GNUnet 0.21.0
plugin_reclaim_credential_jwt.c
Go to the documentation of this file.
1/*
2 This file is part of GNUnet
3 Copyright (C) 2013, 2014, 2016 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
28#include "platform.h"
29#include "gnunet_util_lib.h"
31#include <inttypes.h>
32#include <jansson.h>
33
43static char *
45 uint32_t type,
46 const void *data,
47 size_t data_size)
48{
49 switch (type)
50 {
53
54 default:
55 return NULL;
56 }
57}
58
59
71static int
73 uint32_t type,
74 const char *s,
75 void **data,
76 size_t *data_size)
77{
78 if (NULL == s)
79 return GNUNET_SYSERR;
80 switch (type)
81 {
83 *data = GNUNET_strdup (s);
84 *data_size = strlen (s) + 1;
85 return GNUNET_OK;
86
87 default:
88 return GNUNET_SYSERR;
89 }
90}
91
92
97static struct
98{
99 const char *name;
100 uint32_t number;
102 { NULL, UINT32_MAX } };
103
111static uint32_t
112jwt_typename_to_number (void *cls, const char *jwt_typename)
113{
114 unsigned int i;
115
116 i = 0;
117 while ((NULL != jwt_cred_name_map[i].name) &&
118 (0 != strcasecmp (jwt_typename, jwt_cred_name_map[i].name)))
119 i++;
120 return jwt_cred_name_map[i].number;
121}
122
123
131static const char *
132jwt_number_to_typename (void *cls, uint32_t type)
133{
134 unsigned int i;
135
136 i = 0;
137 while ((NULL != jwt_cred_name_map[i].name) && (type !=
139 number))
140 i++;
141 return jwt_cred_name_map[i].name;
142}
143
144
154 const char *data,
155 size_t data_size)
156{
157 char *jwt_string;
158 struct GNUNET_RECLAIM_AttributeList *attrs;
159 char delim[] = ".";
160 char *val_str = NULL;
161 char *decoded_jwt;
162 char *tmp;
163 json_t *json_val;
164 json_error_t json_err;
165
167
168 jwt_string = GNUNET_strndup (data, data_size);
169 const char *jwt_body = strtok (jwt_string, delim);
170 if (NULL == jwt_body)
171 {
173 "Failed to parse JSON %s\n", jwt_string);
174 return attrs;
175 }
176 jwt_body = strtok (NULL, delim);
177 if (NULL == jwt_body)
178 {
180 "Failed to parse JSON %s\n", jwt_string);
181 GNUNET_free (jwt_string);
182 return attrs;
183 }
184 GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
185 (void **) &decoded_jwt);
186 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Decoded JWT: %s\n", decoded_jwt);
187 GNUNET_assert (NULL != decoded_jwt);
188 json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
189 GNUNET_free (decoded_jwt);
190 const char *key;
191 const char *addr_key;
192 json_t *value;
193 json_t *addr_value;
194
195 json_object_foreach (json_val, key, value) {
196 if (0 == strcmp ("iss", key))
197 continue;
198 if (0 == strcmp ("jti", key))
199 continue;
200 if (0 == strcmp ("exp", key))
201 continue;
202 if (0 == strcmp ("iat", key))
203 continue;
204 if (0 == strcmp ("nbf", key))
205 continue;
206 if (0 == strcmp ("aud", key))
207 continue;
208 if (0 == strcmp ("address", key))
209 {
210 if (! json_is_object (value))
211 {
213 "address claim in wrong format!");
214 continue;
215 }
216 json_object_foreach (value, addr_key, addr_value) {
217 val_str = json_dumps (addr_value, JSON_ENCODE_ANY);
218 tmp = val_str;
219 // Remove leading " from jasson conversion
220 if (tmp[0] == '"')
221 tmp++;
222 // Remove trailing " from jansson conversion
223 if (tmp[strlen (tmp) - 1] == '"')
224 tmp[strlen (tmp) - 1] = '\0';
226 addr_key,
227 NULL,
229 tmp,
230 strlen (val_str));
231 GNUNET_free (val_str);
232 }
233 continue;
234 }
235 val_str = json_dumps (value, JSON_ENCODE_ANY);
236 tmp = val_str;
237 // Remove leading " from jasson conversion
238 if (tmp[0] == '"')
239 tmp++;
240 // Remove trailing " from jansson conversion
241 if (tmp[strlen (tmp) - 1] == '"')
242 tmp[strlen (tmp) - 1] = '\0';
244 key,
245 NULL,
247 tmp,
248 strlen (val_str));
249 GNUNET_free (val_str);
250 }
251 json_decref (json_val);
252 GNUNET_free (jwt_string);
253 return attrs;
254}
255
256
266 const struct GNUNET_RECLAIM_Credential *cred)
267{
269 return NULL;
270 return jwt_parse_attributes (cls, cred->data, cred->data_size);
271}
272
273
283 const struct GNUNET_RECLAIM_Presentation *cred)
284{
286 return NULL;
287 return jwt_parse_attributes (cls, cred->data, cred->data_size);
288}
289
290
298char *
299jwt_get_issuer (void *cls,
300 const char *data,
301 size_t data_size)
302{
303 const char *jwt_body;
304 char *jwt_string;
305 char delim[] = ".";
306 char *issuer = NULL;
307 char *decoded_jwt;
308 json_t *issuer_json;
309 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
310 json_t *json_val;
311 json_error_t json_err;
312
313 jwt_string = GNUNET_strndup (data, data_size);
314 jwt_body = strtok (jwt_string, delim);
315 jwt_body = strtok (NULL, delim);
316 GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
317 (void **) &decoded_jwt);
318 json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
319 GNUNET_free (decoded_jwt);
320 GNUNET_free (jwt_string);
321 if (NULL == json_val)
322 return NULL;
323 issuer_json = json_object_get (json_val, "iss");
324 if ((NULL == issuer_json) || (! json_is_string (issuer_json)))
325 {
326 json_decref (json_val);
327 return NULL;
328 }
329 issuer = GNUNET_strdup (json_string_value (issuer_json));
330 json_decref (json_val);
331 return issuer;
332}
333
334
342char *
344 const struct GNUNET_RECLAIM_Credential *cred)
345{
347 return NULL;
348 return jwt_get_issuer (cls, cred->data, cred->data_size);
349}
350
351
359char *
361 const struct GNUNET_RECLAIM_Presentation *cred)
362{
364 return NULL;
365 return jwt_get_issuer (cls, cred->data, cred->data_size);
366}
367
368
378 const char *data,
379 size_t data_size,
380 struct GNUNET_TIME_Absolute *exp)
381{
382 const char *jwt_body;
383 char *jwt_string;
384 char delim[] = ".";
385 char *decoded_jwt;
386 json_t *exp_json;
387 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
388 json_t *json_val;
389 json_error_t json_err;
390
391 jwt_string = GNUNET_strndup (data, data_size);
392 jwt_body = strtok (jwt_string, delim);
393 jwt_body = strtok (NULL, delim);
394 GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
395 (void **) &decoded_jwt);
396 json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, &json_err);
397 GNUNET_free (decoded_jwt);
398 GNUNET_free (jwt_string);
399 if (NULL == json_val)
400 return GNUNET_SYSERR;
401 exp_json = json_object_get (json_val, "exp");
402 if ((NULL == exp_json) || (! json_is_integer (exp_json)))
403 {
404 json_decref (json_val);
405 return GNUNET_SYSERR;
406 }
407 exp->abs_value_us = json_integer_value (exp_json) * 1000 * 1000;
408 json_decref (json_val);
409 return GNUNET_OK;
410}
411
412
422 const struct GNUNET_RECLAIM_Credential *cred,
423 struct GNUNET_TIME_Absolute *exp)
424{
426 return GNUNET_NO;
427 return jwt_get_expiration (cls, cred->data, cred->data_size, exp);
428}
429
430
440 const struct GNUNET_RECLAIM_Presentation *cred,
441 struct GNUNET_TIME_Absolute *exp)
442{
444 return GNUNET_NO;
445 return jwt_get_expiration (cls, cred->data, cred->data_size, exp);
446}
447
448
451 const struct GNUNET_RECLAIM_Credential *cred,
452 const struct GNUNET_RECLAIM_AttributeList *attrs,
453 struct GNUNET_RECLAIM_Presentation **presentation)
454{
456 return GNUNET_NO;
457 *presentation = GNUNET_RECLAIM_presentation_new (
459 cred->data,
460 cred->data_size);
461 return GNUNET_OK;
462}
463
464
471void *
473{
475
492 return api;
493}
494
495
502void *
504{
506
507 GNUNET_free (api);
508 return NULL;
509}
510
511
512/* end of plugin_reclaim_credential_type_jwt.c */
static char * data
The data to insert into the dht.
struct GNUNET_HashCode key
The key used in the DHT.
static char * value
Value of the record to add/remove.
static uint32_t type
Type string converted to DNS type value.
static size_t data_size
Number of bytes in data.
Plugin API for reclaim attribute types.
#define GNUNET_log(kind,...)
GNUNET_GenericReturnValue
Named constants for return values.
@ GNUNET_OK
@ GNUNET_NO
@ GNUNET_SYSERR
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
@ GNUNET_ERROR_TYPE_WARNING
@ GNUNET_ERROR_TYPE_ERROR
@ GNUNET_ERROR_TYPE_DEBUG
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
#define GNUNET_strndup(a, length)
Wrapper around GNUNET_xstrndup_.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
#define GNUNET_free(ptr)
Wrapper around free.
struct GNUNET_RECLAIM_Presentation * GNUNET_RECLAIM_presentation_new(uint32_t type, const void *data, size_t data_size)
void GNUNET_RECLAIM_attribute_list_add(struct GNUNET_RECLAIM_AttributeList *attrs, const char *attr_name, const struct GNUNET_RECLAIM_Identifier *credential, uint32_t type, const void *data, size_t data_size)
Add a new attribute to a claim list.
@ GNUNET_RECLAIM_CREDENTIAL_TYPE_JWT
A JSON Web Token credential.
@ GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING
String attribute.
size_t GNUNET_STRINGS_base64url_decode(const char *data, size_t len, void **out)
Decode from Base64url.
Definition: strings.c:1782
enum GNUNET_GenericReturnValue jwt_get_expiration(void *cls, const char *data, size_t data_size, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
enum GNUNET_GenericReturnValue jwt_create_presentation(void *cls, const struct GNUNET_RECLAIM_Credential *cred, const struct GNUNET_RECLAIM_AttributeList *attrs, struct GNUNET_RECLAIM_Presentation **presentation)
void * libgnunet_plugin_reclaim_credential_jwt_done(void *cls)
Exit point from the plugin.
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the respective claim value as Attribute.
const char * name
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the respective claim value as Attribute.
static char * jwt_value_to_string(void *cls, uint32_t type, const void *data, size_t data_size)
Convert the 'value' of an credential to a string.
char * jwt_get_issuer(void *cls, const char *data, size_t data_size)
Parse a JWT and return the issuer.
static uint32_t jwt_typename_to_number(void *cls, const char *jwt_typename)
Convert a type name to the corresponding number.
void * libgnunet_plugin_reclaim_credential_jwt_init(void *cls)
Entry point for the plugin.
char * jwt_get_issuer_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the issuer.
static const char * jwt_number_to_typename(void *cls, uint32_t type)
Convert a type number to the corresponding type string (e.g.
enum GNUNET_GenericReturnValue jwt_get_expiration_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes(void *cls, const char *data, size_t data_size)
Parse a JWT and return the respective claim value as Attribute.
static int jwt_string_to_value(void *cls, uint32_t type, const char *s, void **data, size_t *data_size)
Convert human-readable version of a 'value' of an credential to the binary representation.
enum GNUNET_GenericReturnValue jwt_get_expiration_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
static struct @42 jwt_cred_name_map[]
Mapping of credential type numbers to human-readable credential type names.
char * jwt_get_issuer_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the issuer.
A list of GNUNET_RECLAIM_Attribute structures.
Each plugin is required to return a pointer to a struct of this type as the return value from its ent...
GNUNET_RECLAIM_CredentialValueToStringFunction value_to_string
Conversion to string.
GNUNET_RECLAIM_CredentialTypenameToNumberFunction typename_to_number
Typename to number.
GNUNET_RECLAIM_PresentationGetIssuerFunction get_issuer_p
Attesation issuer.
GNUNET_RECLAIM_CredentialNumberToTypenameFunction number_to_typename
Number to typename.
GNUNET_RECLAIM_CredentialGetIssuerFunction get_issuer
Attesation issuer.
GNUNET_RECLAIM_PresentationGetExpirationFunction get_expiration_p
Expiration.
GNUNET_RECLAIM_PresentationValueToStringFunction value_to_string_p
Conversion to string.
GNUNET_RECLAIM_CredentialStringToValueFunction string_to_value
Conversion to binary.
GNUNET_RECLAIM_CredentialGetExpirationFunction get_expiration
Expiration.
void * cls
Closure for all of the callbacks.
GNUNET_RECLAIM_CredentialGetAttributesFunction get_attributes
Attesation attributes.
GNUNET_RECLAIM_PresentationStringToValueFunction string_to_value_p
Conversion to binary.
GNUNET_RECLAIM_PresentationTypenameToNumberFunction typename_to_number_p
Typename to number.
GNUNET_RECLAIM_PresentationNumberToTypenameFunction number_to_typename_p
Number to typename.
GNUNET_RECLAIM_CredentialToPresentation create_presentation
Get presentation.
GNUNET_RECLAIM_PresentationGetAttributesFunction get_attributes_p
Attesation attributes.
uint32_t type
Type/Format of Claim.
const void * data
Binary value stored as credential value.
size_t data_size
Number of bytes in data.
A credential presentation.
const void * data
Binary value stored as presentation value.
uint32_t type
Type/Format of Claim.
size_t data_size
Number of bytes in data.
Time for absolute times used by GNUnet, in microseconds.
uint64_t abs_value_us
The actual value.