Basic Functionality Implemented
authorMarkus Voggenreiter <Markus.Voggenreiter@tum.de>
Wed, 27 Nov 2019 11:30:49 +0000 (12:30 +0100)
committerSchanzenbach, Martin <mschanzenbach@posteo.de>
Mon, 13 Jan 2020 12:31:05 +0000 (13:31 +0100)
12 files changed:
src/include/gnunet_gnsrecord_lib.h
src/include/gnunet_reclaim_attribute_lib.h
src/reclaim-attribute/reclaim_attribute.c
src/reclaim/gnunet-service-reclaim.c
src/reclaim/gnunet-service-reclaim_tickets.c
src/reclaim/json_reclaim.c
src/reclaim/oidc_helper.c
src/reclaim/oidc_helper.h
src/reclaim/plugin_gnsrecord_reclaim.c
src/reclaim/plugin_rest_openid_connect.c
src/reclaim/plugin_rest_reclaim.c
src/reclaim/reclaim_api.c

index b49e39b7606be70c00852ea831749acd1e404018..797c713809d1f1742f29d1b954630ef1dbd6d52b 100644 (file)
@@ -150,15 +150,6 @@ extern "C" {
  */
 #define GNUNET_GNSRECORD_TYPE_RECLAIM_REFERENCE 65555
 
-/**
- * Record type for reclaim attestation records
- */
-#define GNUNET_GNSRECORD_TYPE_RECLAIM_ATTEST_REF 65556
-
-/**
- * Record type for reclaim reference records
- */
-#define GNUNET_GNSRECORD_TYPE_RECLAIM_REFERENCE_REF 65557
 
 /**
  * Flags that can be set for a record.
index c761d20ed56ea4c15423be0b63239b27a8cd6baf..004f2bd10cf2a3b3d41d3d4295b14f9020be51c9 100644 (file)
@@ -198,6 +198,20 @@ struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry
    * The attribute claim
    */
   struct GNUNET_RECLAIM_ATTRIBUTE_Claim *claim;
+  /**
+   * The attestation claim
+   */
+  struct GNUNET_RECLAIM_ATTESTATION_Claim *attest;
+
+  /**
+  * The reference
+  */
+  struct GNUNET_RECLAIM_ATTESTATION_REFERENCE *reference;
+};
+
+struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType
+{
+  uint32_t type;
 };
 
 
@@ -278,6 +292,14 @@ GNUNET_RECLAIM_ATTRIBUTE_list_serialize (
 struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *
 GNUNET_RECLAIM_ATTRIBUTE_list_deserialize (const char *data, size_t data_size);
 
+/**
+ * Count attestations in claim list
+ *
+ * @param attrs list
+ */
+int
+GNUNET_RECLAIM_ATTRIBUTE_list_count_attest (
+  const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs);
 
 /**
  * Get required size for serialization buffer
index 207bfb61752d4ff20b7cdc39b0fd50497dbd5811..43199c1081770af61817513b0bd1e4190f69b7ac 100644 (file)
@@ -476,7 +476,30 @@ GNUNET_RECLAIM_ATTRIBUTE_list_serialize_get_size (
   size_t len = 0;
 
   for (le = attrs->list_head; NULL != le; le = le->next)
-    len += GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (le->claim);
+  {
+    if (NULL != le->claim)
+    {
+      len += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      len += GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (le->claim);
+    }
+    else if (NULL != le->attest )
+    {
+      len += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      len += GNUNET_RECLAIM_ATTESTATION_serialize_get_size (le->attest);
+    }
+    else if (NULL != le->reference)
+    {
+      len += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      len += GNUNET_RECLAIM_ATTESTATION_REF_serialize_get_size (le->reference);
+    }
+    else
+    {
+      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                  "Unserialized Claim List Entry Type for size not known.\n");
+      break;
+    }
+    len += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+  }
   return len;
 }
 
@@ -497,14 +520,50 @@ GNUNET_RECLAIM_ATTRIBUTE_list_serialize (
   size_t len;
   size_t total_len;
   char *write_ptr;
-
   write_ptr = result;
   total_len = 0;
   for (le = attrs->list_head; NULL != le; le = le->next)
   {
-    len = GNUNET_RECLAIM_ATTRIBUTE_serialize (le->claim, write_ptr);
-    total_len += len;
-    write_ptr += len;
+    struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType *list_type;
+    if (NULL != le->claim)
+    {
+      list_type = (struct
+                   GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType *) write_ptr;
+      list_type->type = htons (1);
+      total_len += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      write_ptr += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      len = GNUNET_RECLAIM_ATTRIBUTE_serialize (le->claim, write_ptr);
+      total_len += len;
+      write_ptr += len;
+    }
+    else if (NULL != le->attest )
+    {
+      list_type = (struct
+                   GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType *) write_ptr;
+      list_type->type = htons (2);
+      total_len += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      write_ptr += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      len = GNUNET_RECLAIM_ATTESTATION_serialize (le->attest, write_ptr);
+      total_len += len;
+      write_ptr += len;
+    }
+    else if (NULL != le->reference)
+    {
+      list_type = (struct
+                   GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType *) write_ptr;
+      list_type->type = htons (3);
+      total_len += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      write_ptr += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      len = GNUNET_RECLAIM_ATTESTATION_REF_serialize (le->reference, write_ptr);
+      total_len += len;
+      write_ptr += len;
+    }
+    else
+    {
+      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                  "Unserialized Claim List Entry Type not known.\n");
+      continue;
+    }
   }
   return total_len;
 }
@@ -525,23 +584,75 @@ GNUNET_RECLAIM_ATTRIBUTE_list_deserialize (const char *data, size_t data_size)
   size_t attr_len;
   const char *read_ptr;
 
-  if (data_size < sizeof(struct Attribute))
+  if ((data_size < sizeof(struct Attribute) + sizeof(struct
+                                                     GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry))
+      && (data_size < sizeof(struct
+                             Attestation)
+          + sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry)) &&
+      (data_size < sizeof(struct Attestation_Reference) + sizeof(struct
+                                                                 GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry)) )
     return NULL;
 
   attrs = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList);
   read_ptr = data;
   while (((data + data_size) - read_ptr) >= sizeof(struct Attribute))
   {
-    le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
-    le->claim =
-      GNUNET_RECLAIM_ATTRIBUTE_deserialize (read_ptr,
-                                            data_size - (read_ptr - data));
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                "Deserialized attribute %s\n",
-                le->claim->name);
-    GNUNET_CONTAINER_DLL_insert (attrs->list_head, attrs->list_tail, le);
-    attr_len = GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (le->claim);
-    read_ptr += attr_len;
+    struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType *list_type;
+    list_type = (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType *) read_ptr;
+    if (1 == ntohs (list_type->type))
+    {
+      le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+      read_ptr += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      if (((data + data_size) - read_ptr) < sizeof(struct Attribute))
+        break;
+      le->attest = NULL;
+      le->reference = NULL;
+      le->claim =
+        GNUNET_RECLAIM_ATTRIBUTE_deserialize (read_ptr,
+                                              data_size - (read_ptr - data));
+      GNUNET_CONTAINER_DLL_insert (attrs->list_head, attrs->list_tail, le);
+      attr_len = GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (le->claim);
+      read_ptr += attr_len;
+    }
+    else if (2 == ntohs (list_type->type))
+    {
+      le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+      read_ptr += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      if (((data + data_size) - read_ptr) < sizeof(struct Attestation))
+        break;
+      le->claim = NULL;
+      le->reference = NULL;
+      le->attest =
+        GNUNET_RECLAIM_ATTESTATION_deserialize (read_ptr,
+                                                data_size - (read_ptr - data));
+      GNUNET_CONTAINER_DLL_insert (attrs->list_head, attrs->list_tail, le);
+      attr_len = GNUNET_RECLAIM_ATTESTATION_serialize_get_size (le->attest);
+      read_ptr += attr_len;
+    }
+    else if (3 == ntohs (list_type->type))
+    {
+      le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+      read_ptr += sizeof(struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntryType);
+      if (((data + data_size) - read_ptr) < sizeof(struct
+                                                   Attestation_Reference))
+        break;
+      le->claim = NULL;
+      le->attest = NULL;
+      le->reference =
+        GNUNET_RECLAIM_ATTESTATION_REF_deserialize (read_ptr,
+                                                    data_size - (read_ptr
+                                                                 - data));
+      GNUNET_CONTAINER_DLL_insert (attrs->list_head, attrs->list_tail, le);
+      attr_len = GNUNET_RECLAIM_ATTESTATION_REF_serialize_get_size (
+        le->reference);
+      read_ptr += attr_len;
+    }
+    else
+    {
+      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                  "Serialized Claim List Entry Type not known.\n");
+      break;
+    }
   }
   return attrs;
 }
@@ -561,16 +672,45 @@ GNUNET_RECLAIM_ATTRIBUTE_list_dup (
   struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *result;
 
   result = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList);
+  if (NULL == attrs->list_head)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Duplicating empty List\n");
+  }
   for (le = attrs->list_head; NULL != le; le = le->next)
   {
     result_le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
-    result_le->claim =
-      GNUNET_RECLAIM_ATTRIBUTE_claim_new (le->claim->name,
-                                          le->claim->type,
-                                          le->claim->data,
-                                          le->claim->data_size);
-    result_le->claim->id = le->claim->id;
-    result_le->claim->flag = le->claim->flag;
+    result_le->claim = NULL;
+    result_le->attest = NULL;
+    result_le->reference = NULL;
+    if (NULL != le->claim)
+    {
+      result_le->claim =
+        GNUNET_RECLAIM_ATTRIBUTE_claim_new (le->claim->name,
+                                            le->claim->type,
+                                            le->claim->data,
+                                            le->claim->data_size);
+
+      result_le->claim->id = le->claim->id;
+      result_le->claim->flag = le->claim->flag;
+    }
+    if ( NULL != le->attest)
+    {
+      result_le->attest = GNUNET_RECLAIM_ATTESTATION_claim_new (
+        le->attest->name,
+        le->attest->type,
+        le->attest->data,
+        le->attest->
+        data_size);
+      result_le->attest->id = le->attest->id;
+    }
+    if (NULL !=le->reference)
+    {
+      result_le->reference = GNUNET_RECLAIM_ATTESTATION_reference_new (
+        le->reference->name,
+        le->reference->reference_value);
+      result_le->reference->id = le->reference->id;
+      result_le->reference->id_attest = le->reference->id_attest;
+    }
     GNUNET_CONTAINER_DLL_insert (result->list_head,
                                  result->list_tail,
                                  result_le);
@@ -591,9 +731,14 @@ GNUNET_RECLAIM_ATTRIBUTE_list_destroy (
   struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
   struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *tmp_le;
 
-  for (le = attrs->list_head; NULL != le;)
+  for (le = attrs->list_head; NULL != le; le = le->next)
   {
-    GNUNET_free (le->claim);
+    if (NULL != le->claim)
+      GNUNET_free (le->claim);
+    if (NULL != le->attest)
+      GNUNET_free (le->attest);
+    if (NULL != le->reference)
+      GNUNET_free (le->reference);
     tmp_le = le;
     le = le->next;
     GNUNET_free (tmp_le);
@@ -601,7 +746,24 @@ GNUNET_RECLAIM_ATTRIBUTE_list_destroy (
   GNUNET_free (attrs);
 }
 
-
+/**
+ * Count attestations in claim list
+ *
+ * @param attrs list
+ */
+int
+GNUNET_RECLAIM_ATTRIBUTE_list_count_attest (
+  const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs)
+{
+  struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
+  int i = 0;
+  for (le = attrs->list_head; NULL != le; le = le->next)
+  {
+    if (NULL != le->attest)
+      i++;
+  }
+  return i;
+}
 /**
  * Get required size for serialization buffer
  *
index fcbd9413f3c10371fe9ec6f1c601906213f85f3e..8b7557090e6722030d7eb6734deb9451e4f31e3a 100644 (file)
@@ -1250,6 +1250,31 @@ reference_store_cont (void *cls, int32_t success, const char *emsg)
   cleanup_as_handle (ash);
 }
 
+/**
+     * Send a reference error response
+     *
+     * @param ash our attribute store handle
+     * @param success the success status
+     */
+static void
+send_ref_error (struct AttributeStoreHandle  *ash)
+{
+  struct GNUNET_MQ_Envelope *env;
+  struct SuccessResultMessage *acr_msg;
+
+  ash->ns_qe = NULL;
+  GNUNET_CONTAINER_DLL_remove (ash->client->store_op_head,
+                               ash->client->store_op_tail,
+                               ash);
+
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sending SUCCESS_RESPONSE message\n");
+  env = GNUNET_MQ_msg (acr_msg, GNUNET_MESSAGE_TYPE_RECLAIM_SUCCESS_RESPONSE);
+  acr_msg->id = htonl (ash->r_id);
+  acr_msg->op_result = htonl (GNUNET_SYSERR);
+  GNUNET_MQ_send (ash->client->mq, env);
+  cleanup_as_handle (ash);
+}
+
 /**
 * Check for existing record before storing reference
 *
@@ -1272,33 +1297,46 @@ ref_add_cb (void *cls,
   buf_size = GNUNET_RECLAIM_ATTESTATION_REF_serialize_get_size (ash->reference);
   buf = GNUNET_malloc (buf_size);
   GNUNET_RECLAIM_ATTESTATION_REF_serialize (ash->reference, buf);
+  struct GNUNET_RECLAIM_ATTESTATION_REFERENCE *ref;
+  char *data_tmp;
   if (0 == rd_count )
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Failed to find Attestation entry for Attestation reference\n");
-    cleanup_as_handle (ash);
-    GNUNET_SCHEDULER_add_now (&do_shutdown, NULL);
+    send_ref_error (ash);
     return;
   }
   if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTEST_ATTR != rd[0].record_type)
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                 "Intended Reference storage location is not an attestation\n");
-    cleanup_as_handle (ash);
-    GNUNET_SCHEDULER_add_now (&do_shutdown, NULL);
+    send_ref_error (ash);
     return;
   }
   struct GNUNET_GNSRECORD_Data rd_new[rd_count + 1];
   int i;
   for (i = 0; i<rd_count; i++)
   {
+    data_tmp = GNUNET_malloc (rd[i].data_size);
+    GNUNET_memcpy (data_tmp, rd[i].data, rd[i].data_size);
+    ref = GNUNET_RECLAIM_ATTESTATION_REF_deserialize (data_tmp, htons (
+                                                        rd[i].data_size));
     rd_new[i] = rd[i];
+    if ((strcmp (ash->reference->name,ref->name) == 0)&&
+        (strcmp (ash->reference->reference_value,ref->reference_value)==0) )
+    {
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                  "Reference already stored\n");
+      reference_store_cont (ash,GNUNET_OK, NULL);
+      return;
+    }
   }
   rd_new[rd_count].data_size = buf_size;
   rd_new[rd_count].data = buf;
   rd_new[rd_count].record_type = GNUNET_GNSRECORD_TYPE_RECLAIM_REFERENCE;
   rd_new[rd_count].flags = GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
   rd_new[rd_count].expiration_time = ash->exp.rel_value_us;
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Encrypting with label %s\n", label);
   ash->ns_qe = GNUNET_NAMESTORE_records_store (nsh,
                                                &ash->identity,
                                                label,
@@ -1339,7 +1377,8 @@ reference_store_task (void *cls)
 
   label = GNUNET_STRINGS_data_to_string_alloc (&ash->reference->id,
                                                sizeof(uint64_t));
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Encrypting with label %s\n", label);
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+              "Looking up existing data under label %s\n", label);
 // Test for the content of the existing ID
 
   ash->ns_qe = GNUNET_NAMESTORE_records_lookup (nsh,
@@ -1452,9 +1491,7 @@ ticket_iter (void *cls,
   int has_changed = GNUNET_NO;
   for (int i = 0; i < rd_count; i++)
   {
-    if ((GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF != rd[i].record_type) &&
-        (GNUNET_GNSRECORD_TYPE_RECLAIM_REFERENCE_REF != rd[i].record_type) &&
-        (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTEST_REF != rd[i].record_type))
+    if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF != rd[i].record_type)
       continue;
     if (&adh->claim != NULL)
       if (0 != memcmp (rd[i].data, &adh->claim->id, sizeof(uint64_t)))
@@ -1559,10 +1596,10 @@ update_tickets (void *cls)
     if ((GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF == rd[i].record_type)
         && (0 == memcmp (rd[i].data, &adh->claim->id, sizeof(uint64_t))))
       continue;
-    if ((GNUNET_GNSRECORD_TYPE_RECLAIM_REFERENCE_REF == rd[i].record_type)
+    if ((GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF == rd[i].record_type)
         && (0 == memcmp (rd[i].data, &adh->attest->id, sizeof(uint64_t))))
       continue;
-    if ((GNUNET_GNSRECORD_TYPE_RECLAIM_ATTEST_REF == rd[i].record_type)
+    if ((GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF == rd[i].record_type)
         && (0 == memcmp (rd[i].data, &adh->reference->id, sizeof(uint64_t))))
       continue;
     rd_new[j] = rd[i];
@@ -1879,7 +1916,7 @@ ref_del_cb (void *cls,
   {
     data_tmp = GNUNET_malloc (rd[i].data_size);
     GNUNET_memcpy (data_tmp, rd[i].data, rd[i].data_size);
-    attr_len = htons (rd->data_size);
+    attr_len = htons (rd[i].data_size);
     ref = GNUNET_RECLAIM_ATTESTATION_REF_deserialize (data_tmp, attr_len);
     if (NULL == ref )
     {
@@ -2045,10 +2082,18 @@ attr_iter_cb (void *cls,
   }
   if (rd_count > 1)
   {
-    if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTEST_ATTR != rd[0].record_type)
+    if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF == rd[0].record_type)
+    {
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                  "Found Ticket. Ignoring.\n");
+      GNUNET_NAMESTORE_zone_iterator_next (ai->ns_it, 1);
+      return;
+    }
+    else if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTEST_ATTR != rd[0].record_type)
     {
       GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                  "Non-Attestation record with multiple entries found\n");
+                  "Non-Attestation record with multiple entries found: %u\n",
+                  rd[0].record_type);
       GNUNET_NAMESTORE_zone_iterator_next (ai->ns_it, 1);
       return;
     }
index 4d1a26333d4fdb53aa9d7bb57c0be08092608f91..b022225b886d81eaa392b0928f8b9c535c2fa997 100644 (file)
@@ -667,8 +667,7 @@ rvk_move_attr_cb (void *cls,
                   const struct GNUNET_GNSRECORD_Data *rd)
 {
   struct RECLAIM_TICKETS_RevokeHandle *rvk = cls;
-  struct GNUNET_RECLAIM_ATTRIBUTE_Claim *claim;
-  struct GNUNET_GNSRECORD_Data new_rd;
+  struct GNUNET_GNSRECORD_Data new_rd[rd_count];
   struct RevokedAttributeEntry *le;
   char *new_label;
   char *attr_data;
@@ -677,7 +676,7 @@ rvk_move_attr_cb (void *cls,
   if (0 == rd_count)
   {
     GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
-                "The attribute %s no longer exists!\n",
+                "The claim %s no longer exists!\n",
                 label);
     le = rvk->move_attr;
     rvk->move_attr = le->next;
@@ -686,32 +685,82 @@ rvk_move_attr_cb (void *cls,
     GNUNET_SCHEDULER_add_now (&move_attrs_cont, rvk);
     return;
   }
-  /** find a new place for this attribute **/
-  rvk->move_attr->new_id =
-    GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_STRONG, UINT64_MAX);
-  new_rd = *rd;
-  claim = GNUNET_RECLAIM_ATTRIBUTE_deserialize (rd->data, rd->data_size);
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              "Attribute to update: Name=%s, ID=%" PRIu64 "\n",
-              claim->name,
-              claim->id);
-  claim->id = rvk->move_attr->new_id;
-  new_rd.data_size = GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (claim);
-  attr_data = GNUNET_malloc (rd->data_size);
-  new_rd.data_size = GNUNET_RECLAIM_ATTRIBUTE_serialize (claim, attr_data);
-  new_rd.data = attr_data;
-  new_label = GNUNET_STRINGS_data_to_string_alloc (&rvk->move_attr->new_id,
-                                                   sizeof(uint64_t));
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding attribute %s\n", new_label);
+  rvk->move_attr->new_id =GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_STRONG, UINT64_MAX);
+  new_label=NULL;
+  attr_data=NULL;
+  //new_rd = *rd;
+  for (int i = 0; i < rd_count; i++)
+  {
+    if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR == rd[i].record_type)
+    {
+      /** find a new place for this attribute **/
+      struct GNUNET_RECLAIM_ATTRIBUTE_Claim *claim;
+      claim = GNUNET_RECLAIM_ATTRIBUTE_deserialize (rd[i].data, rd[i].data_size);
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                  "Attribute to update: Name=%s, ID=%" PRIu64 "\n",
+                  claim->name,
+                  claim->id);
+      claim->id = rvk->move_attr->new_id;
+      new_rd[i].data_size = GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (claim);
+      attr_data = GNUNET_malloc (rd[i].data_size);
+      new_rd[i].data_size = GNUNET_RECLAIM_ATTRIBUTE_serialize (claim, attr_data);
+      new_rd[i].data = attr_data;
+      new_rd[i].record_type = rd[i].record_type;
+      new_rd[i].flags = rd[i].flags;
+      new_rd[i].expiration_time = rd[i].expiration_time;
+      new_label = GNUNET_STRINGS_data_to_string_alloc (&rvk->move_attr->new_id,
+                                                       sizeof(uint64_t));
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding attribute %s\n", new_label);
+      GNUNET_free (claim);
+    } else if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTEST_ATTR == rd[i].record_type) 
+    {
+      struct GNUNET_RECLAIM_ATTESTATION_Claim *attest;
+      attest=GNUNET_RECLAIM_ATTESTATION_deserialize(rd[i].data, rd[i].data_size);
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                  "Attestation to update: Name=%s, ID=%" PRIu64 "\n",
+                  attest->name,
+                  attest->id);
+      attest->id = rvk->move_attr->new_id;
+      new_rd[i].data_size = GNUNET_RECLAIM_ATTESTATION_serialize_get_size (attest);
+      attr_data = GNUNET_malloc (rd[i].data_size);
+      new_rd[i].data_size = GNUNET_RECLAIM_ATTESTATION_serialize (attest, attr_data);
+      new_rd[i].data = attr_data;
+      new_rd[i].record_type = rd[i].record_type;
+      new_rd[i].flags = rd[i].flags;
+      new_rd[i].expiration_time = rd[i].expiration_time;
+      new_label = GNUNET_STRINGS_data_to_string_alloc (&rvk->move_attr->new_id, sizeof(uint64_t));
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding attestation %s\n", new_label);
+      GNUNET_free (attest);
+    } else if (GNUNET_GNSRECORD_TYPE_RECLAIM_REFERENCE == rd[i].record_type)
+    {
+      struct GNUNET_RECLAIM_ATTESTATION_REFERENCE *reference;
+      reference=GNUNET_RECLAIM_ATTESTATION_REF_deserialize(rd[i].data, rd[i].data_size);
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                  "Reference to update: Name=%s, ID=%" PRIu64 "\n",
+                  reference->name,
+                  reference->id);
+      reference->id = rvk->move_attr->new_id;
+      reference->id_attest = rvk->move_attr->new_id;
+      new_rd[i].data_size = GNUNET_RECLAIM_ATTESTATION_REF_serialize_get_size (reference);
+      attr_data = GNUNET_malloc (rd[i].data_size);
+      new_rd[i].data_size = GNUNET_RECLAIM_ATTESTATION_REF_serialize (reference, attr_data);
+      new_rd[i].data = attr_data;
+      new_label = GNUNET_STRINGS_data_to_string_alloc (&rvk->move_attr->new_id, sizeof(uint64_t));
+      new_rd[i].record_type = rd[i].record_type;
+      new_rd[i].flags = rd[i].flags;
+      new_rd[i].expiration_time = rd[i].expiration_time;
+      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding reference %s\n", new_label);
+      GNUNET_free (reference);
+    }
+  }
   rvk->ns_qe = GNUNET_NAMESTORE_records_store (nsh,
-                                               &rvk->identity,
-                                               new_label,
-                                               1,
-                                               &new_rd,
-                                               &move_attr_finished,
-                                               rvk);
+                                           &rvk->identity,
+                                           new_label,
+                                           rd_count,
+                                           new_rd,
+                                           &move_attr_finished,
+                                           rvk);
   GNUNET_free (new_label);
-  GNUNET_free (claim);
   GNUNET_free (attr_data);
 }
 
@@ -745,7 +794,7 @@ move_attrs (struct RECLAIM_TICKETS_RevokeHandle *rvk)
   }
   label = GNUNET_STRINGS_data_to_string_alloc (&rvk->move_attr->old_id,
                                                sizeof(uint64_t));
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Moving attribute %s\n", label);
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Moving claim %s\n", label);
 
   rvk->ns_qe = GNUNET_NAMESTORE_records_lookup (nsh,
                                                 &rvk->identity,
@@ -982,21 +1031,70 @@ process_parallel_lookup_result (void *cls,
 
 
   GNUNET_free (parallel_lookup);
-  if (1 != rd_count)
-    GNUNET_break (0); // FIXME: We should never find this.
-  if (rd->record_type == GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR)
+  if (0 == rd_count)
+    GNUNET_break (0);
+  // REMARK: It is possible now to find rd_count > 1
+  for (int i = 0; i < rd_count; i++)
   {
-    attr_le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
-    attr_le->claim =
-      GNUNET_RECLAIM_ATTRIBUTE_deserialize (rd->data, rd->data_size);
-    GNUNET_CONTAINER_DLL_insert (cth->attrs->list_head,
-                                 cth->attrs->list_tail,
-                                 attr_le);
-  }
+    if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR == rd[i].record_type)
+    {
+      attr_le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+      attr_le->claim =
+        GNUNET_RECLAIM_ATTRIBUTE_deserialize (rd[i].data, rd[i].data_size);
+      GNUNET_CONTAINER_DLL_insert (cth->attrs->list_head,
+                                   cth->attrs->list_tail,
+                                   attr_le);
+      attr_le->reference = NULL;
+      attr_le->attest = NULL;
+    }
+    else if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTEST_ATTR == rd[i].record_type)
+    {
+      /**Ignore all plain attestations
+      *attr_le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+      *attr_le->attest =
+      *  GNUNET_RECLAIM_ATTESTATION_deserialize (rd[i].data, rd[i].data_size);
+      *GNUNET_CONTAINER_DLL_insert (cth->attrs->list_head,
+      *                             cth->attrs->list_tail,
+      *                             attr_le);
+      */
+      continue;
+    }
+    else if (GNUNET_GNSRECORD_TYPE_RECLAIM_REFERENCE == rd[i].record_type)
+    {
+      struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *attr_le2;
+      attr_le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+      attr_le2 = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+      if (GNUNET_GNSRECORD_TYPE_RECLAIM_ATTEST_ATTR == rd[0].record_type)
+      {
+        attr_le->attest = GNUNET_RECLAIM_ATTESTATION_deserialize (rd[0].data,
+                                                                  rd[0].
+                                                                  data_size);
+        attr_le2->reference =
+          GNUNET_RECLAIM_ATTESTATION_REF_deserialize (rd[i].data,
+                                                      rd[i].data_size);
+        attr_le->claim = NULL;
+        attr_le->reference = NULL;
+        attr_le2->claim = NULL;
+        attr_le2->attest = NULL;
+        GNUNET_CONTAINER_DLL_insert (cth->attrs->list_head,
+                                     cth->attrs->list_tail,
+                                     attr_le);
+        GNUNET_CONTAINER_DLL_insert (cth->attrs->list_head,
+                                     cth->attrs->list_tail,
+                                     attr_le2);
+      }
+      else
+      {
+        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                    "Parallel Lookup of Reference without Attestation");
+        continue;
+      }
 
+
+    }
+  }
   if (NULL != cth->parallel_lookups_head)
     return; // Wait for more
-
   /* Else we are done */
   cth->cb (cth->cb_cls, &cth->ticket.identity, cth->attrs, GNUNET_OK, NULL);
   cleanup_cth (cth);
@@ -1076,7 +1174,7 @@ lookup_authz_cb (void *cls,
       GNUNET_GNS_lookup (gns,
                          lbl,
                          &cth->ticket.identity,
-                         GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR,
+                         GNUNET_GNSRECORD_TYPE_ANY,
                          GNUNET_GNS_LO_DEFAULT,
                          &process_parallel_lookup_result,
                          parallel_lookup);
@@ -1223,6 +1321,7 @@ issue_ticket (struct TicketIssueHandle *ih)
   char *label;
   size_t list_len = 1;
   int i;
+  char *attest_string;
 
   for (le = ih->attrs->list_head; NULL != le; le = le->next)
     list_len++;
@@ -1232,8 +1331,51 @@ issue_ticket (struct TicketIssueHandle *ih)
   i = 0;
   for (le = ih->attrs->list_head; NULL != le; le = le->next)
   {
-    attrs_record[i].data = &le->claim->id;
-    attrs_record[i].data_size = sizeof(le->claim->id);
+    if (NULL != le->claim)
+    {
+      attrs_record[i].data = &le->claim->id;
+      attrs_record[i].data_size = sizeof(le->claim->id);
+    }
+    else if (NULL != le->attest)
+    {
+      // REMARK: Since we only store IDs, the references are irrelevant
+      int j = 0;
+      GNUNET_asprintf (&attest_string,"%d",le->attest->id);
+      while (j<i)
+      {
+        if (0 == strcmp (attest_string,GNUNET_STRINGS_data_to_string_alloc (
+                           attrs_record[j].data, attrs_record[j].data_size)))
+          break;
+        j++;
+      }
+      if (j < i)
+      {
+        list_len--;
+        continue;
+      }
+      attrs_record[i].data = &le->attest->id;
+      attrs_record[i].data_size = sizeof(le->attest->id);
+    }
+    else if (NULL != le->reference)
+    {
+      list_len--;
+      continue;
+      /*
+      int j = 0;
+      GNUNET_asprintf (&attest_string,"%d",le->attest->id);
+      while (j<i)
+      {
+        if (strcmp(attest_string, GNUNET_STRINGS_data_to_string_alloc (
+              attrs_record[j].data, attrs_record[j].data_size)))
+          break;
+        j++;
+      }
+      if (j < i)
+        continue;
+      attrs_record[i].data = &le->reference->id;
+      attrs_record[i].data_size = sizeof(le->reference->id);
+      */
+    }
     /**
      * FIXME: Should this be the attribute expiration time or ticket
      * refresh interval? Probably min(attrs.expiration)
@@ -1344,14 +1486,34 @@ filter_tickets_cb (void *cls,
     for (le = tih->attrs->list_head; NULL != le; le = le->next)
     {
       // cmp attr_ref id with requested attr id
-      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                  " %" PRIu64 "\n  %" PRIu64 "\n",
-                  *((uint64_t *) rd[i].data),
-                  le->claim->id);
-
+      if (NULL !=le->claim)
+      {
+        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                    " %" PRIu64 "\n  %" PRIu64 "\n",
+                    *((uint64_t *) rd[i].data),
+                    le->claim->id);
+        if (0 == memcmp (rd[i].data, &le->claim->id, sizeof(uint64_t)))
+          found_attrs_cnt++;
+      }
+      else if (NULL !=le->attest)
+      {
+        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                    " %" PRIu64 "\n  %" PRIu64 "\n",
+                    *((uint64_t *) rd[i].data),
+                    le->attest->id);
+        if (0 == memcmp (rd[i].data, &le->attest->id, sizeof(uint64_t)))
+          found_attrs_cnt++;
+      }
+      else if (NULL != le->reference)
+      {
+        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+                    " %" PRIu64 "\n  %" PRIu64 "\n",
+                    *((uint64_t *) rd[i].data),
+                    le->reference->id);
+        if (0 == memcmp (rd[i].data, &le->reference->id, sizeof(uint64_t)))
+          found_attrs_cnt++;
+      }
 
-      if (0 == memcmp (rd[i].data, &le->claim->id, sizeof(uint64_t)))
-        found_attrs_cnt++;
     }
   }
 
index 552ca0e6945275b75094338997435c2001065a61..775ab58d62a1ccc78948754903e88721f9a3be71 100644 (file)
@@ -48,6 +48,7 @@ parse_attr (void *cls, json_t *root, struct GNUNET_JSON_Specification *spec)
   const char *val_str = NULL;
   const char *type_str = NULL;
   const char *id_str = NULL;
+  const char *flag_str = NULL;
   char *data;
   int unpack_state;
   uint32_t type;
@@ -63,7 +64,7 @@ parse_attr (void *cls, json_t *root, struct GNUNET_JSON_Specification *spec)
   }
   // interpret single attribute
   unpack_state = json_unpack (root,
-                              "{s:s, s?s, s:s, s:s!}",
+                              "{s:s, s?s, s:s, s:s, s?s!}",
                               "name",
                               &name_str,
                               "id",
@@ -71,7 +72,9 @@ parse_attr (void *cls, json_t *root, struct GNUNET_JSON_Specification *spec)
                               "type",
                               &type_str,
                               "value",
-                              &val_str);
+                              &val_str,
+                              "flag",
+                              &flag_str);
   if ((0 != unpack_state) || (NULL == name_str) || (NULL == val_str) ||
       (NULL == type_str))
   {
index 1c3d65f3569494d58165e8e9ec5651fd4d73cbef..2ce4628546486a9ebe085f978e25481845d4cdbe 100644 (file)
@@ -118,7 +118,7 @@ fix_base64 (char *str)
 char *
 OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
                    const struct GNUNET_CRYPTO_EcdsaPublicKey *sub_key,
-                   const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
+                   struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
                    const struct GNUNET_TIME_Relative *expiration_time,
                    const char *nonce,
                    const char *secret_key)
@@ -131,13 +131,22 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
   char *subject;
   char *header;
   char *body_str;
+  char *aggr_names_str;
+  char *aggr_sources_str;
+  char *aggr_sources_jwt_str;
+  char *source_name;
   char *result;
   char *header_base64;
   char *body_base64;
   char *signature_target;
   char *signature_base64;
   char *attr_val_str;
+  char *attest_val_str;
   json_t *body;
+  json_t *aggr_names;
+  json_t *aggr_sources;
+  json_t *aggr_sources_jwt;
+  uint64_t attest_arr[GNUNET_RECLAIM_ATTRIBUTE_list_count_attest (attrs)];
 
   // iat REQUIRED time now
   time_now = GNUNET_TIME_absolute_get ();
@@ -156,6 +165,8 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
                                                 GNUNET_CRYPTO_EcdsaPublicKey));
   header = create_jwt_header ();
   body = json_object ();
+  aggr_names = json_object ();
+  aggr_sources = json_object ();
 
   // iss REQUIRED case sensitive server uri with https
   // The issuer is the local reclaim instance (e.g.
@@ -180,18 +191,111 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
   // nonce
   if (NULL != nonce)
     json_object_set_new (body, "nonce", json_string (nonce));
-
+  int i = 0;
+  attest_val_str = NULL;
+  aggr_names_str = NULL;
+  aggr_sources_str = NULL;
+  aggr_sources_jwt_str = NULL;
+  source_name = NULL;
   for (le = attrs->list_head; NULL != le; le = le->next)
   {
-    attr_val_str =
-      GNUNET_RECLAIM_ATTRIBUTE_value_to_string (le->claim->type,
-                                                le->claim->data,
-                                                le->claim->data_size);
-    json_object_set_new (body, le->claim->name, json_string (attr_val_str));
-    GNUNET_free (attr_val_str);
+
+    if (le->claim != NULL)
+    {
+
+      attr_val_str =
+        GNUNET_RECLAIM_ATTRIBUTE_value_to_string (le->claim->type,
+                                                  le->claim->data,
+                                                  le->claim->data_size);
+      json_object_set_new (body, le->claim->name, json_string (attr_val_str));
+      GNUNET_free (attr_val_str);
+    }
+    else if (NULL != le->reference)
+    {
+      // Check if attest is there
+      int j = 0;
+      while (j<i)
+      {
+        if (attest_arr[j] == le->reference->id_attest)
+          break;
+        j++;
+      }
+      if (j==i)
+      {
+        // Attest not yet existent. Append to the end of the list
+        GNUNET_CONTAINER_DLL_remove (attrs->list_head, attrs->list_tail, le);
+        GNUNET_CONTAINER_DLL_insert_tail (attrs->list_head, attrs->list_tail,
+                                          le);
+        continue;
+      }
+      else
+      {
+        // Attestation is existing, hence take the respective source str
+        GNUNET_asprintf (&source_name,
+                         "src%d",
+                         j);
+        json_object_set_new (aggr_names, le->reference->name, json_string (
+                               source_name));
+      }
+
+    }
+    else if (NULL != le->attest)
+    {
+      // We assume that at max 99 different attestations
+      int j = 0;
+      while (j<i)
+      {
+        if (attest_arr[j] == le->attest->id)
+          break;
+        j++;
+      }
+      if (j==i)
+      {
+        // New Attestation
+        attest_arr[i] = le->attest->id;
+        GNUNET_asprintf (&source_name,
+                         "src%d",
+                         i);
+        aggr_sources_jwt = json_object ();
+        attest_val_str = GNUNET_RECLAIM_ATTESTATION_value_to_string (
+          le->attest->type, le->attest->data, le->attest->data_size);
+        json_object_set_new (aggr_sources_jwt, "JWT",json_string (
+                               attest_val_str) );
+        aggr_sources_jwt_str = json_dumps (aggr_sources_jwt, JSON_INDENT (0)
+                                           | JSON_COMPACT);
+        json_object_set_new (aggr_sources, source_name,json_string (
+                               aggr_sources_jwt_str));
+        i++;
+      }
+      else
+      {
+        // Attestation already existent. Ignore
+        continue;
+      }
+
+    }
+  }
+  if (NULL != attest_val_str)
+    GNUNET_free (attest_val_str);
+  if (NULL != source_name)
+    GNUNET_free (source_name);
+  if (0!=i)
+  {
+    aggr_names_str = json_dumps (aggr_names, JSON_INDENT (0) | JSON_COMPACT);
+    aggr_sources_str = json_dumps (aggr_sources, JSON_INDENT (0)
+                                   | JSON_COMPACT);
+    json_object_set_new (body, "_claim_names", json_string (aggr_names_str));
+    json_object_set_new (body, "_claim_sources", json_string (
+                           aggr_sources_str));
   }
+
+  json_decref (aggr_names);
+  json_decref (aggr_sources);
+  json_decref (aggr_sources_jwt);
+
   body_str = json_dumps (body, JSON_INDENT (0) | JSON_COMPACT);
   json_decref (body);
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"ID-Token: %s\n", body_str);
 
   GNUNET_STRINGS_base64_encode (header, strlen (header), &header_base64);
   fix_base64 (header_base64);
@@ -226,6 +330,12 @@ OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
   GNUNET_free (signature_target);
   GNUNET_free (header);
   GNUNET_free (body_str);
+  if (NULL != aggr_sources_str)
+    GNUNET_free (aggr_sources_str);
+  if (NULL != aggr_names_str)
+    GNUNET_free (aggr_names_str);
+  if (NULL != aggr_sources_jwt_str)
+    GNUNET_free (aggr_sources_jwt_str);
   GNUNET_free (signature_base64);
   GNUNET_free (body_base64);
   GNUNET_free (header_base64);
index 1774618e880ef716534717b5e1a1235d43685672..a7072755b51342d7390036c7ed2ae0d0db1be160 100644 (file)
@@ -51,7 +51,7 @@
 char*
 OIDC_id_token_new (const struct GNUNET_CRYPTO_EcdsaPublicKey *aud_key,
                    const struct GNUNET_CRYPTO_EcdsaPublicKey *sub_key,
-                   const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
+                   struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
                    const struct GNUNET_TIME_Relative *expiration_time,
                    const char *nonce,
                    const char *secret_key);
index 0f59082dc5e15f3e2115e85b248ec4293c1cd371..f7145a27278ff27b38ff56f72b02a3ce08c4e0f1 100644 (file)
@@ -122,8 +122,6 @@ static struct
   { "RECLAIM_OIDC_REDIRECT", GNUNET_GNSRECORD_TYPE_RECLAIM_OIDC_REDIRECT },
   { "RECLAIM_TICKET", GNUNET_GNSRECORD_TYPE_RECLAIM_TICKET },
   { "RECLAIM_REFERENCE", GNUNET_GNSRECORD_TYPE_RECLAIM_REFERENCE },
-  { "RECLAIM_REFERENCE_REF", GNUNET_GNSRECORD_TYPE_RECLAIM_REFERENCE_REF },
-  { "RECLAIM_ATTEST_REF", GNUNET_GNSRECORD_TYPE_RECLAIM_ATTEST_REF },
   { NULL, UINT32_MAX }
 };
 
index 2c4b75c3f3681c660ccf2744b1b7f3fdee2d3237..741094f21fa0b369e891d85bec30c792e992f3a8 100644 (file)
  */
 #define OIDC_NONCE_KEY "nonce"
 
+/**
+ * OIDC claims key
+ */
+#define OIDC_CLAIMS_KEY "claims"
+
 /**
  * OIDC PKCE code challenge
  */
@@ -290,6 +295,11 @@ struct OIDC_Variables
    */
   char *nonce;
 
+  /**
+   * The OIDC claims
+   */
+  char *claims;
+
   /**
    * The OIDC response type
    */
@@ -560,7 +570,12 @@ cleanup_handle (struct RequestHandle *handle)
     {
       claim_tmp = claim_entry;
       claim_entry = claim_entry->next;
-      GNUNET_free (claim_tmp->claim);
+      if (NULL != claim_tmp->claim)
+        GNUNET_free (claim_tmp->claim);
+      if (NULL != claim_tmp->attest)
+        GNUNET_free (claim_tmp->attest);
+      if (NULL != claim_tmp->reference)
+        GNUNET_free (claim_tmp->reference);
       GNUNET_free (claim_tmp);
     }
     GNUNET_free (handle->attr_list);
@@ -697,7 +712,7 @@ return_userinfo_response (void *cls)
   struct MHD_Response *resp;
 
   result_str = json_dumps (handle->oidc->response, 0);
-
+  GNUNET_log (GNUNET_ERROR_TYPE_ERROR,"ID-Token: %s\n",result_str);
   resp = GNUNET_REST_create_response (result_str);
   handle->proc (handle->proc_cls, resp, MHD_HTTP_OK);
   GNUNET_free (result_str);
@@ -838,7 +853,7 @@ login_redirect (void *cls)
                                                           &login_base_url))
   {
     GNUNET_asprintf (&new_redirect,
-                     "%s?%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s",
+                     "%s?%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s&%s=%s",
                      login_base_url,
                      OIDC_RESPONSE_TYPE_KEY,
                      handle->oidc->response_type,
@@ -854,7 +869,10 @@ login_redirect (void *cls)
                      (NULL != handle->oidc->code_challenge) ?
                      handle->oidc->code_challenge : "",
                      OIDC_NONCE_KEY,
-                     (NULL != handle->oidc->nonce) ? handle->oidc->nonce : "");
+                     (NULL != handle->oidc->nonce) ? handle->oidc->nonce : "",
+                     OIDC_CLAIMS_KEY,
+                     (NULL != handle->oidc->claims) ? handle->oidc->claims :
+                     "");
     resp = GNUNET_REST_create_response ("");
     MHD_add_response_header (resp, "Location", new_redirect);
     GNUNET_free (login_base_url);
@@ -993,7 +1011,7 @@ oidc_attr_collect (void *cls,
     GNUNET_RECLAIM_get_attributes_next (handle->attr_it);
     return;
   }
-  if (NULL == attr)
+  if (NULL != reference)
   {
     if ((NULL == reference->name) || (NULL == reference->reference_value))
     {
@@ -1013,35 +1031,31 @@ oidc_attr_collect (void *cls,
       return;
     }
     GNUNET_free (scope_variables);
-    // Store references as attributes as they only use the ID later
-    const char *type_str = NULL;
-    char *data;
-    size_t data_size;
-    uint32_t type;
+    struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le2;
+    le2 = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
     le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
-    type_str = "String";
-    type = GNUNET_RECLAIM_ATTRIBUTE_typename_to_number (type_str);
-    if (GNUNET_SYSERR ==(GNUNET_RECLAIM_ATTRIBUTE_string_to_value (type,
-                                                                   reference->
-                                                                   reference_value,
-                                                                   (void **) &
-                                                                   data,
-                                                                   &data_size)))
-    {
-      return;
-    }
-    le->claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (reference->name,
-                                                    type,
-                                                    data,
-                                                    data_size);
-    le->claim->id = reference->id;
-    le->claim->flag = 1;
-
+    le->claim = NULL;
+    le->reference = NULL;
+    le->attest = GNUNET_RECLAIM_ATTESTATION_claim_new (attest->name,
+                                                       attest->type,
+                                                       attest->data,
+                                                       attest->data_size);
+    le->attest->id = attest->id;
+    le2->attest = NULL;
+    le2->claim = NULL;
+    le2->reference = GNUNET_RECLAIM_ATTESTATION_reference_new (reference->name,
+                                                               reference->
+                                                               reference_value);
+    le2->reference->id = reference->id;
+    le2->reference->id_attest = reference->id_attest;
     GNUNET_CONTAINER_DLL_insert (handle->attr_list->list_head,
                                  handle->attr_list->list_tail,
                                  le);
+    GNUNET_CONTAINER_DLL_insert (handle->attr_list->list_head,
+                                 handle->attr_list->list_tail,
+                                 le2);
   }
-  else
+  else if (NULL != attr)
   {
     if ((NULL == attr->name) || (NULL == attr->data))
     {
@@ -1063,8 +1077,9 @@ oidc_attr_collect (void *cls,
       return;
     }
     GNUNET_free (scope_variables);
-
     le = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry);
+    le->reference = NULL;
+    le->attest = NULL;
     le->claim = GNUNET_RECLAIM_ATTRIBUTE_claim_new (attr->name,
                                                     attr->type,
                                                     attr->data,
@@ -1362,6 +1377,9 @@ build_authz_response (void *cls)
   // OPTIONAL value: nonce
   handle->oidc->nonce = get_url_parameter_copy (handle, OIDC_NONCE_KEY);
 
+  // OPTIONAL value: claims
+  handle->oidc->claims = get_url_parameter_copy (handle, OIDC_CLAIMS_KEY);
+
   // TODO check other values if needed
   number_of_ignored_parameter =
     sizeof(OIDC_ignored_parameter_array) / sizeof(char *);
@@ -1918,8 +1936,8 @@ token_endpoint (struct GNUNET_REST_RequestHandle *con_handle,
 
 
 /**
- * Collects claims and stores them in handle
- */
    * Collects claims and stores them in handle
    */
 static void
 consume_ticket (void *cls,
                 const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
@@ -1928,20 +1946,87 @@ consume_ticket (void *cls,
                 const struct GNUNET_RECLAIM_ATTESTATION_REFERENCE *reference)
 {
   struct RequestHandle *handle = cls;
-  char *tmp_value;
-  json_t *value;
-
   if (NULL == identity)
   {
     GNUNET_SCHEDULER_add_now (&return_userinfo_response, handle);
     return;
   }
-  tmp_value = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (attr->type,
-                                                        attr->data,
-                                                        attr->data_size);
-  value = json_string (tmp_value);
-  json_object_set_new (handle->oidc->response, attr->name, value);
-  GNUNET_free (tmp_value);
+  if (NULL != attr)
+  {
+    char *tmp_value;
+    json_t *value;
+    tmp_value = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (attr->type,
+                                                          attr->data,
+                                                          attr->data_size);
+    value = json_string (tmp_value);
+    json_object_set_new (handle->oidc->response, attr->name, value);
+    GNUNET_free (tmp_value);
+  }
+  else if ((NULL != attest) && (NULL != reference))
+  {
+    json_t *claim_sources;
+    json_t *claim_sources_jwt;
+    json_t *claim_names;
+    char *attest_val_str;
+    claim_sources=json_object_get(handle->oidc->response,"_claim_sources");
+    claim_names=json_object_get(handle->oidc->response,"_claim_names");
+    attest_val_str = GNUNET_RECLAIM_ATTESTATION_value_to_string (attest->type,
+                                                                 attest->data,
+                                                                 attest->
+                                                                 data_size);
+    if ((NULL == claim_sources) && (NULL == claim_names) )
+    {
+      claim_sources = json_object ();
+      claim_names = json_object ();
+    }
+    char *source_name;
+    int i = 0;
+    GNUNET_asprintf (&source_name,"src%d",i);
+    while (NULL != (claim_sources_jwt = json_object_get (claim_sources,
+                                                         source_name)))
+    {
+      if (0 == strcmp (json_string_value (json_object_get (claim_sources_jwt,
+                                                           "JWT")),
+                       attest_val_str))
+      {
+        // Adapt only the claim names
+        json_object_set_new (claim_names, reference->name, json_string (
+                               source_name));
+        json_object_set (handle->oidc->response, "_claim_names",claim_names);
+        handle->oidc->response = json_deep_copy(handle->oidc->response);
+        break;
+      }
+      i++;
+      GNUNET_asprintf (&source_name,"src%d",i);
+    }
+
+    // Create new one
+    if (NULL == claim_sources_jwt)
+    {
+      claim_sources_jwt = json_object ();
+      // Set the JWT for names
+      json_object_set_new (claim_names, reference->name, json_string (
+                             source_name));
+      // Set the JWT for the inner source
+      json_object_set_new (claim_sources_jwt, "JWT", json_string (
+                             attest_val_str));
+      // Set the JWT for the source
+      json_object_set_new (claim_sources, source_name,claim_sources_jwt);
+      // Set as claims
+      json_object_set (handle->oidc->response, "_claim_names", claim_names);
+      json_object_set (handle->oidc->response, "_claim_sources",claim_sources);
+      handle->oidc->response = json_deep_copy(handle->oidc->response);
+    }
+
+    json_decref (claim_sources);
+    json_decref (claim_names);
+    json_decref (claim_sources_jwt);
+    GNUNET_free (attest_val_str);
+  }
+  else
+  {
+    // REMARK: We should not find any claim, one of attest/ref is NULL
+  }
 }
 
 
index 16286444a0ad68db00b4b88932bb368499019e29..70defae3d6a5ba728d6c623f60265e10584dbb11 100644 (file)
@@ -276,6 +276,8 @@ cleanup_handle (struct RequestHandle *handle)
       claim_tmp = claim_entry;
       claim_entry = claim_entry->next;
       GNUNET_free (claim_tmp->claim);
+      GNUNET_free (claim_tmp->attest);
+      GNUNET_free (claim_tmp->reference);
       GNUNET_free (claim_tmp);
     }
     GNUNET_free (handle->attr_list);
@@ -1286,6 +1288,7 @@ attr_collect (void *cls,
       return;
     }
     char *tmp_value;
+    char *flag_str;
     GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Adding attribute: %s\n", attr->name);
 
     tmp_value = GNUNET_RECLAIM_ATTRIBUTE_value_to_string (attr->type,
@@ -1295,6 +1298,8 @@ attr_collect (void *cls,
     attr_obj = json_object ();
     json_object_set_new (attr_obj, "value", json_string (tmp_value));
     json_object_set_new (attr_obj, "name", json_string (attr->name));
+    GNUNET_asprintf (&flag_str,"%d",attr->flag);
+    json_object_set_new (attr_obj, "flag", json_string (flag_str));
     type = GNUNET_RECLAIM_ATTRIBUTE_number_to_typename (attr->type);
     json_object_set_new (attr_obj, "type", json_string (type));
     id_str = GNUNET_STRINGS_data_to_string_alloc (&attr->id, sizeof(uint64_t));
index 75ef22c8c96bc5eb72beeb56ee60cc224bae58a1..847abb58a1536e3dcbaaf2ab36ed204a4c814692 100644 (file)
@@ -486,7 +486,7 @@ handle_consume_ticket_result (void *cls,
   uint32_t r_id = ntohl (msg->id);
 
   attrs_len = ntohs (msg->attrs_len);
-  LOG (GNUNET_ERROR_TYPE_DEBUG, "Processing attribute result.\n");
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Processing ticket result.\n");
 
 
   for (op = h->op_head; NULL != op; op = op->next)
@@ -498,6 +498,7 @@ handle_consume_ticket_result (void *cls,
   {
     struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs;
     struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le;
+    struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le2;
     attrs =
       GNUNET_RECLAIM_ATTRIBUTE_list_deserialize ((char *) &msg[1], attrs_len);
     if (NULL != op->ar_cb)
@@ -509,7 +510,20 @@ handle_consume_ticket_result (void *cls,
       else
       {
         for (le = attrs->list_head; NULL != le; le = le->next)
-          op->ar_cb (op->cls, &msg->identity, le->claim, NULL, NULL);
+        {
+          if (le->reference != NULL && le->attest == NULL)
+          {
+            for (le2 = attrs->list_head; NULL != le2; le2 = le2->next)
+            {
+              if (le2->attest != NULL && le2->attest->id == le->reference->id_attest)
+              {
+                op->ar_cb (op->cls, &msg->identity, le->claim, le2->attest, le->reference);
+                break;
+              }
+
+            }
+          }
+        }
         GNUNET_RECLAIM_ATTRIBUTE_list_destroy (attrs);
         attrs = NULL;
       }