[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] 26/45: -wip post request testing required and name
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] 26/45: -wip post request testing required and namestore handle fix required |
Date: |
Sun, 25 Feb 2018 16:25:30 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
commit afb2171eb752d82918048b393fda6f01f863b49a
Author: Phil <address@hidden>
AuthorDate: Tue Jan 9 15:41:15 2018 +0100
-wip post request testing required and namestore handle fix required
---
.../plugin_rest_identity_provider.c | 120 +++++++++------------
1 file changed, 53 insertions(+), 67 deletions(-)
diff --git a/src/identity-provider/plugin_rest_identity_provider.c
b/src/identity-provider/plugin_rest_identity_provider.c
index 9d61ac92b..ac9d2bd08 100644
--- a/src/identity-provider/plugin_rest_identity_provider.c
+++ b/src/identity-provider/plugin_rest_identity_provider.c
@@ -165,8 +165,6 @@ char* OIDC_ignored_parameter_array [] =
"acr_values"
};
-struct GNUNET_NAMESTORE_Handle *namestore_handle;
-
/**
* OIDC authorized identities and times hashmap
*/
@@ -259,6 +257,10 @@ struct RequestHandle
*/
struct GNUNET_REST_RequestHandle *rest_handle;
+ /**
+ * Zone connection
+ */
+ struct GNUNET_NAMESTORE_Handle *namestore_handle;
/**
* IDENTITY Operation
@@ -1139,8 +1141,8 @@ zone_to_name_error (void *cls)
handle->emsg = GNUNET_strdup("unauthorized_client");
handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
- GNUNET_NAMESTORE_disconnect (namestore_handle);
- namestore_handle = NULL;
+ GNUNET_NAMESTORE_disconnect (handle->namestore_handle);
+ handle->namestore_handle = NULL;
GNUNET_SCHEDULER_add_now (&do_error, handle);
}
@@ -1154,7 +1156,7 @@ zone_to_name_error (void *cls)
* @param rd array of records with data to store
*/
static void
-zone_to_name_cb (void *cls,
+zone_to_name_get_cb (void *cls,
const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key,
const char *name,
unsigned int rd_count,
@@ -1168,15 +1170,15 @@ zone_to_name_cb (void *cls,
handle->emsg = GNUNET_strdup("unauthorized_client");
handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
- GNUNET_NAMESTORE_disconnect (namestore_handle);
- namestore_handle = NULL;
+ GNUNET_NAMESTORE_disconnect (handle->namestore_handle);
+ handle->namestore_handle = NULL;
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
}
/**
- * Respond to authorization request
+ * Respond to authorization GET request
*
* @param con_handle the connection handle
* @param url the url
@@ -1243,11 +1245,12 @@ authorize_get_cont (struct GNUNET_REST_RequestHandle
*con_handle,
}
// Checks if client_id is valid:
- namestore_handle = GNUNET_NAMESTORE_connect(cfg);
+ handle->namestore_handle = GNUNET_NAMESTORE_connect(cfg);
zone_pkey = GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego);
- GNUNET_NAMESTORE_zone_to_name (namestore_handle, zone_pkey, &pubkey,
- zone_to_name_error, handle, zone_to_name_cb,
+ GNUNET_NAMESTORE_zone_to_name (handle->namestore_handle, zone_pkey, &pubkey,
+ zone_to_name_error, handle,
zone_to_name_get_cb,
handle);
+ return;
// REQUIRED value: redirect_uri
GNUNET_CRYPTO_hash (OIDC_REDIRECT_URI_KEY, strlen (OIDC_REDIRECT_URI_KEY),
@@ -1331,7 +1334,7 @@ authorize_get_cont (struct GNUNET_REST_RequestHandle
*con_handle,
&cache_key))
{
handle->emsg=GNUNET_strdup("access_denied");
- GNUNET_asprintf (*handle->edesc, "Server will not handle parameter: %s",
+ GNUNET_asprintf (&handle->edesc, "Server will not handle parameter: %s",
OIDC_ignored_parameter_array[iterator]);
GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
return;
@@ -1469,7 +1472,7 @@ authorize_get_cont (struct GNUNET_REST_RequestHandle
*con_handle,
}
/**
- * Respond to authorization request
+ * Respond to authorization POST request
*
* @param con_handle the connection handle
* @param url the url
@@ -1498,39 +1501,36 @@ authorize_post_cont (struct GNUNET_REST_RequestHandle
*con_handle,
struct MHD_Response *resp;
struct RequestHandle *handle = cls;
- char *response_type;
- char *client_id;
+ const char *response_type;
+ const char *client_id;
char *scope;
- char *redirect_uri;
- char *expected_redirect_uri;
- char *state = NULL;
- char *nonce = NULL;
+ const char *redirect_uri;
+ const char *state = NULL;
+ const char *nonce = NULL;
struct GNUNET_TIME_Absolute current_time, *relog_time;
- char *login_base_url, *new_redirect;
- struct GNUNET_HashCode cache_key;
+ char *login_base_url;
+ char *new_redirect;
+ char *expected_redirect_uri;
+ json_t *cache_object;
const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_pkey;
struct GNUNET_CRYPTO_EcdsaPublicKey pubkey;
+ struct GNUNET_HashCode cache_key;
int number_of_ignored_parameter, iterator;
json_t *root;
json_error_t error;
- json_t *identity;
root = json_loads (handle->rest_handle->data, 0, &error);
- client_id = json_object_get (root, OIDC_CLIENT_ID_KEY);
// REQUIRED value: client_id
- GNUNET_CRYPTO_hash (OIDC_CLIENT_ID_KEY, strlen (OIDC_CLIENT_ID_KEY),
- &cache_key);
- if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains
(handle->rest_handle->url_param_map,
- &cache_key))
+ cache_object = json_object_get (root, OIDC_CLIENT_ID_KEY);
+ if( NULL==cache_object || !json_is_string(cache_object))
{
handle->emsg=GNUNET_strdup("invalid_request");
handle->edesc=GNUNET_strdup("Missing parameter: client_id");
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- client_id =
GNUNET_CONTAINER_multihashmap_get(handle->rest_handle->url_param_map,
- &cache_key);
+ client_id = json_string_value(cache_object);
if ( GNUNET_OK
!= GNUNET_CRYPTO_ecdsa_public_key_from_string (client_id,
strlen (client_id),
@@ -1542,25 +1542,23 @@ authorize_post_cont (struct GNUNET_REST_RequestHandle
*con_handle,
}
// Checks if client_id is valid:
- namestore_handle = GNUNET_NAMESTORE_connect(cfg);
+ handle->namestore_handle = GNUNET_NAMESTORE_connect(cfg);
zone_pkey = GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego);
- GNUNET_NAMESTORE_zone_to_name (namestore_handle, zone_pkey, &pubkey,
- zone_to_name_error, handle, zone_to_name_cb,
- handle);
+ //TODO: fix
+// GNUNET_NAMESTORE_zone_to_name (handle->namestore_handle, zone_pkey,
&pubkey,
+// zone_to_name_error, handle, zone_to_name_cb,
+// handle);
// REQUIRED value: redirect_uri
- GNUNET_CRYPTO_hash (OIDC_REDIRECT_URI_KEY, strlen (OIDC_REDIRECT_URI_KEY),
- &cache_key);
- if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains
(handle->rest_handle->url_param_map,
- &cache_key))
+ cache_object = json_object_get (root, OIDC_REDIRECT_URI_KEY);
+ if( NULL==cache_object || !json_is_string(cache_object))
{
handle->emsg=GNUNET_strdup("invalid_request");
handle->edesc=GNUNET_strdup("Missing parameter: redirect_uri");
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- redirect_uri =
GNUNET_CONTAINER_multihashmap_get(handle->rest_handle->url_param_map,
- &cache_key);
+ redirect_uri = json_string_value(cache_object);
GNUNET_asprintf (&expected_redirect_uri, "https://%s.zkey", client_id);
@@ -1576,61 +1574,50 @@ authorize_post_cont (struct GNUNET_REST_RequestHandle
*con_handle,
handle->eredirect = GNUNET_strdup(redirect_uri);
// REQUIRED value: response_type
- GNUNET_CRYPTO_hash (OIDC_RESPONSE_TYPE_KEY, strlen (OIDC_RESPONSE_TYPE_KEY),
- &cache_key);
- if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains
(handle->rest_handle->url_param_map,
- &cache_key))
+ cache_object = json_object_get (root, OIDC_RESPONSE_TYPE_KEY);
+ if( NULL==cache_object || !json_is_string(cache_object))
{
handle->emsg=GNUNET_strdup("invalid_request");
handle->edesc=GNUNET_strdup("Missing parameter: response_type");
GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
return;
}
- response_type =
GNUNET_CONTAINER_multihashmap_get(handle->rest_handle->url_param_map,
- &cache_key);
+ response_type = json_string_value(cache_object);
// REQUIRED value: scope
- GNUNET_CRYPTO_hash (OIDC_SCOPE_KEY, strlen (OIDC_SCOPE_KEY), &cache_key);
- if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains
(handle->rest_handle->url_param_map,
- &cache_key))
+ cache_object = json_object_get (root, OIDC_SCOPE_KEY);
+ if( NULL==cache_object || !json_is_string(cache_object))
{
handle->emsg=GNUNET_strdup("invalid_request");
handle->edesc=GNUNET_strdup("Missing parameter: scope");
GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
return;
}
- scope = GNUNET_CONTAINER_multihashmap_get(handle->rest_handle->url_param_map,
- &cache_key);
+ scope = json_string_value(cache_object);
//RECOMMENDED value: state
- GNUNET_CRYPTO_hash (OIDC_STATE_KEY, strlen (OIDC_STATE_KEY), &cache_key);
- if (GNUNET_YES == GNUNET_CONTAINER_multihashmap_contains
(handle->rest_handle->url_param_map,
- &cache_key))
+ cache_object = json_object_get (root, OIDC_STATE_KEY);
+ if( NULL!=cache_object || json_is_string(cache_object))
{
- state =
GNUNET_CONTAINER_multihashmap_get(handle->rest_handle->url_param_map,
- &cache_key);
+ state = json_string_value(cache_object);
}
//OPTIONAL value: nonce
- GNUNET_CRYPTO_hash (OIDC_NONCE_KEY, strlen (OIDC_NONCE_KEY), &cache_key);
- if (GNUNET_YES == GNUNET_CONTAINER_multihashmap_contains
(handle->rest_handle->url_param_map,
- &cache_key))
+ cache_object = json_object_get (root, OIDC_NONCE_KEY);
+ if( NULL!=cache_object || json_is_string(cache_object))
{
- nonce =
GNUNET_CONTAINER_multihashmap_get(handle->rest_handle->url_param_map,
- &cache_key);
+ nonce = json_string_value(cache_object);
}
+ //TODO check other values and use them accordingly
number_of_ignored_parameter = sizeof(OIDC_ignored_parameter_array) /
sizeof(char *);
for( iterator = 0; iterator < number_of_ignored_parameter; iterator++ )
{
- GNUNET_CRYPTO_hash (OIDC_ignored_parameter_array[iterator],
- strlen(OIDC_ignored_parameter_array[iterator]),
- &cache_key);
- if(GNUNET_YES ==
GNUNET_CONTAINER_multihashmap_contains(handle->rest_handle->url_param_map,
- &cache_key))
+ cache_object = json_object_get (root,
OIDC_ignored_parameter_array[iterator]);
+ if(json_is_string(cache_object))
{
handle->emsg=GNUNET_strdup("access_denied");
- GNUNET_asprintf (*handle->edesc, "Server will not handle parameter: %s",
+ GNUNET_asprintf (&handle->edesc, "Server will not handle parameter: %s",
OIDC_ignored_parameter_array[iterator]);
GNUNET_SCHEDULER_add_now (&do_redirect_error, handle);
return;
@@ -1656,7 +1643,6 @@ authorize_post_cont (struct GNUNET_REST_RequestHandle
*con_handle,
return;
}
- //TODO check other values and use them accordingly
GNUNET_CRYPTO_hash (OIDC_COOKIE_HEADER_KEY, strlen (OIDC_COOKIE_HEADER_KEY),
&cache_key);
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnunet] 39/45: -Merge branch 'master' into identity_oidc, (continued)
- [GNUnet-SVN] [gnunet] 39/45: -Merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 20/45: -minor, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 15/45: -commit header parse work in progress, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 35/45: -merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 19/45: -add login and login timeout, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 28/45: -wip client_id check, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 37/45: Merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 45/45: -fix, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 23/45: -fix login time, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 30/45: -fix get request without authorization code, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 26/45: -wip post request testing required and namestore handle fix required,
gnunet <=
- [GNUnet-SVN] [gnunet] 42/45: -wip token endpoint fix, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 36/45: -wip token request, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 43/45: -wip token endpoint refactor, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 34/45: -wip token request, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 25/45: -wip post authentication, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 29/45: -wip attribute collection, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 41/45: -changes for using token endpoint & added token endpoint, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 32/45: -fix GET request, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 40/45: -wip token endpoint, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 44/45: -wip UserInfo Endpoint, gnunet, 2018/02/25