summaryrefslogtreecommitdiff
path: root/src/reclaim/plugin_rest_openid_connect.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/reclaim/plugin_rest_openid_connect.c')
-rw-r--r--src/reclaim/plugin_rest_openid_connect.c51
1 files changed, 31 insertions, 20 deletions
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c
index a360176d8..94e4888d8 100644
--- a/src/reclaim/plugin_rest_openid_connect.c
+++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -234,11 +234,6 @@
#define OIDC_ERROR_KEY_ACCESS_DENIED "access_denied"
/**
- *
- */
-#define OIDC_RSA_STORAGE_FILE "/home/tristan/rsa.json"
-
-/**
* How long to wait for a consume in userinfo endpoint
*/
#define CONSUME_TIMEOUT GNUNET_TIME_relative_multiply ( \
@@ -2507,18 +2502,18 @@ valid_jwk(json_t * jwk)
json_t *
read_jwk_from_file(const char *filename)
{
- // TODO: GNUnet logging/error
json_t *jwk;
json_error_t error;
jwk = json_load_file(filename, JSON_DECODE_ANY, &error);
+
+ printf("%s\n", error.text);
// if (!jwk){
// GNUNET_log(GNUNET_ERROR_TYPE_WARNING,
// ("Could not read OIDC RSA key from config file; %s",
// error.text));
// }
- // TODO: Check if valid JWK
return jwk;
}
@@ -2534,14 +2529,16 @@ static int
write_jwk_to_file(const char *filename,
json_t *jwk)
{
- if (json_dump_file(jwk, filename, JSON_INDENT(2)))
+ if (!json_dump_file(jwk, filename, JSON_INDENT(2)))
{
- GNUNET_log(GNUNET_ERROR_TYPE_WARNING,
- ("Could not write OIDC RSA key to file %s",
- filename));
+ // GNUNET_log(GNUNET_ERROR_TYPE_WARNING,
+ // ("Could not write OIDC RSA key to file %s",
+ // filename));
+ printf("Wrote file unsucessfully\n");
return GNUNET_ERROR_TYPE_WARNING;
}
else
+ printf("Wrote file sucessfully to %s\n", filename);
return GNUNET_OK;
}
@@ -2573,27 +2570,41 @@ jwks_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
void *cls)
{
// TODO: Set json application type header
+ // TODO: Check if valid JWK
+ // TODO: GNUNET error/logging
json_t *jwk;
+ char *jwk_filename;
char *jwk_str;
struct MHD_Response *resp;
struct RequestHandle *handle = cls;
- // TODO:
- // try reading json web key from file
- // If sucessfull return public key of read key
- // If not, generate new key and write to file
- // return public key
- jwk = read_jwk_from_file(OIDC_RSA_STORAGE_FILE);
+ // Read JWK RSA key filename
+ if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg,
+ "reclaim-rest-plugin",
+ "oidc_jwk_rsa_key_path",
+ &jwk_filename))
+ {
+ handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_SERVER_ERROR);
+ handle->edesc = GNUNET_strdup ("gnunet configuration failed");
+ handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
+
+ // Read JWK RSA key
+ jwk = read_jwk_from_file(jwk_filename);
+ printf("I read this:\n%s\n", json_dumps(jwk, JSON_INDENT(2)));
if (!jwk){
+ // If no key exists, generate and save a new key
jwk = generate_jwk();
- // printf("%s", json_dumps(jwk, JSON_INDENT(2)));
- write_jwk_to_file(OIDC_RSA_STORAGE_FILE, jwk);
+ write_jwk_to_file(jwk_filename, jwk);
}
+ // Convert jwk to jwk public key
jose_jwk_pub(NULL, jwk);
- // Encode JSON Web Key as string and return to API endpoint
+ // Encode jwk as string and return to API endpoint
jwk_str = json_dumps (jwk, JSON_INDENT (1));
resp = GNUNET_REST_create_response (jwk_str);
handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);