diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/reclaim/json_reclaim.c | 2 | ||||
-rw-r--r-- | src/reclaim/oidc_helper.c | 57 | ||||
-rw-r--r-- | src/reclaim/plugin_reclaim_credential_jwt.c | 39 |
3 files changed, 86 insertions, 12 deletions
diff --git a/src/reclaim/json_reclaim.c b/src/reclaim/json_reclaim.c index 6c945036a..4eeb22bee 100644 --- a/src/reclaim/json_reclaim.c +++ b/src/reclaim/json_reclaim.c | |||
@@ -95,6 +95,7 @@ parse_attr (void *cls, json_t *root, struct GNUNET_JSON_Specification *spec) | |||
95 | } | 95 | } |
96 | attr = GNUNET_RECLAIM_attribute_new (name_str, NULL, | 96 | attr = GNUNET_RECLAIM_attribute_new (name_str, NULL, |
97 | type, data, data_size); | 97 | type, data, data_size); |
98 | GNUNET_free (data); | ||
98 | if ((NULL != cred_str) && (0 != strlen (cred_str))) | 99 | if ((NULL != cred_str) && (0 != strlen (cred_str))) |
99 | { | 100 | { |
100 | GNUNET_STRINGS_string_to_data (cred_str, | 101 | GNUNET_STRINGS_string_to_data (cred_str, |
@@ -334,6 +335,7 @@ parse_credential (void *cls, json_t *root, struct GNUNET_JSON_Specification *spe | |||
334 | return GNUNET_SYSERR; | 335 | return GNUNET_SYSERR; |
335 | } | 336 | } |
336 | cred = GNUNET_RECLAIM_credential_new (name_str, type, data, data_size); | 337 | cred = GNUNET_RECLAIM_credential_new (name_str, type, data, data_size); |
338 | GNUNET_free (data); | ||
337 | if ((NULL == id_str) || (0 == strlen (id_str))) | 339 | if ((NULL == id_str) || (0 == strlen (id_str))) |
338 | memset (&cred->id, 0, sizeof (cred->id)); | 340 | memset (&cred->id, 0, sizeof (cred->id)); |
339 | else | 341 | else |
diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c index 84a90833c..bd3a8ee05 100644 --- a/src/reclaim/oidc_helper.c +++ b/src/reclaim/oidc_helper.c | |||
@@ -223,6 +223,8 @@ generate_userinfo_json (const struct GNUNET_IDENTITY_PublicKey *sub_key, | |||
223 | i++; | 223 | i++; |
224 | } | 224 | } |
225 | 225 | ||
226 | int addr_is_aggregated = GNUNET_NO; | ||
227 | int addr_is_normal = GNUNET_NO; | ||
226 | for (le = attrs->list_head; NULL != le; le = le->next) | 228 | for (le = attrs->list_head; NULL != le; le = le->next) |
227 | { | 229 | { |
228 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 230 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
@@ -230,7 +232,6 @@ generate_userinfo_json (const struct GNUNET_IDENTITY_PublicKey *sub_key, | |||
230 | le->attribute->name); | 232 | le->attribute->name); |
231 | if (GNUNET_YES == GNUNET_RECLAIM_id_is_zero (&le->attribute->credential)) | 233 | if (GNUNET_YES == GNUNET_RECLAIM_id_is_zero (&le->attribute->credential)) |
232 | { | 234 | { |
233 | |||
234 | attr_val_str = | 235 | attr_val_str = |
235 | GNUNET_RECLAIM_attribute_value_to_string (le->attribute->type, | 236 | GNUNET_RECLAIM_attribute_value_to_string (le->attribute->type, |
236 | le->attribute->data, | 237 | le->attribute->data, |
@@ -238,13 +239,22 @@ generate_userinfo_json (const struct GNUNET_IDENTITY_PublicKey *sub_key, | |||
238 | /** | 239 | /** |
239 | * There is this wierd quirk that the individual address claim(s) must be | 240 | * There is this wierd quirk that the individual address claim(s) must be |
240 | * inside a JSON object of the "address" claim. | 241 | * inside a JSON object of the "address" claim. |
241 | * FIXME: Possibly include formatted claim here | ||
242 | */ | 242 | */ |
243 | if (GNUNET_YES == is_claim_in_address_scope (le->attribute->name)) | 243 | if (GNUNET_YES == is_claim_in_address_scope (le->attribute->name)) |
244 | { | 244 | { |
245 | if (GNUNET_YES == addr_is_aggregated) | ||
246 | { | ||
247 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
248 | "Address is set as aggregated claim. Skipping self-issued value...\n"); | ||
249 | GNUNET_free (attr_val_str); | ||
250 | continue; | ||
251 | } | ||
252 | addr_is_normal = GNUNET_YES; | ||
253 | |||
245 | if (NULL == addr_claim) | 254 | if (NULL == addr_claim) |
246 | { | 255 | { |
247 | addr_claim = json_object (); | 256 | addr_claim = json_object (); |
257 | json_object_set_new (body, "address", addr_claim); | ||
248 | } | 258 | } |
249 | json_object_set_new (addr_claim, le->attribute->name, | 259 | json_object_set_new (addr_claim, le->attribute->name, |
250 | json_string (attr_val_str)); | 260 | json_string (attr_val_str)); |
@@ -276,17 +286,42 @@ generate_userinfo_json (const struct GNUNET_IDENTITY_PublicKey *sub_key, | |||
276 | le->attribute->name); | 286 | le->attribute->name); |
277 | continue; | 287 | continue; |
278 | } | 288 | } |
279 | // Presentation exists, hence take the respective source str | 289 | /** |
280 | GNUNET_asprintf (&source_name, | 290 | * There is this wierd quirk that the individual address claim(s) must be |
281 | "src%d", | 291 | * inside a JSON object of the "address" claim. |
282 | j); | 292 | */ |
283 | json_object_set_new (aggr_names, le->attribute->name, | 293 | if (GNUNET_YES == is_claim_in_address_scope (le->attribute->name)) |
284 | json_string (source_name)); | 294 | { |
285 | GNUNET_free (source_name); | 295 | if (GNUNET_YES == addr_is_normal) |
296 | { | ||
297 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
298 | "Address is already set as normal claim. Skipping attested value...\n"); | ||
299 | continue; | ||
300 | } | ||
301 | addr_is_aggregated = GNUNET_YES; | ||
302 | /** This is/can only be set once! **/ | ||
303 | if (NULL != addr_claim) | ||
304 | continue; | ||
305 | addr_claim = json_object (); | ||
306 | GNUNET_asprintf (&source_name, | ||
307 | "src%d", | ||
308 | j); | ||
309 | json_object_set_new (aggr_names, "address", | ||
310 | json_string (source_name)); | ||
311 | GNUNET_free (source_name); | ||
312 | } | ||
313 | else | ||
314 | { | ||
315 | // Presentation exists, hence take the respective source str | ||
316 | GNUNET_asprintf (&source_name, | ||
317 | "src%d", | ||
318 | j); | ||
319 | json_object_set_new (aggr_names, le->attribute->name, | ||
320 | json_string (source_name)); | ||
321 | GNUNET_free (source_name); | ||
322 | } | ||
286 | } | 323 | } |
287 | } | 324 | } |
288 | if (NULL != addr_claim) | ||
289 | json_object_set_new (body, "address", addr_claim); | ||
290 | if (0 != i) | 325 | if (0 != i) |
291 | { | 326 | { |
292 | json_object_set_new (body, "_claim_names", aggr_names); | 327 | json_object_set_new (body, "_claim_names", aggr_names); |
diff --git a/src/reclaim/plugin_reclaim_credential_jwt.c b/src/reclaim/plugin_reclaim_credential_jwt.c index c1e12f4a0..aac0a6ea5 100644 --- a/src/reclaim/plugin_reclaim_credential_jwt.c +++ b/src/reclaim/plugin_reclaim_credential_jwt.c | |||
@@ -160,6 +160,7 @@ jwt_parse_attributes (void *cls, | |||
160 | char *val_str = NULL; | 160 | char *val_str = NULL; |
161 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n"); | 161 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n"); |
162 | char *decoded_jwt; | 162 | char *decoded_jwt; |
163 | char *tmp; | ||
163 | json_t *json_val; | 164 | json_t *json_val; |
164 | json_error_t *json_err = NULL; | 165 | json_error_t *json_err = NULL; |
165 | 166 | ||
@@ -175,7 +176,10 @@ jwt_parse_attributes (void *cls, | |||
175 | json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err); | 176 | json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err); |
176 | GNUNET_free (decoded_jwt); | 177 | GNUNET_free (decoded_jwt); |
177 | const char *key; | 178 | const char *key; |
179 | const char *addr_key; | ||
178 | json_t *value; | 180 | json_t *value; |
181 | json_t *addr_value; | ||
182 | |||
179 | json_object_foreach (json_val, key, value) { | 183 | json_object_foreach (json_val, key, value) { |
180 | if (0 == strcmp ("iss", key)) | 184 | if (0 == strcmp ("iss", key)) |
181 | continue; | 185 | continue; |
@@ -189,12 +193,45 @@ jwt_parse_attributes (void *cls, | |||
189 | continue; | 193 | continue; |
190 | if (0 == strcmp ("aud", key)) | 194 | if (0 == strcmp ("aud", key)) |
191 | continue; | 195 | continue; |
196 | if (0 == strcmp ("address", key)) | ||
197 | { | ||
198 | if (!json_is_object(value)) { | ||
199 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
200 | "address claim in wrong format!"); | ||
201 | continue; | ||
202 | } | ||
203 | json_object_foreach (value, addr_key, addr_value) { | ||
204 | val_str = json_dumps (addr_value, JSON_ENCODE_ANY); | ||
205 | tmp = val_str; | ||
206 | //Remove leading " from jasson conversion | ||
207 | if (tmp[0] == '"') | ||
208 | tmp++; | ||
209 | //Remove trailing " from jansson conversion | ||
210 | if (tmp[strlen(tmp)-1] == '"') | ||
211 | tmp[strlen(tmp)-1] = '\0'; | ||
212 | GNUNET_RECLAIM_attribute_list_add (attrs, | ||
213 | addr_key, | ||
214 | NULL, | ||
215 | GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING, | ||
216 | tmp, | ||
217 | strlen (val_str)); | ||
218 | GNUNET_free (val_str); | ||
219 | } | ||
220 | continue; | ||
221 | } | ||
192 | val_str = json_dumps (value, JSON_ENCODE_ANY); | 222 | val_str = json_dumps (value, JSON_ENCODE_ANY); |
223 | tmp = val_str; | ||
224 | //Remove leading " from jasson conversion | ||
225 | if (tmp[0] == '"') | ||
226 | tmp++; | ||
227 | //Remove trailing " from jansson conversion | ||
228 | if (tmp[strlen(tmp)-1] == '"') | ||
229 | tmp[strlen(tmp)-1] = '\0'; | ||
193 | GNUNET_RECLAIM_attribute_list_add (attrs, | 230 | GNUNET_RECLAIM_attribute_list_add (attrs, |
194 | key, | 231 | key, |
195 | NULL, | 232 | NULL, |
196 | GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,// FIXME | 233 | GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,// FIXME |
197 | val_str, | 234 | tmp, |
198 | strlen (val_str)); | 235 | strlen (val_str)); |
199 | GNUNET_free (val_str); | 236 | GNUNET_free (val_str); |
200 | } | 237 | } |