*/
struct GNUNET_CONTAINER_MultiHashMap *OIDC_cookie_jar_map;
-/**
- * OIDC authorized identities and times hashmap
- */
-struct GNUNET_CONTAINER_MultiHashMap *OIDC_identity_grants;
-
-/**
- * OIDC Hash map that keeps track of used authorization code(s)
- */
-struct GNUNET_CONTAINER_MultiHashMap *OIDC_used_ticket_map;
-
/**
* Hash map that links the issued access token to the corresponding ticket and
* ego
char *access_token;
char *jwt_secret;
char *nonce;
- int i = 1;
/*
* Check Authorization
GNUNET_CRYPTO_hash (OIDC_GRANT_TYPE_KEY,
strlen (OIDC_GRANT_TYPE_KEY),
&cache_key);
- if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle
- ->url_param_map,
- &cache_key))
+ grant_type = get_url_parameter_copy (handle, OIDC_GRANT_TYPE_KEY);
+ if (NULL == grant_type)
{
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_REQUEST);
handle->edesc = GNUNET_strdup ("missing parameter grant_type");
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- grant_type =
- GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map,
- &cache_key);
-
- // REQUIRED code
- GNUNET_CRYPTO_hash (OIDC_CODE_KEY, strlen (OIDC_CODE_KEY), &cache_key);
- if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle
- ->url_param_map,
- &cache_key))
- {
- handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_REQUEST);
- handle->edesc = GNUNET_strdup ("missing parameter code");
- handle->response_code = MHD_HTTP_BAD_REQUEST;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
- }
- code = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map,
- &cache_key);
-
- // REQUIRED redirect_uri
- GNUNET_CRYPTO_hash (OIDC_REDIRECT_URI_KEY,
- strlen (OIDC_REDIRECT_URI_KEY),
- &cache_key);
- if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle
- ->url_param_map,
- &cache_key))
- {
- handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_REQUEST);
- handle->edesc = GNUNET_strdup ("missing parameter redirect_uri");
- handle->response_code = MHD_HTTP_BAD_REQUEST;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
- }
// Check parameter grant_type == "authorization_code"
if (0 != strcmp (OIDC_GRANT_TYPE_VALUE, grant_type))
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- GNUNET_CRYPTO_hash (code, strlen (code), &cache_key);
- if (GNUNET_SYSERR == GNUNET_CONTAINER_multihashmap_put (
- OIDC_used_ticket_map,
- &cache_key,
- &i,
- GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY))
+
+ // REQUIRED code
+ code = get_url_parameter_copy (handle, OIDC_CODE_KEY);
+ if (NULL == code)
{
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_REQUEST);
- handle->edesc = GNUNET_strdup ("Cannot use the same code more than once");
+ handle->edesc = GNUNET_strdup ("missing parameter code");
handle->response_code = MHD_HTTP_BAD_REQUEST;
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- // TODO We should collect the attributes here. cl always empty
id_token = OIDC_id_token_new (&ticket.audience,
&ticket.identity,
cl,
handle->oidc = GNUNET_new (struct OIDC_Variables);
if (NULL == OIDC_cookie_jar_map)
OIDC_cookie_jar_map = GNUNET_CONTAINER_multihashmap_create (10, GNUNET_NO);
- if (NULL == OIDC_identity_grants)
- OIDC_identity_grants = GNUNET_CONTAINER_multihashmap_create (10, GNUNET_NO);
- if (NULL == OIDC_used_ticket_map)
- OIDC_used_ticket_map = GNUNET_CONTAINER_multihashmap_create (10, GNUNET_NO);
if (NULL == OIDC_access_token_map)
OIDC_access_token_map =
GNUNET_CONTAINER_multihashmap_create (10, GNUNET_NO);
MHD_HTTP_METHOD_OPTIONS);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- _ ("Identity Provider REST API initialized\n"));
+ _ ("OpenID Connect REST API initialized\n"));
return api;
}
GNUNET_free_non_null (value);
GNUNET_CONTAINER_multihashmap_destroy (OIDC_cookie_jar_map);
- hashmap_it =
- GNUNET_CONTAINER_multihashmap_iterator_create (OIDC_identity_grants);
- while (GNUNET_YES ==
- GNUNET_CONTAINER_multihashmap_iterator_next (hashmap_it, NULL, value))
- GNUNET_free_non_null (value);
- GNUNET_CONTAINER_multihashmap_destroy (OIDC_identity_grants);
-
- hashmap_it =
- GNUNET_CONTAINER_multihashmap_iterator_create (OIDC_used_ticket_map);
- while (GNUNET_YES ==
- GNUNET_CONTAINER_multihashmap_iterator_next (hashmap_it, NULL, value))
- GNUNET_free_non_null (value);
- GNUNET_CONTAINER_multihashmap_destroy (OIDC_used_ticket_map);
-
hashmap_it =
GNUNET_CONTAINER_multihashmap_iterator_create (OIDC_access_token_map);
while (GNUNET_YES ==
GNUNET_free_non_null (allow_methods);
GNUNET_free (api);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Identity Provider REST plugin is finished\n");
+ "OpenID Connect REST plugin is finished\n");
return NULL;
}
-/* end of plugin_rest_identity_provider.c */
+/* end of plugin_rest_openid_connect.c */
projects / oweals / gnunet.git / commitdiff