[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] branch master updated: RECLAIM: Fix quirky OIDC address handlin
|
From: |
gnunet |
|
Subject: |
[gnunet] branch master updated: RECLAIM: Fix quirky OIDC address handling |
|
Date: |
Wed, 30 Dec 2020 13:00:20 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new c0465ff92 RECLAIM: Fix quirky OIDC address handling
new cc780f66a Merge branch 'master' of ssh://gnunet.org/gnunet
c0465ff92 is described below
commit c0465ff926f1b87a375ff320d367cbbabfddb38f
Author: Martin Schanzenbach <schanzen@gnunet.org>
AuthorDate: Wed Dec 30 20:58:55 2020 +0900
RECLAIM: Fix quirky OIDC address handling
---
src/reclaim/json_reclaim.c | 2 +
src/reclaim/oidc_helper.c | 57 +++++++++++++++++++++++------
src/reclaim/plugin_reclaim_credential_jwt.c | 39 +++++++++++++++++++-
3 files changed, 86 insertions(+), 12 deletions(-)
diff --git a/src/reclaim/json_reclaim.c b/src/reclaim/json_reclaim.c
index 6c945036a..4eeb22bee 100644
--- a/src/reclaim/json_reclaim.c
+++ b/src/reclaim/json_reclaim.c
@@ -95,6 +95,7 @@ parse_attr (void *cls, json_t *root, struct
GNUNET_JSON_Specification *spec)
}
attr = GNUNET_RECLAIM_attribute_new (name_str, NULL,
type, data, data_size);
+ GNUNET_free (data);
if ((NULL != cred_str) && (0 != strlen (cred_str)))
{
GNUNET_STRINGS_string_to_data (cred_str,
@@ -334,6 +335,7 @@ parse_credential (void *cls, json_t *root, struct
GNUNET_JSON_Specification *spe
return GNUNET_SYSERR;
}
cred = GNUNET_RECLAIM_credential_new (name_str, type, data, data_size);
+ GNUNET_free (data);
if ((NULL == id_str) || (0 == strlen (id_str)))
memset (&cred->id, 0, sizeof (cred->id));
else
diff --git a/src/reclaim/oidc_helper.c b/src/reclaim/oidc_helper.c
index 84a90833c..bd3a8ee05 100644
--- a/src/reclaim/oidc_helper.c
+++ b/src/reclaim/oidc_helper.c
@@ -223,6 +223,8 @@ generate_userinfo_json (const struct
GNUNET_IDENTITY_PublicKey *sub_key,
i++;
}
+ int addr_is_aggregated = GNUNET_NO;
+ int addr_is_normal = GNUNET_NO;
for (le = attrs->list_head; NULL != le; le = le->next)
{
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -230,7 +232,6 @@ generate_userinfo_json (const struct
GNUNET_IDENTITY_PublicKey *sub_key,
le->attribute->name);
if (GNUNET_YES == GNUNET_RECLAIM_id_is_zero (&le->attribute->credential))
{
-
attr_val_str =
GNUNET_RECLAIM_attribute_value_to_string (le->attribute->type,
le->attribute->data,
@@ -238,13 +239,22 @@ generate_userinfo_json (const struct
GNUNET_IDENTITY_PublicKey *sub_key,
/**
* There is this wierd quirk that the individual address claim(s) must be
* inside a JSON object of the "address" claim.
- * FIXME: Possibly include formatted claim here
*/
if (GNUNET_YES == is_claim_in_address_scope (le->attribute->name))
{
+ if (GNUNET_YES == addr_is_aggregated)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Address is set as aggregated claim. Skipping
self-issued value...\n");
+ GNUNET_free (attr_val_str);
+ continue;
+ }
+ addr_is_normal = GNUNET_YES;
+
if (NULL == addr_claim)
{
addr_claim = json_object ();
+ json_object_set_new (body, "address", addr_claim);
}
json_object_set_new (addr_claim, le->attribute->name,
json_string (attr_val_str));
@@ -276,17 +286,42 @@ generate_userinfo_json (const struct
GNUNET_IDENTITY_PublicKey *sub_key,
le->attribute->name);
continue;
}
- // Presentation exists, hence take the respective source str
- GNUNET_asprintf (&source_name,
- "src%d",
- j);
- json_object_set_new (aggr_names, le->attribute->name,
- json_string (source_name));
- GNUNET_free (source_name);
+ /**
+ * There is this wierd quirk that the individual address claim(s) must be
+ * inside a JSON object of the "address" claim.
+ */
+ if (GNUNET_YES == is_claim_in_address_scope (le->attribute->name))
+ {
+ if (GNUNET_YES == addr_is_normal)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Address is already set as normal claim. Skipping
attested value...\n");
+ continue;
+ }
+ addr_is_aggregated = GNUNET_YES;
+ /** This is/can only be set once! **/
+ if (NULL != addr_claim)
+ continue;
+ addr_claim = json_object ();
+ GNUNET_asprintf (&source_name,
+ "src%d",
+ j);
+ json_object_set_new (aggr_names, "address",
+ json_string (source_name));
+ GNUNET_free (source_name);
+ }
+ else
+ {
+ // Presentation exists, hence take the respective source str
+ GNUNET_asprintf (&source_name,
+ "src%d",
+ j);
+ json_object_set_new (aggr_names, le->attribute->name,
+ json_string (source_name));
+ GNUNET_free (source_name);
+ }
}
}
- if (NULL != addr_claim)
- json_object_set_new (body, "address", addr_claim);
if (0 != i)
{
json_object_set_new (body, "_claim_names", aggr_names);
diff --git a/src/reclaim/plugin_reclaim_credential_jwt.c
b/src/reclaim/plugin_reclaim_credential_jwt.c
index c1e12f4a0..aac0a6ea5 100644
--- a/src/reclaim/plugin_reclaim_credential_jwt.c
+++ b/src/reclaim/plugin_reclaim_credential_jwt.c
@@ -160,6 +160,7 @@ jwt_parse_attributes (void *cls,
char *val_str = NULL;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing JWT attributes.\n");
char *decoded_jwt;
+ char *tmp;
json_t *json_val;
json_error_t *json_err = NULL;
@@ -175,7 +176,10 @@ jwt_parse_attributes (void *cls,
json_val = json_loads (decoded_jwt, JSON_DECODE_ANY, json_err);
GNUNET_free (decoded_jwt);
const char *key;
+ const char *addr_key;
json_t *value;
+ json_t *addr_value;
+
json_object_foreach (json_val, key, value) {
if (0 == strcmp ("iss", key))
continue;
@@ -189,12 +193,45 @@ jwt_parse_attributes (void *cls,
continue;
if (0 == strcmp ("aud", key))
continue;
+ if (0 == strcmp ("address", key))
+ {
+ if (!json_is_object(value)) {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "address claim in wrong format!");
+ continue;
+ }
+ json_object_foreach (value, addr_key, addr_value) {
+ val_str = json_dumps (addr_value, JSON_ENCODE_ANY);
+ tmp = val_str;
+ //Remove leading " from jasson conversion
+ if (tmp[0] == '"')
+ tmp++;
+ //Remove trailing " from jansson conversion
+ if (tmp[strlen(tmp)-1] == '"')
+ tmp[strlen(tmp)-1] = '\0';
+ GNUNET_RECLAIM_attribute_list_add (attrs,
+ addr_key,
+ NULL,
+
GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,
+ tmp,
+ strlen (val_str));
+ GNUNET_free (val_str);
+ }
+ continue;
+ }
val_str = json_dumps (value, JSON_ENCODE_ANY);
+ tmp = val_str;
+ //Remove leading " from jasson conversion
+ if (tmp[0] == '"')
+ tmp++;
+ //Remove trailing " from jansson conversion
+ if (tmp[strlen(tmp)-1] == '"')
+ tmp[strlen(tmp)-1] = '\0';
GNUNET_RECLAIM_attribute_list_add (attrs,
key,
NULL,
GNUNET_RECLAIM_ATTRIBUTE_TYPE_STRING,//
FIXME
- val_str,
+ tmp,
strlen (val_str));
GNUNET_free (val_str);
}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [gnunet] branch master updated: RECLAIM: Fix quirky OIDC address handling,
gnunet <=