diff options
Diffstat (limited to 'src/reclaim/plugin_rest_openid_connect.c')
-rw-r--r-- | src/reclaim/plugin_rest_openid_connect.c | 50 |
1 files changed, 38 insertions, 12 deletions
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c index 0ee61755b..c6259d745 100644 --- a/src/reclaim/plugin_rest_openid_connect.c +++ b/src/reclaim/plugin_rest_openid_connect.c | |||
@@ -686,7 +686,10 @@ do_userinfo_error (void *cls) | |||
686 | handle->emsg, | 686 | handle->emsg, |
687 | (NULL != handle->edesc) ? handle->edesc : ""); | 687 | (NULL != handle->edesc) ? handle->edesc : ""); |
688 | resp = GNUNET_REST_create_response (""); | 688 | resp = GNUNET_REST_create_response (""); |
689 | MHD_add_response_header (resp, MHD_HTTP_HEADER_WWW_AUTHENTICATE, "Bearer"); | 689 | GNUNET_assert (MHD_NO != |
690 | MHD_add_response_header (resp, | ||
691 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, | ||
692 | "Bearer")); | ||
690 | handle->proc (handle->proc_cls, resp, handle->response_code); | 693 | handle->proc (handle->proc_cls, resp, handle->response_code); |
691 | cleanup_handle (handle); | 694 | cleanup_handle (handle); |
692 | GNUNET_free (error); | 695 | GNUNET_free (error); |
@@ -713,7 +716,8 @@ do_redirect_error (void *cls) | |||
713 | (NULL != handle->oidc->state) ? "&state=" : "", | 716 | (NULL != handle->oidc->state) ? "&state=" : "", |
714 | (NULL != handle->oidc->state) ? handle->oidc->state : ""); | 717 | (NULL != handle->oidc->state) ? handle->oidc->state : ""); |
715 | resp = GNUNET_REST_create_response (""); | 718 | resp = GNUNET_REST_create_response (""); |
716 | MHD_add_response_header (resp, "Location", redirect); | 719 | GNUNET_assert (MHD_NO != MHD_add_response_header (resp, |
720 | "Location", redirect)); | ||
717 | handle->proc (handle->proc_cls, resp, MHD_HTTP_FOUND); | 721 | handle->proc (handle->proc_cls, resp, MHD_HTTP_FOUND); |
718 | cleanup_handle (handle); | 722 | cleanup_handle (handle); |
719 | GNUNET_free (redirect); | 723 | GNUNET_free (redirect); |
@@ -1022,7 +1026,8 @@ oidc_ticket_issue_cb (void *cls, | |||
1022 | handle->oidc->state); | 1026 | handle->oidc->state); |
1023 | } | 1027 | } |
1024 | resp = GNUNET_REST_create_response (""); | 1028 | resp = GNUNET_REST_create_response (""); |
1025 | MHD_add_response_header (resp, "Location", redirect_uri); | 1029 | GNUNET_assert (MHD_NO != MHD_add_response_header (resp, |
1030 | "Location", redirect_uri)); | ||
1026 | handle->proc (handle->proc_cls, resp, MHD_HTTP_FOUND); | 1031 | handle->proc (handle->proc_cls, resp, MHD_HTTP_FOUND); |
1027 | cleanup_handle (handle); | 1032 | cleanup_handle (handle); |
1028 | GNUNET_free (redirect_uri); | 1033 | GNUNET_free (redirect_uri); |
@@ -1381,7 +1386,8 @@ build_redirect (void *cls) | |||
1381 | handle->oidc->state); | 1386 | handle->oidc->state); |
1382 | } | 1387 | } |
1383 | resp = GNUNET_REST_create_response (""); | 1388 | resp = GNUNET_REST_create_response (""); |
1384 | MHD_add_response_header (resp, "Location", redirect_uri); | 1389 | GNUNET_assert (MHD_NO != MHD_add_response_header (resp, |
1390 | "Location", redirect_uri)); | ||
1385 | handle->proc (handle->proc_cls, resp, MHD_HTTP_FOUND); | 1391 | handle->proc (handle->proc_cls, resp, MHD_HTTP_FOUND); |
1386 | cleanup_handle (handle); | 1392 | cleanup_handle (handle); |
1387 | GNUNET_free (redirect_uri); | 1393 | GNUNET_free (redirect_uri); |
@@ -1764,8 +1770,12 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
1764 | "%s;Max-Age=%d", | 1770 | "%s;Max-Age=%d", |
1765 | cookie, | 1771 | cookie, |
1766 | OIDC_COOKIE_EXPIRATION); | 1772 | OIDC_COOKIE_EXPIRATION); |
1767 | MHD_add_response_header (resp, "Set-Cookie", header_val); | 1773 | GNUNET_assert (MHD_NO != MHD_add_response_header (resp, |
1768 | MHD_add_response_header (resp, "Access-Control-Allow-Methods", "POST"); | 1774 | "Set-Cookie", header_val)); |
1775 | GNUNET_assert (MHD_NO != | ||
1776 | MHD_add_response_header (resp, | ||
1777 | "Access-Control-Allow-Methods", | ||
1778 | "POST")); | ||
1769 | GNUNET_CRYPTO_hash (cookie, strlen (cookie), &cache_key); | 1779 | GNUNET_CRYPTO_hash (cookie, strlen (cookie), &cache_key); |
1770 | 1780 | ||
1771 | if (0 != strcmp (json_string_value (identity), "Denied")) | 1781 | if (0 != strcmp (json_string_value (identity), "Denied")) |
@@ -1880,7 +1890,8 @@ parse_credentials_post_body (struct RequestHandle *handle, | |||
1880 | } | 1890 | } |
1881 | pass = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map, | 1891 | pass = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map, |
1882 | &cache_key); | 1892 | &cache_key); |
1883 | if (NULL == pass) { | 1893 | if (NULL == pass) |
1894 | { | ||
1884 | GNUNET_free (*client_id); | 1895 | GNUNET_free (*client_id); |
1885 | *client_id = NULL; | 1896 | *client_id = NULL; |
1886 | return GNUNET_SYSERR; | 1897 | return GNUNET_SYSERR; |
@@ -2134,6 +2145,8 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2134 | GNUNET_free (code); | 2145 | GNUNET_free (code); |
2135 | if (NULL != nonce) | 2146 | if (NULL != nonce) |
2136 | GNUNET_free (nonce); | 2147 | GNUNET_free (nonce); |
2148 | GNUNET_RECLAIM_attribute_list_destroy (cl); | ||
2149 | GNUNET_RECLAIM_presentation_list_destroy (pl); | ||
2137 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 2150 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
2138 | return; | 2151 | return; |
2139 | } | 2152 | } |
@@ -2149,6 +2162,8 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2149 | handle->edesc = GNUNET_strdup ("No signing secret configured!"); | 2162 | handle->edesc = GNUNET_strdup ("No signing secret configured!"); |
2150 | handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR; | 2163 | handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR; |
2151 | GNUNET_free (code); | 2164 | GNUNET_free (code); |
2165 | GNUNET_RECLAIM_attribute_list_destroy (cl); | ||
2166 | GNUNET_RECLAIM_presentation_list_destroy (pl); | ||
2152 | if (NULL != nonce) | 2167 | if (NULL != nonce) |
2153 | GNUNET_free (nonce); | 2168 | GNUNET_free (nonce); |
2154 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 2169 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
@@ -2191,9 +2206,14 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle, | |||
2191 | &json_response); | 2206 | &json_response); |
2192 | 2207 | ||
2193 | resp = GNUNET_REST_create_response (json_response); | 2208 | resp = GNUNET_REST_create_response (json_response); |
2194 | MHD_add_response_header (resp, "Cache-Control", "no-store"); | 2209 | GNUNET_assert (MHD_NO != MHD_add_response_header (resp, |
2195 | MHD_add_response_header (resp, "Pragma", "no-cache"); | 2210 | "Cache-Control", |
2196 | MHD_add_response_header (resp, "Content-Type", "application/json"); | 2211 | "no-store")); |
2212 | GNUNET_assert (MHD_NO != MHD_add_response_header (resp, | ||
2213 | "Pragma", "no-cache")); | ||
2214 | GNUNET_assert (MHD_NO != MHD_add_response_header (resp, | ||
2215 | "Content-Type", | ||
2216 | "application/json")); | ||
2197 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); | 2217 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); |
2198 | GNUNET_RECLAIM_attribute_list_destroy (cl); | 2218 | GNUNET_RECLAIM_attribute_list_destroy (cl); |
2199 | GNUNET_RECLAIM_presentation_list_destroy (pl); | 2219 | GNUNET_RECLAIM_presentation_list_destroy (pl); |
@@ -2665,8 +2685,14 @@ oidc_config_cors (struct GNUNET_REST_RequestHandle *con_handle, | |||
2665 | 2685 | ||
2666 | // For now, independent of path return all options | 2686 | // For now, independent of path return all options |
2667 | resp = GNUNET_REST_create_response (NULL); | 2687 | resp = GNUNET_REST_create_response (NULL); |
2668 | MHD_add_response_header (resp, "Access-Control-Allow-Methods", allow_methods); | 2688 | GNUNET_assert (MHD_NO != |
2669 | MHD_add_response_header (resp, "Access-Control-Allow-Origin", "*"); | 2689 | MHD_add_response_header (resp, |
2690 | "Access-Control-Allow-Methods", | ||
2691 | allow_methods)); | ||
2692 | GNUNET_assert (MHD_NO != | ||
2693 | MHD_add_response_header (resp, | ||
2694 | "Access-Control-Allow-Origin", | ||
2695 | "*")); | ||
2670 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); | 2696 | handle->proc (handle->proc_cls, resp, MHD_HTTP_OK); |
2671 | cleanup_handle (handle); | 2697 | cleanup_handle (handle); |
2672 | return; | 2698 | return; |