summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/reclaim/json_reclaim.c2
-rw-r--r--src/reclaim/oidc_helper.c57
-rw-r--r--src/reclaim/plugin_reclaim_credential_jwt.c39
3 files changed, 86 insertions, 12 deletions
diff --git a/src/reclaim/json_reclaim.c b/src/reclaim/json_reclaim.c
index 6c945036a..4eeb22bee 100644
--- a/src/reclaim/json_reclaim.c
+++ b/src/reclaim/json_reclaim.c
@@ -95,6 +95,7 @@ parse_attr (void *cls, json_t *root, struct GNUNET_JSON_Specification *spec)
}
attr = GNUNET_RECLAIM_attribute_new (name_str, NULL,
type, data, data_size);
+ GNUNET_free (data);
if ((NULL != cred_str) && (0 != strlen (cred_str)))
{
GNUNET_STRINGS_string_to_data (cred_str,
@@ -334,6 +335,7 @@ parse_credential (void *cls, json_t *root, struct GNUNET_JSON_Specification *spe
return GNUNET_SYSERR;
}
cred = GNUNET_RECLAIM_credential_new (name_str, type, data, data_size);
+ GNUNET_free (data);
if ((NULL == id_str) || (0 == strlen (id_str)))
memset (&cred->id, 0, sizeof (cred->id));
else
diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c
index 84a90833c..bd3a8ee05 100644
--- a/src/reclaim/oidc_helper.c
+++ b/src/reclaim/oidc_helper.c
@@ -223,6 +223,8 @@ generate_userinfo_json (const struct GNUNET_IDENTITY_PublicKey *sub_key,
i++;
}
+ int addr_is_aggregated = GNUNET_NO;
+ int addr_is_normal = GNUNET_NO;
for (le = attrs->list_head; NULL != le; le = le->next)
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -230,7 +232,6 @@ generate_userinfo_json (const struct GNUNET_IDENTITY_PublicKey *sub_key,
le->attribute->name);
if (GNUNET_YES == GNUNET_RECLAIM_id_is_zero (&le->attribute->credential))
{
-
attr_val_str =
GNUNET_RECLAIM_attribute_value_to_string (le->attribute->type,
le->attribute->data,
@@ -238,13 +239,22 @@ generate_userinfo_json (const struct GNUNET_IDENTITY_PublicKey *sub_key,
/**
* There is this wierd quirk that the individual address claim(s) must be
* inside a JSON object of the "address" claim.
- * FIXME: Possibly include formatted claim here
*/
if (GNUNET_YES == is_claim_in_address_scope (le->attribute->name))
{
+ if (GNUNET_YES == addr_is_aggregated)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Address is set as aggregated claim. Skipping self-issued value...\n");
+ GNUNET_free (attr_val_str);
+ continue;
+ }
+ addr_is_normal = GNUNET_YES;
+
if (NULL == addr_claim)
{
addr_claim = json_object ();
+ json_object_set_new (body, "address", addr_claim);
}
json_object_set_new (addr_claim, le->attribute->name,
json_string (attr_val_str));
@@ -276,17 +286,42 @@ generate_userinfo_json (const struct GNUNET_IDENTITY_PublicKey *sub_key,
le->attribute->name);
continue;
}
- // Presentation exists, hence take the respective source str
- GNUNET_asprintf (&source_name,
- "src%d",
- j);
- json_object_set_new (aggr_names, le->attribute->name,
- json_string (source_name));
- GNUNET_free (source_name);
+ /**
+ * There is this wierd quirk that the individual address claim(s) must be
+ * inside a JSON object of the "address" claim.
+ */
+ if (GNUNET_YES == is_claim_in_address_scope (le->attribute->name))
+ {
+ if (GNUNET_YES == addr_is_normal)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Address is already set as normal claim. Skipping attested value...\n");
+ continue;
+ }
+ addr_is_aggregated = GNUNET_YES;
+ /** This is/can only be set once! **/
+ if (NULL != addr_claim)
+ continue;
+ addr_claim = json_object ();
+ GNUNET_asprintf (&source_name,
+ "src%d",
+ j);
+ json_object_set_new (aggr_names, "address",
+ json_string (source_name));
+ GNUNET_free (source_name);
+ }
+ else
+ {
+ // Presentation exists, hence take the respective source str
+ GNUNET_asprintf (&source_name,
+ "src%d",
+ j);
+ json_object_set_new (aggr_names, le->attribute->name,
+ json_string (source_name));
+ GNUNET_free (source_name);
+ }
}
}
- if (NULL != addr_claim)
- json_object_set_new (body, "address", addr_claim);
if (0 != i)
{
json_object_set_new (body, "_claim_names", aggr_names);
diff --git a/src/reclaim/plugin_reclaim_credential_jwt.c b/src/reclaim/plugin_reclaim_credential_jwt.c
index c1e12f4a0..aac0a6ea5 100644
--- a/src/reclaim/plugin_reclaim_credential_jwt.c
+++ b/src/reclaim/plugin_reclaim_credential_jwt.c
@@ -160,6 +160,7 @@ jwt_parse_attributes (void *cls,
char *val_str = NULL;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
char *decoded_jwt;
+ char *tmp;
json_t *json_val;
json_error_t *json_err = NULL;
@@ -175,7 +176,10 @@ jwt_parse_attributes (void *cls,
json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
GNUNET_free (decoded_jwt);
const char *key;
+ const char *addr_key;
json_t *value;
+ json_t *addr_value;
+
json_object_foreach (json_val, key, value) {
if (0 == strcmp ("iss", key))
continue;
@@ -189,12 +193,45 @@ jwt_parse_attributes (void *cls,
continue;
if (0 == strcmp ("aud", key))
continue;
+ if (0 == strcmp ("address", key))
+ {
+ if (!json_is_object(value)) {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "address claim in wrong format!");
+ continue;
+ }
+ json_object_foreach (value, addr_key, addr_value) {
+ val_str = json_dumps (addr_value, JSON_ENCODE_ANY);
+ tmp = val_str;
+ //Remove leading " from jasson conversion
+ if (tmp[0] == '"')
+ tmp++;
+ //Remove trailing " from jansson conversion
+ if (tmp[strlen(tmp)-1] == '"')
+ tmp[strlen(tmp)-1] = '\0';
+ GNUNET_RECLAIM_attribute_list_add (attrs,
+ addr_key,
+ NULL,
+ GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,
+ tmp,
+ strlen (val_str));
+ GNUNET_free (val_str);
+ }
+ continue;
+ }
val_str = json_dumps (value, JSON_ENCODE_ANY);
+ tmp = val_str;
+ //Remove leading " from jasson conversion
+ if (tmp[0] == '"')
+ tmp++;
+ //Remove trailing " from jansson conversion
+ if (tmp[strlen(tmp)-1] == '"')
+ tmp[strlen(tmp)-1] = '\0';
GNUNET_RECLAIM_attribute_list_add (attrs,
key,
NULL,
GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,// FIXME
- val_str,
+ tmp,
strlen (val_str));
GNUNET_free (val_str);
}