[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] 28/45: -wip client_id check
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] 28/45: -wip client_id check |
Date: |
Sun, 25 Feb 2018 16:25:32 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
commit 762463674907eaec186cce3ba7c178c4aced2a2e
Author: Phil <address@hidden>
AuthorDate: Thu Jan 11 15:58:38 2018 +0100
-wip client_id check
---
.../plugin_rest_identity_provider.c | 98 +++++++++++++++++-----
1 file changed, 77 insertions(+), 21 deletions(-)
diff --git a/src/identity-provider/plugin_rest_identity_provider.c
b/src/identity-provider/plugin_rest_identity_provider.c
index ac9d2bd08..4daba29be 100644
--- a/src/identity-provider/plugin_rest_identity_provider.c
+++ b/src/identity-provider/plugin_rest_identity_provider.c
@@ -258,11 +258,21 @@ struct RequestHandle
struct GNUNET_REST_RequestHandle *rest_handle;
/**
- * Zone connection
+ * Handle to NAMESTORE
*/
struct GNUNET_NAMESTORE_Handle *namestore_handle;
/**
+ * Private key for the zone
+ */
+ struct GNUNET_CRYPTO_EcdsaPrivateKey zone_pkey;
+
+ /**
+ * OIDC_client public key
+ */
+ struct GNUNET_CRYPTO_EcdsaPublicKey client_pkey;
+
+ /**
* IDENTITY Operation
*/
struct GNUNET_IDENTITY_Operation *op;
@@ -339,8 +349,6 @@ struct RequestHandle
};
-
-
/**
* Cleanup lookup handle
* @param handle Handle to clean up
@@ -404,8 +412,8 @@ do_error (void *cls)
char *json_error;
GNUNET_asprintf (&json_error,
- "{error : %s}",
- handle->emsg);
+ "{error : %s, error_description : %s}",
+ handle->emsg, (NULL != handle->edesc) ? handle->edesc : "");
resp = GNUNET_REST_create_response (json_error);
handle->proc (handle->proc_cls, resp, handle->response_code);
cleanup_handle (handle);
@@ -1157,21 +1165,47 @@ zone_to_name_error (void *cls)
*/
static void
zone_to_name_get_cb (void *cls,
- const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key,
- const char *name,
- unsigned int rd_count,
- const struct GNUNET_GNSRECORD_Data *rd)
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key,
+ const char *name, unsigned int rd_count,
+ const struct GNUNET_GNSRECORD_Data *rd)
{
struct RequestHandle *handle = cls;
+ struct EgoEntry *ego_entry = handle->ego_entry->next;
+ GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "%s", handle->ego_entry->keystring);
+ if ( NULL == name )
+ {
+ if(NULL != ego_entry){
+ handle->zone_pkey = *GNUNET_IDENTITY_ego_get_private_key (
+ handle->ego_head->ego);
- if (0 == rd_count)
+ handle->ego_entry = ego_entry;
+ GNUNET_NAMESTORE_zone_to_name (handle->namestore_handle,
&handle->zone_pkey,
+ &handle->client_pkey, &zone_to_name_error,
handle,
+ &zone_to_name_get_cb, handle);
+ return;
+ }
+ else
+ {
+ handle->emsg = GNUNET_strdup("unauthorized_client");
+ //TODO change desc
+ handle->edesc = GNUNET_strdup("Not in namestore");
+ handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
+// GNUNET_NAMESTORE_disconnect (handle->namestore_handle);
+// handle->namestore_handle = NULL;
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
+ }
+ else
{
- handle->emsg = GNUNET_strdup("unauthorized_client");
- handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
- GNUNET_NAMESTORE_disconnect (handle->namestore_handle);
- handle->namestore_handle = NULL;
+ handle->emsg = GNUNET_strdup("works");
+ handle->edesc = GNUNET_strdup("");
+ handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
+// GNUNET_NAMESTORE_disconnect (handle->namestore_handle);
+// handle->namestore_handle = NULL;
+ GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "Test");
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
@@ -1229,6 +1263,7 @@ authorize_get_cont (struct GNUNET_REST_RequestHandle
*con_handle,
{
handle->emsg=GNUNET_strdup("invalid_request");
handle->edesc=GNUNET_strdup("Missing parameter: client_id");
+ handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
@@ -1237,20 +1272,40 @@ authorize_get_cont (struct GNUNET_REST_RequestHandle
*con_handle,
if ( GNUNET_OK
!= GNUNET_CRYPTO_ecdsa_public_key_from_string (client_id,
strlen (client_id),
- &pubkey) )
+ &handle->client_pkey) )
{
handle->emsg=GNUNET_strdup("unauthorized_client");
+ handle->edesc = GNUNET_strdup(
+ "The client is not authorized to request an authorization"
+ " code using this method.");
handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
}
// Checks if client_id is valid:
- handle->namestore_handle = GNUNET_NAMESTORE_connect(cfg);
- zone_pkey = GNUNET_IDENTITY_ego_get_private_key (handle->ego_entry->ego);
- GNUNET_NAMESTORE_zone_to_name (handle->namestore_handle, zone_pkey, &pubkey,
- zone_to_name_error, handle,
zone_to_name_get_cb,
- handle);
+ if ( NULL == handle->namestore_handle )
+ handle->namestore_handle = GNUNET_NAMESTORE_connect (cfg);
+
+ if ( NULL == handle->ego_head )
+ {
+ handle->emsg = GNUNET_strdup("Missing egos.");
+ handle->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR;
+ GNUNET_SCHEDULER_add_now (&do_error, handle);
+ return;
+ }
+ //TODO fix this
+// for (ego_entry = handle->ego_head;
+// NULL != ego_entry; ego_entry = ego_entry->next)
+// {
+ handle->zone_pkey = *GNUNET_IDENTITY_ego_get_private_key (
+ handle->ego_head->ego);
+ handle->ego_entry = handle->ego_head;
+ GNUNET_NAMESTORE_zone_to_name (handle->namestore_handle, &handle->zone_pkey,
+ &handle->client_pkey, &zone_to_name_error,
handle,
+ &zone_to_name_get_cb, handle);
return;
+ // zone_pkey = GNUNET_IDENTITY_ego_get_private_key (handle->rest_handle);
// REQUIRED value: redirect_uri
GNUNET_CRYPTO_hash (OIDC_REDIRECT_URI_KEY, strlen (OIDC_REDIRECT_URI_KEY),
@@ -1279,6 +1334,7 @@ authorize_get_cont (struct GNUNET_REST_RequestHandle
*con_handle,
}
handle->eredirect = GNUNET_strdup(redirect_uri);
+ GNUNET_free(expected_redirect_uri);
// REQUIRED value: response_type
GNUNET_CRYPTO_hash (OIDC_RESPONSE_TYPE_KEY, strlen (OIDC_RESPONSE_TYPE_KEY),
&cache_key);
@@ -1324,6 +1380,7 @@ authorize_get_cont (struct GNUNET_REST_RequestHandle
*con_handle,
&cache_key);
}
+ //TODO check other values and use them accordingly
number_of_ignored_parameter = sizeof(OIDC_ignored_parameter_array) /
sizeof(char *);
for( iterator = 0; iterator < number_of_ignored_parameter; iterator++ )
{
@@ -1360,7 +1417,6 @@ authorize_get_cont (struct GNUNET_REST_RequestHandle
*con_handle,
return;
}
- //TODO check other values and use them accordingly
GNUNET_CRYPTO_hash (OIDC_COOKIE_HEADER_KEY, strlen (OIDC_COOKIE_HEADER_KEY),
&cache_key);
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnunet] 11/45: Refactored file, (continued)
- [GNUnet-SVN] [gnunet] 11/45: Refactored file, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 27/45: Merge remote-tracking branch 'gnunet/master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 38/45: -fix unsafed file, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 22/45: -add todos; cleanup, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 24/45: Merge remote-tracking branch 'origin/master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 39/45: -Merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 20/45: -minor, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 15/45: -commit header parse work in progress, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 35/45: -merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 19/45: -add login and login timeout, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 28/45: -wip client_id check,
gnunet <=
- [GNUnet-SVN] [gnunet] 37/45: Merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 45/45: -fix, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 23/45: -fix login time, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 30/45: -fix get request without authorization code, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 26/45: -wip post request testing required and namestore handle fix required, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 42/45: -wip token endpoint fix, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 36/45: -wip token request, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 43/45: -wip token endpoint refactor, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 34/45: -wip token request, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 25/45: -wip post authentication, gnunet, 2018/02/25