GNUnet 0.25.2-11-g84e94e98c
 
Loading...
Searching...
No Matches
oidc_helper.h
Go to the documentation of this file.
1/*
2 This file is part of GNUnet
3 Copyright (C) 2010-2015 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
27#ifndef JWT_H
28#define JWT_H
29
30#include "gnunet_util_lib.h"
31#include "gnunet_reclaim_service.h"
32#define JWT_ALG "alg"
33#define JWT_TYP "typ"
34#define JWT_TYP_VALUE "jwt"
35
36#define JWT_ALG_VALUE_HMAC "HS512"
37#define JWT_ALG_VALUE_RSA "RS256"
38
39#define SERVER_ADDRESS "http://localhost:7776"
40
53
65char *
66OIDC_generate_id_token_rsa (const char *rp_uri,
67 const struct GNUNET_CRYPTO_BlindablePublicKey *
68 sub_key,
69 const struct GNUNET_RECLAIM_AttributeList *attrs,
70 const struct
71 GNUNET_RECLAIM_PresentationList *presentations,
72 const struct GNUNET_TIME_Relative *expiration_time,
73 const char *nonce,
74 const json_t *secret_rsa_key);
75
87char*
88OIDC_generate_id_token_hmac (const char *rp_uri,
89 const struct GNUNET_CRYPTO_BlindablePublicKey *
90 sub_key,
91 const struct GNUNET_RECLAIM_AttributeList *attrs,
92 const struct
93 GNUNET_RECLAIM_PresentationList *presentations,
94 const struct GNUNET_TIME_Relative *expiration_time,
95 const char *nonce,
96 const char *secret_key);
97
111char*
112OIDC_build_authz_code (const struct GNUNET_CRYPTO_BlindablePrivateKey *issuer,
113 const struct GNUNET_RECLAIM_Ticket *ticket,
114 const struct GNUNET_RECLAIM_AttributeList *attrs,
115 const struct
116 GNUNET_RECLAIM_PresentationList *presentations,
117 const char *nonce,
118 const char *code_challenge);
119
134int
135OIDC_parse_authz_code (const char *rp_uri,
136 const struct GNUNET_CRYPTO_BlindablePublicKey *cid,
137 const char *code,
138 const char *code_verifier,
139 struct GNUNET_RECLAIM_Ticket *ticket,
140 struct GNUNET_RECLAIM_AttributeList **attrs,
141 struct GNUNET_RECLAIM_PresentationList **presentations,
142 char **nonce,
143 enum OIDC_VerificationOptions opts, char **emsg);
144
154void
155OIDC_build_token_response (const char *access_token,
156 const char *id_token,
157 const struct GNUNET_TIME_Relative *expiration_time,
158 char **token_response);
159
163char*
164OIDC_access_token_new (const struct GNUNET_RECLAIM_Ticket *ticket,
165 const char *rp_uri);
166
170int
171OIDC_access_token_parse (const char *token,
172 struct GNUNET_RECLAIM_Ticket **ticket,
173 char **rp_uri);
174
175
184enum GNUNET_GenericReturnValue
185OIDC_check_scopes_for_claim_request (const char *scopes,
186 const char *attr);
187
188
197char *
198OIDC_generate_userinfo (const struct GNUNET_CRYPTO_BlindablePublicKey *sub_key,
199 const struct GNUNET_RECLAIM_AttributeList *attrs,
200 const struct
201 GNUNET_RECLAIM_PresentationList *presentations);
202
203#endif
ticket
static struct GNUNET_RECLAIM_Ticket ticket
Ticket to consume.
Definition gnunet-reclaim.c:164
gnunet_reclaim_service.h
reclaim service; implements identity and personal data sharing for GNUnet
gnunet_util_lib.h
GNUNET_GenericReturnValue
GNUNET_GenericReturnValue
Named constants for return values.
Definition gnunet_common.h:111
OIDC_build_authz_code
char * OIDC_build_authz_code(const struct GNUNET_CRYPTO_BlindablePrivateKey *issuer, const struct GNUNET_RECLAIM_Ticket *ticket, const struct GNUNET_RECLAIM_AttributeList *attrs, const struct GNUNET_RECLAIM_PresentationList *presentations, const char *nonce, const char *code_challenge)
Builds an OIDC authorization code including a reclaim ticket and nonce.
Definition oidc_helper.c:563
OIDC_generate_userinfo
char * OIDC_generate_userinfo(const struct GNUNET_CRYPTO_BlindablePublicKey *sub_key, const struct GNUNET_RECLAIM_AttributeList *attrs, const struct GNUNET_RECLAIM_PresentationList *presentations)
Generate userinfo JSON as string.
Definition oidc_helper.c:342
OIDC_parse_authz_code
int OIDC_parse_authz_code(const char *rp_uri, const struct GNUNET_CRYPTO_BlindablePublicKey *cid, const char *code, const char *code_verifier, struct GNUNET_RECLAIM_Ticket *ticket, struct GNUNET_RECLAIM_AttributeList **attrs, struct GNUNET_RECLAIM_PresentationList **presentations, char **nonce, enum OIDC_VerificationOptions opts, char **emsg)
Parse reclaim ticket and nonce from authorization code.
Definition oidc_helper.c:752
OIDC_generate_id_token_rsa
char * OIDC_generate_id_token_rsa(const char *rp_uri, const struct GNUNET_CRYPTO_BlindablePublicKey *sub_key, const struct GNUNET_RECLAIM_AttributeList *attrs, const struct GNUNET_RECLAIM_PresentationList *presentations, const struct GNUNET_TIME_Relative *expiration_time, const char *nonce, const json_t *secret_rsa_key)
Create a JWT using RSA256 algorithm from attributes.
Definition oidc_helper.c:417
OIDC_access_token_new
char * OIDC_access_token_new(const struct GNUNET_RECLAIM_Ticket *ticket, const char *rp_uri)
Generate a new access token.
Definition oidc_helper.c:899
OIDC_VerificationOptions
OIDC_VerificationOptions
Definition oidc_helper.h:42
OIDC_VERIFICATION_NO_CODE_VERIFIER
@ OIDC_VERIFICATION_NO_CODE_VERIFIER
Do not check code verifier even if expected.
Definition oidc_helper.h:51
OIDC_VERIFICATION_DEFAULT
@ OIDC_VERIFICATION_DEFAULT
Strict verification.
Definition oidc_helper.h:46
OIDC_access_token_parse
int OIDC_access_token_parse(const char *token, struct GNUNET_RECLAIM_Ticket **ticket, char **rp_uri)
Parse an access token.
Definition oidc_helper.c:918
OIDC_check_scopes_for_claim_request
enum GNUNET_GenericReturnValue OIDC_check_scopes_for_claim_request(const char *scopes, const char *attr)
Checks if a claim is implicitly requested through standard scope(s)
Definition oidc_helper.c:957
OIDC_build_token_response
void OIDC_build_token_response(const char *access_token, const char *id_token, const struct GNUNET_TIME_Relative *expiration_time, char **token_response)
Build a token response for a token request TODO: Maybe we should add the scope here?
Definition oidc_helper.c:871
OIDC_generate_id_token_hmac
char * OIDC_generate_id_token_hmac(const char *rp_uri, const struct GNUNET_CRYPTO_BlindablePublicKey *sub_key, const struct GNUNET_RECLAIM_AttributeList *attrs, const struct GNUNET_RECLAIM_PresentationList *presentations, const struct GNUNET_TIME_Relative *expiration_time, const char *nonce, const char *secret_key)
Create a JWT using HMAC (HS256) from attributes.
Definition oidc_helper.c:470
GNUNET_CRYPTO_BlindablePrivateKey
A private key for an identity as per LSD0001.
Definition gnunet_crypto_lib.h:400
GNUNET_CRYPTO_BlindablePublicKey
An identity key as per LSD0001.
Definition gnunet_crypto_lib.h:427
GNUNET_RECLAIM_AttributeList
A list of GNUNET_RECLAIM_Attribute structures.
Definition gnunet_reclaim_lib.h:230
GNUNET_RECLAIM_PresentationList
A list of GNUNET_RECLAIM_Presentation structures.
Definition gnunet_reclaim_lib.h:303
GNUNET_RECLAIM_Ticket
The authorization ticket.
Definition gnunet_reclaim_service.h:76
GNUNET_TIME_Relative
Time for relative time used by GNUnet, in microseconds.
Definition gnunet_time_lib.h:79