aboutsummaryrefslogtreecommitdiff
path: root/src/reclaim/oidc_helper.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/reclaim/oidc_helper.h')
-rw-r--r--src/reclaim/oidc_helper.h38
1 files changed, 28 insertions, 10 deletions
diff --git a/src/reclaim/oidc_helper.h b/src/reclaim/oidc_helper.h
index eb1022423..2a8b7bbae 100644
--- a/src/reclaim/oidc_helper.h
+++ b/src/reclaim/oidc_helper.h
@@ -38,6 +38,19 @@
38 38
39#define SERVER_ADDRESS "https://api.reclaim" 39#define SERVER_ADDRESS "https://api.reclaim"
40 40
41enum OIDC_VerificationOptions
42{
43 /**
44 * Strict verification
45 */
46 OIDC_VERIFICATION_DEFAULT = 0,
47
48 /**
49 * Do not check code verifier even if expected
50 */
51 OIDC_VERIFICATION_NO_CODE_VERIFIER = 1
52};
53
41/** 54/**
42 * Create a JWT from attributes 55 * Create a JWT from attributes
43 * 56 *
@@ -51,12 +64,13 @@
51 */ 64 */
52char* 65char*
53OIDC_generate_id_token (const struct GNUNET_IDENTITY_PublicKey *aud_key, 66OIDC_generate_id_token (const struct GNUNET_IDENTITY_PublicKey *aud_key,
54 const struct GNUNET_IDENTITY_PublicKey *sub_key, 67 const struct GNUNET_IDENTITY_PublicKey *sub_key,
55 const struct GNUNET_RECLAIM_AttributeList *attrs, 68 const struct GNUNET_RECLAIM_AttributeList *attrs,
56 const struct GNUNET_RECLAIM_PresentationList *presentations, 69 const struct
57 const struct GNUNET_TIME_Relative *expiration_time, 70 GNUNET_RECLAIM_PresentationList *presentations,
58 const char *nonce, 71 const struct GNUNET_TIME_Relative *expiration_time,
59 const char *secret_key); 72 const char *nonce,
73 const char *secret_key);
60 74
61/** 75/**
62 * Builds an OIDC authorization code including 76 * Builds an OIDC authorization code including
@@ -68,13 +82,15 @@ OIDC_generate_id_token (const struct GNUNET_IDENTITY_PublicKey *aud_key,
68 * @param presentations credential presentation list 82 * @param presentations credential presentation list
69 * @param nonce the nonce to include in the code 83 * @param nonce the nonce to include in the code
70 * @param code_challenge PKCE code challenge 84 * @param code_challenge PKCE code challenge
85 * @param opts verification options
71 * @return a new authorization code (caller must free) 86 * @return a new authorization code (caller must free)
72 */ 87 */
73char* 88char*
74OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer, 89OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer,
75 const struct GNUNET_RECLAIM_Ticket *ticket, 90 const struct GNUNET_RECLAIM_Ticket *ticket,
76 const struct GNUNET_RECLAIM_AttributeList *attrs, 91 const struct GNUNET_RECLAIM_AttributeList *attrs,
77 const struct GNUNET_RECLAIM_PresentationList *presentations, 92 const struct
93 GNUNET_RECLAIM_PresentationList *presentations,
78 const char *nonce, 94 const char *nonce,
79 const char *code_challenge); 95 const char *code_challenge);
80 96
@@ -99,7 +115,8 @@ OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *ecdsa_pub,
99 struct GNUNET_RECLAIM_Ticket *ticket, 115 struct GNUNET_RECLAIM_Ticket *ticket,
100 struct GNUNET_RECLAIM_AttributeList **attrs, 116 struct GNUNET_RECLAIM_AttributeList **attrs,
101 struct GNUNET_RECLAIM_PresentationList **presentations, 117 struct GNUNET_RECLAIM_PresentationList **presentations,
102 char **nonce); 118 char **nonce,
119 enum OIDC_VerificationOptions opts);
103 120
104/** 121/**
105 * Build a token response for a token request 122 * Build a token response for a token request
@@ -126,7 +143,7 @@ OIDC_access_token_new (const struct GNUNET_RECLAIM_Ticket *ticket);
126 * Parse an access token 143 * Parse an access token
127 */ 144 */
128int 145int
129OIDC_access_token_parse (const char* token, 146OIDC_access_token_parse (const char*token,
130 struct GNUNET_RECLAIM_Ticket **ticket); 147 struct GNUNET_RECLAIM_Ticket **ticket);
131 148
132 149
@@ -154,6 +171,7 @@ OIDC_check_scopes_for_claim_request (const char *scopes,
154char * 171char *
155OIDC_generate_userinfo (const struct GNUNET_IDENTITY_PublicKey *sub_key, 172OIDC_generate_userinfo (const struct GNUNET_IDENTITY_PublicKey *sub_key,
156 const struct GNUNET_RECLAIM_AttributeList *attrs, 173 const struct GNUNET_RECLAIM_AttributeList *attrs,
157 const struct GNUNET_RECLAIM_PresentationList *presentations); 174 const struct
175 GNUNET_RECLAIM_PresentationList *presentations);
158 176
159#endif 177#endif