diff options
Diffstat (limited to 'src/reclaim/plugin_rest_pabc.c')
| -rw-r--r-- | src/reclaim/plugin_rest_pabc.c | 65 |
1 files changed, 58 insertions, 7 deletions
diff --git a/src/reclaim/plugin_rest_pabc.c b/src/reclaim/plugin_rest_pabc.c index c3bb8847f..e5099a012 100644 --- a/src/reclaim/plugin_rest_pabc.c +++ b/src/reclaim/plugin_rest_pabc.c | |||
| @@ -33,6 +33,7 @@ | |||
| 33 | #include "gnunet_rest_lib.h" | 33 | #include "gnunet_rest_lib.h" |
| 34 | #include "gnunet_rest_plugin.h" | 34 | #include "gnunet_rest_plugin.h" |
| 35 | #include "gnunet_signatures.h" | 35 | #include "gnunet_signatures.h" |
| 36 | #include "pabc_helper.h" | ||
| 36 | 37 | ||
| 37 | /** | 38 | /** |
| 38 | * REST root namespace | 39 | * REST root namespace |
| @@ -221,15 +222,44 @@ set_attributes_from_idtoken (const struct pabc_context *ctx, | |||
| 221 | { | 222 | { |
| 222 | json_t *payload_json; | 223 | json_t *payload_json; |
| 223 | json_t *value; | 224 | json_t *value; |
| 225 | json_error_t json_err; | ||
| 224 | const char *key; | 226 | const char *key; |
| 227 | const char *jwt_body; | ||
| 228 | char *decoded_jwt; | ||
| 229 | char delim[] = "."; | ||
| 230 | char *jwt_string; | ||
| 231 | const char *pabc_key; | ||
| 225 | enum pabc_status status; | 232 | enum pabc_status status; |
| 226 | 233 | ||
| 227 | //FIXME parse JWT | 234 | //FIXME parse JWT |
| 235 | jwt_string = GNUNET_strndup (id_token, strlen (id_token)); | ||
| 236 | jwt_body = strtok (jwt_string, delim); | ||
| 237 | jwt_body = strtok (NULL, delim); | ||
| 238 | GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body), | ||
| 239 | (void **) &decoded_jwt); | ||
| 240 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Decoded ID Token: %s\n", decoded_jwt); | ||
| 241 | payload_json = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err); | ||
| 242 | GNUNET_free (decoded_jwt); | ||
| 243 | |||
| 228 | json_object_foreach(payload_json, key, value) | 244 | json_object_foreach(payload_json, key, value) |
| 229 | { | 245 | { |
| 230 | //FIXME skip metadata in JWT, map attributes to PP | 246 | pabc_key = key; |
| 247 | if (0 == strcmp ("iss", key)) | ||
| 248 | pabc_key = "issuer"; //rename | ||
| 249 | if (0 == strcmp ("sub", key)) | ||
| 250 | pabc_key = "subject"; //rename | ||
| 251 | if (0 == strcmp ("jti", key)) | ||
| 252 | continue; | ||
| 253 | if (0 == strcmp ("exp", key)) | ||
| 254 | pabc_key = "expiration"; //rename | ||
| 255 | if (0 == strcmp ("iat", key)) | ||
| 256 | continue; | ||
| 257 | if (0 == strcmp ("nbf", key)) | ||
| 258 | continue; | ||
| 259 | if (0 == strcmp ("aud", key)) | ||
| 260 | continue; | ||
| 231 | status = pabc_set_attribute_value_by_name (ctx, pp, usr_ctx, | 261 | status = pabc_set_attribute_value_by_name (ctx, pp, usr_ctx, |
| 232 | key, | 262 | pabc_key, |
| 233 | json_string_value (value)); | 263 | json_string_value (value)); |
| 234 | if (PABC_OK != status) | 264 | if (PABC_OK != status) |
| 235 | { | 265 | { |
| @@ -254,6 +284,8 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
| 254 | json_t *nonce_json; | 284 | json_t *nonce_json; |
| 255 | json_t *pp_json; | 285 | json_t *pp_json; |
| 256 | json_t *idtoken_json; | 286 | json_t *idtoken_json; |
| 287 | json_t *iss_json; | ||
| 288 | json_t *identity_json; | ||
| 257 | json_error_t err; | 289 | json_error_t err; |
| 258 | struct pabc_public_parameters *pp = NULL; | 290 | struct pabc_public_parameters *pp = NULL; |
| 259 | struct pabc_context *ctx = NULL; | 291 | struct pabc_context *ctx = NULL; |
| @@ -302,6 +334,24 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
| 302 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 334 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
| 303 | return; | 335 | return; |
| 304 | } | 336 | } |
| 337 | iss_json = json_object_get (data_json, "issuer"); | ||
| 338 | if (NULL == iss_json) | ||
| 339 | { | ||
| 340 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
| 341 | "Unable to parse issuer\n"); | ||
| 342 | json_decref (data_json); | ||
| 343 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
| 344 | return; | ||
| 345 | } | ||
| 346 | identity_json = json_object_get (data_json, "identity"); | ||
| 347 | if (NULL == identity_json) | ||
| 348 | { | ||
| 349 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
| 350 | "Unable to parse identity\n"); | ||
| 351 | json_decref (data_json); | ||
| 352 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
| 353 | return; | ||
| 354 | } | ||
| 305 | idtoken_json = json_object_get (idtoken_json, "id_token"); | 355 | idtoken_json = json_object_get (idtoken_json, "id_token"); |
| 306 | if (NULL == idtoken_json) | 356 | if (NULL == idtoken_json) |
| 307 | { | 357 | { |
| @@ -322,8 +372,9 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
| 322 | } | 372 | } |
| 323 | 373 | ||
| 324 | PABC_ASSERT (pabc_new_ctx (&ctx)); | 374 | PABC_ASSERT (pabc_new_ctx (&ctx)); |
| 325 | // load stuff FIXME: Needs helper | 375 | status = PABC_load_public_parameters (ctx, |
| 326 | //status = load_public_parameters (ctx, pp_name, &pp); | 376 | json_string_value (iss_json), |
| 377 | &pp); | ||
| 327 | if (status != PABC_OK) | 378 | if (status != PABC_OK) |
| 328 | { | 379 | { |
| 329 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read public parameters.\n"); | 380 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read public parameters.\n"); |
| @@ -332,9 +383,9 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
| 332 | return; | 383 | return; |
| 333 | } | 384 | } |
| 334 | 385 | ||
| 335 | /*FIXME: Needs helper | 386 | status = PABC_read_usr_ctx (json_string_value (identity_json), |
| 336 | * status = read_usr_ctx (usr_name, pp_name, ctx, pp, &usr_ctx); | 387 | json_string_value (iss_json), |
| 337 | */ | 388 | ctx, pp, &usr_ctx); |
| 338 | if (PABC_OK != status) | 389 | if (PABC_OK != status) |
| 339 | { | 390 | { |
| 340 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read user context.\n"); | 391 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read user context.\n"); |