diff options
Diffstat (limited to 'src/reclaim/plugin_rest_pabc.c')
-rw-r--r-- | src/reclaim/plugin_rest_pabc.c | 72 |
1 files changed, 53 insertions, 19 deletions
diff --git a/src/reclaim/plugin_rest_pabc.c b/src/reclaim/plugin_rest_pabc.c index e5099a012..3d34b85fe 100644 --- a/src/reclaim/plugin_rest_pabc.c +++ b/src/reclaim/plugin_rest_pabc.c | |||
@@ -214,6 +214,7 @@ return_response (void *cls) | |||
214 | cleanup_handle (handle); | 214 | cleanup_handle (handle); |
215 | } | 215 | } |
216 | 216 | ||
217 | |||
217 | static enum pabc_status | 218 | static enum pabc_status |
218 | set_attributes_from_idtoken (const struct pabc_context *ctx, | 219 | set_attributes_from_idtoken (const struct pabc_context *ctx, |
219 | const struct pabc_public_parameters *pp, | 220 | const struct pabc_public_parameters *pp, |
@@ -231,7 +232,7 @@ set_attributes_from_idtoken (const struct pabc_context *ctx, | |||
231 | const char *pabc_key; | 232 | const char *pabc_key; |
232 | enum pabc_status status; | 233 | enum pabc_status status; |
233 | 234 | ||
234 | //FIXME parse JWT | 235 | // FIXME parse JWT |
235 | jwt_string = GNUNET_strndup (id_token, strlen (id_token)); | 236 | jwt_string = GNUNET_strndup (id_token, strlen (id_token)); |
236 | jwt_body = strtok (jwt_string, delim); | 237 | jwt_body = strtok (jwt_string, delim); |
237 | jwt_body = strtok (NULL, delim); | 238 | jwt_body = strtok (NULL, delim); |
@@ -241,17 +242,17 @@ set_attributes_from_idtoken (const struct pabc_context *ctx, | |||
241 | payload_json = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err); | 242 | payload_json = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err); |
242 | GNUNET_free (decoded_jwt); | 243 | GNUNET_free (decoded_jwt); |
243 | 244 | ||
244 | json_object_foreach(payload_json, key, value) | 245 | json_object_foreach (payload_json, key, value) |
245 | { | 246 | { |
246 | pabc_key = key; | 247 | pabc_key = key; |
247 | if (0 == strcmp ("iss", key)) | 248 | if (0 == strcmp ("iss", key)) |
248 | pabc_key = "issuer"; //rename | 249 | pabc_key = "issuer"; // rename |
249 | if (0 == strcmp ("sub", key)) | 250 | if (0 == strcmp ("sub", key)) |
250 | pabc_key = "subject"; //rename | 251 | pabc_key = "subject"; // rename |
251 | if (0 == strcmp ("jti", key)) | 252 | if (0 == strcmp ("jti", key)) |
252 | continue; | 253 | continue; |
253 | if (0 == strcmp ("exp", key)) | 254 | if (0 == strcmp ("exp", key)) |
254 | pabc_key = "expiration"; //rename | 255 | pabc_key = "expiration"; // rename |
255 | if (0 == strcmp ("iat", key)) | 256 | if (0 == strcmp ("iat", key)) |
256 | continue; | 257 | continue; |
257 | if (0 == strcmp ("nbf", key)) | 258 | if (0 == strcmp ("nbf", key)) |
@@ -272,6 +273,23 @@ set_attributes_from_idtoken (const struct pabc_context *ctx, | |||
272 | } | 273 | } |
273 | 274 | ||
274 | 275 | ||
276 | static enum GNUNET_GenericReturnValue | ||
277 | setup_new_user_context (struct pabc_context *ctx, | ||
278 | struct pabc_public_parameters *pp, | ||
279 | struct pabc_user_context **usr_ctx) | ||
280 | { | ||
281 | if (PABC_OK != pabc_new_user_context (ctx, pp, usr_ctx)) | ||
282 | return GNUNET_SYSERR; | ||
283 | |||
284 | if (PABC_OK != pabc_populate_user_context (ctx, *usr_ctx)) | ||
285 | { | ||
286 | pabc_free_user_context (ctx, pp, usr_ctx); | ||
287 | return GNUNET_SYSERR; | ||
288 | } | ||
289 | return GNUNET_OK; | ||
290 | } | ||
291 | |||
292 | |||
275 | static void | 293 | static void |
276 | cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | 294 | cr_cont (struct GNUNET_REST_RequestHandle *con_handle, |
277 | const char *url, | 295 | const char *url, |
@@ -316,7 +334,7 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
316 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 334 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
317 | return; | 335 | return; |
318 | } | 336 | } |
319 | if (!json_is_object (data_json)) | 337 | if (! json_is_object (data_json)) |
320 | { | 338 | { |
321 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 339 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
322 | "Unable to parse %s\n", term_data); | 340 | "Unable to parse %s\n", term_data); |
@@ -372,9 +390,10 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
372 | } | 390 | } |
373 | 391 | ||
374 | PABC_ASSERT (pabc_new_ctx (&ctx)); | 392 | PABC_ASSERT (pabc_new_ctx (&ctx)); |
375 | status = PABC_load_public_parameters (ctx, | 393 | // FIXME jansson does stupid escaping here maybe expect ecoded? |
376 | json_string_value (iss_json), | 394 | status = pabc_decode_and_new_public_parameters (ctx, |
377 | &pp); | 395 | &pp, |
396 | json_string_value (pp_json)); | ||
378 | if (status != PABC_OK) | 397 | if (status != PABC_OK) |
379 | { | 398 | { |
380 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read public parameters.\n"); | 399 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read public parameters.\n"); |
@@ -382,17 +401,33 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
382 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 401 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
383 | return; | 402 | return; |
384 | } | 403 | } |
385 | 404 | // (Over)write parameters | |
405 | status = PABC_write_public_parameters (json_string_value (iss_json), | ||
406 | pp); | ||
407 | if (status != PABC_OK) | ||
408 | { | ||
409 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
410 | "Failed to write public parameters.\n"); | ||
411 | json_decref (data_json); | ||
412 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
413 | return; | ||
414 | } | ||
386 | status = PABC_read_usr_ctx (json_string_value (identity_json), | 415 | status = PABC_read_usr_ctx (json_string_value (identity_json), |
387 | json_string_value (iss_json), | 416 | json_string_value (iss_json), |
388 | ctx, pp, &usr_ctx); | 417 | ctx, pp, &usr_ctx); |
389 | if (PABC_OK != status) | 418 | if (PABC_OK != status) |
390 | { | 419 | { |
391 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to read user context.\n"); | 420 | if (GNUNET_OK != setup_new_user_context (ctx, pp, &usr_ctx)) |
392 | pabc_free_public_parameters (ctx, &pp); | 421 | { |
393 | json_decref (data_json); | 422 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to setup user context.\n"); |
394 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 423 | pabc_free_public_parameters (ctx, &pp); |
395 | return; | 424 | json_decref (data_json); |
425 | GNUNET_SCHEDULER_add_now (&do_error, handle); | ||
426 | return; | ||
427 | } | ||
428 | PABC_write_usr_ctx (json_string_value (identity_json), | ||
429 | json_string_value (iss_json), | ||
430 | ctx, pp, usr_ctx); | ||
396 | } | 431 | } |
397 | 432 | ||
398 | // Set attributes from JWT to context | 433 | // Set attributes from JWT to context |
@@ -422,7 +457,7 @@ cr_cont (struct GNUNET_REST_RequestHandle *con_handle, | |||
422 | GNUNET_SCHEDULER_add_now (&do_error, handle); | 457 | GNUNET_SCHEDULER_add_now (&do_error, handle); |
423 | return; | 458 | return; |
424 | } | 459 | } |
425 | //FIXME: where does this come from??? | 460 | // FIXME: where does this come from??? |
426 | status = pabc_decode_nonce (ctx, nonce, json_string_value (nonce_json)); | 461 | status = pabc_decode_nonce (ctx, nonce, json_string_value (nonce_json)); |
427 | if (status != PABC_OK) | 462 | if (status != PABC_OK) |
428 | { | 463 | { |
@@ -519,10 +554,9 @@ rest_identity_process_request (struct GNUNET_REST_RequestHandle *rest_handle, | |||
519 | { | 554 | { |
520 | struct RequestHandle *handle = GNUNET_new (struct RequestHandle); | 555 | struct RequestHandle *handle = GNUNET_new (struct RequestHandle); |
521 | struct GNUNET_REST_RequestHandlerError err; | 556 | struct GNUNET_REST_RequestHandlerError err; |
522 | static const struct GNUNET_REST_RequestHandler handlers[] = | 557 | static const struct GNUNET_REST_RequestHandler handlers[] = { |
523 | { | ||
524 | {MHD_HTTP_METHOD_POST, | 558 | {MHD_HTTP_METHOD_POST, |
525 | GNUNET_REST_API_NS_PABC_CR, &cr_cont }, | 559 | GNUNET_REST_API_NS_PABC_CR, &cr_cont }, |
526 | { MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_PABC, &options_cont }, | 560 | { MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_PABC, &options_cont }, |
527 | GNUNET_REST_HANDLER_END | 561 | GNUNET_REST_HANDLER_END |
528 | }; | 562 | }; |