1 files changed, 0 insertions, 177 deletions
diff --git a/src/reclaim/oidc_helper.h b/src/reclaim/oidc_helper.h
deleted file mode 100644
index 2a8b7bbae..000000000
--- a/src/reclaim/oidc_helper.h
+++ /dev/null
@@ -1,177 +0,0 @@
-/*
-   This file is part of GNUnet
-   Copyright (C) 2010-2015 GNUnet e.V.
-   GNUnet is free software: you can redistribute it and/or modify it
-   under the terms of the GNU Affero General Public License as published
-   by the Free Software Foundation, either version 3 of the License,
-   or (at your option) any later version.
-   GNUnet is distributed in the hope that it will be useful, but
-   WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   Affero General Public License for more details.
-   You should have received a copy of the GNU Affero General Public License
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-   SPDX-License-Identifier: AGPL3.0-or-later
- */
-/**
- * @file reclaim/oidc_helper.h
- * @brief helper library for OIDC related functions
- * @author Martin Schanzenbach
- */
-#ifndef JWT_H
-#define JWT_H
-#define JWT_ALG "alg"
-/* Use 512bit HMAC */
-#define JWT_ALG_VALUE "HS512"
-#define JWT_TYP "typ"
-#define JWT_TYP_VALUE "jwt"
-#define SERVER_ADDRESS "https://api.reclaim"
-enum OIDC_VerificationOptions
-{
-  /**
-   * Strict verification
-   */
-  OIDC_VERIFICATION_DEFAULT = 0,
-  /**
-   * Do not check code verifier even if expected
-   */
-  OIDC_VERIFICATION_NO_CODE_VERIFIER = 1
-};
-/**
- * Create a JWT from attributes
- *
- * @param aud_key the public of the audience
- * @param sub_key the public key of the subject
- * @param attrs the attribute list
- * @param presentations credential presentation list (may be empty)
- * @param expiration_time the validity of the token
- * @param secret_key the key used to sign the JWT
- * @return a new base64-encoded JWT string.
- */
-char*
-OIDC_generate_id_token (const struct GNUNET_IDENTITY_PublicKey *aud_key,
-                        const struct GNUNET_IDENTITY_PublicKey *sub_key,
-                        const struct GNUNET_RECLAIM_AttributeList *attrs,
-                        const struct
-                        GNUNET_RECLAIM_PresentationList *presentations,
-                        const struct GNUNET_TIME_Relative *expiration_time,
-                        const char *nonce,
-                        const char *secret_key);
-/**
- * Builds an OIDC authorization code including
- * a reclaim ticket and nonce
- *
- * @param issuer the issuer of the ticket, used to sign the ticket and nonce
- * @param ticket the ticket to include in the code
- * @param attrs list of attributes to share
- * @param presentations credential presentation list
- * @param nonce the nonce to include in the code
- * @param code_challenge PKCE code challenge
- * @param opts verification options
- * @return a new authorization code (caller must free)
- */
-char*
-OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer,
-                       const struct GNUNET_RECLAIM_Ticket *ticket,
-                       const struct GNUNET_RECLAIM_AttributeList *attrs,
-                       const struct
-                       GNUNET_RECLAIM_PresentationList *presentations,
-                       const char *nonce,
-                       const char *code_challenge);
-/**
- * Parse reclaim ticket and nonce from
- * authorization code.
- * This also verifies the signature in the code.
- *
- * @param ecdsa_priv the audience of the ticket
- * @param code the string representation of the code
- * @param code_verfier PKCE code verifier
- * @param ticket where to store the ticket
- * @param attrs the attributes found in the code
- * @param presentations credential presentation list
- * @param nonce where to store the nonce
- * @return GNUNET_OK if successful, else GNUNET_SYSERR
- */
-int
-OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *ecdsa_pub,
-                       const char *code,
-                       const char *code_verifier,
-                       struct GNUNET_RECLAIM_Ticket *ticket,
-                       struct GNUNET_RECLAIM_AttributeList **attrs,
-                       struct GNUNET_RECLAIM_PresentationList **presentations,
-                       char **nonce,
-                       enum OIDC_VerificationOptions opts);
-/**
- * Build a token response for a token request
- * TODO: Maybe we should add the scope here?
- *
- * @param access_token the access token to include
- * @param id_token the id_token to include
- * @param expiration_time the expiration time of the token(s)
- * @param token_response where to store the response
- */
-void
-OIDC_build_token_response (const char *access_token,
-                           const char *id_token,
-                           const struct GNUNET_TIME_Relative *expiration_time,
-                           char **token_response);
-/**
- * Generate a new access token
- */
-char*
-OIDC_access_token_new (const struct GNUNET_RECLAIM_Ticket *ticket);
-/**
- * Parse an access token
- */
-int
-OIDC_access_token_parse (const char*token,
-                         struct GNUNET_RECLAIM_Ticket **ticket);
-/**
- * Checks if a claim is implicitly requested through standard
- * scope(s)
- *
- * @param scopes the scopes which have been requested
- * @param attr the attribute name to check
- * @return GNUNET_YES if attribute is implcitly requested
- */
-enum GNUNET_GenericReturnValue
-OIDC_check_scopes_for_claim_request (const char *scopes,
-                                     const char *attr);
-/**
- * Generate userinfo JSON as string
- *
- * @param sub_key the subject (user)
- * @param attrs user attribute list
- * @param presentations credential presentation list
- * @return Userinfo JSON
- */
-char *
-OIDC_generate_userinfo (const struct GNUNET_IDENTITY_PublicKey *sub_key,
-                        const struct GNUNET_RECLAIM_AttributeList *attrs,
-                        const struct
-                        GNUNET_RECLAIM_PresentationList *presentations);
-#endif

diff --git a/src/reclaim/oidc_helper.h b/src/reclaim/oidc_helper.h deleted file mode 100644 index 2a8b7bbae..000000000 --- a/src/reclaim/oidc_helper.h +++ /dev/null
@@ -1,177 +0,0 @@
1	/*
2	This file is part of GNUnet
3	Copyright (C) 2010-2015 GNUnet e.V.
4
5	GNUnet is free software: you can redistribute it and/or modify it
6	under the terms of the GNU Affero General Public License as published
7	by the Free Software Foundation, either version 3 of the License,
8	or (at your option) any later version.
9
10	GNUnet is distributed in the hope that it will be useful, but
11	WITHOUT ANY WARRANTY; without even the implied warranty of
12	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13	Affero General Public License for more details.
14
15	You should have received a copy of the GNU Affero General Public License
16	along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18	SPDX-License-Identifier: AGPL3.0-or-later
19	*/
20
21	/**
22	* @file reclaim/oidc_helper.h
23	* @brief helper library for OIDC related functions
24	* @author Martin Schanzenbach
25	*/
26
27	#ifndef JWT_H
28	#define JWT_H
29
30	#define JWT_ALG "alg"
31
32	/* Use 512bit HMAC */
33	#define JWT_ALG_VALUE "HS512"
34
35	#define JWT_TYP "typ"
36
37	#define JWT_TYP_VALUE "jwt"
38
39	#define SERVER_ADDRESS "https://api.reclaim"
40
41	enum OIDC_VerificationOptions
42	{
43	/**
44	* Strict verification
45	*/
46	OIDC_VERIFICATION_DEFAULT = 0,
47
48	/**
49	* Do not check code verifier even if expected
50	*/
51	OIDC_VERIFICATION_NO_CODE_VERIFIER = 1
52	};
53
54	/**
55	* Create a JWT from attributes
56	*
57	* @param aud_key the public of the audience
58	* @param sub_key the public key of the subject
59	* @param attrs the attribute list
60	* @param presentations credential presentation list (may be empty)
61	* @param expiration_time the validity of the token
62	* @param secret_key the key used to sign the JWT
63	* @return a new base64-encoded JWT string.
64	*/
65	char*
66	OIDC_generate_id_token (const struct GNUNET_IDENTITY_PublicKey *aud_key,
67	const struct GNUNET_IDENTITY_PublicKey *sub_key,
68	const struct GNUNET_RECLAIM_AttributeList *attrs,
69	const struct
70	GNUNET_RECLAIM_PresentationList *presentations,
71	const struct GNUNET_TIME_Relative *expiration_time,
72	const char *nonce,
73	const char *secret_key);
74
75	/**
76	* Builds an OIDC authorization code including
77	* a reclaim ticket and nonce
78	*
79	* @param issuer the issuer of the ticket, used to sign the ticket and nonce
80	* @param ticket the ticket to include in the code
81	* @param attrs list of attributes to share
82	* @param presentations credential presentation list
83	* @param nonce the nonce to include in the code
84	* @param code_challenge PKCE code challenge
85	* @param opts verification options
86	* @return a new authorization code (caller must free)
87	*/
88	char*
89	OIDC_build_authz_code (const struct GNUNET_IDENTITY_PrivateKey *issuer,
90	const struct GNUNET_RECLAIM_Ticket *ticket,
91	const struct GNUNET_RECLAIM_AttributeList *attrs,
92	const struct
93	GNUNET_RECLAIM_PresentationList *presentations,
94	const char *nonce,
95	const char *code_challenge);
96
97	/**
98	* Parse reclaim ticket and nonce from
99	* authorization code.
100	* This also verifies the signature in the code.
101	*
102	* @param ecdsa_priv the audience of the ticket
103	* @param code the string representation of the code
104	* @param code_verfier PKCE code verifier
105	* @param ticket where to store the ticket
106	* @param attrs the attributes found in the code
107	* @param presentations credential presentation list
108	* @param nonce where to store the nonce
109	* @return GNUNET_OK if successful, else GNUNET_SYSERR
110	*/
111	int
112	OIDC_parse_authz_code (const struct GNUNET_IDENTITY_PublicKey *ecdsa_pub,
113	const char *code,
114	const char *code_verifier,
115	struct GNUNET_RECLAIM_Ticket *ticket,
116	struct GNUNET_RECLAIM_AttributeList **attrs,
117	struct GNUNET_RECLAIM_PresentationList **presentations,
118	char **nonce,
119	enum OIDC_VerificationOptions opts);
120
121	/**
122	* Build a token response for a token request
123	* TODO: Maybe we should add the scope here?
124	*
125	* @param access_token the access token to include
126	* @param id_token the id_token to include
127	* @param expiration_time the expiration time of the token(s)
128	* @param token_response where to store the response
129	*/
130	void
131	OIDC_build_token_response (const char *access_token,
132	const char *id_token,
133	const struct GNUNET_TIME_Relative *expiration_time,
134	char **token_response);
135
136	/**
137	* Generate a new access token
138	*/
139	char*
140	OIDC_access_token_new (const struct GNUNET_RECLAIM_Ticket *ticket);
141
142	/**
143	* Parse an access token
144	*/
145	int
146	OIDC_access_token_parse (const char*token,
147	struct GNUNET_RECLAIM_Ticket **ticket);
148
149
150	/**
151	* Checks if a claim is implicitly requested through standard
152	* scope(s)
153	*
154	* @param scopes the scopes which have been requested
155	* @param attr the attribute name to check
156	* @return GNUNET_YES if attribute is implcitly requested
157	*/
158	enum GNUNET_GenericReturnValue
159	OIDC_check_scopes_for_claim_request (const char *scopes,
160	const char *attr);
161
162
163	/**
164	* Generate userinfo JSON as string
165	*
166	* @param sub_key the subject (user)
167	* @param attrs user attribute list
168	* @param presentations credential presentation list
169	* @return Userinfo JSON
170	*/
171	char *
172	OIDC_generate_userinfo (const struct GNUNET_IDENTITY_PublicKey *sub_key,
173	const struct GNUNET_RECLAIM_AttributeList *attrs,
174	const struct
175	GNUNET_RECLAIM_PresentationList *presentations);
176
177	#endif