GNUnet  0.11.x
plugin_reclaim_credential_jwt.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet
3  Copyright (C) 2013, 2014, 2016 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
28 #include "platform.h"
29 #include "gnunet_util_lib.h"
30 #include "gnunet_reclaim_plugin.h"
31 #include <inttypes.h>
32 #include <jansson.h>
33 
43 static char *
44 jwt_value_to_string (void *cls,
45  uint32_t type,
46  const void *data,
47  size_t data_size)
48 {
49  switch (type)
50  {
51  case GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT:
52  return GNUNET_strndup (data, data_size);
53 
54  default:
55  return NULL;
56  }
57 }
58 
59 
71 static int
72 jwt_string_to_value (void *cls,
73  uint32_t type,
74  const char *s,
75  void **data,
76  size_t *data_size)
77 {
78  if (NULL == s)
79  return GNUNET_SYSERR;
80  switch (type)
81  {
82  case GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT:
83  *data = GNUNET_strdup (s);
84  *data_size = strlen (s);
85  return GNUNET_OK;
86 
87  default:
88  return GNUNET_SYSERR;
89  }
90 }
91 
92 
97 static struct
98 {
99  const char *name;
100  uint32_t number;
101 } jwt_cred_name_map[] = { { "JWT", GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT },
102  { NULL, UINT32_MAX } };
103 
111 static uint32_t
112 jwt_typename_to_number (void *cls, const char *jwt_typename)
113 {
114  unsigned int i;
115 
116  i = 0;
117  while ((NULL != jwt_cred_name_map[i].name) &&
118  (0 != strcasecmp (jwt_typename, jwt_cred_name_map[i].name)))
119  i++;
120  return jwt_cred_name_map[i].number;
121 }
122 
123 
131 static const char *
132 jwt_number_to_typename (void *cls, uint32_t type)
133 {
134  unsigned int i;
135 
136  i = 0;
137  while ((NULL != jwt_cred_name_map[i].name) && (type !=
138  jwt_cred_name_map[i].
139  number))
140  i++;
141  return jwt_cred_name_map[i].name;
142 }
143 
144 
152 struct GNUNET_RECLAIM_AttributeList *
153 jwt_parse_attributes (void *cls,
154  const char *data)
155 {
156  char *jwt_string;
157  struct GNUNET_RECLAIM_AttributeList *attrs;
158  char delim[] = ".";
159  char *val_str = NULL;
160  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
161  char *decoded_jwt;
162  json_t *json_val;
163  json_error_t *json_err = NULL;
164 
165  attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
166 
167  jwt_string = GNUNET_strdup (data);
168  const char *jwt_body = strtok (jwt_string, delim);
169  jwt_body = strtok (NULL, delim);
170  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
171  (void **) &decoded_jwt);
172  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Decoded JWT: %s\n", decoded_jwt);
173  GNUNET_assert (NULL != decoded_jwt);
174  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
175  const char *key;
176  json_t *value;
177  json_object_foreach (json_val, key, value) {
178  if (0 == strcmp ("iss", key))
179  continue;
180  if (0 == strcmp ("jti", key))
181  continue;
182  if (0 == strcmp ("exp", key))
183  continue;
184  if (0 == strcmp ("iat", key))
185  continue;
186  if (0 == strcmp ("nbf", key))
187  continue;
188  if (0 == strcmp ("aud", key))
189  continue;
190  val_str = json_dumps (value, JSON_ENCODE_ANY);
191  GNUNET_RECLAIM_attribute_list_add (attrs,
192  key,
193  NULL,
194  GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,// FIXME
195  val_str,
196  strlen (val_str));
197  GNUNET_free (val_str);
198  }
199  GNUNET_free (jwt_string);
200  return attrs;
201 }
202 
203 
211 struct GNUNET_RECLAIM_AttributeList *
212 jwt_parse_attributes_c (void *cls,
213  const struct GNUNET_RECLAIM_Credential *cred)
214 {
215  return jwt_parse_attributes (cls, cred->data);
216 }
217 
218 
226 struct GNUNET_RECLAIM_AttributeList *
227 jwt_parse_attributes_p (void *cls,
228  const struct GNUNET_RECLAIM_Presentation *cred)
229 {
230  return jwt_parse_attributes (cls, cred->data);
231 }
232 
233 
241 char *
242 jwt_get_issuer (void *cls,
243  const char *data)
244 {
245  const char *jwt_body;
246  char *jwt_string;
247  char delim[] = ".";
248  char *issuer = NULL;
249  char *decoded_jwt;
250  json_t *issuer_json;
251  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
252  json_t *json_val;
253  json_error_t *json_err = NULL;
254 
255  jwt_string = GNUNET_strdup (data);
256  jwt_body = strtok (jwt_string, delim);
257  jwt_body = strtok (NULL, delim);
258  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
259  (void **) &decoded_jwt);
260  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
261  issuer_json = json_object_get (json_val, "iss");
262  if ((NULL == issuer_json) || (! json_is_string (issuer_json)))
263  return NULL;
264  issuer = GNUNET_strdup (json_string_value (issuer_json));
265  GNUNET_free (jwt_string);
266  return issuer;
267 }
268 
269 
277 char *
278 jwt_get_issuer_c (void *cls,
279  const struct GNUNET_RECLAIM_Credential *cred)
280 {
281  if (GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT != cred->type)
282  return NULL;
283  return jwt_get_issuer (cls, cred->data);
284 }
285 
286 
294 char *
295 jwt_get_issuer_p (void *cls,
296  const struct GNUNET_RECLAIM_Presentation *cred)
297 {
298  if (GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT != cred->type)
299  return NULL;
300  return jwt_get_issuer (cls, cred->data);
301 }
302 
303 
311 int
312 jwt_get_expiration (void *cls,
313  const char *data,
314  struct GNUNET_TIME_Absolute *exp)
315 {
316  const char *jwt_body;
317  char *jwt_string;
318  char delim[] = ".";
319  char *decoded_jwt;
320  json_t *exp_json;
321  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
322  json_t *json_val;
323  json_error_t *json_err = NULL;
324 
325  jwt_string = GNUNET_strdup (data);
326  jwt_body = strtok (jwt_string, delim);
327  jwt_body = strtok (NULL, delim);
328  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
329  (void **) &decoded_jwt);
330  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
331  exp_json = json_object_get (json_val, "exp");
332  if ((NULL == exp_json) || (! json_is_integer (exp_json)))
333  return GNUNET_SYSERR;
334  exp->abs_value_us = json_integer_value (exp_json) * 1000 * 1000;
335  GNUNET_free (jwt_string);
336  return GNUNET_OK;
337 }
338 
339 
347 int
348 jwt_get_expiration_c (void *cls,
349  const struct GNUNET_RECLAIM_Credential *cred,
350  struct GNUNET_TIME_Absolute *exp)
351 {
352  return jwt_get_expiration (cls, cred->data, exp);
353 }
354 
355 
363 int
364 jwt_get_expiration_p (void *cls,
365  const struct GNUNET_RECLAIM_Presentation *cred,
366  struct GNUNET_TIME_Absolute *exp)
367 {
368  return jwt_get_expiration (cls, cred->data, exp);
369 }
370 
371 
372 int
373 jwt_create_presentation (void *cls,
374  const struct GNUNET_RECLAIM_Credential *cred,
375  const struct GNUNET_RECLAIM_AttributeList *attrs,
376  struct GNUNET_RECLAIM_Presentation **pres)
377 {
378  // FIXME sanity checks??
379  if (GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT != cred->type)
380  return GNUNET_NO;
381  *pres = GNUNET_RECLAIM_presentation_new (GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT,
382  cred->data,
383  cred->data_size);
384  return GNUNET_OK;
385 }
386 
387 
394 void *
395 libgnunet_plugin_reclaim_credential_jwt_init (void *cls)
396 {
397  struct GNUNET_RECLAIM_CredentialPluginFunctions *api;
398 
399  api = GNUNET_new (struct GNUNET_RECLAIM_CredentialPluginFunctions);
400  api->value_to_string = &jwt_value_to_string;
401  api->string_to_value = &jwt_string_to_value;
402  api->typename_to_number = &jwt_typename_to_number;
403  api->number_to_typename = &jwt_number_to_typename;
404  api->get_attributes = &jwt_parse_attributes_c;
405  api->get_issuer = &jwt_get_issuer_c;
406  api->get_expiration = &jwt_get_expiration_c;
407  api->value_to_string_p = &jwt_value_to_string;
408  api->string_to_value_p = &jwt_string_to_value;
409  api->typename_to_number_p = &jwt_typename_to_number;
410  api->number_to_typename_p = &jwt_number_to_typename;
411  api->get_attributes_p = &jwt_parse_attributes_p;
412  api->get_issuer_p = &jwt_get_issuer_p;
413  api->get_expiration_p = &jwt_get_expiration_p;
414  api->create_presentation = &jwt_create_presentation;
415  return api;
416 }
417 
418 
425 void *
426 libgnunet_plugin_reclaim_credential_jwt_done (void *cls)
427 {
428  struct GNUNET_RECLAIM_CredentialPluginFunctions *api = cls;
429 
430  GNUNET_free (api);
431  return NULL;
432 }
433 
434 
435 /* end of plugin_reclaim_credential_type_jwt.c */
GNUNET_RECLAIM_CredentialPluginFunctions::typename_to_number_p
GNUNET_RECLAIM_PresentationTypenameToNumberFunction typename_to_number_p
Typename to number.
Definition: gnunet_reclaim_plugin.h:402
gnunet_reclaim_plugin.h
jwt_number_to_typename
static const char * jwt_number_to_typename(void *cls, uint32_t type)
Convert a type number (i.e.
Definition: plugin_reclaim_credential_jwt.c:132
jwt_get_expiration_p
int jwt_get_expiration_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
Definition: plugin_reclaim_credential_jwt.c:364
GNUNET_RECLAIM_Credential::type
uint32_t type
Type/Format of Claim.
Definition: gnunet_reclaim_lib.h:165
GNUNET_RECLAIM_Presentation::type
uint32_t type
Type/Format of Claim.
Definition: gnunet_reclaim_lib.h:205
data_size
static size_t data_size
Number of bytes in data.
Definition: gnunet-abd.c:187
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:852
GNUNET_RECLAIM_Credential::data_size
size_t data_size
Number of bytes in data.
Definition: gnunet_reclaim_lib.h:181
GNUNET_RECLAIM_CredentialPluginFunctions::number_to_typename_p
GNUNET_RECLAIM_PresentationNumberToTypenameFunction number_to_typename_p
Number to typename.
Definition: gnunet_reclaim_plugin.h:407
GNUNET_RECLAIM_CredentialPluginFunctions::get_issuer_p
GNUNET_RECLAIM_PresentationGetIssuerFunction get_issuer_p
Attesation issuer.
Definition: gnunet_reclaim_plugin.h:417
GNUNET_RECLAIM_CredentialPluginFunctions::value_to_string
GNUNET_RECLAIM_CredentialValueToStringFunction value_to_string
Conversion to string.
Definition: gnunet_reclaim_plugin.h:357
number
uint32_t number
Definition: plugin_reclaim_credential_jwt.c:100
GNUNET_RECLAIM_CredentialPluginFunctions::get_expiration
GNUNET_RECLAIM_CredentialGetExpirationFunction get_expiration
Expiration.
Definition: gnunet_reclaim_plugin.h:387
GNUNET_RECLAIM_AttributeList
A list of GNUNET_RECLAIM_Attribute structures.
Definition: gnunet_reclaim_lib.h:225
GNUNET_RECLAIM_Credential::data
const void * data
Binary value stored as credential value.
Definition: gnunet_reclaim_lib.h:188
jwt_get_issuer
char * jwt_get_issuer(void *cls, const char *data)
Parse a JWT and return the issuer.
Definition: plugin_reclaim_credential_jwt.c:242
GNUNET_NO
Definition: gnunet_common.h:86
GNUNET_new
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition: gnunet_common.h:1123
gnunet_util_lib.h
GNUNET_strdup
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
Definition: gnunet_common.h:1335
GNUNET_TIME_Absolute::abs_value_us
uint64_t abs_value_us
The actual value.
Definition: gnunet_time_lib.h:53
GNUNET_RECLAIM_CredentialPluginFunctions::value_to_string_p
GNUNET_RECLAIM_PresentationValueToStringFunction value_to_string_p
Conversion to string.
Definition: gnunet_reclaim_plugin.h:392
GNUNET_OK
Definition: gnunet_common.h:87
value
static char * value
Value of the record to add/remove.
Definition: gnunet-namestore.c:152
jwt_typename_to_number
static uint32_t jwt_typename_to_number(void *cls, const char *jwt_typename)
Convert a type name to the corresponding number.
Definition: plugin_reclaim_credential_jwt.c:112
jwt_parse_attributes_p
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the respective claim value as Attribute.
Definition: plugin_reclaim_credential_jwt.c:227
GNUNET_RECLAIM_Credential
A credential.
Definition: gnunet_reclaim_lib.h:155
name
const char * name
Definition: plugin_reclaim_credential_jwt.c:99
GNUNET_RECLAIM_CredentialPluginFunctions::get_issuer
GNUNET_RECLAIM_CredentialGetIssuerFunction get_issuer
Attesation issuer.
Definition: gnunet_reclaim_plugin.h:382
jwt_create_presentation
int jwt_create_presentation(void *cls, const struct GNUNET_RECLAIM_Credential *cred, const struct GNUNET_RECLAIM_AttributeList *attrs, struct GNUNET_RECLAIM_Presentation **pres)
Definition: plugin_reclaim_credential_jwt.c:373
jwt_get_expiration
int jwt_get_expiration(void *cls, const char *data, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
Definition: plugin_reclaim_credential_jwt.c:312
GNUNET_RECLAIM_Presentation::data
const void * data
Binary value stored as presentation value.
Definition: gnunet_reclaim_lib.h:217
GNUNET_RECLAIM_CredentialPluginFunctions::create_presentation
GNUNET_RECLAIM_CredentialToPresentation create_presentation
Get presentation.
Definition: gnunet_reclaim_plugin.h:427
GNUNET_SYSERR
Definition: gnunet_common.h:85
jwt_get_expiration_c
int jwt_get_expiration_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
Definition: plugin_reclaim_credential_jwt.c:348
GNUNET_RECLAIM_CredentialPluginFunctions::cls
void * cls
Closure for all of the callbacks.
Definition: gnunet_reclaim_plugin.h:352
GNUNET_RECLAIM_CredentialPluginFunctions::get_attributes_p
GNUNET_RECLAIM_PresentationGetAttributesFunction get_attributes_p
Attesation attributes.
Definition: gnunet_reclaim_plugin.h:412
GNUNET_RECLAIM_CredentialPluginFunctions::get_expiration_p
GNUNET_RECLAIM_PresentationGetExpirationFunction get_expiration_p
Expiration.
Definition: gnunet_reclaim_plugin.h:422
GNUNET_RECLAIM_Presentation
A credential presentation.
Definition: gnunet_reclaim_lib.h:195
key
struct GNUNET_HashCode key
The key used in the DHT.
Definition: gnunet-dht-put.c:37
jwt_string_to_value
static int jwt_string_to_value(void *cls, uint32_t type, const char *s, void **data, size_t *data_size)
Convert human-readable version of a &#39;value&#39; of an credential to the binary representation.
Definition: plugin_reclaim_credential_jwt.c:72
GNUNET_RECLAIM_CredentialPluginFunctions
Each plugin is required to return a pointer to a struct of this type as the return value from its ent...
Definition: gnunet_reclaim_plugin.h:347
jwt_value_to_string
static char * jwt_value_to_string(void *cls, uint32_t type, const void *data, size_t data_size)
Convert the &#39;value&#39; of an credential to a string.
Definition: plugin_reclaim_credential_jwt.c:44
GNUNET_RECLAIM_CredentialPluginFunctions::typename_to_number
GNUNET_RECLAIM_CredentialTypenameToNumberFunction typename_to_number
Typename to number.
Definition: gnunet_reclaim_plugin.h:367
GNUNET_strndup
#define GNUNET_strndup(a, length)
Wrapper around GNUNET_xstrndup_.
Definition: gnunet_common.h:1346
jwt_parse_attributes
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes(void *cls, const char *data)
Parse a JWT and return the respective claim value as Attribute.
Definition: plugin_reclaim_credential_jwt.c:153
GNUNET_RECLAIM_presentation_new
struct GNUNET_RECLAIM_Presentation * GNUNET_RECLAIM_presentation_new(uint32_t type, const void *data, size_t data_size)
Definition: reclaim_credential.c:689
GNUNET_log
#define GNUNET_log(kind,...)
Definition: gnunet_common.h:520
GNUNET_ERROR_TYPE_DEBUG
Definition: gnunet_common.h:398
jwt_parse_attributes_c
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the respective claim value as Attribute.
Definition: plugin_reclaim_credential_jwt.c:212
GNUNET_RECLAIM_CredentialPluginFunctions::number_to_typename
GNUNET_RECLAIM_CredentialNumberToTypenameFunction number_to_typename
Number to typename.
Definition: gnunet_reclaim_plugin.h:372
GNUNET_RECLAIM_attribute_list_add
void GNUNET_RECLAIM_attribute_list_add(struct GNUNET_RECLAIM_AttributeList *attrs, const char *attr_name, const struct GNUNET_RECLAIM_Identifier *credential, uint32_t type, const void *data, size_t data_size)
Add a new attribute to a claim list.
Definition: reclaim_attribute.c:272
GNUNET_RECLAIM_CredentialPluginFunctions::string_to_value
GNUNET_RECLAIM_CredentialStringToValueFunction string_to_value
Conversion to binary.
Definition: gnunet_reclaim_plugin.h:362
GNUNET_RECLAIM_CredentialPluginFunctions::string_to_value_p
GNUNET_RECLAIM_PresentationStringToValueFunction string_to_value_p
Conversion to binary.
Definition: gnunet_reclaim_plugin.h:397
type
enum GNUNET_TESTBED_UnderlayLinkModelType type
the type of this model
Definition: testbed_api_underlay.c:126
jwt_get_issuer_p
char * jwt_get_issuer_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the issuer.
Definition: plugin_reclaim_credential_jwt.c:295
GNUNET_TIME_Absolute
Time for absolute times used by GNUnet, in microseconds.
Definition: gnunet_time_lib.h:48
libgnunet_plugin_reclaim_credential_jwt_done
void * libgnunet_plugin_reclaim_credential_jwt_done(void *cls)
Exit point from the plugin.
Definition: plugin_reclaim_credential_jwt.c:426
libgnunet_plugin_reclaim_credential_jwt_init
void * libgnunet_plugin_reclaim_credential_jwt_init(void *cls)
Entry point for the plugin.
Definition: plugin_reclaim_credential_jwt.c:395
data
uint32_t data
The data value.
Definition: gnunet-helper-transport-wlan.c:90
jwt_get_issuer_c
char * jwt_get_issuer_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the issuer.
Definition: plugin_reclaim_credential_jwt.c:278
GNUNET_STRINGS_base64url_decode
size_t GNUNET_STRINGS_base64url_decode(const char *data, size_t len, void **out)
Decode from Base64url.
Definition: strings.c:2049
GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING
String attribute.
Definition: gnunet_reclaim_lib.h:51
GNUNET_RECLAIM_AttributePluginFunctions::cls
void * cls
Closure for all of the callbacks.
Definition: gnunet_reclaim_plugin.h:319
GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT
A JSON Web Token credential.
Definition: gnunet_reclaim_lib.h:63
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition: gnunet_common.h:1321
GNUNET_RECLAIM_CredentialPluginFunctions::get_attributes
GNUNET_RECLAIM_CredentialGetAttributesFunction get_attributes
Attesation attributes.
Definition: gnunet_reclaim_plugin.h:377
jwt_cred_name_map
static struct @68 jwt_cred_name_map[]
Mapping of credential type numbers to human-readable credential type names.
Generated by   doxygen 1.8.13