aboutsummaryrefslogtreecommitdiff
path: root/src/reclaim/plugin_rest_openid_connect.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/reclaim/plugin_rest_openid_connect.c')
-rw-r--r--src/reclaim/plugin_rest_openid_connect.c241
1 files changed, 109 insertions, 132 deletions
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c
index eb602a08f..64782fb72 100644
--- a/src/reclaim/plugin_rest_openid_connect.c
+++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -249,6 +249,36 @@ const struct GNUNET_CONFIGURATION_Handle *cfg;
249static char *allow_methods; 249static char *allow_methods;
250 250
251/** 251/**
252 * Ego list
253 */
254static struct EgoEntry *ego_head;
255
256/**
257 * Ego list
258 */
259static struct EgoEntry *ego_tail;
260
261/**
262 * The processing state
263 */
264static int state;
265
266/**
267 * Handle to Identity service.
268 */
269static struct GNUNET_IDENTITY_Handle *identity_handle;
270
271/**
272 * GNS handle
273 */
274static struct GNUNET_GNS_Handle *gns_handle;
275
276/**
277 * Identity Provider
278 */
279static struct GNUNET_RECLAIM_Handle *idp;
280
281/**
252 * @brief struct returned by the initialization function of the plugin 282 * @brief struct returned by the initialization function of the plugin
253 */ 283 */
254struct Plugin 284struct Plugin
@@ -361,15 +391,6 @@ struct EgoEntry
361 391
362struct RequestHandle 392struct RequestHandle
363{ 393{
364 /**
365 * Ego list
366 */
367 struct EgoEntry *ego_head;
368
369 /**
370 * Ego list
371 */
372 struct EgoEntry *ego_tail;
373 394
374 /** 395 /**
375 * Selected ego 396 * Selected ego
@@ -387,39 +408,14 @@ struct RequestHandle
387 struct OIDC_Variables *oidc; 408 struct OIDC_Variables *oidc;
388 409
389 /** 410 /**
390 * The processing state
391 */
392 int state;
393
394 /**
395 * Handle to Identity service.
396 */
397 struct GNUNET_IDENTITY_Handle *identity_handle;
398
399 /**
400 * Rest connection
401 */
402 struct GNUNET_REST_RequestHandle *rest_handle;
403
404 /**
405 * GNS handle
406 */
407 struct GNUNET_GNS_Handle *gns_handle;
408
409 /**
410 * GNS lookup op 411 * GNS lookup op
411 */ 412 */
412 struct GNUNET_GNS_LookupRequest *gns_op; 413 struct GNUNET_GNS_LookupRequest *gns_op;
413 414
414 /** 415 /**
415 * Handle to NAMESTORE 416 * Rest connection
416 */
417 struct GNUNET_NAMESTORE_Handle *namestore_handle;
418
419 /**
420 * Iterator for NAMESTORE
421 */ 417 */
422 struct GNUNET_NAMESTORE_ZoneIterator *namestore_handle_it; 418 struct GNUNET_REST_RequestHandle *rest_handle;
423 419
424 /** 420 /**
425 * Attribute claim list for id_token 421 * Attribute claim list for id_token
@@ -442,10 +438,6 @@ struct RequestHandle
442 */ 438 */
443 struct GNUNET_IDENTITY_Operation *op; 439 struct GNUNET_IDENTITY_Operation *op;
444 440
445 /**
446 * Identity Provider
447 */
448 struct GNUNET_RECLAIM_Handle *idp;
449 441
450 /** 442 /**
451 * Idp Operation 443 * Idp Operation
@@ -529,6 +521,7 @@ struct RequestHandle
529 int response_code; 521 int response_code;
530}; 522};
531 523
524
532/** 525/**
533 * Cleanup lookup handle 526 * Cleanup lookup handle
534 * @param handle Handle to clean up 527 * @param handle Handle to clean up
@@ -536,13 +529,10 @@ struct RequestHandle
536static void 529static void
537cleanup_handle (struct RequestHandle *handle) 530cleanup_handle (struct RequestHandle *handle)
538{ 531{
539 struct EgoEntry *ego_entry;
540 532
541 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up\n"); 533 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up\n");
542 if (NULL != handle->timeout_task) 534 if (NULL != handle->timeout_task)
543 GNUNET_SCHEDULER_cancel (handle->timeout_task); 535 GNUNET_SCHEDULER_cancel (handle->timeout_task);
544 if (NULL != handle->identity_handle)
545 GNUNET_IDENTITY_disconnect (handle->identity_handle);
546 if (NULL != handle->attr_it) 536 if (NULL != handle->attr_it)
547 GNUNET_RECLAIM_get_attributes_stop (handle->attr_it); 537 GNUNET_RECLAIM_get_attributes_stop (handle->attr_it);
548 if (NULL != handle->attest_it) 538 if (NULL != handle->attest_it)
@@ -551,8 +541,6 @@ cleanup_handle (struct RequestHandle *handle)
551 GNUNET_RECLAIM_ticket_iteration_stop (handle->ticket_it); 541 GNUNET_RECLAIM_ticket_iteration_stop (handle->ticket_it);
552 if (NULL != handle->idp_op) 542 if (NULL != handle->idp_op)
553 GNUNET_RECLAIM_cancel (handle->idp_op); 543 GNUNET_RECLAIM_cancel (handle->idp_op);
554 if (NULL != handle->idp)
555 GNUNET_RECLAIM_disconnect (handle->idp);
556 GNUNET_free (handle->url); 544 GNUNET_free (handle->url);
557 GNUNET_free (handle->tld); 545 GNUNET_free (handle->tld);
558 GNUNET_free (handle->redirect_prefix); 546 GNUNET_free (handle->redirect_prefix);
@@ -561,11 +549,6 @@ cleanup_handle (struct RequestHandle *handle)
561 GNUNET_free (handle->edesc); 549 GNUNET_free (handle->edesc);
562 if (NULL != handle->gns_op) 550 if (NULL != handle->gns_op)
563 GNUNET_GNS_lookup_cancel (handle->gns_op); 551 GNUNET_GNS_lookup_cancel (handle->gns_op);
564 if (NULL != handle->gns_handle)
565 GNUNET_GNS_disconnect (handle->gns_handle);
566
567 if (NULL != handle->namestore_handle)
568 GNUNET_NAMESTORE_disconnect (handle->namestore_handle);
569 if (NULL != handle->oidc) 552 if (NULL != handle->oidc)
570 { 553 {
571 GNUNET_free (handle->oidc->client_id); 554 GNUNET_free (handle->oidc->client_id);
@@ -585,15 +568,6 @@ cleanup_handle (struct RequestHandle *handle)
585 if (NULL!=handle->attests_list) 568 if (NULL!=handle->attests_list)
586 GNUNET_RECLAIM_attestation_list_destroy (handle->attests_list); 569 GNUNET_RECLAIM_attestation_list_destroy (handle->attests_list);
587 570
588 while (NULL != (ego_entry = handle->ego_head))
589 {
590 GNUNET_CONTAINER_DLL_remove (handle->ego_head,
591 handle->ego_tail,
592 ego_entry);
593 GNUNET_free (ego_entry->identifier);
594 GNUNET_free (ego_entry->keystring);
595 GNUNET_free (ego_entry);
596 }
597 GNUNET_free (handle); 571 GNUNET_free (handle);
598} 572}
599 573
@@ -993,7 +967,8 @@ oidc_ticket_issue_cb (void *cls, const struct GNUNET_RECLAIM_Ticket *ticket)
993 handle->redirect_prefix, 967 handle->redirect_prefix,
994 handle->tld, 968 handle->tld,
995 handle->redirect_suffix, 969 handle->redirect_suffix,
996 (NULL == strchr(handle->redirect_suffix, '?') ? "?" : "&"), 970 (NULL == strchr (handle->redirect_suffix, '?') ? "?" :
971 "&"),
997 handle->oidc->response_type, 972 handle->oidc->response_type,
998 code_string, 973 code_string,
999 handle->oidc->state); 974 handle->oidc->state);
@@ -1003,7 +978,8 @@ oidc_ticket_issue_cb (void *cls, const struct GNUNET_RECLAIM_Ticket *ticket)
1003 GNUNET_asprintf (&redirect_uri, 978 GNUNET_asprintf (&redirect_uri,
1004 "%s%s%s=%s&state=%s", 979 "%s%s%s=%s&state=%s",
1005 handle->oidc->redirect_uri, 980 handle->oidc->redirect_uri,
1006 (NULL == strchr(handle->oidc->redirect_uri, '?') ? "?" : "&"), 981 (NULL == strchr (handle->oidc->redirect_uri, '?') ? "?" :
982 "&"),
1007 handle->oidc->response_type, 983 handle->oidc->response_type,
1008 code_string, 984 code_string,
1009 handle->oidc->state); 985 handle->oidc->state);
@@ -1082,7 +1058,7 @@ oidc_attest_collect_finished_cb (void *cls)
1082 handle->attest_it = NULL; 1058 handle->attest_it = NULL;
1083 merged_list = attribute_list_merge (handle->attr_idtoken_list, 1059 merged_list = attribute_list_merge (handle->attr_idtoken_list,
1084 handle->attr_userinfo_list); 1060 handle->attr_userinfo_list);
1085 handle->idp_op = GNUNET_RECLAIM_ticket_issue (handle->idp, 1061 handle->idp_op = GNUNET_RECLAIM_ticket_issue (idp,
1086 &handle->priv_key, 1062 &handle->priv_key,
1087 &handle->oidc->client_pkey, 1063 &handle->oidc->client_pkey,
1088 merged_list, 1064 merged_list,
@@ -1149,7 +1125,7 @@ oidc_attr_collect_finished_cb (void *cls)
1149 } 1125 }
1150 handle->attests_list = GNUNET_new (struct GNUNET_RECLAIM_AttestationList); 1126 handle->attests_list = GNUNET_new (struct GNUNET_RECLAIM_AttestationList);
1151 handle->attest_it = 1127 handle->attest_it =
1152 GNUNET_RECLAIM_get_attestations_start (handle->idp, 1128 GNUNET_RECLAIM_get_attestations_start (idp,
1153 &handle->priv_key, 1129 &handle->priv_key,
1154 &oidc_iteration_error, 1130 &oidc_iteration_error,
1155 handle, 1131 handle,
@@ -1315,7 +1291,7 @@ code_redirect (void *cls)
1315 return; 1291 return;
1316 } 1292 }
1317 // iterate over egos and compare their public key 1293 // iterate over egos and compare their public key
1318 for (handle->ego_entry = handle->ego_head; NULL != handle->ego_entry; 1294 for (handle->ego_entry = ego_head; NULL != handle->ego_entry;
1319 handle->ego_entry = handle->ego_entry->next) 1295 handle->ego_entry = handle->ego_entry->next)
1320 { 1296 {
1321 GNUNET_IDENTITY_ego_get_public_key (handle->ego_entry->ego, &ego_pkey); 1297 GNUNET_IDENTITY_ego_get_public_key (handle->ego_entry->ego, &ego_pkey);
@@ -1323,13 +1299,12 @@ code_redirect (void *cls)
1323 { 1299 {
1324 handle->priv_key = 1300 handle->priv_key =
1325 *GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego); 1301 *GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego);
1326 handle->idp = GNUNET_RECLAIM_connect (cfg);
1327 handle->attr_idtoken_list = 1302 handle->attr_idtoken_list =
1328 GNUNET_new (struct GNUNET_RECLAIM_AttributeList); 1303 GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
1329 handle->attr_userinfo_list = 1304 handle->attr_userinfo_list =
1330 GNUNET_new (struct GNUNET_RECLAIM_AttributeList); 1305 GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
1331 handle->attr_it = 1306 handle->attr_it =
1332 GNUNET_RECLAIM_get_attributes_start (handle->idp, 1307 GNUNET_RECLAIM_get_attributes_start (idp,
1333 &handle->priv_key, 1308 &handle->priv_key,
1334 &oidc_iteration_error, 1309 &oidc_iteration_error,
1335 handle, 1310 handle,
@@ -1474,7 +1449,7 @@ client_redirect (void *cls)
1474 1449
1475 /* Lookup client redirect uri to verify request */ 1450 /* Lookup client redirect uri to verify request */
1476 handle->gns_op = 1451 handle->gns_op =
1477 GNUNET_GNS_lookup (handle->gns_handle, 1452 GNUNET_GNS_lookup (gns_handle,
1478 GNUNET_GNS_EMPTY_LABEL_AT, 1453 GNUNET_GNS_EMPTY_LABEL_AT,
1479 &handle->oidc->client_pkey, 1454 &handle->oidc->client_pkey,
1480 GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT, 1455 GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT,
@@ -1700,14 +1675,14 @@ authorize_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
1700 1675
1701 // If we know this identity, translated the corresponding TLD 1676 // If we know this identity, translated the corresponding TLD
1702 // TODO: We might want to have a reverse lookup functionality for TLDs? 1677 // TODO: We might want to have a reverse lookup functionality for TLDs?
1703 for (tmp_ego = handle->ego_head; NULL != tmp_ego; tmp_ego = tmp_ego->next) 1678 for (tmp_ego = ego_head; NULL != tmp_ego; tmp_ego = tmp_ego->next)
1704 { 1679 {
1705 priv_key = GNUNET_IDENTITY_ego_get_private_key (tmp_ego->ego); 1680 priv_key = GNUNET_IDENTITY_ego_get_private_key (tmp_ego->ego);
1706 GNUNET_CRYPTO_ecdsa_key_get_public (priv_key, &pkey); 1681 GNUNET_CRYPTO_ecdsa_key_get_public (priv_key, &pkey);
1707 if (0 == GNUNET_memcmp (&pkey, &handle->oidc->client_pkey)) 1682 if (0 == GNUNET_memcmp (&pkey, &handle->oidc->client_pkey))
1708 { 1683 {
1709 handle->tld = GNUNET_strdup (tmp_ego->identifier); 1684 handle->tld = GNUNET_strdup (tmp_ego->identifier);
1710 handle->ego_entry = handle->ego_tail; 1685 handle->ego_entry = ego_tail;
1711 } 1686 }
1712 } 1687 }
1713 handle->oidc->scope = get_url_parameter_copy (handle, OIDC_SCOPE_KEY); 1688 handle->oidc->scope = get_url_parameter_copy (handle, OIDC_SCOPE_KEY);
@@ -1790,6 +1765,7 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle,
1790 GNUNET_SCHEDULER_add_now (&cleanup_handle_delayed, handle); 1765 GNUNET_SCHEDULER_add_now (&cleanup_handle_delayed, handle);
1791} 1766}
1792 1767
1768
1793static int 1769static int
1794parse_credentials_basic_auth (struct RequestHandle *handle, 1770parse_credentials_basic_auth (struct RequestHandle *handle,
1795 char **client_id, 1771 char **client_id,
@@ -1847,8 +1823,8 @@ parse_credentials_basic_auth (struct RequestHandle *handle,
1847 1823
1848static int 1824static int
1849parse_credentials_post_body (struct RequestHandle *handle, 1825parse_credentials_post_body (struct RequestHandle *handle,
1850 char **client_id, 1826 char **client_id,
1851 char **client_secret) 1827 char **client_secret)
1852{ 1828{
1853 struct GNUNET_HashCode cache_key; 1829 struct GNUNET_HashCode cache_key;
1854 char *client_id_tmp; 1830 char *client_id_tmp;
@@ -1861,8 +1837,9 @@ parse_credentials_post_body (struct RequestHandle *handle,
1861 ->url_param_map, 1837 ->url_param_map,
1862 &cache_key)) 1838 &cache_key))
1863 return GNUNET_SYSERR; 1839 return GNUNET_SYSERR;
1864 client_id_tmp = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map, 1840 client_id_tmp = GNUNET_CONTAINER_multihashmap_get (
1865 &cache_key); 1841 handle->rest_handle->url_param_map,
1842 &cache_key);
1866 if (NULL == client_id_tmp) 1843 if (NULL == client_id_tmp)
1867 return GNUNET_SYSERR; 1844 return GNUNET_SYSERR;
1868 *client_id = strdup (client_id_tmp); 1845 *client_id = strdup (client_id_tmp);
@@ -1896,13 +1873,16 @@ check_authorization (struct RequestHandle *handle,
1896 { 1873 {
1897 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1874 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1898 "Received client credentials in HTTP AuthZ header\n"); 1875 "Received client credentials in HTTP AuthZ header\n");
1899 } else if (GNUNET_OK == parse_credentials_post_body (handle, 1876 }
1900 &received_cid, 1877 else if (GNUNET_OK == parse_credentials_post_body (handle,
1901 &received_cpw)) 1878 &received_cid,
1879 &received_cpw))
1902 { 1880 {
1903 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1881 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1904 "Received client credentials in POST body\n"); 1882 "Received client credentials in POST body\n");
1905 } else { 1883 }
1884 else
1885 {
1906 handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_CLIENT); 1886 handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_CLIENT);
1907 handle->response_code = MHD_HTTP_UNAUTHORIZED; 1887 handle->response_code = MHD_HTTP_UNAUTHORIZED;
1908 return GNUNET_SYSERR; 1888 return GNUNET_SYSERR;
@@ -1931,7 +1911,7 @@ check_authorization (struct RequestHandle *handle,
1931 return GNUNET_SYSERR; 1911 return GNUNET_SYSERR;
1932 } 1912 }
1933 // check client_id 1913 // check client_id
1934 for (handle->ego_entry = handle->ego_head; NULL != handle->ego_entry; 1914 for (handle->ego_entry = ego_head; NULL != handle->ego_entry;
1935 handle->ego_entry = handle->ego_entry->next) 1915 handle->ego_entry = handle->ego_entry->next)
1936 { 1916 {
1937 if (0 == strcmp (handle->ego_entry->keystring, received_cid)) 1917 if (0 == strcmp (handle->ego_entry->keystring, received_cid))
@@ -1963,7 +1943,7 @@ find_ego (struct RequestHandle *handle,
1963 struct EgoEntry *ego_entry; 1943 struct EgoEntry *ego_entry;
1964 struct GNUNET_CRYPTO_EcdsaPublicKey pub_key; 1944 struct GNUNET_CRYPTO_EcdsaPublicKey pub_key;
1965 1945
1966 for (ego_entry = handle->ego_head; NULL != ego_entry; 1946 for (ego_entry = ego_head; NULL != ego_entry;
1967 ego_entry = ego_entry->next) 1947 ego_entry = ego_entry->next)
1968 { 1948 {
1969 GNUNET_IDENTITY_ego_get_public_key (ego_entry->ego, &pub_key); 1949 GNUNET_IDENTITY_ego_get_public_key (ego_entry->ego, &pub_key);
@@ -2321,14 +2301,13 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
2321 return; 2301 return;
2322 } 2302 }
2323 2303
2324 handle->idp = GNUNET_RECLAIM_connect (cfg);
2325 handle->oidc->response = json_object (); 2304 handle->oidc->response = json_object ();
2326 json_object_set_new (handle->oidc->response, 2305 json_object_set_new (handle->oidc->response,
2327 "sub", 2306 "sub",
2328 json_string (iss_ego->keystring)); 2307 json_string (iss_ego->keystring));
2329 privkey = GNUNET_IDENTITY_ego_get_private_key (aud_ego->ego); 2308 privkey = GNUNET_IDENTITY_ego_get_private_key (aud_ego->ego);
2330 2309
2331 handle->idp_op = GNUNET_RECLAIM_ticket_consume (handle->idp, 2310 handle->idp_op = GNUNET_RECLAIM_ticket_consume (idp,
2332 privkey, 2311 privkey,
2333 ticket, 2312 ticket,
2334 consume_ticket, 2313 consume_ticket,
@@ -2338,36 +2317,6 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
2338 2317
2339 2318
2340/** 2319/**
2341 * Handle rest request
2342 *
2343 * @param handle the request handle
2344 */
2345static void
2346init_cont (struct RequestHandle *handle)
2347{
2348 struct GNUNET_REST_RequestHandlerError err;
2349 static const struct GNUNET_REST_RequestHandler handlers[] =
2350 { { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_AUTHORIZE, &authorize_endpoint },
2351 { MHD_HTTP_METHOD_POST,
2352 GNUNET_REST_API_NS_AUTHORIZE,
2353 &authorize_endpoint }, // url-encoded
2354 { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_LOGIN, &login_cont },
2355 { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_TOKEN, &token_endpoint },
2356 { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint },
2357 { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint },
2358 { MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_OIDC, &options_cont },
2359 GNUNET_REST_HANDLER_END };
2360
2361 if (GNUNET_NO ==
2362 GNUNET_REST_handle_request (handle->rest_handle, handlers, &err, handle))
2363 {
2364 handle->response_code = err.error_code;
2365 GNUNET_SCHEDULER_add_now (&do_error, handle);
2366 }
2367}
2368
2369
2370/**
2371 * If listing is enabled, prints information about the egos. 2320 * If listing is enabled, prints information about the egos.
2372 * 2321 *
2373 * This function is initially called for all egos and then again 2322 * This function is initially called for all egos and then again
@@ -2406,18 +2355,16 @@ list_ego (void *cls,
2406 void **ctx, 2355 void **ctx,
2407 const char *identifier) 2356 const char *identifier)
2408{ 2357{
2409 struct RequestHandle *handle = cls;
2410 struct EgoEntry *ego_entry; 2358 struct EgoEntry *ego_entry;
2411 struct GNUNET_CRYPTO_EcdsaPublicKey pk; 2359 struct GNUNET_CRYPTO_EcdsaPublicKey pk;
2412 2360
2413 if ((NULL == ego) && (ID_REST_STATE_INIT == handle->state)) 2361 if ((NULL == ego) && (ID_REST_STATE_INIT == state))
2414 { 2362 {
2415 handle->state = ID_REST_STATE_POST_INIT; 2363 state = ID_REST_STATE_POST_INIT;
2416 init_cont (handle);
2417 return; 2364 return;
2418 } 2365 }
2419 GNUNET_assert (NULL != ego); 2366 GNUNET_assert (NULL != ego);
2420 if (ID_REST_STATE_INIT == handle->state) 2367 if (ID_REST_STATE_INIT == state)
2421 2368
2422 { 2369 {
2423 ego_entry = GNUNET_new (struct EgoEntry); 2370 ego_entry = GNUNET_new (struct EgoEntry);
@@ -2425,15 +2372,15 @@ list_ego (void *cls,
2425 ego_entry->keystring = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk); 2372 ego_entry->keystring = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk);
2426 ego_entry->ego = ego; 2373 ego_entry->ego = ego;
2427 ego_entry->identifier = GNUNET_strdup (identifier); 2374 ego_entry->identifier = GNUNET_strdup (identifier);
2428 GNUNET_CONTAINER_DLL_insert_tail (handle->ego_head, 2375 GNUNET_CONTAINER_DLL_insert_tail (ego_head,
2429 handle->ego_tail, 2376 ego_tail,
2430 ego_entry); 2377 ego_entry);
2431 return; 2378 return;
2432 } 2379 }
2433 /* Ego renamed or added */ 2380 /* Ego renamed or added */
2434 if (identifier != NULL) 2381 if (identifier != NULL)
2435 { 2382 {
2436 for (ego_entry = handle->ego_head; NULL != ego_entry; 2383 for (ego_entry = ego_head; NULL != ego_entry;
2437 ego_entry = ego_entry->next) 2384 ego_entry = ego_entry->next)
2438 { 2385 {
2439 if (ego_entry->ego == ego) 2386 if (ego_entry->ego == ego)
@@ -2452,15 +2399,15 @@ list_ego (void *cls,
2452 ego_entry->keystring = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk); 2399 ego_entry->keystring = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk);
2453 ego_entry->ego = ego; 2400 ego_entry->ego = ego;
2454 ego_entry->identifier = GNUNET_strdup (identifier); 2401 ego_entry->identifier = GNUNET_strdup (identifier);
2455 GNUNET_CONTAINER_DLL_insert_tail (handle->ego_head, 2402 GNUNET_CONTAINER_DLL_insert_tail (ego_head,
2456 handle->ego_tail, 2403 ego_tail,
2457 ego_entry); 2404 ego_entry);
2458 } 2405 }
2459 } 2406 }
2460 else 2407 else
2461 { 2408 {
2462 /* Delete */ 2409 /* Delete */
2463 for (ego_entry = handle->ego_head; NULL != ego_entry; 2410 for (ego_entry = ego_head; NULL != ego_entry;
2464 ego_entry = ego_entry->next) 2411 ego_entry = ego_entry->next)
2465 { 2412 {
2466 if (ego_entry->ego == ego) 2413 if (ego_entry->ego == ego)
@@ -2469,8 +2416,8 @@ list_ego (void *cls,
2469 if (NULL == ego_entry) 2416 if (NULL == ego_entry)
2470 return; /* Not found */ 2417 return; /* Not found */
2471 2418
2472 GNUNET_CONTAINER_DLL_remove (handle->ego_head, 2419 GNUNET_CONTAINER_DLL_remove (ego_head,
2473 handle->ego_tail, 2420 ego_tail,
2474 ego_entry); 2421 ego_entry);
2475 GNUNET_free (ego_entry->identifier); 2422 GNUNET_free (ego_entry->identifier);
2476 GNUNET_free (ego_entry->keystring); 2423 GNUNET_free (ego_entry->keystring);
@@ -2480,12 +2427,23 @@ list_ego (void *cls,
2480} 2427}
2481 2428
2482 2429
2483static void 2430static enum GNUNET_GenericReturnValue
2484rest_identity_process_request (struct GNUNET_REST_RequestHandle *rest_handle, 2431rest_identity_process_request (struct GNUNET_REST_RequestHandle *rest_handle,
2485 GNUNET_REST_ResultProcessor proc, 2432 GNUNET_REST_ResultProcessor proc,
2486 void *proc_cls) 2433 void *proc_cls)
2487{ 2434{
2488 struct RequestHandle *handle = GNUNET_new (struct RequestHandle); 2435 struct RequestHandle *handle = GNUNET_new (struct RequestHandle);
2436 struct GNUNET_REST_RequestHandlerError err;
2437 static const struct GNUNET_REST_RequestHandler handlers[] =
2438 { { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_AUTHORIZE, &authorize_endpoint },
2439 { MHD_HTTP_METHOD_POST,
2440 GNUNET_REST_API_NS_AUTHORIZE, &authorize_endpoint }, // url-encoded
2441 { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_LOGIN, &login_cont },
2442 { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_TOKEN, &token_endpoint },
2443 { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint },
2444 { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint },
2445 { MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_OIDC, &options_cont },
2446 GNUNET_REST_HANDLER_END };
2489 2447
2490 handle->oidc = GNUNET_new (struct OIDC_Variables); 2448 handle->oidc = GNUNET_new (struct OIDC_Variables);
2491 if (NULL == OIDC_cookie_jar_map) 2449 if (NULL == OIDC_cookie_jar_map)
@@ -2495,19 +2453,17 @@ rest_identity_process_request (struct GNUNET_REST_RequestHandle *rest_handle,
2495 handle->timeout = GNUNET_TIME_UNIT_FOREVER_REL; 2453 handle->timeout = GNUNET_TIME_UNIT_FOREVER_REL;
2496 handle->proc_cls = proc_cls; 2454 handle->proc_cls = proc_cls;
2497 handle->proc = proc; 2455 handle->proc = proc;
2498 handle->state = ID_REST_STATE_INIT;
2499 handle->rest_handle = rest_handle; 2456 handle->rest_handle = rest_handle;
2500
2501 handle->url = GNUNET_strdup (rest_handle->url); 2457 handle->url = GNUNET_strdup (rest_handle->url);
2502 if (handle->url[strlen (handle->url) - 1] == '/') 2458 if (handle->url[strlen (handle->url) - 1] == '/')
2503 handle->url[strlen (handle->url) - 1] = '\0'; 2459 handle->url[strlen (handle->url) - 1] = '\0';
2504 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Connecting...\n"); 2460 if (GNUNET_NO ==
2505 handle->identity_handle = GNUNET_IDENTITY_connect (cfg, &list_ego, handle); 2461 GNUNET_REST_handle_request (handle->rest_handle, handlers, &err, handle))
2506 handle->gns_handle = GNUNET_GNS_connect (cfg); 2462 return GNUNET_NO;
2507 handle->namestore_handle = GNUNET_NAMESTORE_connect (cfg); 2463
2508 handle->timeout_task = 2464 handle->timeout_task =
2509 GNUNET_SCHEDULER_add_delayed (handle->timeout, &do_timeout, handle); 2465 GNUNET_SCHEDULER_add_delayed (handle->timeout, &do_timeout, handle);
2510 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Connected\n"); 2466 return GNUNET_YES;
2511} 2467}
2512 2468
2513 2469
@@ -2532,6 +2488,11 @@ libgnunet_plugin_rest_openid_connect_init (void *cls)
2532 api->cls = &plugin; 2488 api->cls = &plugin;
2533 api->name = GNUNET_REST_API_NS_OIDC; 2489 api->name = GNUNET_REST_API_NS_OIDC;
2534 api->process_request = &rest_identity_process_request; 2490 api->process_request = &rest_identity_process_request;
2491 identity_handle = GNUNET_IDENTITY_connect (cfg, &list_ego, NULL);
2492 gns_handle = GNUNET_GNS_connect (cfg);
2493 idp = GNUNET_RECLAIM_connect (cfg);
2494
2495 state = ID_REST_STATE_INIT;
2535 GNUNET_asprintf (&allow_methods, 2496 GNUNET_asprintf (&allow_methods,
2536 "%s, %s, %s, %s, %s", 2497 "%s, %s, %s, %s, %s",
2537 MHD_HTTP_METHOD_GET, 2498 MHD_HTTP_METHOD_GET,
@@ -2557,6 +2518,7 @@ libgnunet_plugin_rest_openid_connect_done (void *cls)
2557{ 2518{
2558 struct GNUNET_REST_Plugin *api = cls; 2519 struct GNUNET_REST_Plugin *api = cls;
2559 struct Plugin *plugin = api->cls; 2520 struct Plugin *plugin = api->cls;
2521 struct EgoEntry *ego_entry;
2560 2522
2561 plugin->cfg = NULL; 2523 plugin->cfg = NULL;
2562 2524
@@ -2573,6 +2535,21 @@ libgnunet_plugin_rest_openid_connect_done (void *cls)
2573 2535
2574 GNUNET_CONTAINER_multihashmap_iterator_destroy (hashmap_it); 2536 GNUNET_CONTAINER_multihashmap_iterator_destroy (hashmap_it);
2575 GNUNET_free (allow_methods); 2537 GNUNET_free (allow_methods);
2538 if (NULL != gns_handle)
2539 GNUNET_GNS_disconnect (gns_handle);
2540 if (NULL != identity_handle)
2541 GNUNET_IDENTITY_disconnect (identity_handle);
2542 if (NULL != idp)
2543 GNUNET_RECLAIM_disconnect (idp);
2544 while (NULL != (ego_entry = ego_head))
2545 {
2546 GNUNET_CONTAINER_DLL_remove (ego_head,
2547 ego_tail,
2548 ego_entry);
2549 GNUNET_free (ego_entry->identifier);
2550 GNUNET_free (ego_entry->keystring);
2551 GNUNET_free (ego_entry);
2552 }
2576 GNUNET_free (api); 2553 GNUNET_free (api);
2577 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2554 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2578 "OpenID Connect REST plugin is finished\n"); 2555 "OpenID Connect REST plugin is finished\n");