GNUnet 0.21.1
oidc_helper.h
Go to the documentation of this file.
1/*
2 This file is part of GNUnet
3 Copyright (C) 2010-2015 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
27#ifndef JWT_H
28#define JWT_H
29
30#include "gnunet_util_lib.h"
32#define JWT_ALG "alg"
33#define JWT_TYP "typ"
34#define JWT_TYP_VALUE "jwt"
35
36#define JWT_ALG_VALUE_HMAC "HS512"
37#define JWT_ALG_VALUE_RSA "RS256"
38
39#define SERVER_ADDRESS "http://localhost:7776"
40
42{
47
52};
53
65char *
66OIDC_generate_id_token_rsa (const char *rp_uri,
67 const struct GNUNET_CRYPTO_PublicKey *sub_key,
68 const struct GNUNET_RECLAIM_AttributeList *attrs,
69 const struct
71 const struct GNUNET_TIME_Relative *expiration_time,
72 const char *nonce,
73 const json_t *secret_rsa_key);
74
86char*
87OIDC_generate_id_token_hmac (const char *rp_uri,
88 const struct GNUNET_CRYPTO_PublicKey *sub_key,
89 const struct GNUNET_RECLAIM_AttributeList *attrs,
90 const struct
92 const struct GNUNET_TIME_Relative *expiration_time,
93 const char *nonce,
94 const char *secret_key);
95
109char*
111 const struct GNUNET_RECLAIM_Ticket *ticket,
112 const struct GNUNET_RECLAIM_AttributeList *attrs,
113 const struct
114 GNUNET_RECLAIM_PresentationList *presentations,
115 const char *nonce,
116 const char *code_challenge);
117
132int
133OIDC_parse_authz_code (const char *rp_uri,
134 const struct GNUNET_CRYPTO_PublicKey *cid,
135 const char *code,
136 const char *code_verifier,
138 struct GNUNET_RECLAIM_AttributeList **attrs,
139 struct GNUNET_RECLAIM_PresentationList **presentations,
140 char **nonce,
141 enum OIDC_VerificationOptions opts, char **emsg);
142
152void
153OIDC_build_token_response (const char *access_token,
154 const char *id_token,
155 const struct GNUNET_TIME_Relative *expiration_time,
156 char **token_response);
157
161char*
163 const char *rp_uri);
164
168int
169OIDC_access_token_parse (const char *token,
171 char **rp_uri);
172
173
183OIDC_check_scopes_for_claim_request (const char *scopes,
184 const char *attr);
185
186
195char *
197 const struct GNUNET_RECLAIM_AttributeList *attrs,
198 const struct
199 GNUNET_RECLAIM_PresentationList *presentations);
200
201#endif
static struct GNUNET_RECLAIM_Ticket ticket
Ticket to consume.
reclaim service; implements identity and personal data sharing for GNUnet
GNUNET_GenericReturnValue
Named constants for return values.
char * OIDC_generate_id_token_rsa(const char *rp_uri, const struct GNUNET_CRYPTO_PublicKey *sub_key, const struct GNUNET_RECLAIM_AttributeList *attrs, const struct GNUNET_RECLAIM_PresentationList *presentations, const struct GNUNET_TIME_Relative *expiration_time, const char *nonce, const json_t *secret_rsa_key)
Create a JWT using RSA256 algorithm from attributes.
Definition: oidc_helper.c:423
char * OIDC_generate_userinfo(const struct GNUNET_CRYPTO_PublicKey *sub_key, const struct GNUNET_RECLAIM_AttributeList *attrs, const struct GNUNET_RECLAIM_PresentationList *presentations)
Generate userinfo JSON as string.
Definition: oidc_helper.c:348
int OIDC_parse_authz_code(const char *rp_uri, const struct GNUNET_CRYPTO_PublicKey *cid, const char *code, const char *code_verifier, struct GNUNET_RECLAIM_Ticket *ticket, struct GNUNET_RECLAIM_AttributeList **attrs, struct GNUNET_RECLAIM_PresentationList **presentations, char **nonce, enum OIDC_VerificationOptions opts, char **emsg)
Parse reclaim ticket and nonce from authorization code.
Definition: oidc_helper.c:754
char * OIDC_generate_id_token_hmac(const char *rp_uri, const struct GNUNET_CRYPTO_PublicKey *sub_key, const struct GNUNET_RECLAIM_AttributeList *attrs, const struct GNUNET_RECLAIM_PresentationList *presentations, const struct GNUNET_TIME_Relative *expiration_time, const char *nonce, const char *secret_key)
Create a JWT using HMAC (HS256) from attributes.
Definition: oidc_helper.c:475
char * OIDC_access_token_new(const struct GNUNET_RECLAIM_Ticket *ticket, const char *rp_uri)
Generate a new access token.
Definition: oidc_helper.c:901
OIDC_VerificationOptions
Definition: oidc_helper.h:42
@ OIDC_VERIFICATION_NO_CODE_VERIFIER
Do not check code verifier even if expected.
Definition: oidc_helper.h:51
@ OIDC_VERIFICATION_DEFAULT
Strict verification.
Definition: oidc_helper.h:46
int OIDC_access_token_parse(const char *token, struct GNUNET_RECLAIM_Ticket **ticket, char **rp_uri)
Parse an access token.
Definition: oidc_helper.c:920
enum GNUNET_GenericReturnValue OIDC_check_scopes_for_claim_request(const char *scopes, const char *attr)
Checks if a claim is implicitly requested through standard scope(s)
Definition: oidc_helper.c:959
void OIDC_build_token_response(const char *access_token, const char *id_token, const struct GNUNET_TIME_Relative *expiration_time, char **token_response)
Build a token response for a token request TODO: Maybe we should add the scope here?
Definition: oidc_helper.c:873
char * OIDC_build_authz_code(const struct GNUNET_CRYPTO_PrivateKey *issuer, const struct GNUNET_RECLAIM_Ticket *ticket, const struct GNUNET_RECLAIM_AttributeList *attrs, const struct GNUNET_RECLAIM_PresentationList *presentations, const char *nonce, const char *code_challenge)
Builds an OIDC authorization code including a reclaim ticket and nonce.
Definition: oidc_helper.c:567
A private key for an identity as per LSD0001.
An identity key as per LSD0001.
A list of GNUNET_RECLAIM_Attribute structures.
A list of GNUNET_RECLAIM_Presentation structures.
The authorization ticket.
Time for relative time used by GNUnet, in microseconds.