[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] branch master updated: RECLAIM/OIDC: more code cle
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] branch master updated: RECLAIM/OIDC: more code cleanup |
Date: |
Sat, 27 Apr 2019 12:38:49 +0200 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new 2daceb88a RECLAIM/OIDC: more code cleanup
2daceb88a is described below
commit 2daceb88a897e29f5c49a4e8888991f32d97e610
Author: Schanzenbach, Martin <address@hidden>
AuthorDate: Sat Apr 27 12:38:34 2019 +0200
RECLAIM/OIDC: more code cleanup
---
src/reclaim/plugin_rest_openid_connect.c | 86 ++++----------------------------
1 file changed, 10 insertions(+), 76 deletions(-)
diff --git a/src/reclaim/plugin_rest_openid_connect.c
b/src/reclaim/plugin_rest_openid_connect.c
index 053aa2f4f..11d6d743d 100644
--- a/src/reclaim/plugin_rest_openid_connect.c
+++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -221,16 +221,6 @@ static char *OIDC_ignored_parameter_array[] = {"display",
*/
struct GNUNET_CONTAINER_MultiHashMap *OIDC_cookie_jar_map;
-/**
- * OIDC authorized identities and times hashmap
- */
-struct GNUNET_CONTAINER_MultiHashMap *OIDC_identity_grants;
-
-/**
- * OIDC Hash map that keeps track of used authorization code(s)
- */
-struct GNUNET_CONTAINER_MultiHashMap *OIDC_used_ticket_map;
-
/**
* Hash map that links the issued access token to the corresponding ticket and
* ego
@@ -1671,7 +1661,6 @@ token_endpoint (struct GNUNET_REST_RequestHandle
*con_handle,
char *access_token;
char *jwt_secret;
char *nonce;
- int i = 1;
/*
* Check Authorization
@@ -1693,9 +1682,8 @@ token_endpoint (struct GNUNET_REST_RequestHandle
*con_handle,
GNUNET_CRYPTO_hash (OIDC_GRANT_TYPE_KEY,
strlen (OIDC_GRANT_TYPE_KEY),
&cache_key);
- if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle
- ->url_param_map,
- &cache_key))
+ grant_type = get_url_parameter_copy (handle, OIDC_GRANT_TYPE_KEY);
+ if (NULL == grant_type)
{
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_REQUEST);
handle->edesc = GNUNET_strdup ("missing parameter grant_type");
@@ -1703,39 +1691,6 @@ token_endpoint (struct GNUNET_REST_RequestHandle
*con_handle,
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- grant_type =
- GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map,
- &cache_key);
-
- // REQUIRED code
- GNUNET_CRYPTO_hash (OIDC_CODE_KEY, strlen (OIDC_CODE_KEY), &cache_key);
- if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle
- ->url_param_map,
- &cache_key))
- {
- handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_REQUEST);
- handle->edesc = GNUNET_strdup ("missing parameter code");
- handle->response_code = MHD_HTTP_BAD_REQUEST;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
- }
- code = GNUNET_CONTAINER_multihashmap_get (handle->rest_handle->url_param_map,
- &cache_key);
-
- // REQUIRED redirect_uri
- GNUNET_CRYPTO_hash (OIDC_REDIRECT_URI_KEY,
- strlen (OIDC_REDIRECT_URI_KEY),
- &cache_key);
- if (GNUNET_NO == GNUNET_CONTAINER_multihashmap_contains (handle->rest_handle
- ->url_param_map,
- &cache_key))
- {
- handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_REQUEST);
- handle->edesc = GNUNET_strdup ("missing parameter redirect_uri");
- handle->response_code = MHD_HTTP_BAD_REQUEST;
- GNUNET_SCHEDULER_add_now (&do_error, handle);
- return;
- }
// Check parameter grant_type == "authorization_code"
if (0 != strcmp (OIDC_GRANT_TYPE_VALUE, grant_type))
@@ -1745,15 +1700,13 @@ token_endpoint (struct GNUNET_REST_RequestHandle
*con_handle,
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- GNUNET_CRYPTO_hash (code, strlen (code), &cache_key);
- if (GNUNET_SYSERR == GNUNET_CONTAINER_multihashmap_put (
- OIDC_used_ticket_map,
- &cache_key,
- &i,
- GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY))
+
+ // REQUIRED code
+ code = get_url_parameter_copy (handle, OIDC_CODE_KEY);
+ if (NULL == code)
{
handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_REQUEST);
- handle->edesc = GNUNET_strdup ("Cannot use the same code more than once");
+ handle->edesc = GNUNET_strdup ("missing parameter code");
handle->response_code = MHD_HTTP_BAD_REQUEST;
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
@@ -1802,7 +1755,6 @@ token_endpoint (struct GNUNET_REST_RequestHandle
*con_handle,
GNUNET_SCHEDULER_add_now (&do_error, handle);
return;
}
- // TODO We should collect the attributes here. cl always empty
id_token = OIDC_id_token_new (&ticket.audience,
&ticket.identity,
cl,
@@ -2110,10 +2062,6 @@ rest_identity_process_request (struct
GNUNET_REST_RequestHandle *rest_handle,
handle->oidc = GNUNET_new (struct OIDC_Variables);
if (NULL == OIDC_cookie_jar_map)
OIDC_cookie_jar_map = GNUNET_CONTAINER_multihashmap_create (10, GNUNET_NO);
- if (NULL == OIDC_identity_grants)
- OIDC_identity_grants = GNUNET_CONTAINER_multihashmap_create (10,
GNUNET_NO);
- if (NULL == OIDC_used_ticket_map)
- OIDC_used_ticket_map = GNUNET_CONTAINER_multihashmap_create (10,
GNUNET_NO);
if (NULL == OIDC_access_token_map)
OIDC_access_token_map =
GNUNET_CONTAINER_multihashmap_create (10, GNUNET_NO);
@@ -2166,7 +2114,7 @@ libgnunet_plugin_rest_openid_connect_init (void *cls)
MHD_HTTP_METHOD_OPTIONS);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- _ ("Identity Provider REST API initialized\n"));
+ _ ("OpenID Connect REST API initialized\n"));
return api;
}
@@ -2193,20 +2141,6 @@ libgnunet_plugin_rest_openid_connect_done (void *cls)
GNUNET_free_non_null (value);
GNUNET_CONTAINER_multihashmap_destroy (OIDC_cookie_jar_map);
- hashmap_it =
- GNUNET_CONTAINER_multihashmap_iterator_create (OIDC_identity_grants);
- while (GNUNET_YES ==
- GNUNET_CONTAINER_multihashmap_iterator_next (hashmap_it, NULL, value))
- GNUNET_free_non_null (value);
- GNUNET_CONTAINER_multihashmap_destroy (OIDC_identity_grants);
-
- hashmap_it =
- GNUNET_CONTAINER_multihashmap_iterator_create (OIDC_used_ticket_map);
- while (GNUNET_YES ==
- GNUNET_CONTAINER_multihashmap_iterator_next (hashmap_it, NULL, value))
- GNUNET_free_non_null (value);
- GNUNET_CONTAINER_multihashmap_destroy (OIDC_used_ticket_map);
-
hashmap_it =
GNUNET_CONTAINER_multihashmap_iterator_create (OIDC_access_token_map);
while (GNUNET_YES ==
@@ -2217,8 +2151,8 @@ libgnunet_plugin_rest_openid_connect_done (void *cls)
GNUNET_free_non_null (allow_methods);
GNUNET_free (api);
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Identity Provider REST plugin is finished\n");
+ "OpenID Connect REST plugin is finished\n");
return NULL;
}
-/* end of plugin_rest_identity_provider.c */
+/* end of plugin_rest_openid_connect.c */
--
To stop receiving notification emails like this one, please contact
address@hidden
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnunet] branch master updated: RECLAIM/OIDC: more code cleanup,
gnunet <=