2 This file is part of GNUnet.
3 Copyright (C) 2012-2015 GNUnet e.V.
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
21 * @author Martin Schanzenbach
22 * @file identity/plugin_rest_identity.c
23 * @brief GNUnet Namestore REST plugin
28 #include "gnunet_rest_plugin.h"
29 #include "gnunet_identity_service.h"
30 #include "gnunet_gns_service.h"
31 #include "gnunet_gnsrecord_lib.h"
32 #include "gnunet_namestore_service.h"
33 #include "gnunet_rest_lib.h"
34 #include "microhttpd.h"
37 #include "gnunet_signatures.h"
38 #include "gnunet_identity_provider_service.h"
43 #define GNUNET_REST_API_NS_IDENTITY_PROVIDER "/idp"
48 #define GNUNET_REST_API_NS_IDENTITY_TOKEN_ISSUE "/idp/issue"
51 * Check namespace TODO
53 #define GNUNET_REST_API_NS_IDENTITY_TOKEN_CHECK "/idp/check"
58 #define GNUNET_REST_API_NS_IDENTITY_OAUTH2_TOKEN "/idp/token"
61 * The parameter name in which the ticket must be provided
63 #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET "ticket"
66 * The parameter name in which the expected nonce must be provided
68 #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE "expected_nonce"
71 * The parameter name in which the ticket must be provided
73 #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TOKEN "token"
76 * The URL parameter name in which the nonce must be provided
78 #define GNUNET_IDENTITY_TOKEN_REQUEST_NONCE "nonce"
81 * State while collecting all egos
83 #define ID_REST_STATE_INIT 0
86 * Done collecting egos
88 #define ID_REST_STATE_POST_INIT 1
93 #define GNUNET_REST_JSONAPI_IDENTITY_TOKEN "token"
96 * URL parameter to create a GNUid token for a specific audience
98 #define GNUNET_REST_JSONAPI_IDENTITY_AUD_REQUEST "audience"
101 * URL parameter to create a GNUid token for a specific issuer (EGO)
103 #define GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST "issuer"
106 * Attributes passed to issue request
108 #define GNUNET_IDENTITY_TOKEN_ATTR_LIST "requested_attrs"
111 * Token expiration string
113 #define GNUNET_IDENTITY_TOKEN_EXP_STRING "expiration"
118 #define GNUNET_REST_ERROR_RESOURCE_INVALID "Resource location invalid"
119 #define GNUNET_REST_ERROR_NO_DATA "No data"
122 * GNUid token lifetime
124 #define GNUNET_GNUID_TOKEN_EXPIRATION_MICROSECONDS 300000000
127 * The configuration handle
129 const struct GNUNET_CONFIGURATION_Handle *cfg;
132 * HTTP methods allows for this plugin
134 static char* allow_methods;
137 * @brief struct returned by the initialization function of the plugin
141 const struct GNUNET_CONFIGURATION_Handle *cfg;
152 struct EgoEntry *next;
157 struct EgoEntry *prev;
172 struct GNUNET_IDENTITY_Ego *ego;
181 struct EgoEntry *ego_head;
186 struct EgoEntry *ego_tail;
191 struct EgoEntry *ego_entry;
194 * Ptr to current ego private key
196 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key;
199 * Handle to the rest connection
201 struct RestConnectionDataHandle *conndata_handle;
204 * The processing state
209 * Handle to Identity service.
211 struct GNUNET_IDENTITY_Handle *identity_handle;
216 struct GNUNET_IDENTITY_Operation *op;
221 struct GNUNET_IDENTITY_PROVIDER_Handle *idp;
226 struct GNUNET_IDENTITY_PROVIDER_Operation *idp_op;
229 * Handle to NS service
231 struct GNUNET_NAMESTORE_Handle *ns_handle;
236 struct GNUNET_NAMESTORE_ZoneIterator *ns_it;
241 struct GNUNET_NAMESTORE_QueueEntry *ns_qe;
244 * Desired timeout for the lookup (default is no timeout).
246 struct GNUNET_TIME_Relative timeout;
249 * ID of a task associated with the resolution process.
251 struct GNUNET_SCHEDULER_Task * timeout_task;
254 * The plugin result processor
256 GNUNET_REST_ResultProcessor proc;
259 * The closure of the result processor
269 * Error response message
276 struct JsonApiObject *resp_object;
282 * Cleanup lookup handle
283 * @param handle Handle to clean up
286 cleanup_handle (struct RequestHandle *handle)
288 struct EgoEntry *ego_entry;
289 struct EgoEntry *ego_tmp;
290 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
292 if (NULL != handle->resp_object)
293 GNUNET_REST_jsonapi_object_delete (handle->resp_object);
294 if (NULL != handle->timeout_task)
295 GNUNET_SCHEDULER_cancel (handle->timeout_task);
296 if (NULL != handle->identity_handle)
297 GNUNET_IDENTITY_disconnect (handle->identity_handle);
298 if (NULL != handle->idp)
299 GNUNET_IDENTITY_PROVIDER_disconnect (handle->idp);
300 if (NULL != handle->ns_it)
301 GNUNET_NAMESTORE_zone_iteration_stop (handle->ns_it);
302 if (NULL != handle->ns_qe)
303 GNUNET_NAMESTORE_cancel (handle->ns_qe);
304 if (NULL != handle->ns_handle)
305 GNUNET_NAMESTORE_disconnect (handle->ns_handle);
306 if (NULL != handle->url)
307 GNUNET_free (handle->url);
308 if (NULL != handle->emsg)
309 GNUNET_free (handle->emsg);
310 for (ego_entry = handle->ego_head;
314 ego_entry = ego_entry->next;
315 GNUNET_free (ego_tmp->identifier);
316 GNUNET_free (ego_tmp->keystring);
317 GNUNET_free (ego_tmp);
319 GNUNET_free (handle);
324 * Task run on shutdown. Cleans up everything.
331 struct RequestHandle *handle = cls;
332 struct MHD_Response *resp;
335 GNUNET_asprintf (&json_error,
336 "{Error while processing request: %s}",
338 resp = GNUNET_REST_create_json_response (json_error);
339 handle->proc (handle->proc_cls, resp, MHD_HTTP_BAD_REQUEST);
340 cleanup_handle (handle);
341 GNUNET_free (json_error);
345 * Task run on shutdown. Cleans up everything.
350 do_cleanup_handle_delayed (void *cls)
352 struct RequestHandle *handle = cls;
353 cleanup_handle(handle);
358 * Get a ticket for identity
359 * @param cls the handle
360 * @param ticket the ticket returned from the idp
363 token_creat_cont (void *cls,
365 const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
366 const struct GNUNET_IDENTITY_PROVIDER_Token *token)
368 struct JsonApiResource *json_resource;
369 struct RequestHandle *handle = cls;
370 struct MHD_Response *resp;
379 handle->emsg = GNUNET_strdup ("Error in token issue");
380 GNUNET_SCHEDULER_add_now (&do_error, handle);
384 handle->resp_object = GNUNET_REST_jsonapi_object_new ();
385 json_resource = GNUNET_REST_jsonapi_resource_new (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET,
387 ticket_str = GNUNET_IDENTITY_PROVIDER_ticket_to_string (ticket);
388 token_str = GNUNET_IDENTITY_PROVIDER_token_to_string (token);
389 ticket_json = json_string (ticket_str);
390 token_json = json_string (token_str);
391 GNUNET_REST_jsonapi_resource_add_attr (json_resource,
392 GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET,
394 GNUNET_REST_jsonapi_resource_add_attr (json_resource,
395 GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TOKEN,
397 GNUNET_free (ticket_str);
398 GNUNET_free (token_str);
399 json_decref (ticket_json);
400 json_decref (token_json);
401 GNUNET_REST_jsonapi_object_resource_add (handle->resp_object, json_resource);
403 GNUNET_REST_jsonapi_data_serialize (handle->resp_object, &result_str);
404 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Result %s\n", result_str);
405 resp = GNUNET_REST_create_json_response (result_str);
406 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
407 GNUNET_free (result_str);
408 GNUNET_SCHEDULER_add_now (&do_cleanup_handle_delayed, handle);
414 * Continueationf for token issue request
416 * @param con the Rest handle
417 * @param url the requested url
418 * @param cls the request handle
421 issue_token_cont (struct RestConnectionDataHandle *con,
425 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key;
428 struct RequestHandle *handle = cls;
429 struct EgoEntry *ego_entry;
430 struct GNUNET_HashCode key;
431 struct MHD_Response *resp;
432 struct GNUNET_CRYPTO_EcdsaPublicKey pub_key;
433 struct GNUNET_CRYPTO_EcdsaPublicKey aud_key;
434 struct GNUNET_TIME_Relative etime_rel;
435 struct GNUNET_TIME_Absolute exp_time;
444 if (GNUNET_NO == GNUNET_REST_namespace_match (handle->url,
445 GNUNET_REST_API_NS_IDENTITY_TOKEN_ISSUE))
447 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "URL invalid: %s\n", handle->url);
448 resp = GNUNET_REST_create_json_response (NULL);
449 handle->proc (handle->proc_cls, resp, MHD_HTTP_BAD_REQUEST);
450 cleanup_handle (handle);
455 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST,
456 strlen (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST),
459 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
462 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Issuer not found\n");
463 GNUNET_SCHEDULER_add_now (&do_error, handle);
466 ego_val = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
470 GNUNET_SCHEDULER_add_now (&do_error, handle);
471 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Ego invalid: %s\n", ego_val);
474 for (ego_entry = handle->ego_head;
476 ego_entry = ego_entry->next)
478 if (0 != strcmp (ego_val, ego_entry->identifier))
480 egoname = ego_entry->identifier;
483 if (NULL == egoname || NULL == ego_entry)
485 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Ego not found: %s\n", ego_val);
486 GNUNET_SCHEDULER_add_now (&do_error, handle);
489 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Ego to issue token for: %s\n", egoname);
493 GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_ATTR_LIST,
494 strlen (GNUNET_IDENTITY_TOKEN_ATTR_LIST),
499 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
502 handle->emsg = GNUNET_strdup ("Scopes missing!\n");
503 GNUNET_SCHEDULER_add_now (&do_error, handle);
506 scopes = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
511 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_AUD_REQUEST,
512 strlen (GNUNET_REST_JSONAPI_IDENTITY_AUD_REQUEST),
516 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
519 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Audience missing!\n");
520 GNUNET_SCHEDULER_add_now (&do_error, handle);
523 audience = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
525 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Audience to issue token for: %s\n", audience);
527 priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego);
528 GNUNET_IDENTITY_ego_get_public_key (ego_entry->ego,
530 GNUNET_STRINGS_string_to_data (audience,
533 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
537 GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_REQUEST_NONCE,
538 strlen (GNUNET_IDENTITY_TOKEN_REQUEST_NONCE),
541 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
544 handle->emsg = GNUNET_strdup ("Request nonce missing!\n");
545 GNUNET_SCHEDULER_add_now (&do_error, handle);
548 nonce_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
550 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Request nonce: %s\n", nonce_str);
551 sscanf (nonce_str, "%"SCNu64, &nonce);
553 //Get expiration for token from URL parameter
554 GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_EXP_STRING,
555 strlen (GNUNET_IDENTITY_TOKEN_EXP_STRING),
559 if (GNUNET_YES == GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
562 exp_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
565 if (NULL == exp_str) {
566 handle->emsg = GNUNET_strdup ("No expiration given!\n");
567 GNUNET_SCHEDULER_add_now (&do_error, handle);
572 GNUNET_STRINGS_fancy_time_to_relative (exp_str,
575 handle->emsg = GNUNET_strdup ("Expiration invalid!\n");
576 GNUNET_SCHEDULER_add_now (&do_error, handle);
579 time = GNUNET_TIME_absolute_get().abs_value_us;
580 exp_time.abs_value_us = time + etime_rel.rel_value_us;
582 handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg);
583 handle->idp_op = GNUNET_IDENTITY_PROVIDER_issue_token (handle->idp,
596 * Build a GNUid token for identity
598 * @param cls the request handle
601 return_token_list (void *cls)
604 struct RequestHandle *handle = cls;
605 struct MHD_Response *resp;
607 GNUNET_REST_jsonapi_data_serialize (handle->resp_object, &result_str);
608 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Result %s\n", result_str);
609 resp = GNUNET_REST_create_json_response (result_str);
610 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
611 GNUNET_free (result_str);
612 cleanup_handle (handle);
616 * Collect all tokens for an ego
618 * TODO move this into the identity-provider service
622 token_collect (void *cls,
623 const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
625 unsigned int rd_count,
626 const struct GNUNET_GNSRECORD_Data *rd)
630 struct RequestHandle *handle = cls;
631 struct EgoEntry *ego_tmp;
632 struct JsonApiResource *json_resource;
633 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key;
639 ego_tmp = handle->ego_head;
640 GNUNET_CONTAINER_DLL_remove (handle->ego_head,
643 GNUNET_free (ego_tmp->identifier);
644 GNUNET_free (ego_tmp->keystring);
645 GNUNET_free (ego_tmp);
647 if (NULL == handle->ego_head)
650 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding token END\n");
651 handle->ns_it = NULL;
652 GNUNET_SCHEDULER_add_now (&return_token_list, handle);
656 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Next ego: %s\n", handle->ego_head->identifier);
657 priv_key = GNUNET_IDENTITY_ego_get_private_key (handle->ego_head->ego);
658 handle->ns_it = GNUNET_NAMESTORE_zone_iteration_start (handle->ns_handle,
665 for (i = 0; i < rd_count; i++)
667 if (rd[i].record_type == GNUNET_GNSRECORD_TYPE_ID_TOKEN)
669 data = GNUNET_GNSRECORD_value_to_string (rd[i].record_type,
672 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding token: %s\n", data);
673 json_resource = GNUNET_REST_jsonapi_resource_new (GNUNET_REST_JSONAPI_IDENTITY_TOKEN,
675 issuer = json_string (handle->ego_head->identifier);
676 GNUNET_REST_jsonapi_resource_add_attr (json_resource,
677 GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST,
679 json_decref (issuer);
680 token = json_string (data);
681 GNUNET_REST_jsonapi_resource_add_attr (json_resource,
682 GNUNET_REST_JSONAPI_IDENTITY_TOKEN,
686 GNUNET_REST_jsonapi_object_resource_add (handle->resp_object, json_resource);
691 GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it);
697 * Respond to OPTIONS request
699 * @param con_handle the connection handle
701 * @param cls the RequestHandle
704 list_token_cont (struct RestConnectionDataHandle *con_handle,
709 struct GNUNET_HashCode key;
710 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key;
711 struct RequestHandle *handle = cls;
712 struct EgoEntry *ego_entry;
713 struct EgoEntry *ego_tmp;
715 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST,
716 strlen (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST),
720 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
723 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "No issuer given.\n");
724 GNUNET_SCHEDULER_add_now (&do_error, handle);
727 ego_val = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
729 //Remove non-matching egos
730 for (ego_entry = handle->ego_head;
734 ego_entry = ego_entry->next;
735 if (0 != strcmp (ego_val, ego_tmp->identifier))
737 GNUNET_CONTAINER_DLL_remove (handle->ego_head,
740 GNUNET_free (ego_tmp->identifier);
741 GNUNET_free (ego_tmp->keystring);
742 GNUNET_free (ego_tmp);
745 handle->resp_object = GNUNET_REST_jsonapi_object_new ();
746 if (NULL == handle->ego_head)
749 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "No results.\n");
750 GNUNET_SCHEDULER_add_now (&return_token_list, handle);
753 priv_key = GNUNET_IDENTITY_ego_get_private_key (handle->ego_head->ego);
754 handle->ns_handle = GNUNET_NAMESTORE_connect (cfg);
755 handle->ns_it = GNUNET_NAMESTORE_zone_iteration_start (handle->ns_handle,
763 * Return token to requestor
765 * @param cls request handle
766 * @param token the token
769 exchange_cont (void *cls,
770 const struct GNUNET_IDENTITY_PROVIDER_Token *token,
771 uint64_t ticket_nonce)
774 struct RequestHandle *handle = cls;
775 struct MHD_Response *resp;
776 struct GNUNET_HashCode key;
780 uint64_t expected_nonce;
783 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE,
784 strlen (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE),
788 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
791 handle->emsg = GNUNET_strdup ("No nonce given.");
792 GNUNET_SCHEDULER_add_now (&do_error, handle);
795 nonce_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
797 GNUNET_assert (1 == sscanf (nonce_str, "%"SCNu64, &expected_nonce));
799 if (ticket_nonce != expected_nonce)
801 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
802 "Ticket nonce %lu does not match expected nonce %lu\n",
803 ticket_nonce, expected_nonce);
804 handle->emsg = GNUNET_strdup ("Ticket nonce does not match expected nonce\n");
805 GNUNET_SCHEDULER_add_now (&do_error, handle);
809 root = json_object ();
810 token_str = GNUNET_IDENTITY_PROVIDER_token_to_string (token);
811 json_object_set_new (root, "token", json_string (token_str));
812 json_object_set_new (root, "token_type", json_string ("jwt"));
813 GNUNET_free (token_str);
815 result = json_dumps (root, JSON_INDENT(1));
816 resp = GNUNET_REST_create_json_response (result);
817 GNUNET_free (result);
818 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
819 cleanup_handle (handle);
826 * Callback called when identity for token exchange has been found
828 * @param cls request handle
829 * @param ego the identity to use as issuer
830 * @param ctx user context
831 * @param name identity name
835 exchange_token_ticket_cb (void *cls,
836 struct GNUNET_IDENTITY_Ego *ego,
840 struct RequestHandle *handle = cls;
841 struct GNUNET_HashCode key;
842 struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket;
849 handle->emsg = GNUNET_strdup ("No identity found.");
850 GNUNET_SCHEDULER_add_now (&do_error, handle);
855 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET,
856 strlen (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET),
860 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
863 handle->emsg = GNUNET_strdup ("No ticket given.");
864 GNUNET_SCHEDULER_add_now (&do_error, handle);
867 ticket_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
869 handle->priv_key = GNUNET_IDENTITY_ego_get_private_key (ego);
870 GNUNET_IDENTITY_PROVIDER_string_to_ticket (ticket_str,
873 handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg);
874 handle->idp_op = GNUNET_IDENTITY_PROVIDER_exchange_ticket (handle->idp,
879 GNUNET_IDENTITY_PROVIDER_ticket_destroy (ticket);
886 * Respond to issue request
888 * @param con_handle the connection handle
890 * @param cls the RequestHandle
893 exchange_token_ticket_cont (struct RestConnectionDataHandle *con_handle,
897 struct RequestHandle *handle = cls;
900 handle->op = GNUNET_IDENTITY_get (handle->identity_handle,
902 &exchange_token_ticket_cb,
907 * Respond to OPTIONS request
909 * @param con_handle the connection handle
911 * @param cls the RequestHandle
914 options_cont (struct RestConnectionDataHandle *con_handle,
918 struct MHD_Response *resp;
919 struct RequestHandle *handle = cls;
921 //For now, independent of path return all options
922 resp = GNUNET_REST_create_json_response (NULL);
923 MHD_add_response_header (resp,
924 "Access-Control-Allow-Methods",
926 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
927 cleanup_handle (handle);
932 * Handle rest request
934 * @param handle the request handle
937 init_cont (struct RequestHandle *handle)
939 static const struct GNUNET_REST_RestConnectionHandler handlers[] = {
940 {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_TOKEN_ISSUE, &issue_token_cont},
941 //{MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_TOKEN_CHECK, &check_token_cont},
942 {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_PROVIDER, &list_token_cont},
943 {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_IDENTITY_PROVIDER, &options_cont},
944 {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_OAUTH2_TOKEN, &exchange_token_ticket_cont},
945 GNUNET_REST_HANDLER_END
948 if (GNUNET_NO == GNUNET_REST_handle_request (handle->conndata_handle, handlers, handle))
950 handle->emsg = GNUNET_strdup ("Request unsupported");
951 GNUNET_SCHEDULER_add_now (&do_error, handle);
956 * If listing is enabled, prints information about the egos.
958 * This function is initially called for all egos and then again
959 * whenever a ego's identifier changes or if it is deleted. At the
960 * end of the initial pass over all egos, the function is once called
961 * with 'NULL' for 'ego'. That does NOT mean that the callback won't
962 * be invoked in the future or that there was an error.
964 * When used with 'GNUNET_IDENTITY_create' or 'GNUNET_IDENTITY_get',
965 * this function is only called ONCE, and 'NULL' being passed in
966 * 'ego' does indicate an error (i.e. name is taken or no default
967 * value is known). If 'ego' is non-NULL and if '*ctx'
968 * is set in those callbacks, the value WILL be passed to a subsequent
969 * call to the identity callback of 'GNUNET_IDENTITY_connect' (if
970 * that one was not NULL).
972 * When an identity is renamed, this function is called with the
973 * (known) ego but the NEW identifier.
975 * When an identity is deleted, this function is called with the
976 * (known) ego and "NULL" for the 'identifier'. In this case,
977 * the 'ego' is henceforth invalid (and the 'ctx' should also be
981 * @param ego ego handle
982 * @param ctx context for application to store data for this ego
983 * (during the lifetime of this process, initially NULL)
984 * @param identifier identifier assigned by the user for this ego,
985 * NULL if the user just deleted the ego and it
986 * must thus no longer be used
990 struct GNUNET_IDENTITY_Ego *ego,
992 const char *identifier)
994 struct RequestHandle *handle = cls;
995 struct EgoEntry *ego_entry;
996 struct GNUNET_CRYPTO_EcdsaPublicKey pk;
998 if ((NULL == ego) && (ID_REST_STATE_INIT == handle->state))
1000 handle->state = ID_REST_STATE_POST_INIT;
1004 if (ID_REST_STATE_INIT == handle->state) {
1005 ego_entry = GNUNET_new (struct EgoEntry);
1006 GNUNET_IDENTITY_ego_get_public_key (ego, &pk);
1007 ego_entry->keystring =
1008 GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk);
1009 ego_entry->ego = ego;
1010 GNUNET_asprintf (&ego_entry->identifier, "%s", identifier);
1011 GNUNET_CONTAINER_DLL_insert_tail(handle->ego_head,handle->ego_tail, ego_entry);
1017 * Function processing the REST call
1019 * @param method HTTP method
1020 * @param url URL of the HTTP request
1021 * @param data body of the HTTP request (optional)
1022 * @param data_size length of the body
1023 * @param proc callback function for the result
1024 * @param proc_cls closure for callback function
1025 * @return GNUNET_OK if request accepted
1028 rest_identity_process_request(struct RestConnectionDataHandle *conndata_handle,
1029 GNUNET_REST_ResultProcessor proc,
1032 struct RequestHandle *handle = GNUNET_new (struct RequestHandle);
1034 handle->timeout = GNUNET_TIME_UNIT_FOREVER_REL;
1035 handle->proc_cls = proc_cls;
1036 handle->proc = proc;
1037 handle->state = ID_REST_STATE_INIT;
1038 handle->conndata_handle = conndata_handle;
1041 GNUNET_asprintf (&handle->url, "%s", conndata_handle->url);
1042 if (handle->url[strlen (handle->url)-1] == '/')
1043 handle->url[strlen (handle->url)-1] = '\0';
1044 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1046 handle->identity_handle = GNUNET_IDENTITY_connect (cfg,
1049 handle->timeout_task =
1050 GNUNET_SCHEDULER_add_delayed (handle->timeout,
1055 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1060 * Entry point for the plugin.
1062 * @param cls Config info
1063 * @return NULL on error, otherwise the plugin context
1066 libgnunet_plugin_rest_identity_provider_init (void *cls)
1068 static struct Plugin plugin;
1069 struct GNUNET_REST_Plugin *api;
1072 if (NULL != plugin.cfg)
1073 return NULL; /* can only initialize once! */
1074 memset (&plugin, 0, sizeof (struct Plugin));
1076 api = GNUNET_new (struct GNUNET_REST_Plugin);
1078 api->name = GNUNET_REST_API_NS_IDENTITY_PROVIDER;
1079 api->process_request = &rest_identity_process_request;
1080 GNUNET_asprintf (&allow_methods,
1081 "%s, %s, %s, %s, %s",
1082 MHD_HTTP_METHOD_GET,
1083 MHD_HTTP_METHOD_POST,
1084 MHD_HTTP_METHOD_PUT,
1085 MHD_HTTP_METHOD_DELETE,
1086 MHD_HTTP_METHOD_OPTIONS);
1088 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1089 _("Identity Token REST API initialized\n"));
1095 * Exit point from the plugin.
1097 * @param cls the plugin context (as returned by "init")
1098 * @return always NULL
1101 libgnunet_plugin_rest_identity_provider_done (void *cls)
1103 struct GNUNET_REST_Plugin *api = cls;
1104 struct Plugin *plugin = api->cls;
1107 GNUNET_free_non_null (allow_methods);
1109 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1110 "Identity Token REST plugin is finished\n");
1114 /* end of plugin_rest_gns.c */