938	}	1953	}
1939	tmp_value = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (attr->type,	1954	if (NULL != attr)
1940	attr->data,	1955	{
1941	attr->data_size);	1956	char *tmp_value;
1942	value = json_string (tmp_value);	1957	json_t *value;
1943	json_object_set_new (handle->oidc->response, attr->name, value);	1958	tmp_value = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (attr->type,
1944	GNUNET_free (tmp_value);	1959	attr->data,
		1960	attr->data_size);
		1961	value = json_string (tmp_value);
		1962	json_object_set_new (handle->oidc->response, attr->name, value);
		1963	GNUNET_free (tmp_value);
		1964	}
		1965	else if ((NULL != attest) && (NULL != reference))
		1966	{
		1967	json_t *claim_sources;
		1968	json_t *claim_sources_jwt;
		1969	json_t *claim_names;
		1970	char *attest_val_str;
		1971	claim_sources=json_object_get(handle->oidc->response,"_claim_sources");
		1972	claim_names=json_object_get(handle->oidc->response,"_claim_names");
		1973	attest_val_str = GNUNET_RECLAIM_ATTESTATION_value_to_string (attest->type,
		1974	attest->data,
		1975	attest->
		1976	data_size);
		1977	if ((NULL == claim_sources) && (NULL == claim_names) )
		1978	{
		1979	claim_sources = json_object ();
		1980	claim_names = json_object ();
		1981	}
		1982	char *source_name;
		1983	int i = 0;
		1984	GNUNET_asprintf (&source_name,"src%d",i);
		1985	while (NULL != (claim_sources_jwt = json_object_get (claim_sources,
		1986	source_name)))
		1987	{
		1988	if (0 == strcmp (json_string_value (json_object_get (claim_sources_jwt,
		1989	"JWT")),
		1990	attest_val_str))
		1991	{
		1992	// Adapt only the claim names
		1993	json_object_set_new (claim_names, reference->name, json_string (
		1994	source_name));
		1995	json_object_set (handle->oidc->response, "_claim_names",claim_names);
		1996	handle->oidc->response = json_deep_copy(handle->oidc->response);
		1997	break;
		1998	}
		1999	i++;
		2000	GNUNET_asprintf (&source_name,"src%d",i);
		2001	}
		2002
		2003	// Create new one
		2004	if (NULL == claim_sources_jwt)
		2005	{
		2006	claim_sources_jwt = json_object ();
		2007	// Set the JWT for names
		2008	json_object_set_new (claim_names, reference->name, json_string (
		2009	source_name));
		2010	// Set the JWT for the inner source
		2011	json_object_set_new (claim_sources_jwt, "JWT", json_string (
		2012	attest_val_str));
		2013	// Set the JWT for the source
		2014	json_object_set_new (claim_sources, source_name,claim_sources_jwt);
		2015	// Set as claims
		2016	json_object_set (handle->oidc->response, "_claim_names", claim_names);
		2017	json_object_set (handle->oidc->response, "_claim_sources",claim_sources);
		2018	handle->oidc->response = json_deep_copy(handle->oidc->response);
		2019	}
		2020
		2021	json_decref (claim_sources);
		2022	json_decref (claim_names);
		2023	json_decref (claim_sources_jwt);
		2024	GNUNET_free (attest_val_str);
		2025	}
		2026	else
		2027	{
		2028	// REMARK: We should not find any claim, one of attest/ref is NULL
		2029	}
1945	}	2030	}
1946		2031
1947		2032