diff options
| -rw-r--r-- | src/identity-provider/Makefile.am | 3 | ||||
| -rw-r--r-- | src/identity-provider/identity_provider_api.c | 11 | ||||
| -rw-r--r-- | src/identity-provider/plugin_rest_identity_provider.c | 146 | ||||
| -rwxr-xr-x | src/identity-provider/test_idp_consume.sh | 2 |
4 files changed, 145 insertions, 17 deletions
diff --git a/src/identity-provider/Makefile.am b/src/identity-provider/Makefile.am index 488954a44d..098313f9a2 100644 --- a/src/identity-provider/Makefile.am +++ b/src/identity-provider/Makefile.am @@ -83,7 +83,8 @@ libgnunetidentityprovider_la_LDFLAGS = \ -version-info 0:0:0 libgnunet_plugin_rest_identity_provider_la_SOURCES = \ - plugin_rest_identity_provider.c + plugin_rest_identity_provider.c \ + jwt.c libgnunet_plugin_rest_identity_provider_la_LIBADD = \ $(top_builddir)/src/identity/libgnunetidentity.la \ libgnunetidentityprovider.la \ diff --git a/src/identity-provider/identity_provider_api.c b/src/identity-provider/identity_provider_api.c index 1dec43b16b..99faf0ecd2 100644 --- a/src/identity-provider/identity_provider_api.c +++ b/src/identity-provider/identity_provider_api.c @@ -702,20 +702,19 @@ handle_ticket_result (void *cls, GNUNET_free (op); return; } else if (NULL != it) { - GNUNET_CONTAINER_DLL_remove (handle->ticket_it_head, - handle->ticket_it_tail, - it); if (msg_len == sizeof (struct TicketResultMessage)) { if (NULL != it->tr_cb) - it->finish_cb (it->finish_cb_cls); + GNUNET_CONTAINER_DLL_remove (handle->ticket_it_head, + handle->ticket_it_tail, + it); + it->finish_cb (it->finish_cb_cls); + GNUNET_free (it); } else { - ticket = (struct GNUNET_IDENTITY_PROVIDER_Ticket *)&msg[1]; if (NULL != it->tr_cb) it->tr_cb (it->cls, ticket); } - GNUNET_free (it); return; } GNUNET_break (0); diff --git a/src/identity-provider/plugin_rest_identity_provider.c b/src/identity-provider/plugin_rest_identity_provider.c index b8fb3d1cbb..43251d93dd 100644 --- a/src/identity-provider/plugin_rest_identity_provider.c +++ b/src/identity-provider/plugin_rest_identity_provider.c @@ -50,11 +50,22 @@ #define GNUNET_REST_API_NS_IDENTITY_ATTRIBUTES "/idp/attributes" /** + * Ticket namespace + */ +#define GNUNET_REST_API_NS_IDENTITY_TICKETS "/idp/tickets" + +/** * Attribute key */ #define GNUNET_REST_JSONAPI_IDENTITY_ATTRIBUTE "attribute" /** + * Ticket key + */ +#define GNUNET_REST_JSONAPI_IDENTITY_TICKET "ticket" + + +/** * Value key */ #define GNUNET_REST_JSONAPI_IDENTITY_ATTRIBUTE_VALUE "value" @@ -176,7 +187,12 @@ struct RequestHandle * Attribute iterator */ struct GNUNET_IDENTITY_PROVIDER_AttributeIterator *attr_it; - + + /** + * Ticket iterator + */ + struct GNUNET_IDENTITY_PROVIDER_TicketIterator *ticket_it; + /** * Desired timeout for the lookup (default is no timeout). */ @@ -243,10 +259,12 @@ cleanup_handle (struct RequestHandle *handle) GNUNET_SCHEDULER_cancel (handle->timeout_task); if (NULL != handle->identity_handle) GNUNET_IDENTITY_disconnect (handle->identity_handle); - if (NULL != handle->idp) - GNUNET_IDENTITY_PROVIDER_disconnect (handle->idp); if (NULL != handle->attr_it) GNUNET_IDENTITY_PROVIDER_get_attributes_stop (handle->attr_it); + if (NULL != handle->ticket_it) + GNUNET_IDENTITY_PROVIDER_ticket_iteration_stop (handle->ticket_it); + if (NULL != handle->idp) + GNUNET_IDENTITY_PROVIDER_disconnect (handle->idp); if (NULL != handle->url) GNUNET_free (handle->url); if (NULL != handle->emsg) @@ -300,7 +318,7 @@ do_timeout (void *cls) static void -attr_collect_error_cb (void *cls) +collect_error_cb (void *cls) { struct RequestHandle *handle = cls; @@ -313,7 +331,7 @@ attr_collect_error_cb (void *cls) * @param cls the request handle */ static void -return_attr_list (void *cls) +return_response (void *cls) { char* result_str; struct RequestHandle *handle = cls; @@ -329,14 +347,121 @@ return_attr_list (void *cls) static void -attr_collect_finished_cb (void *cls) +collect_finished_cb (void *cls) { struct RequestHandle *handle = cls; //Done handle->attr_it = NULL; - GNUNET_SCHEDULER_add_now (&return_attr_list, handle); + handle->ticket_it = NULL; + GNUNET_SCHEDULER_add_now (&return_response, handle); +} + + +/** + * Collect all attributes for an ego + * + */ +static void +ticket_collect (void *cls, + const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket) +{ + struct RequestHandle *handle = cls; + json_t *value; + char* tmp; + + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding ticket\n"); + tmp = GNUNET_STRINGS_data_to_string_alloc (&ticket->rnd, + sizeof (uint64_t)); + handle->json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_IDENTITY_TICKET, + tmp); + GNUNET_free (tmp); + GNUNET_JSONAPI_document_resource_add (handle->resp_object, handle->json_resource); + + tmp = GNUNET_STRINGS_data_to_string_alloc (&ticket->identity, + sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); + value = json_string (tmp); + GNUNET_JSONAPI_resource_add_attr (handle->json_resource, + "issuer", + value); + GNUNET_free (tmp); + json_decref (value); + tmp = GNUNET_STRINGS_data_to_string_alloc (&ticket->audience, + sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); + value = json_string (tmp); + GNUNET_JSONAPI_resource_add_attr (handle->json_resource, + "audience", + value); + GNUNET_free (tmp); + json_decref (value); + tmp = GNUNET_STRINGS_data_to_string_alloc (&ticket->rnd, + sizeof (uint64_t)); + value = json_string (tmp); + GNUNET_JSONAPI_resource_add_attr (handle->json_resource, + "rnd", + value); + GNUNET_free (tmp); + json_decref (value); + GNUNET_IDENTITY_PROVIDER_ticket_iteration_next (handle->ticket_it); } + + +/** + * List tickets for identity request + * + * @param con_handle the connection handle + * @param url the url + * @param cls the RequestHandle + */ +static void +list_tickets_cont (struct GNUNET_REST_RequestHandle *con_handle, + const char* url, + void *cls) +{ + const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key; + struct RequestHandle *handle = cls; + struct EgoEntry *ego_entry; + char *identity; + + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Getting tickets for %s.\n", + handle->url); + if ( strlen (GNUNET_REST_API_NS_IDENTITY_TICKETS) >= + strlen (handle->url)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "No identity given.\n"); + GNUNET_SCHEDULER_add_now (&do_error, handle); + return; + } + identity = handle->url + strlen (GNUNET_REST_API_NS_IDENTITY_TICKETS) + 1; + + for (ego_entry = handle->ego_head; + NULL != ego_entry; + ego_entry = ego_entry->next) + if (0 == strcmp (identity, ego_entry->identifier)) + break; + handle->resp_object = GNUNET_JSONAPI_document_new (); + + if (NULL == ego_entry) + { + //Done + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Ego %s not found.\n", + identity); + GNUNET_SCHEDULER_add_now (&return_response, handle); + return; + } + priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego); + handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg); + handle->ticket_it = GNUNET_IDENTITY_PROVIDER_ticket_iteration_start (handle->idp, + priv_key, + &collect_error_cb, + handle, + &ticket_collect, + handle, + &collect_finished_cb, + handle); +} + + /** * Collect all attributes for an ego * @@ -405,18 +530,18 @@ list_attribute_cont (struct GNUNET_REST_RequestHandle *con_handle, //Done GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Ego %s not found.\n", identity); - GNUNET_SCHEDULER_add_now (&return_attr_list, handle); + GNUNET_SCHEDULER_add_now (&return_response, handle); return; } priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego); handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg); handle->attr_it = GNUNET_IDENTITY_PROVIDER_get_attributes_start (handle->idp, priv_key, - &attr_collect_error_cb, + &collect_error_cb, handle, &attr_collect, handle, - &attr_collect_finished_cb, + &collect_finished_cb, handle); } @@ -457,6 +582,7 @@ init_cont (struct RequestHandle *handle) struct GNUNET_REST_RequestHandlerError err; static const struct GNUNET_REST_RequestHandler handlers[] = { {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_ATTRIBUTES, &list_attribute_cont}, + {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_TICKETS, &list_tickets_cont}, {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_IDENTITY_PROVIDER, &options_cont}, GNUNET_REST_HANDLER_END diff --git a/src/identity-provider/test_idp_consume.sh b/src/identity-provider/test_idp_consume.sh index 0d05145e0e..81cd0b1497 100755 --- a/src/identity-provider/test_idp_consume.sh +++ b/src/identity-provider/test_idp_consume.sh @@ -24,6 +24,7 @@ which timeout &> /dev/null && DO_TIMEOUT="timeout 30" TEST_ATTR="test" gnunet-arm -s -c test_idp.conf +gnunet-arm -i rest -c test_idp.conf gnunet-identity -C testego -c test_idp.conf gnunet-identity -C rpego -c test_idp.conf SUBJECT_KEY=$(gnunet-identity -d -c test_idp.conf | grep rpego | awk '{print $3}') @@ -33,4 +34,5 @@ gnunet-idp -e testego -a name -V John -c test_idp.conf > /dev/null 2>&1 TICKET=$(gnunet-idp -e testego -i "email,name" -r $SUBJECT_KEY -c test_idp.conf | awk '{print $1}') echo "Consuming ticket $TICKET" gnunet-idp -e rpego -C $TICKET -c test_idp.conf +curl http://localhost:7776/idp/tickets/testego gnunet-arm -e -c test_idp.conf |