GNUnet  0.19.5
plugin_reclaim_credential_jwt.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet
3  Copyright (C) 2013, 2014, 2016 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
28 #include "platform.h"
29 #include "gnunet_util_lib.h"
30 #include "gnunet_reclaim_plugin.h"
31 #include <inttypes.h>
32 #include <jansson.h>
33 
43 static char *
45  uint32_t type,
46  const void *data,
47  size_t data_size)
48 {
49  switch (type)
50  {
52  return GNUNET_strndup (data, data_size);
53 
54  default:
55  return NULL;
56  }
57 }
58 
59 
71 static int
73  uint32_t type,
74  const char *s,
75  void **data,
76  size_t *data_size)
77 {
78  if (NULL == s)
79  return GNUNET_SYSERR;
80  switch (type)
81  {
83  *data = GNUNET_strdup (s);
84  *data_size = strlen (s) + 1;
85  return GNUNET_OK;
86 
87  default:
88  return GNUNET_SYSERR;
89  }
90 }
91 
92 
97 static struct
98 {
99  const char *name;
100  uint32_t number;
102  { NULL, UINT32_MAX } };
103 
111 static uint32_t
112 jwt_typename_to_number (void *cls, const char *jwt_typename)
113 {
114  unsigned int i;
115 
116  i = 0;
117  while ((NULL != jwt_cred_name_map[i].name) &&
118  (0 != strcasecmp (jwt_typename, jwt_cred_name_map[i].name)))
119  i++;
120  return jwt_cred_name_map[i].number;
121 }
122 
123 
131 static const char *
132 jwt_number_to_typename (void *cls, uint32_t type)
133 {
134  unsigned int i;
135 
136  i = 0;
137  while ((NULL != jwt_cred_name_map[i].name) && (type !=
139  number))
140  i++;
141  return jwt_cred_name_map[i].name;
142 }
143 
144 
154  const char *data,
155  size_t data_size)
156 {
157  char *jwt_string;
158  struct GNUNET_RECLAIM_AttributeList *attrs;
159  char delim[] = ".";
160  char *val_str = NULL;
161  char *decoded_jwt;
162  char *tmp;
163  json_t *json_val;
164  json_error_t json_err;
165 
166  attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
167 
168  jwt_string = GNUNET_strndup (data, data_size);
169  const char *jwt_body = strtok (jwt_string, delim);
170  if (NULL == jwt_body)
171  {
173  "Failed to parse JSON %s\n", jwt_string);
174  return attrs;
175  }
176  jwt_body = strtok (NULL, delim);
177  if (NULL == jwt_body)
178  {
180  "Failed to parse JSON %s\n", jwt_string);
181  GNUNET_free (jwt_string);
182  return attrs;
183  }
184  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
185  (void **) &decoded_jwt);
186  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Decoded JWT: %s\n", decoded_jwt);
187  GNUNET_assert (NULL != decoded_jwt);
188  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
189  GNUNET_free (decoded_jwt);
190  const char *key;
191  const char *addr_key;
192  json_t *value;
193  json_t *addr_value;
194 
195  json_object_foreach (json_val, key, value) {
196  if (0 == strcmp ("iss", key))
197  continue;
198  if (0 == strcmp ("jti", key))
199  continue;
200  if (0 == strcmp ("exp", key))
201  continue;
202  if (0 == strcmp ("iat", key))
203  continue;
204  if (0 == strcmp ("nbf", key))
205  continue;
206  if (0 == strcmp ("aud", key))
207  continue;
208  if (0 == strcmp ("address", key))
209  {
210  if (! json_is_object (value))
211  {
213  "address claim in wrong format!");
214  continue;
215  }
216  json_object_foreach (value, addr_key, addr_value) {
217  val_str = json_dumps (addr_value, JSON_ENCODE_ANY);
218  tmp = val_str;
219  // Remove leading " from jasson conversion
220  if (tmp[0] == '"')
221  tmp++;
222  // Remove trailing " from jansson conversion
223  if (tmp[strlen (tmp) - 1] == '"')
224  tmp[strlen (tmp) - 1] = '\0';
226  addr_key,
227  NULL,
229  tmp,
230  strlen (val_str));
231  GNUNET_free (val_str);
232  }
233  continue;
234  }
235  val_str = json_dumps (value, JSON_ENCODE_ANY);
236  tmp = val_str;
237  // Remove leading " from jasson conversion
238  if (tmp[0] == '"')
239  tmp++;
240  // Remove trailing " from jansson conversion
241  if (tmp[strlen (tmp) - 1] == '"')
242  tmp[strlen (tmp) - 1] = '\0';
244  key,
245  NULL,
247  tmp,
248  strlen (val_str));
249  GNUNET_free (val_str);
250  }
251  json_decref (json_val);
252  GNUNET_free (jwt_string);
253  return attrs;
254 }
255 
256 
266  const struct GNUNET_RECLAIM_Credential *cred)
267 {
269  return NULL;
270  return jwt_parse_attributes (cls, cred->data, cred->data_size);
271 }
272 
273 
283  const struct GNUNET_RECLAIM_Presentation *cred)
284 {
286  return NULL;
287  return jwt_parse_attributes (cls, cred->data, cred->data_size);
288 }
289 
290 
298 char *
299 jwt_get_issuer (void *cls,
300  const char *data,
301  size_t data_size)
302 {
303  const char *jwt_body;
304  char *jwt_string;
305  char delim[] = ".";
306  char *issuer = NULL;
307  char *decoded_jwt;
308  json_t *issuer_json;
309  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
310  json_t *json_val;
311  json_error_t json_err;
312 
313  jwt_string = GNUNET_strndup (data, data_size);
314  jwt_body = strtok (jwt_string, delim);
315  jwt_body = strtok (NULL, delim);
316  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
317  (void **) &decoded_jwt);
318  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
319  GNUNET_free (decoded_jwt);
320  GNUNET_free (jwt_string);
321  if (NULL == json_val)
322  return NULL;
323  issuer_json = json_object_get (json_val, "iss");
324  if ((NULL == issuer_json) || (! json_is_string (issuer_json)))
325  {
326  json_decref (json_val);
327  return NULL;
328  }
329  issuer = GNUNET_strdup (json_string_value (issuer_json));
330  json_decref (json_val);
331  return issuer;
332 }
333 
334 
342 char *
343 jwt_get_issuer_c (void *cls,
344  const struct GNUNET_RECLAIM_Credential *cred)
345 {
347  return NULL;
348  return jwt_get_issuer (cls, cred->data, cred->data_size);
349 }
350 
351 
359 char *
360 jwt_get_issuer_p (void *cls,
361  const struct GNUNET_RECLAIM_Presentation *cred)
362 {
364  return NULL;
365  return jwt_get_issuer (cls, cred->data, cred->data_size);
366 }
367 
368 
377 jwt_get_expiration (void *cls,
378  const char *data,
379  size_t data_size,
380  struct GNUNET_TIME_Absolute *exp)
381 {
382  const char *jwt_body;
383  char *jwt_string;
384  char delim[] = ".";
385  char *decoded_jwt;
386  json_t *exp_json;
387  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
388  json_t *json_val;
389  json_error_t json_err;
390 
391  jwt_string = GNUNET_strndup (data, data_size);
392  jwt_body = strtok (jwt_string, delim);
393  jwt_body = strtok (NULL, delim);
394  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
395  (void **) &decoded_jwt);
396  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
397  GNUNET_free (decoded_jwt);
398  GNUNET_free (jwt_string);
399  if (NULL == json_val)
400  return GNUNET_SYSERR;
401  exp_json = json_object_get (json_val, "exp");
402  if ((NULL == exp_json) || (! json_is_integer (exp_json)))
403  {
404  json_decref (json_val);
405  return GNUNET_SYSERR;
406  }
407  exp->abs_value_us = json_integer_value (exp_json) * 1000 * 1000;
408  json_decref (json_val);
409  return GNUNET_OK;
410 }
411 
412 
421 jwt_get_expiration_c (void *cls,
422  const struct GNUNET_RECLAIM_Credential *cred,
423  struct GNUNET_TIME_Absolute *exp)
424 {
426  return GNUNET_NO;
427  return jwt_get_expiration (cls, cred->data, cred->data_size, exp);
428 }
429 
430 
439 jwt_get_expiration_p (void *cls,
440  const struct GNUNET_RECLAIM_Presentation *cred,
441  struct GNUNET_TIME_Absolute *exp)
442 {
444  return GNUNET_NO;
445  return jwt_get_expiration (cls, cred->data, cred->data_size, exp);
446 }
447 
448 
450 jwt_create_presentation (void *cls,
451  const struct GNUNET_RECLAIM_Credential *cred,
452  const struct GNUNET_RECLAIM_AttributeList *attrs,
453  struct GNUNET_RECLAIM_Presentation **presentation)
454 {
456  return GNUNET_NO;
457  *presentation = GNUNET_RECLAIM_presentation_new (
459  cred->data,
460  cred->data_size);
461  return GNUNET_OK;
462 }
463 
464 
471 void *
473 {
475 
492  return api;
493 }
494 
495 
502 void *
504 {
506 
507  GNUNET_free (api);
508  return NULL;
509 }
510 
511 
512 /* end of plugin_reclaim_credential_type_jwt.c */
static size_t data_size
Number of bytes in data.
Definition: gnunet-abd.c:187
struct GNUNET_HashCode key
The key used in the DHT.
uint32_t data
The data value.
static char * value
Value of the record to add/remove.
Plugin API for reclaim attribute types.
#define GNUNET_log(kind,...)
GNUNET_GenericReturnValue
Named constants for return values.
@ GNUNET_OK
@ GNUNET_NO
@ GNUNET_SYSERR
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
@ GNUNET_ERROR_TYPE_WARNING
@ GNUNET_ERROR_TYPE_ERROR
@ GNUNET_ERROR_TYPE_DEBUG
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
#define GNUNET_strndup(a, length)
Wrapper around GNUNET_xstrndup_.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
#define GNUNET_free(ptr)
Wrapper around free.
void GNUNET_RECLAIM_attribute_list_add(struct GNUNET_RECLAIM_AttributeList *attrs, const char *attr_name, const struct GNUNET_RECLAIM_Identifier *credential, uint32_t type, const void *data, size_t data_size)
Add a new attribute to a claim list.
struct GNUNET_RECLAIM_Presentation * GNUNET_RECLAIM_presentation_new(uint32_t type, const void *data, size_t data_size)
@ GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT
A JSON Web Token credential.
@ GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING
String attribute.
size_t GNUNET_STRINGS_base64url_decode(const char *data, size_t len, void **out)
Decode from Base64url.
Definition: strings.c:1760
enum GNUNET_GenericReturnValue jwt_get_expiration(void *cls, const char *data, size_t data_size, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
enum GNUNET_GenericReturnValue jwt_create_presentation(void *cls, const struct GNUNET_RECLAIM_Credential *cred, const struct GNUNET_RECLAIM_AttributeList *attrs, struct GNUNET_RECLAIM_Presentation **presentation)
static struct @55 jwt_cred_name_map[]
Mapping of credential type numbers to human-readable credential type names.
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the respective claim value as Attribute.
char * jwt_get_issuer_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the issuer.
char * jwt_get_issuer_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the issuer.
void * libgnunet_plugin_reclaim_credential_jwt_done(void *cls)
Exit point from the plugin.
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the respective claim value as Attribute.
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes(void *cls, const char *data, size_t data_size)
Parse a JWT and return the respective claim value as Attribute.
static char * jwt_value_to_string(void *cls, uint32_t type, const void *data, size_t data_size)
Convert the 'value' of an credential to a string.
const char * name
static uint32_t jwt_typename_to_number(void *cls, const char *jwt_typename)
Convert a type name to the corresponding number.
static const char * jwt_number_to_typename(void *cls, uint32_t type)
Convert a type number to the corresponding type string (e.g.
enum GNUNET_GenericReturnValue jwt_get_expiration_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
static int jwt_string_to_value(void *cls, uint32_t type, const char *s, void **data, size_t *data_size)
Convert human-readable version of a 'value' of an credential to the binary representation.
enum GNUNET_GenericReturnValue jwt_get_expiration_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
char * jwt_get_issuer(void *cls, const char *data, size_t data_size)
Parse a JWT and return the issuer.
void * libgnunet_plugin_reclaim_credential_jwt_init(void *cls)
Entry point for the plugin.
A list of GNUNET_RECLAIM_Attribute structures.
Each plugin is required to return a pointer to a struct of this type as the return value from its ent...
GNUNET_RECLAIM_CredentialValueToStringFunction value_to_string
Conversion to string.
GNUNET_RECLAIM_CredentialTypenameToNumberFunction typename_to_number
Typename to number.
GNUNET_RECLAIM_PresentationGetIssuerFunction get_issuer_p
Attesation issuer.
GNUNET_RECLAIM_CredentialNumberToTypenameFunction number_to_typename
Number to typename.
GNUNET_RECLAIM_CredentialGetIssuerFunction get_issuer
Attesation issuer.
GNUNET_RECLAIM_PresentationGetExpirationFunction get_expiration_p
Expiration.
GNUNET_RECLAIM_PresentationValueToStringFunction value_to_string_p
Conversion to string.
GNUNET_RECLAIM_CredentialStringToValueFunction string_to_value
Conversion to binary.
GNUNET_RECLAIM_CredentialGetExpirationFunction get_expiration
Expiration.
void * cls
Closure for all of the callbacks.
GNUNET_RECLAIM_CredentialGetAttributesFunction get_attributes
Attesation attributes.
GNUNET_RECLAIM_PresentationStringToValueFunction string_to_value_p
Conversion to binary.
GNUNET_RECLAIM_PresentationTypenameToNumberFunction typename_to_number_p
Typename to number.
GNUNET_RECLAIM_PresentationNumberToTypenameFunction number_to_typename_p
Number to typename.
GNUNET_RECLAIM_CredentialToPresentation create_presentation
Get presentation.
GNUNET_RECLAIM_PresentationGetAttributesFunction get_attributes_p
Attesation attributes.
uint32_t type
Type/Format of Claim.
const void * data
Binary value stored as credential value.
size_t data_size
Number of bytes in data.
A credential presentation.
const void * data
Binary value stored as presentation value.
uint32_t type
Type/Format of Claim.
size_t data_size
Number of bytes in data.
Time for absolute times used by GNUnet, in microseconds.
uint64_t abs_value_us
The actual value.
enum GNUNET_TESTBED_UnderlayLinkModelType type
the type of this model