[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] 30/45: -fix get request without authorization code
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] 30/45: -fix get request without authorization code |
Date: |
Sun, 25 Feb 2018 16:25:34 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
commit cbe68f524b22246b1cf66a10c2ad6e28ccd7cdd5
Author: Phil <address@hidden>
AuthorDate: Fri Jan 12 15:35:47 2018 +0100
-fix get request without authorization code
---
.../plugin_rest_identity_provider.c | 91 +++++++++++++++-------
1 file changed, 65 insertions(+), 26 deletions(-)
diff --git a/src/identity-provider/plugin_rest_identity_provider.c
b/src/identity-provider/plugin_rest_identity_provider.c
index de54ecf16..515020e1b 100644
--- a/src/identity-provider/plugin_rest_identity_provider.c
+++ b/src/identity-provider/plugin_rest_identity_provider.c
@@ -288,6 +288,11 @@ struct RequestHandle
char *client_pkey_string;
/**
+ * OIDC login identity
+ */
+ char *identity_cookie;
+
+ /**
* IDENTITY Operation
*/
struct GNUNET_IDENTITY_Operation *op;
@@ -1184,6 +1189,8 @@ namestore_iteration_callback (
const struct GNUNET_GNSRECORD_Data *rd)
{
struct RequestHandle *handle = cls;
+ struct GNUNET_CRYPTO_EcdsaPublicKey login_identity_pkey;
+ struct GNUNET_CRYPTO_EcdsaPublicKey current_zone_pkey;
int i;
for (i = 0; i < rd_len; i++)
@@ -1191,9 +1198,32 @@ namestore_iteration_callback (
if ( GNUNET_GNSRECORD_TYPE_PKEY != rd[i].record_type )
continue;
- if ( 0 == memcmp (rd[i].data,&handle->client_pkey, sizeof(struct
GNUNET_CRYPTO_EcdsaPublicKey)) )
+ if( NULL != handle->identity_cookie)
+ {
+ GNUNET_CRYPTO_ecdsa_public_key_from_string (
+ handle->identity_cookie, strlen (handle->identity_cookie),
+ &login_identity_pkey);
+ GNUNET_IDENTITY_ego_get_public_key (handle->ego_entry->ego,
+ ¤t_zone_pkey);
+
+ if ( 0
+ == memcmp (rd[i].data, &handle->client_pkey,
+ sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)) )
+ {
+ if( 0 == memcmp (&login_identity_pkey, ¤t_zone_pkey,
sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ {
+ handle->client_exists = GNUNET_YES;
+ }
+ }
+ }
+ else
{
- handle->client_exists = GNUNET_YES;
+ if ( 0
+ == memcmp (rd[i].data, &handle->client_pkey,
+ sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)) )
+ {
+ handle->client_exists = GNUNET_YES;
+ }
}
}
@@ -1216,8 +1246,8 @@ namestore_iteration_finished (void *cls)
char *scope;
char *redirect_uri;
char *expected_redirect_uri;
- char *state;
- char *nonce;
+ char *state = NULL;
+ char *nonce = NULL;
struct GNUNET_TIME_Absolute current_time, *relog_time;
char *login_base_url, *new_redirect;
struct GNUNET_HashCode cache_key;
@@ -1352,29 +1382,10 @@ namestore_iteration_finished (void *cls)
return;
}
-
- GNUNET_CRYPTO_hash (OIDC_COOKIE_HEADER_KEY, strlen (OIDC_COOKIE_HEADER_KEY),
- &cache_key);
- //No identity-cookie -> redirect to login
- if ( GNUNET_YES
- == GNUNET_CONTAINER_multihashmap_contains
(handle->rest_handle->header_param_map,
- &cache_key) )
+ if( NULL != handle->identity_cookie )
{
- //split cookies and find 'Identity' cookie
- char* cookies = GNUNET_CONTAINER_multihashmap_get (
- handle->rest_handle->header_param_map, &cache_key);
- char delimiter[] = "; ";
char *identity_cookie;
- identity_cookie = strtok(cookies, delimiter);
-
- while ( NULL != identity_cookie )
- {
- if ( NULL != strstr (identity_cookie,
OIDC_COOKIE_HEADER_INFORMATION_KEY) )
- {
- break;
- }
- identity_cookie = strtok (NULL, delimiter);
- }
+ GNUNET_asprintf(&identity_cookie,"Identity=%s",handle->identity_cookie);
GNUNET_CRYPTO_hash (identity_cookie, strlen (identity_cookie), &cache_key);
//No login time for identity -> redirect to login
@@ -1418,7 +1429,7 @@ namestore_iteration_finished (void *cls)
MHD_add_response_header (resp, "Location", redirect_uri);
handle->proc (handle->proc_cls, resp, MHD_HTTP_FOUND);
- cleanup_handle (handle);
+ GNUNET_SCHEDULER_add_now (&cleanup_handle_delayed, handle);
GNUNET_free(relog_time);
return;
}
@@ -1494,6 +1505,34 @@ authorize_get_cont (struct GNUNET_REST_RequestHandle
*con_handle,
struct RequestHandle *handle = cls;
struct GNUNET_HashCode cache_key;
char *client_id;
+ char *identity_cookie;
+
+ // identity cookie
+ GNUNET_CRYPTO_hash (OIDC_COOKIE_HEADER_KEY, strlen (OIDC_COOKIE_HEADER_KEY),
+ &cache_key);
+ if ( GNUNET_YES
+ == GNUNET_CONTAINER_multihashmap_contains
(handle->rest_handle->header_param_map,
+ &cache_key) )
+ {
+ //split cookies and find 'Identity' cookie
+ char* cookies = GNUNET_CONTAINER_multihashmap_get (
+ handle->rest_handle->header_param_map, &cache_key);
+ char delimiter[] = "; ";
+ identity_cookie = strtok(cookies, delimiter);
+
+ while ( NULL != identity_cookie )
+ {
+ if ( NULL != strstr (identity_cookie,
OIDC_COOKIE_HEADER_INFORMATION_KEY) )
+ {
+ break;
+ }
+ identity_cookie = strtok (NULL, delimiter);
+ }
+ identity_cookie = strtok(cookies, OIDC_COOKIE_HEADER_INFORMATION_KEY);
+ handle->identity_cookie = GNUNET_strdup(identity_cookie);
+ GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "Cookie: %s\n",
handle->identity_cookie);
+ }
+
handle->response_code = 0;
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnunet] 24/45: Merge remote-tracking branch 'origin/master' into identity_oidc, (continued)
- [GNUnet-SVN] [gnunet] 24/45: Merge remote-tracking branch 'origin/master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 39/45: -Merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 20/45: -minor, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 15/45: -commit header parse work in progress, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 35/45: -merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 19/45: -add login and login timeout, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 28/45: -wip client_id check, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 37/45: Merge branch 'master' into identity_oidc, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 45/45: -fix, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 23/45: -fix login time, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 30/45: -fix get request without authorization code,
gnunet <=
- [GNUnet-SVN] [gnunet] 26/45: -wip post request testing required and namestore handle fix required, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 42/45: -wip token endpoint fix, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 36/45: -wip token request, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 43/45: -wip token endpoint refactor, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 34/45: -wip token request, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 25/45: -wip post authentication, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 29/45: -wip attribute collection, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 41/45: -changes for using token endpoint & added token endpoint, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 32/45: -fix GET request, gnunet, 2018/02/25
- [GNUnet-SVN] [gnunet] 40/45: -wip token endpoint, gnunet, 2018/02/25