aboutsummaryrefslogtreecommitdiff
path: root/src/reclaim/plugin_reclaim_credential_jwt.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/reclaim/plugin_reclaim_credential_jwt.c')
-rw-r--r--src/reclaim/plugin_reclaim_credential_jwt.c499
1 files changed, 0 insertions, 499 deletions
diff --git a/src/reclaim/plugin_reclaim_credential_jwt.c b/src/reclaim/plugin_reclaim_credential_jwt.c
deleted file mode 100644
index 5d5e221f9..000000000
--- a/src/reclaim/plugin_reclaim_credential_jwt.c
+++ /dev/null
@@ -1,499 +0,0 @@
1/*
2 This file is part of GNUnet
3 Copyright (C) 2013, 2014, 2016 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
21/**
22 * @file reclaim/plugin_reclaim_credential_jwt.c
23 * @brief reclaim-credential-plugin-jwt attribute plugin to provide the API for
24 * JWT credentials.
25 *
26 * @author Martin Schanzenbach
27 */
28#include "platform.h"
29#include "gnunet_util_lib.h"
30#include "gnunet_reclaim_plugin.h"
31#include <inttypes.h>
32#include <jansson.h>
33
34/**
35 * Convert the 'value' of an credential to a string.
36 *
37 * @param cls closure, unused
38 * @param type type of the credential
39 * @param data value in binary encoding
40 * @param data_size number of bytes in @a data
41 * @return NULL on error, otherwise human-readable representation of the value
42 */
43static char *
44jwt_value_to_string (void *cls,
45 uint32_t type,
46 const void *data,
47 size_t data_size)
48{
49 switch (type)
50 {
51 case GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT:
52 return GNUNET_strndup (data, data_size);
53
54 default:
55 return NULL;
56 }
57}
58
59
60/**
61 * Convert human-readable version of a 'value' of an credential to the binary
62 * representation.
63 *
64 * @param cls closure, unused
65 * @param type type of the credential
66 * @param s human-readable string
67 * @param data set to value in binary encoding (will be allocated)
68 * @param data_size set to number of bytes in @a data
69 * @return #GNUNET_OK on success
70 */
71static int
72jwt_string_to_value (void *cls,
73 uint32_t type,
74 const char *s,
75 void **data,
76 size_t *data_size)
77{
78 if (NULL == s)
79 return GNUNET_SYSERR;
80 switch (type)
81 {
82 case GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT:
83 *data = GNUNET_strdup (s);
84 *data_size = strlen (s) + 1;
85 return GNUNET_OK;
86
87 default:
88 return GNUNET_SYSERR;
89 }
90}
91
92
93/**
94 * Mapping of credential type numbers to human-readable
95 * credential type names.
96 */
97static struct
98{
99 const char *name;
100 uint32_t number;
101} jwt_cred_name_map[] = { { "JWT", GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT },
102 { NULL, UINT32_MAX } };
103
104/**
105 * Convert a type name to the corresponding number.
106 *
107 * @param cls closure, unused
108 * @param jwt_typename name to convert
109 * @return corresponding number, UINT32_MAX on error
110 */
111static uint32_t
112jwt_typename_to_number (void *cls, const char *jwt_typename)
113{
114 unsigned int i;
115
116 i = 0;
117 while ((NULL != jwt_cred_name_map[i].name) &&
118 (0 != strcasecmp (jwt_typename, jwt_cred_name_map[i].name)))
119 i++;
120 return jwt_cred_name_map[i].number;
121}
122
123
124/**
125 * Convert a type number to the corresponding type string (e.g. 1 to "A")
126 *
127 * @param cls closure, unused
128 * @param type number of a type to convert
129 * @return corresponding typestring, NULL on error
130 */
131static const char *
132jwt_number_to_typename (void *cls, uint32_t type)
133{
134 unsigned int i;
135
136 i = 0;
137 while ((NULL != jwt_cred_name_map[i].name) && (type !=
138 jwt_cred_name_map[i].
139 number))
140 i++;
141 return jwt_cred_name_map[i].name;
142}
143
144
145/**
146 * Parse a JWT and return the respective claim value as Attribute
147 *
148 * @param cls the plugin
149 * @param cred the jwt credential
150 * @return a GNUNET_RECLAIM_Attribute, containing the new value
151 */
152struct GNUNET_RECLAIM_AttributeList *
153jwt_parse_attributes (void *cls,
154 const char *data,
155 size_t data_size)
156{
157 char *jwt_string;
158 struct GNUNET_RECLAIM_AttributeList *attrs;
159 char delim[] = ".";
160 char *val_str = NULL;
161 char *decoded_jwt;
162 char *tmp;
163 json_t *json_val;
164 json_error_t json_err;
165
166 attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
167
168 jwt_string = GNUNET_strndup (data, data_size);
169 const char *jwt_body = strtok (jwt_string, delim);
170 jwt_body = strtok (NULL, delim);
171 GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
172 (void **) &decoded_jwt);
173 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Decoded JWT: %s\n", decoded_jwt);
174 GNUNET_assert (NULL != decoded_jwt);
175 json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
176 GNUNET_free (decoded_jwt);
177 const char *key;
178 const char *addr_key;
179 json_t *value;
180 json_t *addr_value;
181
182 json_object_foreach (json_val, key, value) {
183 if (0 == strcmp ("iss", key))
184 continue;
185 if (0 == strcmp ("jti", key))
186 continue;
187 if (0 == strcmp ("exp", key))
188 continue;
189 if (0 == strcmp ("iat", key))
190 continue;
191 if (0 == strcmp ("nbf", key))
192 continue;
193 if (0 == strcmp ("aud", key))
194 continue;
195 if (0 == strcmp ("address", key))
196 {
197 if (! json_is_object (value))
198 {
199 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
200 "address claim in wrong format!");
201 continue;
202 }
203 json_object_foreach (value, addr_key, addr_value) {
204 val_str = json_dumps (addr_value, JSON_ENCODE_ANY);
205 tmp = val_str;
206 // Remove leading " from jasson conversion
207 if (tmp[0] == '"')
208 tmp++;
209 // Remove trailing " from jansson conversion
210 if (tmp[strlen (tmp) - 1] == '"')
211 tmp[strlen (tmp) - 1] = '\0';
212 GNUNET_RECLAIM_attribute_list_add (attrs,
213 addr_key,
214 NULL,
215 GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,
216 tmp,
217 strlen (val_str));
218 GNUNET_free (val_str);
219 }
220 continue;
221 }
222 val_str = json_dumps (value, JSON_ENCODE_ANY);
223 tmp = val_str;
224 // Remove leading " from jasson conversion
225 if (tmp[0] == '"')
226 tmp++;
227 // Remove trailing " from jansson conversion
228 if (tmp[strlen (tmp) - 1] == '"')
229 tmp[strlen (tmp) - 1] = '\0';
230 GNUNET_RECLAIM_attribute_list_add (attrs,
231 key,
232 NULL,
233 GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,// FIXME
234 tmp,
235 strlen (val_str));
236 GNUNET_free (val_str);
237 }
238 json_decref (json_val);
239 GNUNET_free (jwt_string);
240 return attrs;
241}
242
243
244/**
245 * Parse a JWT and return the respective claim value as Attribute
246 *
247 * @param cls the plugin
248 * @param cred the jwt credential
249 * @return a GNUNET_RECLAIM_Attribute, containing the new value
250 */
251struct GNUNET_RECLAIM_AttributeList *
252jwt_parse_attributes_c (void *cls,
253 const struct GNUNET_RECLAIM_Credential *cred)
254{
255 if (cred->type != GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT)
256 return NULL;
257 return jwt_parse_attributes (cls, cred->data, cred->data_size);
258}
259
260
261/**
262 * Parse a JWT and return the respective claim value as Attribute
263 *
264 * @param cls the plugin
265 * @param cred the jwt credential
266 * @return a GNUNET_RECLAIM_Attribute, containing the new value
267 */
268struct GNUNET_RECLAIM_AttributeList *
269jwt_parse_attributes_p (void *cls,
270 const struct GNUNET_RECLAIM_Presentation *cred)
271{
272 if (cred->type != GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT)
273 return NULL;
274 return jwt_parse_attributes (cls, cred->data, cred->data_size);
275}
276
277
278/**
279 * Parse a JWT and return the issuer
280 *
281 * @param cls the plugin
282 * @param cred the jwt credential
283 * @return a string, containing the isser
284 */
285char *
286jwt_get_issuer (void *cls,
287 const char *data,
288 size_t data_size)
289{
290 const char *jwt_body;
291 char *jwt_string;
292 char delim[] = ".";
293 char *issuer = NULL;
294 char *decoded_jwt;
295 json_t *issuer_json;
296 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
297 json_t *json_val;
298 json_error_t json_err;
299
300 jwt_string = GNUNET_strndup (data, data_size);
301 jwt_body = strtok (jwt_string, delim);
302 jwt_body = strtok (NULL, delim);
303 GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
304 (void **) &decoded_jwt);
305 json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
306 GNUNET_free (decoded_jwt);
307 GNUNET_free (jwt_string);
308 if (NULL == json_val)
309 return NULL;
310 issuer_json = json_object_get (json_val, "iss");
311 if ((NULL == issuer_json) || (! json_is_string (issuer_json)))
312 {
313 json_decref (json_val);
314 return NULL;
315 }
316 issuer = GNUNET_strdup (json_string_value (issuer_json));
317 json_decref (json_val);
318 return issuer;
319}
320
321
322/**
323 * Parse a JWT and return the issuer
324 *
325 * @param cls the plugin
326 * @param cred the jwt credential
327 * @return a string, containing the isser
328 */
329char *
330jwt_get_issuer_c (void *cls,
331 const struct GNUNET_RECLAIM_Credential *cred)
332{
333 if (GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT != cred->type)
334 return NULL;
335 return jwt_get_issuer (cls, cred->data, cred->data_size);
336}
337
338
339/**
340 * Parse a JWT and return the issuer
341 *
342 * @param cls the plugin
343 * @param cred the jwt credential
344 * @return a string, containing the isser
345 */
346char *
347jwt_get_issuer_p (void *cls,
348 const struct GNUNET_RECLAIM_Presentation *cred)
349{
350 if (GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT != cred->type)
351 return NULL;
352 return jwt_get_issuer (cls, cred->data, cred->data_size);
353}
354
355
356/**
357 * Parse a JWT and return the expiration
358 *
359 * @param cls the plugin
360 * @param cred the jwt credential
361 * @return a string, containing the isser
362 */
363enum GNUNET_GenericReturnValue
364jwt_get_expiration (void *cls,
365 const char *data,
366 size_t data_size,
367 struct GNUNET_TIME_Absolute *exp)
368{
369 const char *jwt_body;
370 char *jwt_string;
371 char delim[] = ".";
372 char *decoded_jwt;
373 json_t *exp_json;
374 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
375 json_t *json_val;
376 json_error_t json_err;
377
378 jwt_string = GNUNET_strndup (data, data_size);
379 jwt_body = strtok (jwt_string, delim);
380 jwt_body = strtok (NULL, delim);
381 GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
382 (void **) &decoded_jwt);
383 json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
384 GNUNET_free (decoded_jwt);
385 GNUNET_free (jwt_string);
386 if (NULL == json_val)
387 return GNUNET_SYSERR;
388 exp_json = json_object_get (json_val, "exp");
389 if ((NULL == exp_json) || (! json_is_integer (exp_json)))
390 {
391 json_decref (json_val);
392 return GNUNET_SYSERR;
393 }
394 exp->abs_value_us = json_integer_value (exp_json) * 1000 * 1000;
395 json_decref (json_val);
396 return GNUNET_OK;
397}
398
399
400/**
401 * Parse a JWT and return the expiration
402 *
403 * @param cls the plugin
404 * @param cred the jwt credential
405 * @return the expirati
406 */
407enum GNUNET_GenericReturnValue
408jwt_get_expiration_c (void *cls,
409 const struct GNUNET_RECLAIM_Credential *cred,
410 struct GNUNET_TIME_Absolute *exp)
411{
412 if (GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT != cred->type)
413 return GNUNET_NO;
414 return jwt_get_expiration (cls, cred->data, cred->data_size, exp);
415}
416
417
418/**
419 * Parse a JWT and return the expiration
420 *
421 * @param cls the plugin
422 * @param cred the jwt credential
423 * @return a string, containing the isser
424 */
425enum GNUNET_GenericReturnValue
426jwt_get_expiration_p (void *cls,
427 const struct GNUNET_RECLAIM_Presentation *cred,
428 struct GNUNET_TIME_Absolute *exp)
429{
430 if (GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT != cred->type)
431 return GNUNET_NO;
432 return jwt_get_expiration (cls, cred->data, cred->data_size, exp);
433}
434
435
436enum GNUNET_GenericReturnValue
437jwt_create_presentation (void *cls,
438 const struct GNUNET_RECLAIM_Credential *cred,
439 const struct GNUNET_RECLAIM_AttributeList *attrs,
440 struct GNUNET_RECLAIM_Presentation **presentation)
441{
442 if (GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT != cred->type)
443 return GNUNET_NO;
444 *presentation = GNUNET_RECLAIM_presentation_new (
445 GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT,
446 cred->data,
447 cred->data_size);
448 return GNUNET_OK;
449}
450
451
452/**
453 * Entry point for the plugin.
454 *
455 * @param cls NULL
456 * @return the exported block API
457 */
458void *
459libgnunet_plugin_reclaim_credential_jwt_init (void *cls)
460{
461 struct GNUNET_RECLAIM_CredentialPluginFunctions *api;
462
463 api = GNUNET_new (struct GNUNET_RECLAIM_CredentialPluginFunctions);
464 api->value_to_string = &jwt_value_to_string;
465 api->string_to_value = &jwt_string_to_value;
466 api->typename_to_number = &jwt_typename_to_number;
467 api->number_to_typename = &jwt_number_to_typename;
468 api->get_attributes = &jwt_parse_attributes_c;
469 api->get_issuer = &jwt_get_issuer_c;
470 api->get_expiration = &jwt_get_expiration_c;
471 api->value_to_string_p = &jwt_value_to_string;
472 api->string_to_value_p = &jwt_string_to_value;
473 api->typename_to_number_p = &jwt_typename_to_number;
474 api->number_to_typename_p = &jwt_number_to_typename;
475 api->get_attributes_p = &jwt_parse_attributes_p;
476 api->get_issuer_p = &jwt_get_issuer_p;
477 api->get_expiration_p = &jwt_get_expiration_p;
478 api->create_presentation = &jwt_create_presentation;
479 return api;
480}
481
482
483/**
484 * Exit point from the plugin.
485 *
486 * @param cls the return value from #libgnunet_plugin_block_test_init()
487 * @return NULL
488 */
489void *
490libgnunet_plugin_reclaim_credential_jwt_done (void *cls)
491{
492 struct GNUNET_RECLAIM_CredentialPluginFunctions *api = cls;
493
494 GNUNET_free (api);
495 return NULL;
496}
497
498
499/* end of plugin_reclaim_credential_type_jwt.c */