2 This file is part of GNUnet.
3 Copyright (C) 2012-2015 GNUnet e.V.
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
21 * @author Martin Schanzenbach
22 * @file identity/plugin_rest_identity.c
23 * @brief GNUnet Namestore REST plugin
28 #include "gnunet_rest_plugin.h"
29 #include "gnunet_identity_service.h"
30 #include "gnunet_gns_service.h"
31 #include "gnunet_gnsrecord_lib.h"
32 #include "gnunet_namestore_service.h"
33 #include "gnunet_rest_lib.h"
34 #include "gnunet_jsonapi_lib.h"
35 #include "gnunet_jsonapi_util.h"
36 #include "microhttpd.h"
39 #include "gnunet_signatures.h"
40 #include "gnunet_identity_provider_service.h"
45 #define GNUNET_REST_API_NS_IDENTITY_PROVIDER "/idp"
50 #define GNUNET_REST_API_NS_IDENTITY_TOKEN_ISSUE "/idp/issue"
53 * Check namespace TODO
55 #define GNUNET_REST_API_NS_IDENTITY_TOKEN_CHECK "/idp/check"
60 #define GNUNET_REST_API_NS_IDENTITY_OAUTH2_TOKEN "/idp/token"
63 * The parameter name in which the ticket must be provided
65 #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET "ticket"
68 * The parameter name in which the expected nonce must be provided
70 #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE "expected_nonce"
73 * The parameter name in which the ticket must be provided
75 #define GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TOKEN "token"
78 * The URL parameter name in which the nonce must be provided
80 #define GNUNET_IDENTITY_TOKEN_REQUEST_NONCE "nonce"
83 * State while collecting all egos
85 #define ID_REST_STATE_INIT 0
88 * Done collecting egos
90 #define ID_REST_STATE_POST_INIT 1
95 #define GNUNET_REST_JSONAPI_IDENTITY_TOKEN "token"
98 * URL parameter to create a GNUid token for a specific audience
100 #define GNUNET_REST_JSONAPI_IDENTITY_AUD_REQUEST "audience"
103 * URL parameter to create a GNUid token for a specific issuer (EGO)
105 #define GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST "issuer"
108 * Attributes passed to issue request
110 #define GNUNET_IDENTITY_TOKEN_ATTR_LIST "requested_attrs"
113 * Token expiration string
115 #define GNUNET_IDENTITY_TOKEN_EXP_STRING "expiration"
120 #define GNUNET_REST_ERROR_RESOURCE_INVALID "Resource location invalid"
121 #define GNUNET_REST_ERROR_NO_DATA "No data"
124 * GNUid token lifetime
126 #define GNUNET_GNUID_TOKEN_EXPIRATION_MICROSECONDS 300000000
129 * The configuration handle
131 const struct GNUNET_CONFIGURATION_Handle *cfg;
134 * HTTP methods allows for this plugin
136 static char* allow_methods;
139 * @brief struct returned by the initialization function of the plugin
143 const struct GNUNET_CONFIGURATION_Handle *cfg;
154 struct EgoEntry *next;
159 struct EgoEntry *prev;
174 struct GNUNET_IDENTITY_Ego *ego;
183 struct EgoEntry *ego_head;
188 struct EgoEntry *ego_tail;
193 struct EgoEntry *ego_entry;
196 * Ptr to current ego private key
198 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key;
201 * Handle to the rest connection
203 struct GNUNET_REST_RequestHandle *conndata_handle;
206 * The processing state
211 * Handle to Identity service.
213 struct GNUNET_IDENTITY_Handle *identity_handle;
218 struct GNUNET_IDENTITY_Operation *op;
223 struct GNUNET_IDENTITY_PROVIDER_Handle *idp;
228 struct GNUNET_IDENTITY_PROVIDER_Operation *idp_op;
231 * Handle to NS service
233 struct GNUNET_NAMESTORE_Handle *ns_handle;
238 struct GNUNET_NAMESTORE_ZoneIterator *ns_it;
243 struct GNUNET_NAMESTORE_QueueEntry *ns_qe;
246 * Desired timeout for the lookup (default is no timeout).
248 struct GNUNET_TIME_Relative timeout;
251 * ID of a task associated with the resolution process.
253 struct GNUNET_SCHEDULER_Task *timeout_task;
256 * The plugin result processor
258 GNUNET_REST_ResultProcessor proc;
261 * The closure of the result processor
271 * Error response message
283 struct GNUNET_JSONAPI_Document *resp_object;
289 * Cleanup lookup handle
290 * @param handle Handle to clean up
293 cleanup_handle (struct RequestHandle *handle)
295 struct EgoEntry *ego_entry;
296 struct EgoEntry *ego_tmp;
297 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
299 if (NULL != handle->resp_object)
300 GNUNET_JSONAPI_document_delete (handle->resp_object);
301 if (NULL != handle->timeout_task)
302 GNUNET_SCHEDULER_cancel (handle->timeout_task);
303 if (NULL != handle->identity_handle)
304 GNUNET_IDENTITY_disconnect (handle->identity_handle);
305 if (NULL != handle->idp)
306 GNUNET_IDENTITY_PROVIDER_disconnect (handle->idp);
307 if (NULL != handle->ns_it)
308 GNUNET_NAMESTORE_zone_iteration_stop (handle->ns_it);
309 if (NULL != handle->ns_qe)
310 GNUNET_NAMESTORE_cancel (handle->ns_qe);
311 if (NULL != handle->ns_handle)
312 GNUNET_NAMESTORE_disconnect (handle->ns_handle);
313 if (NULL != handle->url)
314 GNUNET_free (handle->url);
315 if (NULL != handle->emsg)
316 GNUNET_free (handle->emsg);
317 for (ego_entry = handle->ego_head;
321 ego_entry = ego_entry->next;
322 GNUNET_free (ego_tmp->identifier);
323 GNUNET_free (ego_tmp->keystring);
324 GNUNET_free (ego_tmp);
326 GNUNET_free (handle);
331 * Task run on error, sends error message. Cleans up everything.
333 * @param cls the `struct RequestHandle`
338 struct RequestHandle *handle = cls;
339 struct MHD_Response *resp;
342 GNUNET_asprintf (&json_error,
343 "{Error while processing request: %s}",
345 resp = GNUNET_REST_create_response (json_error);
346 handle->proc (handle->proc_cls, resp, handle->response_code);
347 cleanup_handle (handle);
348 GNUNET_free (json_error);
352 * Task run on timeout, sends error message. Cleans up everything.
354 * @param cls the `struct RequestHandle`
357 do_timeout (void *cls)
359 struct RequestHandle *handle = cls;
361 handle->timeout_task = NULL;
367 * Task run on shutdown. Cleans up everything.
372 do_cleanup_handle_delayed (void *cls)
374 struct RequestHandle *handle = cls;
376 cleanup_handle (handle);
381 * Get a ticket for identity
382 * @param cls the handle
383 * @param ticket the ticket returned from the idp
386 token_creat_cont (void *cls,
388 const struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket,
389 const struct GNUNET_IDENTITY_PROVIDER_Token *token)
391 struct GNUNET_JSONAPI_Resource *json_resource;
392 struct RequestHandle *handle = cls;
393 struct MHD_Response *resp;
402 handle->emsg = GNUNET_strdup ("Error in token issue");
403 GNUNET_SCHEDULER_add_now (&do_error, handle);
407 handle->resp_object = GNUNET_JSONAPI_document_new ();
408 json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET,
410 ticket_str = GNUNET_IDENTITY_PROVIDER_ticket_to_string (ticket);
411 token_str = GNUNET_IDENTITY_PROVIDER_token_to_string (token);
412 ticket_json = json_string (ticket_str);
413 token_json = json_string (token_str);
414 GNUNET_JSONAPI_resource_add_attr (json_resource,
415 GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET,
417 GNUNET_JSONAPI_resource_add_attr (json_resource,
418 GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TOKEN,
420 GNUNET_free (ticket_str);
421 GNUNET_free (token_str);
422 json_decref (ticket_json);
423 json_decref (token_json);
424 GNUNET_JSONAPI_document_resource_add (handle->resp_object, json_resource);
426 GNUNET_JSONAPI_document_serialize (handle->resp_object, &result_str);
427 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Result %s\n", result_str);
428 resp = GNUNET_REST_create_response (result_str);
429 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
430 GNUNET_free (result_str);
431 GNUNET_SCHEDULER_add_now (&do_cleanup_handle_delayed, handle);
436 * Continueationf for token issue request
438 * @param con the Rest handle
439 * @param url the requested url
440 * @param cls the request handle
443 issue_token_cont (struct GNUNET_REST_RequestHandle *con,
447 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key;
450 struct RequestHandle *handle = cls;
451 struct EgoEntry *ego_entry;
452 struct GNUNET_HashCode key;
453 struct MHD_Response *resp;
454 struct GNUNET_CRYPTO_EcdsaPublicKey pub_key;
455 struct GNUNET_CRYPTO_EcdsaPublicKey aud_key;
456 struct GNUNET_TIME_Relative etime_rel;
457 struct GNUNET_TIME_Absolute exp_time;
466 if (GNUNET_NO == GNUNET_REST_namespace_match (handle->url,
467 GNUNET_REST_API_NS_IDENTITY_TOKEN_ISSUE))
469 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "URL invalid: %s\n", handle->url);
470 resp = GNUNET_REST_create_response (NULL);
471 handle->proc (handle->proc_cls, resp, MHD_HTTP_BAD_REQUEST);
472 cleanup_handle (handle);
477 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST,
478 strlen (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST),
481 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
484 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
485 "Issuer not found\n");
486 GNUNET_SCHEDULER_add_now (&do_error, handle);
489 ego_val = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
493 GNUNET_SCHEDULER_add_now (&do_error, handle);
494 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
499 for (ego_entry = handle->ego_head;
501 ego_entry = ego_entry->next)
503 if (0 != strcmp (ego_val, ego_entry->identifier))
505 egoname = ego_entry->identifier;
508 if ( (NULL == egoname) ||
509 (NULL == ego_entry) )
511 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
512 "Ego not found: %s\n",
514 GNUNET_SCHEDULER_add_now (&do_error, handle);
517 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
518 "Ego to issue token for: %s\n",
523 GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_ATTR_LIST,
524 strlen (GNUNET_IDENTITY_TOKEN_ATTR_LIST),
529 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
532 handle->emsg = GNUNET_strdup ("Scopes missing!\n");
533 GNUNET_SCHEDULER_add_now (&do_error, handle);
536 scopes = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
541 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_AUD_REQUEST,
542 strlen (GNUNET_REST_JSONAPI_IDENTITY_AUD_REQUEST),
546 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
549 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
550 "Audience missing!\n");
551 GNUNET_SCHEDULER_add_now (&do_error, handle);
554 audience = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
556 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
557 "Audience to issue token for: %s\n",
560 priv_key = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego);
561 GNUNET_IDENTITY_ego_get_public_key (ego_entry->ego,
563 GNUNET_STRINGS_string_to_data (audience,
566 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
570 GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_REQUEST_NONCE,
571 strlen (GNUNET_IDENTITY_TOKEN_REQUEST_NONCE),
574 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
577 handle->emsg = GNUNET_strdup ("Request nonce missing!\n");
578 GNUNET_SCHEDULER_add_now (&do_error, handle);
581 nonce_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
583 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
584 "Request nonce: %s\n",
586 GNUNET_assert (1 == sscanf (nonce_str, "%"SCNu64, &nonce));
588 //Get expiration for token from URL parameter
589 GNUNET_CRYPTO_hash (GNUNET_IDENTITY_TOKEN_EXP_STRING,
590 strlen (GNUNET_IDENTITY_TOKEN_EXP_STRING),
594 if (GNUNET_YES == GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
597 exp_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
600 if (NULL == exp_str) {
601 handle->emsg = GNUNET_strdup ("No expiration given!\n");
602 GNUNET_SCHEDULER_add_now (&do_error, handle);
607 GNUNET_STRINGS_fancy_time_to_relative (exp_str,
610 handle->emsg = GNUNET_strdup ("Expiration invalid!\n");
611 GNUNET_SCHEDULER_add_now (&do_error, handle);
614 time = GNUNET_TIME_absolute_get().abs_value_us;
615 exp_time.abs_value_us = time + etime_rel.rel_value_us;
617 handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg);
618 handle->idp_op = GNUNET_IDENTITY_PROVIDER_issue_token (handle->idp,
631 * Build a GNUid token for identity
633 * @param cls the request handle
636 return_token_list (void *cls)
639 struct RequestHandle *handle = cls;
640 struct MHD_Response *resp;
642 GNUNET_JSONAPI_document_serialize (handle->resp_object, &result_str);
643 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Result %s\n", result_str);
644 resp = GNUNET_REST_create_response (result_str);
645 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
646 GNUNET_free (result_str);
647 cleanup_handle (handle);
652 token_collect_error_cb (void *cls)
654 struct RequestHandle *handle = cls;
661 * Collect all tokens for an ego
663 * TODO move this into the identity-provider service
667 token_collect (void *cls,
668 const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
670 unsigned int rd_count,
671 const struct GNUNET_GNSRECORD_Data *rd);
675 token_collect_finished_cb (void *cls)
677 struct RequestHandle *handle = cls;
678 struct EgoEntry *ego_tmp;
679 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key;
681 ego_tmp = handle->ego_head;
682 GNUNET_CONTAINER_DLL_remove (handle->ego_head,
685 GNUNET_free (ego_tmp->identifier);
686 GNUNET_free (ego_tmp->keystring);
687 GNUNET_free (ego_tmp);
689 if (NULL == handle->ego_head)
692 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding token END\n");
693 handle->ns_it = NULL;
694 GNUNET_SCHEDULER_add_now (&return_token_list, handle);
698 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
700 handle->ego_head->identifier);
701 priv_key = GNUNET_IDENTITY_ego_get_private_key (handle->ego_head->ego);
702 handle->ns_it = GNUNET_NAMESTORE_zone_iteration_start (handle->ns_handle,
704 &token_collect_error_cb,
708 &token_collect_finished_cb,
714 * Collect all tokens for an ego
716 * TODO move this into the identity-provider service
720 token_collect (void *cls,
721 const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone,
723 unsigned int rd_count,
724 const struct GNUNET_GNSRECORD_Data *rd)
726 struct RequestHandle *handle = cls;
729 struct GNUNET_JSONAPI_Resource *json_resource;
733 for (i = 0; i < rd_count; i++)
735 if (rd[i].record_type == GNUNET_GNSRECORD_TYPE_ID_TOKEN)
737 data = GNUNET_GNSRECORD_value_to_string (rd[i].record_type,
740 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding token: %s\n", data);
741 json_resource = GNUNET_JSONAPI_resource_new (GNUNET_REST_JSONAPI_IDENTITY_TOKEN,
743 issuer = json_string (handle->ego_head->identifier);
744 GNUNET_JSONAPI_resource_add_attr (json_resource,
745 GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST,
747 json_decref (issuer);
748 token = json_string (data);
749 GNUNET_JSONAPI_resource_add_attr (json_resource,
750 GNUNET_REST_JSONAPI_IDENTITY_TOKEN,
754 GNUNET_JSONAPI_document_resource_add (handle->resp_object, json_resource);
759 GNUNET_NAMESTORE_zone_iterator_next (handle->ns_it);
765 * Respond to OPTIONS request
767 * @param con_handle the connection handle
769 * @param cls the RequestHandle
772 list_token_cont (struct GNUNET_REST_RequestHandle *con_handle,
777 struct GNUNET_HashCode key;
778 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_key;
779 struct RequestHandle *handle = cls;
780 struct EgoEntry *ego_entry;
781 struct EgoEntry *ego_tmp;
783 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST,
784 strlen (GNUNET_REST_JSONAPI_IDENTITY_ISS_REQUEST),
788 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
791 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "No issuer given.\n");
792 GNUNET_SCHEDULER_add_now (&do_error, handle);
795 ego_val = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
797 //Remove non-matching egos
798 for (ego_entry = handle->ego_head;
802 ego_entry = ego_entry->next;
803 if (0 != strcmp (ego_val, ego_tmp->identifier))
805 GNUNET_CONTAINER_DLL_remove (handle->ego_head,
808 GNUNET_free (ego_tmp->identifier);
809 GNUNET_free (ego_tmp->keystring);
810 GNUNET_free (ego_tmp);
813 handle->resp_object = GNUNET_JSONAPI_document_new ();
814 if (NULL == handle->ego_head)
817 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "No results.\n");
818 GNUNET_SCHEDULER_add_now (&return_token_list, handle);
821 priv_key = GNUNET_IDENTITY_ego_get_private_key (handle->ego_head->ego);
822 handle->ns_handle = GNUNET_NAMESTORE_connect (cfg);
823 handle->ns_it = GNUNET_NAMESTORE_zone_iteration_start (handle->ns_handle,
825 &token_collect_error_cb,
829 &token_collect_finished_cb,
835 * Return token to requestor
837 * @param cls request handle
838 * @param token the token
841 exchange_cont (void *cls,
842 const struct GNUNET_IDENTITY_PROVIDER_Token *token,
843 uint64_t ticket_nonce)
846 struct RequestHandle *handle = cls;
847 struct MHD_Response *resp;
848 struct GNUNET_HashCode key;
852 uint64_t expected_nonce;
855 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE,
856 strlen (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_EXPECTED_NONCE),
860 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
863 handle->emsg = GNUNET_strdup ("No nonce given.");
864 GNUNET_SCHEDULER_add_now (&do_error, handle);
867 nonce_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
869 GNUNET_assert (1 == sscanf (nonce_str, "%"SCNu64, &expected_nonce));
871 if (ticket_nonce != expected_nonce)
873 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
874 "Ticket nonce %"SCNu64" does not match expected nonce %"SCNu64"\n",
875 ticket_nonce, expected_nonce);
876 handle->emsg = GNUNET_strdup ("Ticket nonce does not match expected nonce\n");
877 GNUNET_SCHEDULER_add_now (&do_error, handle);
881 root = json_object ();
882 token_str = GNUNET_IDENTITY_PROVIDER_token_to_string (token);
883 json_object_set_new (root, "token", json_string (token_str));
884 json_object_set_new (root, "token_type", json_string ("jwt"));
885 GNUNET_free (token_str);
887 result = json_dumps (root, JSON_INDENT(1));
888 resp = GNUNET_REST_create_response (result);
889 GNUNET_free (result);
890 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
891 cleanup_handle (handle);
898 * Callback called when identity for token exchange has been found
900 * @param cls request handle
901 * @param ego the identity to use as issuer
902 * @param ctx user context
903 * @param name identity name
907 exchange_token_ticket_cb (void *cls,
908 struct GNUNET_IDENTITY_Ego *ego,
912 struct RequestHandle *handle = cls;
913 struct GNUNET_HashCode key;
914 struct GNUNET_IDENTITY_PROVIDER_Ticket *ticket;
921 handle->emsg = GNUNET_strdup ("No identity found.");
922 GNUNET_SCHEDULER_add_now (&do_error, handle);
927 GNUNET_CRYPTO_hash (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET,
928 strlen (GNUNET_REST_JSONAPI_IDENTITY_PROVIDER_TICKET),
932 GNUNET_CONTAINER_multihashmap_contains (handle->conndata_handle->url_param_map,
935 handle->emsg = GNUNET_strdup ("No ticket given.");
936 GNUNET_SCHEDULER_add_now (&do_error, handle);
939 ticket_str = GNUNET_CONTAINER_multihashmap_get (handle->conndata_handle->url_param_map,
941 handle->priv_key = GNUNET_IDENTITY_ego_get_private_key (ego);
942 GNUNET_IDENTITY_PROVIDER_string_to_ticket (ticket_str,
945 handle->idp = GNUNET_IDENTITY_PROVIDER_connect (cfg);
946 handle->idp_op = GNUNET_IDENTITY_PROVIDER_exchange_ticket (handle->idp,
951 GNUNET_IDENTITY_PROVIDER_ticket_destroy (ticket);
958 * Respond to issue request
960 * @param con_handle the connection handle
962 * @param cls the RequestHandle
965 exchange_token_ticket_cont (struct GNUNET_REST_RequestHandle *con_handle,
969 struct RequestHandle *handle = cls;
972 handle->op = GNUNET_IDENTITY_get (handle->identity_handle,
974 &exchange_token_ticket_cb,
979 * Respond to OPTIONS request
981 * @param con_handle the connection handle
983 * @param cls the RequestHandle
986 options_cont (struct GNUNET_REST_RequestHandle *con_handle,
990 struct MHD_Response *resp;
991 struct RequestHandle *handle = cls;
993 //For now, independent of path return all options
994 resp = GNUNET_REST_create_response (NULL);
995 MHD_add_response_header (resp,
996 "Access-Control-Allow-Methods",
998 handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
999 cleanup_handle (handle);
1004 * Handle rest request
1006 * @param handle the request handle
1009 init_cont (struct RequestHandle *handle)
1011 struct GNUNET_REST_RequestHandlerError err;
1012 static const struct GNUNET_REST_RequestHandler handlers[] = {
1013 {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_TOKEN_ISSUE, &issue_token_cont},
1014 //{MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_TOKEN_CHECK, &check_token_cont},
1015 {MHD_HTTP_METHOD_GET, GNUNET_REST_API_NS_IDENTITY_PROVIDER, &list_token_cont},
1016 {MHD_HTTP_METHOD_OPTIONS, GNUNET_REST_API_NS_IDENTITY_PROVIDER, &options_cont},
1017 {MHD_HTTP_METHOD_POST, GNUNET_REST_API_NS_IDENTITY_OAUTH2_TOKEN, &exchange_token_ticket_cont},
1018 GNUNET_REST_HANDLER_END
1021 if (GNUNET_NO == GNUNET_REST_handle_request (handle->conndata_handle,
1026 handle->response_code = err.error_code;
1027 GNUNET_SCHEDULER_add_now (&do_error, handle);
1032 * If listing is enabled, prints information about the egos.
1034 * This function is initially called for all egos and then again
1035 * whenever a ego's identifier changes or if it is deleted. At the
1036 * end of the initial pass over all egos, the function is once called
1037 * with 'NULL' for 'ego'. That does NOT mean that the callback won't
1038 * be invoked in the future or that there was an error.
1040 * When used with 'GNUNET_IDENTITY_create' or 'GNUNET_IDENTITY_get',
1041 * this function is only called ONCE, and 'NULL' being passed in
1042 * 'ego' does indicate an error (i.e. name is taken or no default
1043 * value is known). If 'ego' is non-NULL and if '*ctx'
1044 * is set in those callbacks, the value WILL be passed to a subsequent
1045 * call to the identity callback of 'GNUNET_IDENTITY_connect' (if
1046 * that one was not NULL).
1048 * When an identity is renamed, this function is called with the
1049 * (known) ego but the NEW identifier.
1051 * When an identity is deleted, this function is called with the
1052 * (known) ego and "NULL" for the 'identifier'. In this case,
1053 * the 'ego' is henceforth invalid (and the 'ctx' should also be
1056 * @param cls closure
1057 * @param ego ego handle
1058 * @param ctx context for application to store data for this ego
1059 * (during the lifetime of this process, initially NULL)
1060 * @param identifier identifier assigned by the user for this ego,
1061 * NULL if the user just deleted the ego and it
1062 * must thus no longer be used
1065 list_ego (void *cls,
1066 struct GNUNET_IDENTITY_Ego *ego,
1068 const char *identifier)
1070 struct RequestHandle *handle = cls;
1071 struct EgoEntry *ego_entry;
1072 struct GNUNET_CRYPTO_EcdsaPublicKey pk;
1074 if ((NULL == ego) && (ID_REST_STATE_INIT == handle->state))
1076 handle->state = ID_REST_STATE_POST_INIT;
1080 if (ID_REST_STATE_INIT == handle->state) {
1081 ego_entry = GNUNET_new (struct EgoEntry);
1082 GNUNET_IDENTITY_ego_get_public_key (ego, &pk);
1083 ego_entry->keystring =
1084 GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk);
1085 ego_entry->ego = ego;
1086 ego_entry->identifier = GNUNET_strdup (identifier);
1087 GNUNET_CONTAINER_DLL_insert_tail(handle->ego_head,handle->ego_tail, ego_entry);
1093 * Function processing the REST call
1095 * @param method HTTP method
1096 * @param url URL of the HTTP request
1097 * @param data body of the HTTP request (optional)
1098 * @param data_size length of the body
1099 * @param proc callback function for the result
1100 * @param proc_cls closure for callback function
1101 * @return GNUNET_OK if request accepted
1104 rest_identity_process_request(struct GNUNET_REST_RequestHandle *conndata_handle,
1105 GNUNET_REST_ResultProcessor proc,
1108 struct RequestHandle *handle = GNUNET_new (struct RequestHandle);
1110 handle->timeout = GNUNET_TIME_UNIT_FOREVER_REL;
1111 handle->proc_cls = proc_cls;
1112 handle->proc = proc;
1113 handle->state = ID_REST_STATE_INIT;
1114 handle->conndata_handle = conndata_handle;
1117 handle->url = GNUNET_strdup (conndata_handle->url);
1118 if (handle->url[strlen (handle->url)-1] == '/')
1119 handle->url[strlen (handle->url)-1] = '\0';
1120 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1122 handle->identity_handle = GNUNET_IDENTITY_connect (cfg,
1125 handle->timeout_task =
1126 GNUNET_SCHEDULER_add_delayed (handle->timeout,
1129 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1134 * Entry point for the plugin.
1136 * @param cls Config info
1137 * @return NULL on error, otherwise the plugin context
1140 libgnunet_plugin_rest_identity_provider_init (void *cls)
1142 static struct Plugin plugin;
1143 struct GNUNET_REST_Plugin *api;
1146 if (NULL != plugin.cfg)
1147 return NULL; /* can only initialize once! */
1148 memset (&plugin, 0, sizeof (struct Plugin));
1150 api = GNUNET_new (struct GNUNET_REST_Plugin);
1152 api->name = GNUNET_REST_API_NS_IDENTITY_PROVIDER;
1153 api->process_request = &rest_identity_process_request;
1154 GNUNET_asprintf (&allow_methods,
1155 "%s, %s, %s, %s, %s",
1156 MHD_HTTP_METHOD_GET,
1157 MHD_HTTP_METHOD_POST,
1158 MHD_HTTP_METHOD_PUT,
1159 MHD_HTTP_METHOD_DELETE,
1160 MHD_HTTP_METHOD_OPTIONS);
1162 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1163 _("Identity Token REST API initialized\n"));
1169 * Exit point from the plugin.
1171 * @param cls the plugin context (as returned by "init")
1172 * @return always NULL
1175 libgnunet_plugin_rest_identity_provider_done (void *cls)
1177 struct GNUNET_REST_Plugin *api = cls;
1178 struct Plugin *plugin = api->cls;
1181 GNUNET_free_non_null (allow_methods);
1183 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1184 "Identity Token REST plugin is finished\n");
1188 /* end of plugin_rest_gns.c */
projects / oweals / gnunet.git / blob