summaryrefslogtreecommitdiff
path: root/src/reclaim
diff options
context:
space:
mode:
authorSchanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>2018-07-23 22:10:47 +0200
committerSchanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>2018-07-23 22:10:47 +0200
commit94c9fde8f4136432bb4cbc99ba5102702279df14 (patch)
treeddbad4ec76d0bcdc030a092c7e185c0dbe559a3a /src/reclaim
parent5fb272d662eca0707b1a5c7747ae476f8157d332 (diff)
switch to gnsrecord reclaim records for OIDC clients
Diffstat (limited to 'src/reclaim')
-rw-r--r--src/reclaim/plugin_gnsrecord_reclaim.c6
-rw-r--r--src/reclaim/plugin_rest_openid_connect.c65
2 files changed, 43 insertions, 28 deletions
diff --git a/src/reclaim/plugin_gnsrecord_reclaim.c b/src/reclaim/plugin_gnsrecord_reclaim.c
index 0322df752..181a4bbc2 100644
--- a/src/reclaim/plugin_gnsrecord_reclaim.c
+++ b/src/reclaim/plugin_gnsrecord_reclaim.c
@@ -57,6 +57,8 @@ value_to_string (void *cls,
return GNUNET_strndup (data, data_size);
case GNUNET_GNSRECORD_TYPE_ABE_KEY:
case GNUNET_GNSRECORD_TYPE_ABE_MASTER:
+ case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT:
+ case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT:
return GNUNET_STRINGS_data_to_string_alloc (data, data_size);
case GNUNET_GNSRECORD_TYPE_ID_TOKEN_METADATA: //DEPRECATED
ecdhe_privkey = data;
@@ -118,6 +120,8 @@ string_to_value (void *cls,
return GNUNET_OK;
case GNUNET_GNSRECORD_TYPE_ABE_KEY:
case GNUNET_GNSRECORD_TYPE_ABE_MASTER:
+ case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT:
+ case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT:
return GNUNET_STRINGS_string_to_data (s,
strlen (s),
*data,
@@ -181,6 +185,8 @@ static struct {
{ "ABE_KEY", GNUNET_GNSRECORD_TYPE_ABE_KEY },
{ "ABE_MASTER", GNUNET_GNSRECORD_TYPE_ABE_MASTER },
{ "ID_TOKEN_METADATA", GNUNET_GNSRECORD_TYPE_ID_TOKEN_METADATA },
+ { "RECLAIM_OIDC_CLIENT", GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT },
+ { "RECLAIM_OIDC_REDIRECT", GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT },
{ NULL, UINT32_MAX }
};
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c
index 1846df901..99459427c 100644
--- a/src/reclaim/plugin_rest_openid_connect.c
+++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -886,38 +886,47 @@ lookup_redirect_uri_result (void *cls,
struct GNUNET_CRYPTO_EcdsaPublicKey redirect_zone;
handle->gns_op = NULL;
- if (1 != rd_count)
+ if (0 == rd_count)
{
handle->emsg = GNUNET_strdup("server_error");
handle->edesc = GNUNET_strdup("Server cannot generate ticket, redirect uri not found.");
GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
return;
}
- tmp = GNUNET_strdup (rd->data);
- pos = strrchr (tmp,
- (unsigned char) '.');
- *pos = '\0';
- handle->redirect_prefix = GNUNET_strdup (tmp);
- tmp_key_str = pos + 1;
- pos = strchr (tmp_key_str,
- (unsigned char) '/');
- *pos = '\0';
- handle->redirect_suffix = GNUNET_strdup (pos + 1);
-
- GNUNET_STRINGS_string_to_data (tmp_key_str,
- strlen (tmp_key_str),
- &redirect_zone,
- sizeof (redirect_zone));
-
- GNUNET_NAMESTORE_zone_to_name (handle->namestore_handle,
- &handle->priv_key,
- &redirect_zone,
- &get_client_name_error,
- handle,
- &get_client_name_result,
- handle);
- GNUNET_free (tmp);
-
+ for (int i = 0; i < rd_count; i++)
+ {
+ if (0 != strcmp (rd[0].data,
+ handle->oidc->redirect_uri))
+ continue;
+ tmp = GNUNET_strdup (rd[0].data);
+ pos = strrchr (tmp,
+ (unsigned char) '.');
+ *pos = '\0';
+ handle->redirect_prefix = GNUNET_strdup (tmp);
+ tmp_key_str = pos + 1;
+ pos = strchr (tmp_key_str,
+ (unsigned char) '/');
+ *pos = '\0';
+ handle->redirect_suffix = GNUNET_strdup (pos + 1);
+
+ GNUNET_STRINGS_string_to_data (tmp_key_str,
+ strlen (tmp_key_str),
+ &redirect_zone,
+ sizeof (redirect_zone));
+
+ GNUNET_NAMESTORE_zone_to_name (handle->namestore_handle,
+ &handle->priv_key,
+ &redirect_zone,
+ &get_client_name_error,
+ handle,
+ &get_client_name_result,
+ handle);
+ GNUNET_free (tmp);
+ return;
+ }
+ handle->emsg = GNUNET_strdup("server_error");
+ handle->edesc = GNUNET_strdup("Server cannot generate ticket, redirect uri not found.");
+ GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
}
/**
@@ -940,9 +949,9 @@ oidc_ticket_issue_cb (void* cls,
return;
}
handle->gns_op = GNUNET_GNS_lookup (handle->gns_handle,
- handle->oidc->redirect_uri,
+ "+",
&handle->oidc->client_pkey,
- GNUNET_DNSPARSER_TYPE_TXT,
+ GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT,
GNUNET_GNS_LO_DEFAULT,
&lookup_redirect_uri_result,
handle);