diff options
Diffstat (limited to 'src/reclaim/plugin_rest_pabc.c')
-rw-r--r-- | src/reclaim/plugin_rest_pabc.c | 65 |
1 files changed, 58 insertions, 7 deletions
diff --git a/src/reclaim/plugin_rest_pabc.c b/src/reclaim/plugin_rest_pabc.c index c3bb8847f..e5099a012 100644 --- a/src/reclaim/plugin_rest_pabc.c +++ b/src/reclaim/plugin_rest_pabc.c | |||
@@ -33,6 +33,7 @@ | |||
33 | #include "gnunet_rest_lib.h" | 33 | #include "gnunet_rest_lib.h" |
34 | #include "gnunet_rest_plugin.h" | 34 | #include "gnunet_rest_plugin.h" |
35 | #include "gnunet_signatures.h" | 35 | #include "gnunet_signatures.h" |
36 | #include "pabc_helper.h" | ||
36 | 37 | ||
37 | /** | 38 | /** |
38 | * REST root namespace | 39 | * REST root namespace |
@@ -221,15 +222,44 @@ set_attributes_from_idtoken (const struct pabc_context *ctx, | |||
221 | { | 222 | { |
222 | json_t *payload_json; | 223 | json_t *payload_json; |
223 | json_t *value; | 224 | json_t *value; |
225 | json_error_t json_err; | ||
224 | const char *key; | 226 | const char *key; |
227 | const char *jwt_body; | ||
228 | char *decoded_jwt; | ||
229 | char delim[] = "."; | ||
230 | char *jwt_string; | ||
231 | const char *pabc_key; | ||
225 | enum pabc_status status; | 232 | enum pabc_status status; |
226 | 233 | ||
227 | //FIXME parse JWT | 234 | //FIXME parse JWT |
235 | jwt_string = GNUNET_strndup (id_token, strlen (id_token)); | ||
236 | jwt_body = strtok (jwt_string, delim); | ||
237 | jwt_body = strtok (NULL, delim); | ||
238 | GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body), | ||
239 | (void **) &decoded_jwt); | ||
240 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Decoded ID Token: %s\n", decoded_jwt); | ||
241 | payload_json = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err); | ||
242 | GNUNET_free (decoded_jwt); | ||
243 | |||
228 | json_object_foreach(payload_json, key, value) | 244 | json_object_foreach(payload_json, key, value) |
229 | { | 245 | { |
230 | //FIXME skip metadata in JWT, map attributes to PP | 246 | pabc_key = key; |
247 | if (0 == strcmp ("iss", key)) | ||
248 | pabc_key = "issuer"; //rename | ||
249 | if (0 == strcmp ("sub", key)) | ||
250 | pabc_key = "subject"; //rename | ||
251 | if (0 == strcmp ("jti", key)) | ||
252 | continue; | ||
253 | if (0 == strcmp ("exp", key)) | ||
254 | pabc_key = "expiration"; //rename | ||
255 | if (0 == strcmp ("iat", key)) | ||
256 | continue; | ||
257 | if (0 == strcmp ("nbf", key)) | ||
258 | continue; | ||
259 | if (0 == strcmp ("aud", key)) | ||
260 | continue; | ||
231 | status = pabc_set_attribute_value_by_name (ctx, pp, usr_ctx, | 261 | status = pabc_set_attribute_value_by_name (ctx, pp, usr_ctx, |
232 | key, | 262 | pabc_key, |
233 | json_string_value (value)); | 263 | json_string_value (value)); |
234 | if (PABC_OK != status) | 264 | if (PABC_OK != status) |
235 | { | 265 | { |
@@ -254,6 +284,8 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
254 | json_t *nonce_json; | 284 | json_t *nonce_json; |
255 | json_t *pp_json; | 285 | json_t *pp_json; |
256 | json_t *idtoken_json; | 286 | json_t *idtoken_json; |
287 | json_t *iss_json; | ||
288 | json_t *identity_json; | ||
257 | json_error_t err; | 289 | json_error_t err; |
258 | struct pabc_public_parameters *pp = NULL; | 290 | struct pabc_public_parameters *pp = NULL; |
259 | struct pabc_context *ctx = NULL; | 291 | struct pabc_context *ctx = NULL; |
@@ -302,6 +334,24 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
302 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 334 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
303 | return; | 335 | return; |
304 | } | 336 | } |
337 | iss_json = json_object_get (data_json, "issuer"); | ||
338 | if (NULL == iss_json) | ||
339 | { | ||
340 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
341 | "Unable to parse issuer\n"); | ||
342 | json_decref (data_json); | ||
343 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
344 | return; | ||
345 | } | ||
346 | identity_json = json_object_get (data_json, "identity"); | ||
347 | if (NULL == identity_json) | ||
348 | { | ||
349 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
350 | "Unable to parse identity\n"); | ||
351 | json_decref (data_json); | ||
352 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
353 | return; | ||
354 | } | ||
305 | idtoken_json = json_object_get (idtoken_json, "id_token"); | 355 | idtoken_json = json_object_get (idtoken_json, "id_token"); |
306 | if (NULL == idtoken_json) | 356 | if (NULL == idtoken_json) |
307 | { | 357 | { |
@@ -322,8 +372,9 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
322 | } | 372 | } |
323 | 373 | ||
324 | PABC_ASSERT (pabc_new_ctx (&ctx)); | 374 | PABC_ASSERT (pabc_new_ctx (&ctx)); |
325 | // load stuff FIXME: Needs helper | 375 | status = PABC_load_public_parameters (ctx, |
326 | //status = load_public_parameters (ctx, pp_name, &pp); | 376 | json_string_value (iss_json), |
377 | &pp); | ||
327 | if (status != PABC_OK) | 378 | if (status != PABC_OK) |
328 | { | 379 | { |
329 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read public parameters.\n"); | 380 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read public parameters.\n"); |
@@ -332,9 +383,9 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
332 | return; | 383 | return; |
333 | } | 384 | } |
334 | 385 | ||
335 | /*FIXME: Needs helper | 386 | status = PABC_read_usr_ctx (json_string_value (identity_json), |
336 | * status = read_usr_ctx (usr_name, pp_name, ctx, pp, &usr_ctx); | 387 | json_string_value (iss_json), |
337 | */ | 388 | ctx, pp, &usr_ctx); |
338 | if (PABC_OK != status) | 389 | if (PABC_OK != status) |
339 | { | 390 | { |
340 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read user context.\n"); | 391 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read user context.\n"); |