1 files changed, 118 insertions, 8 deletions
diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c
index 1c3d65f35..2ce462854 100644
--- a/src/reclaim/oidc_helper.c
+++ b/src/reclaim/oidc_helper.c
@@ -118,7 +118,7 @@ fix_base64 (char *str)
 char *
 OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
                   const struct GNUNET_CRYPTO_EcdsaPublicKey *sub_key,
-                   const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
+                   struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
                   const struct GNUNET_TIME_Relative *expiration_time,
                   const char *nonce,
                   const char *secret_key)
@@ -131,13 +131,22 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
  char *subject;
  char *header;
  char *body_str;
+  char *aggr_names_str;
+  char *aggr_sources_str;
+  char *aggr_sources_jwt_str;
+  char *source_name;
  char *result;
  char *header_base64;
  char *body_base64;
  char *signature_target;
  char *signature_base64;
  char *attr_val_str;
+  char *attest_val_str;
  json_t *body;
+  json_t *aggr_names;
+  json_t *aggr_sources;
+  json_t *aggr_sources_jwt;
+  uint64_t attest_arr[GNUNET_RECLAIM_ATTRIBUTE_list_count_attest (attrs)];
  // iat REQUIRED time now
  time_now = GNUNET_TIME_absolute_get ();
@@ -156,6 +165,8 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
                                                GNUNET_CRYPTO_EcdsaPublicKey));
  header = create_jwt_header ();
  body = json_object ();
+  aggr_names = json_object ();
+  aggr_sources = json_object ();
  // iss REQUIRED case sensitive server uri with https
  // The issuer is the local reclaim instance (e.g.
@@ -180,18 +191,111 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
  // nonce
  if (NULL != nonce)
    json_object_set_new (body, "nonce", json_string (nonce));
+  int i = 0;
+  attest_val_str = NULL;
+  aggr_names_str = NULL;
+  aggr_sources_str = NULL;
+  aggr_sources_jwt_str = NULL;
+  source_name = NULL;
  for (le = attrs->list_head; NULL != le; le = le->next)
  {
-    attr_val_str =
-      GNUNET_RECLAIM_ATTRIBUTE_value_to_string (le->claim->type,
+    if (le->claim != NULL)
-                                                le->claim->data,
+    {
-                                                le->claim->data_size);
-    json_object_set_new (body, le->claim->name, json_string (attr_val_str));
+      attr_val_str =
-    GNUNET_free (attr_val_str);
+        GNUNET_RECLAIM_ATTRIBUTE_value_to_string (le->claim->type,
+                                                  le->claim->data,
+                                                  le->claim->data_size);
+      json_object_set_new (body, le->claim->name, json_string (attr_val_str));
+      GNUNET_free (attr_val_str);
+    }
+    else if (NULL != le->reference)
+    {
+      // Check if attest is there
+      int j = 0;
+      while (j<i)
+      {
+        if (attest_arr[j] == le->reference->id_attest)
+          break;
+        j++;
+      }
+      if (j==i)
+      {
+        // Attest not yet existent. Append to the end of the list
+        GNUNET_CONTAINER_DLL_remove (attrs->list_head, attrs->list_tail, le);
+        GNUNET_CONTAINER_DLL_insert_tail (attrs->list_head, attrs->list_tail,
+                                          le);
+        continue;
+      }
+      else
+      {
+        // Attestation is existing, hence take the respective source str
+        GNUNET_asprintf (&source_name,
+                         "src%d",
+                         j);
+        json_object_set_new (aggr_names, le->reference->name, json_string (
+                               source_name));
+      }
+    }
+    else if (NULL != le->attest)
+    {
+      // We assume that at max 99 different attestations
+      int j = 0;
+      while (j<i)
+      {
+        if (attest_arr[j] == le->attest->id)
+          break;
+        j++;
+      }
+      if (j==i)
+      {
+        // New Attestation
+        attest_arr[i] = le->attest->id;
+        GNUNET_asprintf (&source_name,
+                         "src%d",
+                         i);
+        aggr_sources_jwt = json_object ();
+        attest_val_str = GNUNET_RECLAIM_ATTESTATION_value_to_string (
+          le->attest->type, le->attest->data, le->attest->data_size);
+        json_object_set_new (aggr_sources_jwt, "JWT",json_string (
+                               attest_val_str) );
+        aggr_sources_jwt_str = json_dumps (aggr_sources_jwt, JSON_INDENT (0)
+                                           | JSON_COMPACT);
+        json_object_set_new (aggr_sources, source_name,json_string (
+                               aggr_sources_jwt_str));
+        i++;
+      }
+      else
+      {
+        // Attestation already existent. Ignore
+        continue;
+      }
+    }
+  }
+  if (NULL != attest_val_str)
+    GNUNET_free (attest_val_str);
+  if (NULL != source_name)
+    GNUNET_free (source_name);
+  if (0!=i)
+  {
+    aggr_names_str = json_dumps (aggr_names, JSON_INDENT (0) | JSON_COMPACT);
+    aggr_sources_str = json_dumps (aggr_sources, JSON_INDENT (0)
+                                   | JSON_COMPACT);
+    json_object_set_new (body, "_claim_names", json_string (aggr_names_str));
+    json_object_set_new (body, "_claim_sources", json_string (
+                           aggr_sources_str));
  }
+  json_decref (aggr_names);
+  json_decref (aggr_sources);
+  json_decref (aggr_sources_jwt);
  body_str = json_dumps (body, JSON_INDENT (0) | JSON_COMPACT);
  json_decref (body);
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"ID-Token: %s\n", body_str);
  GNUNET_STRINGS_base64_encode (header, strlen (header), &header_base64);
  fix_base64 (header_base64);
@@ -226,6 +330,12 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
  GNUNET_free (signature_target);
  GNUNET_free (header);
  GNUNET_free (body_str);
+  if (NULL != aggr_sources_str)
+    GNUNET_free (aggr_sources_str);
+  if (NULL != aggr_names_str)
+    GNUNET_free (aggr_names_str);
+  if (NULL != aggr_sources_jwt_str)
+    GNUNET_free (aggr_sources_jwt_str);
  GNUNET_free (signature_base64);
  GNUNET_free (body_base64);
  GNUNET_free (header_base64);

diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c index 1c3d65f35..2ce462854 100644 --- a/src/reclaim/oidc_helper.c +++ b/src/reclaim/oidc_helper.c
@@ -118,7 +118,7 @@ fix_base64 (char *str)
118	char *	118	char *
119	OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,	119	OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
120	const struct GNUNET_CRYPTO_EcdsaPublicKey *sub_key,	120	const struct GNUNET_CRYPTO_EcdsaPublicKey *sub_key,
121	const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,	121	struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
122	const struct GNUNET_TIME_Relative *expiration_time,	122	const struct GNUNET_TIME_Relative *expiration_time,
123	const char *nonce,	123	const char *nonce,
124	const char *secret_key)	124	const char *secret_key)
@@ -131,13 +131,22 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
131	char *subject;	131	char *subject;
132	char *header;	132	char *header;
133	char *body_str;	133	char *body_str;
		134	char *aggr_names_str;
		135	char *aggr_sources_str;
		136	char *aggr_sources_jwt_str;
		137	char *source_name;
134	char *result;	138	char *result;
135	char *header_base64;	139	char *header_base64;
136	char *body_base64;	140	char *body_base64;
137	char *signature_target;	141	char *signature_target;
138	char *signature_base64;	142	char *signature_base64;
139	char *attr_val_str;	143	char *attr_val_str;
		144	char *attest_val_str;
140	json_t *body;	145	json_t *body;
		146	json_t *aggr_names;
		147	json_t *aggr_sources;
		148	json_t *aggr_sources_jwt;
		149	uint64_t attest_arr[GNUNET_RECLAIM_ATTRIBUTE_list_count_attest (attrs)];
141		150
142	// iat REQUIRED time now	151	// iat REQUIRED time now
143	time_now = GNUNET_TIME_absolute_get ();	152	time_now = GNUNET_TIME_absolute_get ();
@@ -156,6 +165,8 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
156	GNUNET_CRYPTO_EcdsaPublicKey));	165	GNUNET_CRYPTO_EcdsaPublicKey));
157	header = create_jwt_header ();	166	header = create_jwt_header ();
158	body = json_object ();	167	body = json_object ();
		168	aggr_names = json_object ();
		169	aggr_sources = json_object ();
159		170
160	// iss REQUIRED case sensitive server uri with https	171	// iss REQUIRED case sensitive server uri with https
161	// The issuer is the local reclaim instance (e.g.	172	// The issuer is the local reclaim instance (e.g.
@@ -180,18 +191,111 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
180	// nonce	191	// nonce
181	if (NULL != nonce)	192	if (NULL != nonce)
182	json_object_set_new (body, "nonce", json_string (nonce));	193	json_object_set_new (body, "nonce", json_string (nonce));
183		194	int i = 0;
		195	attest_val_str = NULL;
		196	aggr_names_str = NULL;
		197	aggr_sources_str = NULL;
		198	aggr_sources_jwt_str = NULL;
		199	source_name = NULL;
184	for (le = attrs->list_head; NULL != le; le = le->next)	200	for (le = attrs->list_head; NULL != le; le = le->next)
185	{	201	{
186	attr_val_str =	202
187	GNUNET_RECLAIM_ATTRIBUTE_value_to_string (le->claim->type,	203	if (le->claim != NULL)
188	le->claim->data,	204	{
189	le->claim->data_size);	205
190	json_object_set_new (body, le->claim->name, json_string (attr_val_str));	206	attr_val_str =
191	GNUNET_free (attr_val_str);	207	GNUNET_RECLAIM_ATTRIBUTE_value_to_string (le->claim->type,
		208	le->claim->data,
		209	le->claim->data_size);
		210	json_object_set_new (body, le->claim->name, json_string (attr_val_str));
		211	GNUNET_free (attr_val_str);
		212	}
		213	else if (NULL != le->reference)
		214	{
		215	// Check if attest is there
		216	int j = 0;
		217	while (j<i)
		218	{
		219	if (attest_arr[j] == le->reference->id_attest)
		220	break;
		221	j++;
		222	}
		223	if (j==i)
		224	{
		225	// Attest not yet existent. Append to the end of the list
		226	GNUNET_CONTAINER_DLL_remove (attrs->list_head, attrs->list_tail, le);
		227	GNUNET_CONTAINER_DLL_insert_tail (attrs->list_head, attrs->list_tail,
		228	le);
		229	continue;
		230	}
		231	else
		232	{
		233	// Attestation is existing, hence take the respective source str
		234	GNUNET_asprintf (&source_name,
		235	"src%d",
		236	j);
		237	json_object_set_new (aggr_names, le->reference->name, json_string (
		238	source_name));
		239	}
		240
		241	}
		242	else if (NULL != le->attest)
		243	{
		244	// We assume that at max 99 different attestations
		245	int j = 0;
		246	while (j<i)
		247	{
		248	if (attest_arr[j] == le->attest->id)
		249	break;
		250	j++;
		251	}
		252	if (j==i)
		253	{
		254	// New Attestation
		255	attest_arr[i] = le->attest->id;
		256	GNUNET_asprintf (&source_name,
		257	"src%d",
		258	i);
		259	aggr_sources_jwt = json_object ();
		260	attest_val_str = GNUNET_RECLAIM_ATTESTATION_value_to_string (
		261	le->attest->type, le->attest->data, le->attest->data_size);
		262	json_object_set_new (aggr_sources_jwt, "JWT",json_string (
		263	attest_val_str) );
		264	aggr_sources_jwt_str = json_dumps (aggr_sources_jwt, JSON_INDENT (0)
		265	\| JSON_COMPACT);
		266	json_object_set_new (aggr_sources, source_name,json_string (
		267	aggr_sources_jwt_str));
		268	i++;
		269	}
		270	else
		271	{
		272	// Attestation already existent. Ignore
		273	continue;
		274	}
		275
		276	}
		277	}
		278	if (NULL != attest_val_str)
		279	GNUNET_free (attest_val_str);
		280	if (NULL != source_name)
		281	GNUNET_free (source_name);
		282	if (0!=i)
		283	{
		284	aggr_names_str = json_dumps (aggr_names, JSON_INDENT (0) \| JSON_COMPACT);
		285	aggr_sources_str = json_dumps (aggr_sources, JSON_INDENT (0)
		286	\| JSON_COMPACT);
		287	json_object_set_new (body, "_claim_names", json_string (aggr_names_str));
		288	json_object_set_new (body, "_claim_sources", json_string (
		289	aggr_sources_str));
192	}	290	}
		291
		292	json_decref (aggr_names);
		293	json_decref (aggr_sources);
		294	json_decref (aggr_sources_jwt);
		295
193	body_str = json_dumps (body, JSON_INDENT (0) \| JSON_COMPACT);	296	body_str = json_dumps (body, JSON_INDENT (0) \| JSON_COMPACT);
194	json_decref (body);	297	json_decref (body);
		298	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"ID-Token: %s\n", body_str);
195		299
196	GNUNET_STRINGS_base64_encode (header, strlen (header), &header_base64);	300	GNUNET_STRINGS_base64_encode (header, strlen (header), &header_base64);
197	fix_base64 (header_base64);	301	fix_base64 (header_base64);
@@ -226,6 +330,12 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
226	GNUNET_free (signature_target);	330	GNUNET_free (signature_target);
227	GNUNET_free (header);	331	GNUNET_free (header);
228	GNUNET_free (body_str);	332	GNUNET_free (body_str);
		333	if (NULL != aggr_sources_str)
		334	GNUNET_free (aggr_sources_str);
		335	if (NULL != aggr_names_str)
		336	GNUNET_free (aggr_names_str);
		337	if (NULL != aggr_sources_jwt_str)
		338	GNUNET_free (aggr_sources_jwt_str);
229	GNUNET_free (signature_base64);	339	GNUNET_free (signature_base64);
230	GNUNET_free (body_base64);	340	GNUNET_free (body_base64);
231	GNUNET_free (header_base64);	341	GNUNET_free (header_base64);