GNUnet  0.11.x
plugin_reclaim_credential_jwt.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet
3  Copyright (C) 2013, 2014, 2016 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
28 #include "platform.h"
29 #include "gnunet_util_lib.h"
30 #include "gnunet_reclaim_plugin.h"
31 #include <inttypes.h>
32 #include <jansson.h>
33 
43 static char *
45  uint32_t type,
46  const void *data,
47  size_t data_size)
48 {
49  switch (type)
50  {
52  return GNUNET_strndup (data, data_size);
53 
54  default:
55  return NULL;
56  }
57 }
58 
59 
71 static int
73  uint32_t type,
74  const char *s,
75  void **data,
76  size_t *data_size)
77 {
78  if (NULL == s)
79  return GNUNET_SYSERR;
80  switch (type)
81  {
83  *data = GNUNET_strdup (s);
84  *data_size = strlen (s);
85  return GNUNET_OK;
86 
87  default:
88  return GNUNET_SYSERR;
89  }
90 }
91 
92 
97 static struct
98 {
99  const char *name;
100  uint32_t number;
102  { NULL, UINT32_MAX } };
103 
111 static uint32_t
112 jwt_typename_to_number (void *cls, const char *jwt_typename)
113 {
114  unsigned int i;
115 
116  i = 0;
117  while ((NULL != jwt_cred_name_map[i].name) &&
118  (0 != strcasecmp (jwt_typename, jwt_cred_name_map[i].name)))
119  i++;
120  return jwt_cred_name_map[i].number;
121 }
122 
123 
131 static const char *
132 jwt_number_to_typename (void *cls, uint32_t type)
133 {
134  unsigned int i;
135 
136  i = 0;
137  while ((NULL != jwt_cred_name_map[i].name) && (type !=
139  number))
140  i++;
141  return jwt_cred_name_map[i].name;
142 }
143 
144 
154  const char *data)
155 {
156  char *jwt_string;
157  struct GNUNET_RECLAIM_AttributeList *attrs;
158  char delim[] = ".";
159  char *val_str = NULL;
160  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
161  char *decoded_jwt;
162  json_t *json_val;
163  json_error_t *json_err = NULL;
164 
165  attrs = GNUNET_new (struct GNUNET_RECLAIM_AttributeList);
166 
167  jwt_string = GNUNET_strdup (data);
168  const char *jwt_body = strtok (jwt_string, delim);
169  jwt_body = strtok (NULL, delim);
170  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
171  (void **) &decoded_jwt);
172  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Decoded JWT: %s\n", decoded_jwt);
173  GNUNET_assert (NULL != decoded_jwt);
174  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
175  const char *key;
176  json_t *value;
177  json_object_foreach (json_val, key, value) {
178  if (0 == strcmp ("iss", key))
179  continue;
180  if (0 == strcmp ("jti", key))
181  continue;
182  if (0 == strcmp ("exp", key))
183  continue;
184  if (0 == strcmp ("iat", key))
185  continue;
186  if (0 == strcmp ("nbf", key))
187  continue;
188  if (0 == strcmp ("aud", key))
189  continue;
190  val_str = json_dumps (value, JSON_ENCODE_ANY);
192  key,
193  NULL,
195  val_str,
196  strlen (val_str));
197  GNUNET_free (val_str);
198  }
199  GNUNET_free (jwt_string);
200  return attrs;
201 }
202 
203 
213  const struct GNUNET_RECLAIM_Credential *cred)
214 {
215  return jwt_parse_attributes (cls, cred->data);
216 }
217 
218 
228  const struct GNUNET_RECLAIM_Presentation *cred)
229 {
230  return jwt_parse_attributes (cls, cred->data);
231 }
232 
233 
241 char *
242 jwt_get_issuer (void *cls,
243  const char *data)
244 {
245  const char *jwt_body;
246  char *jwt_string;
247  char delim[] = ".";
248  char *issuer = NULL;
249  char *decoded_jwt;
250  json_t *issuer_json;
251  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
252  json_t *json_val;
253  json_error_t *json_err = NULL;
254 
255  jwt_string = GNUNET_strdup (data);
256  jwt_body = strtok (jwt_string, delim);
257  jwt_body = strtok (NULL, delim);
258  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
259  (void **) &decoded_jwt);
260  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
261  issuer_json = json_object_get (json_val, "iss");
262  if ((NULL == issuer_json) || (! json_is_string (issuer_json)))
263  return NULL;
264  issuer = GNUNET_strdup (json_string_value (issuer_json));
265  GNUNET_free (jwt_string);
266  return issuer;
267 }
268 
269 
277 char *
278 jwt_get_issuer_c (void *cls,
279  const struct GNUNET_RECLAIM_Credential *cred)
280 {
282  return NULL;
283  return jwt_get_issuer (cls, cred->data);
284 }
285 
286 
294 char *
295 jwt_get_issuer_p (void *cls,
296  const struct GNUNET_RECLAIM_Presentation *cred)
297 {
299  return NULL;
300  return jwt_get_issuer (cls, cred->data);
301 }
302 
303 
311 int
313  const char *data,
314  struct GNUNET_TIME_Absolute *exp)
315 {
316  const char *jwt_body;
317  char *jwt_string;
318  char delim[] = ".";
319  char *decoded_jwt;
320  json_t *exp_json;
321  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
322  json_t *json_val;
323  json_error_t *json_err = NULL;
324 
325  jwt_string = GNUNET_strdup (data);
326  jwt_body = strtok (jwt_string, delim);
327  jwt_body = strtok (NULL, delim);
328  GNUNET_STRINGS_base64url_decode (jwt_body, strlen (jwt_body),
329  (void **) &decoded_jwt);
330  json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
331  exp_json = json_object_get (json_val, "exp");
332  if ((NULL == exp_json) || (! json_is_integer (exp_json)))
333  return GNUNET_SYSERR;
334  exp->abs_value_us = json_integer_value (exp_json) * 1000 * 1000;
335  GNUNET_free (jwt_string);
336  return GNUNET_OK;
337 }
338 
339 
347 int
349  const struct GNUNET_RECLAIM_Credential *cred,
350  struct GNUNET_TIME_Absolute *exp)
351 {
352  return jwt_get_expiration (cls, cred->data, exp);
353 }
354 
355 
363 int
365  const struct GNUNET_RECLAIM_Presentation *cred,
366  struct GNUNET_TIME_Absolute *exp)
367 {
368  return jwt_get_expiration (cls, cred->data, exp);
369 }
370 
371 
372 int
374  const struct GNUNET_RECLAIM_Credential *cred,
375  const struct GNUNET_RECLAIM_AttributeList *attrs,
376  struct GNUNET_RECLAIM_Presentation **pres)
377 {
378  // FIXME sanity checks??
380  return GNUNET_NO;
382  cred->data,
383  cred->data_size);
384  return GNUNET_OK;
385 }
386 
387 
394 void *
396 {
398 
415  return api;
416 }
417 
418 
425 void *
427 {
429 
430  GNUNET_free (api);
431  return NULL;
432 }
433 
434 
435 /* end of plugin_reclaim_credential_type_jwt.c */
GNUNET_RECLAIM_PresentationTypenameToNumberFunction typename_to_number_p
Typename to number.
static const char * jwt_number_to_typename(void *cls, uint32_t type)
Convert a type number (i.e.
int jwt_get_expiration_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
uint32_t type
Type/Format of Claim.
uint32_t type
Type/Format of Claim.
static struct @78 jwt_cred_name_map[]
Mapping of credential type numbers to human-readable credential type names.
static size_t data_size
Number of bytes in data.
Definition: gnunet-abd.c:187
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
size_t data_size
Number of bytes in data.
GNUNET_RECLAIM_PresentationNumberToTypenameFunction number_to_typename_p
Number to typename.
GNUNET_RECLAIM_PresentationGetIssuerFunction get_issuer_p
Attesation issuer.
GNUNET_RECLAIM_CredentialValueToStringFunction value_to_string
Conversion to string.
GNUNET_RECLAIM_CredentialGetExpirationFunction get_expiration
Expiration.
A list of GNUNET_RECLAIM_Attribute structures.
const void * data
Binary value stored as credential value.
char * jwt_get_issuer(void *cls, const char *data)
Parse a JWT and return the issuer.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
uint64_t abs_value_us
The actual value.
GNUNET_RECLAIM_PresentationValueToStringFunction value_to_string_p
Conversion to string.
static char * value
Value of the record to add/remove.
static uint32_t jwt_typename_to_number(void *cls, const char *jwt_typename)
Convert a type name to the corresponding number.
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the respective claim value as Attribute.
const char * name
GNUNET_RECLAIM_CredentialGetIssuerFunction get_issuer
Attesation issuer.
int jwt_create_presentation(void *cls, const struct GNUNET_RECLAIM_Credential *cred, const struct GNUNET_RECLAIM_AttributeList *attrs, struct GNUNET_RECLAIM_Presentation **pres)
int jwt_get_expiration(void *cls, const char *data, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
const void * data
Binary value stored as presentation value.
GNUNET_RECLAIM_CredentialToPresentation create_presentation
Get presentation.
int jwt_get_expiration_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred, struct GNUNET_TIME_Absolute *exp)
Parse a JWT and return the expiration.
void * cls
Closure for all of the callbacks.
GNUNET_RECLAIM_PresentationGetAttributesFunction get_attributes_p
Attesation attributes.
GNUNET_RECLAIM_PresentationGetExpirationFunction get_expiration_p
Expiration.
A credential presentation.
struct GNUNET_HashCode key
The key used in the DHT.
static int jwt_string_to_value(void *cls, uint32_t type, const char *s, void **data, size_t *data_size)
Convert human-readable version of a &#39;value&#39; of an credential to the binary representation.
Each plugin is required to return a pointer to a struct of this type as the return value from its ent...
static char * jwt_value_to_string(void *cls, uint32_t type, const void *data, size_t data_size)
Convert the &#39;value&#39; of an credential to a string.
GNUNET_RECLAIM_CredentialTypenameToNumberFunction typename_to_number
Typename to number.
#define GNUNET_strndup(a, length)
Wrapper around GNUNET_xstrndup_.
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes(void *cls, const char *data)
Parse a JWT and return the respective claim value as Attribute.
struct GNUNET_RECLAIM_Presentation * GNUNET_RECLAIM_presentation_new(uint32_t type, const void *data, size_t data_size)
#define GNUNET_log(kind,...)
struct GNUNET_RECLAIM_AttributeList * jwt_parse_attributes_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the respective claim value as Attribute.
GNUNET_RECLAIM_CredentialNumberToTypenameFunction number_to_typename
Number to typename.
void GNUNET_RECLAIM_attribute_list_add(struct GNUNET_RECLAIM_AttributeList *attrs, const char *attr_name, const struct GNUNET_RECLAIM_Identifier *credential, uint32_t type, const void *data, size_t data_size)
Add a new attribute to a claim list.
GNUNET_RECLAIM_CredentialStringToValueFunction string_to_value
Conversion to binary.
GNUNET_RECLAIM_PresentationStringToValueFunction string_to_value_p
Conversion to binary.
enum GNUNET_TESTBED_UnderlayLinkModelType type
the type of this model
char * jwt_get_issuer_p(void *cls, const struct GNUNET_RECLAIM_Presentation *cred)
Parse a JWT and return the issuer.
Time for absolute times used by GNUnet, in microseconds.
void * libgnunet_plugin_reclaim_credential_jwt_done(void *cls)
Exit point from the plugin.
void * libgnunet_plugin_reclaim_credential_jwt_init(void *cls)
Entry point for the plugin.
uint32_t data
The data value.
char * jwt_get_issuer_c(void *cls, const struct GNUNET_RECLAIM_Credential *cred)
Parse a JWT and return the issuer.
size_t GNUNET_STRINGS_base64url_decode(const char *data, size_t len, void **out)
Decode from Base64url.
Definition: strings.c:2050
void * cls
Closure for all of the callbacks.
A JSON Web Token credential.
#define GNUNET_free(ptr)
Wrapper around free.
GNUNET_RECLAIM_CredentialGetAttributesFunction get_attributes
Attesation attributes.