aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorSchanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>2018-07-23 22:10:47 +0200
committerSchanzenbach, Martin <martin.schanzenbach@aisec.fraunhofer.de>2018-07-23 22:10:47 +0200
commit94c9fde8f4136432bb4cbc99ba5102702279df14 (patch)
treeddbad4ec76d0bcdc030a092c7e185c0dbe559a3a /src
parent5fb272d662eca0707b1a5c7747ae476f8157d332 (diff)
downloadgnunet-94c9fde8f4136432bb4cbc99ba5102702279df14.tar.gz
gnunet-94c9fde8f4136432bb4cbc99ba5102702279df14.zip
switch to gnsrecord reclaim records for OIDC clients
Diffstat (limited to 'src')
-rw-r--r--src/include/gnunet_gnsrecord_lib.h10
-rw-r--r--src/reclaim/plugin_gnsrecord_reclaim.c6
-rw-r--r--src/reclaim/plugin_rest_openid_connect.c65
3 files changed, 53 insertions, 28 deletions
diff --git a/src/include/gnunet_gnsrecord_lib.h b/src/include/gnunet_gnsrecord_lib.h
index 20846238b..693cc6cdb 100644
--- a/src/include/gnunet_gnsrecord_lib.h
+++ b/src/include/gnunet_gnsrecord_lib.h
@@ -132,6 +132,16 @@ extern "C"
132#define GNUNET_GNSRECORD_TYPE_ABE_MASTER 65551 132#define GNUNET_GNSRECORD_TYPE_ABE_MASTER 65551
133 133
134/** 134/**
135 * Record type for reclaim OIDC clients
136 */
137#define GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT 65552
138
139/**
140 * Record type for reclaim OIDC redirect URIs
141 */
142#define GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT 65553
143
144/**
135 * Flags that can be set for a record. 145 * Flags that can be set for a record.
136 */ 146 */
137enum GNUNET_GNSRECORD_Flags 147enum GNUNET_GNSRECORD_Flags
diff --git a/src/reclaim/plugin_gnsrecord_reclaim.c b/src/reclaim/plugin_gnsrecord_reclaim.c
index 0322df752..181a4bbc2 100644
--- a/src/reclaim/plugin_gnsrecord_reclaim.c
+++ b/src/reclaim/plugin_gnsrecord_reclaim.c
@@ -57,6 +57,8 @@ value_to_string (void *cls,
57 return GNUNET_strndup (data, data_size); 57 return GNUNET_strndup (data, data_size);
58 case GNUNET_GNSRECORD_TYPE_ABE_KEY: 58 case GNUNET_GNSRECORD_TYPE_ABE_KEY:
59 case GNUNET_GNSRECORD_TYPE_ABE_MASTER: 59 case GNUNET_GNSRECORD_TYPE_ABE_MASTER:
60 case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT:
61 case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT:
60 return GNUNET_STRINGS_data_to_string_alloc (data, data_size); 62 return GNUNET_STRINGS_data_to_string_alloc (data, data_size);
61 case GNUNET_GNSRECORD_TYPE_ID_TOKEN_METADATA: //DEPRECATED 63 case GNUNET_GNSRECORD_TYPE_ID_TOKEN_METADATA: //DEPRECATED
62 ecdhe_privkey = data; 64 ecdhe_privkey = data;
@@ -118,6 +120,8 @@ string_to_value (void *cls,
118 return GNUNET_OK; 120 return GNUNET_OK;
119 case GNUNET_GNSRECORD_TYPE_ABE_KEY: 121 case GNUNET_GNSRECORD_TYPE_ABE_KEY:
120 case GNUNET_GNSRECORD_TYPE_ABE_MASTER: 122 case GNUNET_GNSRECORD_TYPE_ABE_MASTER:
123 case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT:
124 case GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT:
121 return GNUNET_STRINGS_string_to_data (s, 125 return GNUNET_STRINGS_string_to_data (s,
122 strlen (s), 126 strlen (s),
123 *data, 127 *data,
@@ -181,6 +185,8 @@ static struct {
181 { "ABE_KEY", GNUNET_GNSRECORD_TYPE_ABE_KEY }, 185 { "ABE_KEY", GNUNET_GNSRECORD_TYPE_ABE_KEY },
182 { "ABE_MASTER", GNUNET_GNSRECORD_TYPE_ABE_MASTER }, 186 { "ABE_MASTER", GNUNET_GNSRECORD_TYPE_ABE_MASTER },
183 { "ID_TOKEN_METADATA", GNUNET_GNSRECORD_TYPE_ID_TOKEN_METADATA }, 187 { "ID_TOKEN_METADATA", GNUNET_GNSRECORD_TYPE_ID_TOKEN_METADATA },
188 { "RECLAIM_OIDC_CLIENT", GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_CLIENT },
189 { "RECLAIM_OIDC_REDIRECT", GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT },
184 { NULL, UINT32_MAX } 190 { NULL, UINT32_MAX }
185}; 191};
186 192
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c
index 1846df901..99459427c 100644
--- a/src/reclaim/plugin_rest_openid_connect.c
+++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -886,38 +886,47 @@ lookup_redirect_uri_result (void *cls,
886 struct GNUNET_CRYPTO_EcdsaPublicKey redirect_zone; 886 struct GNUNET_CRYPTO_EcdsaPublicKey redirect_zone;
887 887
888 handle->gns_op = NULL; 888 handle->gns_op = NULL;
889 if (1 != rd_count) 889 if (0 == rd_count)
890 { 890 {
891 handle->emsg = GNUNET_strdup("server_error"); 891 handle->emsg = GNUNET_strdup("server_error");
892 handle->edesc = GNUNET_strdup("Server cannot generate ticket, redirect uri not found."); 892 handle->edesc = GNUNET_strdup("Server cannot generate ticket, redirect uri not found.");
893 GNUNET_SCHEDULER_add_now (&do_redirect_error, handle); 893 GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
894 return; 894 return;
895 } 895 }
896 tmp = GNUNET_strdup (rd->data); 896 for (int i = 0; i < rd_count; i++)
897 pos = strrchr (tmp, 897 {
898 (unsigned char) '.'); 898 if (0 != strcmp (rd[0].data,
899 *pos = '\0'; 899 handle->oidc->redirect_uri))
900 handle->redirect_prefix = GNUNET_strdup (tmp); 900 continue;
901 tmp_key_str = pos + 1; 901 tmp = GNUNET_strdup (rd[0].data);
902 pos = strchr (tmp_key_str, 902 pos = strrchr (tmp,
903 (unsigned char) '/'); 903 (unsigned char) '.');
904 *pos = '\0'; 904 *pos = '\0';
905 handle->redirect_suffix = GNUNET_strdup (pos + 1); 905 handle->redirect_prefix = GNUNET_strdup (tmp);
906 906 tmp_key_str = pos + 1;
907 GNUNET_STRINGS_string_to_data (tmp_key_str, 907 pos = strchr (tmp_key_str,
908 strlen (tmp_key_str), 908 (unsigned char) '/');
909 &redirect_zone, 909 *pos = '\0';
910 sizeof (redirect_zone)); 910 handle->redirect_suffix = GNUNET_strdup (pos + 1);
911 911
912 GNUNET_NAMESTORE_zone_to_name (handle->namestore_handle, 912 GNUNET_STRINGS_string_to_data (tmp_key_str,
913 &handle->priv_key, 913 strlen (tmp_key_str),
914 &redirect_zone, 914 &redirect_zone,
915 &get_client_name_error, 915 sizeof (redirect_zone));
916 handle, 916
917 &get_client_name_result, 917 GNUNET_NAMESTORE_zone_to_name (handle->namestore_handle,
918 handle); 918 &handle->priv_key,
919 GNUNET_free (tmp); 919 &redirect_zone,
920 920 &get_client_name_error,
921 handle,
922 &get_client_name_result,
923 handle);
924 GNUNET_free (tmp);
925 return;
926 }
927 handle->emsg = GNUNET_strdup("server_error");
928 handle->edesc = GNUNET_strdup("Server cannot generate ticket, redirect uri not found.");
929 GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
921} 930}
922 931
923/** 932/**
@@ -940,9 +949,9 @@ oidc_ticket_issue_cb (void* cls,
940 return; 949 return;
941 } 950 }
942 handle->gns_op = GNUNET_GNS_lookup (handle->gns_handle, 951 handle->gns_op = GNUNET_GNS_lookup (handle->gns_handle,
943 handle->oidc->redirect_uri, 952 "+",
944 &handle->oidc->client_pkey, 953 &handle->oidc->client_pkey,
945 GNUNET_DNSPARSER_TYPE_TXT, 954 GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT,
946 GNUNET_GNS_LO_DEFAULT, 955 GNUNET_GNS_LO_DEFAULT,
947 &lookup_redirect_uri_result, 956 &lookup_redirect_uri_result,
948 handle); 957 handle);