[GNUnet-SVN] [gnunet] 22/45: -add todos; cleanup

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [gnunet] 22/45: -add todos; cleanup

From:	gnunet
Subject:	[GNUnet-SVN] [gnunet] 22/45: -add todos; cleanup
Date:	Sun, 25 Feb 2018 16:25:26 +0100

This is an automated email from the git hooks/post-receive script.

martin-schanzenbach pushed a commit to branch master
in repository gnunet.

commit 3428214e4513e1539256b19502ffb085539e01b3
Author: Schanzenbach, Martin <address@hidden>
AuthorDate: Thu Dec 14 17:59:16 2017 +0100

    -add todos; cleanup
---
 .../plugin_rest_identity_provider.c                | 123 +++++++++++----------
 1 file changed, 65 insertions(+), 58 deletions(-)

diff --git a/src/identity-provider/plugin_rest_identity_provider.c 
b/src/identity-provider/plugin_rest_identity_provider.c
index bf0ce9053..30847ed3f 100644
--- a/src/identity-provider/plugin_rest_identity_provider.c
+++ b/src/identity-provider/plugin_rest_identity_provider.c
@@ -1133,8 +1133,13 @@ authorize_cont (struct GNUNET_REST_RequestHandle 
*con_handle,
 {
   struct MHD_Response *resp;
   struct RequestHandle *handle = cls;
-  char *response_type, *client_id, *scope, *redirect_uri, *state = 0,
-      *nonce = 0;
+  char *response_type;
+  char *client_id;
+  char *scope;
+  char *redirect_uri;
+  char *state = NULL;
+  char *nonce = NULL;
+  //TODO use gnunet_time_lib
   struct timeval now, login_time;
   OIDC_authorized_identities  = GNUNET_CONTAINER_multihashmap_create( 10, 
GNUNET_NO );
   char *login_base_url, *new_redirect;
@@ -1175,6 +1180,7 @@ authorize_cont (struct GNUNET_REST_RequestHandle 
*con_handle,
                                                &cache_key);
 
   // Checks if client_id is valid:
+  // TODO use GNUNET_NAMESTORE_zone_to_name() function to verify that a 
delegation to the client_id exists
   // TODO change check (lookup trusted public_key?)
 //  if( strcmp( client_id, "localhost" ) != 0 )
 //  {
@@ -1185,6 +1191,7 @@ authorize_cont (struct GNUNET_REST_RequestHandle 
*con_handle,
 //  }
 
   // REQUIRED value: redirect_uri
+  // TODO verify the redirect uri matches https://<client_id>.zkey[/xyz]
   GNUNET_CRYPTO_hash (OIDC_REDIRECT_URI_KEY, strlen (OIDC_REDIRECT_URI_KEY),
                      &cache_key);
   if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains 
(handle->rest_handle->url_param_map,
@@ -1308,26 +1315,26 @@ authorize_cont (struct GNUNET_REST_RequestHandle 
*con_handle,
                      &cache_key);
   //No Authorization Parameter -> redirect to login
   if(GNUNET_NO == 
GNUNET_CONTAINER_multihashmap_contains(con_handle->header_param_map,
-                                                         &cache_key))
+                                                         &cache_key))
   {
     if ( GNUNET_OK
-       == GNUNET_CONFIGURATION_get_value_string (cfg, "identity-rest-plugin",
-                                                 "address", &login_base_url) )
+         == GNUNET_CONFIGURATION_get_value_string (cfg, "identity-rest-plugin",
+                                                   "address", &login_base_url) 
)
     {
       GNUNET_asprintf (&new_redirect, "%s?%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s",
-                      login_base_url,
-                      OIDC_RESPONSE_TYPE_KEY,
-                      response_type,
-                      OIDC_CLIENT_ID_KEY,
-                      client_id,
-                      OIDC_REDIRECT_URI_KEY,
-                      redirect_uri,
-                      OIDC_SCOPE_KEY,
-                      scope,
-                      OIDC_STATE_KEY,
-                      (state) ? state : "",
-                      OIDC_NONCE_KEY,
-                      (nonce) ? nonce : "");
+                       login_base_url,
+                       OIDC_RESPONSE_TYPE_KEY,
+                       response_type,
+                       OIDC_CLIENT_ID_KEY,
+                       client_id,
+                       OIDC_REDIRECT_URI_KEY,
+                       redirect_uri,
+                       OIDC_SCOPE_KEY,
+                       scope,
+                       OIDC_STATE_KEY,
+                       (NULL == state) ? state : "",
+                       OIDC_NONCE_KEY,
+                       (NULL == nonce) ? nonce : "");
       resp = GNUNET_REST_create_response ("");
       MHD_add_response_header (resp, "Location", new_redirect);
     }
@@ -1346,60 +1353,60 @@ authorize_cont (struct GNUNET_REST_RequestHandle 
*con_handle,
   else
   {
     char* identity = GNUNET_CONTAINER_multihashmap_get ( 
con_handle->header_param_map,
-                                                        &cache_key);
+                                                         &cache_key);
     GNUNET_CRYPTO_hash (identity, strlen (identity), &cache_key);
     if(GNUNET_YES == 
GNUNET_CONTAINER_multihashmap_contains(OIDC_authorized_identities,
-                                                          &cache_key))
+                                                            &cache_key))
     {
       login_time = *(struct timeval 
*)GNUNET_CONTAINER_multihashmap_get(OIDC_authorized_identities,
-                                                                   &cache_key);
+                                                                        
&cache_key);
       gettimeofday(&now, NULL);
       //After 30 minutes redirect to login
       if( now.tv_sec - login_time.tv_sec >= 1800)
       {
-       //TODO remove redundancy [redirect to login]
-       if ( GNUNET_OK
-           == GNUNET_CONFIGURATION_get_value_string (cfg, 
"identity-rest-plugin",
-                                                     "address", 
&login_base_url) )
-       {
-         GNUNET_asprintf (&new_redirect, 
"%s?%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s",
-                          login_base_url,
-                          OIDC_RESPONSE_TYPE_KEY,
-                          response_type,
-                          OIDC_CLIENT_ID_KEY,
-                          client_id,
-                          OIDC_REDIRECT_URI_KEY,
-                          redirect_uri,
-                          OIDC_SCOPE_KEY,
-                          scope,
-                          OIDC_STATE_KEY,
-                          (state) ? state : "",
-                          OIDC_NONCE_KEY,
-                          (nonce) ? nonce : "");
-         resp = GNUNET_REST_create_response ("");
-         MHD_add_response_header (resp, "Location", new_redirect);
-       }
-       else
-       {
-         handle->emsg = GNUNET_strdup("No server configuration");
-         handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
-         GNUNET_SCHEDULER_add_now (&do_error, handle);
-         return;
-       }
-       handle->proc (handle->proc_cls, resp, MHD_HTTP_FOUND);
-       cleanup_handle (handle);
-       GNUNET_free(new_redirect);
-       return;
+        //TODO remove redundancy [redirect to login]
+        if ( GNUNET_OK
+             == GNUNET_CONFIGURATION_get_value_string (cfg, 
"identity-rest-plugin",
+                                                       "address", 
&login_base_url) )
+        {
+          GNUNET_asprintf (&new_redirect, 
"%s?%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s",
+                           login_base_url,
+                           OIDC_RESPONSE_TYPE_KEY,
+                           response_type,
+                           OIDC_CLIENT_ID_KEY,
+                           client_id,
+                           OIDC_REDIRECT_URI_KEY,
+                           redirect_uri,
+                           OIDC_SCOPE_KEY,
+                           scope,
+                           OIDC_STATE_KEY,
+                           (state) ? state : "",
+                           OIDC_NONCE_KEY,
+                           (nonce) ? nonce : "");
+          resp = GNUNET_REST_create_response ("");
+          MHD_add_response_header (resp, "Location", new_redirect);
+        }
+        else
+        {
+          handle->emsg = GNUNET_strdup("No server configuration");
+          handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
+          GNUNET_SCHEDULER_add_now (&do_error, handle);
+          return;
+        }
+        handle->proc (handle->proc_cls, resp, MHD_HTTP_FOUND);
+        cleanup_handle (handle);
+        GNUNET_free(new_redirect);
+        return;
       }
     }
     else
     {
       gettimeofday( &now, NULL );
       GNUNET_CONTAINER_multihashmap_put( OIDC_authorized_identities, 
&cache_key, &now,
-                                        
GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
+                                         
GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
     }
     resp = GNUNET_REST_create_response ("");
-//    MHD_add_response_header (resp, "Access-Control-Allow-Origin", "*");
+    //    MHD_add_response_header (resp, "Access-Control-Allow-Origin", "*");
     MHD_add_response_header (resp, "Location", redirect_uri);
     handle->proc (handle->proc_cls, resp, MHD_HTTP_FOUND);
     cleanup_handle (handle);
@@ -1417,8 +1424,8 @@ authorize_cont (struct GNUNET_REST_RequestHandle 
*con_handle,
  */
 static void
 login_cont (struct GNUNET_REST_RequestHandle *con_handle,
-                const char* url,
-                void *cls)
+            const char* url,
+            void *cls)
 {
   struct MHD_Response *resp = GNUNET_REST_create_response ("");
   struct RequestHandle *handle = cls;

-- 
To stop receiving notification emails like this one, please contact
address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] [gnunet] 09/45: Merge branch 'identity_oidc' of git-int.aisec.fraunhofer.de:sas/gnunet-mirror into identity_oidc, (continued)
- [GNUnet-SVN] [gnunet] 09/45: Merge branch 'identity_oidc' of git-int.aisec.fraunhofer.de:sas/gnunet-mirror into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 12/45: -fixed nonce=(null), gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 16/45: -merge branch 'identity_oidc' of git-int.aisec.fraunhofer.de:sas/gnunet-mirror into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 14/45: -add header map to rest handle, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 21/45: -merge, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 18/45: -merge branch 'identity_oidc' of git-int.aisec.fraunhofer.de:sas/gnunet-mirror into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 08/45: --commit still broken, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 11/45: Refactored file, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 27/45: Merge remote-tracking branch 'gnunet/master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 38/45: -fix unsafed file, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 22/45: -add todos; cleanup, gnunet <=
- [GNUnet-SVN] [gnunet] 24/45: Merge remote-tracking branch 'origin/master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 39/45: -Merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 20/45: -minor, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 15/45: -commit header parse work in progress, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 35/45: -merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 19/45: -add login and login timeout, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 28/45: -wip client_id check, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 37/45: Merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 45/45: -fix, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 23/45: -fix login time, gnunet, 2018/02/25

Prev by Date: [GNUnet-SVN] [gnunet] branch master updated (d4ad64d79 -> 82e4a63b4)
Next by Date: [GNUnet-SVN] [gnunet] 24/45: Merge remote-tracking branch 'origin/master' into identity_oidc
Previous by thread: [GNUnet-SVN] [gnunet] 38/45: -fix unsafed file
Next by thread: [GNUnet-SVN] [gnunet] 24/45: Merge remote-tracking branch 'origin/master' into identity_oidc
Index(es):
- Date
- Thread