diff options
Diffstat (limited to 'src/reclaim/plugin_rest_openid_connect.c')
-rw-r--r-- | src/reclaim/plugin_rest_openid_connect.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c index e54473162..3db881244 100644 --- a/src/reclaim/plugin_rest_openid_connect.c +++ b/src/reclaim/plugin_rest_openid_connect.c | |||
@@ -2279,7 +2279,8 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2279 | char *authorization_type; | 2279 | char *authorization_type; |
2280 | char *authorization_access_token; | 2280 | char *authorization_access_token; |
2281 | struct GNUNET_RECLAIM_Ticket *ticket; | 2281 | struct GNUNET_RECLAIM_Ticket *ticket; |
2282 | const struct EgoEntry *ego_entry; | 2282 | const struct EgoEntry *aud_ego; |
2283 | const struct EgoEntry *iss_ego; | ||
2283 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey; | 2284 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey; |
2284 | 2285 | ||
2285 | GNUNET_CRYPTO_hash (OIDC_AUTHORIZATION_HEADER_KEY, | 2286 | GNUNET_CRYPTO_hash (OIDC_AUTHORIZATION_HEADER_KEY, |
@@ -2340,8 +2341,9 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2340 | ticket = | 2341 | ticket = |
2341 | GNUNET_CONTAINER_multihashmap_get (OIDC_access_token_map, &cache_key); | 2342 | GNUNET_CONTAINER_multihashmap_get (OIDC_access_token_map, &cache_key); |
2342 | GNUNET_assert (NULL != ticket); | 2343 | GNUNET_assert (NULL != ticket); |
2343 | ego_entry = find_ego (handle, &ticket->audience); | 2344 | aud_ego = find_ego (handle, &ticket->audience); |
2344 | if (NULL == ego_entry) | 2345 | iss_ego = find_ego (handle, &ticket->identity); |
2346 | if ((NULL == aud_ego) || (NULL == iss_ego)) | ||
2345 | { | 2347 | { |
2346 | handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_TOKEN); | 2348 | handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_TOKEN); |
2347 | handle->edesc = GNUNET_strdup ("The access token expired"); | 2349 | handle->edesc = GNUNET_strdup ("The access token expired"); |
@@ -2355,8 +2357,9 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2355 | handle->oidc->response = json_object (); | 2357 | handle->oidc->response = json_object (); |
2356 | json_object_set_new (handle->oidc->response, | 2358 | json_object_set_new (handle->oidc->response, |
2357 | "sub", | 2359 | "sub", |
2358 | json_string (ego_entry->keystring)); | 2360 | json_string (iss_ego->keystring)); |
2359 | privkey = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego); | 2361 | privkey = GNUNET_IDENTITY_ego_get_private_key (aud_ego->ego); |
2362 | |||
2360 | handle->idp_op = GNUNET_RECLAIM_ticket_consume (handle->idp, | 2363 | handle->idp_op = GNUNET_RECLAIM_ticket_consume (handle->idp, |
2361 | privkey, | 2364 | privkey, |
2362 | ticket, | 2365 | ticket, |