diff options
Diffstat (limited to 'src/reclaim/plugin_rest_openid_connect.c')
-rw-r--r-- | src/reclaim/plugin_rest_openid_connect.c | 241 |
1 files changed, 109 insertions, 132 deletions
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c index eb602a08f..64782fb72 100644 --- a/src/reclaim/plugin_rest_openid_connect.c +++ b/src/reclaim/plugin_rest_openid_connect.c | |||
@@ -249,6 +249,36 @@ const struct GNUNET_CONFIGURATION_Handle *cfg; | |||
249 | static char *allow_methods; | 249 | static char *allow_methods; |
250 | 250 | ||
251 | /** | 251 | /** |
252 | * Ego list | ||
253 | */ | ||
254 | static struct EgoEntry *ego_head; | ||
255 | |||
256 | /** | ||
257 | * Ego list | ||
258 | */ | ||
259 | static struct EgoEntry *ego_tail; | ||
260 | |||
261 | /** | ||
262 | * The processing state | ||
263 | */ | ||
264 | static int state; | ||
265 | |||
266 | /** | ||
267 | * Handle to Identity service. | ||
268 | */ | ||
269 | static struct GNUNET_IDENTITY_Handle *identity_handle; | ||
270 | |||
271 | /** | ||
272 | * GNS handle | ||
273 | */ | ||
274 | static struct GNUNET_GNS_Handle *gns_handle; | ||
275 | |||
276 | /** | ||
277 | * Identity Provider | ||
278 | */ | ||
279 | static struct GNUNET_RECLAIM_Handle *idp; | ||
280 | |||
281 | /** | ||
252 | * @brief struct returned by the initialization function of the plugin | 282 | * @brief struct returned by the initialization function of the plugin |
253 | */ | 283 | */ |
254 | struct Plugin | 284 | struct Plugin |
@@ -361,15 +391,6 @@ struct EgoEntry | |||
361 | 391 | ||
362 | struct RequestHandle | 392 | struct RequestHandle |
363 | { | 393 | { |
364 | /** | ||
365 | * Ego list | ||
366 | */ | ||
367 | struct EgoEntry *ego_head; | ||
368 | |||
369 | /** | ||
370 | * Ego list | ||
371 | */ | ||
372 | struct EgoEntry *ego_tail; | ||
373 | 394 | ||
374 | /** | 395 | /** |
375 | * Selected ego | 396 | * Selected ego |
@@ -387,39 +408,14 @@ struct RequestHandle | |||
387 | struct OIDC_Variables *oidc; | 408 | struct OIDC_Variables *oidc; |
388 | 409 | ||
389 | /** | 410 | /** |
390 | * The processing state | ||
391 | */ | ||
392 | int state; | ||
393 | |||
394 | /** | ||
395 | * Handle to Identity service. | ||
396 | */ | ||
397 | struct GNUNET_IDENTITY_Handle *identity_handle; | ||
398 | |||
399 | /** | ||
400 | * Rest connection | ||
401 | */ | ||
402 | struct GNUNET_REST_RequestHandle *rest_handle; | ||
403 | |||
404 | /** | ||
405 | * GNS handle | ||
406 | */ | ||
407 | struct GNUNET_GNS_Handle *gns_handle; | ||
408 | |||
409 | /** | ||
410 | * GNS lookup op | 411 | * GNS lookup op |
411 | */ | 412 | */ |
412 | struct GNUNET_GNS_LookupRequest *gns_op; | 413 | struct GNUNET_GNS_LookupRequest *gns_op; |
413 | 414 | ||
414 | /** | 415 | /** |
415 | * Handle to NAMESTORE | 416 | * Rest connection |
416 | */ | ||
417 | struct GNUNET_NAMESTORE_Handle *namestore_handle; | ||
418 | |||
419 | /** | ||
420 | * Iterator for NAMESTORE | ||
421 | */ | 417 | */ |
422 | struct GNUNET_NAMESTORE_ZoneIterator *namestore_handle_it; | 418 | struct GNUNET_REST_RequestHandle *rest_handle; |
423 | 419 | ||
424 | /** | 420 | /** |
425 | * Attribute claim list for id_token | 421 | * Attribute claim list for id_token |
@@ -442,10 +438,6 @@ struct RequestHandle | |||
442 | */ | 438 | */ |
443 | struct GNUNET_IDENTITY_Operation *op; | 439 | struct GNUNET_IDENTITY_Operation *op; |
444 | 440 | ||
445 | /** | ||
446 | * Identity Provider | ||
447 | */ | ||
448 | struct GNUNET_RECLAIM_Handle *idp; | ||
449 | 441 | ||
450 | /** | 442 | /** |
451 | * Idp Operation | 443 | * Idp Operation |
@@ -529,6 +521,7 @@ struct RequestHandle | |||
529 | int response_code; | 521 | int response_code; |
530 | }; | 522 | }; |
531 | 523 | ||
524 | |||
532 | /** | 525 | /** |
533 | * Cleanup lookup handle | 526 | * Cleanup lookup handle |
534 | * @param handle Handle to clean up | 527 | * @param handle Handle to clean up |
@@ -536,13 +529,10 @@ struct RequestHandle | |||
536 | static void | 529 | static void |
537 | cleanup_handle (struct RequestHandle *handle) | 530 | cleanup_handle (struct RequestHandle *handle) |
538 | { | 531 | { |
539 | struct EgoEntry *ego_entry; | ||
540 | 532 | ||
541 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up\n"); | 533 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up\n"); |
542 | if (NULL != handle->timeout_task) | 534 | if (NULL != handle->timeout_task) |
543 | GNUNET_SCHEDULER_cancel (handle->timeout_task); | 535 | GNUNET_SCHEDULER_cancel (handle->timeout_task); |
544 | if (NULL != handle->identity_handle) | ||
545 | GNUNET_IDENTITY_disconnect (handle->identity_handle); | ||
546 | if (NULL != handle->attr_it) | 536 | if (NULL != handle->attr_it) |
547 | GNUNET_RECLAIM_get_attributes_stop (handle->attr_it); | 537 | GNUNET_RECLAIM_get_attributes_stop (handle->attr_it); |
548 | if (NULL != handle->attest_it) | 538 | if (NULL != handle->attest_it) |
@@ -551,8 +541,6 @@ cleanup_handle (struct RequestHandle *handle) | |||
551 | GNUNET_RECLAIM_ticket_iteration_stop (handle->ticket_it); | 541 | GNUNET_RECLAIM_ticket_iteration_stop (handle->ticket_it); |
552 | if (NULL != handle->idp_op) | 542 | if (NULL != handle->idp_op) |
553 | GNUNET_RECLAIM_cancel (handle->idp_op); | 543 | GNUNET_RECLAIM_cancel (handle->idp_op); |
554 | if (NULL != handle->idp) | ||
555 | GNUNET_RECLAIM_disconnect (handle->idp); | ||
556 | GNUNET_free (handle->url); | 544 | GNUNET_free (handle->url); |
557 | GNUNET_free (handle->tld); | 545 | GNUNET_free (handle->tld); |
558 | GNUNET_free (handle->redirect_prefix); | 546 | GNUNET_free (handle->redirect_prefix); |
@@ -561,11 +549,6 @@ cleanup_handle (struct RequestHandle *handle) | |||
561 | GNUNET_free (handle->edesc); | 549 | GNUNET_free (handle->edesc); |
562 | if (NULL != handle->gns_op) | 550 | if (NULL != handle->gns_op) |
563 | GNUNET_GNS_lookup_cancel (handle->gns_op); | 551 | GNUNET_GNS_lookup_cancel (handle->gns_op); |
564 | if (NULL != handle->gns_handle) | ||
565 | GNUNET_GNS_disconnect (handle->gns_handle); | ||
566 | |||
567 | if (NULL != handle->namestore_handle) | ||
568 | GNUNET_NAMESTORE_disconnect (handle->namestore_handle); | ||
569 | if (NULL != handle->oidc) | 552 | if (NULL != handle->oidc) |
570 | { | 553 | { |
571 | GNUNET_free (handle->oidc->client_id); | 554 | GNUNET_free (handle->oidc->client_id); |
@@ -585,15 +568,6 @@ cleanup_handle (struct RequestHandle *handle) | |||
585 | if (NULL!=handle->attests_list) | 568 | if (NULL!=handle->attests_list) |
586 | GNUNET_RECLAIM_attestation_list_destroy (handle->attests_list); | 569 | GNUNET_RECLAIM_attestation_list_destroy (handle->attests_list); |
587 | 570 | ||
588 | while (NULL != (ego_entry = handle->ego_head)) | ||
589 | { | ||
590 | GNUNET_CONTAINER_DLL_remove (handle->ego_head, | ||
591 | handle->ego_tail, | ||
592 | ego_entry); | ||
593 | GNUNET_free (ego_entry->identifier); | ||
594 | GNUNET_free (ego_entry->keystring); | ||
595 | GNUNET_free (ego_entry); | ||
596 | } | ||
597 | GNUNET_free (handle); | 571 | GNUNET_free (handle); |
598 | } | 572 | } |
599 | 573 | ||
@@ -993,7 +967,8 @@ oidc_ticket_issue_cb (void *cls, const struct GNUNET_RECLAIM_Ticket *ticket) | |||
993 | handle->redirect_prefix, | 967 | handle->redirect_prefix, |
994 | handle->tld, | 968 | handle->tld, |
995 | handle->redirect_suffix, | 969 | handle->redirect_suffix, |
996 | (NULL == strchr(handle->redirect_suffix, '?') ? "?" : "&"), | 970 | (NULL == strchr (handle->redirect_suffix, '?') ? "?" : |
971 | "&"), | ||
997 | handle->oidc->response_type, | 972 | handle->oidc->response_type, |
998 | code_string, | 973 | code_string, |
999 | handle->oidc->state); | 974 | handle->oidc->state); |
@@ -1003,7 +978,8 @@ oidc_ticket_issue_cb (void *cls, const struct GNUNET_RECLAIM_Ticket *ticket) | |||
1003 | GNUNET_asprintf (&redirect_uri, | 978 | GNUNET_asprintf (&redirect_uri, |
1004 | "%s%s%s=%s&state=%s", | 979 | "%s%s%s=%s&state=%s", |
1005 | handle->oidc->redirect_uri, | 980 | handle->oidc->redirect_uri, |
1006 | (NULL == strchr(handle->oidc->redirect_uri, '?') ? "?" : "&"), | 981 | (NULL == strchr (handle->oidc->redirect_uri, '?') ? "?" : |
982 | "&"), | ||
1007 | handle->oidc->response_type, | 983 | handle->oidc->response_type, |
1008 | code_string, | 984 | code_string, |
1009 | handle->oidc->state); | 985 | handle->oidc->state); |
@@ -1082,7 +1058,7 @@ oidc_attest_collect_finished_cb (void *cls) | |||
1082 | handle->attest_it = NULL; | 1058 | handle->attest_it = NULL; |
1083 | merged_list = attribute_list_merge (handle->attr_idtoken_list, | 1059 | merged_list = attribute_list_merge (handle->attr_idtoken_list, |
1084 | handle->attr_userinfo_list); | 1060 | handle->attr_userinfo_list); |
1085 | handle->idp_op = GNUNET_RECLAIM_ticket_issue (handle->idp, | 1061 | handle->idp_op = GNUNET_RECLAIM_ticket_issue (idp, |
1086 | &handle->priv_key, | 1062 | &handle->priv_key, |
1087 | &handle->oidc->client_pkey, | 1063 | &handle->oidc->client_pkey, |
1088 | merged_list, | 1064 | merged_list, |
@@ -1149,7 +1125,7 @@ oidc_attr_collect_finished_cb (void *cls) | |||
1149 | } | 1125 | } |
1150 | handle->attests_list = GNUNET_new (struct GNUNET_RECLAIM_AttestationList); | 1126 | handle->attests_list = GNUNET_new (struct GNUNET_RECLAIM_AttestationList); |
1151 | handle->attest_it = | 1127 | handle->attest_it = |
1152 | GNUNET_RECLAIM_get_attestations_start (handle->idp, | 1128 | GNUNET_RECLAIM_get_attestations_start (idp, |
1153 | &handle->priv_key, | 1129 | &handle->priv_key, |
1154 | &oidc_iteration_error, | 1130 | &oidc_iteration_error, |
1155 | handle, | 1131 | handle, |
@@ -1315,7 +1291,7 @@ code_redirect (void *cls) | |||
1315 | return; | 1291 | return; |
1316 | } | 1292 | } |
1317 | // iterate over egos and compare their public key | 1293 | // iterate over egos and compare their public key |
1318 | for (handle->ego_entry = handle->ego_head; NULL != handle->ego_entry; | 1294 | for (handle->ego_entry = ego_head; NULL != handle->ego_entry; |
1319 | handle->ego_entry = handle->ego_entry->next) | 1295 | handle->ego_entry = handle->ego_entry->next) |
1320 | { | 1296 | { |
1321 | GNUNET_IDENTITY_ego_get_public_key (handle->ego_entry->ego, &ego_pkey); | 1297 | GNUNET_IDENTITY_ego_get_public_key (handle->ego_entry->ego, &ego_pkey); |
@@ -1323,13 +1299,12 @@ code_redirect (void *cls) | |||
1323 | { | 1299 | { |
1324 | handle->priv_key = | 1300 | handle->priv_key = |
1325 | *GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego); | 1301 | *GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego); |
1326 | handle->idp = GNUNET_RECLAIM_connect (cfg); | ||
1327 | handle->attr_idtoken_list = | 1302 | handle->attr_idtoken_list = |
1328 | GNUNET_new (struct GNUNET_RECLAIM_AttributeList); | 1303 | GNUNET_new (struct GNUNET_RECLAIM_AttributeList); |
1329 | handle->attr_userinfo_list = | 1304 | handle->attr_userinfo_list = |
1330 | GNUNET_new (struct GNUNET_RECLAIM_AttributeList); | 1305 | GNUNET_new (struct GNUNET_RECLAIM_AttributeList); |
1331 | handle->attr_it = | 1306 | handle->attr_it = |
1332 | GNUNET_RECLAIM_get_attributes_start (handle->idp, | 1307 | GNUNET_RECLAIM_get_attributes_start (idp, |
1333 | &handle->priv_key, | 1308 | &handle->priv_key, |
1334 | &oidc_iteration_error, | 1309 | &oidc_iteration_error, |
1335 | handle, | 1310 | handle, |
@@ -1474,7 +1449,7 @@ client_redirect (void *cls) | |||
1474 | 1449 | ||
1475 | /* Lookup client redirect uri to verify request */ | 1450 | /* Lookup client redirect uri to verify request */ |
1476 | handle->gns_op = | 1451 | handle->gns_op = |
1477 | GNUNET_GNS_lookup (handle->gns_handle, | 1452 | GNUNET_GNS_lookup (gns_handle, |
1478 | GNUNET_GNS_EMPTY_LABEL_AT, | 1453 | GNUNET_GNS_EMPTY_LABEL_AT, |
1479 | &handle->oidc->client_pkey, | 1454 | &handle->oidc->client_pkey, |
1480 | GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT, | 1455 | GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT, |
@@ -1700,14 +1675,14 @@ authorize_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
1700 | 1675 | ||
1701 | // If we know this identity, translated the corresponding TLD | 1676 | // If we know this identity, translated the corresponding TLD |
1702 | // TODO: We might want to have a reverse lookup functionality for TLDs? | 1677 | // TODO: We might want to have a reverse lookup functionality for TLDs? |
1703 | for (tmp_ego = handle->ego_head; NULL != tmp_ego; tmp_ego = tmp_ego->next) | 1678 | for (tmp_ego = ego_head; NULL != tmp_ego; tmp_ego = tmp_ego->next) |
1704 | { | 1679 | { |
1705 | priv_key = GNUNET_IDENTITY_ego_get_private_key (tmp_ego->ego); | 1680 | priv_key = GNUNET_IDENTITY_ego_get_private_key (tmp_ego->ego); |
1706 | GNUNET_CRYPTO_ecdsa_key_get_public (priv_key, &pkey); | 1681 | GNUNET_CRYPTO_ecdsa_key_get_public (priv_key, &pkey); |
1707 | if (0 == GNUNET_memcmp (&pkey, &handle->oidc->client_pkey)) | 1682 | if (0 == GNUNET_memcmp (&pkey, &handle->oidc->client_pkey)) |
1708 | { | 1683 | { |
1709 | handle->tld = GNUNET_strdup (tmp_ego->identifier); | 1684 | handle->tld = GNUNET_strdup (tmp_ego->identifier); |
1710 | handle->ego_entry = handle->ego_tail; | 1685 | handle->ego_entry = ego_tail; |
1711 | } | 1686 | } |
1712 | } | 1687 | } |
1713 | handle->oidc->scope = get_url_parameter_copy (handle, OIDC_SCOPE_KEY); | 1688 | handle->oidc->scope = get_url_parameter_copy (handle, OIDC_SCOPE_KEY); |
@@ -1790,6 +1765,7 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
1790 | GNUNET_SCHEDULER_add_now (&cleanup_handle_delayed, handle); | 1765 | GNUNET_SCHEDULER_add_now (&cleanup_handle_delayed, handle); |
1791 | } | 1766 | } |
1792 | 1767 | ||
1768 | |||
1793 | static int | 1769 | static int |
1794 | parse_credentials_basic_auth (struct RequestHandle *handle, | 1770 | parse_credentials_basic_auth (struct RequestHandle *handle, |
1795 | char **client_id, | 1771 | char **client_id, |
@@ -1847,8 +1823,8 @@ parse_credentials_basic_auth (struct RequestHandle *handle, | |||
1847 | 1823 | ||
1848 | static int | 1824 | static int |
1849 | parse_credentials_post_body (struct RequestHandle *handle, | 1825 | parse_credentials_post_body (struct RequestHandle *handle, |
1850 | char **client_id, | 1826 | char **client_id, |
1851 | char **client_secret) | 1827 | char **client_secret) |
1852 | { | 1828 | { |
1853 | struct GNUNET_HashCode cache_key; | 1829 | struct GNUNET_HashCode cache_key; |
1854 | char *client_id_tmp; | 1830 | char *client_id_tmp; |
@@ -1861,8 +1837,9 @@ parse_credentials_post_body (struct RequestHandle *handle, | |||
1861 | ->url_param_map, | 1837 | ->url_param_map, |
1862 | &cache_key)) | 1838 | &cache_key)) |
1863 | return GNUNET_SYSERR; | 1839 | return GNUNET_SYSERR; |
1864 | client_id_tmp = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map, | 1840 | client_id_tmp = GNUNET_CONTAINER_multihashmap_get ( |
1865 | &cache_key); | 1841 | handle->rest_handle->url_param_map, |
1842 | &cache_key); | ||
1866 | if (NULL == client_id_tmp) | 1843 | if (NULL == client_id_tmp) |
1867 | return GNUNET_SYSERR; | 1844 | return GNUNET_SYSERR; |
1868 | *client_id = strdup (client_id_tmp); | 1845 | *client_id = strdup (client_id_tmp); |
@@ -1896,13 +1873,16 @@ check_authorization (struct RequestHandle *handle, | |||
1896 | { | 1873 | { |
1897 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1874 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1898 | "Received client credentials in HTTP AuthZ header\n"); | 1875 | "Received client credentials in HTTP AuthZ header\n"); |
1899 | } else if (GNUNET_OK == parse_credentials_post_body (handle, | 1876 | } |
1900 | &received_cid, | 1877 | else if (GNUNET_OK == parse_credentials_post_body (handle, |
1901 | &received_cpw)) | 1878 | &received_cid, |
1879 | &received_cpw)) | ||
1902 | { | 1880 | { |
1903 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1881 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
1904 | "Received client credentials in POST body\n"); | 1882 | "Received client credentials in POST body\n"); |
1905 | } else { | 1883 | } |
1884 | else | ||
1885 | { | ||
1906 | handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_CLIENT); | 1886 | handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_CLIENT); |
1907 | handle->response_code = MHD_HTTP_UNAUTHORIZED; | 1887 | handle->response_code = MHD_HTTP_UNAUTHORIZED; |
1908 | return GNUNET_SYSERR; | 1888 | return GNUNET_SYSERR; |
@@ -1931,7 +1911,7 @@ check_authorization (struct RequestHandle *handle, | |||
1931 | return GNUNET_SYSERR; | 1911 | return GNUNET_SYSERR; |
1932 | } | 1912 | } |
1933 | // check client_id | 1913 | // check client_id |
1934 | for (handle->ego_entry = handle->ego_head; NULL != handle->ego_entry; | 1914 | for (handle->ego_entry = ego_head; NULL != handle->ego_entry; |
1935 | handle->ego_entry = handle->ego_entry->next) | 1915 | handle->ego_entry = handle->ego_entry->next) |
1936 | { | 1916 | { |
1937 | if (0 == strcmp (handle->ego_entry->keystring, received_cid)) | 1917 | if (0 == strcmp (handle->ego_entry->keystring, received_cid)) |
@@ -1963,7 +1943,7 @@ find_ego (struct RequestHandle *handle, | |||
1963 | struct EgoEntry *ego_entry; | 1943 | struct EgoEntry *ego_entry; |
1964 | struct GNUNET_CRYPTO_EcdsaPublicKey pub_key; | 1944 | struct GNUNET_CRYPTO_EcdsaPublicKey pub_key; |
1965 | 1945 | ||
1966 | for (ego_entry = handle->ego_head; NULL != ego_entry; | 1946 | for (ego_entry = ego_head; NULL != ego_entry; |
1967 | ego_entry = ego_entry->next) | 1947 | ego_entry = ego_entry->next) |
1968 | { | 1948 | { |
1969 | GNUNET_IDENTITY_ego_get_public_key (ego_entry->ego, &pub_key); | 1949 | GNUNET_IDENTITY_ego_get_public_key (ego_entry->ego, &pub_key); |
@@ -2321,14 +2301,13 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2321 | return; | 2301 | return; |
2322 | } | 2302 | } |
2323 | 2303 | ||
2324 | handle->idp = GNUNET_RECLAIM_connect (cfg); | ||
2325 | handle->oidc->response = json_object (); | 2304 | handle->oidc->response = json_object (); |
2326 | json_object_set_new (handle->oidc->response, | 2305 | json_object_set_new (handle->oidc->response, |
2327 | "sub", | 2306 | "sub", |
2328 | json_string (iss_ego->keystring)); | 2307 | json_string (iss_ego->keystring)); |
2329 | privkey = GNUNET_IDENTITY_ego_get_private_key (aud_ego->ego); | 2308 | privkey = GNUNET_IDENTITY_ego_get_private_key (aud_ego->ego); |
2330 | 2309 | ||
2331 | handle->idp_op = GNUNET_RECLAIM_ticket_consume (handle->idp, | 2310 | handle->idp_op = GNUNET_RECLAIM_ticket_consume (idp, |
2332 | privkey, | 2311 | privkey, |
2333 | ticket, | 2312 | ticket, |
2334 | consume_ticket, | 2313 | consume_ticket, |
@@ -2338,36 +2317,6 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2338 | 2317 | ||
2339 | 2318 | ||
2340 | /** | 2319 | /** |
2341 | * Handle rest request | ||
2342 | * | ||
2343 | * @param handle the request handle | ||
2344 | */ | ||
2345 | static void | ||
2346 | init_cont (struct RequestHandle *handle) | ||
2347 | { | ||
2348 | struct GNUNET_REST_RequestHandlerError err; | ||
2349 | static const struct GNUNET_REST_RequestHandler handlers[] = | ||
2350 | { { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_AUTHORIZE, &authorize_endpoint }, | ||
2351 | { MHD_HTTP_METHOD_POST, | ||
2352 | GNUNET_REST_API_NS_AUTHORIZE, | ||
2353 | &authorize_endpoint }, // url-encoded | ||
2354 | { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_LOGIN, &login_cont }, | ||
2355 | { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_TOKEN, &token_endpoint }, | ||
2356 | { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint }, | ||
2357 | { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint }, | ||
2358 | { MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_OIDC, &options_cont }, | ||
2359 | GNUNET_REST_HANDLER_END }; | ||
2360 | |||
2361 | if (GNUNET_NO == | ||
2362 | GNUNET_REST_handle_request (handle->rest_handle, handlers, &err, handle)) | ||
2363 | { | ||
2364 | handle->response_code = err.error_code; | ||
2365 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
2366 | } | ||
2367 | } | ||
2368 | |||
2369 | |||
2370 | /** | ||
2371 | * If listing is enabled, prints information about the egos. | 2320 | * If listing is enabled, prints information about the egos. |
2372 | * | 2321 | * |
2373 | * This function is initially called for all egos and then again | 2322 | * This function is initially called for all egos and then again |
@@ -2406,18 +2355,16 @@ list_ego (void *cls, | |||
2406 | void **ctx, | 2355 | void **ctx, |
2407 | const char *identifier) | 2356 | const char *identifier) |
2408 | { | 2357 | { |
2409 | struct RequestHandle *handle = cls; | ||
2410 | struct EgoEntry *ego_entry; | 2358 | struct EgoEntry *ego_entry; |
2411 | struct GNUNET_CRYPTO_EcdsaPublicKey pk; | 2359 | struct GNUNET_CRYPTO_EcdsaPublicKey pk; |
2412 | 2360 | ||
2413 | if ((NULL == ego) && (ID_REST_STATE_INIT == handle->state)) | 2361 | if ((NULL == ego) && (ID_REST_STATE_INIT == state)) |
2414 | { | 2362 | { |
2415 | handle->state = ID_REST_STATE_POST_INIT; | 2363 | state = ID_REST_STATE_POST_INIT; |
2416 | init_cont (handle); | ||
2417 | return; | 2364 | return; |
2418 | } | 2365 | } |
2419 | GNUNET_assert (NULL != ego); | 2366 | GNUNET_assert (NULL != ego); |
2420 | if (ID_REST_STATE_INIT == handle->state) | 2367 | if (ID_REST_STATE_INIT == state) |
2421 | 2368 | ||
2422 | { | 2369 | { |
2423 | ego_entry = GNUNET_new (struct EgoEntry); | 2370 | ego_entry = GNUNET_new (struct EgoEntry); |
@@ -2425,15 +2372,15 @@ list_ego (void *cls, | |||
2425 | ego_entry->keystring = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk); | 2372 | ego_entry->keystring = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk); |
2426 | ego_entry->ego = ego; | 2373 | ego_entry->ego = ego; |
2427 | ego_entry->identifier = GNUNET_strdup (identifier); | 2374 | ego_entry->identifier = GNUNET_strdup (identifier); |
2428 | GNUNET_CONTAINER_DLL_insert_tail (handle->ego_head, | 2375 | GNUNET_CONTAINER_DLL_insert_tail (ego_head, |
2429 | handle->ego_tail, | 2376 | ego_tail, |
2430 | ego_entry); | 2377 | ego_entry); |
2431 | return; | 2378 | return; |
2432 | } | 2379 | } |
2433 | /* Ego renamed or added */ | 2380 | /* Ego renamed or added */ |
2434 | if (identifier != NULL) | 2381 | if (identifier != NULL) |
2435 | { | 2382 | { |
2436 | for (ego_entry = handle->ego_head; NULL != ego_entry; | 2383 | for (ego_entry = ego_head; NULL != ego_entry; |
2437 | ego_entry = ego_entry->next) | 2384 | ego_entry = ego_entry->next) |
2438 | { | 2385 | { |
2439 | if (ego_entry->ego == ego) | 2386 | if (ego_entry->ego == ego) |
@@ -2452,15 +2399,15 @@ list_ego (void *cls, | |||
2452 | ego_entry->keystring = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk); | 2399 | ego_entry->keystring = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk); |
2453 | ego_entry->ego = ego; | 2400 | ego_entry->ego = ego; |
2454 | ego_entry->identifier = GNUNET_strdup (identifier); | 2401 | ego_entry->identifier = GNUNET_strdup (identifier); |
2455 | GNUNET_CONTAINER_DLL_insert_tail (handle->ego_head, | 2402 | GNUNET_CONTAINER_DLL_insert_tail (ego_head, |
2456 | handle->ego_tail, | 2403 | ego_tail, |
2457 | ego_entry); | 2404 | ego_entry); |
2458 | } | 2405 | } |
2459 | } | 2406 | } |
2460 | else | 2407 | else |
2461 | { | 2408 | { |
2462 | /* Delete */ | 2409 | /* Delete */ |
2463 | for (ego_entry = handle->ego_head; NULL != ego_entry; | 2410 | for (ego_entry = ego_head; NULL != ego_entry; |
2464 | ego_entry = ego_entry->next) | 2411 | ego_entry = ego_entry->next) |
2465 | { | 2412 | { |
2466 | if (ego_entry->ego == ego) | 2413 | if (ego_entry->ego == ego) |
@@ -2469,8 +2416,8 @@ list_ego (void *cls, | |||
2469 | if (NULL == ego_entry) | 2416 | if (NULL == ego_entry) |
2470 | return; /* Not found */ | 2417 | return; /* Not found */ |
2471 | 2418 | ||
2472 | GNUNET_CONTAINER_DLL_remove (handle->ego_head, | 2419 | GNUNET_CONTAINER_DLL_remove (ego_head, |
2473 | handle->ego_tail, | 2420 | ego_tail, |
2474 | ego_entry); | 2421 | ego_entry); |
2475 | GNUNET_free (ego_entry->identifier); | 2422 | GNUNET_free (ego_entry->identifier); |
2476 | GNUNET_free (ego_entry->keystring); | 2423 | GNUNET_free (ego_entry->keystring); |
@@ -2480,12 +2427,23 @@ list_ego (void *cls, | |||
2480 | } | 2427 | } |
2481 | 2428 | ||
2482 | 2429 | ||
2483 | static void | 2430 | static enum GNUNET_GenericReturnValue |
2484 | rest_identity_process_request (struct GNUNET_REST_RequestHandle *rest_handle, | 2431 | rest_identity_process_request (struct GNUNET_REST_RequestHandle *rest_handle, |
2485 | GNUNET_REST_ResultProcessor proc, | 2432 | GNUNET_REST_ResultProcessor proc, |
2486 | void *proc_cls) | 2433 | void *proc_cls) |
2487 | { | 2434 | { |
2488 | struct RequestHandle *handle = GNUNET_new (struct RequestHandle); | 2435 | struct RequestHandle *handle = GNUNET_new (struct RequestHandle); |
2436 | struct GNUNET_REST_RequestHandlerError err; | ||
2437 | static const struct GNUNET_REST_RequestHandler handlers[] = | ||
2438 | { { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_AUTHORIZE, &authorize_endpoint }, | ||
2439 | { MHD_HTTP_METHOD_POST, | ||
2440 | GNUNET_REST_API_NS_AUTHORIZE, &authorize_endpoint }, // url-encoded | ||
2441 | { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_LOGIN, &login_cont }, | ||
2442 | { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_TOKEN, &token_endpoint }, | ||
2443 | { MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint }, | ||
2444 | { MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_USERINFO, &userinfo_endpoint }, | ||
2445 | { MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_OIDC, &options_cont }, | ||
2446 | GNUNET_REST_HANDLER_END }; | ||
2489 | 2447 | ||
2490 | handle->oidc = GNUNET_new (struct OIDC_Variables); | 2448 | handle->oidc = GNUNET_new (struct OIDC_Variables); |
2491 | if (NULL == OIDC_cookie_jar_map) | 2449 | if (NULL == OIDC_cookie_jar_map) |
@@ -2495,19 +2453,17 @@ rest_identity_process_request (struct GNUNET_REST_RequestHandle *rest_handle, | |||
2495 | handle->timeout = GNUNET_TIME_UNIT_FOREVER_REL; | 2453 | handle->timeout = GNUNET_TIME_UNIT_FOREVER_REL; |
2496 | handle->proc_cls = proc_cls; | 2454 | handle->proc_cls = proc_cls; |
2497 | handle->proc = proc; | 2455 | handle->proc = proc; |
2498 | handle->state = ID_REST_STATE_INIT; | ||
2499 | handle->rest_handle = rest_handle; | 2456 | handle->rest_handle = rest_handle; |
2500 | |||
2501 | handle->url = GNUNET_strdup (rest_handle->url); | 2457 | handle->url = GNUNET_strdup (rest_handle->url); |
2502 | if (handle->url[strlen (handle->url) - 1] == '/') | 2458 | if (handle->url[strlen (handle->url) - 1] == '/') |
2503 | handle->url[strlen (handle->url) - 1] = '\0'; | 2459 | handle->url[strlen (handle->url) - 1] = '\0'; |
2504 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Connecting...\n"); | 2460 | if (GNUNET_NO == |
2505 | handle->identity_handle = GNUNET_IDENTITY_connect (cfg, &list_ego, handle); | 2461 | GNUNET_REST_handle_request (handle->rest_handle, handlers, &err, handle)) |
2506 | handle->gns_handle = GNUNET_GNS_connect (cfg); | 2462 | return GNUNET_NO; |
2507 | handle->namestore_handle = GNUNET_NAMESTORE_connect (cfg); | 2463 | |
2508 | handle->timeout_task = | 2464 | handle->timeout_task = |
2509 | GNUNET_SCHEDULER_add_delayed (handle->timeout, &do_timeout, handle); | 2465 | GNUNET_SCHEDULER_add_delayed (handle->timeout, &do_timeout, handle); |
2510 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Connected\n"); | 2466 | return GNUNET_YES; |
2511 | } | 2467 | } |
2512 | 2468 | ||
2513 | 2469 | ||
@@ -2532,6 +2488,11 @@ libgnunet_plugin_rest_openid_connect_init (void *cls) | |||
2532 | api->cls = &plugin; | 2488 | api->cls = &plugin; |
2533 | api->name = GNUNET_REST_API_NS_OIDC; | 2489 | api->name = GNUNET_REST_API_NS_OIDC; |
2534 | api->process_request = &rest_identity_process_request; | 2490 | api->process_request = &rest_identity_process_request; |
2491 | identity_handle = GNUNET_IDENTITY_connect (cfg, &list_ego, NULL); | ||
2492 | gns_handle = GNUNET_GNS_connect (cfg); | ||
2493 | idp = GNUNET_RECLAIM_connect (cfg); | ||
2494 | |||
2495 | state = ID_REST_STATE_INIT; | ||
2535 | GNUNET_asprintf (&allow_methods, | 2496 | GNUNET_asprintf (&allow_methods, |
2536 | "%s, %s, %s, %s, %s", | 2497 | "%s, %s, %s, %s, %s", |
2537 | MHD_HTTP_METHOD_GET, | 2498 | MHD_HTTP_METHOD_GET, |
@@ -2557,6 +2518,7 @@ libgnunet_plugin_rest_openid_connect_done (void *cls) | |||
2557 | { | 2518 | { |
2558 | struct GNUNET_REST_Plugin *api = cls; | 2519 | struct GNUNET_REST_Plugin *api = cls; |
2559 | struct Plugin *plugin = api->cls; | 2520 | struct Plugin *plugin = api->cls; |
2521 | struct EgoEntry *ego_entry; | ||
2560 | 2522 | ||
2561 | plugin->cfg = NULL; | 2523 | plugin->cfg = NULL; |
2562 | 2524 | ||
@@ -2573,6 +2535,21 @@ libgnunet_plugin_rest_openid_connect_done (void *cls) | |||
2573 | 2535 | ||
2574 | GNUNET_CONTAINER_multihashmap_iterator_destroy (hashmap_it); | 2536 | GNUNET_CONTAINER_multihashmap_iterator_destroy (hashmap_it); |
2575 | GNUNET_free (allow_methods); | 2537 | GNUNET_free (allow_methods); |
2538 | if (NULL != gns_handle) | ||
2539 | GNUNET_GNS_disconnect (gns_handle); | ||
2540 | if (NULL != identity_handle) | ||
2541 | GNUNET_IDENTITY_disconnect (identity_handle); | ||
2542 | if (NULL != idp) | ||
2543 | GNUNET_RECLAIM_disconnect (idp); | ||
2544 | while (NULL != (ego_entry = ego_head)) | ||
2545 | { | ||
2546 | GNUNET_CONTAINER_DLL_remove (ego_head, | ||
2547 | ego_tail, | ||
2548 | ego_entry); | ||
2549 | GNUNET_free (ego_entry->identifier); | ||
2550 | GNUNET_free (ego_entry->keystring); | ||
2551 | GNUNET_free (ego_entry); | ||
2552 | } | ||
2576 | GNUNET_free (api); | 2553 | GNUNET_free (api); |
2577 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2554 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2578 | "OpenID Connect REST plugin is finished\n"); | 2555 | "OpenID Connect REST plugin is finished\n"); |